Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Sluggish/Pop Ups/Blue Screen [Closed]


  • This topic is locked This topic is locked

#1
Lexy610

Lexy610

    Member

  • Member
  • PipPipPip
  • 743 posts

Hello all

 

Back in March of this year I thought I had a failing hard drive. I d/l the seagate tool and ran both the short and long generic tests .. both PASSED.

 

I was just at the forum for Windows XP where I was insturcted to come here since the drive passed and I expressed that my computer is sluggish and I am getting pop ups on top of the screen of internal hard drives and at the bottom i am getting pop ups of book bags.

 

When I was using the computer earlier to post on here about the seagate my computer froze then I got the dreaded "blue screen" which I did post on that forum for Windows XP.

 

 

 

 

 

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:08-08-2015 01
Ran by User (administrator) on LEXY (08-08-2015 21:37:42)
Running from C:\Documents and Settings\User\Desktop
Loaded Profiles: User (Available Profiles: User & Administrator & Guest)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) Language: English (United States)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Conexant Systems, Inc.) C:\WINDOWS\system32\PRISMSVR.exe
(Creative Technology Ltd) C:\Program Files\Creative\Shared Files\CTAudSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Creative Technology Ltd) C:\WINDOWS\system32\CtHelper.exe
(Seagate) C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehtray.exe
(Seagate) C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe
(Creative Technology Ltd) C:\Program Files\Creative\DVDAudio\CTDVDDET.exe
(Acronis) C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(DivX, LLC) C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(Creative Technology Ltd) C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
(Dell Inc.) C:\Program Files\Dell Wireless\PRISMCFG.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files\Evernote\Evernote\EvernoteClipper.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Creative Technology Ltd) C:\WINDOWS\system32\CTSVCCDA.EXE
(Microsoft Corporation) C:\WINDOWS\ehome\ehrecvr.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehSched.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Nero AG) C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqimzone.exe
() C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
() C:\Program Files\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Conexant Systems, Inc.) C:\WINDOWS\system32\PRISMSVC.exe
() C:\WINDOWS\system32\PSIService.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Memeo) C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe
(Seagate) C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe
(Microsoft Corporation) C:\WINDOWS\ehome\mcrdsvc.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqste08.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesApp32.exe
(Microsoft Corporation) C:\WINDOWS\system32\dllhost.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehmsas.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Corel) C:\Program Files\Common Files\Corel\Standby\Standby.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6109776 2015-07-31] (AVAST Software)
HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k
HKLM\...\Run: [CTHelper] => C:\WINDOWS\system32\CTHELPER.EXE [19456 2010-03-18] (Creative Technology Ltd)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [UserFaultCheck] => %systemroot%\system32\dumprep 0 -u
HKLM\...\Run: [Standby] => c:\Program Files\Common Files\Corel\Standby\Standby.exe [105632 2010-01-07] (Corel)
HKLM\...\Run: [SigmatelSysTrayApp] => C:\WINDOWS\stsystra.exe [339968 2005-03-22] (SigmaTel, Inc.)
HKLM\...\Run: [Seagate Scheduler2 Service] => C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe [136472 2008-06-24] (Seagate)
HKLM\...\Run: [NeroCheck] => C:\WINDOWS\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM\...\Run: [ehTray] => C:\WINDOWS\ehome\ehtray.exe [64512 2005-08-05] (Microsoft Corporation)
HKLM\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [448520 2015-06-24] (DivX, LLC)
HKLM\...\Run: [DiscWizardMonitor.exe] => C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe [1325848 2008-06-24] (Seagate)
HKLM\...\Run: [CTxfiHlp] => C:\WINDOWS\system32\CTXFIHLP.EXE [19968 2007-04-09] (Creative Technology Ltd)
HKLM\...\Run: [CTDVDDET] => C:\Program Files\Creative\DVDAudio\CTDVDDET.EXE [45056 2003-06-18] (Creative Technology Ltd)
HKLM\...\Run: [ATIPTA] => C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [344064 2006-02-09] (ATI Technologies, Inc.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-02-13] (Apple Inc.)
HKLM\...\Run: [AppleSyncNotifier] => C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2012-02-23] (Apple Inc.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM\...\Run: [AcronisTimounterMonitor] => C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe [904768 2008-06-24] (Acronis)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKLM\...\Run: [DivXUpdate] => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861640 2015-06-26] (DivX, LLC)
Winlogon\Notify\PRISMAPI.DLL: C:\WINDOWS\system32\PRISMAPI.DLL [2006-10-12] (Conexant Systems, Inc.)
HKU\S-1-5-21-606747145-117609710-839522115-1003\...\Run: [Creative Detector] => C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe [102400 2004-12-02] (Creative Technology Ltd)
HKU\S-1-5-18\...\Run: [DWQueuedReporting] => c:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE [437160 2007-02-26] (Microsoft Corporation)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2015-03-17]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Development Company, L.P.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Photosmart Premier Fast Start.lnk [2015-03-17]
ShortcutTarget: HP Photosmart Premier Fast Start.lnk -> C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Development Company, L.P.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Wireless USB 2.0 WLAN Card Utility.lnk [2015-03-17]
ShortcutTarget: Wireless USB 2.0 WLAN Card Utility.lnk -> C:\Program Files\Dell Wireless\PRISMCFG.exe (Dell Inc.)
Startup: C:\Documents and Settings\User\Start Menu\Programs\Startup\Adobe Gamma.lnk [2015-03-17]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Documents and Settings\User\Start Menu\Programs\Startup\EvernoteClipper.lnk [2015-03-17]
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Documents and Settings\User\Start Menu\Programs\Startup\Monitor Ink Alerts - HP ENVY 5530 series.lnk [2015-02-16]
ShortcutTarget: Monitor Ink Alerts - HP ENVY 5530 series.lnk -> C:\Program Files\HP\HP ENVY 5530 series\Bin\HPStatusBL.dll (Hewlett-Packard Development Company, LP)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-07-31] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...d=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityrespo...er/fix_homepage
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityrespo...er/fix_homepage
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\S-1-5-21-606747145-117609710-839522115-1003\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\S-1-5-21-606747145-117609710-839522115-1003\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.optimum.net
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-07-31] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-31] (AVAST Software)
BHO: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files\Evernote\Evernote\EvernoteIE.dll [2014-11-19] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-31] (Oracle Corporation)
DPF: {000F1EA4-5E08-4564-A29B-29076F63A37A} http://launch.soe.co...ebInstaller.cab
DPF: {04063354-A10E-4427-A1EC-F3CC81587BC6} http://www.worldwinn...mines/mines.cab
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.micr.../OGAControl.cab
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab
DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} http://www.worldwinn...GamesLoader.cab
DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} http://www.pandasecu...s/as2stubie.cab
DPF: {38AB6A6C-CC4C-4F9E-A3DD-3C5681EF18A1} http://www-cdn.freer...ller.cab?v=1044
DPF: {41D1977F-4161-4720-800F-EA4903983A38} http://www.worldwinn...gsaw/jigsaw.cab
DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} http://www.worldwinn...d/bejeweled.cab
DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} https://webdl.symant...ex/symdlmgr.cab
DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creat...102/CTSUEng.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1229566731421
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab
DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} http://www.worldwinn...ed/wwlaunch.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab
DPF: {A52FBD2B-7AB3-4F6B-90E3-91C772C5D00F} http://www.worldwinn...v57/wof/wof.cab
DPF: {AC2881FD-5760-46DB-83AE-20A5C6432A7E} http://www.worldwinn...apit/swapit.cab
DPF: {B06CE1BC-5D9D-4676-BD28-1752DBF394E0} http://www.worldwinn...man/hangman.cab
DPF: {BA94245D-2AA0-4953-9D9F-B0EE4CC02C43} http://www.worldwinn...ty/tilecity.cab
DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell....lSystemLite.CAB
DPF: {C5326A4D-E9AA-40AD-A09A-E74304D86B47} http://www.worldwinn...h/dinerdash.cab
DPF: {C93C1C34-CEA9-49B1-9046-040F59E0E0D8} http://www.worldwinn...paint/paint.cab
DPF: {CF969D51-F764-4FBF-9E90-475248601C8A} http://www.worldwinn.../familyfeud.cab
DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creat...13/CTPIDPDE.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab
DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} http://ccfiles.creat...015/CTSUEng.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creat...30321/CTPID.cab
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2013-04-16] (Belarc, Inc.)
Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll [2003-10-23] (Hewlett-Packard Company)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL [2000-04-19] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [115440 2013-05-07] (SuperAdBlocker.com)
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{790037EE-CA28-4D5D-A87B-30D5B806EC54}: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\p7xknqud.default-1438391621209
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-31] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1207148.dll [2013-12-05] (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin: @divx.com/DivX Content Upload Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Content Uploader\npUpload.dll [2008-02-20] (DivX,Inc.)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll [2015-06-29] (DivX, LLC)
FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-31] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-31] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @soe.sony.com/installer,version=1.0.3 -> C:\WINDOWS\Downloaded Program Files\CONFLICT.2\npsoe.dll [2010-09-30] ()
FF Plugin: @videolan.org/vlc,version=2.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-07-19] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-606747145-117609710-839522115-1003: @facebook.com/FBPlugin,version=1.0.3 -> C:\Documents and Settings\User\Application Data\Facebook\npfbplugin_1_0_3.dll [2010-06-09] ( )
FF user.js: detected! => C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\p7xknqud.default-1438391621209\user.js [2015-07-31]
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-05-08] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2014-10-24] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2014-10-24] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2014-10-24] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2014-10-24] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2014-10-24] (Apple Inc.)
FF Extension: Spanish (Venezuela) spell check dictionary - C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\p7xknqud.default-1438391621209\Extensions\[email protected] [2015-08-08]
FF Extension: Great Find - C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\p7xknqud.default-1438391621209\Extensions\{1472391e-5578-45fd-9d60-7bb30cee1cce}.xpi [2015-07-31]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-02-06]
FF HKLM\...\Firefox\Extensions: [{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}] - C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-11-05]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2015-08-03]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-31]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [120088 2013-10-10] (SUPERAntiSpyware.com)
R2 6to4; C:\WINDOWS\System32\6to4svc.dll [100864 2010-02-12] (Microsoft Corporation)
S3 Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-07-16] (Adobe Systems) [File not signed]
R2 Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [602112 2010-02-11] (ATI Technologies Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-07-31] (AVAST Software)
S4 Creative Audio Engine Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2014-07-06] (Creative Labs) [File not signed]
S3 Creative Labs Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe [69632 2014-06-12] (Creative Labs) [File not signed]
R2 Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.exe [44032 1999-12-13] (Creative Technology Ltd) [File not signed]
R2 CTAudSvcService; C:\Program Files\Creative\Shared Files\CTAudSvc.exe [286720 2010-02-12] (Creative Technology Ltd) [File not signed]
R2 HTCMonitorService; C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-08-04] (Nero AG)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 McrdSvc; C:\WINDOWS\ehome\mcrdsvc.exe [99328 2005-08-05] (Microsoft Corporation)
S3 MHN; C:\WINDOWS\System32\mhn.dll [85504 2004-08-10] (Microsoft Corporation) [File not signed]
R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
R2 PRISMSVC; C:\WINDOWS\system32\PRISMSVC.EXE [61529 2006-10-12] (Conexant Systems, Inc.) [File not signed]
R2 ProtexisLicensing; C:\WINDOWS\system32\PSIService.exe [177704 2007-06-05] ()
R2 SeagateDashboardService; C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe [14088 2011-06-01] (Memeo)
R2 SgtSch2Svc; C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe [431384 2008-06-24] (Seagate)
R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe [1781048 2015-06-25] (TuneUp Software)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [20747 2006-10-26] (Meetinghouse Data Communications) [File not signed]
R1 AFS2K; C:\WINDOWS\system32\Drivers\AFS2K.sys [35840 2004-10-07] (Oak Technology Inc.)
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24016 2015-07-31] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [76000 2015-07-31] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55200 2015-07-31] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49776 2015-07-31] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [788784 2015-07-31] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [433264 2015-07-31] (AVAST Software)
R3 aswStmXP; C:\WINDOWS\system32\drivers\aswStmXP.sys [161472 2015-07-31] (AVAST Software)
S3 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57888 2015-07-31] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [208664 2015-07-31] (AVAST Software)
R3 ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [3565056 2010-02-11] (ATI Technologies Inc.) [File not signed]
R1 BANTExt; C:\WINDOWS\System32\Drivers\BANTExt.sys [3840 2013-09-10] () [File not signed]
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
S0 cercsr6; C:\WINDOWS\system32\Drivers\cercsr6.sys [39904 2004-12-13] (Adaptec, Inc.) [File not signed]
S3 COMMONFX; C:\WINDOWS\System32\drivers\COMMONFX.SYS [99416 2010-03-18] (Creative Technology Ltd)
R3 COMMONFX.SYS; C:\WINDOWS\System32\drivers\COMMONFX.SYS [99416 2010-03-18] (Creative Technology Ltd)
S3 CT20XUT.DLL; C:\WINDOWS\System32\CT20XUT.DLL [164608 2007-04-12] (Creative Technology Ltd.) [File not signed]
S3 CTAUDFX; C:\WINDOWS\System32\drivers\CTAUDFX.SYS [555096 2010-03-18] (Creative Technology Ltd)
R3 CTAUDFX.SYS; C:\WINDOWS\System32\drivers\CTAUDFX.SYS [555096 2010-03-18] (Creative Technology Ltd)
S3 ctdvda2k; C:\WINDOWS\System32\drivers\ctdvda2k.sys [347144 2010-03-18] (Creative Technology Ltd)
S3 CTEAPSFX.DLL; C:\WINDOWS\System32\CTEAPSFX.DLL [168192 2007-04-12] (Creative Technology Ltd) [File not signed]
S3 CTEDSPFX.DLL; C:\WINDOWS\System32\CTEDSPFX.DLL [280320 2007-04-12] (Creative Technology Ltd) [File not signed]
S3 CTEDSPIO.DLL; C:\WINDOWS\System32\CTEDSPIO.DLL [128768 2007-04-12] (Creative Technology Ltd) [File not signed]
S3 CTEDSPSY.DLL; C:\WINDOWS\System32\CTEDSPSY.DLL [323328 2007-04-12] (Creative Technology Ltd) [File not signed]
S3 CTERFXFX; C:\WINDOWS\System32\drivers\CTERFXFX.SYS [100952 2010-03-18] (Creative Technology Ltd)
S3 CTERFXFX.SYS; C:\WINDOWS\System32\drivers\CTERFXFX.SYS [100952 2010-03-18] (Creative Technology Ltd)
S3 CTEXFIFX.DLL; C:\WINDOWS\System32\CTEXFIFX.DLL [1317632 2007-04-12] (Creative Technology Ltd.) [File not signed]
S3 CTHWIUT.DLL; C:\WINDOWS\System32\CTHWIUT.DLL [66816 2007-04-12] (Creative Technology Ltd.) [File not signed]
S3 CTSBLFX; C:\WINDOWS\System32\drivers\CTSBLFX.SYS [566360 2010-03-18] (Creative Technology Ltd)
R3 CTSBLFX.SYS; C:\WINDOWS\System32\drivers\CTSBLFX.SYS [566360 2010-03-18] (Creative Technology Ltd)
R1 ElRawDisk; C:\WINDOWS\system32\drivers\rsdrv.sys [22312 2009-02-12] (EldoS Corporation)
R3 gameenum; C:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2008-04-13] (Microsoft Corporation)
R3 ha10kx2k; C:\WINDOWS\System32\drivers\ha10kx2k.sys [798808 2010-03-18] (Creative Technology Ltd)
R3 hap16v2k; C:\WINDOWS\System32\drivers\hap16v2k.sys [162904 2010-03-18] (Creative Technology Ltd)
S3 hap17v2k; C:\WINDOWS\System32\drivers\hap17v2k.sys [189528 2010-03-18] (Creative Technology Ltd)
S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49664 2006-04-12] (HP)
S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2006-04-12] (HP)
S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2006-04-12] (HP)
R3 IntelC51; C:\WINDOWS\System32\DRIVERS\IntelC51.sys [1339776 2005-05-06] (Intel Corporation)
R3 IntelC52; C:\WINDOWS\System32\DRIVERS\IntelC52.sys [618880 2006-03-02] (Intel Corporation)
R3 IntelC53; C:\WINDOWS\System32\DRIVERS\IntelC53.sys [47360 2005-05-06] (Intel Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2015-06-18] (Malwarebytes Corporation)
S3 MHNDRV; C:\WINDOWS\System32\DRIVERS\mhndrv.sys [11008 2004-08-10] (Microsoft Corporation) [File not signed]
R3 mohfilt; C:\WINDOWS\System32\DRIVERS\mohfilt.sys [36880 2005-05-06] (Intel Corporation)
R0 MxEFUF; C:\WINDOWS\System32\DRIVERS\MxEFUF32.sys [102728 2010-11-04] (Matrox Graphics Inc.)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
S3 Netaapl; C:\WINDOWS\System32\DRIVERS\netaapl.sys [18432 2011-05-10] (Apple Inc.) [File not signed]
S3 NuidFltr; C:\WINDOWS\System32\DRIVERS\NuidFltr.sys [18856 2007-08-31] (Microsoft Corporation)
S3 qcserxp; C:\WINDOWS\System32\DRIVERS\qcserxp.sys [103424 2009-01-24] (QUALCOMM Incorporated)
S3 RimUsb; C:\WINDOWS\System32\Drivers\RimUsb.sys [68096 2013-12-02] (BlackBerry Limited)
S3 rimvndis; C:\WINDOWS\System32\Drivers\rimvndis.sys [12800 2014-06-23] (Research in Motion Limited)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SONYPVU1; C:\WINDOWS\System32\DRIVERS\SONYPVU1.SYS [7552 2001-08-17] (Sony Corporation)
S3 SQTECH905C; C:\WINDOWS\System32\Drivers\Capt905c.sys [37760 2007-05-18] (Service & Quality Technology.) [File not signed]
R3 STHDA; C:\WINDOWS\System32\drivers\sthda.sys [1047816 2005-11-16] (SigmaTel, Inc.)
R1 Tcpip6; C:\WINDOWS\System32\DRIVERS\tcpip6.sys [226880 2010-02-11] (Microsoft Corporation)
R0 tdrpman; C:\WINDOWS\System32\DRIVERS\tdrpman.sys [368480 2012-07-21] (Acronis)
R2 tifsfilter; C:\WINDOWS\System32\DRIVERS\tifsfilt.sys [44384 2012-07-21] (Acronis)
R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesDriver32.sys [30632 2015-06-04] (TuneUp Software)
U3 Winsock; no ImagePath
S4 Abiosdsk; no ImagePath
S4 abp480n5; no ImagePath
S4 adpu160m; no ImagePath
S4 Aha154x; no ImagePath
S4 aic78u2; no ImagePath
S4 aic78xx; no ImagePath
S4 AliIde; no ImagePath
S4 amsint; no ImagePath
S4 asc; no ImagePath
S4 asc3350p; no ImagePath
S4 asc3550; no ImagePath
S4 Atdisk; no ImagePath
S4 cd20xrnt; no ImagePath
S1 Changer; no ImagePath
S4 CmdIde; no ImagePath
S4 Cpqarray; no ImagePath
U4 dac2w2k; no ImagePath
S4 dac960nt; no ImagePath
S4 dpti2o; no ImagePath
S4 hpn; no ImagePath
S1 i2omgmt; no ImagePath
S4 i2omp; no ImagePath
S4 ini910u; no ImagePath
S1 lbrtfdc; no ImagePath
S4 mraid35x; no ImagePath
S1 PCIDump; no ImagePath
S3 PDCOMP; no ImagePath
S3 PDFRAME; no ImagePath
S3 PDRELI; no ImagePath
S3 PDRFRAME; no ImagePath
S4 perc2; no ImagePath
S4 perc2hib; no ImagePath
S4 ql1080; no ImagePath
S4 Ql10wnt; no ImagePath
S4 ql12160; no ImagePath
S4 ql1240; no ImagePath
S4 ql1280; no ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
S4 Simbad; no ImagePath
S4 Sparrow; no ImagePath
S4 symc810; no ImagePath
S4 symc8xx; no ImagePath
S4 sym_hi; no ImagePath
S4 sym_u3; no ImagePath
S4 TosIde; no ImagePath
S4 ultra; no ImagePath
S4 ViaIde; no ImagePath
S3 WDICA; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

NETSVC: MHN -> C:\Windows\System32\mhn.dll (Microsoft Corporation)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-03 01:19 - 2015-08-08 16:13 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-08-02 22:51 - 2015-08-02 22:51 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\Application Data\TuneUp Software
2015-08-02 22:51 - 2015-08-02 22:51 - 00000000 ____D C:\Documents and Settings\LocalService\Application Data\TuneUp Software
2015-08-01 18:43 - 2015-08-01 18:43 - 00000000 ____D C:\Avenger
2015-08-01 17:34 - 2015-08-01 17:34 - 00000000 ____D C:\Documents and Settings\User\My Documents\Updater
2015-07-31 23:52 - 2015-08-07 17:52 - 00065536 _____ C:\WINDOWS\system32\config\TuneUp.evt
2015-07-31 23:52 - 2015-06-25 07:53 - 00036664 _____ (TuneUp Software) C:\WINDOWS\system32\TURegOpt.exe
2015-07-31 23:51 - 2015-07-31 23:51 - 00001747 _____ C:\Documents and Settings\All Users\Start Menu\Programs\TuneUp Utilities 2014.lnk
2015-07-31 23:51 - 2015-07-31 23:51 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\TuneUp Utilities 2014
2015-07-31 23:50 - 2015-08-01 00:05 - 00000000 ____D C:\Program Files\TuneUp Utilities 2014
2015-07-31 23:50 - 2015-07-31 23:50 - 00000000 ____D C:\Documents and Settings\User\Local Settings\Application Data\TuneUp Software
2015-07-31 23:50 - 2015-07-31 23:50 - 00000000 ____D C:\Documents and Settings\User\Application Data\TuneUp Software
2015-07-31 23:48 - 2015-07-31 23:52 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\TuneUp Software
2015-07-31 23:47 - 2015-07-31 23:47 - 00000000 ____D C:\Documents and Settings\User\Application Data\RHEng
2015-07-31 21:23 - 2015-07-31 21:23 - 00000000 ____D C:\Program Files\Common Files\Java
2015-07-31 21:13 - 2015-07-31 21:13 - 00000000 ____D C:\Documents and Settings\User\Desktop\Old Firefox Data
2015-07-31 21:11 - 2015-07-31 21:10 - 00161472 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStmXP.sys
2015-07-31 21:10 - 2015-07-31 21:10 - 00313472 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-07-31 21:10 - 2015-07-31 21:10 - 00043112 _____ (AVAST Software) C:\WINDOWS\avastSS.scr

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-08 21:38 - 2014-05-14 00:06 - 00030190 _____ C:\Documents and Settings\User\Desktop\FRST.txt
2015-08-08 21:38 - 2007-12-20 12:44 - 00000000 ____D C:\Documents and Settings\User\Local Settings\Temp
2015-08-08 21:37 - 2014-05-08 10:09 - 00000000 ____D C:\FRST
2015-08-08 21:35 - 2014-06-29 15:56 - 00000000 ____D C:\Documents and Settings\User\Desktop\FRST-OlderVersion
2015-08-08 21:35 - 2014-05-13 20:57 - 01673216 _____ (Farbar) C:\Documents and Settings\User\Desktop\FRST.exe
2015-08-08 21:11 - 2013-11-05 12:11 - 00000364 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job
2015-08-08 20:55 - 2012-08-22 11:12 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-08-08 20:25 - 2008-12-31 05:06 - 01951381 _____ C:\WINDOWS\WindowsUpdate.log
2015-08-08 16:20 - 2015-03-17 17:48 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Package Cache
2015-08-08 16:13 - 2012-07-22 16:52 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-08-08 16:10 - 2013-12-02 23:10 - 00000000 ____D C:\Documents and Settings\User\Local Settings\Application Data\HTC MediaHub
2015-08-08 16:10 - 2007-12-30 19:38 - 00000159 _____ C:\WINDOWS\wiadebug.log
2015-08-08 16:10 - 2007-12-30 19:38 - 00000048 _____ C:\WINDOWS\wiaservc.log
2015-08-08 16:10 - 2007-12-20 12:43 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-08-08 16:10 - 2007-12-20 12:33 - 00000000 ____D C:\WINDOWS\Registration
2015-08-07 17:52 - 2014-12-12 03:46 - 02900256 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2015-08-07 17:52 - 2007-12-20 12:44 - 00000278 ___SH C:\Documents and Settings\User\ntuser.ini
2015-08-07 17:52 - 2007-12-20 12:43 - 00032612 _____ C:\WINDOWS\SchedLgU.Txt
2015-08-07 17:51 - 2014-07-06 02:33 - 04935328 ____N C:\WINDOWS\{00000005-00000000-00000002-00001102-00000004-20061102}.BAK
2015-08-07 17:51 - 2014-07-06 02:32 - 04935328 _____ C:\WINDOWS\{00000005-00000000-00000002-00001102-00000004-20061102}.CDF
2015-08-07 15:41 - 2004-08-10 07:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2015-08-02 23:22 - 2007-12-22 22:58 - 00205312 ____C C:\Documents and Settings\User\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-08-01 18:43 - 2010-08-02 15:23 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2286198$
2015-08-01 18:43 - 2009-10-15 18:35 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB953295$
2015-08-01 16:18 - 2014-06-29 15:49 - 00098520 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-08-01 16:17 - 2014-12-20 19:03 - 00000777 _____ C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2015-08-01 16:17 - 2014-06-29 15:48 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2015-08-01 16:17 - 2014-06-29 15:48 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
2015-08-01 03:07 - 2013-10-24 01:12 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\TEMP
2015-08-01 02:39 - 2015-02-16 21:39 - 00000000 ____D C:\Documents and Settings\User\Application Data\HpUpdate
2015-08-01 02:39 - 2014-07-27 21:58 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware
2015-08-01 02:39 - 2014-02-13 18:02 - 00000000 __HDC C:\Documents and Settings\All Users\Application Data\{C6829A37-2437-4FB1-BA29-7FAAC442ACC3}
2015-08-01 02:39 - 2013-05-08 20:59 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\7-Zip
2015-08-01 02:39 - 2010-07-07 17:39 - 00000000 ____D C:\Documents and Settings\User\Local Settings\Application Data\Downloaded Installations
2015-08-01 02:39 - 2010-04-13 15:50 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2015-08-01 02:39 - 2009-09-10 00:28 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2015-08-01 02:39 - 2009-04-08 07:54 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2015-08-01 02:39 - 2009-03-13 15:26 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
2015-08-01 02:39 - 2008-03-20 16:11 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\DivX
2015-07-31 23:55 - 2012-07-22 17:58 - 00778416 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-07-31 23:55 - 2012-03-15 14:47 - 00142512 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-07-31 23:47 - 2012-03-17 00:57 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\DivX
2015-07-31 23:47 - 2008-03-20 16:11 - 00000000 ____D C:\Program Files\DivX
2015-07-31 21:22 - 2015-03-18 02:07 - 00096352 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2015-07-31 21:21 - 2015-03-18 02:07 - 00146432 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2015-07-31 21:21 - 2008-03-01 15:54 - 00000000 ____D C:\Program Files\Java
2015-07-31 21:14 - 2012-12-04 21:49 - 00158298 ____C C:\WINDOWS\Wdf01009Inst.log
2015-07-31 21:13 - 2014-05-14 19:36 - 00706498 _____ C:\WINDOWS\setupapi.log
2015-07-31 21:10 - 2014-05-13 14:59 - 00024016 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-07-31 21:10 - 2013-11-05 12:11 - 00788784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2015-07-31 21:10 - 2013-11-05 12:11 - 00433264 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2015-07-31 21:10 - 2013-11-05 12:11 - 00208664 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-07-31 21:10 - 2013-11-05 12:11 - 00076000 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-07-31 21:10 - 2013-11-05 12:11 - 00057888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2015-07-31 21:10 - 2013-11-05 12:11 - 00055200 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2015-07-31 21:10 - 2013-11-05 12:11 - 00049776 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys

==================== Files in the root of some directories =======

2011-03-02 11:21 - 2011-03-02 11:21 - 0002528 ____C () C:\Documents and Settings\User\Application Data\$_hpcst$.hpc
2010-09-14 18:13 - 2010-12-04 01:20 - 0000965 ____C () C:\Documents and Settings\User\Application Data\BBMS_EXCEPTION.txt
2014-12-12 02:12 - 2014-12-12 02:47 - 0000077 _____ () C:\Documents and Settings\User\Application Data\Rim.Desktop.Exception.log
2014-12-12 02:10 - 2014-12-12 03:19 - 0001925 _____ () C:\Documents and Settings\User\Application Data\Rim.Desktop.HttpServerSetup.log
2014-12-12 02:12 - 2014-12-12 02:47 - 0000077 _____ () C:\Documents and Settings\User\Application Data\Rim.DesktopHelper.Exception.log
2011-08-18 13:08 - 2011-08-18 13:08 - 0206473 ____C () C:\Documents and Settings\User\Local Settings\Application Data\ars.cache
2011-08-18 13:09 - 2011-08-18 13:09 - 0223067 ____C () C:\Documents and Settings\User\Local Settings\Application Data\census.cache
2007-12-22 22:58 - 2015-08-02 23:22 - 0205312 ____C () C:\Documents and Settings\User\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2007-12-20 12:47 - 2007-12-20 12:47 - 0000127 ____C () C:\Documents and Settings\User\Local Settings\Application Data\fusioncache.dat
2011-02-01 10:46 - 2011-02-01 10:46 - 0000036 ____C () C:\Documents and Settings\User\Local Settings\Application Data\housecall.guid.cache
2007-07-13 14:36 - 2007-07-13 14:36 - 0220184 ____C ( ) C:\Documents and Settings\User\Local Settings\Application Data\Interop.Microsoft.Office.Core.dll
2014-07-14 16:59 - 2014-07-14 17:06 - 0000191 _____ () C:\Documents and Settings\User\Local Settings\Application Data\rbxcsettings.rbx
2005-12-13 17:12 - 2005-12-13 17:12 - 0016384 ____C (Microsoft Corporation) C:\Documents and Settings\User\Local Settings\Application Data\stdole.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of log ============================

 

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version:08-08-2015 01
Ran by User (2015-08-08 21:39:21)
Running from C:\Documents and Settings\User\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-606747145-117609710-839522115-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
ASPNET (S-1-5-21-606747145-117609710-839522115-1004 - Limited - Enabled)
Guest (S-1-5-21-606747145-117609710-839522115-501 - Limited - Disabled) => %SystemDrive%\Documents and Settings\Guest
HelpAssistant (S-1-5-21-606747145-117609710-839522115-1000 - Limited - Disabled)
SUPPORT_388945a0 (S-1-5-21-606747145-117609710-839522115-1002 - Limited - Disabled)
User (S-1-5-21-606747145-117609710-839522115-1003 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\User

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Microsoft Security Essentials (Disabled - Up to date) {BCF43643-A118-4432-AEDE-D861FCBCFCDF}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

20/20 v2.2 (HKLM\...\20/20 v2.2) (Version:  - )
6300 (Version: 71.0.215.000 - Hewlett-Packard) Hidden
6300_Help (Version: 71.0.215.000 - Hewlett-Packard) Hidden
6300Trb (Version: 71.0.215.000 - Hewlett-Packard) Hidden
Adobe Connect 9 Add-in (HKU\S-1-5-21-606747145-117609710-839522115-1003\...\Adobe Connect 9 Add-in) (Version: 11,9,971,247 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Photoshop CS2 (HKLM\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.08) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.7.148 - Adobe Systems, Inc.)
Ahead Nero Burning ROM (HKLM\...\Nero - Burning Rom!UninstallKey) (Version:  - )
Ahead NeroMediaPlayer (HKLM\...\NMPUninstallKey) (Version:  - )
AiO_Scan_CDA (Version: 71.0.215.000 - Hewlett-Packard) Hidden
AiOSoftwareNPI (Version: 71.0.215.000 - Hewlett-Packard) Hidden
Alien Skin Eye Candy 5 Impact (HKLM\...\EyeCandy5Impact) (Version:  - )
Alien Skin Eye Candy 5 Nature (HKLM\...\EyeCandy5Nature) (Version:  - )
Alien Skin Eye Candy 5 Textures (HKLM\...\EyeCandy5Textures) (Version:  - )
AMD Catalyst Install Manager (HKLM\...\{D58AFD19-6736-A938-154A-EABEA741D2CC}) (Version: 8.0.891.0 - Advanced Micro Devices, Inc.)
Apple Application Support (32-bit) (HKLM\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{E1DB0812-2D60-43DB-AE09-6C7027D93B28}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI - Software Uninstall Utility (HKLM\...\All ATI Software) (Version: 6.14.10.1014 - )
ATI Control Panel (HKLM\...\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}) (Version: 6.14.10.5183 - )
ATI Display Driver (HKLM\...\ATI Display Driver) (Version: 8.23-060209a1-030546C-Dell - )
Auslogics DiskDefrag (HKLM\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 4.2.1.0 - Auslogics Labs Pty Ltd)
Avast Free Antivirus (HKLM\...\Avast) (Version: 10.3.2225 - AVAST Software)
Belarc Advisor 8.4 (HKLM\...\Belarc Advisor) (Version: 8.4.0.0 - Belarc Inc.)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
CleanUp! (HKLM\...\CleanUp!) (Version:  - )
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Contents (Version: 1.6.1.109 - Corel Corporation) Hidden
Corel Paint Shop Pro Photo X2 (HKLM\...\{64E72FB1-2343-4977-B4A8-262CD53D0BD3}) (Version: 12.010.0000 - Corel Corporation)
Corel PaintShop Photo Pro X3 (HKLM\...\_{D1AEB5DB-04FA-489D-94EF-8600898B93EE}) (Version: 1.6.1.109 - Corel Corporation)
Corel PaintShop Photo Pro X3 (Version: 1.00.0000 - Corel Corporation) Hidden
CP_CalendarTemplates1 (Version: 70.0.170.000 - Hewlett-Packard) Hidden
cp_OnlineProjectsConfig (Version: 70.0.170.000 - Hewlett-Packard) Hidden
CP_Package_Basic1 (Version: 70.0.170.000 - Hewlett-Packard) Hidden
CP_Panorama1Config (Version: 70.0.170.000 - Hewlett-Packard) Hidden
cp_PosterPrintConfig (Version: 70.0.170.000 - Hewlett-Packard) Hidden
Creative Audio Console (HKLM\...\AudioCS) (Version: 1.33 - Creative Technology Limited)
Creative MediaSource (HKLM\...\{2E0C1913-886B-4C5C-8DAF-D1E649CE5FCC}) (Version: 3.00 - )
Creative MediaSource 5 (HKLM\...\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}) (Version: 5.26 - Creative Technology Limited)
Creative MediaSource DVD-Audio Player (HKLM\...\Creative MediaSource DVD-Audio Player) (Version:  - )
Creative Software AutoUpdate (HKLM\...\Creative Software AutoUpdate) (Version: 1.40 - Creative Technology Limited)
Creative WaveStudio 7 (HKLM\...\WaveStudio 7) (Version: 7.14 - Creative Technology Limited)
Critical Update for Windows Media Player 11 (KB959772) (HKLM\...\KB959772_WM11) (Version:  - Microsoft Corporation)
CueTour (Version: 70.0.170.000 - Hewlett-Packard) Hidden
CustomerResearchQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
DB CIF Cam (HKLM\...\{83d96ed0-98aa-4515-8ddc-816f3efdd104}) (Version: 1.0 - My Company Name)
Dell Driver Download Manager (HKU\S-1-5-21-606747145-117609710-839522115-1003\...\f031ef6ac137efc5) (Version: 2.1.0.0 - Dell Inc.)
Dell Resource CD (HKLM\...\{FCD9CD52-7222-4672-94A0-A722BA702FD0}) (Version: 1.00.0000 - Dell Inc.)
Dell System Detect (HKU\S-1-5-21-606747145-117609710-839522115-1003\...\9204f5692a8faf3b) (Version: 5.7.0.6 - Dell)
Destinations (Version: 70.0.170.000 - Hewlett-Packard) Hidden
DeviceIO (Version: 1.6.1.109 - Corel Corporation) Hidden
DeviceManagementQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
Digital Line Detect (HKLM\...\{E646DCF0-5A68-11D5-B229-002078017FBF}) (Version: 1.10 - BVRP Software, Inc)
DivX Content Uploader (HKLM\...\{D050D7362D214723AD585B541FFB6C11}) (Version: 1.2.1 - DivX, Inc.)
DivX Converter (HKLM\...\{B13A7C41581B411290FBC0395694E2A9}) (Version: 6.6.0 - DivX, Inc.)
DivX Setup (HKLM\...\DivX Setup) (Version: 2.7.0.77 - DivX, LLC)
DocProc (Version: 7.0.0.0 - Hewlett-Packard) Hidden
DocProcQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
ERUNT 1.1j (HKLM\...\ERUNT_is1) (Version:  - Lars Hederer)
ESPNMotion (HKLM\...\ESPNMotion) (Version: 2.1.6.0011 - ESPN Internet Ventures)
eSupportQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
Evernote v. 5.7.2 (HKLM\...\{FB57263E-706F-11E4-A65F-00163E98E7D6}) (Version: 5.7.2.5753 - Evernote Corp.)
Eye Candy 4000 (HKLM\...\Eye Candy 4000) (Version:  - )
Facebook Plug-In (HKU\S-1-5-21-606747145-117609710-839522115-1003\...\Facebook Plug-In) (Version:  - Facebook, Inc.)
Fax_CDA (Version: 71.0.215.000 - Hewlett-Packard) Hidden
FileZilla Client 3.7.3 (HKLM\...\FileZilla Client) (Version: 3.7.3 - Tim Kosse)
FullDPAppQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
GemMaster Mystic (HKLM\...\12133444-BF36-4d4e-B7FB-A3424C645DE4) (Version:  - )
High Definition Audio Driver Package - KB835221 (HKLM\...\KB835221WXP) (Version: 20040219.000000 - Microsoft Corporation)
HiJackThis (HKLM\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
HijackThis 2.0.2 (HKLM\...\HijackThis) (Version: 2.0.2 - TrendMicro)
HP Customer Participation Program 7.0 (HKLM\...\HPExtendedCapabilities) (Version: 7.0 - HP)
hp deskjet 5100 (HKLM\...\{15C165F1-1DAE-4476-AFB6-8723729B41E7}) (Version: 1.03.0000 - Hewlett-Packard)
HP ENVY 5530 series Basic Device Software (HKLM\...\{5EBC9F1B-F969-4CF9-A616-F6BDDD46042B}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
HP ENVY 5530 series Help (HKLM\...\{97EAE055-1BE8-4775-8101-453E9715EC3F}) (Version: 30.0.0 - Hewlett Packard)
HP Imaging Device Functions 7.0 (HKLM\...\HP Imaging Device Functions) (Version: 7.0 - HP)
HP Photo and Imaging 2.0 - Deskjet Series (HKLM\...\{E0828692-FD9D-459F-9312-C645C3CA6650}) (Version: 2.00.0000 - {&Tahoma8}Hewlett-Packard)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Photosmart Premier Software 6.5 (HKLM\...\HP Photo & Imaging) (Version: 6.5 - HP)
HP Photosmart, Officejet and Deskjet 7.0.A (HKLM\...\{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}) (Version:  - HP)
hp print screen utility (HKLM\...\hp print screen utility) (Version:  - )
HP Solution Center 7.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 7.0 - HP)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (Version: 1.00.0001 - Microsoft) Hidden
HPPhotoSmartExpress (Version: 70.0.170.000 - Hewlett-Packard) Hidden
HPProductAssistant (Version: 70.0.170.000 - Hewlett-Packard) Hidden
HTC BMP USB Driver (HKLM\...\{31A559C1-9E4D-423B-9DD3-34A6C5398752}) (Version: 1.0.5375 - HTC)
HTC Driver Installer (HKLM\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.14.0.001 - HTC Corporation)
HTC Sync Manager (HKLM\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.37.2 - HTC)
ICA (Version: 1.6.1.109 - Corel Corporation) Hidden
IncrediMail (Version: 6.3.9.5274 - IncrediMail) Hidden
IncrediMail 2.0 (HKLM\...\IncrediMail) (Version: 6.3.9.5274 - IncrediMail Ltd.)
IncrediMail Data Manager (HKLM\...\IncrediMail Data Manager) (Version: 1.15 - Silent Wings Software)
InstantShareAlert (Version: 1.00.0000 - HP) Hidden
InstantShareDevices (Version: 70.0.170.000 - Hewlett-Packard) Hidden
InstantShareDevicesMFC (Version: 70.0.170.000 - Hewlett-Packard) Hidden
Intel® 537EP V9x DF PCI Modem (HKLM\...\Intel® 537EP V9x DF PCI Modem) (Version:  - )
Intel® PRO Network Connections Drivers (HKLM\...\PROSet) (Version:  - )
Intel® Viiv™ (HKLM\...\{903CE8F7-6C7B-41E6-A1CF-3BF1176264EC}) (Version: 1.0.1.2012 - Intel Corporation)
iPhone Configuration Utility (HKLM\...\{FA54AFB1-5745-4389-B8C1-9F7509672ED1}) (Version: 2.1.0.163 - Apple Inc.)
IPM_PSP_Pro (Version: 1.00.0000 - Corel Corporation) Hidden
IPTInstaller (HKLM\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
iTunes (HKLM\...\{3A9FE6B1-EE7F-40AC-B831-AC7C9ABB58A0}) (Version: 12.1.1.4 - Apple Inc.)
Jasc Animation Shop 3 (HKLM\...\{7C4196CA-CA41-4F34-9C08-7724E7705D52}) (Version: 3.11 - Jasc Software Inc)
Jasc Paint Shop Pro 9 (HKLM\...\{F843C6A3-224D-4615-94F8-3C461BD9AEA0}) (Version: 9.00.0000 - Jasc Software Inc)
Java 8 Update 40 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
Java 8 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
Kai's Power Tools 5 (HKLM\...\Kai's Power Tools 5) (Version:  - )
Kies mini (HKLM\...\InstallShield_{EE43894E-FDCF-4A8C-BCD6-3AAA9A48B486}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Kies mini (Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
KPT 6 (HKLM\...\KPT 6) (Version:  - )
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
MarketResearch (Version: 70.0.170.000 - Hewlett-Packard) Hidden
Memeo AutoBackup (HKU\S-1-5-21-606747145-117609710-839522115-1003\...\InstallShield_{6BCEB97B-F315-455D-BC2D-565A1A6781E8}) (Version: 2.50.1938 - Memeo)
Memeo AutoBackup (Version: 2.50.1938 - Memeo) Hidden
Memeo AutoSync (HKLM\...\{75B7F766-7998-44d8-A202-F1EC76A121BA}) (Version:  - Memeo Inc.)
Microsoft .NET Framework 1.0 Hotfix (KB2572066) (HKLM\...\KB2572066) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB2604042) (HKLM\...\KB2604042) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB2656378) (HKLM\...\KB2656378) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB953295) (HKLM\...\KB953295) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB979904) (HKLM\...\KB979904) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2698035) (HKLM\...\KB2698035) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2742607) (HKLM\...\KB2742607) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2833951) (HKLM\...\KB2833951) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2904878) (HKLM\...\KB2904878) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version:  - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Drivers Download Utility 3.4.4 (HKLM\...\{8570C6C9-4FD4-4306-8B57-D31A622E3E03}_is1) (Version: 3.4.4 - LionSea Software)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{90110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office XP Professional with FrontPage (HKLM\...\{90280409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version:  - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
MLE (Version: 1.0.0.23 - Corel Corporation) Hidden
MobileMe Control Panel (HKLM\...\{5A9AA2C0-972F-4239-AA41-E409434194D5}) (Version: 3.1.8.0 - Apple Inc.)
Modem Helper (HKLM\...\{7F142D56-3326-11D5-B229-002078017FBF}) (Version: 2.40 - BVRP Software)
Modem On Hold (HKLM\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 1.12 - BVRP Software, Inc)
Mozilla Firefox 40.0 (x86 en-US) (HKLM\...\Mozilla Firefox 40.0 (x86 en-US)) (Version: 40.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 40.0.0.5696 - Mozilla)
MSN (HKLM\...\MSNINST) (Version:  - )
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 6.0 Parser (KB933579) (HKLM\...\{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}) (Version: 6.10.1200.0 - Microsoft Corporation)
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
NewCopy_CDA (Version: 71.0.215.000 - Hewlett-Packard) Hidden
OCR Software by I.R.I.S 7.0 (HKLM\...\HPOCR) (Version: 7.0 - HP)
Otto (HKLM\...\B3EE3001-DC24-4cd1-8743-5692C716659F) (Version:  - )
PanoStandAlone (Version: 70.0.170.000 - Hewlett-Packard) Hidden
Photo Notifier and Animation Creator (HKLM\...\Photo Notifier and Animation Creator) (Version: 1.0.0.1009 - IncrediMail Ltd.)
PhotoMail Maker (HKLM\...\PhotoMail) (Version: 6.0.0.1007 - IncrediMail Ltd.)
PhotoMail Maker (Version: 6.0.0.1007 - IncrediMail) Hidden
ProductContextNPI (Version: 71.0.215.000 - Hewlett-Packard) Hidden
PSPH10Pro (Version: 1.00.0000 - Corel Corporation) Hidden
PSPPContent (Version: 1.00.0000 - Corel Corporation) Hidden
PSPPRO_DCRAW (Version: 13.0.0 - Corel Corporation) Hidden
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
RandMap (Version: 70.0.170.000 - Hewlett-Packard) Hidden
Readme (Version: 71.0.215.000 - Hewlett-Packard) Hidden
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.5377 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Safari (HKLM\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Scan (Version: 7.0.0.0 - Hewlett-Packard) Hidden
ScannerCopy (Version: 7.0.0.0 - Hewlett-Packard) Hidden
Seagate Dashboard (HKLM\...\{C3A11907-930D-41AC-A135-CC3B12F92011}) (Version: 1.1.0.1421 - Memeo Inc.)
Seagate DiscWizard (HKLM\...\{C43E4B9C-14C8-4EB0-998B-85211B6EDD61}) (Version: 11.0.8142 - Seagate)
SeaTools Enterprise (HKLM\...\SeaTools Enterprise) (Version:  - )
SeaTools for Windows (HKLM\...\SeaTools for Windows) (Version: 1.4.0.2 - Seagate Technology)
Segoe UI (Version: 14.0.4327.805 - Microsoft Corp) Hidden
Setup (Version: 1.6.1.109 - Corel Corporation) Hidden
Share (Version: 1.6.1.109 - Corel Corporation) Hidden
SigmaTel Audio (HKLM\...\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}) (Version: 5.10.4600.0 - SigmaTel)
SkinsHP1 (Version: 70.0.170.000 - Hewlett-Packard) Hidden
SlideShow (Version: 70.0.170.000 - Hewlett-Packard) Hidden
SolutionCenter (Version: 70.0.170.000 - Hewlett-Packard) Hidden
Sonic Encoders (HKLM\...\{9941F0AA-B903-4AF4-A055-83A9815CC011}) (Version: 1.00 - Sonic Solutions)
Sonic_PrimoSDK (Version: 70.0.170.000 - Hewlett-Packard) Hidden
Sound Blaster Audigy ADVANCED MB Demo (HKLM\...\CTMBDemo) (Version:  - )
Sound Blaster for Media Center (HKLM\...\Sound Blaster for Media Center) (Version:  - )
Splat! 1.0 (HKLM\...\Splat) (Version:  - )
SpywareBlaster 5.0 (HKLM\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
Status (Version: 70.0.170.000 - Hewlett-Packard) Hidden
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.7.1026 - SUPERAntiSpyware.com)
SweetIM Toolbar for Internet Explorer 3.2 (HKLM\...\{83FA27D5-25B5-4D24-B796-DF742F08A5CF}) (Version: 3.2.0002 - SweetIM Technologies Ltd.) <==== ATTENTION
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Toolbox (Version: 70.0.170.000 - Hewlett-Packard) Hidden
TrayApp (Version: 70.0.170.000 - Hewlett-Packard) Hidden
TuneUp Utilities 2014 (en-US) (Version: 14.0.1000.353 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM\...\TuneUp Utilities) (Version: 14.0.1000.353 - TuneUp Software)
TuneUp Utilities 2014 (Version: 14.0.1000.353 - TuneUp Software) Hidden
Unload (Version: 7.0.0 - Hewlett-Packard) Hidden
Update Rollup 2 for Windows XP Media Center Edition 2005 (HKLM\...\KB900325) (Version:  - Microsoft Corporation)
USB 2.0 Wireless LAN Card Utility (HKLM\...\{A3BC5D37-30F9-4CF7-BD5C-0DFF063E4B6D}) (Version: 8.1.55 - Dell Inc.)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
VIO (Version: 1.6.1.109 - Corel Corporation) Hidden
virtualPhotographer 1.5.6 (HKLM\...\virtualPhotographer_is1) (Version:  - optikVerve Labs)
VLC media player 2.0.3 (HKLM\...\VLC media player) (Version: 2.0.3 - VideoLAN)
Vz In-Home Agent (HKLM\...\VzInHomeAgent) (Version: 9.0.59.0 - Verizon)
WD Diagnostics (HKLM\...\{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}) (Version: 1.09.0002 - Western Digital Technologies)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
WebReg (Version: 70.0.170.000 - Hewlett-Packard) Hidden
WhoCrashed 5.02 (HKLM\...\WhoCrashed_is1) (Version:  - Resplendence Software Projects Sp.)
Windows Installer Clean Up (HKLM\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Sign-in Assistant (HKLM\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Upload Tool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Encoder 9 Series (HKLM\...\Windows Media Encoder 9) (Version:  - )
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version:  - )
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows PowerShell™ 1.0 (HKLM\...\KB926139-v2) (Version: 2 - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB2502898 (HKLM\...\KB2502898) (Version:  - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB2619340 (HKLM\...\KB2619340) (Version:  - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB2628259 (HKLM\...\KB2628259) (Version:  - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB925766 (HKLM\...\KB925766) (Version:  - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB973768 (HKLM\...\KB973768) (Version:  - Microsoft Corporation)
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
WinPatrol (HKLM\...\{84481A87-2316-4923-8FAB-3BA8CA29323D}) (Version: 29.2.2013 - BillP Studios)
WinRAR 5.00 beta 8 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.8 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-606747145-117609710-839522115-1003_Classes\CLSID\{0000002F-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-606747145-117609710-839522115-1003_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-606747145-117609710-839522115-1003_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-606747145-117609710-839522115-1003_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-606747145-117609710-839522115-1003_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-606747145-117609710-839522115-1003_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-606747145-117609710-839522115-1003_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-606747145-117609710-839522115-1003_Classes\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-606747145-117609710-839522115-1003_Classes\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-606747145-117609710-839522115-1003_Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}\InprocServer32 -> C:\Documents and Settings\User\Application Data\Smilebox\MP4Splitter.ax (Gabest)
CustomCLSID: HKU\S-1-5-21-606747145-117609710-839522115-1003_Classes\CLSID\{46763EE0-CAB2-11CE-8C20-00AA0051E5D4}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-606747145-117609710-839522115-1003_Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}\InprocServer32 -> C:\Documents and Settings\User\Application Data\Smilebox\MP4Splitter.ax (Gabest)
CustomCLSID: HKU\S-1-5-21-606747145-117609710-839522115-1003_Classes\CLSID\{6AC7C19E-8CA0-4E3D-9A9F-2881DE29E0AC}\InprocServer32 -> C:\Documents and Settings\User\Application Data\Smilebox\CoreAAC.ax No File
CustomCLSID: HKU\S-1-5-21-606747145-117609710-839522115-1003_Classes\CLSID\{919AB5F1-1C34-47a2-9C02-17128222C7CF}\InprocServer32 -> C:\Documents and Settings\User\Application Data\Smilebox\MP3Encoder.dll No File
CustomCLSID: HKU\S-1-5-21-606747145-117609710-839522115-1003_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-606747145-117609710-839522115-1003_Classes\CLSID\{C98FE784-B96E-41e1-8399-1337AE3E539F}\InprocServer32 -> C:\Documents and Settings\User\Application Data\Facebook\npfbplugin_1_0_3.dll ( )
CustomCLSID: HKU\S-1-5-21-606747145-117609710-839522115-1003_Classes\CLSID\{D3D9D58B-45B5-48AB-B199-B8C40560AEC7}\InprocServer32 -> C:\Documents and Settings\User\Application Data\Smilebox\MP4Splitter.ax (Gabest)
CustomCLSID: HKU\S-1-5-21-606747145-117609710-839522115-1003_Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}\InprocServer32 -> C:\Documents and Settings\User\Application Data\Smilebox\MP4Splitter.ax (Gabest)

==================== Restore Points =========================

31-07-2015 21:10:32 avast! antivirus system restore point
31-07-2015 21:14:31 Installed Windows XP Wdf01009.
01-08-2015 13:01:16 Software Distribution Service 3.0
01-08-2015 17:27:57 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
01-08-2015 17:54:53 Software Distribution Service 3.0
01-08-2015 18:30:47 Software Distribution Service 3.0
07-08-2015 15:46:35 Software Distribution Service 3.0
08-08-2015 15:24:47 Software Distribution Service 3.0
08-08-2015 16:20:55 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
08-08-2015 16:21:51 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2004-08-10 07:00 - 2013-10-21 18:39 - 00000027 ____N C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe

==================== Loaded Modules (Whitelisted) ==============

2015-07-31 21:10 - 2015-07-31 21:10 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-07-31 21:10 - 2015-07-31 21:10 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-08-08 15:25 - 2015-08-08 15:25 - 02960384 _____ () C:\Program Files\AVAST Software\Avast\defs\15080801\algo.dll
2013-08-07 15:25 - 2013-08-07 15:25 - 00093696 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll
2015-03-13 23:43 - 2015-07-31 21:10 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2008-06-24 18:35 - 2008-06-24 18:35 - 01328408 ____C () C:\Program Files\Seagate\DiscWizard\fox.dll
2014-11-19 23:14 - 2014-11-19 23:14 - 00438336 _____ () C:\Program Files\Evernote\Evernote\libxml2.dll
2014-11-19 23:14 - 2014-11-19 23:14 - 00320064 _____ () C:\Program Files\Evernote\Evernote\libtidy.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2004-08-10 07:00 - 2011-02-04 18:48 - 00291840 _____ () C:\WINDOWS\system32\sbe.dll
2004-08-10 07:00 - 2013-01-02 02:49 - 01292288 _____ () C:\WINDOWS\system32\quartz.dll
2004-08-10 07:00 - 2008-04-13 20:11 - 00059904 _____ () C:\WINDOWS\system32\devenum.dll
2004-08-10 07:00 - 2008-04-13 20:11 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2014-08-06 13:40 - 2014-08-06 13:40 - 00031080 _____ () C:\Program Files\HTC\HTC Sync Manager\DbAccess.dll
2014-12-18 16:08 - 2014-12-18 16:08 - 00607376 _____ () C:\Program Files\HTC\HTC Sync Manager\sqlite3.dll
2014-08-06 13:41 - 2014-08-06 13:41 - 00059752 _____ () C:\Program Files\HTC\HTC Sync Manager\NAdvLog.dll
2014-08-06 13:41 - 2014-08-06 13:41 - 00036216 _____ () C:\Program Files\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
2014-08-06 13:42 - 2014-08-06 13:42 - 00080248 _____ () C:\Program Files\HTC\HTC Sync Manager\ninstallerhelper.dll
2014-08-06 13:44 - 2014-08-06 13:44 - 00129376 ____C () C:\Program Files\HTC\HTC Sync Manager\zlib1.dll
2014-08-06 13:46 - 2014-08-06 13:46 - 00223592 ____C () C:\Program Files\HTC\HTC Sync Manager\DevConnMon.dll
2013-07-09 17:37 - 2013-07-09 17:37 - 03391488 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_b4eed146\mscorlib.dll
2013-07-09 17:24 - 2013-07-09 17:24 - 03035136 ____C () c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_9a0d88b2\system.windows.forms.dll
2013-07-09 17:37 - 2013-07-09 17:37 - 00843776 ____C () c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_b769fb61\system.drawing.dll
2013-07-09 17:24 - 2013-07-09 17:24 - 01966080 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_5f21cab9\system.dll
2013-07-09 17:36 - 2013-07-09 17:36 - 02088960 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_8c2dcaf2\system.xml.dll
2013-10-17 16:27 - 2013-10-17 16:27 - 00166912 _____ () C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
2014-12-18 16:10 - 2014-12-18 16:10 - 00821600 _____ () C:\Program Files\HTC\HTC Sync Manager\HTC Sync\adb.exe
2007-06-05 14:20 - 2007-06-05 14:20 - 00177704 _____ () C:\WINDOWS\system32\PSIService.exe
2005-10-20 11:36 - 2005-10-20 11:36 - 00065536 ___RC () C:\Program Files\Hewlett-Packard\Digital Imaging\bin\crm\xmlparse.dll
2005-10-20 11:36 - 2005-10-20 11:36 - 00077824 ___RC () C:\Program Files\Hewlett-Packard\Digital Imaging\bin\crm\xmltok.dll
2015-07-31 21:20 - 2015-07-31 21:20 - 17448624 _____ () C:\WINDOWS\system32\Macromed\Flash\NPSWF32_18_0_0_209.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
IE restricted site: HKU\.DEFAULT\...\123topsearch.com -> www.123topsearch.com
IE restricted site: HKU\.DEFAULT\...\125sms.co.uk -> www.125sms.co.uk

There are 5318 more restricted sites.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-606747145-117609710-839522115-1003\Control Panel\Desktop\\Wallpaper -> C:\Documents and Settings\User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
DNS Servers: 192.168.1.1
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Documents and Settings^User^Start Menu^Programs^Startup^Memeo AutoBackup Launcher.lnk => C:\WINDOWS\pss\Memeo AutoBackup Launcher.lnkStartup
MSCONFIG\startupreg: Corel Photo Downloader => "C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" -startup
MSCONFIG\startupreg: DeviceDiscovery => C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
MSCONFIG\startupreg: HP Software Update => "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
MSCONFIG\startupreg: IncrediMail => C:\Program Files\IncrediMail\bin\IncMail.exe /c
MSCONFIG\startupreg: Memeo AutoSync => C:\Program Files\Memeo\AutoSync\MemeoLauncher2.exe --silent
MSCONFIG\startupreg: MSMSGS => "C:\Program Files\Messenger\msmsgs.exe" /background
MSCONFIG\startupreg: msnmsgr => "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: Seagate Dashboard => C:\Program Files\Seagate\Seagate Dashboard\MemeoLauncher.exe --silent --no_ui
MSCONFIG\startupreg: WinPatrol => C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

DomainProfile\AuthorizedApplications: [C:\Program Files\Windows Live\Messenger\wlcsdk.exe] => Enabled:Windows Live Call
DomainProfile\AuthorizedApplications: [C:\Program Files\Windows Live\Messenger\msnmsgr.exe] => Enabled:Windows Live Messenger
DomainProfile\AuthorizedApplications: [C:\Program Files\Sleek Bill\libj\launch4j-tmp\Sleek Bill.exe] => Enabled:Java™ Platform SE binary
DomainProfile\AuthorizedApplications: [C:\Program Files\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe] => :LocalSubNet:Enabled:BlackBerry Link Tunnel Manager (TCP)
DomainProfile\AuthorizedApplications: [C:\Program Files\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe] => :LocalSubNet:Enabled:BlackBerry Link MDNS Service (TCP)
DomainProfile\AuthorizedApplications: [C:\Program Files\Common Files\Research In Motion\nginx\nginx.exe] => :LocalSubNet:Enabled:BlackBerry Link Service (Nginx)
DomainProfile\AuthorizedApplications: [C:\Program Files\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe] => :LocalSubNet:Enabled:BlackBerry Link Peer Manager
DomainProfile\AuthorizedApplications: [C:\Program Files\HTC\HTC Sync Manager\HTCSyncManager.exe] => Enabled:HTCSyncManager
StandardProfile\AuthorizedApplications: [C:\Program Files\Messenger\msmsgs.exe] => Enabled:Windows Messenger
StandardProfile\AuthorizedApplications: [C:\Program Files\IncrediMail\bin\ImApp.exe] => Enabled:IncrediMail
StandardProfile\AuthorizedApplications: [C:\Program Files\IncrediMail\bin\IncMail.exe] => Enabled:IncrediMail
StandardProfile\AuthorizedApplications: [C:\Program Files\IncrediMail\bin\ImpCnt.exe] => Enabled:IncrediMail
StandardProfile\AuthorizedApplications: [C:\Program Files\IncrediMail\bin\ImLc.exe] => Enabled:IncrediMail
StandardProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe] => Enabled:hpqtra08.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqste08.exe] => Enabled:hpqste08.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpofxm08.exe] => Enabled:hpofxm08.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposfx08.exe] => Enabled:hposfx08.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposid01.exe] => Enabled:hposid01.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqscnvw.exe] => Enabled:hpqscnvw.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqkygrp.exe] => Enabled:hpqkygrp.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqCopy.exe] => Enabled:hpqcopy.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpfccopy.exe] => Enabled:hpfccopy.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpzwiz01.exe] => Enabled:hpzwiz01.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\HpqPhUnl.exe] => Enabled:hpqphunl.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\HpqDIA.exe] => Enabled:hpqdia.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoews01.exe] => Enabled:hpoews01.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqnrs08.exe] => Enabled:hpqnrs08.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\QuickTime\QuickTimePlayer.exe] => Enabled:QuickTime Player
StandardProfile\AuthorizedApplications: [C:\Program Files\Bonjour\mDNSResponder.exe] => Enabled:Bonjour Service
StandardProfile\AuthorizedApplications: [C:\Documents and Settings\User\Local Settings\Application Data\IM\Runtime\IncrediMail_Install.exe] => Enabled:IncrediMail Installer
StandardProfile\AuthorizedApplications: [C:\Program Files\Windows Live\Messenger\wlcsdk.exe] => Enabled:Windows Live Call
StandardProfile\AuthorizedApplications: [C:\Program Files\Windows Live\Messenger\msnmsgr.exe] => Enabled:Windows Live Messenger
StandardProfile\AuthorizedApplications: [C:\Program Files\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe] => Enabled:SeagateHipServAgent
StandardProfile\AuthorizedApplications: [C:\Program Files\Mozilla Firefox\plugin-container.exe] => Enabled:Plugin Container for Firefox
StandardProfile\AuthorizedApplications: [C:\Program Files\HTC\HTC Sync Manager\HTCSyncManager.exe] => Enabled:HTCSyncManager
StandardProfile\AuthorizedApplications: [C:\Program Files\HP\HP ENVY 5530 series\Bin\DeviceSetup.exe] => :LocalSubNet:Enabled:HP Device Setup (HP ENVY 5530 series)
StandardProfile\AuthorizedApplications: [C:\Program Files\HP\HP ENVY 5530 series\Bin\HPNetworkCommunicatorCom.exe] => :LocalSubNet:Enabled:HP Network Communicator COM (HP ENVY 5530 series)
StandardProfile\AuthorizedApplications: [C:\Program Files\iTunes\iTunes.exe] => Enabled:iTunes
StandardProfile\AuthorizedApplications: [C:\Program Files\Mozilla Firefox\firefox.exe] => Enabled:Firefox (C:\Program Files\Mozilla Firefox)
StandardProfile\GloballyOpenPorts: [57384:TCP] => Enabled:Pando P2P TCP Listening Port
StandardProfile\GloballyOpenPorts: [57384:UDP] => Enabled:Pando P2P UDP Listening Port
StandardProfile\GloballyOpenPorts: [1900:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22007
StandardProfile\GloballyOpenPorts: [57428:TCP] => Enabled:Pando
StandardProfile\GloballyOpenPorts: [57428:UDP] => Enabled:Pando
StandardProfile\GloballyOpenPorts: [56090:TCP] => Enabled:Pando
StandardProfile\GloballyOpenPorts: [56090:UDP] => Enabled:Pando
StandardProfile\GloballyOpenPorts: [67:UDP] => Enabled:DHCP Server
StandardProfile\GloballyOpenPorts: [5357:TCP] => Enabled:WS-Eventing TCP Port 5357

==================== Faulty Device Manager Devices =============

Name: RADEON X300 SE 128MB HyperMemory Secondary
Description: RADEON X300 SE 128MB HyperMemory Secondary
Class Guid:  TI Technologies Inc.
Manufacturer: ATI Technologies Inc.
Service: ati2mtag
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Parport
Description: Parport
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Parport
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Serial
Description: Serial
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Serial
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/01/2015 03:14:55 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application iTunes.exe, version 12.1.1.4, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (07/31/2015 11:46:28 PM) (Source: MsiInstaller) (EventID: 10005) (User: LEXY)
Description: Product: iTunes -- iTunes requires that your computer is running Windows 7 or newer.

Error: (07/31/2015 09:23:53 PM) (Source: MsiInstaller) (EventID: 10005) (User: LEXY)
Description: Product: QuickTime 7 -- QuickTime 7 requires that your computer is running Windows Vista or Windows 7.

Error: (07/31/2015 09:11:43 PM) (Source: crypt32) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (07/31/2015 09:11:43 PM) (Source: crypt32) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (04/10/2015 05:05:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application IncMail.exe, version 6.3.9.5274, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (04/10/2015 05:05:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application IncMail.exe, version 6.3.9.5274, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (03/26/2015 07:01:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application plugin-container.exe, version 37.0.0.5556, faulting module mozalloc.dll, version 37.0.0.5556, fault address 0x00001aa1.
Processing media-specific event for [plugin-container.exe!ws!]

Error: (03/25/2015 11:03:01 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application Photoshop.exe, version 9.0.0.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (03/25/2015 10:41:41 PM) (Source: VBRuntime) (EventID: 1) (User: )
Description: The VB Application identified by the event source logged this Application MSICUU: Thread ID: 3308 ,Logged:

Success:
C:\Program Files\Windows Installer Clean Up\msizap.exe TW! {C1C6767D-B395-43CB-BF99-051B58B86DA6}


System errors:
=============
Error: (08/08/2015 03:23:59 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {7F6316B4-4D69-4765-B0A3-B2598F2FA80A} did not register with DCOM within the required timeout.


Microsoft Office:
=========================
Error: (08/01/2015 03:14:55 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: iTunes.exe12.1.1.4hungapp0.0.0.000000000

Error: (07/31/2015 11:46:28 PM) (Source: MsiInstaller) (EventID: 10005) (User: LEXY)
Description: Product: iTunes -- iTunes requires that your computer is running Windows 7 or newer.(NULL)(NULL)(NULL)

Error: (07/31/2015 09:23:53 PM) (Source: MsiInstaller) (EventID: 10005) (User: LEXY)
Description: Product: QuickTime 7 -- QuickTime 7 requires that your computer is running Windows Vista or Windows 7.(NULL)(NULL)(NULL)

Error: (07/31/2015 09:11:43 PM) (Source: crypt32) (EventID: 11) (User: )
Description: http://www.download....uthrootstl.cabArequired certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (07/31/2015 09:11:43 PM) (Source: crypt32) (EventID: 11) (User: )
Description: http://www.download....uthrootstl.cabArequired certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (04/10/2015 05:05:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IncMail.exe6.3.9.5274hungapp0.0.0.000000000

Error: (04/10/2015 05:05:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IncMail.exe6.3.9.5274hungapp0.0.0.000000000

Error: (03/26/2015 07:01:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe37.0.0.5556mozalloc.dll37.0.0.555600001aa1

Error: (03/25/2015 11:03:01 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Photoshop.exe9.0.0.0hungapp0.0.0.000000000

Error: (03/25/2015 10:41:41 PM) (Source: VBRuntime) (EventID: 1) (User: )
Description: Application MSICUU: Thread ID: 3308 ,Logged:

Success:
C:\Program Files\Windows Installer Clean Up\msizap.exe TW! {C1C6767D-B395-43CB-BF99-051B58B86DA6}


==================== Memory info ===========================

Processor:  Intel® Pentium® D CPU 3.00GHz
Percentage of memory in use: 59%
Total physical RAM: 2046.09 MB
Available physical RAM: 836.27 MB
Total Virtual: 3934.98 MB
Available Virtual: 2761.75 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.76 GB) (Free:226.09 GB) NTFS ==>[drive with boot components (Windows XP)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 465.8 GB) (Disk ID: 208B3481)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End of log ============================

 

 

 


  • 0

Advertisements


#2
Lexy610

Lexy610

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 743 posts
I tried to update my computer a few times and I keep getting this ....

image.jpg
  • 0

#3
Pyxis

Pyxis

    Trusted Helper

  • Malware Removal
  • 1,228 posts
Greetings,

I apologize for the delay! I am Pyxis and I will be assisting you. If you still require assistance, I would like to stress the following reminders:
  • It is important that you do not install anything unless asked while the process is ongoing. Doing so may hinder or even complicate the cleaning of your system. You will get the chance to install things as you would like after the process has been completed.
  • Ensure you take extra caution to precisely follow my instructions. Please only use the tools I have asked you to. The instructions for your computer are unique and should therefore only apply to your system.
  • Since the cleaning process is quite delicate, your timely response is crucial. Topics are marked inactive and thus closed within 3 full days of no activity. If you deem I have overlooked your thread--which is in a matter of more than 48 hours--please send me a PM and I will get back to you shortly.
I hope you keep in mind these reminders. Let's get to work! :thumbsup:
  • Step 1

    You need to generate fresh FRST logs. If you haven't already, download 'Farbar Recovery Scan Tool by Farbar' and save it to your desktop.
    • Simply double-click the program icon to run it. It will ask for administrator privileges.
    • The program will initialize. Press Yes to accept the disclaimer.
    • Put a check on Addition.
    • Press the Scan button after.
    • It will produce FRST.txt and Addition.txt on your desktop once done.
    • Copy (CTRL + A and CTRL + C) and paste (CTRL + V) the content of the logs in your next reply.
  • Logs to Post

    In summary of the above, I will need you to post the following log(s):
    • Addition.txt (Farbar Recovery Scan Tool)
    • FRST.txt (Farbar Recovery Scan Tool)

  • 0

#4
Lexy610

Lexy610

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 743 posts

Hii .. not a problem I know you are all busy :)

 

 

 

 

 

 

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version:17-08-2015
Ran by User (2015-08-19 03:15:28)
Running from C:\Documents and Settings\User\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-606747145-117609710-839522115-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
ASPNET (S-1-5-21-606747145-117609710-839522115-1004 - Limited - Enabled)
Guest (S-1-5-21-606747145-117609710-839522115-501 - Limited - Disabled) => %SystemDrive%\Documents and Settings\Guest
HelpAssistant (S-1-5-21-606747145-117609710-839522115-1000 - Limited - Disabled)
SUPPORT_388945a0 (S-1-5-21-606747145-117609710-839522115-1002 - Limited - Disabled)
User (S-1-5-21-606747145-117609710-839522115-1003 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\User

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Microsoft Security Essentials (Disabled - Up to date) {BCF43643-A118-4432-AEDE-D861FCBCFCDF}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

20/20 v2.2 (HKLM\...\20/20 v2.2) (Version:  - )
6300 (Version: 71.0.215.000 - Hewlett-Packard) Hidden
6300_Help (Version: 71.0.215.000 - Hewlett-Packard) Hidden
6300Trb (Version: 71.0.215.000 - Hewlett-Packard) Hidden
Adobe Connect 9 Add-in (HKU\S-1-5-21-606747145-117609710-839522115-1003\...\Adobe Connect 9 Add-in) (Version: 11,9,971,247 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Photoshop CS2 (HKLM\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.08) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.7.148 - Adobe Systems, Inc.)
Ahead Nero Burning ROM (HKLM\...\Nero - Burning Rom!UninstallKey) (Version:  - )
Ahead NeroMediaPlayer (HKLM\...\NMPUninstallKey) (Version:  - )
AiO_Scan_CDA (Version: 71.0.215.000 - Hewlett-Packard) Hidden
AiOSoftwareNPI (Version: 71.0.215.000 - Hewlett-Packard) Hidden
Alien Skin Eye Candy 5 Impact (HKLM\...\EyeCandy5Impact) (Version:  - )
Alien Skin Eye Candy 5 Nature (HKLM\...\EyeCandy5Nature) (Version:  - )
Alien Skin Eye Candy 5 Textures (HKLM\...\EyeCandy5Textures) (Version:  - )
AMD Catalyst Install Manager (HKLM\...\{D58AFD19-6736-A938-154A-EABEA741D2CC}) (Version: 8.0.891.0 - Advanced Micro Devices, Inc.)
Apple Application Support (32-bit) (HKLM\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{E1DB0812-2D60-43DB-AE09-6C7027D93B28}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI - Software Uninstall Utility (HKLM\...\All ATI Software) (Version: 6.14.10.1014 - )
ATI Control Panel (HKLM\...\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}) (Version: 6.14.10.5183 - )
ATI Display Driver (HKLM\...\ATI Display Driver) (Version: 8.23-060209a1-030546C-Dell - )
Auslogics DiskDefrag (HKLM\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 4.2.1.0 - Auslogics Labs Pty Ltd)
Avast Free Antivirus (HKLM\...\Avast) (Version: 10.3.2225 - AVAST Software)
Belarc Advisor 8.4 (HKLM\...\Belarc Advisor) (Version: 8.4.0.0 - Belarc Inc.)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
CleanUp! (HKLM\...\CleanUp!) (Version:  - )
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Contents (Version: 1.6.1.109 - Corel Corporation) Hidden
Corel Paint Shop Pro Photo X2 (HKLM\...\{64E72FB1-2343-4977-B4A8-262CD53D0BD3}) (Version: 12.010.0000 - Corel Corporation)
Corel PaintShop Photo Pro X3 (HKLM\...\_{D1AEB5DB-04FA-489D-94EF-8600898B93EE}) (Version: 1.6.1.109 - Corel Corporation)
Corel PaintShop Photo Pro X3 (Version: 1.00.0000 - Corel Corporation) Hidden
CP_CalendarTemplates1 (Version: 70.0.170.000 - Hewlett-Packard) Hidden
cp_OnlineProjectsConfig (Version: 70.0.170.000 - Hewlett-Packard) Hidden
CP_Package_Basic1 (Version: 70.0.170.000 - Hewlett-Packard) Hidden
CP_Panorama1Config (Version: 70.0.170.000 - Hewlett-Packard) Hidden
cp_PosterPrintConfig (Version: 70.0.170.000 - Hewlett-Packard) Hidden
Creative Audio Console (HKLM\...\AudioCS) (Version: 1.33 - Creative Technology Limited)
Creative MediaSource (HKLM\...\{2E0C1913-886B-4C5C-8DAF-D1E649CE5FCC}) (Version: 3.00 - )
Creative MediaSource 5 (HKLM\...\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}) (Version: 5.26 - Creative Technology Limited)
Creative MediaSource DVD-Audio Player (HKLM\...\Creative MediaSource DVD-Audio Player) (Version:  - )
Creative Software AutoUpdate (HKLM\...\Creative Software AutoUpdate) (Version: 1.40 - Creative Technology Limited)
Creative WaveStudio 7 (HKLM\...\WaveStudio 7) (Version: 7.14 - Creative Technology Limited)
Critical Update for Windows Media Player 11 (KB959772) (HKLM\...\KB959772_WM11) (Version:  - Microsoft Corporation)
CueTour (Version: 70.0.170.000 - Hewlett-Packard) Hidden
CustomerResearchQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
DB CIF Cam (HKLM\...\{83d96ed0-98aa-4515-8ddc-816f3efdd104}) (Version: 1.0 - My Company Name)
Dell Driver Download Manager (HKU\S-1-5-21-606747145-117609710-839522115-1003\...\f031ef6ac137efc5) (Version: 2.1.0.0 - Dell Inc.)
Dell Resource CD (HKLM\...\{FCD9CD52-7222-4672-94A0-A722BA702FD0}) (Version: 1.00.0000 - Dell Inc.)
Dell System Detect (HKU\S-1-5-21-606747145-117609710-839522115-1003\...\9204f5692a8faf3b) (Version: 5.7.0.6 - Dell)
Destinations (Version: 70.0.170.000 - Hewlett-Packard) Hidden
DeviceIO (Version: 1.6.1.109 - Corel Corporation) Hidden
DeviceManagementQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
Digital Line Detect (HKLM\...\{E646DCF0-5A68-11D5-B229-002078017FBF}) (Version: 1.10 - BVRP Software, Inc)
DivX Content Uploader (HKLM\...\{D050D7362D214723AD585B541FFB6C11}) (Version: 1.2.1 - DivX, Inc.)
DivX Converter (HKLM\...\{B13A7C41581B411290FBC0395694E2A9}) (Version: 6.6.0 - DivX, Inc.)
DivX Setup (HKLM\...\DivX Setup) (Version: 2.7.0.77 - DivX, LLC)
DocProc (Version: 7.0.0.0 - Hewlett-Packard) Hidden
DocProcQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
ERUNT 1.1j (HKLM\...\ERUNT_is1) (Version:  - Lars Hederer)
ESPNMotion (HKLM\...\ESPNMotion) (Version: 2.1.6.0011 - ESPN Internet Ventures)
eSupportQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
Evernote v. 5.7.2 (HKLM\...\{FB57263E-706F-11E4-A65F-00163E98E7D6}) (Version: 5.7.2.5753 - Evernote Corp.)
Eye Candy 4000 (HKLM\...\Eye Candy 4000) (Version:  - )
Facebook Plug-In (HKU\S-1-5-21-606747145-117609710-839522115-1003\...\Facebook Plug-In) (Version:  - Facebook, Inc.)
Fax_CDA (Version: 71.0.215.000 - Hewlett-Packard) Hidden
FileZilla Client 3.7.3 (HKLM\...\FileZilla Client) (Version: 3.7.3 - Tim Kosse)
FullDPAppQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
GemMaster Mystic (HKLM\...\12133444-BF36-4d4e-B7FB-A3424C645DE4) (Version:  - )
High Definition Audio Driver Package - KB835221 (HKLM\...\KB835221WXP) (Version: 20040219.000000 - Microsoft Corporation)
HiJackThis (HKLM\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
HijackThis 2.0.2 (HKLM\...\HijackThis) (Version: 2.0.2 - TrendMicro)
HP Customer Participation Program 7.0 (HKLM\...\HPExtendedCapabilities) (Version: 7.0 - HP)
hp deskjet 5100 (HKLM\...\{15C165F1-1DAE-4476-AFB6-8723729B41E7}) (Version: 1.03.0000 - Hewlett-Packard)
HP ENVY 5530 series Basic Device Software (HKLM\...\{5EBC9F1B-F969-4CF9-A616-F6BDDD46042B}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
HP ENVY 5530 series Help (HKLM\...\{97EAE055-1BE8-4775-8101-453E9715EC3F}) (Version: 30.0.0 - Hewlett Packard)
HP Imaging Device Functions 7.0 (HKLM\...\HP Imaging Device Functions) (Version: 7.0 - HP)
HP Photo and Imaging 2.0 - Deskjet Series (HKLM\...\{E0828692-FD9D-459F-9312-C645C3CA6650}) (Version: 2.00.0000 - {&Tahoma8}Hewlett-Packard)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Photosmart Premier Software 6.5 (HKLM\...\HP Photo & Imaging) (Version: 6.5 - HP)
HP Photosmart, Officejet and Deskjet 7.0.A (HKLM\...\{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}) (Version:  - HP)
hp print screen utility (HKLM\...\hp print screen utility) (Version:  - )
HP Solution Center 7.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 7.0 - HP)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (Version: 1.00.0001 - Microsoft) Hidden
HPPhotoSmartExpress (Version: 70.0.170.000 - Hewlett-Packard) Hidden
HPProductAssistant (Version: 70.0.170.000 - Hewlett-Packard) Hidden
HTC BMP USB Driver (HKLM\...\{31A559C1-9E4D-423B-9DD3-34A6C5398752}) (Version: 1.0.5375 - HTC)
HTC Driver Installer (HKLM\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.14.0.001 - HTC Corporation)
HTC Sync Manager (HKLM\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.37.2 - HTC)
ICA (Version: 1.6.1.109 - Corel Corporation) Hidden
IncrediMail (Version: 6.3.9.5274 - IncrediMail) Hidden
IncrediMail 2.0 (HKLM\...\IncrediMail) (Version: 6.3.9.5274 - IncrediMail Ltd.)
IncrediMail Data Manager (HKLM\...\IncrediMail Data Manager) (Version: 1.15 - Silent Wings Software)
InstantShareAlert (Version: 1.00.0000 - HP) Hidden
InstantShareDevices (Version: 70.0.170.000 - Hewlett-Packard) Hidden
InstantShareDevicesMFC (Version: 70.0.170.000 - Hewlett-Packard) Hidden
Intel® 537EP V9x DF PCI Modem (HKLM\...\Intel® 537EP V9x DF PCI Modem) (Version:  - )
Intel® PRO Network Connections Drivers (HKLM\...\PROSet) (Version:  - )
Intel® Viiv™ (HKLM\...\{903CE8F7-6C7B-41E6-A1CF-3BF1176264EC}) (Version: 1.0.1.2012 - Intel Corporation)
iPhone Configuration Utility (HKLM\...\{FA54AFB1-5745-4389-B8C1-9F7509672ED1}) (Version: 2.1.0.163 - Apple Inc.)
IPM_PSP_Pro (Version: 1.00.0000 - Corel Corporation) Hidden
IPTInstaller (HKLM\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
iTunes (HKLM\...\{3A9FE6B1-EE7F-40AC-B831-AC7C9ABB58A0}) (Version: 12.1.1.4 - Apple Inc.)
Jasc Animation Shop 3 (HKLM\...\{7C4196CA-CA41-4F34-9C08-7724E7705D52}) (Version: 3.11 - Jasc Software Inc)
Jasc Paint Shop Pro 9 (HKLM\...\{F843C6A3-224D-4615-94F8-3C461BD9AEA0}) (Version: 9.00.0000 - Jasc Software Inc)
Java 8 Update 40 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
Java 8 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
Kai's Power Tools 5 (HKLM\...\Kai's Power Tools 5) (Version:  - )
Kies mini (HKLM\...\InstallShield_{EE43894E-FDCF-4A8C-BCD6-3AAA9A48B486}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Kies mini (Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
KPT 6 (HKLM\...\KPT 6) (Version:  - )
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
MarketResearch (Version: 70.0.170.000 - Hewlett-Packard) Hidden
Memeo AutoBackup (HKU\S-1-5-21-606747145-117609710-839522115-1003\...\InstallShield_{6BCEB97B-F315-455D-BC2D-565A1A6781E8}) (Version: 2.50.1938 - Memeo)
Memeo AutoBackup (Version: 2.50.1938 - Memeo) Hidden
Memeo AutoSync (HKLM\...\{75B7F766-7998-44d8-A202-F1EC76A121BA}) (Version:  - Memeo Inc.)
Microsoft .NET Framework 1.0 Hotfix (KB2572066) (HKLM\...\KB2572066) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB2604042) (HKLM\...\KB2604042) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB2656378) (HKLM\...\KB2656378) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB953295) (HKLM\...\KB953295) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB979904) (HKLM\...\KB979904) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2698035) (HKLM\...\KB2698035) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2742607) (HKLM\...\KB2742607) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2833951) (HKLM\...\KB2833951) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2904878) (HKLM\...\KB2904878) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version:  - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Drivers Download Utility 3.4.4 (HKLM\...\{8570C6C9-4FD4-4306-8B57-D31A622E3E03}_is1) (Version: 3.4.4 - LionSea Software)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{90110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office XP Professional with FrontPage (HKLM\...\{90280409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version:  - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
MLE (Version: 1.0.0.23 - Corel Corporation) Hidden
MobileMe Control Panel (HKLM\...\{5A9AA2C0-972F-4239-AA41-E409434194D5}) (Version: 3.1.8.0 - Apple Inc.)
Modem Helper (HKLM\...\{7F142D56-3326-11D5-B229-002078017FBF}) (Version: 2.40 - BVRP Software)
Modem On Hold (HKLM\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 1.12 - BVRP Software, Inc)
Mozilla Firefox 41.0 (x86 en-US) (HKLM\...\Mozilla Firefox 41.0 (x86 en-US)) (Version: 41.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 40.0.0.5696 - Mozilla)
MSN (HKLM\...\MSNINST) (Version:  - )
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 6.0 Parser (KB933579) (HKLM\...\{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}) (Version: 6.10.1200.0 - Microsoft Corporation)
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
NewCopy_CDA (Version: 71.0.215.000 - Hewlett-Packard) Hidden
OCR Software by I.R.I.S 7.0 (HKLM\...\HPOCR) (Version: 7.0 - HP)
Otto (HKLM\...\B3EE3001-DC24-4cd1-8743-5692C716659F) (Version:  - )
PanoStandAlone (Version: 70.0.170.000 - Hewlett-Packard) Hidden
Photo Notifier and Animation Creator (HKLM\...\Photo Notifier and Animation Creator) (Version: 1.0.0.1009 - IncrediMail Ltd.)
PhotoMail Maker (HKLM\...\PhotoMail) (Version: 6.0.0.1007 - IncrediMail Ltd.)
PhotoMail Maker (Version: 6.0.0.1007 - IncrediMail) Hidden
ProductContextNPI (Version: 71.0.215.000 - Hewlett-Packard) Hidden
PSPH10Pro (Version: 1.00.0000 - Corel Corporation) Hidden
PSPPContent (Version: 1.00.0000 - Corel Corporation) Hidden
PSPPRO_DCRAW (Version: 13.0.0 - Corel Corporation) Hidden
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
RandMap (Version: 70.0.170.000 - Hewlett-Packard) Hidden
Readme (Version: 71.0.215.000 - Hewlett-Packard) Hidden
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.5377 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Safari (HKLM\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Scan (Version: 7.0.0.0 - Hewlett-Packard) Hidden
ScannerCopy (Version: 7.0.0.0 - Hewlett-Packard) Hidden
Seagate Dashboard (HKLM\...\{C3A11907-930D-41AC-A135-CC3B12F92011}) (Version: 1.1.0.1421 - Memeo Inc.)
Seagate DiscWizard (HKLM\...\{C43E4B9C-14C8-4EB0-998B-85211B6EDD61}) (Version: 11.0.8142 - Seagate)
SeaTools Enterprise (HKLM\...\SeaTools Enterprise) (Version:  - )
SeaTools for Windows (HKLM\...\SeaTools for Windows) (Version: 1.4.0.2 - Seagate Technology)
Segoe UI (Version: 14.0.4327.805 - Microsoft Corp) Hidden
Setup (Version: 1.6.1.109 - Corel Corporation) Hidden
Share (Version: 1.6.1.109 - Corel Corporation) Hidden
SigmaTel Audio (HKLM\...\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}) (Version: 5.10.4600.0 - SigmaTel)
SkinsHP1 (Version: 70.0.170.000 - Hewlett-Packard) Hidden
SlideShow (Version: 70.0.170.000 - Hewlett-Packard) Hidden
SolutionCenter (Version: 70.0.170.000 - Hewlett-Packard) Hidden
Sonic Encoders (HKLM\...\{9941F0AA-B903-4AF4-A055-83A9815CC011}) (Version: 1.00 - Sonic Solutions)
Sonic_PrimoSDK (Version: 70.0.170.000 - Hewlett-Packard) Hidden
Sound Blaster Audigy ADVANCED MB Demo (HKLM\...\CTMBDemo) (Version:  - )
Sound Blaster for Media Center (HKLM\...\Sound Blaster for Media Center) (Version:  - )
Splat! 1.0 (HKLM\...\Splat) (Version:  - )
SpywareBlaster 5.0 (HKLM\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
Status (Version: 70.0.170.000 - Hewlett-Packard) Hidden
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.7.1026 - SUPERAntiSpyware.com)
SweetIM Toolbar for Internet Explorer 3.2 (HKLM\...\{83FA27D5-25B5-4D24-B796-DF742F08A5CF}) (Version: 3.2.0002 - SweetIM Technologies Ltd.) <==== ATTENTION
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Toolbox (Version: 70.0.170.000 - Hewlett-Packard) Hidden
TrayApp (Version: 70.0.170.000 - Hewlett-Packard) Hidden
TuneUp Utilities 2014 (en-US) (Version: 14.0.1000.353 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM\...\TuneUp Utilities) (Version: 14.0.1000.353 - TuneUp Software)
TuneUp Utilities 2014 (Version: 14.0.1000.353 - TuneUp Software) Hidden
Unload (Version: 7.0.0 - Hewlett-Packard) Hidden
Update Rollup 2 for Windows XP Media Center Edition 2005 (HKLM\...\KB900325) (Version:  - Microsoft Corporation)
USB 2.0 Wireless LAN Card Utility (HKLM\...\{A3BC5D37-30F9-4CF7-BD5C-0DFF063E4B6D}) (Version: 8.1.55 - Dell Inc.)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
VIO (Version: 1.6.1.109 - Corel Corporation) Hidden
virtualPhotographer 1.5.6 (HKLM\...\virtualPhotographer_is1) (Version:  - optikVerve Labs)
VLC media player 2.0.3 (HKLM\...\VLC media player) (Version: 2.0.3 - VideoLAN)
Vz In-Home Agent (HKLM\...\VzInHomeAgent) (Version: 9.0.59.0 - Verizon)
WD Diagnostics (HKLM\...\{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}) (Version: 1.09.0002 - Western Digital Technologies)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
WebReg (Version: 70.0.170.000 - Hewlett-Packard) Hidden
WhoCrashed 5.02 (HKLM\...\WhoCrashed_is1) (Version:  - Resplendence Software Projects Sp.)
Windows Installer Clean Up (HKLM\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Sign-in Assistant (HKLM\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Upload Tool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Encoder 9 Series (HKLM\...\Windows Media Encoder 9) (Version:  - )
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version:  - )
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows PowerShell™ 1.0 (HKLM\...\KB926139-v2) (Version: 2 - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB2502898 (HKLM\...\KB2502898) (Version:  - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB2619340 (HKLM\...\KB2619340) (Version:  - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB2628259 (HKLM\...\KB2628259) (Version:  - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB925766 (HKLM\...\KB925766) (Version:  - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB973768 (HKLM\...\KB973768) (Version:  - Microsoft Corporation)
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
WinPatrol (HKLM\...\{84481A87-2316-4923-8FAB-3BA8CA29323D}) (Version: 29.2.2013 - BillP Studios)
WinRAR 5.00 beta 8 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.8 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-606747145-117609710-839522115-1003_Classes\CLSID\{0000002F-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-606747145-117609710-839522115-1003_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-606747145-117609710-839522115-1003_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-606747145-117609710-839522115-1003_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-606747145-117609710-839522115-1003_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-606747145-117609710-839522115-1003_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-606747145-117609710-839522115-1003_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-606747145-117609710-839522115-1003_Classes\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-606747145-117609710-839522115-1003_Classes\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-606747145-117609710-839522115-1003_Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}\InprocServer32 -> C:\Documents and Settings\User\Application Data\Smilebox\MP4Splitter.ax (Gabest)
CustomCLSID: HKU\S-1-5-21-606747145-117609710-839522115-1003_Classes\CLSID\{46763EE0-CAB2-11CE-8C20-00AA0051E5D4}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-606747145-117609710-839522115-1003_Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}\InprocServer32 -> C:\Documents and Settings\User\Application Data\Smilebox\MP4Splitter.ax (Gabest)
CustomCLSID: HKU\S-1-5-21-606747145-117609710-839522115-1003_Classes\CLSID\{6AC7C19E-8CA0-4E3D-9A9F-2881DE29E0AC}\InprocServer32 -> C:\Documents and Settings\User\Application Data\Smilebox\CoreAAC.ax No File
CustomCLSID: HKU\S-1-5-21-606747145-117609710-839522115-1003_Classes\CLSID\{919AB5F1-1C34-47a2-9C02-17128222C7CF}\InprocServer32 -> C:\Documents and Settings\User\Application Data\Smilebox\MP3Encoder.dll No File
CustomCLSID: HKU\S-1-5-21-606747145-117609710-839522115-1003_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-606747145-117609710-839522115-1003_Classes\CLSID\{C98FE784-B96E-41e1-8399-1337AE3E539F}\InprocServer32 -> C:\Documents and Settings\User\Application Data\Facebook\npfbplugin_1_0_3.dll ( )
CustomCLSID: HKU\S-1-5-21-606747145-117609710-839522115-1003_Classes\CLSID\{D3D9D58B-45B5-48AB-B199-B8C40560AEC7}\InprocServer32 -> C:\Documents and Settings\User\Application Data\Smilebox\MP4Splitter.ax (Gabest)
CustomCLSID: HKU\S-1-5-21-606747145-117609710-839522115-1003_Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}\InprocServer32 -> C:\Documents and Settings\User\Application Data\Smilebox\MP4Splitter.ax (Gabest)

==================== Restore Points =========================

31-07-2015 21:10:32 avast! antivirus system restore point
31-07-2015 21:14:31 Installed Windows XP Wdf01009.
01-08-2015 13:01:16 Software Distribution Service 3.0
01-08-2015 17:27:57 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
01-08-2015 17:54:53 Software Distribution Service 3.0
01-08-2015 18:30:47 Software Distribution Service 3.0
07-08-2015 15:46:35 Software Distribution Service 3.0
08-08-2015 15:24:47 Software Distribution Service 3.0
08-08-2015 16:20:55 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
08-08-2015 16:21:51 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
09-08-2015 13:00:18 Software Distribution Service 3.0
09-08-2015 14:18:12 Software Distribution Service 3.0
10-08-2015 14:46:07 Software Distribution Service 3.0
14-08-2015 17:58:51 Software Distribution Service 3.0
15-08-2015 13:54:03 Software Distribution Service 3.0
16-08-2015 19:45:37 System Checkpoint
17-08-2015 21:28:15 System Checkpoint
18-08-2015 22:21:01 System Checkpoint

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2004-08-10 07:00 - 2013-10-21 18:39 - 00000027 ____N C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe

==================== Loaded Modules (Whitelisted) ==============

2015-07-31 21:10 - 2015-07-31 21:10 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-07-31 21:10 - 2015-07-31 21:10 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-08-17 15:32 - 2015-08-17 15:32 - 02961920 _____ () C:\Program Files\AVAST Software\Avast\defs\15081702\algo.dll
2015-08-18 14:44 - 2015-08-18 14:44 - 02961920 _____ () C:\Program Files\AVAST Software\Avast\defs\15081800\algo.dll
2013-08-07 15:25 - 2013-08-07 15:25 - 00093696 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2004-08-10 07:00 - 2011-02-04 18:48 - 00291840 _____ () C:\WINDOWS\system32\sbe.dll
2004-08-10 07:00 - 2013-01-02 02:49 - 01292288 _____ () C:\WINDOWS\system32\quartz.dll
2004-08-10 07:00 - 2008-04-13 20:11 - 00059904 _____ () C:\WINDOWS\system32\devenum.dll
2004-08-10 07:00 - 2008-04-13 20:11 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2014-08-06 13:40 - 2014-08-06 13:40 - 00031080 _____ () C:\Program Files\HTC\HTC Sync Manager\DbAccess.dll
2014-12-18 16:08 - 2014-12-18 16:08 - 00607376 _____ () C:\Program Files\HTC\HTC Sync Manager\sqlite3.dll
2014-08-06 13:41 - 2014-08-06 13:41 - 00059752 _____ () C:\Program Files\HTC\HTC Sync Manager\NAdvLog.dll
2014-08-06 13:41 - 2014-08-06 13:41 - 00036216 _____ () C:\Program Files\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
2014-08-06 13:42 - 2014-08-06 13:42 - 00080248 _____ () C:\Program Files\HTC\HTC Sync Manager\ninstallerhelper.dll
2014-08-06 13:44 - 2014-08-06 13:44 - 00129376 ____C () C:\Program Files\HTC\HTC Sync Manager\zlib1.dll
2014-08-06 13:46 - 2014-08-06 13:46 - 00223592 ____C () C:\Program Files\HTC\HTC Sync Manager\DevConnMon.dll
2015-03-13 23:43 - 2015-07-31 21:10 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-10-17 16:27 - 2013-10-17 16:27 - 00166912 _____ () C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
2008-06-24 18:35 - 2008-06-24 18:35 - 01328408 ____C () C:\Program Files\Seagate\DiscWizard\fox.dll
2007-06-05 14:20 - 2007-06-05 14:20 - 00177704 _____ () C:\WINDOWS\system32\PSIService.exe
2014-12-18 16:10 - 2014-12-18 16:10 - 00821600 _____ () C:\Program Files\HTC\HTC Sync Manager\HTC Sync\adb.exe
2014-11-19 23:14 - 2014-11-19 23:14 - 00438336 _____ () C:\Program Files\Evernote\Evernote\libxml2.dll
2014-11-19 23:14 - 2014-11-19 23:14 - 00320064 _____ () C:\Program Files\Evernote\Evernote\libtidy.dll
2013-07-09 17:37 - 2013-07-09 17:37 - 03391488 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_b4eed146\mscorlib.dll
2013-07-09 17:24 - 2013-07-09 17:24 - 03035136 ____C () c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_9a0d88b2\system.windows.forms.dll
2013-07-09 17:37 - 2013-07-09 17:37 - 00843776 ____C () c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_b769fb61\system.drawing.dll
2013-07-09 17:24 - 2013-07-09 17:24 - 01966080 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_5f21cab9\system.dll
2013-07-09 17:36 - 2013-07-09 17:36 - 02088960 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_8c2dcaf2\system.xml.dll
2005-10-20 11:36 - 2005-10-20 11:36 - 00065536 ___RC () C:\Program Files\Hewlett-Packard\Digital Imaging\bin\crm\xmlparse.dll
2005-10-20 11:36 - 2005-10-20 11:36 - 00077824 ___RC () C:\Program Files\Hewlett-Packard\Digital Imaging\bin\crm\xmltok.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
IE restricted site: HKU\.DEFAULT\...\123topsearch.com -> www.123topsearch.com
IE restricted site: HKU\.DEFAULT\...\125sms.co.uk -> www.125sms.co.uk

There are 5318 more restricted sites.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-606747145-117609710-839522115-1003\Control Panel\Desktop\\Wallpaper -> C:\Documents and Settings\User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
DNS Servers: 192.168.1.1
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Documents and Settings^User^Start Menu^Programs^Startup^Memeo AutoBackup Launcher.lnk => C:\WINDOWS\pss\Memeo AutoBackup Launcher.lnkStartup
MSCONFIG\startupreg: Corel Photo Downloader => "C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" -startup
MSCONFIG\startupreg: DeviceDiscovery => C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
MSCONFIG\startupreg: HP Software Update => "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
MSCONFIG\startupreg: IncrediMail => C:\Program Files\IncrediMail\bin\IncMail.exe /c
MSCONFIG\startupreg: Memeo AutoSync => C:\Program Files\Memeo\AutoSync\MemeoLauncher2.exe --silent
MSCONFIG\startupreg: MSMSGS => "C:\Program Files\Messenger\msmsgs.exe" /background
MSCONFIG\startupreg: msnmsgr => "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: Seagate Dashboard => C:\Program Files\Seagate\Seagate Dashboard\MemeoLauncher.exe --silent --no_ui
MSCONFIG\startupreg: WinPatrol => C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

DomainProfile\AuthorizedApplications: [C:\Program Files\Windows Live\Messenger\wlcsdk.exe] => Enabled:Windows Live Call
DomainProfile\AuthorizedApplications: [C:\Program Files\Windows Live\Messenger\msnmsgr.exe] => Enabled:Windows Live Messenger
DomainProfile\AuthorizedApplications: [C:\Program Files\Sleek Bill\libj\launch4j-tmp\Sleek Bill.exe] => Enabled:Java™ Platform SE binary
DomainProfile\AuthorizedApplications: [C:\Program Files\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe] => :LocalSubNet:Enabled:BlackBerry Link Tunnel Manager (TCP)
DomainProfile\AuthorizedApplications: [C:\Program Files\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe] => :LocalSubNet:Enabled:BlackBerry Link MDNS Service (TCP)
DomainProfile\AuthorizedApplications: [C:\Program Files\Common Files\Research In Motion\nginx\nginx.exe] => :LocalSubNet:Enabled:BlackBerry Link Service (Nginx)
DomainProfile\AuthorizedApplications: [C:\Program Files\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe] => :LocalSubNet:Enabled:BlackBerry Link Peer Manager
DomainProfile\AuthorizedApplications: [C:\Program Files\HTC\HTC Sync Manager\HTCSyncManager.exe] => Enabled:HTCSyncManager
StandardProfile\AuthorizedApplications: [C:\Program Files\Messenger\msmsgs.exe] => Enabled:Windows Messenger
StandardProfile\AuthorizedApplications: [C:\Program Files\IncrediMail\bin\ImApp.exe] => Enabled:IncrediMail
StandardProfile\AuthorizedApplications: [C:\Program Files\IncrediMail\bin\IncMail.exe] => Enabled:IncrediMail
StandardProfile\AuthorizedApplications: [C:\Program Files\IncrediMail\bin\ImpCnt.exe] => Enabled:IncrediMail
StandardProfile\AuthorizedApplications: [C:\Program Files\IncrediMail\bin\ImLc.exe] => Enabled:IncrediMail
StandardProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe] => Enabled:hpqtra08.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqste08.exe] => Enabled:hpqste08.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpofxm08.exe] => Enabled:hpofxm08.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposfx08.exe] => Enabled:hposfx08.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposid01.exe] => Enabled:hposid01.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqscnvw.exe] => Enabled:hpqscnvw.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqkygrp.exe] => Enabled:hpqkygrp.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqCopy.exe] => Enabled:hpqcopy.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpfccopy.exe] => Enabled:hpfccopy.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpzwiz01.exe] => Enabled:hpzwiz01.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\HpqPhUnl.exe] => Enabled:hpqphunl.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\HpqDIA.exe] => Enabled:hpqdia.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoews01.exe] => Enabled:hpoews01.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqnrs08.exe] => Enabled:hpqnrs08.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\QuickTime\QuickTimePlayer.exe] => Enabled:QuickTime Player
StandardProfile\AuthorizedApplications: [C:\Program Files\Bonjour\mDNSResponder.exe] => Enabled:Bonjour Service
StandardProfile\AuthorizedApplications: [C:\Documents and Settings\User\Local Settings\Application Data\IM\Runtime\IncrediMail_Install.exe] => Enabled:IncrediMail Installer
StandardProfile\AuthorizedApplications: [C:\Program Files\Windows Live\Messenger\wlcsdk.exe] => Enabled:Windows Live Call
StandardProfile\AuthorizedApplications: [C:\Program Files\Windows Live\Messenger\msnmsgr.exe] => Enabled:Windows Live Messenger
StandardProfile\AuthorizedApplications: [C:\Program Files\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe] => Enabled:SeagateHipServAgent
StandardProfile\AuthorizedApplications: [C:\Program Files\Mozilla Firefox\plugin-container.exe] => Enabled:Plugin Container for Firefox
StandardProfile\AuthorizedApplications: [C:\Program Files\HTC\HTC Sync Manager\HTCSyncManager.exe] => Enabled:HTCSyncManager
StandardProfile\AuthorizedApplications: [C:\Program Files\HP\HP ENVY 5530 series\Bin\DeviceSetup.exe] => :LocalSubNet:Enabled:HP Device Setup (HP ENVY 5530 series)
StandardProfile\AuthorizedApplications: [C:\Program Files\HP\HP ENVY 5530 series\Bin\HPNetworkCommunicatorCom.exe] => :LocalSubNet:Enabled:HP Network Communicator COM (HP ENVY 5530 series)
StandardProfile\AuthorizedApplications: [C:\Program Files\iTunes\iTunes.exe] => Enabled:iTunes
StandardProfile\AuthorizedApplications: [C:\Program Files\Mozilla Firefox\firefox.exe] => Enabled:Firefox (C:\Program Files\Mozilla Firefox)
StandardProfile\GloballyOpenPorts: [57384:TCP] => Enabled:Pando P2P TCP Listening Port
StandardProfile\GloballyOpenPorts: [57384:UDP] => Enabled:Pando P2P UDP Listening Port
StandardProfile\GloballyOpenPorts: [1900:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22007
StandardProfile\GloballyOpenPorts: [57428:TCP] => Enabled:Pando
StandardProfile\GloballyOpenPorts: [57428:UDP] => Enabled:Pando
StandardProfile\GloballyOpenPorts: [56090:TCP] => Enabled:Pando
StandardProfile\GloballyOpenPorts: [56090:UDP] => Enabled:Pando
StandardProfile\GloballyOpenPorts: [67:UDP] => Enabled:DHCP Server
StandardProfile\GloballyOpenPorts: [5357:TCP] => Enabled:WS-Eventing TCP Port 5357

==================== Faulty Device Manager Devices =============

Name: RADEON X300 SE 128MB HyperMemory Secondary
Description: RADEON X300 SE 128MB HyperMemory Secondary
Class Guid:  TI Technologies Inc.
Manufacturer: ATI Technologies Inc.
Service: ati2mtag
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Parport
Description: Parport
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Parport
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Serial
Description: Serial
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Serial
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/17/2015 05:41:47 PM) (Source: Application Hang) (EventID: 1001) (User: )
Description: Fault bucket 145516964.

Error: (08/17/2015 05:40:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application plugin-container.exe, version 41.0.0.5701, faulting module mozglue.dll, version 41.0.0.5701, fault address 0x0000f23c.
Processing media-specific event for [plugin-container.exe!ws!]

Error: (08/17/2015 05:40:50 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application firefox.exe, version 41.0.0.5701, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (08/17/2015 12:51:49 AM) (Source: Application Hang) (EventID: 1001) (User: )
Description: Fault bucket 145516964.

Error: (08/17/2015 12:51:48 AM) (Source: Application Error) (EventID: 1001) (User: )
Description: Fault bucket 145514501.
The Wep key exchange did not result in a secure connection setup after 802.1x authentication.  The current setting has been marked as failed and the Wireless connection will be disconnected.

Error: (08/17/2015 12:51:30 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application plugin-container.exe, version 41.0.0.5701, faulting module mozglue.dll, version 41.0.0.5701, fault address 0x0000f23c.
Processing media-specific event for [plugin-container.exe!ws!]

Error: (08/17/2015 12:51:22 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application firefox.exe, version 41.0.0.5701, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (08/17/2015 12:18:31 AM) (Source: Application Hang) (EventID: 1001) (User: )
Description: Fault bucket 145516964.

Error: (08/17/2015 12:18:29 AM) (Source: Application Error) (EventID: 1001) (User: )
Description: Fault bucket 145514501.
The Wep key exchange did not result in a secure connection setup after 802.1x authentication.  The current setting has been marked as failed and the Wireless connection will be disconnected.

Error: (08/17/2015 12:18:23 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application plugin-container.exe, version 41.0.0.5701, faulting module mozglue.dll, version 41.0.0.5701, fault address 0x0000f23c.
Processing media-specific event for [plugin-container.exe!ws!]


System errors:
=============

Microsoft Office:
=========================
Error: (08/17/2015 05:41:47 PM) (Source: Application Hang) (EventID: 1001) (User: )
Description: 145516964

Error: (08/17/2015 05:40:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe41.0.0.5701mozglue.dll41.0.0.57010000f23c

Error: (08/17/2015 05:40:50 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: firefox.exe41.0.0.5701hungapp0.0.0.000000000

Error: (08/17/2015 12:51:49 AM) (Source: Application Hang) (EventID: 1001) (User: )
Description: 145516964

Error: (08/17/2015 12:51:48 AM) (Source: Application Error) (EventID: 1001) (User: )
Description: 145514501

Error: (08/17/2015 12:51:30 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe41.0.0.5701mozglue.dll41.0.0.57010000f23c

Error: (08/17/2015 12:51:22 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: firefox.exe41.0.0.5701hungapp0.0.0.000000000

Error: (08/17/2015 12:18:31 AM) (Source: Application Hang) (EventID: 1001) (User: )
Description: 145516964

Error: (08/17/2015 12:18:29 AM) (Source: Application Error) (EventID: 1001) (User: )
Description: 145514501

Error: (08/17/2015 12:18:23 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe41.0.0.5701mozglue.dll41.0.0.57010000f23c


==================== Memory info ===========================

Processor:  Intel® Pentium® D CPU 3.00GHz
Percentage of memory in use: 37%
Total physical RAM: 2046.09 MB
Available physical RAM: 1288.75 MB
Total Virtual: 3934.98 MB
Available Virtual: 3301.07 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.76 GB) (Free:224.47 GB) NTFS ==>[drive with boot components (Windows XP)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 465.8 GB) (Disk ID: 208B3481)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End of log ============================

 

 

 

 

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:17-08-2015
Ran by User (administrator) on LEXY (19-08-2015 03:13:33)
Running from C:\Documents and Settings\User\Desktop
Loaded Profiles: User (Available Profiles: User & Administrator & Guest)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) Language: English (United States)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Conexant Systems, Inc.) C:\WINDOWS\system32\PRISMSVR.exe
(Creative Technology Ltd) C:\Program Files\Creative\Shared Files\CTAudSvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Creative Technology Ltd) C:\WINDOWS\system32\CTSVCCDA.EXE
(Microsoft Corporation) C:\WINDOWS\ehome\ehrecvr.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehSched.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Nero AG) C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Creative Technology Ltd) C:\WINDOWS\system32\CtHelper.exe
(Seagate) C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehtray.exe
(Seagate) C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe
(Creative Technology Ltd) C:\Program Files\Creative\DVDAudio\CTDVDDET.exe
() C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
(Acronis) C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe
(Conexant Systems, Inc.) C:\WINDOWS\system32\PRISMSVC.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
() C:\WINDOWS\system32\PSIService.exe
(DivX, LLC) C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Memeo) C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe
(Creative Technology Ltd) C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
() C:\Program Files\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Seagate) C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
(Dell Inc.) C:\Program Files\Dell Wireless\PRISMCFG.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files\Evernote\Evernote\EvernoteClipper.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqimzone.exe
(Microsoft Corporation) C:\WINDOWS\ehome\mcrdsvc.exe
(Microsoft Corporation) C:\WINDOWS\system32\dllhost.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesApp32.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqste08.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehmsas.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Corel) C:\Program Files\Common Files\Corel\Standby\Standby.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6109776 2015-07-31] (AVAST Software)
HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k
HKLM\...\Run: [CTHelper] => C:\WINDOWS\system32\CTHELPER.EXE [19456 2010-03-18] (Creative Technology Ltd)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [UserFaultCheck] => %systemroot%\system32\dumprep 0 -u
HKLM\...\Run: [Standby] => c:\Program Files\Common Files\Corel\Standby\Standby.exe [105632 2010-01-07] (Corel)
HKLM\...\Run: [SigmatelSysTrayApp] => C:\WINDOWS\stsystra.exe [339968 2005-03-22] (SigmaTel, Inc.)
HKLM\...\Run: [Seagate Scheduler2 Service] => C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe [136472 2008-06-24] (Seagate)
HKLM\...\Run: [NeroCheck] => C:\WINDOWS\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM\...\Run: [ehTray] => C:\WINDOWS\ehome\ehtray.exe [64512 2005-08-05] (Microsoft Corporation)
HKLM\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [448520 2015-06-24] (DivX, LLC)
HKLM\...\Run: [DiscWizardMonitor.exe] => C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe [1325848 2008-06-24] (Seagate)
HKLM\...\Run: [CTxfiHlp] => C:\WINDOWS\system32\CTXFIHLP.EXE [19968 2007-04-09] (Creative Technology Ltd)
HKLM\...\Run: [CTDVDDET] => C:\Program Files\Creative\DVDAudio\CTDVDDET.EXE [45056 2003-06-18] (Creative Technology Ltd)
HKLM\...\Run: [ATIPTA] => C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [344064 2006-02-09] (ATI Technologies, Inc.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-02-13] (Apple Inc.)
HKLM\...\Run: [AppleSyncNotifier] => C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2012-02-23] (Apple Inc.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM\...\Run: [AcronisTimounterMonitor] => C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe [904768 2008-06-24] (Acronis)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKLM\...\Run: [DivXUpdate] => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861640 2015-06-26] (DivX, LLC)
Winlogon\Notify\PRISMAPI.DLL: C:\WINDOWS\system32\PRISMAPI.DLL [2006-10-12] (Conexant Systems, Inc.)
HKU\S-1-5-21-606747145-117609710-839522115-1003\...\Run: [Creative Detector] => C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe [102400 2004-12-02] (Creative Technology Ltd)
HKU\S-1-5-18\...\Run: [DWQueuedReporting] => c:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE [437160 2007-02-26] (Microsoft Corporation)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2015-03-17]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Development Company, L.P.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Photosmart Premier Fast Start.lnk [2015-03-17]
ShortcutTarget: HP Photosmart Premier Fast Start.lnk -> C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Development Company, L.P.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Wireless USB 2.0 WLAN Card Utility.lnk [2015-03-17]
ShortcutTarget: Wireless USB 2.0 WLAN Card Utility.lnk -> C:\Program Files\Dell Wireless\PRISMCFG.exe (Dell Inc.)
Startup: C:\Documents and Settings\User\Start Menu\Programs\Startup\Adobe Gamma.lnk [2015-03-17]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Documents and Settings\User\Start Menu\Programs\Startup\EvernoteClipper.lnk [2015-03-17]
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Documents and Settings\User\Start Menu\Programs\Startup\Monitor Ink Alerts - HP ENVY 5530 series.lnk [2015-02-16]
ShortcutTarget: Monitor Ink Alerts - HP ENVY 5530 series.lnk -> C:\Program Files\HP\HP ENVY 5530 series\Bin\HPStatusBL.dll (Hewlett-Packard Development Company, LP)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-07-31] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.msn.com/spbasic.htm
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://securityresponse.symantec.com/avcenter/fix_homepage
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.msn.com/spbasic.htm
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://securityresponse.symantec.com/avcenter/fix_homepage
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-606747145-117609710-839522115-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-606747145-117609710-839522115-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.optimum.net
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-07-31] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-31] (AVAST Software)
BHO: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files\Evernote\Evernote\EvernoteIE.dll [2014-11-19] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-31] (Oracle Corporation)
DPF: {000F1EA4-5E08-4564-A29B-29076F63A37A} hxxp://launch.soe.com/plugin/web/SOEWebInstaller.cab
DPF: {04063354-A10E-4427-A1EC-F3CC81587BC6} hxxp://www.worldwinner.com/games/v41/mines/mines.cab
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} hxxp://download.microsoft.com/download/e/7/3/e7345c16-80aa-4488-ae10-9ac6be844f99/OGAControl.cab
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} hxxp://www.worldwinner.com/games/v47/shared/FunGamesLoader.cab
DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} hxxp://www.pandasecurity.com/activescan/cabs/as2stubie.cab
DPF: {38AB6A6C-CC4C-4F9E-A3DD-3C5681EF18A1} hxxp://www-cdn.freerealms.com/gamedata/plugins/1.0.3.93/FreeRealmsInstaller.cab?v=1044
DPF: {41D1977F-4161-4720-800F-EA4903983A38} hxxp://www.worldwinner.com/games/v43/jigsaw/jigsaw.cab
DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} hxxp://www.worldwinner.com/games/v46/bejeweled/bejeweled.cab
DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} hxxps://webdl.symantec.com/activex/symdlmgr.cab
DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1229566731421
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} hxxp://www.worldwinner.com/games/shared/wwlaunch.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {A52FBD2B-7AB3-4F6B-90E3-91C772C5D00F} hxxp://www.worldwinner.com/games/v57/wof/wof.cab
DPF: {AC2881FD-5760-46DB-83AE-20A5C6432A7E} hxxp://www.worldwinner.com/games/v67/swapit/swapit.cab
DPF: {B06CE1BC-5D9D-4676-BD28-1752DBF394E0} hxxp://www.worldwinner.com/games/v41/hangman/hangman.cab
DPF: {BA94245D-2AA0-4953-9D9F-B0EE4CC02C43} hxxp://www.worldwinner.com/games/v42/tilecity/tilecity.cab
DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} hxxp://support.dell.com/systemprofiler/DellSystemLite.CAB
DPF: {C5326A4D-E9AA-40AD-A09A-E74304D86B47} hxxp://www.worldwinner.com/games/v50/dinerdash/dinerdash.cab
DPF: {C93C1C34-CEA9-49B1-9046-040F59E0E0D8} hxxp://www.worldwinner.com/games/v43/paint/paint.cab
DPF: {CF969D51-F764-4FBF-9E90-475248601C8A} hxxp://www.worldwinner.com/games/v47/familyfeud/familyfeud.cab
DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2013-04-16] (Belarc, Inc.)
Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll [2003-10-23] (Hewlett-Packard Company)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL [2000-04-19] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [115440 2013-05-07] (SuperAdBlocker.com)
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{790037EE-CA28-4D5D-A87B-30D5B806EC54}: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\p7xknqud.default-1438391621209
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-14] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1207148.dll [2013-12-05] (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin: @divx.com/DivX Content Upload Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Content Uploader\npUpload.dll [2008-02-20] (DivX,Inc.)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll [2015-06-29] (DivX, LLC)
FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-31] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-31] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @soe.sony.com/installer,version=1.0.3 -> C:\WINDOWS\Downloaded Program Files\CONFLICT.2\npsoe.dll [2010-09-30] ()
FF Plugin: @videolan.org/vlc,version=2.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-07-19] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-606747145-117609710-839522115-1003: @facebook.com/FBPlugin,version=1.0.3 -> C:\Documents and Settings\User\Application Data\Facebook\npfbplugin_1_0_3.dll [2010-06-09] ( )
FF user.js: detected! => C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\p7xknqud.default-1438391621209\user.js [2015-07-31]
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-05-08] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2014-10-24] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2014-10-24] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2014-10-24] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2014-10-24] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2014-10-24] (Apple Inc.)
FF Extension: Spanish (Venezuela) spell check dictionary - C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\p7xknqud.default-1438391621209\Extensions\[email protected] [2015-08-08]
FF Extension: Great Find - C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\p7xknqud.default-1438391621209\Extensions\{1472391e-5578-45fd-9d60-7bb30cee1cce}.xpi [2015-07-31]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-02-06]
FF HKLM\...\Firefox\Extensions: [{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}] - C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-11-05]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2015-08-14]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-31]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [120088 2013-10-10] (SUPERAntiSpyware.com)
R2 6to4; C:\WINDOWS\System32\6to4svc.dll [100864 2010-02-12] (Microsoft Corporation)
S3 Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-07-16] (Adobe Systems) [File not signed]
R2 Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [602112 2010-02-11] (ATI Technologies Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-07-31] (AVAST Software)
S4 Creative Audio Engine Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2014-07-06] (Creative Labs) [File not signed]
S3 Creative Labs Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe [69632 2014-06-12] (Creative Labs) [File not signed]
R2 Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.exe [44032 1999-12-13] (Creative Technology Ltd) [File not signed]
R2 CTAudSvcService; C:\Program Files\Creative\Shared Files\CTAudSvc.exe [286720 2010-02-12] (Creative Technology Ltd) [File not signed]
R2 HTCMonitorService; C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-08-04] (Nero AG)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 McrdSvc; C:\WINDOWS\ehome\mcrdsvc.exe [99328 2005-08-05] (Microsoft Corporation)
S3 MHN; C:\WINDOWS\System32\mhn.dll [85504 2004-08-10] (Microsoft Corporation) [File not signed]
R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
R2 PRISMSVC; C:\WINDOWS\system32\PRISMSVC.EXE [61529 2006-10-12] (Conexant Systems, Inc.) [File not signed]
R2 ProtexisLicensing; C:\WINDOWS\system32\PSIService.exe [177704 2007-06-05] ()
R2 SeagateDashboardService; C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe [14088 2011-06-01] (Memeo)
R2 SgtSch2Svc; C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe [431384 2008-06-24] (Seagate)
R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe [1781048 2015-06-25] (TuneUp Software)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [20747 2006-10-26] (Meetinghouse Data Communications) [File not signed]
R1 AFS2K; C:\WINDOWS\system32\Drivers\AFS2K.sys [35840 2004-10-07] (Oak Technology Inc.)
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24016 2015-07-31] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [76000 2015-07-31] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55200 2015-07-31] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49776 2015-07-31] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [788784 2015-07-31] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [433264 2015-07-31] (AVAST Software)
R3 aswStmXP; C:\WINDOWS\system32\drivers\aswStmXP.sys [161472 2015-07-31] (AVAST Software)
S3 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57888 2015-07-31] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [208664 2015-07-31] (AVAST Software)
R3 ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [3565056 2010-02-11] (ATI Technologies Inc.) [File not signed]
R1 BANTExt; C:\WINDOWS\System32\Drivers\BANTExt.sys [3840 2013-09-10] () [File not signed]
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
S0 cercsr6; C:\WINDOWS\system32\Drivers\cercsr6.sys [39904 2004-12-13] (Adaptec, Inc.) [File not signed]
S3 COMMONFX; C:\WINDOWS\System32\drivers\COMMONFX.SYS [99416 2010-03-18] (Creative Technology Ltd)
R3 COMMONFX.SYS; C:\WINDOWS\System32\drivers\COMMONFX.SYS [99416 2010-03-18] (Creative Technology Ltd)
S3 CT20XUT.DLL; C:\WINDOWS\System32\CT20XUT.DLL [164608 2007-04-12] (Creative Technology Ltd.) [File not signed]
S3 CTAUDFX; C:\WINDOWS\System32\drivers\CTAUDFX.SYS [555096 2010-03-18] (Creative Technology Ltd)
R3 CTAUDFX.SYS; C:\WINDOWS\System32\drivers\CTAUDFX.SYS [555096 2010-03-18] (Creative Technology Ltd)
S3 ctdvda2k; C:\WINDOWS\System32\drivers\ctdvda2k.sys [347144 2010-03-18] (Creative Technology Ltd)
S3 CTEAPSFX.DLL; C:\WINDOWS\System32\CTEAPSFX.DLL [168192 2007-04-12] (Creative Technology Ltd) [File not signed]
S3 CTEDSPFX.DLL; C:\WINDOWS\System32\CTEDSPFX.DLL [280320 2007-04-12] (Creative Technology Ltd) [File not signed]
S3 CTEDSPIO.DLL; C:\WINDOWS\System32\CTEDSPIO.DLL [128768 2007-04-12] (Creative Technology Ltd) [File not signed]
S3 CTEDSPSY.DLL; C:\WINDOWS\System32\CTEDSPSY.DLL [323328 2007-04-12] (Creative Technology Ltd) [File not signed]
S3 CTERFXFX; C:\WINDOWS\System32\drivers\CTERFXFX.SYS [100952 2010-03-18] (Creative Technology Ltd)
S3 CTERFXFX.SYS; C:\WINDOWS\System32\drivers\CTERFXFX.SYS [100952 2010-03-18] (Creative Technology Ltd)
S3 CTEXFIFX.DLL; C:\WINDOWS\System32\CTEXFIFX.DLL [1317632 2007-04-12] (Creative Technology Ltd.) [File not signed]
S3 CTHWIUT.DLL; C:\WINDOWS\System32\CTHWIUT.DLL [66816 2007-04-12] (Creative Technology Ltd.) [File not signed]
S3 CTSBLFX; C:\WINDOWS\System32\drivers\CTSBLFX.SYS [566360 2010-03-18] (Creative Technology Ltd)
R3 CTSBLFX.SYS; C:\WINDOWS\System32\drivers\CTSBLFX.SYS [566360 2010-03-18] (Creative Technology Ltd)
R1 ElRawDisk; C:\WINDOWS\system32\drivers\rsdrv.sys [22312 2009-02-12] (EldoS Corporation)
R3 gameenum; C:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2008-04-13] (Microsoft Corporation)
R3 ha10kx2k; C:\WINDOWS\System32\drivers\ha10kx2k.sys [798808 2010-03-18] (Creative Technology Ltd)
R3 hap16v2k; C:\WINDOWS\System32\drivers\hap16v2k.sys [162904 2010-03-18] (Creative Technology Ltd)
S3 hap17v2k; C:\WINDOWS\System32\drivers\hap17v2k.sys [189528 2010-03-18] (Creative Technology Ltd)
S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49664 2006-04-12] (HP)
S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2006-04-12] (HP)
S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2006-04-12] (HP)
R3 IntelC51; C:\WINDOWS\System32\DRIVERS\IntelC51.sys [1339776 2005-05-06] (Intel Corporation)
R3 IntelC52; C:\WINDOWS\System32\DRIVERS\IntelC52.sys [618880 2006-03-02] (Intel Corporation)
R3 IntelC53; C:\WINDOWS\System32\DRIVERS\IntelC53.sys [47360 2005-05-06] (Intel Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2015-06-18] (Malwarebytes Corporation)
S3 MHNDRV; C:\WINDOWS\System32\DRIVERS\mhndrv.sys [11008 2004-08-10] (Microsoft Corporation) [File not signed]
R3 mohfilt; C:\WINDOWS\System32\DRIVERS\mohfilt.sys [36880 2005-05-06] (Intel Corporation)
R0 MxEFUF; C:\WINDOWS\System32\DRIVERS\MxEFUF32.sys [102728 2010-11-04] (Matrox Graphics Inc.)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
S3 Netaapl; C:\WINDOWS\System32\DRIVERS\netaapl.sys [18432 2011-05-10] (Apple Inc.) [File not signed]
S3 NuidFltr; C:\WINDOWS\System32\DRIVERS\NuidFltr.sys [18856 2007-08-31] (Microsoft Corporation)
S3 qcserxp; C:\WINDOWS\System32\DRIVERS\qcserxp.sys [103424 2009-01-24] (QUALCOMM Incorporated)
S3 RimUsb; C:\WINDOWS\System32\Drivers\RimUsb.sys [68096 2013-12-02] (BlackBerry Limited)
S3 rimvndis; C:\WINDOWS\System32\Drivers\rimvndis.sys [12800 2014-06-23] (Research in Motion Limited)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SONYPVU1; C:\WINDOWS\System32\DRIVERS\SONYPVU1.SYS [7552 2001-08-17] (Sony Corporation)
S3 SQTECH905C; C:\WINDOWS\System32\Drivers\Capt905c.sys [37760 2007-05-18] (Service & Quality Technology.) [File not signed]
R3 STHDA; C:\WINDOWS\System32\drivers\sthda.sys [1047816 2005-11-16] (SigmaTel, Inc.)
R1 Tcpip6; C:\WINDOWS\System32\DRIVERS\tcpip6.sys [226880 2010-02-11] (Microsoft Corporation)
R0 tdrpman; C:\WINDOWS\System32\DRIVERS\tdrpman.sys [368480 2012-07-21] (Acronis)
R2 tifsfilter; C:\WINDOWS\System32\DRIVERS\tifsfilt.sys [44384 2012-07-21] (Acronis)
R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesDriver32.sys [30632 2015-06-04] (TuneUp Software)
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

NETSVC: MHN -> C:\Windows\System32\mhn.dll (Microsoft Corporation)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-14 20:58 - 2015-08-15 13:52 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-08-14 18:55 - 2015-08-14 19:55 - 09284296 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerInstaller.exe
2015-08-02 22:51 - 2015-08-02 22:51 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\Application Data\TuneUp Software
2015-08-02 22:51 - 2015-08-02 22:51 - 00000000 ____D C:\Documents and Settings\LocalService\Application Data\TuneUp Software
2015-08-01 18:43 - 2015-08-01 18:43 - 00000000 ____D C:\Avenger
2015-08-01 17:34 - 2015-08-01 17:34 - 00000000 ____D C:\Documents and Settings\User\My Documents\Updater
2015-07-31 23:52 - 2015-08-18 04:12 - 00065536 _____ C:\WINDOWS\system32\config\TuneUp.evt
2015-07-31 23:52 - 2015-06-25 07:53 - 00036664 _____ (TuneUp Software) C:\WINDOWS\system32\TURegOpt.exe
2015-07-31 23:51 - 2015-07-31 23:51 - 00001747 _____ C:\Documents and Settings\All Users\Start Menu\Programs\TuneUp Utilities 2014.lnk
2015-07-31 23:51 - 2015-07-31 23:51 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\TuneUp Utilities 2014
2015-07-31 23:50 - 2015-08-01 00:05 - 00000000 ____D C:\Program Files\TuneUp Utilities 2014
2015-07-31 23:50 - 2015-07-31 23:50 - 00000000 ____D C:\Documents and Settings\User\Local Settings\Application Data\TuneUp Software
2015-07-31 23:50 - 2015-07-31 23:50 - 00000000 ____D C:\Documents and Settings\User\Application Data\TuneUp Software
2015-07-31 23:48 - 2015-07-31 23:52 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\TuneUp Software
2015-07-31 23:47 - 2015-07-31 23:47 - 00000000 ____D C:\Documents and Settings\User\Application Data\RHEng
2015-07-31 21:23 - 2015-07-31 21:23 - 00000000 ____D C:\Program Files\Common Files\Java
2015-07-31 21:13 - 2015-07-31 21:13 - 00000000 ____D C:\Documents and Settings\User\Desktop\Old Firefox Data
2015-07-31 21:11 - 2015-07-31 21:10 - 00161472 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStmXP.sys
2015-07-31 21:10 - 2015-07-31 21:10 - 00313472 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-07-31 21:10 - 2015-07-31 21:10 - 00043112 _____ (AVAST Software) C:\WINDOWS\avastSS.scr

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-19 03:14 - 2014-05-14 00:06 - 00028824 _____ C:\Documents and Settings\User\Desktop\FRST.txt
2015-08-19 03:14 - 2007-12-20 12:44 - 00000000 ____D C:\Documents and Settings\User\Local Settings\Temp
2015-08-19 03:13 - 2014-05-08 10:09 - 00000000 ____D C:\FRST
2015-08-19 03:11 - 2014-06-29 15:56 - 00000000 ____D C:\Documents and Settings\User\Desktop\FRST-OlderVersion
2015-08-19 03:11 - 2014-05-13 20:57 - 01677312 _____ (Farbar) C:\Documents and Settings\User\Desktop\FRST.exe
2015-08-19 02:55 - 2012-08-22 11:12 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-08-18 23:55 - 2007-12-20 12:43 - 00032628 _____ C:\WINDOWS\SchedLgU.Txt
2015-08-18 21:11 - 2013-11-05 12:11 - 00000364 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job
2015-08-18 15:09 - 2008-12-31 05:06 - 01220772 _____ C:\WINDOWS\WindowsUpdate.log
2015-08-18 14:42 - 2013-12-02 23:10 - 00000000 ____D C:\Documents and Settings\User\Local Settings\Application Data\HTC MediaHub
2015-08-18 14:41 - 2007-12-30 19:38 - 00000159 _____ C:\WINDOWS\wiadebug.log
2015-08-18 14:41 - 2007-12-30 19:38 - 00000049 _____ C:\WINDOWS\wiaservc.log
2015-08-18 14:41 - 2007-12-20 12:43 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-08-18 14:41 - 2007-12-20 12:33 - 00000000 ____D C:\WINDOWS\Registration
2015-08-18 04:12 - 2014-12-12 03:46 - 02900256 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2015-08-18 04:12 - 2007-12-20 12:44 - 00000278 ___SH C:\Documents and Settings\User\ntuser.ini
2015-08-18 04:11 - 2014-07-06 02:33 - 04935328 _____ C:\WINDOWS\{00000005-00000000-00000002-00001102-00000004-20061102}.BAK
2015-08-18 04:11 - 2014-07-06 02:32 - 04935328 _____ C:\WINDOWS\{00000005-00000000-00000002-00001102-00000004-20061102}.CDF
2015-08-16 20:28 - 2010-01-16 18:17 - 00000284 _____ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2015-08-16 02:56 - 2012-07-22 16:52 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-08-14 19:56 - 2012-07-22 17:58 - 00778440 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-08-14 19:56 - 2012-03-15 14:47 - 00142536 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-08-14 17:56 - 2004-08-10 07:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2015-08-09 14:25 - 2014-05-14 19:36 - 00711473 _____ C:\WINDOWS\setupapi.log
2015-08-09 07:29 - 2015-03-17 17:48 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Package Cache
2015-08-08 21:41 - 2015-03-17 03:19 - 00050587 _____ C:\Documents and Settings\User\Desktop\Addition.txt
2015-08-02 23:22 - 2007-12-22 22:58 - 00205312 ____C C:\Documents and Settings\User\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-08-01 18:43 - 2010-08-02 15:23 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2286198$
2015-08-01 18:43 - 2009-10-15 18:35 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB953295$
2015-08-01 16:18 - 2014-06-29 15:49 - 00098520 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-08-01 16:17 - 2014-12-20 19:03 - 00000777 _____ C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2015-08-01 16:17 - 2014-06-29 15:48 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2015-08-01 16:17 - 2014-06-29 15:48 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
2015-08-01 03:07 - 2013-10-24 01:12 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\TEMP
2015-08-01 02:39 - 2015-02-16 21:39 - 00000000 ____D C:\Documents and Settings\User\Application Data\HpUpdate
2015-08-01 02:39 - 2014-07-27 21:58 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware
2015-08-01 02:39 - 2014-02-13 18:02 - 00000000 __HDC C:\Documents and Settings\All Users\Application Data\{C6829A37-2437-4FB1-BA29-7FAAC442ACC3}
2015-08-01 02:39 - 2013-05-08 20:59 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\7-Zip
2015-08-01 02:39 - 2010-07-07 17:39 - 00000000 ____D C:\Documents and Settings\User\Local Settings\Application Data\Downloaded Installations
2015-08-01 02:39 - 2010-04-13 15:50 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2015-08-01 02:39 - 2009-09-10 00:28 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2015-08-01 02:39 - 2009-04-08 07:54 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2015-08-01 02:39 - 2009-03-13 15:26 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
2015-08-01 02:39 - 2008-03-20 16:11 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\DivX
2015-07-31 23:47 - 2012-03-17 00:57 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\DivX
2015-07-31 23:47 - 2008-03-20 16:11 - 00000000 ____D C:\Program Files\DivX
2015-07-31 21:22 - 2015-03-18 02:07 - 00096352 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2015-07-31 21:21 - 2015-03-18 02:07 - 00146432 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2015-07-31 21:21 - 2008-03-01 15:54 - 00000000 ____D C:\Program Files\Java
2015-07-31 21:14 - 2012-12-04 21:49 - 00158298 ____C C:\WINDOWS\Wdf01009Inst.log
2015-07-31 21:10 - 2014-05-13 14:59 - 00024016 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-07-31 21:10 - 2013-11-05 12:11 - 00788784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2015-07-31 21:10 - 2013-11-05 12:11 - 00433264 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2015-07-31 21:10 - 2013-11-05 12:11 - 00208664 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-07-31 21:10 - 2013-11-05 12:11 - 00076000 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-07-31 21:10 - 2013-11-05 12:11 - 00057888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2015-07-31 21:10 - 2013-11-05 12:11 - 00055200 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2015-07-31 21:10 - 2013-11-05 12:11 - 00049776 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys

==================== Files in the root of some directories =======

2011-03-02 11:21 - 2011-03-02 11:21 - 0002528 ____C () C:\Documents and Settings\User\Application Data\$_hpcst$.hpc
2010-09-14 18:13 - 2010-12-04 01:20 - 0000965 ____C () C:\Documents and Settings\User\Application Data\BBMS_EXCEPTION.txt
2014-12-12 02:12 - 2014-12-12 02:47 - 0000077 _____ () C:\Documents and Settings\User\Application Data\Rim.Desktop.Exception.log
2014-12-12 02:10 - 2014-12-12 03:19 - 0001925 _____ () C:\Documents and Settings\User\Application Data\Rim.Desktop.HttpServerSetup.log
2014-12-12 02:12 - 2014-12-12 02:47 - 0000077 _____ () C:\Documents and Settings\User\Application Data\Rim.DesktopHelper.Exception.log
2011-08-18 13:08 - 2011-08-18 13:08 - 0206473 ____C () C:\Documents and Settings\User\Local Settings\Application Data\ars.cache
2011-08-18 13:09 - 2011-08-18 13:09 - 0223067 ____C () C:\Documents and Settings\User\Local Settings\Application Data\census.cache
2007-12-22 22:58 - 2015-08-02 23:22 - 0205312 ____C () C:\Documents and Settings\User\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2007-12-20 12:47 - 2007-12-20 12:47 - 0000127 ____C () C:\Documents and Settings\User\Local Settings\Application Data\fusioncache.dat
2011-02-01 10:46 - 2011-02-01 10:46 - 0000036 ____C () C:\Documents and Settings\User\Local Settings\Application Data\housecall.guid.cache
2007-07-13 14:36 - 2007-07-13 14:36 - 0220184 ____C ( ) C:\Documents and Settings\User\Local Settings\Application Data\Interop.Microsoft.Office.Core.dll
2014-07-14 16:59 - 2014-07-14 17:06 - 0000191 _____ () C:\Documents and Settings\User\Local Settings\Application Data\rbxcsettings.rbx
2005-12-13 17:12 - 2005-12-13 17:12 - 0016384 ____C (Microsoft Corporation) C:\Documents and Settings\User\Local Settings\Application Data\stdole.dll

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of log ============================


  • 0

#5
Pyxis

Pyxis

    Trusted Helper

  • Malware Removal
  • 1,228 posts
There are a lot of programs using your limited resources. The BSoD you experienced could have possibly been due to Memory Management i.e. lack of or bad RAM.
  • Step 1

    You seem to have too many anti-virus programs running in your system. While it is normal to think that "the more the merrier" in certain occasions, it does not apply when choosing an anti-virus. Having multiple ones of the same kind installed (e.g. more than one anti-virus program) will make your system run slower, and they will go against one another thereby making them inefficient.

    I advise you to uninstall all but one of the following programs through Control Panel > Add or Remove Programs (Windows XP) or Control Panel > Programs and Features > Uninstall a Program (Windows Vista & Windows 7):
    • Microsoft Security Essentials
    If you are having difficulties, please tell me.
  • Step 2

    Certain programs can hinder the cleaning process. As such, I ask that you remove the below program(s) to ensure no such conflict arises:
    • HiJackThis (Outdated)
    • HijackThis 2.0.2 (Outdated)
    • SUPERAntiSpyware
    • TuneUp Utilities 2014
    • WinPatrol
    While disabling is an option, for a more hassle-free solution, I recommend uninstalling the above program(s) through Control Panel > Add or Remove Programs (Windows XP) or Control Panel > Programs and Features > Uninstall a Program (Windows Vista & Windows 7).

    You may re-install the program(s) later once I have declared you clean, but do know your computer can very well function without them.
  • Step 3

    Upon careful inspection, your log indicates that the program(s) listed below is installed on your computer. I would like to request for the removal of the program(s) as it is associated with either malware or bloatware. Please proceed to uninstalling by going to Control Panel (Windows XP) or Programs and Features (Windows Vista or Windows 7). If Windows says it cannot locate the program(s) and that it prompts for it to be removed from the list instead, do so by allowing it.
    • SweetIM Toolbar for Internet Explorer 3.2
    Inform me if you encounter problems in the removal process.
  • Step 4

    Copy and paste the following into Notepad and save as fixlist.txt to your desktop:
    CloseProcesses:
    EmptyTemp:
    
    IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
    IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
    IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
    IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
    HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k
    HKLM\...\Run: [] => [X]
    HKLM\...\Run: [UserFaultCheck] => %systemroot%\system32\dumprep 0 -u
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.msn.com/spbasic.htm
    HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://securityresponse.symantec.com/avcenter/fix_homepage
    HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.msn.com/spbasic.htm
    HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://securityresponse.symantec.com/avcenter/fix_homepage
    HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKU\S-1-5-21-606747145-117609710-839522115-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKU\S-1-5-21-606747145-117609710-839522115-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.optimum.net
    FF user.js: detected! => C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\p7xknqud.default-1438391621209\user.js [2015-07-31]
    FF Extension: Great Find - C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\p7xknqud.default-1438391621209\Extensions\{1472391e-5578-45fd-9d60-7bb30cee1cce}.xpi [2015-07-31]
    FF HKLM\...\Firefox\Extensions: [{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}] - C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn
    2015-08-01 18:43 - 2015-08-01 18:43 - 00000000 ____D C:\Avenger
    2015-08-01 02:39 - 2014-02-13 18:02 - 00000000 __HDC C:\Documents and Settings\All Users\Application Data\{C6829A37-2437-4FB1-BA29-7FAAC442ACC3}
    2015-08-01 02:39 - 2010-04-13 15:50 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
    2015-08-01 02:39 - 2009-09-10 00:28 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
    2015-08-01 02:39 - 2009-04-08 07:54 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
    2015-08-01 02:39 - 2009-03-13 15:26 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
    • Run your copy of FRST. It is important to ensure it is located in your desktop.
    • Press the Fix button.
    • It will produce a log (fixlog.txt) once done.
    • Copy (CTRL + A and CTRL + C) and paste (CTRL + V) the content of the log in your next reply.
  • Logs to Post

    In summary of the above, I will need you to post the following log(s):
    • fixlog.txt (Farbar Recovery Scan Tool)

  • 0

#6
Lexy610

Lexy610

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 743 posts

Hello .. I did as directed .. however, there was no MSE listed in the add/remove programs and when I tried to uninstall SweetIM Toolbar for Internet Explorer 3.2 I got a window that opened up that was titled "windows installer". .. It then asked me to restart computer after I did the fix with the FRST and I did but then got this window "found new hardware wizard". I closed it then opened my browser to post on here but my computer froze so i had to press 'ctrl+alt and delete to force my browser to close .. I then opened my browser again and it was ok so here is the fixlog as requested! (BTW .. SweetIMToolbar for internet Explorer 3.2 is still on my add/remove programs) Thanks

 

 

 

 

 

 

 

Fix result of Farbar Recovery Scan Tool (x86) Version:21-08-2015 03
Ran by User (2015-08-22 01:24:52) Run:4
Running from C:\Documents and Settings\User\Desktop
Loaded Profiles: User (Available Profiles: User & Administrator & Guest)
Boot Mode: Normal

==============================================

fixlist content:
*****************
CloseProcesses:
EmptyTemp:

IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k
HKLM\...\Run: [] => [X]
HKLM\...\Run: [UserFaultCheck] => %systemroot%\system32\dumprep 0 -u
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.msn.com/spbasic.htm
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://securityresponse.symantec.com/avcenter/fix_homepage
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.msn.com/spbasic.htm
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://securityresponse.symantec.com/avcenter/fix_homepage
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-606747145-117609710-839522115-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-606747145-117609710-839522115-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.optimum.net
FF user.js: detected! => C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\p7xknqud.default-1438391621209\user.js [2015-07-31]
FF Extension: Great Find - C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\p7xknqud.default-1438391621209\Extensions\{1472391e-5578-45fd-9d60-7bb30cee1cce}.xpi [2015-07-31]
FF HKLM\...\Firefox\Extensions: [{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}] - C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn
2015-08-01 18:43 - 2015-08-01 18:43 - 00000000 ____D C:\Avenger
2015-08-01 02:39 - 2014-02-13 18:02 - 00000000 __HDC C:\Documents and Settings\All Users\Application Data\{C6829A37-2437-4FB1-BA29-7FAAC442ACC3}
2015-08-01 02:39 - 2010-04-13 15:50 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2015-08-01 02:39 - 2009-09-10 00:28 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2015-08-01 02:39 - 2009-04-08 07:54 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2015-08-01 02:39 - 2009-03-13 15:26 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
*****************

Processes closed successfully.
"HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\clonewarsadventures.com" => key removed successfully.
"HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\freerealms.com" => key removed successfully.
"HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\soe.com" => key removed successfully.
"HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sony.com" => key removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\KernelFaultCheck => value removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\UserFaultCheck => value removed successfully.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page => value removed successfully.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Search Page => value removed successfully.
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Search Bar => value removed successfully.
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page => value removed successfully.
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Search Page => value removed successfully.
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Search Bar => value removed successfully.
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page => value removed successfully.
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Search Page => value removed successfully.
HKU\S-1-5-21-606747145-117609710-839522115-1003\Software\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKU\S-1-5-21-606747145-117609710-839522115-1003\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\p7xknqud.default-1438391621209\user.js => moved successfully
C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\p7xknqud.default-1438391621209\Extensions\{1472391e-5578-45fd-9d60-7bb30cee1cce}.xpi => moved successfully
HKLM\Software\Mozilla\Firefox\Extensions\\{7BA52691-1876-45ce-9EE6-54BCB3B04BBC} => value removed successfully.
C:\Avenger => moved successfully
C:\Documents and Settings\All Users\Application Data\{C6829A37-2437-4FB1-BA29-7FAAC442ACC3} => moved successfully
C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521} => moved successfully
C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD} => moved successfully
C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906} => moved successfully
C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3} => moved successfully
EmptyTemp: => 2.6 GB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 01:26:32 ====

 

 

 

 

Hi had to edit this post to add that once I added the log I went to search something up and it froze again and I had to do the ctril+alt_delete in order to close the browser then open it again to add that on here. have to get off of it because I literally want to throw my computer out the window :(


Edited by Lexy610, 22 August 2015 - 01:31 AM.

  • 0

#7
Pyxis

Pyxis

    Trusted Helper

  • Malware Removal
  • 1,228 posts
Oh, my. The fix did not remove anything driver-related. This is sounding like a really buggy Windows XP installation. As you know, Microsoft no longer supports it, so unless you have a copy of the operating system a fresh installation would be quite difficult to achieve. At any rate, we can choose to exhaust all our options first before throwing in the towel. :)
  • Step 1

    Your browser settings have been altered by malware. Follow these instructions to reset them to default.

    Mozilla Firefox
    • Open Mozilla Firefox.
    • Click the orange Firefox button at the top-left corner.
    • Select Help > Trouble Shooting Information > Reset Firefox....
    • Proceed by clicking Reset Firefox button.
    • Once done, a window will appear. Click Finish.
    • Close Mozilla Firefox.
  • Step 2

    Download the free version of 'Malwarebytes Anti-Malware by Malwarebytes Corporation' and save it to your desktop.
    • Double-click mbam-setup-*.exe and proceed to installing the program.
      • Accept the License Agreement.
      • At the end, untick Enable free trial of Malwarebytes Anti-Malware Premium and ensure Launch Malwarebytes' Anti-Malware is checked.
      • Click Finish after.
    • Once the program has loaded, navigate to the Settings tab and select Detection and Protection.
      • Tick the Scan For Rootkits box.
    • Go back to the Dashboard and select Update Now. Click Scan Now after.
      • Updates can sometimes still be present. Be sure to select Update Now again if you are prompted.
      • Once the scan is complete, click Apply Actions.
      • If you are prompted to reboot, allow it by pressing Yes.
    • Navigate to the program's History tab to retrieve the log.
      • Click Application Logs and double-click on the most recent Scan Log.
      • Export the log to your desktop as a .TXT file.
      • You can also choose to directly copy the log by selecting Copy to Clipboard.
    • Copy (CTRL + A and CTRL + C) and paste (CTRL + V) the content of the log in your next reply.
  • Step 3

    Copy and paste the following into FRST's Search box:
    SweetIM
    • Press the Search Registry button.
    • It will produce a log (Search.txt) once done.
    • Copy (CTRL + A and CTRL + C) and paste (CTRL + V) the content of the log in your next reply.
  • Logs to Post

    In summary of the above, I will need you to post the following log(s):
    • mbam-log-YYYY-MM-DD (HH-MM-SS).xml (Malwarebytes Anti-Malware)
    • Search.txt (Farbar Recovery Scan Tool)

  • 0

#8
Lexy610

Lexy610

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 743 posts

There is no option that says :: Reset Firefox.... or Proceed by clicking Reset Firefox button.

 

As far as malbytes .. You suggested i d/l it but I already have it installed .. should I uninstall and reinstall new version?


  • 0

#9
Pyxis

Pyxis

    Trusted Helper

  • Malware Removal
  • 1,228 posts
Using Mozilla Firefox, visit 'this' site and click on Refresh Firefox. As for Malwarebytes Anti-Malware, yes, please do. :)
  • 0

#10
Lexy610

Lexy610

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 743 posts

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 8/23/2015
Scan Time: 4:12:39 PM
Logfile: mlbyte8-23-2015.txt
Administrator: Yes

Version: 2.1.8.1057
Malware Database: v2015.08.23.05
Rootkit Database: v2015.08.16.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows XP Service Pack 3
CPU: x86
File System: NTFS
User: User

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 514020
Time Elapsed: 2 hr, 33 min, 3 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

 

 

 

 

 

 

 

 

Farbar Recovery Scan Tool (x86) Version:21-08-2015 03
Ran by User (2015-08-23 19:01:29)
Running from C:\Documents and Settings\User\Desktop
Boot Mode: Normal

================== Search Registry: "SweetIM" ===========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\5D72AF385B5242D47B69FD47F2805AFC]
"ProductName"="SweetIM Toolbar for Internet Explorer 3.2"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094]
"5D72AF385B5242D47B69FD47F2805AFC"="C:\Program Files\SweetIM\Toolbars\Internet Explorer\msvcr71.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536]
"5D72AF385B5242D47B69FD47F2805AFC"="C:\Program Files\SweetIM\Toolbars\Internet Explorer\msvcp71.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5D72AF385B5242D47B69FD47F2805AFC\InstallProperties]
"Contact"="SweetIM Technical Support Department"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5D72AF385B5242D47B69FD47F2805AFC\InstallProperties]
"HelpLink"="http://www.sweetim.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5D72AF385B5242D47B69FD47F2805AFC\InstallProperties]
"InstallLocation"="C:\Program Files\SweetIM\Toolbars\Internet Explorer\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5D72AF385B5242D47B69FD47F2805AFC\InstallProperties]
"Publisher"="SweetIM Technologies Ltd."
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5D72AF385B5242D47B69FD47F2805AFC\InstallProperties]
"URLInfoAbout"="http://www.sweetim.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5D72AF385B5242D47B69FD47F2805AFC\InstallProperties]
"URLUpdateInfo"="http://www.sweetim.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5D72AF385B5242D47B69FD47F2805AFC\InstallProperties]
"DisplayName"="SweetIM Toolbar for Internet Explorer 3.2"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{83FA27D5-25B5-4D24-B796-DF742F08A5CF}]
"Contact"="SweetIM Technical Support Department"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{83FA27D5-25B5-4D24-B796-DF742F08A5CF}]
"HelpLink"="http://www.sweetim.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{83FA27D5-25B5-4D24-B796-DF742F08A5CF}]
"InstallLocation"="C:\Program Files\SweetIM\Toolbars\Internet Explorer\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{83FA27D5-25B5-4D24-B796-DF742F08A5CF}]
"Publisher"="SweetIM Technologies Ltd."
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{83FA27D5-25B5-4D24-B796-DF742F08A5CF}]
"URLInfoAbout"="http://www.sweetim.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{83FA27D5-25B5-4D24-B796-DF742F08A5CF}]
"URLUpdateInfo"="http://www.sweetim.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{83FA27D5-25B5-4D24-B796-DF742F08A5CF}]
"DisplayName"="SweetIM Toolbar for Internet Explorer 3.2"

====== End of Search ======


  • 0

Advertisements


#11
Lexy610

Lexy610

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 743 posts

Not sure if I posted the right log .. went back to Malbyte and saw another log so posting that one as well .. hope that's OK ..

 

 

 

Malwarebytes Anti-Malware
www.malwarebytes.org


Error, 8/23/2015 3:45:50 PM, SYSTEM, LEXY, Protection, IsLicensed, 13,
Protection, 8/23/2015 3:45:51 PM, SYSTEM, LEXY, Protection, Malware Protection, Stopping,
Protection, 8/23/2015 3:45:51 PM, SYSTEM, LEXY, Protection, Malware Protection, Stopped,
Protection, 8/23/2015 4:11:35 PM, SYSTEM, LEXY, Protection, Malware Protection, Starting,
Protection, 8/23/2015 4:11:35 PM, SYSTEM, LEXY, Protection, Malware Protection, Started,
Protection, 8/23/2015 4:11:35 PM, SYSTEM, LEXY, Protection, Malicious Website Protection, Starting,
Error, 8/23/2015 4:11:46 PM, SYSTEM, LEXY, Update, Bad md5 or size: domains, 11,
Error, 8/23/2015 4:11:46 PM, SYSTEM, LEXY, Update, Bad md5 or size: ips, 11,
Error, 8/23/2015 4:11:46 PM, SYSTEM, LEXY, Update, Bad md5 or size: akadomains, 11,
Error, 8/23/2015 4:11:46 PM, SYSTEM, LEXY, Update, Bad md5 or size: akaips, 11,
Update, 8/23/2015 4:11:46 PM, SYSTEM, LEXY, Manual, Rootkit Database, 2015.6.2.1, 2015.8.16.1,
Update, 8/23/2015 4:11:46 PM, SYSTEM, LEXY, Manual, Domain Database, 0.0.0.0, 2015.7.24.2,
Update, 8/23/2015 4:11:46 PM, SYSTEM, LEXY, Manual, IP Database, 0.0.0.0, 2015.7.24.3,
Update, 8/23/2015 4:11:47 PM, SYSTEM, LEXY, Manual, Remediation Database, 2015.5.13.1, 2015.8.18.1,
Update, 8/23/2015 4:11:47 PM, SYSTEM, LEXY, Manual, AKA IP Database, 0.0.0.0, 2015.8.21.1,
Update, 8/23/2015 4:11:48 PM, SYSTEM, LEXY, Manual, AKA Domain Database, 0.0.0.0, 2015.8.21.2,
Update, 8/23/2015 4:11:48 PM, SYSTEM, LEXY, Manual, Malware Database, 2015.6.3.3, 2015.8.23.5,
Protection, 8/23/2015 4:11:49 PM, SYSTEM, LEXY, Protection, Refresh, Starting,
Protection, 8/23/2015 4:11:57 PM, SYSTEM, LEXY, Protection, Malicious Website Protection, Started,
Protection, 8/23/2015 4:11:57 PM, SYSTEM, LEXY, Protection, Malicious Website Protection, Stopping,
Protection, 8/23/2015 4:11:57 PM, SYSTEM, LEXY, Protection, Malicious Website Protection, Stopped,
Protection, 8/23/2015 4:12:17 PM, SYSTEM, LEXY, Protection, Refresh, Success,
Protection, 8/23/2015 4:12:17 PM, SYSTEM, LEXY, Protection, Malicious Website Protection, Starting,
Protection, 8/23/2015 4:12:30 PM, SYSTEM, LEXY, Protection, Malicious Website Protection, Started,
Scan, 8/23/2015 6:45:45 PM, SYSTEM, LEXY, Manual, Start:8/23/2015 4:12:39 PM, Duration:2 hr 33 min 3 sec, Threat Scan, Completed, 0 Malware Detections, 0 Non-Malware Detections,
Protection, 8/23/2015 6:45:45 PM, SYSTEM, LEXY, Protection, Malicious Website Protection, Stopping,
Protection, 8/23/2015 6:45:45 PM, SYSTEM, LEXY, Protection, Malicious Website Protection, Stopped,
Protection, 8/23/2015 6:45:46 PM, SYSTEM, LEXY, Protection, Malicious Website Protection, Starting,
Protection, 8/23/2015 6:46:03 PM, SYSTEM, LEXY, Protection, Malicious Website Protection, Started,
Protection, 8/23/2015 7:09:09 PM, SYSTEM, LEXY, Protection, Malicious Website Protection, Stopping,
Protection, 8/23/2015 7:09:09 PM, SYSTEM, LEXY, Protection, Malicious Website Protection, Stopped,
Protection, 8/23/2015 7:09:09 PM, SYSTEM, LEXY, Protection, Malware Protection, Stopping,
Protection, 8/23/2015 7:09:12 PM, SYSTEM, LEXY, Protection, Malware Protection, Stopped,
Protection, 8/23/2015 7:09:38 PM, SYSTEM, LEXY, Protection, Malware Protection, Starting,
Protection, 8/23/2015 7:09:38 PM, SYSTEM, LEXY, Protection, Malware Protection, Started,
Protection, 8/23/2015 7:09:38 PM, SYSTEM, LEXY, Protection, Malicious Website Protection, Starting,
Protection, 8/23/2015 7:09:55 PM, SYSTEM, LEXY, Protection, Malicious Website Protection, Started,

(end)


  • 0

#12
Pyxis

Pyxis

    Trusted Helper

  • Malware Removal
  • 1,228 posts
Yes, you provided me with the correct log. :)
  • Step 1

    Copy and paste the following into Notepad and save as fixlist.txt to your desktop:
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\5D72AF385B5242D47B69FD47F2805AFC]
    
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094]
    
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536]
    
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5D72AF385B5242D47B69FD47F2805AFC]
    
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{83FA27D5-25B5-4D24-B796-DF742F08A5CF}]
    
    C:\Program Files\SweetIM
    • Run your copy of FRST. It is important to ensure it is located in your desktop.
    • Press the Fix button.
    • It will produce a log (fixlog.txt) once done.
    • Copy (CTRL + A and CTRL + C) and paste (CTRL + V) the content of the log in your next reply.
  • Step 2

    Download 'SecurityCheck by screen317' and save it to your desktop.
    • Simply double-click the program icon to run it. It will ask for administrator privileges.
    • A black window will appear. Press any key to continue.
    • Wait for it to finish. It won't take long.
    • A log will automatically pop-up after once done.
    • Copy (CTRL + A and CTRL + C) and paste (CTRL + V) the content of the log in your next reply.
    Note: If you get an error about an unsupported operating system, please reboot your computer and try again.
  • Logs to Post

    In summary of the above, I will need you to post the following log(s):
    • fixlog.txt (Farbar Recovery Scan Tool)
    • checkup.txt (SecurityCheck)

  • 0

#13
Lexy610

Lexy610

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 743 posts

Fix result of Farbar Recovery Scan Tool (x86) Version:25-08-2015 02
Ran by User (2015-08-26 19:22:31) Run:5
Running from C:\Documents and Settings\User\Desktop
Loaded Profiles: User (Available Profiles: User & Administrator & Guest)
Boot Mode: Normal

==============================================

fixlist content:
*****************
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\5D72AF385B5242D47B69FD47F2805AFC]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5D72AF385B5242D47B69FD47F2805AFC]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{83FA27D5-25B5-4D24-B796-DF742F08A5CF}]

C:\Program Files\SweetIM
*****************

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\5D72AF385B5242D47B69FD47F2805AFC => could not remove at first attempt (ErrorCode: C0000121), see next line.
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\5D72AF385B5242D47B69FD47F2805AFC => key removed successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094 => key removed successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536 => key removed successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5D72AF385B5242D47B69FD47F2805AFC => could not remove at first attempt (ErrorCode: C0000121), see next line.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5D72AF385B5242D47B69FD47F2805AFC => key removed successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{83FA27D5-25B5-4D24-B796-DF742F08A5CF} => key removed successfully.
"C:\Program Files\SweetIM" => File/Folder not found.

==== End of Fixlog 19:22:31 ====

 

 

 

 

 

 Results of screen317's Security Check version 1.008  
 Windows XP Service Pack 3 x86   
 Internet Explorer 8  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
avast! Antivirus                
Microsoft Security Essentials   
 Antivirus up to date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
 SpywareBlaster 5.0    
 Java 8 Update 40  
 Java 8 Update 51  
 Java version 32-bit out of Date!
 Adobe Flash Player     18.0.0.232  
 Adobe Reader XI  
 Mozilla Firefox (41.0)
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 Malwarebytes Anti-Malware mbamscheduler.exe   
 AVAST Software Avast AvastSvc.exe  
 AVAST Software Avast AvastUI.exe  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:: 4%
````````````````````End of Log``````````````````````

 

 

 

 

 

I wanted to add that when i d/l the security check i got a pop up window about a plugin and my FF browser closed ..

 

 


Edited by Lexy610, 26 August 2015 - 05:31 PM.

  • 0

#14
Pyxis

Pyxis

    Trusted Helper

  • Malware Removal
  • 1,228 posts
Did it occur again?
  • Step 1

    You currently have the following outdated program(s) installed. I highly recommend that you perform an update. You will find the download link(s) for the new version(s) below.
    • Java Runtime Environment -- Update
    Uninstall the previous version(s) before installing the updated one(s). If you run into any errors, let me know.
  • Step 2

    Download 'Fix It by Microsoft' and save it to your desktop.
    • If you are unaware which version you installed, please download and run each separately.
    • Simply double-click the program icon to run it. It will ask for administrator privileges.
    • Follow the rest of the on-screen instructions.
  • Step 3

    Run your copy of FRST by double-clicking it.
    • Put a check on Addition.
    • Press the Scan button after.
    • It will produce FRST.txt and Addition.txt on your desktop once done.
    • Copy (CTRL + A and CTRL + C) and paste (CTRL + V) the content of the logs in your next reply.
  • Logs to Post

    In summary of the above, I will need you to post the following log(s):
    • Addition.txt (Farbar Recovery Scan Tool)
    • FRST.txt (Farbar Recovery Scan Tool)

  • 0

#15
Lexy610

Lexy610

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 743 posts

Additional scan result of Farbar Recovery Scan Tool (x86) Version:27-08-2015
Ran by User (2015-08-27 20:23:59)
Running from C:\Documents and Settings\User\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-606747145-117609710-839522115-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
ASPNET (S-1-5-21-606747145-117609710-839522115-1004 - Limited - Enabled)
Guest (S-1-5-21-606747145-117609710-839522115-501 - Limited - Disabled) => %SystemDrive%\Documents and Settings\Guest
HelpAssistant (S-1-5-21-606747145-117609710-839522115-1000 - Limited - Disabled)
SUPPORT_388945a0 (S-1-5-21-606747145-117609710-839522115-1002 - Limited - Disabled)
User (S-1-5-21-606747145-117609710-839522115-1003 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\User

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Microsoft Security Essentials (Disabled - Up to date) {BCF43643-A118-4432-AEDE-D861FCBCFCDF}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

20/20 v2.2 (HKLM\...\20/20 v2.2) (Version:  - )
6300 (Version: 71.0.215.000 - Hewlett-Packard) Hidden
6300_Help (Version: 71.0.215.000 - Hewlett-Packard) Hidden
6300Trb (Version: 71.0.215.000 - Hewlett-Packard) Hidden
Adobe Connect 9 Add-in (HKU\S-1-5-21-606747145-117609710-839522115-1003\...\Adobe Connect 9 Add-in) (Version: 11,9,971,247 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Photoshop CS2 (HKLM\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.08) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.7.148 - Adobe Systems, Inc.)
Ahead Nero Burning ROM (HKLM\...\Nero - Burning Rom!UninstallKey) (Version:  - )
Ahead NeroMediaPlayer (HKLM\...\NMPUninstallKey) (Version:  - )
AiO_Scan_CDA (Version: 71.0.215.000 - Hewlett-Packard) Hidden
AiOSoftwareNPI (Version: 71.0.215.000 - Hewlett-Packard) Hidden
Alien Skin Eye Candy 5 Impact (HKLM\...\EyeCandy5Impact) (Version:  - )
Alien Skin Eye Candy 5 Nature (HKLM\...\EyeCandy5Nature) (Version:  - )
Alien Skin Eye Candy 5 Textures (HKLM\...\EyeCandy5Textures) (Version:  - )
AMD Catalyst Install Manager (HKLM\...\{D58AFD19-6736-A938-154A-EABEA741D2CC}) (Version: 8.0.891.0 - Advanced Micro Devices, Inc.)
Apple Application Support (32-bit) (HKLM\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{E1DB0812-2D60-43DB-AE09-6C7027D93B28}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI - Software Uninstall Utility (HKLM\...\All ATI Software) (Version: 6.14.10.1014 - )
ATI Control Panel (HKLM\...\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}) (Version: 6.14.10.5183 - )
ATI Display Driver (HKLM\...\ATI Display Driver) (Version: 8.23-060209a1-030546C-Dell - )
Auslogics DiskDefrag (HKLM\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 4.2.1.0 - Auslogics Labs Pty Ltd)
Avast Free Antivirus (HKLM\...\Avast) (Version: 10.3.2225 - AVAST Software)
Belarc Advisor 8.4 (HKLM\...\Belarc Advisor) (Version: 8.4.0.0 - Belarc Inc.)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
CleanUp! (HKLM\...\CleanUp!) (Version:  - )
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Contents (Version: 1.6.1.109 - Corel Corporation) Hidden
Corel Paint Shop Pro Photo X2 (HKLM\...\{64E72FB1-2343-4977-B4A8-262CD53D0BD3}) (Version: 12.010.0000 - Corel Corporation)
Corel PaintShop Photo Pro X3 (HKLM\...\_{D1AEB5DB-04FA-489D-94EF-8600898B93EE}) (Version: 1.6.1.109 - Corel Corporation)
Corel PaintShop Photo Pro X3 (Version: 1.00.0000 - Corel Corporation) Hidden
CP_CalendarTemplates1 (Version: 70.0.170.000 - Hewlett-Packard) Hidden
cp_OnlineProjectsConfig (Version: 70.0.170.000 - Hewlett-Packard) Hidden
CP_Package_Basic1 (Version: 70.0.170.000 - Hewlett-Packard) Hidden
CP_Panorama1Config (Version: 70.0.170.000 - Hewlett-Packard) Hidden
cp_PosterPrintConfig (Version: 70.0.170.000 - Hewlett-Packard) Hidden
Creative Audio Console (HKLM\...\AudioCS) (Version: 1.33 - Creative Technology Limited)
Creative MediaSource (HKLM\...\{2E0C1913-886B-4C5C-8DAF-D1E649CE5FCC}) (Version: 3.00 - )
Creative MediaSource 5 (HKLM\...\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}) (Version: 5.26 - Creative Technology Limited)
Creative MediaSource DVD-Audio Player (HKLM\...\Creative MediaSource DVD-Audio Player) (Version:  - )
Creative Software AutoUpdate (HKLM\...\Creative Software AutoUpdate) (Version: 1.40 - Creative Technology Limited)
Creative WaveStudio 7 (HKLM\...\WaveStudio 7) (Version: 7.14 - Creative Technology Limited)
Critical Update for Windows Media Player 11 (KB959772) (HKLM\...\KB959772_WM11) (Version:  - Microsoft Corporation)
CueTour (Version: 70.0.170.000 - Hewlett-Packard) Hidden
CustomerResearchQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
DB CIF Cam (HKLM\...\{83d96ed0-98aa-4515-8ddc-816f3efdd104}) (Version: 1.0 - My Company Name)
Dell Driver Download Manager (HKU\S-1-5-21-606747145-117609710-839522115-1003\...\f031ef6ac137efc5) (Version: 2.1.0.0 - Dell Inc.)
Dell Resource CD (HKLM\...\{FCD9CD52-7222-4672-94A0-A722BA702FD0}) (Version: 1.00.0000 - Dell Inc.)
Dell System Detect (HKU\S-1-5-21-606747145-117609710-839522115-1003\...\9204f5692a8faf3b) (Version: 5.7.0.6 - Dell)
Destinations (Version: 70.0.170.000 - Hewlett-Packard) Hidden
DeviceIO (Version: 1.6.1.109 - Corel Corporation) Hidden
DeviceManagementQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
Digital Line Detect (HKLM\...\{E646DCF0-5A68-11D5-B229-002078017FBF}) (Version: 1.10 - BVRP Software, Inc)
DivX Content Uploader (HKLM\...\{D050D7362D214723AD585B541FFB6C11}) (Version: 1.2.1 - DivX, Inc.)
DivX Converter (HKLM\...\{B13A7C41581B411290FBC0395694E2A9}) (Version: 6.6.0 - DivX, Inc.)
DivX Setup (HKLM\...\DivX Setup) (Version: 2.7.0.77 - DivX, LLC)
DocProc (Version: 7.0.0.0 - Hewlett-Packard) Hidden
DocProcQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
ERUNT 1.1j (HKLM\...\ERUNT_is1) (Version:  - Lars Hederer)
ESPNMotion (HKLM\...\ESPNMotion) (Version: 2.1.6.0011 - ESPN Internet Ventures)
eSupportQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
Evernote v. 5.7.2 (HKLM\...\{FB57263E-706F-11E4-A65F-00163E98E7D6}) (Version: 5.7.2.5753 - Evernote Corp.)
Eye Candy 4000 (HKLM\...\Eye Candy 4000) (Version:  - )
Facebook Plug-In (HKU\S-1-5-21-606747145-117609710-839522115-1003\...\Facebook Plug-In) (Version:  - Facebook, Inc.)
Fax_CDA (Version: 71.0.215.000 - Hewlett-Packard) Hidden
FileZilla Client 3.7.3 (HKLM\...\FileZilla Client) (Version: 3.7.3 - Tim Kosse)
FullDPAppQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
GemMaster Mystic (HKLM\...\12133444-BF36-4d4e-B7FB-A3424C645DE4) (Version:  - )
High Definition Audio Driver Package - KB835221 (HKLM\...\KB835221WXP) (Version: 20040219.000000 - Microsoft Corporation)
HP Customer Participation Program 7.0 (HKLM\...\HPExtendedCapabilities) (Version: 7.0 - HP)
hp deskjet 5100 (HKLM\...\{15C165F1-1DAE-4476-AFB6-8723729B41E7}) (Version: 1.03.0000 - Hewlett-Packard)
HP ENVY 5530 series Basic Device Software (HKLM\...\{5EBC9F1B-F969-4CF9-A616-F6BDDD46042B}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
HP ENVY 5530 series Help (HKLM\...\{97EAE055-1BE8-4775-8101-453E9715EC3F}) (Version: 30.0.0 - Hewlett Packard)
HP Imaging Device Functions 7.0 (HKLM\...\HP Imaging Device Functions) (Version: 7.0 - HP)
HP Photo and Imaging 2.0 - Deskjet Series (HKLM\...\{E0828692-FD9D-459F-9312-C645C3CA6650}) (Version: 2.00.0000 - {&Tahoma8}Hewlett-Packard)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Photosmart Premier Software 6.5 (HKLM\...\HP Photo & Imaging) (Version: 6.5 - HP)
HP Photosmart, Officejet and Deskjet 7.0.A (HKLM\...\{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}) (Version:  - HP)
hp print screen utility (HKLM\...\hp print screen utility) (Version:  - )
HP Solution Center 7.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 7.0 - HP)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (Version: 1.00.0001 - Microsoft) Hidden
HPPhotoSmartExpress (Version: 70.0.170.000 - Hewlett-Packard) Hidden
HPProductAssistant (Version: 70.0.170.000 - Hewlett-Packard) Hidden
HTC BMP USB Driver (HKLM\...\{31A559C1-9E4D-423B-9DD3-34A6C5398752}) (Version: 1.0.5375 - HTC)
HTC Driver Installer (HKLM\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.14.0.001 - HTC Corporation)
HTC Sync Manager (HKLM\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.37.2 - HTC)
ICA (Version: 1.6.1.109 - Corel Corporation) Hidden
IncrediMail (Version: 6.3.9.5274 - IncrediMail) Hidden
IncrediMail 2.0 (HKLM\...\IncrediMail) (Version: 6.3.9.5274 - IncrediMail Ltd.)
IncrediMail Data Manager (HKLM\...\IncrediMail Data Manager) (Version: 1.15 - Silent Wings Software)
InstantShareAlert (Version: 1.00.0000 - HP) Hidden
InstantShareDevices (Version: 70.0.170.000 - Hewlett-Packard) Hidden
InstantShareDevicesMFC (Version: 70.0.170.000 - Hewlett-Packard) Hidden
Intel® 537EP V9x DF PCI Modem (HKLM\...\Intel® 537EP V9x DF PCI Modem) (Version:  - )
Intel® PRO Network Connections Drivers (HKLM\...\PROSet) (Version:  - )
Intel® Viiv™ (HKLM\...\{903CE8F7-6C7B-41E6-A1CF-3BF1176264EC}) (Version: 1.0.1.2012 - Intel Corporation)
iPhone Configuration Utility (HKLM\...\{FA54AFB1-5745-4389-B8C1-9F7509672ED1}) (Version: 2.1.0.163 - Apple Inc.)
IPM_PSP_Pro (Version: 1.00.0000 - Corel Corporation) Hidden
IPTInstaller (HKLM\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
iTunes (HKLM\...\{3A9FE6B1-EE7F-40AC-B831-AC7C9ABB58A0}) (Version: 12.1.1.4 - Apple Inc.)
Jasc Animation Shop 3 (HKLM\...\{7C4196CA-CA41-4F34-9C08-7724E7705D52}) (Version: 3.11 - Jasc Software Inc)
Jasc Paint Shop Pro 9 (HKLM\...\{F843C6A3-224D-4615-94F8-3C461BD9AEA0}) (Version: 9.00.0000 - Jasc Software Inc)
Java 8 Update 60 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Kai's Power Tools 5 (HKLM\...\Kai's Power Tools 5) (Version:  - )
Kies mini (HKLM\...\InstallShield_{EE43894E-FDCF-4A8C-BCD6-3AAA9A48B486}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Kies mini (Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
KPT 6 (HKLM\...\KPT 6) (Version:  - )
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
MarketResearch (Version: 70.0.170.000 - Hewlett-Packard) Hidden
Memeo AutoBackup (HKU\S-1-5-21-606747145-117609710-839522115-1003\...\InstallShield_{6BCEB97B-F315-455D-BC2D-565A1A6781E8}) (Version: 2.50.1938 - Memeo)
Memeo AutoBackup (Version: 2.50.1938 - Memeo) Hidden
Memeo AutoSync (HKLM\...\{75B7F766-7998-44d8-A202-F1EC76A121BA}) (Version:  - Memeo Inc.)
Microsoft .NET Framework 1.0 Hotfix (KB2572066) (HKLM\...\KB2572066) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB2604042) (HKLM\...\KB2604042) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB2656378) (HKLM\...\KB2656378) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB953295) (HKLM\...\KB953295) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB979904) (HKLM\...\KB979904) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2698035) (HKLM\...\KB2698035) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2742607) (HKLM\...\KB2742607) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2833951) (HKLM\...\KB2833951) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2904878) (HKLM\...\KB2904878) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version:  - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Drivers Download Utility 3.4.4 (HKLM\...\{8570C6C9-4FD4-4306-8B57-D31A622E3E03}_is1) (Version: 3.4.4 - LionSea Software)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{90110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office XP Professional with FrontPage (HKLM\...\{90280409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version:  - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
MLE (Version: 1.0.0.23 - Corel Corporation) Hidden
MobileMe Control Panel (HKLM\...\{5A9AA2C0-972F-4239-AA41-E409434194D5}) (Version: 3.1.8.0 - Apple Inc.)
Modem Helper (HKLM\...\{7F142D56-3326-11D5-B229-002078017FBF}) (Version: 2.40 - BVRP Software)
Modem On Hold (HKLM\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 1.12 - BVRP Software, Inc)
Mozilla Firefox 41.0 (x86 en-US) (HKLM\...\Mozilla Firefox 41.0 (x86 en-US)) (Version: 41.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 41.0.0.5714 - Mozilla)
MSN (HKLM\...\MSNINST) (Version:  - )
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 6.0 Parser (KB933579) (HKLM\...\{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}) (Version: 6.10.1200.0 - Microsoft Corporation)
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
NewCopy_CDA (Version: 71.0.215.000 - Hewlett-Packard) Hidden
OCR Software by I.R.I.S 7.0 (HKLM\...\HPOCR) (Version: 7.0 - HP)
Otto (HKLM\...\B3EE3001-DC24-4cd1-8743-5692C716659F) (Version:  - )
PanoStandAlone (Version: 70.0.170.000 - Hewlett-Packard) Hidden
Photo Notifier and Animation Creator (HKLM\...\Photo Notifier and Animation Creator) (Version: 1.0.0.1009 - IncrediMail Ltd.)
PhotoMail Maker (HKLM\...\PhotoMail) (Version: 6.0.0.1007 - IncrediMail Ltd.)
PhotoMail Maker (Version: 6.0.0.1007 - IncrediMail) Hidden
ProductContextNPI (Version: 71.0.215.000 - Hewlett-Packard) Hidden
PSPH10Pro (Version: 1.00.0000 - Corel Corporation) Hidden
PSPPContent (Version: 1.00.0000 - Corel Corporation) Hidden
PSPPRO_DCRAW (Version: 13.0.0 - Corel Corporation) Hidden
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
RandMap (Version: 70.0.170.000 - Hewlett-Packard) Hidden
Readme (Version: 71.0.215.000 - Hewlett-Packard) Hidden
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.5377 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Safari (HKLM\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Scan (Version: 7.0.0.0 - Hewlett-Packard) Hidden
ScannerCopy (Version: 7.0.0.0 - Hewlett-Packard) Hidden
Seagate Dashboard (HKLM\...\{C3A11907-930D-41AC-A135-CC3B12F92011}) (Version: 1.1.0.1421 - Memeo Inc.)
Seagate DiscWizard (HKLM\...\{C43E4B9C-14C8-4EB0-998B-85211B6EDD61}) (Version: 11.0.8142 - Seagate)
SeaTools Enterprise (HKLM\...\SeaTools Enterprise) (Version:  - )
SeaTools for Windows (HKLM\...\SeaTools for Windows) (Version: 1.4.0.2 - Seagate Technology)
Segoe UI (Version: 14.0.4327.805 - Microsoft Corp) Hidden
Setup (Version: 1.6.1.109 - Corel Corporation) Hidden
Share (Version: 1.6.1.109 - Corel Corporation) Hidden
SigmaTel Audio (HKLM\...\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}) (Version: 5.10.4600.0 - SigmaTel)
SkinsHP1 (Version: 70.0.170.000 - Hewlett-Packard) Hidden
SlideShow (Version: 70.0.170.000 - Hewlett-Packard) Hidden
SolutionCenter (Version: 70.0.170.000 - Hewlett-Packard) Hidden
Sonic Encoders (HKLM\...\{9941F0AA-B903-4AF4-A055-83A9815CC011}) (Version: 1.00 - Sonic Solutions)
Sonic_PrimoSDK (Version: 70.0.170.000 - Hewlett-Packard) Hidden
Sound Blaster Audigy ADVANCED MB Demo (HKLM\...\CTMBDemo) (Version:  - )
Sound Blaster for Media Center (HKLM\...\Sound Blaster for Media Center) (Version:  - )
Splat! 1.0 (HKLM\...\Splat) (Version:  - )
SpywareBlaster 5.0 (HKLM\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
Status (Version: 70.0.170.000 - Hewlett-Packard) Hidden
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Toolbox (Version: 70.0.170.000 - Hewlett-Packard) Hidden
TrayApp (Version: 70.0.170.000 - Hewlett-Packard) Hidden
Unload (Version: 7.0.0 - Hewlett-Packard) Hidden
Update Rollup 2 for Windows XP Media Center Edition 2005 (HKLM\...\KB900325) (Version:  - Microsoft Corporation)
USB 2.0 Wireless LAN Card Utility (HKLM\...\{A3BC5D37-30F9-4CF7-BD5C-0DFF063E4B6D}) (Version: 8.1.55 - Dell Inc.)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
VIO (Version: 1.6.1.109 - Corel Corporation) Hidden
virtualPhotographer 1.5.6 (HKLM\...\virtualPhotographer_is1) (Version:  - optikVerve Labs)
VLC media player 2.0.3 (HKLM\...\VLC media player) (Version: 2.0.3 - VideoLAN)
Vz In-Home Agent (HKLM\...\VzInHomeAgent) (Version: 9.0.59.0 - Verizon)
WD Diagnostics (HKLM\...\{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}) (Version: 1.09.0002 - Western Digital Technologies)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
WebReg (Version: 70.0.170.000 - Hewlett-Packard) Hidden
WhoCrashed 5.02 (HKLM\...\WhoCrashed_is1) (Version:  - Resplendence Software Projects Sp.)
Windows Installer Clean Up (HKLM\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Sign-in Assistant (HKLM\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Upload Tool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Encoder 9 Series (HKLM\...\Windows Media Encoder 9) (Version:  - )
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version:  - )
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows PowerShell™ 1.0 (HKLM\...\KB926139-v2) (Version: 2 - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB2502898 (HKLM\...\KB2502898) (Version:  - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB2619340 (HKLM\...\KB2619340) (Version:  - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB2628259 (HKLM\...\KB2628259) (Version:  - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB925766 (HKLM\...\KB925766) (Version:  - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB973768 (HKLM\...\KB973768) (Version:  - Microsoft Corporation)
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
WinRAR 5.00 beta 8 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.8 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-606747145-117609710-839522115-1003_Classes\CLSID\{0000002F-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-606747145-117609710-839522115-1003_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-606747145-117609710-839522115-1003_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-606747145-117609710-839522115-1003_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-606747145-117609710-839522115-1003_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-606747145-117609710-839522115-1003_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-606747145-117609710-839522115-1003_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-606747145-117609710-839522115-1003_Classes\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-606747145-117609710-839522115-1003_Classes\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-606747145-117609710-839522115-1003_Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}\InprocServer32 -> C:\Documents and Settings\User\Application Data\Smilebox\MP4Splitter.ax (Gabest)
CustomCLSID: HKU\S-1-5-21-606747145-117609710-839522115-1003_Classes\CLSID\{46763EE0-CAB2-11CE-8C20-00AA0051E5D4}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-606747145-117609710-839522115-1003_Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}\InprocServer32 -> C:\Documents and Settings\User\Application Data\Smilebox\MP4Splitter.ax (Gabest)
CustomCLSID: HKU\S-1-5-21-606747145-117609710-839522115-1003_Classes\CLSID\{6AC7C19E-8CA0-4E3D-9A9F-2881DE29E0AC}\InprocServer32 -> C:\Documents and Settings\User\Application Data\Smilebox\CoreAAC.ax No File
CustomCLSID: HKU\S-1-5-21-606747145-117609710-839522115-1003_Classes\CLSID\{919AB5F1-1C34-47a2-9C02-17128222C7CF}\InprocServer32 -> C:\Documents and Settings\User\Application Data\Smilebox\MP3Encoder.dll No File
CustomCLSID: HKU\S-1-5-21-606747145-117609710-839522115-1003_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-606747145-117609710-839522115-1003_Classes\CLSID\{C98FE784-B96E-41e1-8399-1337AE3E539F}\InprocServer32 -> C:\Documents and Settings\User\Application Data\Facebook\npfbplugin_1_0_3.dll ( )
CustomCLSID: HKU\S-1-5-21-606747145-117609710-839522115-1003_Classes\CLSID\{D3D9D58B-45B5-48AB-B199-B8C40560AEC7}\InprocServer32 -> C:\Documents and Settings\User\Application Data\Smilebox\MP4Splitter.ax (Gabest)
CustomCLSID: HKU\S-1-5-21-606747145-117609710-839522115-1003_Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}\InprocServer32 -> C:\Documents and Settings\User\Application Data\Smilebox\MP4Splitter.ax (Gabest)

==================== Restore Points =========================

31-07-2015 21:10:32 avast! antivirus system restore point
31-07-2015 21:14:31 Installed Windows XP Wdf01009.
01-08-2015 13:01:16 Software Distribution Service 3.0
01-08-2015 17:27:57 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
01-08-2015 17:54:53 Software Distribution Service 3.0
01-08-2015 18:30:47 Software Distribution Service 3.0
07-08-2015 15:46:35 Software Distribution Service 3.0
08-08-2015 15:24:47 Software Distribution Service 3.0
08-08-2015 16:20:55 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
08-08-2015 16:21:51 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
09-08-2015 13:00:18 Software Distribution Service 3.0
09-08-2015 14:18:12 Software Distribution Service 3.0
10-08-2015 14:46:07 Software Distribution Service 3.0
14-08-2015 17:58:51 Software Distribution Service 3.0
15-08-2015 13:54:03 Software Distribution Service 3.0
16-08-2015 19:45:37 System Checkpoint
17-08-2015 21:28:15 System Checkpoint
18-08-2015 22:21:01 System Checkpoint
19-08-2015 16:59:40 Software Distribution Service 3.0
22-08-2015 00:29:03 Software Distribution Service 3.0
22-08-2015 01:03:44 Removed HiJackThis
22-08-2015 01:05:56 Removed TuneUp Utilities 2014
22-08-2015 01:06:26 Removed TuneUp Utilities 2014 (en-US)
22-08-2015 14:47:41 Software Distribution Service 3.0
23-08-2015 15:48:55 Software Distribution Service 3.0
26-08-2015 17:41:20 Software Distribution Service 3.0
27-08-2015 19:01:50 Removed Java 8 Update 40
27-08-2015 19:15:45 Removed Java 8 Update 51
27-08-2015 19:22:04 Installed Microsoft Fix it 50535
27-08-2015 19:54:20 Installed Microsoft Fix it 50535
27-08-2015 20:15:51 Installed Microsoft Fix it 50535
27-08-2015 20:18:32 Installed Microsoft Fix it 50692

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2004-08-10 07:00 - 2013-10-21 18:39 - 00000027 ____N C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe

==================== Loaded Modules (Whitelisted) ==============

2015-07-31 21:10 - 2015-07-31 21:10 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-07-31 21:10 - 2015-07-31 21:10 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-08-27 18:30 - 2015-08-27 18:30 - 02961408 _____ () C:\Program Files\AVAST Software\Avast\defs\15082701\algo.dll
2013-08-07 15:25 - 2013-08-07 15:25 - 00093696 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll
2015-03-13 23:43 - 2015-07-31 21:10 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2008-06-24 18:35 - 2008-06-24 18:35 - 01328408 ____C () C:\Program Files\Seagate\DiscWizard\fox.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2004-08-10 07:00 - 2011-02-04 18:48 - 00291840 _____ () C:\WINDOWS\system32\sbe.dll
2004-08-10 07:00 - 2013-01-02 02:49 - 01292288 _____ () C:\WINDOWS\system32\quartz.dll
2004-08-10 07:00 - 2008-04-13 20:11 - 00059904 _____ () C:\WINDOWS\system32\devenum.dll
2004-08-10 07:00 - 2008-04-13 20:11 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2014-11-19 23:14 - 2014-11-19 23:14 - 00438336 _____ () C:\Program Files\Evernote\Evernote\libxml2.dll
2014-11-19 23:14 - 2014-11-19 23:14 - 00320064 _____ () C:\Program Files\Evernote\Evernote\libtidy.dll
2014-08-06 13:40 - 2014-08-06 13:40 - 00031080 _____ () C:\Program Files\HTC\HTC Sync Manager\DbAccess.dll
2014-12-18 16:08 - 2014-12-18 16:08 - 00607376 _____ () C:\Program Files\HTC\HTC Sync Manager\sqlite3.dll
2014-08-06 13:41 - 2014-08-06 13:41 - 00059752 _____ () C:\Program Files\HTC\HTC Sync Manager\NAdvLog.dll
2014-08-06 13:41 - 2014-08-06 13:41 - 00036216 _____ () C:\Program Files\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
2014-08-06 13:42 - 2014-08-06 13:42 - 00080248 _____ () C:\Program Files\HTC\HTC Sync Manager\ninstallerhelper.dll
2014-08-06 13:44 - 2014-08-06 13:44 - 00129376 ____C () C:\Program Files\HTC\HTC Sync Manager\zlib1.dll
2014-08-06 13:46 - 2014-08-06 13:46 - 00223592 ____C () C:\Program Files\HTC\HTC Sync Manager\DevConnMon.dll
2013-07-09 17:37 - 2013-07-09 17:37 - 03391488 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_b4eed146\mscorlib.dll
2013-07-09 17:24 - 2013-07-09 17:24 - 03035136 ____C () c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_9a0d88b2\system.windows.forms.dll
2013-07-09 17:37 - 2013-07-09 17:37 - 00843776 ____C () c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_b769fb61\system.drawing.dll
2013-07-09 17:24 - 2013-07-09 17:24 - 01966080 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_5f21cab9\system.dll
2013-07-09 17:36 - 2013-07-09 17:36 - 02088960 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_8c2dcaf2\system.xml.dll
2014-12-18 16:10 - 2014-12-18 16:10 - 00821600 _____ () C:\Program Files\HTC\HTC Sync Manager\HTC Sync\adb.exe
2013-10-17 16:27 - 2013-10-17 16:27 - 00166912 _____ () C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
2007-06-05 14:20 - 2007-06-05 14:20 - 00177704 _____ () C:\WINDOWS\system32\PSIService.exe
2005-10-20 11:36 - 2005-10-20 11:36 - 00065536 ___RC () C:\Program Files\Hewlett-Packard\Digital Imaging\bin\crm\xmlparse.dll
2005-10-20 11:36 - 2005-10-20 11:36 - 00077824 ___RC () C:\Program Files\Hewlett-Packard\Digital Imaging\bin\crm\xmltok.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
IE restricted site: HKU\.DEFAULT\...\123topsearch.com -> www.123topsearch.com
IE restricted site: HKU\.DEFAULT\...\125sms.co.uk -> www.125sms.co.uk

There are 5322 more restricted sites.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-606747145-117609710-839522115-1003\Control Panel\Desktop\\Wallpaper -> C:\Documents and Settings\User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
DNS Servers: 192.168.1.1
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Documents and Settings^User^Start Menu^Programs^Startup^Memeo AutoBackup Launcher.lnk => C:\WINDOWS\pss\Memeo AutoBackup Launcher.lnkStartup
MSCONFIG\startupreg: Corel Photo Downloader => "C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" -startup
MSCONFIG\startupreg: DeviceDiscovery => C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
MSCONFIG\startupreg: HP Software Update => "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
MSCONFIG\startupreg: IncrediMail => C:\Program Files\IncrediMail\bin\IncMail.exe /c
MSCONFIG\startupreg: Memeo AutoSync => C:\Program Files\Memeo\AutoSync\MemeoLauncher2.exe --silent
MSCONFIG\startupreg: MSMSGS => "C:\Program Files\Messenger\msmsgs.exe" /background
MSCONFIG\startupreg: msnmsgr => "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: Seagate Dashboard => C:\Program Files\Seagate\Seagate Dashboard\MemeoLauncher.exe --silent --no_ui
MSCONFIG\startupreg: WinPatrol => C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

DomainProfile\AuthorizedApplications: [C:\Program Files\Windows Live\Messenger\wlcsdk.exe] => Enabled:Windows Live Call
DomainProfile\AuthorizedApplications: [C:\Program Files\Windows Live\Messenger\msnmsgr.exe] => Enabled:Windows Live Messenger
DomainProfile\AuthorizedApplications: [C:\Program Files\Sleek Bill\libj\launch4j-tmp\Sleek Bill.exe] => Enabled:Java™ Platform SE binary
DomainProfile\AuthorizedApplications: [C:\Program Files\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe] => :LocalSubNet:Enabled:BlackBerry Link Tunnel Manager (TCP)
DomainProfile\AuthorizedApplications: [C:\Program Files\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe] => :LocalSubNet:Enabled:BlackBerry Link MDNS Service (TCP)
DomainProfile\AuthorizedApplications: [C:\Program Files\Common Files\Research In Motion\nginx\nginx.exe] => :LocalSubNet:Enabled:BlackBerry Link Service (Nginx)
DomainProfile\AuthorizedApplications: [C:\Program Files\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe] => :LocalSubNet:Enabled:BlackBerry Link Peer Manager
DomainProfile\AuthorizedApplications: [C:\Program Files\HTC\HTC Sync Manager\HTCSyncManager.exe] => Enabled:HTCSyncManager
StandardProfile\AuthorizedApplications: [C:\Program Files\Messenger\msmsgs.exe] => Enabled:Windows Messenger
StandardProfile\AuthorizedApplications: [C:\Program Files\IncrediMail\bin\ImApp.exe] => Enabled:IncrediMail
StandardProfile\AuthorizedApplications: [C:\Program Files\IncrediMail\bin\IncMail.exe] => Enabled:IncrediMail
StandardProfile\AuthorizedApplications: [C:\Program Files\IncrediMail\bin\ImpCnt.exe] => Enabled:IncrediMail
StandardProfile\AuthorizedApplications: [C:\Program Files\IncrediMail\bin\ImLc.exe] => Enabled:IncrediMail
StandardProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe] => Enabled:hpqtra08.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqste08.exe] => Enabled:hpqste08.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpofxm08.exe] => Enabled:hpofxm08.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposfx08.exe] => Enabled:hposfx08.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposid01.exe] => Enabled:hposid01.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqscnvw.exe] => Enabled:hpqscnvw.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqkygrp.exe] => Enabled:hpqkygrp.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqCopy.exe] => Enabled:hpqcopy.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpfccopy.exe] => Enabled:hpfccopy.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpzwiz01.exe] => Enabled:hpzwiz01.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\HpqPhUnl.exe] => Enabled:hpqphunl.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\HpqDIA.exe] => Enabled:hpqdia.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoews01.exe] => Enabled:hpoews01.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqnrs08.exe] => Enabled:hpqnrs08.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\QuickTime\QuickTimePlayer.exe] => Enabled:QuickTime Player
StandardProfile\AuthorizedApplications: [C:\Program Files\Bonjour\mDNSResponder.exe] => Enabled:Bonjour Service
StandardProfile\AuthorizedApplications: [C:\Documents and Settings\User\Local Settings\Application Data\IM\Runtime\IncrediMail_Install.exe] => Enabled:IncrediMail Installer
StandardProfile\AuthorizedApplications: [C:\Program Files\Windows Live\Messenger\wlcsdk.exe] => Enabled:Windows Live Call
StandardProfile\AuthorizedApplications: [C:\Program Files\Windows Live\Messenger\msnmsgr.exe] => Enabled:Windows Live Messenger
StandardProfile\AuthorizedApplications: [C:\Program Files\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe] => Enabled:SeagateHipServAgent
StandardProfile\AuthorizedApplications: [C:\Program Files\Mozilla Firefox\plugin-container.exe] => Enabled:Plugin Container for Firefox
StandardProfile\AuthorizedApplications: [C:\Program Files\HTC\HTC Sync Manager\HTCSyncManager.exe] => Enabled:HTCSyncManager
StandardProfile\AuthorizedApplications: [C:\Program Files\HP\HP ENVY 5530 series\Bin\DeviceSetup.exe] => :LocalSubNet:Enabled:HP Device Setup (HP ENVY 5530 series)
StandardProfile\AuthorizedApplications: [C:\Program Files\HP\HP ENVY 5530 series\Bin\HPNetworkCommunicatorCom.exe] => :LocalSubNet:Enabled:HP Network Communicator COM (HP ENVY 5530 series)
StandardProfile\AuthorizedApplications: [C:\Program Files\iTunes\iTunes.exe] => Enabled:iTunes
StandardProfile\AuthorizedApplications: [C:\Program Files\Mozilla Firefox\firefox.exe] => Enabled:Firefox (C:\Program Files\Mozilla Firefox)
StandardProfile\GloballyOpenPorts: [57384:TCP] => Enabled:Pando P2P TCP Listening Port
StandardProfile\GloballyOpenPorts: [57384:UDP] => Enabled:Pando P2P UDP Listening Port
StandardProfile\GloballyOpenPorts: [1900:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22007
StandardProfile\GloballyOpenPorts: [57428:TCP] => Enabled:Pando
StandardProfile\GloballyOpenPorts: [57428:UDP] => Enabled:Pando
StandardProfile\GloballyOpenPorts: [56090:TCP] => Enabled:Pando
StandardProfile\GloballyOpenPorts: [56090:UDP] => Enabled:Pando
StandardProfile\GloballyOpenPorts: [67:UDP] => Enabled:DHCP Server
StandardProfile\GloballyOpenPorts: [5357:TCP] => Enabled:WS-Eventing TCP Port 5357

==================== Faulty Device Manager Devices =============

Name: RADEON X300 SE 128MB HyperMemory Secondary
Description: RADEON X300 SE 128MB HyperMemory Secondary
Class Guid:  TI Technologies Inc.
Manufacturer: ATI Technologies Inc.
Service: ati2mtag
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Parport
Description: Parport
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Parport
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Serial
Description: Serial
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Serial
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/27/2015 08:15:44 PM) (Source: MsiInstaller) (EventID: 11305) (User: LEXY)
Description: Product: Microsoft Fix it 50535 -- Error 1305. Error reading from file C:\Documents and Settings\User\Desktop\MicrosoftFixit50535.msi.  System error 1008. Verify that the file exists and that you can access it.

Error: (08/27/2015 07:54:12 PM) (Source: MsiInstaller) (EventID: 11305) (User: LEXY)
Description: Product: Microsoft Fix it 50535 -- Error 1305. Error reading from file C:\Documents and Settings\User\My Documents\Downloads\MicrosoftFixit50535.msi.  System error 1008. Verify that the file exists and that you can access it.

Error: (08/27/2015 07:52:24 PM) (Source: MsiInstaller) (EventID: 11305) (User: LEXY)
Description: Product: Microsoft Fix it 50535 -- Error 1305. Error reading from file C:\Documents and Settings\User\My Documents\Downloads\MicrosoftFixit50535.msi.  System error 1008. Verify that the file exists and that you can access it.

Error: (08/27/2015 07:50:13 PM) (Source: MsiInstaller) (EventID: 11305) (User: LEXY)
Description: Product: Microsoft Fix it 50535 -- Error 1305. Error reading from file C:\Documents and Settings\User\My Documents\Downloads\MicrosoftFixit50535.msi.  System error 1008. Verify that the file exists and that you can access it.

Error: (08/26/2015 07:22:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application plugin-container.exe, version 41.0.0.5710, faulting module mozglue.dll, version 41.0.0.5710, fault address 0x0000f071.
Processing media-specific event for [plugin-container.exe!ws!]

Error: (08/22/2015 03:28:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application plugin-container.exe, version 41.0.0.5707, faulting module mozglue.dll, version 41.0.0.5707, fault address 0x0000f238.
Processing media-specific event for [plugin-container.exe!ws!]

Error: (08/22/2015 03:28:09 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application firefox.exe, version 41.0.0.5707, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (08/22/2015 03:04:40 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application plugin-container.exe, version 41.0.0.5707, faulting module mozglue.dll, version 41.0.0.5707, fault address 0x0000f238.
Processing media-specific event for [plugin-container.exe!ws!]

Error: (08/22/2015 03:04:36 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application firefox.exe, version 41.0.0.5707, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (08/17/2015 05:41:47 PM) (Source: Application Hang) (EventID: 1001) (User: )
Description: Fault bucket 145516964.


System errors:
=============

Microsoft Office:
=========================
Error: (08/27/2015 08:15:44 PM) (Source: MsiInstaller) (EventID: 11305) (User: LEXY)
Description: Product: Microsoft Fix it 50535 -- Error 1305. Error reading from file C:\Documents and Settings\User\Desktop\MicrosoftFixit50535.msi.  System error 1008. Verify that the file exists and that you can access it.(NULL)(NULL)(NULL)

Error: (08/27/2015 07:54:12 PM) (Source: MsiInstaller) (EventID: 11305) (User: LEXY)
Description: Product: Microsoft Fix it 50535 -- Error 1305. Error reading from file C:\Documents and Settings\User\My Documents\Downloads\MicrosoftFixit50535.msi.  System error 1008. Verify that the file exists and that you can access it.(NULL)(NULL)(NULL)

Error: (08/27/2015 07:52:24 PM) (Source: MsiInstaller) (EventID: 11305) (User: LEXY)
Description: Product: Microsoft Fix it 50535 -- Error 1305. Error reading from file C:\Documents and Settings\User\My Documents\Downloads\MicrosoftFixit50535.msi.  System error 1008. Verify that the file exists and that you can access it.(NULL)(NULL)(NULL)

Error: (08/27/2015 07:50:13 PM) (Source: MsiInstaller) (EventID: 11305) (User: LEXY)
Description: Product: Microsoft Fix it 50535 -- Error 1305. Error reading from file C:\Documents and Settings\User\My Documents\Downloads\MicrosoftFixit50535.msi.  System error 1008. Verify that the file exists and that you can access it.(NULL)(NULL)(NULL)

Error: (08/26/2015 07:22:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe41.0.0.5710mozglue.dll41.0.0.57100000f071

Error: (08/22/2015 03:28:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe41.0.0.5707mozglue.dll41.0.0.57070000f238

Error: (08/22/2015 03:28:09 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: firefox.exe41.0.0.5707hungapp0.0.0.000000000

Error: (08/22/2015 03:04:40 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe41.0.0.5707mozglue.dll41.0.0.57070000f238

Error: (08/22/2015 03:04:36 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: firefox.exe41.0.0.5707hungapp0.0.0.000000000

Error: (08/17/2015 05:41:47 PM) (Source: Application Hang) (EventID: 1001) (User: )
Description: 145516964


==================== Memory info ===========================

Processor:  Intel® Pentium® D CPU 3.00GHz
Percentage of memory in use: 60%
Total physical RAM: 2046.09 MB
Available physical RAM: 813.73 MB
Total Virtual: 3934.98 MB
Available Virtual: 2845.04 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.76 GB) (Free:225.31 GB) NTFS ==>[drive with boot components (Windows XP)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 465.8 GB) (Disk ID: 208B3481)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

 

 

 

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:27-08-2015
Ran by User (administrator) on LEXY (27-08-2015 20:21:41)
Running from C:\Documents and Settings\User\Desktop
Loaded Profiles: User (Available Profiles: User & Administrator & Guest)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) Language: English (United States)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Conexant Systems, Inc.) C:\WINDOWS\system32\PRISMSVR.exe
(Creative Technology Ltd) C:\Program Files\Creative\Shared Files\CTAudSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Creative Technology Ltd) C:\WINDOWS\system32\CtHelper.exe
(Seagate) C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehtray.exe
(Seagate) C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe
(Creative Technology Ltd) C:\Program Files\Creative\DVDAudio\CTDVDDET.exe
(Acronis) C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe
(DivX, LLC) C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(Creative Technology Ltd) C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Dell Inc.) C:\Program Files\Dell Wireless\PRISMCFG.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Creative Technology Ltd) C:\WINDOWS\system32\CTSVCCDA.EXE
(Microsoft Corporation) C:\WINDOWS\ehome\ehrecvr.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehSched.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files\Evernote\Evernote\EvernoteClipper.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(Nero AG) C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqimzone.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
() C:\Program Files\HTC\HTC Sync Manager\HTC Sync\adb.exe
() C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
(Conexant Systems, Inc.) C:\WINDOWS\system32\PRISMSVC.exe
() C:\WINDOWS\system32\PSIService.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Memeo) C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe
(Seagate) C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
(Microsoft Corporation) C:\WINDOWS\ehome\mcrdsvc.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqste08.exe
(Microsoft Corporation) C:\WINDOWS\system32\dllhost.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehmsas.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Corel) C:\Program Files\Common Files\Corel\Standby\Standby.exe
(Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6111824 2015-08-26] (AVAST Software)
HKLM\...\Run: [CTHelper] => C:\WINDOWS\system32\CTHELPER.EXE [19456 2010-03-18] (Creative Technology Ltd)
HKLM\...\Run: [Standby] => c:\Program Files\Common Files\Corel\Standby\Standby.exe [105632 2010-01-07] (Corel)
HKLM\...\Run: [SigmatelSysTrayApp] => C:\WINDOWS\stsystra.exe [339968 2005-03-22] (SigmaTel, Inc.)
HKLM\...\Run: [Seagate Scheduler2 Service] => C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe [136472 2008-06-24] (Seagate)
HKLM\...\Run: [NeroCheck] => C:\WINDOWS\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM\...\Run: [ehTray] => C:\WINDOWS\ehome\ehtray.exe [64512 2005-08-05] (Microsoft Corporation)
HKLM\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [448520 2015-06-24] (DivX, LLC)
HKLM\...\Run: [DiscWizardMonitor.exe] => C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe [1325848 2008-06-24] (Seagate)
HKLM\...\Run: [CTxfiHlp] => C:\WINDOWS\system32\CTXFIHLP.EXE [19968 2007-04-09] (Creative Technology Ltd)
HKLM\...\Run: [CTDVDDET] => C:\Program Files\Creative\DVDAudio\CTDVDDET.EXE [45056 2003-06-18] (Creative Technology Ltd)
HKLM\...\Run: [ATIPTA] => C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [344064 2006-02-09] (ATI Technologies, Inc.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-02-13] (Apple Inc.)
HKLM\...\Run: [AppleSyncNotifier] => C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2012-02-23] (Apple Inc.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM\...\Run: [AcronisTimounterMonitor] => C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe [904768 2008-06-24] (Acronis)
HKLM\...\Run: [DivXUpdate] => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861640 2015-06-26] (DivX, LLC)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
Winlogon\Notify\PRISMAPI.DLL: C:\WINDOWS\system32\PRISMAPI.DLL [2006-10-12] (Conexant Systems, Inc.)
HKU\S-1-5-21-606747145-117609710-839522115-1003\...\Run: [Creative Detector] => C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe [102400 2004-12-02] (Creative Technology Ltd)
HKU\S-1-5-18\...\Run: [DWQueuedReporting] => c:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE [437160 2007-02-26] (Microsoft Corporation)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2015-03-17]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Development Company, L.P.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Photosmart Premier Fast Start.lnk [2015-03-17]
ShortcutTarget: HP Photosmart Premier Fast Start.lnk -> C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Development Company, L.P.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Wireless USB 2.0 WLAN Card Utility.lnk [2015-03-17]
ShortcutTarget: Wireless USB 2.0 WLAN Card Utility.lnk -> C:\Program Files\Dell Wireless\PRISMCFG.exe (Dell Inc.)
Startup: C:\Documents and Settings\User\Start Menu\Programs\Startup\Adobe Gamma.lnk [2015-03-17]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Documents and Settings\User\Start Menu\Programs\Startup\EvernoteClipper.lnk [2015-03-17]
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Documents and Settings\User\Start Menu\Programs\Startup\Monitor Ink Alerts - HP ENVY 5530 series.lnk [2015-02-16]
ShortcutTarget: Monitor Ink Alerts - HP ENVY 5530 series.lnk -> C:\Program Files\HP\HP ENVY 5530 series\Bin\HPStatusBL.dll (Hewlett-Packard Development Company, LP)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-07-31] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-08-27] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-31] (AVAST Software)
BHO: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files\Evernote\Evernote\EvernoteIE.dll [2014-11-19] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-27] (Oracle Corporation)
DPF: {000F1EA4-5E08-4564-A29B-29076F63A37A} hxxp://launch.soe.com/plugin/web/SOEWebInstaller.cab
DPF: {04063354-A10E-4427-A1EC-F3CC81587BC6} hxxp://www.worldwinner.com/games/v41/mines/mines.cab
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} hxxp://download.microsoft.com/download/e/7/3/e7345c16-80aa-4488-ae10-9ac6be844f99/OGAControl.cab
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} hxxp://www.worldwinner.com/games/v47/shared/FunGamesLoader.cab
DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} hxxp://www.pandasecurity.com/activescan/cabs/as2stubie.cab
DPF: {38AB6A6C-CC4C-4F9E-A3DD-3C5681EF18A1} hxxp://www-cdn.freerealms.com/gamedata/plugins/1.0.3.93/FreeRealmsInstaller.cab?v=1044
DPF: {41D1977F-4161-4720-800F-EA4903983A38} hxxp://www.worldwinner.com/games/v43/jigsaw/jigsaw.cab
DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} hxxp://www.worldwinner.com/games/v46/bejeweled/bejeweled.cab
DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} hxxps://webdl.symantec.com/activex/symdlmgr.cab
DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1229566731421
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} hxxp://www.worldwinner.com/games/shared/wwlaunch.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {A52FBD2B-7AB3-4F6B-90E3-91C772C5D00F} hxxp://www.worldwinner.com/games/v57/wof/wof.cab
DPF: {AC2881FD-5760-46DB-83AE-20A5C6432A7E} hxxp://www.worldwinner.com/games/v67/swapit/swapit.cab
DPF: {B06CE1BC-5D9D-4676-BD28-1752DBF394E0} hxxp://www.worldwinner.com/games/v41/hangman/hangman.cab
DPF: {BA94245D-2AA0-4953-9D9F-B0EE4CC02C43} hxxp://www.worldwinner.com/games/v42/tilecity/tilecity.cab
DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} hxxp://support.dell.com/systemprofiler/DellSystemLite.CAB
DPF: {C5326A4D-E9AA-40AD-A09A-E74304D86B47} hxxp://www.worldwinner.com/games/v50/dinerdash/dinerdash.cab
DPF: {C93C1C34-CEA9-49B1-9046-040F59E0E0D8} hxxp://www.worldwinner.com/games/v43/paint/paint.cab
DPF: {CF969D51-F764-4FBF-9E90-475248601C8A} hxxp://www.worldwinner.com/games/v47/familyfeud/familyfeud.cab
DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2013-04-16] (Belarc, Inc.)
Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll [2003-10-23] (Hewlett-Packard Company)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL [2000-04-19] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{790037EE-CA28-4D5D-A87B-30D5B806EC54}: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\8jvp9x3c.default-1440360080984
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-14] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1207148.dll [2013-12-05] (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin: @divx.com/DivX Content Upload Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Content Uploader\npUpload.dll [2008-02-20] (DivX,Inc.)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll [2015-08-05] (DivX, LLC)
FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-27] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-27] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @soe.sony.com/installer,version=1.0.3 -> C:\WINDOWS\Downloaded Program Files\CONFLICT.2\npsoe.dll [2010-09-30] ()
FF Plugin: @videolan.org/vlc,version=2.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-07-19] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-606747145-117609710-839522115-1003: @facebook.com/FBPlugin,version=1.0.3 -> C:\Documents and Settings\User\Application Data\Facebook\npfbplugin_1_0_3.dll [2010-06-09] ( )
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-05-08] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2014-10-24] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2014-10-24] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2014-10-24] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2014-10-24] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2014-10-24] (Apple Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-02-06]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-11-05]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2015-08-26]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-31]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 6to4; C:\WINDOWS\System32\6to4svc.dll [100864 2010-02-12] (Microsoft Corporation)
S3 Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-07-16] (Adobe Systems) [File not signed]
R2 Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [602112 2010-02-11] (ATI Technologies Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-07-31] (AVAST Software)
S4 Creative Audio Engine Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2014-07-06] (Creative Labs) [File not signed]
S3 Creative Labs Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe [69632 2014-06-12] (Creative Labs) [File not signed]
R2 Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.exe [44032 1999-12-13] (Creative Technology Ltd) [File not signed]
R2 CTAudSvcService; C:\Program Files\Creative\Shared Files\CTAudSvc.exe [286720 2010-02-12] (Creative Technology Ltd) [File not signed]
R2 HTCMonitorService; C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-08-04] (Nero AG)
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 McrdSvc; C:\WINDOWS\ehome\mcrdsvc.exe [99328 2005-08-05] (Microsoft Corporation)
S3 MHN; C:\WINDOWS\System32\mhn.dll [85504 2004-08-10] (Microsoft Corporation) [File not signed]
R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
R2 PRISMSVC; C:\WINDOWS\system32\PRISMSVC.EXE [61529 2006-10-12] (Conexant Systems, Inc.) [File not signed]
R2 ProtexisLicensing; C:\WINDOWS\system32\PSIService.exe [177704 2007-06-05] ()
R2 SeagateDashboardService; C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe [14088 2011-06-01] (Memeo)
R2 SgtSch2Svc; C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe [431384 2008-06-24] (Seagate)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [20747 2006-10-26] (Meetinghouse Data Communications) [File not signed]
R1 AFS2K; C:\WINDOWS\system32\Drivers\AFS2K.sys [35840 2004-10-07] (Oak Technology Inc.)
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24016 2015-07-31] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [76000 2015-07-31] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55200 2015-07-31] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49776 2015-07-31] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [788784 2015-07-31] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [433264 2015-07-31] (AVAST Software)
R3 aswStmXP; C:\WINDOWS\system32\drivers\aswStmXP.sys [161472 2015-07-31] (AVAST Software)
S3 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57888 2015-07-31] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [208664 2015-07-31] (AVAST Software)
R3 ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [3565056 2010-02-11] (ATI Technologies Inc.) [File not signed]
R1 BANTExt; C:\WINDOWS\System32\Drivers\BANTExt.sys [3840 2013-09-10] () [File not signed]
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
S0 cercsr6; C:\WINDOWS\system32\Drivers\cercsr6.sys [39904 2004-12-13] (Adaptec, Inc.) [File not signed]
S3 COMMONFX; C:\WINDOWS\System32\drivers\COMMONFX.SYS [99416 2010-03-18] (Creative Technology Ltd)
R3 COMMONFX.SYS; C:\WINDOWS\System32\drivers\COMMONFX.SYS [99416 2010-03-18] (Creative Technology Ltd)
S3 CT20XUT.DLL; C:\WINDOWS\System32\CT20XUT.DLL [164608 2007-04-12] (Creative Technology Ltd.) [File not signed]
S3 CTAUDFX; C:\WINDOWS\System32\drivers\CTAUDFX.SYS [555096 2010-03-18] (Creative Technology Ltd)
R3 CTAUDFX.SYS; C:\WINDOWS\System32\drivers\CTAUDFX.SYS [555096 2010-03-18] (Creative Technology Ltd)
S3 ctdvda2k; C:\WINDOWS\System32\drivers\ctdvda2k.sys [347144 2010-03-18] (Creative Technology Ltd)
S3 CTEAPSFX.DLL; C:\WINDOWS\System32\CTEAPSFX.DLL [168192 2007-04-12] (Creative Technology Ltd) [File not signed]
S3 CTEDSPFX.DLL; C:\WINDOWS\System32\CTEDSPFX.DLL [280320 2007-04-12] (Creative Technology Ltd) [File not signed]
S3 CTEDSPIO.DLL; C:\WINDOWS\System32\CTEDSPIO.DLL [128768 2007-04-12] (Creative Technology Ltd) [File not signed]
S3 CTEDSPSY.DLL; C:\WINDOWS\System32\CTEDSPSY.DLL [323328 2007-04-12] (Creative Technology Ltd) [File not signed]
S3 CTERFXFX; C:\WINDOWS\System32\drivers\CTERFXFX.SYS [100952 2010-03-18] (Creative Technology Ltd)
S3 CTERFXFX.SYS; C:\WINDOWS\System32\drivers\CTERFXFX.SYS [100952 2010-03-18] (Creative Technology Ltd)
S3 CTEXFIFX.DLL; C:\WINDOWS\System32\CTEXFIFX.DLL [1317632 2007-04-12] (Creative Technology Ltd.) [File not signed]
S3 CTHWIUT.DLL; C:\WINDOWS\System32\CTHWIUT.DLL [66816 2007-04-12] (Creative Technology Ltd.) [File not signed]
S3 CTSBLFX; C:\WINDOWS\System32\drivers\CTSBLFX.SYS [566360 2010-03-18] (Creative Technology Ltd)
R3 CTSBLFX.SYS; C:\WINDOWS\System32\drivers\CTSBLFX.SYS [566360 2010-03-18] (Creative Technology Ltd)
R1 ElRawDisk; C:\WINDOWS\system32\drivers\rsdrv.sys [22312 2009-02-12] (EldoS Corporation)
R3 gameenum; C:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2008-04-13] (Microsoft Corporation)
R3 ha10kx2k; C:\WINDOWS\System32\drivers\ha10kx2k.sys [798808 2010-03-18] (Creative Technology Ltd)
R3 hap16v2k; C:\WINDOWS\System32\drivers\hap16v2k.sys [162904 2010-03-18] (Creative Technology Ltd)
S3 hap17v2k; C:\WINDOWS\System32\drivers\hap17v2k.sys [189528 2010-03-18] (Creative Technology Ltd)
S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49664 2006-04-12] (HP)
S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2006-04-12] (HP)
S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2006-04-12] (HP)
R3 IntelC51; C:\WINDOWS\System32\DRIVERS\IntelC51.sys [1339776 2005-05-06] (Intel Corporation)
R3 IntelC52; C:\WINDOWS\System32\DRIVERS\IntelC52.sys [618880 2006-03-02] (Intel Corporation)
R3 IntelC53; C:\WINDOWS\System32\DRIVERS\IntelC53.sys [47360 2005-05-06] (Intel Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [98520 2015-08-27] (Malwarebytes Corporation)
S3 MHNDRV; C:\WINDOWS\System32\DRIVERS\mhndrv.sys [11008 2004-08-10] (Microsoft Corporation) [File not signed]
R3 mohfilt; C:\WINDOWS\System32\DRIVERS\mohfilt.sys [36880 2005-05-06] (Intel Corporation)
R0 MxEFUF; C:\WINDOWS\System32\DRIVERS\MxEFUF32.sys [102728 2010-11-04] (Matrox Graphics Inc.)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
S3 Netaapl; C:\WINDOWS\System32\DRIVERS\netaapl.sys [18432 2011-05-10] (Apple Inc.) [File not signed]
S3 NuidFltr; C:\WINDOWS\System32\DRIVERS\NuidFltr.sys [18856 2007-08-31] (Microsoft Corporation)
S3 qcserxp; C:\WINDOWS\System32\DRIVERS\qcserxp.sys [103424 2009-01-24] (QUALCOMM Incorporated)
S3 RimUsb; C:\WINDOWS\System32\Drivers\RimUsb.sys [68096 2013-12-02] (BlackBerry Limited)
S3 rimvndis; C:\WINDOWS\System32\Drivers\rimvndis.sys [12800 2014-06-23] (Research in Motion Limited)
S3 SONYPVU1; C:\WINDOWS\System32\DRIVERS\SONYPVU1.SYS [7552 2001-08-17] (Sony Corporation)
S3 SQTECH905C; C:\WINDOWS\System32\Drivers\Capt905c.sys [37760 2007-05-18] (Service & Quality Technology.) [File not signed]
R3 STHDA; C:\WINDOWS\System32\drivers\sthda.sys [1047816 2005-11-16] (SigmaTel, Inc.)
R1 Tcpip6; C:\WINDOWS\System32\DRIVERS\tcpip6.sys [226880 2010-02-11] (Microsoft Corporation)
R0 tdrpman; C:\WINDOWS\System32\DRIVERS\tdrpman.sys [368480 2012-07-21] (Acronis)
R2 tifsfilter; C:\WINDOWS\System32\DRIVERS\tifsfilt.sys [44384 2012-07-21] (Acronis)
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

NETSVC: MHN -> C:\Windows\System32\mhn.dll (Microsoft Corporation)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-27 20:21 - 2015-08-27 20:22 - 00026127 _____ C:\Documents and Settings\User\Desktop\FRST.txt
2015-08-27 20:17 - 2015-08-27 20:17 - 00806400 _____ C:\Documents and Settings\User\Desktop\MicrosoftFixit50692.msi
2015-08-27 19:22 - 2015-08-27 20:18 - 00003158 _____ C:\FixitRegBackup.reg
2015-08-27 19:21 - 2015-08-27 19:21 - 00899584 _____ C:\Documents and Settings\User\Desktop\MicrosoftFixit50535.msi
2015-08-27 19:21 - 2015-08-27 19:21 - 00000000 ____D C:\Program Files\Common Files\Java
2015-08-27 19:21 - 2015-08-27 19:21 - 00000000 ____D C:\Documents and Settings\User\.oracle_jre_usage
2015-08-27 19:21 - 2015-08-27 19:20 - 00146432 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2015-08-27 19:20 - 2015-08-27 19:20 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2015-08-27 19:20 - 2015-08-27 19:20 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Java
2015-08-26 19:24 - 2015-08-26 19:24 - 00852704 _____ C:\Documents and Settings\User\Desktop\SecurityCheck(1).exe
2015-08-26 18:41 - 2015-08-26 19:23 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-08-26 18:13 - 2015-08-26 18:13 - 00001466 _____ C:\Documents and Settings\User\Desktop\DivX Movies.lnk
2015-08-26 18:12 - 2015-08-26 18:12 - 00000792 _____ C:\Documents and Settings\All Users\Desktop\DivX Converter.lnk
2015-08-26 18:12 - 2015-08-26 18:12 - 00000727 _____ C:\Documents and Settings\All Users\Desktop\DivX Player.lnk
2015-08-23 16:11 - 2015-08-27 19:54 - 00098520 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-08-23 16:08 - 2015-08-23 16:08 - 00000777 _____ C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2015-08-23 16:08 - 2015-08-23 16:08 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2015-08-23 16:08 - 2015-08-23 16:08 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
2015-08-23 16:08 - 2015-06-18 08:41 - 00121560 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-08-23 16:08 - 2015-06-18 08:41 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-08-14 18:55 - 2015-08-14 19:55 - 09284296 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerInstaller.exe
2015-08-02 22:51 - 2015-08-02 22:51 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\Application Data\TuneUp Software
2015-08-02 22:51 - 2015-08-02 22:51 - 00000000 ____D C:\Documents and Settings\LocalService\Application Data\TuneUp Software
2015-08-01 17:34 - 2015-08-01 17:34 - 00000000 ____D C:\Documents and Settings\User\My Documents\Updater
2015-07-31 23:52 - 2015-08-22 02:18 - 00065536 _____ C:\WINDOWS\system32\config\TuneUp.evt
2015-07-31 23:50 - 2015-07-31 23:50 - 00000000 ____D C:\Documents and Settings\User\Local Settings\Application Data\TuneUp Software
2015-07-31 23:50 - 2015-07-31 23:50 - 00000000 ____D C:\Documents and Settings\User\Application Data\TuneUp Software
2015-07-31 23:48 - 2015-07-31 23:52 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\TuneUp Software
2015-07-31 23:47 - 2015-07-31 23:47 - 00000000 ____D C:\Documents and Settings\User\Application Data\RHEng
2015-07-31 21:13 - 2015-08-23 16:01 - 00000000 ____D C:\Documents and Settings\User\Desktop\Old Firefox Data
2015-07-31 21:11 - 2015-07-31 21:10 - 00161472 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStmXP.sys
2015-07-31 21:10 - 2015-07-31 21:10 - 00313472 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-07-31 21:10 - 2015-07-31 21:10 - 00043112 _____ (AVAST Software) C:\WINDOWS\avastSS.scr

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-27 20:22 - 2007-12-20 12:44 - 00000000 ____D C:\Documents and Settings\User\Local Settings\Temp
2015-08-27 20:21 - 2014-06-29 15:56 - 00000000 ____D C:\Documents and Settings\User\Desktop\FRST-OlderVersion
2015-08-27 20:21 - 2014-05-13 20:57 - 01690624 _____ (Farbar) C:\Documents and Settings\User\Desktop\FRST.exe
2015-08-27 20:21 - 2014-05-08 10:09 - 00000000 ____D C:\FRST
2015-08-27 19:55 - 2012-08-22 11:12 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-08-27 19:55 - 2007-12-20 12:43 - 00032590 _____ C:\WINDOWS\SchedLgU.Txt
2015-08-27 19:21 - 2015-03-18 02:06 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Oracle
2015-08-27 19:19 - 2008-12-31 05:06 - 01410833 _____ C:\WINDOWS\WindowsUpdate.log
2015-08-27 19:18 - 2008-03-01 15:54 - 00000000 ____D C:\Program Files\Java
2015-08-27 19:06 - 2013-12-02 23:10 - 00000000 ____D C:\Documents and Settings\User\Local Settings\Application Data\HTC MediaHub
2015-08-27 19:06 - 2013-11-05 12:11 - 00000364 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job
2015-08-27 19:06 - 2007-12-20 12:33 - 00000000 ____D C:\WINDOWS\Registration
2015-08-27 19:05 - 2007-12-30 19:38 - 00000159 _____ C:\WINDOWS\wiadebug.log
2015-08-27 19:05 - 2007-12-30 19:38 - 00000049 _____ C:\WINDOWS\wiaservc.log
2015-08-27 19:05 - 2007-12-20 12:43 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-08-27 19:04 - 2014-12-12 03:46 - 02900256 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2015-08-27 19:04 - 2007-12-20 12:44 - 00000278 ___SH C:\Documents and Settings\User\ntuser.ini
2015-08-27 19:03 - 2014-07-06 02:33 - 04935328 _____ C:\WINDOWS\{00000005-00000000-00000002-00001102-00000004-20061102}.BAK
2015-08-27 19:03 - 2014-07-06 02:32 - 04935328 _____ C:\WINDOWS\{00000005-00000000-00000002-00001102-00000004-20061102}.CDF
2015-08-27 18:26 - 2012-07-22 16:52 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-08-26 18:13 - 2012-03-17 00:57 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\DivX
2015-08-26 18:13 - 2008-03-20 16:11 - 00000000 ____D C:\Program Files\DivX
2015-08-26 18:12 - 2012-03-17 00:59 - 00000000 ____D C:\Program Files\Common Files\DivX Shared
2015-08-26 18:12 - 2008-03-20 16:11 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\DivX
2015-08-26 17:59 - 2013-08-14 02:08 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-08-26 17:34 - 2004-08-10 07:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2015-08-22 17:54 - 2007-12-23 00:25 - 00007878 __SHC C:\WINDOWS\system32\KGyGaAvL.sys
2015-08-22 17:22 - 2014-05-14 19:36 - 00714631 _____ C:\WINDOWS\setupapi.log
2015-08-22 01:12 - 2012-03-17 20:49 - 00000000 ____D C:\Documents and Settings\User\Application Data\WinPatrol
2015-08-22 01:12 - 2012-03-17 20:49 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\WinPatrol
2015-08-22 01:07 - 2012-03-17 20:49 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\InstallMate
2015-08-16 20:28 - 2010-01-16 18:17 - 00000284 _____ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2015-08-14 19:56 - 2012-07-22 17:58 - 00778440 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-08-14 19:56 - 2012-03-15 14:47 - 00142536 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-08-09 07:29 - 2015-03-17 17:48 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Package Cache
2015-08-02 23:22 - 2007-12-22 22:58 - 00205312 ____C C:\Documents and Settings\User\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-08-01 18:43 - 2010-08-02 15:23 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2286198$
2015-08-01 18:43 - 2009-10-15 18:35 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB953295$
2015-08-01 03:07 - 2013-10-24 01:12 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\TEMP
2015-08-01 02:39 - 2015-02-16 21:39 - 00000000 ____D C:\Documents and Settings\User\Application Data\HpUpdate
2015-08-01 02:39 - 2013-05-08 20:59 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\7-Zip
2015-08-01 02:39 - 2010-07-07 17:39 - 00000000 ____D C:\Documents and Settings\User\Local Settings\Application Data\Downloaded Installations
2015-07-31 21:14 - 2012-12-04 21:49 - 00158298 ____C C:\WINDOWS\Wdf01009Inst.log
2015-07-31 21:10 - 2014-05-13 14:59 - 00024016 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-07-31 21:10 - 2013-11-05 12:11 - 00788784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2015-07-31 21:10 - 2013-11-05 12:11 - 00433264 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2015-07-31 21:10 - 2013-11-05 12:11 - 00208664 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-07-31 21:10 - 2013-11-05 12:11 - 00076000 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-07-31 21:10 - 2013-11-05 12:11 - 00057888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2015-07-31 21:10 - 2013-11-05 12:11 - 00055200 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2015-07-31 21:10 - 2013-11-05 12:11 - 00049776 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-07-28 11:01 - 2007-12-20 15:07 - 129304528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Files in the root of some directories =======

2011-03-02 11:21 - 2011-03-02 11:21 - 0002528 ____C () C:\Documents and Settings\User\Application Data\$_hpcst$.hpc
2010-09-14 18:13 - 2010-12-04 01:20 - 0000965 ____C () C:\Documents and Settings\User\Application Data\BBMS_EXCEPTION.txt
2014-12-12 02:12 - 2014-12-12 02:47 - 0000077 _____ () C:\Documents and Settings\User\Application Data\Rim.Desktop.Exception.log
2014-12-12 02:10 - 2014-12-12 03:19 - 0001925 _____ () C:\Documents and Settings\User\Application Data\Rim.Desktop.HttpServerSetup.log
2014-12-12 02:12 - 2014-12-12 02:47 - 0000077 _____ () C:\Documents and Settings\User\Application Data\Rim.DesktopHelper.Exception.log
2011-08-18 13:08 - 2011-08-18 13:08 - 0206473 ____C () C:\Documents and Settings\User\Local Settings\Application Data\ars.cache
2011-08-18 13:09 - 2011-08-18 13:09 - 0223067 ____C () C:\Documents and Settings\User\Local Settings\Application Data\census.cache
2007-12-22 22:58 - 2015-08-02 23:22 - 0205312 ____C () C:\Documents and Settings\User\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2007-12-20 12:47 - 2007-12-20 12:47 - 0000127 ____C () C:\Documents and Settings\User\Local Settings\Application Data\fusioncache.dat
2011-02-01 10:46 - 2011-02-01 10:46 - 0000036 ____C () C:\Documents and Settings\User\Local Settings\Application Data\housecall.guid.cache
2007-07-13 14:36 - 2007-07-13 14:36 - 0220184 ____C ( ) C:\Documents and Settings\User\Local Settings\Application Data\Interop.Microsoft.Office.Core.dll
2014-07-14 16:59 - 2014-07-14 17:06 - 0000191 _____ () C:\Documents and Settings\User\Local Settings\Application Data\rbxcsettings.rbx
2005-12-13 17:12 - 2005-12-13 17:12 - 0016384 ____C (Microsoft Corporation) C:\Documents and Settings\User\Local Settings\Application Data\stdole.dll

Some files in TEMP:
====================
C:\Documents and Settings\User\Local Settings\Temp\DivXSetup.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP