Yea I saved both screen shots as Word files so it wouldn't let me upload them. Had a nasty message from Auslogics Malwayre this morning when I logged in, but it was mostly because I didn't clear my cache last night after being online, something I do religiously.
Anyways here are the two files. Thank you so much for going through them with me, I really wasn't looking forward to attempting a factory reset on this machine for the length of time I will be using it.
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:05-11-2015
Ran by home (administrator) on ACER-D928810BF0 (06-11-2015 20:45:49)
Running from C:\Documents and Settings\home\Desktop
Loaded Profiles: home (Available Profiles: home & Administrator)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) Language: English (United States)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ATI Technologies Inc.) C:\WINDOWS\System32\ATI2EVXX.EXE
(ATI Technologies Inc.) C:\WINDOWS\System32\ATI2EVXX.EXE
(Acer Inc.) C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avguix.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avgsvcx.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
() C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
(Microsoft Corporation) C:\WINDOWS\System32\WBEM\unsecapp.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgcsrvx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgwdsvcx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgemcx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgui.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ePower_DMC] => C:\Acer\Empowering Technology\ePower\ePower_DMC.exe [421888 2006-05-30] ()
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\Av\avgui.exe [3826600 2015-10-30] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [AvgUi] => C:\Program Files\AVG\Framework\Common\avguix.exe [1130408 2015-10-16] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll [2006-04-27] (ATI Technologies Inc.)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
BootExecute: autocheck autochk * sdnclean.exeC:\PROGRA~1\AVG\Av\avgrsx.exe /sync /restart
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 75.153.176.9
Tcpip\..\Interfaces\{F9660150-E81B-42D0-850D-AF7A2B5B319A}: [DhcpNameServer] 192.168.1.254 75.153.176.9
Internet Explorer:
==================
HKU\S-1-5-21-3344879686-2638717043-3166630987-1005\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://ca.rd.yahoo.com/customize/ycomp/defaults/sp/*hxxp://ca.yahoo.com
HKU\S-1-5-21-3344879686-2638717043-3166630987-1005\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
HKU\S-1-5-21-3344879686-2638717043-3166630987-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.ca/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems Incorporated)
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2014-08-12] (RealDownloader)
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-08-07] (Oracle Corporation)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-08-07] (Oracle Corporation)
FireFox:
========
FF ProfilePath: C:\Documents and Settings\home\Application Data\Mozilla\Firefox\Profiles\xw8srnc8.default
FF DefaultSearchEngine: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxps://ca.yahoo.com/
FF Keyword.URL: hxxps://www.google.com/search?q=
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-15] ()
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-08-07] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-08-07] (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=16.0.4.19 -> C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll [2015-09-05] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.4 -> C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2014-08-12] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.4.19 -> C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll [2015-09-05] (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 -> C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2014-08-12] (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-22] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-22] (Google Inc.)
FF Extension: Facebook Ads Block - C:\Documents and Settings\home\Application Data\Mozilla\Firefox\Profiles\xw8srnc8.default\Extensions\
[email protected] [2015-08-20]
FF Extension: Adblock Plus Pop-up Addon - C:\Documents and Settings\home\Application Data\Mozilla\Firefox\Profiles\xw8srnc8.default\Extensions\
[email protected] [2015-08-20]
FF Extension: Adblock Plus - C:\Documents and Settings\home\Application Data\Mozilla\Firefox\Profiles\xw8srnc8.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-10-12]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-11-22] [not signed]
FF HKLM\...\Firefox\Extensions: [{1B12EF76-2B5E-4DA1-B587-4762D49BFE03}] - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2015-09-05] [not signed]
Chrome:
=======
CHR HomePage: Default -> hxxps://ca.yahoo.com/
CHR StartupUrls: Default -> "hxxps://ca.yahoo.com/"
CHR DefaultSearchURL: Default -> hxxps://ca.search.yahoo.com/search?ei={inputEncoding}&fr=crmas&p={searchTerms}
CHR DefaultSearchKeyword: Default -> ca.yahoo.com
CHR DefaultSuggestURL: Default -> hxxps://ca.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command={searchTerms}
CHR Profile: C:\Documents and Settings\home\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Documents and Settings\home\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-22]
CHR Extension: (Gmail) - C:\Documents and Settings\home\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-22]
CHR Extension: (Google Drive) - C:\Documents and Settings\home\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-09-22]
CHR Extension: (Google Search) - C:\Documents and Settings\home\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-09-22]
CHR Extension: (YouTube) - C:\Documents and Settings\home\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-22]
CHR Extension: (Google Slides) - C:\Documents and Settings\home\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-22]
CHR Extension: (Google Docs Offline) - C:\Documents and Settings\home\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-22]
CHR Extension: (Google Sheets) - C:\Documents and Settings\home\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-22]
CHR Extension: (Chrome Web Store Payments) - C:\Documents and Settings\home\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-22]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AcerMemUsageCheckService; C:\Acer\Empowering Technology\ePerformance\MemCheck.exe [28672 2006-03-29] (Acer Inc.) [File not signed]
S3 AvgAMPS; C:\Program Files\AVG\Av\avgamps.exe [595376 2015-10-30] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files\AVG\Av\avgidsagent.exe [3815648 2015-10-30] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files\AVG\Framework\Common\avgsvcx.exe [862632 2015-10-16] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\Av\avgwdsvcx.exe [579776 2015-10-30] (AVG Technologies CZ, s.r.o.)
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2006-02-17] (Hewlett-Packard Company) [File not signed]
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [73728 2007-08-09] (HP) [File not signed]
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2014-08-12] ()
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [143360 2005-01-21] () [File not signed]
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
S2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 abp480n5; C:\WINDOWS\System32\DRIVERS\ABP480N5.SYS [23552 2004-08-04] (Microsoft Corporation)
R1 AFS2K; C:\WINDOWS\system32\Drivers\AFS2K.sys [43672 2009-04-11] (Oak Technology Inc.)
R1 AmdK8; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [36864 2006-05-10] (Advanced Micro Devices)
R1 Avgdiskx; C:\WINDOWS\System32\DRIVERS\avgdiskx.sys [156080 2015-08-10] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriverl; C:\WINDOWS\System32\DRIVERS\avgidsdriverlx.sys [243632 2015-10-19] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [231344 2015-08-20] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\WINDOWS\System32\DRIVERS\avgidsshimx.sys [31664 2015-08-14] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [229296 2015-10-21] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [308656 2015-08-14] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [192944 2015-10-21] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [36784 2015-08-10] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\WINDOWS\System32\DRIVERS\avgtdix.sys [231856 2015-10-08] (AVG Technologies CZ, s.r.o.)
R3 BCM43XX; C:\WINDOWS\System32\DRIVERS\bcmwl5.sys [424320 2005-11-02] (Broadcom Corporation)
R3 EMSCR; C:\WINDOWS\System32\DRIVERS\EMS7SK.sys [61056 2006-05-24] (ENE Technology Inc.)
R3 ESDCR; C:\WINDOWS\System32\DRIVERS\ESD7SK.sys [40064 2006-05-24] (ENE Technology Inc.)
R3 ESMCR; C:\WINDOWS\System32\DRIVERS\ESM7SK.sys [74752 2006-05-24] (ENE Technology Inc.)
R3 HidUsb; C:\WINDOWS\System32\DRIVERS\hidusb.sys [9600 2004-08-04] (Microsoft Corporation) [File not signed]
R3 HSFHWAZL; C:\WINDOWS\System32\DRIVERS\HSFHWAZL.sys [208384 2006-06-12] (Conexant Systems, Inc.)
R3 HSF_DPV; C:\WINDOWS\System32\DRIVERS\HSF_DPV.sys [990592 2006-06-12] (Conexant Systems, Inc.)
R2 int15; C:\WINDOWS\system32\drivers\int15.sys [69632 2006-06-02] () [File not signed]
S3 irsir; C:\WINDOWS\System32\DRIVERS\irsir.sys [18688 2001-08-17] (Microsoft Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes)
R3 NTIDrvr; C:\WINDOWS\System32\DRIVERS\NTIDrvr.sys [6144 2006-06-20] (NewTech Infosystems, Inc.) [File not signed]
S3 NuidFltr; C:\WINDOWS\System32\DRIVERS\NuidFltr.sys [14736 2009-05-09] (Microsoft Corporation)
R3 Rasirda; C:\WINDOWS\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Corporation)
S3 SMCIRDA; C:\WINDOWS\System32\DRIVERS\smcirda.sys [46592 2004-12-09] (SMSC)
R2 tvicport; C:\WINDOWS\system32\drivers\tvicport.sys [14544 2006-06-02] (EnTech Taiwan) [File not signed]
R2 zntport; C:\WINDOWS\system32\drivers\zntport.sys [6080 2006-06-02] (Zeal SoftStudio) [File not signed]
S3 catchme; \??\C:\DOCUME~1\home\LOCALS~1\Temp\catchme.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-11-06 20:45 - 2015-11-06 20:45 - 00015842 _____ C:\Documents and Settings\home\Desktop\FRST.txt
2015-11-06 20:45 - 2015-11-06 20:45 - 00000000 ____D C:\FRST
2015-11-06 20:42 - 2015-11-06 20:42 - 01702400 _____ (Farbar) C:\Documents and Settings\home\Desktop\FRST.exe
2015-11-05 02:58 - 2015-11-05 02:58 - 00000749 _____ C:\Documents and Settings\home\My Documents\Auslogics Anti-Malware.lnk
2015-11-05 02:54 - 2015-11-05 02:54 - 00004128 _____ C:\WINDOWS\INFCACHE.1
2015-11-05 02:52 - 2015-11-06 15:00 - 00000612 _____ C:\WINDOWS\Tasks\Auslogics BoostSpeed Scan and Repair.job
2015-11-02 22:49 - 2015-11-02 22:49 - 00000127 _____ C:\Documents and Settings\home\My Documents\Files named HPZ@
[email protected]
2015-11-02 00:30 - 2015-11-04 21:54 - 00000581 _____ C:\Documents and Settings\home\My Documents\AVG Protection.lnk
2015-10-29 14:58 - 2015-10-29 14:58 - 00000000 ____D C:\Documents and Settings\All Users\Foxit Software
2015-10-29 14:57 - 2015-10-29 14:57 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Foxit Reader
2015-10-24 23:32 - 2015-10-24 23:32 - 00000000 ____D C:\Documents and Settings\home\Local Settings\Temp
2015-10-16 17:05 - 2015-10-16 17:05 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Auslogics
2015-10-16 16:15 - 2015-10-16 16:55 - 00065536 _____ C:\WINDOWS\system32\config\TuneUp.evt
2015-10-16 16:15 - 2015-10-16 16:15 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\Application Data\AVG
2015-10-16 16:12 - 2015-10-16 16:12 - 00000000 ____D C:\Documents and Settings\home\Application Data\AVG
2015-10-16 16:05 - 2015-10-16 16:06 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Avg
2015-10-12 15:43 - 2015-10-12 15:43 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\BSD
2015-10-12 14:21 - 2015-10-12 14:21 - 00000000 ____D C:\Program Files\Mozilla Firefox
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-11-06 20:46 - 2015-09-01 14:25 - 01395488 _____ C:\WINDOWS\WindowsUpdate.log
2015-11-06 20:36 - 2014-01-21 10:42 - 00000420 ____H C:\WINDOWS\Tasks\User_Feed_Synchronization-{3B11F248-9E1D-4583-9DDA-3BBA1F0533B1}.job
2015-11-05 03:46 - 2008-12-04 12:50 - 00002479 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Word.lnk
2015-11-05 02:54 - 2006-06-20 13:26 - 00000686 _____ C:\WINDOWS\win.ini
2015-11-02 22:43 - 2015-09-01 14:25 - 00000157 ____N C:\WINDOWS\wiadebug.log
2015-11-02 22:43 - 2006-06-20 15:15 - 00001158 _____ C:\WINDOWS\system32\wpa.dbl
2015-11-02 22:41 - 2006-06-20 15:16 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-02 22:39 - 2015-09-01 14:25 - 00000049 ____N C:\WINDOWS\wiaservc.log
2015-11-02 22:39 - 2015-08-23 17:55 - 00032588 ____N C:\WINDOWS\SchedLgU.Txt
2015-11-02 22:39 - 2008-11-12 18:49 - 00000178 ___SH C:\Documents and Settings\home\ntuser.ini
2015-11-02 22:39 - 2006-06-20 14:07 - 00524288 _____ C:\WINDOWS\system32\config\ACEEvent.evt
2015-11-01 22:47 - 2006-06-20 14:49 - 00209696 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-10-30 15:47 - 2015-08-06 15:06 - 00017920 ___SH C:\Documents and Settings\home\My Documents\Thumbs.db
2015-10-25 23:48 - 2015-09-22 20:53 - 00001721 _____ C:\Documents and Settings\home\My Documents\Google Chrome.lnk
2015-10-21 17:24 - 2015-06-16 15:54 - 00229296 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgldx86.sys
2015-10-21 17:14 - 2015-07-28 11:02 - 00192944 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgmfx86.sys
2015-10-19 09:06 - 2015-07-28 11:02 - 00243632 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidsdriverlx.sys
2015-10-16 16:51 - 2015-09-22 20:51 - 00000882 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-16 16:51 - 2015-09-22 20:51 - 00000878 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-16 16:51 - 2015-09-19 20:55 - 00000644 _____ C:\WINDOWS\Tasks\Check for updates (Spybot - Search & Destroy).job
2015-10-16 16:51 - 2015-09-19 20:55 - 00000616 _____ C:\WINDOWS\Tasks\Refresh immunization (Spybot - Search & Destroy).job
2015-10-16 16:51 - 2015-09-19 20:55 - 00000446 _____ C:\WINDOWS\Tasks\Scan the system (Spybot - Search & Destroy).job
2015-10-16 16:51 - 2015-09-02 18:32 - 00000284 _____ C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3344879686-2638717043-3166630987-1005.job
2015-10-16 16:51 - 2015-09-02 18:32 - 00000276 _____ C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3344879686-2638717043-3166630987-1005.job
2015-10-16 14:02 - 2015-08-18 23:02 - 00170200 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-10-16 12:39 - 2015-09-30 14:53 - 00098980 _____ C:\Documents and Settings\home\DINWebPro-Medium.eot
2015-10-16 12:39 - 2015-09-30 14:53 - 00004846 _____ C:\Documents and Settings\home\style.css
2015-10-16 12:39 - 2015-09-30 14:53 - 00001032 _____ C:\Documents and Settings\home\index.htm
2015-10-08 08:48 - 2015-05-12 14:46 - 00231856 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgtdix.sys
==================== Files in the root of some directories =======
2014-01-21 12:34 - 2014-01-21 12:34 - 0000127 _____ () C:\Documents and Settings\home\Local Settings\Application Data\fusioncache.dat
2015-08-07 19:59 - 2015-09-05 13:16 - 0009216 _____ () C:\Documents and Settings\home\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-08-09 21:51 - 2015-08-09 21:51 - 0005914 _____ () C:\Documents and Settings\home\Local Settings\Application Data\HWVendorDetection.log
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version:05-11-2015
Ran by home (2015-11-06 20:47:02)
Running from C:\Documents and Settings\home\Desktop
Microsoft Windows XP Professional Service Pack 3 (X86) (2008-11-13 02:48:52)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3344879686-2638717043-3166630987-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
ASPNET (S-1-5-21-3344879686-2638717043-3166630987-1003 - Limited - Enabled)
Guest (S-1-5-21-3344879686-2638717043-3166630987-501 - Limited - Enabled)
HelpAssistant (S-1-5-21-3344879686-2638717043-3166630987-1004 - Limited - Disabled)
home (S-1-5-21-3344879686-2638717043-3166630987-1005 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\home
SUPPORT_388945a0 (S-1-5-21-3344879686-2638717043-3166630987-1002 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: AVG AntiVirus Free Edition (Enabled - Up to date) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Acer Empowering Technology (HKLM\...\{AB6097D9-D722-4987-BD9E-A076E2848EE2}) (Version: 2.03.2024 - Acer)
Acer ePerformance Management (HKLM\...\{7057702F-6D71-4F30-8000-9E72BC771887}) (Version: 2.00.2007 - Acer)
Acer ePower Management (HKLM\...\{58E5844B-7CE2-413D-83D1-99294BF6C74F}) (Version: 2.00.2016a - )
Acer eSettings Management (HKLM\...\{1F2C8256-2773-46C7-9ABA-3E39C24ABB51}) (Version: 2.03.2017 - Acer)
Adobe Flash Player 12 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 12.0.0.54 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
ATI - Software Uninstall Utility (HKLM\...\All ATI Software) (Version: 6.14.10.1014 - )
ATI Catalyst Control Center (HKLM\...\{79B05AF4-8894-49A1-9FF4-53F0142D85E1}) (Version: 1.2.2308.14812 - )
ATI Display Driver (HKLM\...\ATI Display Driver) (Version: 8.251-060427a-034514C-Acer - )
Auslogics Anti-Malware (HKLM\...\{A5A6F7C9-F91E-45C7-8DAA-289CBB0C817D}_is1) (Version: 1.6.0.0 - Auslogics Labs Pty Ltd)
Auslogics BoostSpeed 8 (HKLM\...\{7216871F-869E-437C-B9BF-2A13F2DCE63F}_is1) (Version: 8.1.0.0 - Auslogics Labs Pty Ltd)
Auslogics DiskDefrag (HKLM\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 6.0.2.0 - Auslogics Labs Pty Ltd)
AVG (Version: 16.7.7227 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4457 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.7.7227 - AVG Technologies)
CCleaner (HKLM\...\CCleaner) (Version: 5.11 - Piriform)
Destinations (Version: 70.0.170.000 - Hewlett-Packard) Hidden
DocProc (Version: 7.0.0.0 - Hewlett-Packard) Hidden
FMW 1 (Version: 1.22.2 - AVG Technologies) Hidden
Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 7.2.2.929 - Foxit Software Inc.)
Google Chrome (HKLM\...\Google Chrome) (Version: 46.0.2490.80 - Google Inc.)
Google Update Helper (Version: 1.3.28.15 - Google Inc.) Hidden
HPPhotoSmartExpress (Version: 70.0.170.000 - Hewlett-Packard) Hidden
InstantShareAlert (Version: 1.00.0000 - HP) Hidden
InstantShareDevicesMFC (Version: 70.0.170.000 - Hewlett-Packard) Hidden
Java 8 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
LightScribe 1.4.74.1 (Version: 1.4.74.1 - hxxp://www.lightscribe.com) Hidden
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 1.1 (HKLM\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft Office 2000 Premium (HKLM\...\{00000409-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.2720 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 41.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 41.0.1 (x86 en-US)) (Version: 41.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 41.0.1.5750 - Mozilla)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
PanoStandAlone (Version: 70.0.170.000 - Hewlett-Packard) Hidden
PhotoScape (HKLM\...\PhotoScape) (Version: - )
PokerStars.net (HKLM\...\PokerStars.net) (Version: - PokerStars.net)
RealDownloader (Version: 1.3.4 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.5273 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
ScannerCopy (Version: 7.0.0.0 - Hewlett-Packard) Hidden
SMSC IrCC V5.1.3600.7 (HKLM\...\{F1B8DB67-D30E-4FF9-A85F-3CEE51825AA2}) (Version: r1.02 - )
Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_PCI_VEN_14F1&DEV_2BFA&SUBSYS_1025009F) (Version: - )
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Status (Version: 70.0.170.000 - Hewlett-Packard) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 8.2.19.0 - Synaptics)
Toolbox (Version: 70.0.170.000 - Hewlett-Packard) Hidden
TrayApp (Version: 70.0.170.000 - Hewlett-Packard) Hidden
Unload (Version: 7.0.0 - Hewlett-Packard) Hidden
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
WebReg (Version: 70.0.170.000 - Hewlett-Packard) Hidden
Windows 7 Upgrade Advisor (HKLM\...\{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}) (Version: 2.0.5000.0 - Microsoft Corporation)
Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (04/28/2006 1.3.1.0) (HKLM\...\9E140F48C9836B9B78539C08FB2B17146BDB3F65) (Version: 04/28/2006 1.3.1.0 - Advanced Micro Devices)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - )
WinRAR 5.21 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Restore Points =========================
03-09-2015 22:56:50 System Checkpoint
05-09-2015 10:54:02 System Checkpoint
06-09-2015 15:21:09 Installed AVG 2015
06-09-2015 15:22:54 Removed AVG 2015
09-09-2015 02:33:56 System Checkpoint
10-09-2015 18:36:46 System Checkpoint
17-09-2015 12:49:53 System Checkpoint
18-09-2015 14:39:14 System Checkpoint
20-09-2015 13:39:58 System Checkpoint
23-09-2015 00:38:52 System Checkpoint
29-09-2015 10:23:12 System Checkpoint
01-10-2015 20:31:42 System Checkpoint
07-10-2015 20:52:40 System Checkpoint
15-10-2015 00:07:43 System Checkpoint
16-10-2015 12:24:20 System Checkpoint
20-10-2015 05:22:59 System Checkpoint
21-10-2015 12:23:52 System Checkpoint
29-10-2015 13:58:47 Printer Driver Foxit Reader PDF Printer Driver Installed
01-11-2015 23:09:36 Installed AVG 2016
01-11-2015 23:11:48 Removed AVG 2015
01-11-2015 23:33:21 Installed AVG
02-11-2015 00:25:54 Installed AVG
02-11-2015 00:35:44 Removed AVG 2015
04-11-2015 23:26:37 System Checkpoint
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2004-08-04 05:00 - 2004-08-04 05:00 - 00000734 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3344879686-2638717043-3166630987-1005.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3344879686-2638717043-3166630987-1005.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\Auslogics BoostSpeed Scan and Repair.job => C:\WINDOWS\system32\rundll32.exeFTaskSchedulerHelper.dll,RunTask BoostSpeed.exe
Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{3B11F248-9E1D-4583-9DDA-3BBA1F0533B1}.job => C:\WINDOWS\system32\msfeedssync.exe
Task: C:\WINDOWS\Tasks\Check for updates (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
Task: C:\WINDOWS\Tasks\Refresh immunization (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe
Task: C:\WINDOWS\Tasks\Scan the system (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2008-11-12 18:52 - 2005-10-11 13:18 - 00028672 _____ () C:\Acer\Empowering Technology\ePower\SysHook.dll
2005-10-19 10:17 - 2005-10-19 10:17 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\atiacmxx.dll
2015-08-09 14:05 - 2015-08-09 14:05 - 03289088 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_7511b2f2\mscorlib.dll
2015-08-09 14:05 - 2015-08-09 14:05 - 01929216 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_103bcdb3\system.dll
2015-11-02 00:17 - 2015-11-02 00:17 - 40500224 _____ () C:\Program Files\AVG\UiDll\2171\libcef.dll
2014-08-12 11:34 - 2014-08-12 11:34 - 00039056 _____ () C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
2005-01-21 19:37 - 2005-01-21 19:37 - 00143360 ____N () C:\Program Files\CyberLink\Shared Files\RichVideo.exe
2015-09-19 20:54 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-09-19 20:54 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
2015-09-19 20:54 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-09-19 20:54 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll
2015-09-19 20:54 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2008-11-12 18:52 - 2006-05-30 12:11 - 00421888 _____ () C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
2015-08-09 14:05 - 2015-08-09 14:05 - 02994176 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_4d92b817\system.windows.forms.dll
2015-08-09 14:05 - 2015-08-09 14:05 - 00835584 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_0469f7da\system.drawing.dll
2008-11-12 18:52 - 2005-10-20 17:20 - 00208896 _____ () C:\Acer\Empowering Technology\ePower\DialogDLL.dll
==================== Alternate Data Streams (Whitelisted) =========
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3344879686-2638717043-3166630987-1005\Control Panel\Desktop\\Wallpaper -> C:\Documents and Settings\home\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
DNS Servers: 192.168.1.254 - 75.153.176.9
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Acer Empowering Technology.lnk => C:\WINDOWS\pss\Acer Empowering Technology.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk => C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Photosmart Premier Fast Start.lnk => C:\WINDOWS\pss\HP Photosmart Premier Fast Start.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk => C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup
MSCONFIG\startupreg: Acer ePresentation HPD => C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
MSCONFIG\startupreg: ATICCC => "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
MSCONFIG\startupreg: AzMixerSel => C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
MSCONFIG\startupreg: Boot => C:\Acer\Empowering Technology\ePower\Boot.exe
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: ContentTransferWMDetector.exe => C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe
MSCONFIG\startupreg: ctfmon.exe => C:\WINDOWS\system32\ctfmon.exe
MSCONFIG\startupreg: ePower_DMC => C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
MSCONFIG\startupreg: MSC => "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
MSCONFIG\startupreg: ntiMUI => C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
MSCONFIG\startupreg: RTHDCPL => RTHDCPL.EXE
MSCONFIG\startupreg: SDTray => "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SynTPEnh => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
MSCONFIG\startupreg: TkBellExe => "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
StandardProfile\AuthorizedApplications: [D:\setup\HPZNET01.EXE] => Enabled:hpznet01.exe
StandardProfile\AuthorizedApplications: [D:\setup\HPONICIFS01.EXE] => Enabled:hponicifs01.exe
StandardProfile\AuthorizedApplications: [C:\Documents and Settings\home\Application Data\uTorrent\uTorrent.exe] => Enabled:µTorrent (home)
StandardProfile\AuthorizedApplications: [C:\Program Files\AVG\AVG2015\avgmfapx.exe] => Enabled:AVG Installer
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
StandardProfile\AuthorizedApplications: [C:\Program Files\Google\Chrome\Application\chrome.exe] => Enabled:Google Chrome
StandardProfile\AuthorizedApplications: [C:\Program Files\Mozilla Firefox\firefox.exe] => Enabled:Firefox (C:\Program Files\Mozilla Firefox)
StandardProfile\AuthorizedApplications: [C:\Program Files\AVG\Av\avgmfapx.exe] => Enabled:AVG Installer
StandardProfile\AuthorizedApplications: [C:\Program Files\AVG\Av\avgnsx.exe] => Enabled:Online Shield
StandardProfile\AuthorizedApplications: [C:\Program Files\AVG\Av\avgdiagex.exe] => Enabled:AVG Diagnostics
StandardProfile\AuthorizedApplications: [C:\Program Files\AVG\Av\avgemcx.exe] => Enabled:Personal Email Scanner
DomainProfile\GloballyOpenPorts: [139:TCP] => Enabled:@xpsp2res.dll,-22004
DomainProfile\GloballyOpenPorts: [445:TCP] => Enabled:@xpsp2res.dll,-22005
DomainProfile\GloballyOpenPorts: [137:UDP] => Enabled:@xpsp2res.dll,-22001
DomainProfile\GloballyOpenPorts: [138:UDP] => Enabled:@xpsp2res.dll,-22002
StandardProfile\GloballyOpenPorts: [1900:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22007
StandardProfile\GloballyOpenPorts: [2869:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22008
StandardProfile\GloballyOpenPorts: [139:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22004
StandardProfile\GloballyOpenPorts: [445:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22005
StandardProfile\GloballyOpenPorts: [137:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22001
StandardProfile\GloballyOpenPorts: [138:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22002
==================== Faulty Device Manager Devices =============
Name: Realtek RTL8139/810x Family Fast Ethernet NIC
Description: Realtek RTL8139/810x Family Fast Ethernet NIC
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Realtek Semiconductor Corp.
Service: RTL8023xp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (11/02/2015 10:42:00 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Unable to open the Server service. Server performance data
will not be returned. Error code returned is in data DWORD 0.
Error: (11/02/2015 12:41:12 AM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Unable to open the Server service. Server performance data
will not be returned. Error code returned is in data DWORD 0.
Error: (11/02/2015 12:09:24 AM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Unable to open the Server service. Server performance data
will not be returned. Error code returned is in data DWORD 0.
Error: (11/01/2015 11:41:54 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Unable to open the Server service. Server performance data
will not be returned. Error code returned is in data DWORD 0.
Error: (11/01/2015 11:29:27 PM) (Source: MsiInstaller) (EventID: 10005) (User: ACER-D928810BF0)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG -- Error 27046. CA_Error27046: DriverInstallation(0xA0010004): Driver installation failed
Error: (11/01/2015 11:29:27 PM) (Source: MsiInstaller) (EventID: 10005) (User: ACER-D928810BF0)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG -- Error 27046. CA_Error27046: DriverInstallationFun(0xA0010004): Driver installation failed
Error: (11/01/2015 10:48:03 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Unable to open the Server service. Server performance data
will not be returned. Error code returned is in data DWORD 0.
Error: (10/24/2015 10:31:45 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Unable to open the Server service. Server performance data
will not be returned. Error code returned is in data DWORD 0.
Error: (10/22/2015 11:51:12 AM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Unable to open the Server service. Server performance data
will not be returned. Error code returned is in data DWORD 0.
Error: (10/20/2015 05:13:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application ccleaner.exe, version 5.10.0.5373, faulting module unknown, version 0.0.0.0, fault address 0x02eaad10.
Processing media-specific event for [ccleaner.exe!ws!]
System errors:
=============
Error: (11/04/2015 09:50:31 PM) (Source: Dhcp) (EventID: 1000) (User: )
Description: Your computer has lost the lease to its IP address 192.168.1.67 on the
Network Card with network address 00197E07DB72.
Error: (11/03/2015 02:05:58 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Spybot-S&D 2 Updating Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
Error: (11/03/2015 12:23:54 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Spybot-S&D 2 Updating Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
Error: (11/02/2015 10:44:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Pml Driver HPZ12 service terminated unexpectedly. It has done this 1 time(s).
Error: (11/02/2015 10:44:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Spybot-S&D 2 Updating Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
Error: (11/02/2015 10:43:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Spybot-S&D 2 Security Center Service service failed to start due to the following error:
%%1053
Error: (11/02/2015 10:43:20 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Timeout (30000 milliseconds) waiting for the Spybot-S&D 2 Security Center Service service to connect.
Error: (11/02/2015 01:26:43 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Pml Driver HPZ12 service terminated unexpectedly. It has done this 1 time(s).
Error: (11/02/2015 12:42:31 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Spybot-S&D 2 Security Center Service service failed to start due to the following error:
%%1053
Error: (11/02/2015 12:42:31 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Timeout (30000 milliseconds) waiting for the Spybot-S&D 2 Security Center Service service to connect.
==================== Memory info ===========================
Processor: AMD Turion 64 Mobile Technology MK-38
Percentage of memory in use: 42%
Total physical RAM: 1790.1 MB
Available physical RAM: 1033 MB
Total Virtual: 3427.08 MB
Available Virtual: 2740.29 MB
==================== Drives ================================
Drive c: (ACER) (Fixed) (Total:93.13 GB) (Free:74.2 GB) FAT32 ==>[drive with boot components (Windows XP)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 93.2 GB) (Disk ID: 5EA4F703)
Partition 1: (Active) - (Size=93.2 GB) - (Type=0C)
==================== End of Addition.txt ============================
Edited by dolface755, 06 November 2015 - 10:52 PM.