Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Having computer trouble ... again >_> help please, hi everyone


  • Please log in to reply

#1
Paulos

Paulos

    Member

  • Member
  • PipPip
  • 24 posts

Hi :\ I have a computer trouble, yet again... I don't know what to do, I've run the computer's scan disk, a defrag, disk cleanup, and no matter what Windows Media Player refuses to load any movies/videos I have, and the computer is running slower than ever. I have a Optiplex GX620 Computer Windows XP but I am not sure ... does anyone have suggestions on what to do when something like this could ever come up? I am completely stuck at this point :\ Malwarebytes Anti-Malware ran and found 101 threats and got rid of them but it's still doing this ... help please :\ Youtube still works for example on Firefox! I have no clue :\ thank you.


  • 0

Advertisements


#2
admin

admin

    Founder Geek

  • Administrator
  • 24,540 posts
Posting for rkinner as a result of a server issue:

+++++++++++++++++++++++++++++++++++++++++++++++++++

Download : ADWCleaner to your desktop.  Make sure you get the correct Download button.  Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @BleepingComputer
 
NOTE: If using Internet Explorer and you get an alert that stops the program downloading, click on the warning and allow the download to complete.
 
Close  all programs, pause your anti-virus and run AdwCleaner (Vista or Win 7 => right click and Run As Administrator).
 
scan-results.jpg
 
Click on Scan  and follow the prompts. Let it run unhindered. When done, click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy & Paste this report on your next reply.
 
The report will be saved in the C:\AdwCleaner folder.
 
 
 
Junkware-Removal-Tool
 
Please download Junkware Removal Tool to your desktop.  Make sure you get the correct Download button.  Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @Author's site
  • Pause your anti-virus.  Close all browsers.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Please download Farbar Recovery Scan Tool and save it to your Desktop. 
 
Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer. 
  • Press Scan button. 
  • It will produce a log called FRST.txt in the same directory the tool is run from.  
  • Please copy and paste log back here. 
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply. 
Have you tried VLC?  Works a lot better than MMP and seldom complains that it doesn't have a codec.
 
http://www.videolan.org/vlc/index.html
  • 0

#3
Paulos

Paulos

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts

I ran those three programs ... but Windows MEdia Player still refuses to open... You said to post the log of what the Farbar Recovery Scan Tool resulted ... uh... here it is.

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version:21-02-2016 01
Ran by New (2016-02-23 07:27:54)
Running from C:\Documents and Settings\New\My Documents\Downloads
Microsoft Windows XP Professional Service Pack 3 (X86) (2012-01-18 19:00:58)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-854245398-1336601894-1177238915-500 - Administrator - Enabled)
Guest (S-1-5-21-854245398-1336601894-1177238915-501 - Limited - Disabled)
HelpAssistant (S-1-5-21-854245398-1336601894-1177238915-1000 - Limited - Disabled)
IUSR_NEW-C38666AC652 (S-1-5-21-854245398-1336601894-1177238915-1005 - Limited - Enabled)
IWAM_NEW-C38666AC652 (S-1-5-21-854245398-1336601894-1177238915-1006 - Limited - Enabled)
New (S-1-5-21-854245398-1336601894-1177238915-1003 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\New
SUPPORT_388945a0 (S-1-5-21-854245398-1336601894-1177238915-1002 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Ad-Aware Antivirus (Disabled - Out of date) {22CB8761-914A-11CF-B705-00AA0062CBB7}
AV: avast! Antivirus (Disabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: Ad-Aware Firewall (Disabled) {9211320F-6C40-4035-BBDE-3C96ED504F33}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Ad-Aware Antivirus (HKLM\...\{FC9BDF23-3AF3-4F4B-B549-E7D5259736F1}_AdAwareUpdater) (Version: 11.8.586.8535 - Lavasoft)
AdAwareInstaller (Version: 11.8.586.8535 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.8.586.8535 - Lavasoft) Hidden
Adobe Flash Player 18 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
AIM 7 (HKLM\...\AIM_7) (Version:  - )
AntimalwareEngine (Version: 3.0.98.0 - Lavasoft) Hidden
AOL Instant Messenger (HKLM\...\AOL Instant Messenger) (Version:  - )
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVG (HKLM\...\AvgZen) (Version: 1.41.1.56922 - AVG Technologies)
AVG 2016 (Version: 16.0.4533 - AVG Technologies) Hidden
AVG Zen (Version: 1.41.29 - AVG Technologies) Hidden
BitComet 1.36 (HKLM\...\BitComet) (Version: 1.36 - CometNetwork)
Broadcom Gigabit Integrated Controller (HKLM\...\{B7F54262-AB66-44B3-88BF-9FC69941B643}) (Version: 8.10.07 - Broadcom Corporation)
Diablo II (HKLM\...\Diablo II) (Version:  - )
Dragon Raja Global (HKLM\...\Dragon Raja Global) (Version: 1.65.0.0 - Mistralis)
Elsword version v5.0909.6.1 (HKLM\...\{E655DDFC-24DB-4FC3-8474-271E911309B4}_is1) (Version: v5.0909.6.1 - KOGGAMES)
Façade (HKLM\...\{24E34264-D483-477C-A9A0-4E53F69834CF}) (Version: 1.1.2 - Procedural Arts)
FMW 1 (Version: 1.52.1 - AVG Technologies) Hidden
Hero Editor V0.96 (HKLM\...\ST6UNST #1) (Version:  - )
Hero Editor V1.03 (HKLM\...\ST6UNST #2) (Version:  - )
Heroes of Might and Magic III Complete (HKLM\...\Heroes of Might and Magic III Complete) (Version:  - )
Hex Workshop v6.8 (HKLM\...\{A36AC685-4435-4C16-861F-221231DE165D}) (Version: 6.8.0.5419 - BreakPoint Software)
ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel® Graphics Media Accelerator Driver (HKLM\...\{8A708DD8-A5E6-11D4-A706-000629E95E20}) (Version: 6.14.10.4410 - )
iSkysoft Video Editor(Build 4.7.1) (HKLM\...\iSkysoft Video Editor_is1) (Version:  - iSkysoft Software)
Itibiti RTC (Version: 0.0.1 - Itibiti Inc) Hidden
Java 8 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
Java 8 Update 73 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version:  - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Age of Empires Gold (HKLM\...\Age of Empires Gold 1.0) (Version:  - )
Microsoft Age of Empires II (HKLM\...\Age of Empires 2.0) (Version:  - )
Microsoft Age of Empires II: The Conquerors Expansion (HKLM\...\Age of Empires II: The Conquerors Expansion 1.0) (Version:  - )
Microsoft Base Smart Card Cryptographic Service Provider Package (HKLM\...\KB909520) (Version:  - Microsoft Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version:  - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 44.0.2 (x86 en-US) (HKLM\...\Mozilla Firefox 44.0.2 (x86 en-US)) (Version: 44.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 44.0.2.5884 - Mozilla)
QuickTime (HKLM\...\{0E64B098-8018-4256-BA23-C316A43AD9B0}) (Version: 7.72.80.56 - Apple Inc.)
Ralink RT2870 Wireless LAN Card (HKLM\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}) (Version: 1.5.12.0 - Ralink)
Realtek AC'97 Audio (HKLM\...\{FB08F381-6533-4108-B7DD-039E11FBC27E}) (Version: 5.33 - Realtek Semiconductor Corp.)
Seven Kingdoms AA (HKLM\...\Seven Kingdoms AA) (Version:  - )
Seven Kingdoms II (HKLM\...\Seven Kingdoms II) (Version:  - )
SoundMAX (HKLM\...\{F0A37341-D692-11D4-A984-009027EC0A9C}) (Version: 5.12.01.5246 - Analog Devices)
The Sims 2 (HKLM\...\{8AB8D458-939E-403F-0097-9BA1C1F013D5}) (Version:  - )
The Sims 2 Nightlife (HKLM\...\{F7529650-B9DB-481B-0089-A2AC3C2821C1}) (Version:  - )
The Sims 2 University (HKLM\...\{8FD3F4BA-A4A6-4380-00A6-CC6853AB2DC2}) (Version:  - )
The Sims™ 2 Seasons (HKLM\...\{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}) (Version:  - )
Unity Web Player (HKU\S-1-5-21-854245398-1336601894-1177238915-1003\...\UnityWebPlayer) (Version: 5.1.3f1 - Unity Technologies ApS)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray (HKLM\...\KB952011) (Version: 1.0 - Microsoft Corporation)
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version:  - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Management Framework Core (HKLM\...\KB968930) (Version:  - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version:  - )
Windows Search 4.0 (HKLM\...\KB940157) (Version: 04.00.6001.503 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-854245398-1336601894-1177238915-1003_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Documents and Settings\New\Local Settings\Application Data\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-854245398-1336601894-1177238915-1003_Classes\CLSID\{62BE5D10-60EB-11d0-BD3B-00A0C911CE86}\InprocServer32 -> C:\Documents and Settings\New\Application Data\denaf\esgen.dll => No File

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\jx1plgvedP1bSwCZzFu9Zx4h.job => C:\Documents and Settings\New\Application Data\jx1plgvedP1bSwCZzFu9Zx4h.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\klcp_update.job => CMD /C sc create KLCPU binPath CMD /V /C SET \FILE \ ProgramFiles \ Lite Codec Pack Tools CodecTweakTool exe\\ IF EXIST FILE START \CTT\ FILE /verysilent /update /freq 30 type own type interact net start KLCPU sc delete KLCPU CMD New
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Run Tasks.job => C:\Program Files\user extensions\Tasks.exe <==== ATTENTION

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2014-02-04 14:36 - 2013-03-06 10:35 - 07197648 _____ () C:\Program Files\K-Lite Codec Pack\Icaros\avcodec-ics-54.dll
2014-02-04 14:36 - 2013-03-06 10:35 - 00246909 _____ () C:\Program Files\K-Lite Codec Pack\Icaros\avutil-ics-52.dll
2014-02-04 14:36 - 2013-03-06 10:35 - 00963069 _____ () C:\Program Files\K-Lite Codec Pack\Icaros\avformat-ics-54.dll
2014-02-04 14:36 - 2013-03-06 10:35 - 00393273 _____ () C:\Program Files\K-Lite Codec Pack\Icaros\swscale-ics-2.dll
2015-08-27 14:56 - 2015-08-27 14:56 - 02595576 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\AdAwareShellExtension.dll
2015-08-27 14:56 - 2015-08-27 14:56 - 02372816 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\RCF.dll
2015-08-27 14:56 - 2015-08-27 14:56 - 00108808 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\boost_filesystem-vc120-mt-1_57.dll
2015-08-27 14:56 - 2015-08-27 14:56 - 00023296 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\boost_system-vc120-mt-1_57.dll
2015-07-28 15:36 - 2008-09-16 20:18 - 00132608 _____ () C:\Program Files\WinRAR\rarext.dll
2008-04-14 01:00 - 2013-01-02 00:49 - 01292288 _____ () C:\WINDOWS\system32\quartz.dll
2015-10-20 07:17 - 2015-10-20 07:17 - 17599688 _____ () C:\WINDOWS\system32\Macromed\Flash\NPSWF32_19_0_0_226.dll
2015-07-28 11:24 - 2005-07-21 12:52 - 00110592 _____ () C:\Program Files\AIM Original\AIM_xmlp.dll
2015-07-28 11:24 - 2005-07-21 12:52 - 00013312 _____ () C:\Program Files\AIM Original\oscres.dll
2015-07-28 11:24 - 2005-06-16 16:46 - 00081920 _____ () C:\Program Files\AIM Original\AIMToday.dll
2015-07-28 11:24 - 2004-05-18 16:55 - 00053248 _____ () C:\Program Files\AIM Original\xmlparse.dll
2015-07-28 11:24 - 2004-05-18 16:55 - 00081920 _____ () C:\Program Files\AIM Original\xmltok.dll
2015-07-28 11:24 - 2005-07-21 12:54 - 00106496 _____ () C:\Program Files\AIM Original\AIMAX.dll
2015-07-28 11:24 - 2005-07-21 12:58 - 00006656 _____ () C:\Program Files\AIM Original\stats.ocm
2015-07-28 11:24 - 2004-08-18 12:56 - 00176128 _____ () C:\Program Files\AIM Original\nssckbi.dll
2015-07-28 11:24 - 2005-07-21 12:53 - 00229376 _____ () C:\Program Files\AIM Original\inetsocket.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-854245398-1336601894-1177238915-1003\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-854245398-1336601894-1177238915-1003\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2008-04-14 01:00 - 2008-04-14 01:00 - 00000734 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-854245398-1336601894-1177238915-1003\Control Panel\Desktop\\Wallpaper -> C:\Documents and Settings\New\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
DNS Servers: 204.186.110.114 - 216.144.187.199
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\WINDOWS\pss\McAfee Security Scan Plus.lnkCommon Startup
MSCONFIG\startupreg: AdAwareTray => "C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\AdAwareTray.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: AvastUI.exe => "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
MSCONFIG\startupreg: AvgUi => "C:\Program Files\AVG\Framework\Common\avguirnx.exe" /lps=fmw
MSCONFIG\startupreg: ctfmon.exe => C:\WINDOWS\system32\ctfmon.exe
MSCONFIG\startupreg: DriverToolkit => "C:\Program Files\DriverToolkit\DriverToolkit.exe" --autorun
MSCONFIG\startupreg: igfxhkcmd => C:\WINDOWS\system32\hkcmd.exe
MSCONFIG\startupreg: igfxpers => C:\WINDOWS\system32\igfxpers.exe
MSCONFIG\startupreg: igfxtray => C:\WINDOWS\system32\igfxtray.exe
MSCONFIG\startupreg: iSkysoft Helper Compact.exe => C:\Program Files\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
MSCONFIG\startupreg: KernelFaultCheck => %systemroot%\system32\dumprep 0 -k
MSCONFIG\startupreg: MSC => "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
MSCONFIG\startupreg: Phone Dialer Pro => "c:\program files\phone dialer pro\phonepro.exe" /min
MSCONFIG\startupreg: ProPCCleaner => C:\Program Files\Pro PC Cleaner\ProPCCleaner.exe true
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RoxioDragToDisc => "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SoundMAXPnP => C:\Program Files\Analog Devices\Core\smax4pnp.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

DomainProfile\AuthorizedApplications: [C:\Documents and Settings\All Users\Application Data\EroBisis\onuaci.exe] => Enabled:huyjuooe
StandardProfile\AuthorizedApplications: [C:\Program Files\AIM7\aim.exe] => Enabled:AIM
StandardProfile\AuthorizedApplications: [C:\Documents and Settings\All Users\Application Data\EroBisis\onuaci.exe] => Enabled:huyjuooe
StandardProfile\AuthorizedApplications: [C:\Program Files\BitComet\BitComet.exe] => Enabled:BitComet.exe
StandardProfile\AuthorizedApplications: [C:\WINDOWS\TEMP\4fnoihfhd.exe] => Enabled:Policy
StandardProfile\AuthorizedApplications: [C:\Program Files\Crossbrowse\Crossbrowse\Application\crossbrowse.exe] => Enabled:Crossbrowse
StandardProfile\AuthorizedApplications: [C:\Program Files\Mozilla Firefox\firefox.exe] => Enabled:Firefox (C:\Program Files\Mozilla Firefox)
StandardProfile\GloballyOpenPorts: [5985:TCP] => Disabled:Windows Remote Management
StandardProfile\GloballyOpenPorts: [80:TCP] => Disabled:Windows Remote Management - Compatibility Mode (HTTP-In)
StandardProfile\GloballyOpenPorts: [1900:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22007
StandardProfile\GloballyOpenPorts: [2869:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22008
StandardProfile\GloballyOpenPorts: [139:TCP] => :LocalSubNet:Disabled:@xpsp2res.dll,-22004
StandardProfile\GloballyOpenPorts: [445:TCP] => :LocalSubNet:Disabled:@xpsp2res.dll,-22005
StandardProfile\GloballyOpenPorts: [137:UDP] => :LocalSubNet:Disabled:@xpsp2res.dll,-22001
StandardProfile\GloballyOpenPorts: [138:UDP] => :LocalSubNet:Disabled:@xpsp2res.dll,-22002
StandardProfile\GloballyOpenPorts: [19935:TCP] => Enabled:BitComet 19935 TCP
StandardProfile\GloballyOpenPorts: [19935:UDP] => Enabled:BitComet 19935 UDP
StandardProfile\GloballyOpenPorts: [6881:TCP] => Enabled:Policy

==================== Restore Points =========================

25-11-2015 12:43:59 System Checkpoint
26-11-2015 14:26:17 System Checkpoint
27-11-2015 15:20:21 System Checkpoint
28-11-2015 16:37:50 System Checkpoint
29-11-2015 16:38:45 System Checkpoint
30-11-2015 22:04:34 System Checkpoint
01-12-2015 23:47:09 System Checkpoint
03-12-2015 00:26:53 System Checkpoint
04-12-2015 01:26:51 System Checkpoint
05-12-2015 02:26:51 System Checkpoint
06-12-2015 03:26:53 System Checkpoint
07-12-2015 03:38:51 System Checkpoint
08-12-2015 04:26:51 System Checkpoint
09-12-2015 04:43:47 System Checkpoint
09-12-2015 10:00:17 Software Distribution Service 3.0
10-12-2015 13:51:38 System Checkpoint
11-12-2015 15:39:30 System Checkpoint
12-12-2015 16:11:40 System Checkpoint
13-12-2015 16:23:29 System Checkpoint
14-12-2015 16:57:09 System Checkpoint
15-12-2015 19:46:58 System Checkpoint
16-12-2015 20:07:18 System Checkpoint
17-12-2015 20:46:38 System Checkpoint
18-12-2015 21:06:30 System Checkpoint
19-12-2015 21:37:24 System Checkpoint
20-12-2015 21:55:45 System Checkpoint
21-12-2015 22:27:31 System Checkpoint
23-12-2015 02:55:18 System Checkpoint
24-12-2015 03:27:32 System Checkpoint
25-12-2015 04:27:31 System Checkpoint
26-12-2015 05:27:32 System Checkpoint
27-12-2015 08:41:34 System Checkpoint
28-12-2015 10:13:21 System Checkpoint
29-12-2015 10:57:08 System Checkpoint
30-12-2015 12:21:12 System Checkpoint
31-12-2015 21:05:41 System Checkpoint
01-01-2016 21:52:48 System Checkpoint
03-01-2016 01:29:39 System Checkpoint
04-01-2016 15:22:20 System Checkpoint
05-01-2016 20:09:16 System Checkpoint
06-01-2016 20:49:52 System Checkpoint
07-01-2016 21:16:41 System Checkpoint
09-01-2016 10:53:34 System Checkpoint
10-01-2016 12:16:18 System Checkpoint
11-01-2016 17:56:36 System Checkpoint
12-01-2016 20:18:38 System Checkpoint
13-01-2016 10:00:16 Software Distribution Service 3.0
14-01-2016 10:53:26 System Checkpoint
15-01-2016 13:41:15 System Checkpoint
16-01-2016 15:39:54 System Checkpoint
17-01-2016 21:03:49 System Checkpoint
19-01-2016 17:21:25 System Checkpoint
20-01-2016 17:32:21 System Checkpoint
22-01-2016 02:51:31 System Checkpoint
23-01-2016 03:07:27 System Checkpoint
24-01-2016 04:06:23 System Checkpoint
25-01-2016 05:06:22 System Checkpoint
26-01-2016 08:48:28 System Checkpoint
27-01-2016 10:34:26 System Checkpoint
28-01-2016 12:03:00 System Checkpoint
29-01-2016 13:01:04 System Checkpoint
30-01-2016 15:05:37 System Checkpoint
31-01-2016 16:59:10 System Checkpoint
01-02-2016 17:03:55 System Checkpoint
02-02-2016 17:45:28 System Checkpoint
03-02-2016 21:20:24 System Checkpoint
04-02-2016 21:38:31 System Checkpoint
06-02-2016 12:02:46 System Checkpoint
07-02-2016 16:58:56 System Checkpoint
08-02-2016 20:59:53 System Checkpoint
10-02-2016 10:00:20 Software Distribution Service 3.0
11-02-2016 11:01:59 System Checkpoint
12-02-2016 13:27:46 System Checkpoint
13-02-2016 21:20:27 System Checkpoint
14-02-2016 21:23:43 System Checkpoint
17-02-2016 12:19:13 System Checkpoint
19-02-2016 06:39:47 System Checkpoint
20-02-2016 14:59:41 System Checkpoint
21-02-2016 10:39:42 Removed Apple Application Support
21-02-2016 10:41:03 Removed Skype™ 7.13
22-02-2016 09:54:09 Installed AVG 2016
22-02-2016 09:56:08 Installed AVG
22-02-2016 14:35:40 Restore Operation
22-02-2016 16:38:48 Installed Windows Media Player 11
22-02-2016 16:41:08 Installed Windows XP MSCompPackV1.
23-02-2016 07:22:13 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/22/2016 04:54:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application plugin-container.exe, version 44.0.2.5884, faulting module mozglue.dll, version 44.0.2.5884, fault address 0x0000ed3b.
Processing media-specific event for [plugin-container.exe!ws!]

Error: (02/22/2016 04:26:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application mpc-hc.exe, version 1.3.1774.0, faulting module mpc-hc.exe, version 1.3.1774.0, fault address 0x0009b3a6.
Processing media-specific event for [mpc-hc.exe!ws!]

Error: (02/22/2016 04:26:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application mpc-hc.exe, version 1.3.1774.0, faulting module mpc-hc.exe, version 1.3.1774.0, fault address 0x0009b3a6.
Processing media-specific event for [mpc-hc.exe!ws!]

Error: (02/22/2016 09:24:10 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\NEW\MY DOCUMENTS\DAI'S REUNION.AVI> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (02/22/2016 09:24:10 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\NEW\MY DOCUMENTS\CUTEPLUSHIES.BMP> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (02/22/2016 09:24:10 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\NEW\MY DOCUMENTS\CLIP1160.AVI> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (02/22/2016 09:24:10 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\NEW\MY DOCUMENTS\CLIP1155.AVI> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (02/22/2016 09:24:10 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\NEW\MY DOCUMENTS\CLIP1154.AVI> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (02/22/2016 09:24:10 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\NEW\MY DOCUMENTS\CLIP1153.AVI> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (02/22/2016 09:24:10 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\NEW\MY DOCUMENTS\CLIP1152.AVI> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
    A device attached to the system is not functioning.   (0x8007001f)


System errors:
=============
Error: (02/23/2016 07:23:20 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Ad-Aware Service 11 service terminated unexpectedly.  It has done this 1 time(s).

Error: (02/23/2016 07:23:20 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The WMDM PMSP Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (02/23/2016 07:23:20 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Timeout (60000 milliseconds) waiting for a transaction response from the MBAMScheduler service.

Error: (02/23/2016 07:22:19 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The World Wide Web Publishing service terminated unexpectedly.  It has done this 1 time(s).

Error: (02/23/2016 07:22:19 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Simple Mail Transfer Protocol (SMTP) service terminated unexpectedly.  It has done this 1 time(s).

Error: (02/23/2016 07:22:19 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The IIS Admin service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 1 milliseconds: Run the configured recovery program.

Error: (02/23/2016 07:22:19 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The AVG Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.

Error: (02/23/2016 07:16:51 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
m2jimzv2mhnkbdz

Error: (02/23/2016 07:12:37 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Application Layer Gateway Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (02/23/2016 07:12:37 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.


==================== Memory info ===========================

Processor:  Intel® Pentium® D CPU 3.00GHz
Percentage of memory in use: 31%
Total physical RAM: 3062.07 MB
Available physical RAM: 2095.57 MB
Total Virtual: 4948.15 MB
Available Virtual: 4083.98 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.51 GB) (Free:848.39 GB) NTFS ==>[drive with boot components (Windows XP)]
Drive g: (BACKUP) (Fixed) (Total:149.01 GB) (Free:1.05 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 9996FC4B)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 149.1 GB) (Disk ID: 3454F8C1)
Partition 1: (Not Active) - (Size=149.1 GB) - (Type=0B)

==================== End of Addition.txt ============================


  • 0

#4
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,029 posts
  • MVP

I need the FRST too but I have enough to create a first fixlist so let's do it first then rerun FRST.

 

 
Download the attached fixlist.txt to the same location as FRST
 
[attachment=80423:fixlist.txt]
 
Run FRST and press Fix
A fix log will be generated please post that 
 
Now rerun FRST, make sure the Addition.txt is checked then Scan.  You will get two logs.  Please post both.

  • 0

#5
Paulos

Paulos

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts

I post it now, uh a download file I think... yeah... okay I do not know how to attach a file on this format I'm sorry, so I will post the FRST.txt itself that I just ran.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:21-02-2016 01
Ran by New (administrator) on NEW-C38666AC652 (23-02-2016 08:04:14)
Running from C:\Documents and Settings\New\My Documents\Downloads
Loaded Profiles: New (Available Profiles: New)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) Language: English (United States)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avgsvcx.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(America Online, Inc.) C:\Program Files\AIM Original\aim.exe
(Microsoft Corporation) C:\WINDOWS\system32\inetsrv\inetinfo.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MSConfig] => C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe [169984 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-19\...\Policies\Explorer: [CDRAutoRun] 0
HKU\S-1-5-21-854245398-1336601894-1177238915-1003\...\Run: [AIM] => C:\Program Files\AIM Original\aim.exe [67160 2005-07-21] (America Online, Inc.)
HKU\S-1-5-21-854245398-1336601894-1177238915-1003\...\MountPoints2: {9afd757f-4ce8-11e5-ae08-0013722f4085} - F:\HPLauncher.exe
HKU\S-1-5-21-854245398-1336601894-1177238915-1003\...\MountPoints2: {c0c0e1e0-8dda-11e3-b70b-001372c1e370} - RunClubSanDisk.exe
HKU\S-1-5-21-854245398-1336601894-1177238915-1003\...\MountPoints2: {e3953827-1574-11e3-baca-0014223a28a9} - E:\RunClubSanDisk.exe
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop

Search\MSNLNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 204.186.110.114 216.144.187.199 204.186.0.180
Tcpip\..\Interfaces\{BA58842D-01A3-4227-BF22-31E77F5007D5}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{E26E5228-D04C-4A87-B078-397FE29B9D33}: [DhcpNameServer] 204.186.110.114 216.144.187.199 204.186.0.180
ManualProxies:

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-854245398-1336601894-1177238915-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-854245398-1336601894-1177238915-1003 -> {c9ab6446-7efc-47fe-966c-dc54324eff9f} URL =

hxxps://www.google.com/search?q={searchTerms}
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_73\bin\ssv.dll [2016-02-10] (Oracle

Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-10] (Oracle

Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Documents and Settings\New\Application Data\Mozilla\Firefox\Profiles\ujrt5is7.default-1455489104109
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-20] ()
FF Plugin: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-10] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-10] (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29]

(Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-01-20] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-854245398-1336601894-1177238915-1003: @unity3d.com/UnityPlayer,version=1.0 -> C:\Documents and Settings\New\Local

Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-18] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2015-09-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2015-09-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2015-09-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2015-09-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2015-09-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll [2015-09-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll [2015-09-25] (Apple Inc.)
FF Extension: Video AdBlock - C:\Documents and Settings\New\Application

Data\Mozilla\Firefox\Profiles\ujrt5is7.default-1455489104109\extensions\{068e178c-61a9-4a63-b74f-87404a6f5ea1} [2016-02-22]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation

Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation

Foundation\DotNetAssistantExtension [2014-02-04] [not signed]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-854245398-1336601894-1177238915-1003\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension:

[bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome - chrome.exe

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgsvc; C:\Program Files\AVG\Framework\Common\avgsvcx.exe [865704 2016-01-12] (AVG Technologies CZ, s.r.o.)
R2 IISADMIN; C:\WINDOWS\system32\inetsrv\inetinfo.exe [15360 2008-04-14] (Microsoft Corporation)
S2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\AdAwareService.exe [659872 2015-08-27] ()
S2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S4 npggsvc; C:\WINDOWS\system32\GameMon.des [3568840 2015-08-16] (INCA Internet Co., Ltd.)
R2 SMTPSVC; C:\WINDOWS\system32\inetsrv\inetinfo.exe [15360 2008-04-14] (Microsoft Corporation)
R2 W3SVC; C:\WINDOWS\system32\inetsrv\inetinfo.exe [15360 2008-04-14] (Microsoft Corporation)
S2 WMDM PMSP Service; C:\WINDOWS\system32\MsPMSPSv.exe [53248 2001-05-01] (Microsoft Corporation) [File not signed]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 bdselfpr; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.98.0\bdselfpr.sys [135600 2015-01-22] (BitDefender LLC)
S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [170200 2016-02-23] (Malwarebytes)
S3 rt2870; C:\WINDOWS\System32\DRIVERS\rt2870.sys [1174976 2011-04-25] (Ralink Technology, Corp.)
S3 Trufos; C:\WINDOWS\System32\DRIVERS\Trufos.sys [408280 2015-01-22] (BitDefender S.R.L.)
S0 cerc6; no ImagePath
S4 IntelIde; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-23 07:31 - 2016-02-23 07:31 - 00000719 _____ C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
2016-02-23 07:31 - 2016-02-23 07:31 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\VideoLAN
2016-02-23 07:30 - 2016-02-23 07:30 - 00000000 ____D C:\Program Files\VideoLAN
2016-02-23 07:26 - 2016-02-23 08:04 - 00000000 ____D C:\FRST
2016-02-23 07:25 - 2016-02-23 07:25 - 00003840 _____ C:\Documents and Settings\New\Desktop\JRT.txt
2016-02-23 07:19 - 2016-02-23 07:19 - 00000616 _____ C:\Documents and Settings\New\Desktop\Shortcut to AdwCleaner.exe.lnk
2016-02-23 07:01 - 2016-02-23 07:19 - 00000000 ____D C:\AdwCleaner
2016-02-22 16:41 - 2006-09-25 17:58 - 00014640 ____N (Microsoft Corporation) C:\WINDOWS\system32\spmsg.dll
2016-02-22 14:33 - 2016-02-22 14:33 - 00000000 ____D C:\Documents and Settings\New\Application Data\AVG10
2016-02-22 14:33 - 2016-02-22 14:33 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\AVG Zen
2016-02-22 09:49 - 2016-02-22 14:32 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\MFAData
2016-02-22 09:49 - 2016-02-22 09:49 - 00000000 ____D C:\Documents and Settings\New\Local Settings\Application Data\MFAData
2016-02-22 09:48 - 2016-02-22 09:48 - 00000617 _____ C:\Documents and Settings\All Users\Desktop\AVG.lnk
2016-02-22 09:46 - 2016-02-22 14:32 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Avg
2016-02-22 09:45 - 2016-02-22 09:48 - 00000000 ____D C:\Documents and Settings\New\Local Settings\Application Data\AvgSetupLog
2016-02-22 09:45 - 2016-02-22 09:45 - 00000000 ____D C:\Documents and Settings\New\Local Settings\Application Data\Avg
2016-02-22 08:57 - 2016-02-22 09:19 - 00000654 _____ C:\WINDOWS\Tasks\klcp_update.job
2016-02-22 08:28 - 2016-02-22 09:26 - 00000000 ____D C:\Documents and Settings\New\Application Data\denaf
2016-02-21 10:48 - 2016-02-21 10:47 - 00069584 ____H C:\WINDOWS\Minidump\Mini022116-03.dmp
2016-02-21 10:32 - 2016-02-21 10:31 - 00069584 ____H C:\WINDOWS\Minidump\Mini022116-02.dmp
2016-02-21 10:31 - 2016-02-21 10:47 - 00000664 _____ C:\Documents and Settings\New\Local Settings\Application Data\d3d9caps.dat
2016-02-21 09:49 - 2016-02-21 09:48 - 00069584 ____H C:\WINDOWS\Minidump\Mini022116-01.dmp
2016-02-20 20:34 - 2016-02-20 20:34 - 00000933 _____ C:\Documents and Settings\New\Desktop\The story of my life.txt
2016-02-20 19:26 - 2016-02-20 19:26 - 06912054 _____ C:\Documents and Settings\New\Desktop\TEmp calling me thank you Tails always thank you 2 20

16.bmp
2016-02-20 11:40 - 2016-02-20 11:40 - 06912054 _____ C:\Documents and Settings\New\Desktop\lisalisa happy with my explanation yay depression chat

room 2 20 16.bmp
2016-02-20 10:45 - 2016-02-21 10:48 - 00000000 ____D C:\WINDOWS\Minidump
2016-02-20 10:45 - 2016-02-20 10:44 - 00069584 ____H C:\WINDOWS\Minidump\Mini022016-01.dmp
2016-02-20 10:44 - 2016-02-21 09:48 - 00000664 _____ C:\WINDOWS\system32\d3d9caps.dat
2016-02-19 08:03 - 2016-02-22 18:53 - 00000000 ____D C:\Documents and Settings\New\Desktop\When she's been online February
2016-02-16 19:30 - 2016-02-16 19:30 - 00000101 _____ C:\Documents and Settings\New\Desktop\TO DO LIST EVERY DAY IF YOU CAN PAUL FROM ALIS

REMEMBER.txt
2016-02-15 10:17 - 2016-02-15 10:17 - 08208579 _____ C:\Documents and Settings\New\My Documents\我那覇響/Rebellion.mp4
2016-02-15 10:14 - 2016-02-15 10:14 - 21379042 _____ C:\Documents and Settings\New\My Documents\[720p] The [email protected] 2nd-Mix - Quintet (from THE

[email protected] 2 S4U mode).mp4
2016-02-15 09:58 - 2016-02-22 15:34 - 00000000 ____D C:\Documents and Settings\New\Desktop\Depression Chat Room Logs
2016-02-14 08:51 - 2016-02-14 08:51 - 06912054 _____ C:\Documents and Settings\New\Desktop\Carina on Valentines day 2 14 16 thank you Carina thank

you.bmp
2016-02-13 16:31 - 2016-02-13 16:31 - 02786333 _____ C:\Documents and Settings\New\My Documents\[Thug Life] Thug In The Kitchen.mp4
2016-02-11 18:34 - 2016-02-14 16:31 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-02-10 15:08 - 2016-02-10 15:08 - 00000000 ____D C:\Program Files\Common Files\Java
2016-02-10 15:07 - 2016-02-10 15:07 - 00000000 ____D C:\Documents and Settings\New\.oracle_jre_usage
2016-02-10 15:02 - 2016-02-10 15:02 - 00000000 ____D C:\Documents and Settings\New\Application Data\Oracle
2016-02-10 12:03 - 2016-02-10 12:03 - 00010320 _____ C:\Documents and Settings\New\Desktop\th.jpeg
2016-02-02 19:10 - 2016-02-02 19:10 - 00006489 _____ C:\Documents and Settings\New\Desktop\in jail.jpeg
2016-01-30 14:40 - 2016-01-30 14:40 - 00000051 _____ C:\Documents and Settings\New\Desktop\wei five generals dt2 not sure.txt

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-23 08:04 - 2012-01-18 13:04 - 00000000 ____D C:\Documents and Settings\New\Local Settings\Temp
2016-02-23 08:03 - 2015-08-27 23:13 - 00000000 ____D C:\Documents and Settings\New\Application Data\vlc
2016-02-23 07:44 - 2014-02-04 14:42 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-02-23 07:27 - 2012-01-18 05:40 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2016-02-23 07:22 - 2014-02-04 19:33 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2016-02-23 07:17 - 2015-08-29 13:36 - 00170200 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-02-23 07:16 - 2015-08-28 11:59 - 00001062 _____ C:\Documents and Settings\All Users\Desktop\Ad-Aware Antivirus.lnk
2016-02-23 07:16 - 2008-04-14 01:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2016-02-23 07:15 - 2012-01-18 05:51 - 00000211 ___SH C:\boot.ini
2016-02-23 07:15 - 2008-04-14 01:00 - 00000555 _____ C:\WINDOWS\win.ini
2016-02-23 07:15 - 2008-04-14 01:00 - 00000227 _____ C:\WINDOWS\system.ini
2016-02-23 07:14 - 2015-08-28 14:17 - 00001048 _____ C:\WINDOWS\Tasks\jx1plgvedP1bSwCZzFu9Zx4h.job
2016-02-23 07:14 - 2015-08-27 11:49 - 00000376 _____ C:\WINDOWS\Tasks\Run Tasks.job
2016-02-23 07:14 - 2014-11-14 12:53 - 00000218 _____ C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2016-02-23 07:14 - 2012-01-18 13:02 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-02-23 07:13 - 2012-01-18 13:04 - 00000178 ___SH C:\Documents and Settings\New\ntuser.ini
2016-02-23 07:13 - 2012-01-18 13:02 - 00032454 _____ C:\WINDOWS\SchedLgU.Txt
2016-02-23 07:12 - 2012-01-18 13:04 - 00000000 ___RD C:\Documents and Settings\New\My Documents
2016-02-22 17:31 - 2014-02-04 14:36 - 00000000 ____D C:\Program Files\K-Lite Codec Pack
2016-02-22 16:59 - 2015-07-28 11:24 - 00169850 _____ C:\Documents and Settings\New\Desktop\My SCREAM.txt
2016-02-22 16:51 - 2012-01-18 12:52 - 00023392 _____ C:\WINDOWS\system32\nscompat.tlb
2016-02-22 16:51 - 2012-01-18 12:52 - 00016832 _____ C:\WINDOWS\system32\amcompat.tlb
2016-02-22 16:41 - 2012-01-18 13:04 - 00000788 _____ C:\Documents and Settings\New\Start Menu\Programs\Windows Media Player.lnk
2016-02-22 16:41 - 2012-01-18 05:40 - 00000000 ___HD C:\WINDOWS\inf
2016-02-22 16:40 - 2014-02-04 19:32 - 00000000 ____D C:\Program Files\Windows Media Connect 2
2016-02-22 16:40 - 2012-01-18 05:40 - 00000000 RSHDC C:\WINDOWS\system32\dllcache
2016-02-22 16:26 - 2014-02-04 14:36 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\K-Lite Codec Pack
2016-02-22 14:32 - 2015-08-28 11:45 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\AVAST Software
2016-02-22 09:54 - 2015-07-28 14:33 - 00000000 ____D C:\Program Files\AVG
2016-02-22 09:27 - 2014-02-04 19:34 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2492386$
2016-02-22 09:26 - 2014-02-04 18:02 - 00131072 _____ C:\WINDOWS\system32\config\WindowsPowerShell.evt
2016-02-22 09:26 - 2012-01-18 05:40 - 00000000 ____D C:\WINDOWS\L2Schemas
2016-02-22 08:52 - 2012-01-18 12:52 - 00000000 __SHD C:\Documents and Settings\All Users\DRM
2016-02-22 08:42 - 2014-02-04 16:45 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB973904$
2016-02-22 08:41 - 2016-01-08 08:13 - 00000585 _____ C:\Documents and Settings\All Users\Desktop\Dragon Raja Global.lnk
2016-02-22 08:41 - 2015-10-19 23:58 - 00000983 _____ C:\Documents and Settings\All Users\Desktop\Façade.lnk
2016-02-22 08:41 - 2015-09-13 14:53 - 00000615 _____ C:\Documents and Settings\All Users\Desktop\Elsword.lnk
2016-02-22 08:41 - 2015-08-15 10:38 - 00001564 _____ C:\Documents and Settings\All Users\Desktop\Diablo II.lnk
2016-02-22 08:41 - 2015-07-28 14:22 - 00001553 _____ C:\Documents and Settings\All Users\Desktop\AIM.lnk
2016-02-22 08:41 - 2012-01-18 12:52 - 00001523 _____ C:\WINDOWS\OEWABLog.txt
2016-02-22 08:40 - 2016-01-02 11:29 - 00001045 _____ C:\Documents and Settings\New\Desktop\Shortcut to Shining Force I Editor v1.0.exe.lnk
2016-02-22 08:40 - 2015-12-24 07:58 - 00001678 _____ C:\Documents and Settings\New\Desktop\Shortcut to U13 - Sonic And The Secret Rings - Seven Rings

In Hand.mp3.lnk
2016-02-22 08:40 - 2015-12-24 07:58 - 00001608 _____ C:\Documents and Settings\New\Desktop\Shortcut to U09 - Sonic Adventure 2 - Live And

Learn.mp3.lnk
2016-02-22 08:40 - 2015-12-24 07:57 - 00001618 _____ C:\Documents and Settings\New\Desktop\Shortcut to U12 - Sonic The Hedgehog - His World

Remix.mp3.lnk
2016-02-22 08:40 - 2015-12-23 07:59 - 00000670 _____ C:\Documents and Settings\New\Desktop\Shortcut to ATB - Ecstasy.mp3.lnk
2016-02-22 08:40 - 2015-10-14 11:42 - 00000718 _____ C:\Documents and Settings\New\Desktop\Shortcut to Hero Editor.exe.lnk
2016-02-22 08:40 - 2015-09-25 23:13 - 00000535 _____ C:\Documents and Settings\New\Desktop\Shortcut to Youtube Video Tags.txt.lnk
2016-02-22 08:40 - 2015-08-22 15:04 - 00000104 _____ C:\Documents and Settings\New\Desktop\Shortcut to Search Results.lnk
2016-02-22 08:40 - 2015-08-09 14:33 - 00000679 _____ C:\Documents and Settings\New\Desktop\Shortcut (3) to aim.lnk
2016-02-22 08:40 - 2015-07-30 13:30 - 00000375 _____ C:\Documents and Settings\New\Desktop\Shortcut to Saved Movies.lnk
2016-02-22 08:40 - 2015-07-29 20:25 - 00001785 _____ C:\Documents and Settings\New\Desktop\Age of Empires.lnk
2016-02-22 08:40 - 2015-07-29 17:49 - 00000258 __RSH C:\Documents and Settings\All Users\ntuser.pol
2016-02-22 08:40 - 2015-07-28 15:34 - 00000654 _____ C:\Documents and Settings\New\Desktop\Shortcut to HyCam2.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00001978 _____ C:\Documents and Settings\New\Desktop\Shortcut to 206  Juno Reactor Vs. Don Davis - Burly Brawl

SMIT.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00001848 _____ C:\Documents and Settings\New\Desktop\Shortcut to 204  Rob Dougan - Chateau BATTLE.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00001792 _____ C:\Documents and Settings\New\Desktop\Age of Empires Expansion.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00001748 _____ C:\Documents and Settings\New\Desktop\Shortcut to Super Street Fighter 4 Juri Theme Soundtrack

HD  .lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00001603 _____ C:\Documents and Settings\New\Desktop\A Small Measure of Peace Part of my Favorite tune LAST

SAMURAI.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00001593 _____ C:\Documents and Settings\New\Desktop\Age Of Wonders.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00001564 _____ C:\Documents and Settings\New\Desktop\Diablo II - Lord of Destruction.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00001548 _____ C:\Documents and Settings\New\Desktop\A Way of Life Part of my Favorite tune LAST SAMURAI.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00001510 _____ C:\Documents and Settings\New\Desktop\Shortcut to Super Street Fighter 4 Trial Theme Soundtrack

HD  .lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00001510 _____ C:\Documents and Settings\New\Desktop\Shortcut to Super Street Fighter 4 Character Select Arcade

The.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00001460 _____ C:\Documents and Settings\New\Desktop\Shortcut to Vicodin Withdrawal and info on PILL TAKING.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00001385 _____ C:\Documents and Settings\New\Desktop\Shortcut to 238. Training Stage Clip1.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00001362 _____ C:\Documents and Settings\New\Desktop\Shortcut (2) to Mortal Kombat- Final Combat (Techno

Syndrome Mix).lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00001345 _____ C:\Documents and Settings\New\Desktop\Shortcut to Pho's Vicodin WD Advice.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00001323 _____ C:\Documents and Settings\New\Desktop\Shortcut to Gemfire BIG CODES.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00001270 _____ C:\Documents and Settings\New\Desktop\Shortcut to Japanese.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00001254 _____ C:\Documents and Settings\New\Desktop\Shortcut to Dynasty Warriors 7 Original Soundtrack.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00001239 _____ C:\Documents and Settings\New\Desktop\Shortcut to 1Musou Orochi 2 Original Soundtrack.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00001239 _____ C:\Documents and Settings\New\Desktop\Nero StartSmart.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000976 _____ C:\Documents and Settings\New\Desktop\Shortcut to David Bowie & Freddy Mercury - Under

Pressure.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000971 _____ C:\Documents and Settings\New\Desktop\Shortcut to An 8 Bit Reenactment of Dungeons and

Dragons.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000926 _____ C:\Documents and Settings\New\Desktop\Shortcut to Beethoven - Moonlight Sonata (FULL).lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000901 _____ C:\Documents and Settings\New\Desktop\Shortcut to Dynasty Tactics II.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000848 _____ C:\Documents and Settings\New\Desktop\Shortcut to Heroes3_C_crked.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000815 _____ C:\Documents and Settings\New\Desktop\Shortcut to AmishHilarious.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000801 _____ C:\Documents and Settings\New\Desktop\Shortcut to Company.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000796 _____ C:\Documents and Settings\New\Desktop\Shortcut to VisualBoyAdvance.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000753 _____ C:\Documents and Settings\New\Desktop\Shortcut to IG - Snap - Ive Got the Power.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000728 _____ C:\Documents and Settings\New\Desktop\Shortcut to Gemfire Game Genie Codes.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000705 _____ C:\Documents and Settings\New\Desktop\Shortcut to AoWEd.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000696 _____ C:\Documents and Settings\New\Desktop\Shortcut to moviemk.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000696 _____ C:\Documents and Settings\New\Desktop\Shortcut to Faces.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000686 _____ C:\Documents and Settings\New\Desktop\Shortcut to snes9x.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000663 _____ C:\Documents and Settings\New\Desktop\Shortcut to mame32k.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000633 _____ C:\Documents and Settings\New\Desktop\Shortcut to SFedit.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000625 _____ C:\Documents and Settings\New\Desktop\Shortcut to gens.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000621 _____ C:\Documents and Settings\New\Desktop\Shortcut to fceu.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000617 _____ C:\Documents and Settings\New\Desktop\Shortcut to Songs.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000592 _____ C:\Documents and Settings\New\Desktop\Shortcut to CASTLE2.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000556 _____ C:\Documents and Settings\New\Desktop\Shortcut to Whoomp there it is.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000534 _____ C:\Documents and Settings\New\Desktop\Shortcut to civ2.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000511 _____ C:\Documents and Settings\New\Desktop\Shortcut to Chat Logs.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000511 _____ C:\Documents and Settings\New\Desktop\Shortcut (2) to RPG STUFF.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000484 _____ C:\Documents and Settings\New\Desktop\Shortcut to Ren and Stimpy.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000450 _____ C:\Documents and Settings\New\Desktop\Shortcut to Woman Anime Cartoon Photos.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000350 _____ C:\Documents and Settings\New\Desktop\Shortcut to Shared.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000260 _____ C:\Documents and Settings\New\Desktop\Shortcut (2) to Porn Vids.lnk
2016-02-22 08:40 - 2015-07-28 11:23 - 00000718 _____ C:\Documents and Settings\New\Desktop\WO2 Abilities of Chars.lnk
2016-02-22 08:40 - 2012-01-18 05:52 - 00000000 ____D C:\Documents and Settings\All Users
2016-02-22 07:49 - 2012-01-18 13:04 - 00000738 _____ C:\Documents and Settings\New\Start Menu\Programs\Outlook Express.lnk
2016-02-22 07:47 - 2012-01-18 13:04 - 00000000 ___RD C:\Documents and Settings\New\My Documents\My Pictures
2016-02-22 07:47 - 2012-01-18 13:04 - 00000000 ___RD C:\Documents and Settings\New\My Documents\My Music
2016-02-21 11:39 - 2015-07-28 11:32 - 00000000 ____D C:\Documents and Settings\New\Desktop\Important Documents
2016-02-21 10:42 - 2012-01-18 06:07 - 00670330 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-02-21 10:41 - 2015-10-30 17:32 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Skype
2016-02-21 10:41 - 2012-01-18 05:59 - 01124276 _____ C:\WINDOWS\setupapi.log.0.old
2016-02-20 15:16 - 2015-07-28 11:32 - 00000000 ____D C:\Documents and Settings\New\Desktop\Pics Misc Documents
2016-02-18 07:22 - 2015-07-28 14:15 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-02-17 13:25 - 2016-01-08 08:06 - 00000000 ____D C:\Dragon Raja Global
2016-02-16 21:07 - 2015-11-02 07:21 - 00188928 ___SH C:\Documents and Settings\New\Desktop\Thumbs.db
2016-02-15 09:52 - 2014-02-04 18:02 - 00000000 __SHD C:\Documents and Settings\New\IETldCache
2016-02-10 15:32 - 2014-02-04 18:05 - 00000000 __SHD C:\Documents and Settings\New\PrivacIE
2016-02-10 15:32 - 2014-02-04 18:05 - 00000000 __SHD C:\Documents and Settings\New\IECompatCache
2016-02-10 15:08 - 2015-07-31 08:02 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Oracle
2016-02-10 15:07 - 2014-02-04 19:21 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Java
2016-02-10 15:07 - 2012-01-18 13:04 - 00000000 ____D C:\Documents and Settings\New
2016-02-10 15:06 - 2014-02-04 19:22 - 00146432 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2016-02-10 15:06 - 2014-02-04 19:21 - 00095840 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2016-02-10 15:06 - 2014-01-06 11:59 - 00000000 ____D C:\Program Files\Java
2016-02-10 10:05 - 2014-11-14 11:33 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-02-10 10:00 - 2014-02-04 16:54 - 144254680 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-02-09 16:53 - 2015-09-25 22:55 - 00002425 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Apple Software Update.lnk
2016-02-09 16:53 - 2015-09-18 18:44 - 00001025 _____ C:\Documents and Settings\All Users\Desktop\Hex Workshop Hex Editor (32 bit).lnk
2016-02-09 16:53 - 2015-08-29 13:36 - 00000777 _____ C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2016-02-09 16:53 - 2015-08-05 14:44 - 00000554 _____ C:\Documents and Settings\All Users\Desktop\Seven Kingdoms II.lnk
2016-02-09 16:53 - 2015-07-31 16:21 - 00001713 _____ C:\Documents and Settings\All Users\Desktop\The Conquerors.lnk
2016-02-09 16:53 - 2015-07-29 20:31 - 00001696 _____ C:\Documents and Settings\All Users\Desktop\Heroes 3 Complete.lnk
2016-02-09 16:53 - 2014-02-04 19:33 - 00001761 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Windows Search.lnk
2016-02-09 16:53 - 2014-01-06 13:10 - 00002347 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk
2016-02-09 16:53 - 2012-01-18 12:51 - 00000786 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Windows Movie Maker.lnk
2016-02-09 16:53 - 2012-01-18 12:27 - 00000605 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Windows Messenger.lnk
2016-02-09 16:23 - 2015-08-29 13:36 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
2016-02-09 16:23 - 2015-08-29 13:35 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2016-02-09 15:21 - 2014-01-06 11:56 - 00000000 __SHD C:\Documents and Settings\New\UserData
2016-02-08 15:00 - 2014-11-14 12:53 - 00000212 _____ C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2016-01-31 10:19 - 2015-07-28 11:24 - 00003340 _____ C:\Documents and Settings\New\Desktop\Passwords Info about friends.txt
2016-01-29 21:53 - 2015-07-29 17:51 - 00000000 ____D C:\Documents and Settings\New\Local Settings\Application Data\WMTools Downloaded Files

==================== Files in the root of some directories =======

2015-07-28 16:07 - 2015-07-28 16:07 - 0000037 ___SH () C:\Documents and Settings\New\Local Settings\Application

Data\20986331705021ca58edc424.96250074
2016-02-21 10:31 - 2016-02-21 10:47 - 0000664 _____ () C:\Documents and Settings\New\Local Settings\Application Data\d3d9caps.dat

Some files in TEMP:
====================
C:\Documents and Settings\NetworkService\Local Settings\Temp\mpam-9a95a684.exe
C:\Documents and Settings\New\Local Settings\Temp\AutoRun.exe
C:\Documents and Settings\New\Local Settings\Temp\AutoRunGUI.dll
C:\Documents and Settings\New\Local Settings\Temp\First15.exe
C:\Documents and Settings\New\Local Settings\Temp\VP6Install.exe
C:\Documents and Settings\New\Local Settings\Temp\VP6VFW.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================


  • 0

#6
Paulos

Paulos

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts

Additional scan result of Farbar Recovery Scan Tool (x86) Version:21-02-2016 01
Ran by New (2016-02-23 07:34:17)
Running from C:\Documents and Settings\New\My Documents\Downloads
Microsoft Windows XP Professional Service Pack 3 (X86) (2012-01-18 19:00:58)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-854245398-1336601894-1177238915-500 - Administrator - Enabled)
Guest (S-1-5-21-854245398-1336601894-1177238915-501 - Limited - Disabled)
HelpAssistant (S-1-5-21-854245398-1336601894-1177238915-1000 - Limited - Disabled)
IUSR_NEW-C38666AC652 (S-1-5-21-854245398-1336601894-1177238915-1005 - Limited - Enabled)
IWAM_NEW-C38666AC652 (S-1-5-21-854245398-1336601894-1177238915-1006 - Limited - Enabled)
New (S-1-5-21-854245398-1336601894-1177238915-1003 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\New
SUPPORT_388945a0 (S-1-5-21-854245398-1336601894-1177238915-1002 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Ad-Aware Antivirus (Disabled - Out of date) {22CB8761-914A-11CF-B705-00AA0062CBB7}
AV: avast! Antivirus (Disabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: Ad-Aware Firewall (Disabled) {9211320F-6C40-4035-BBDE-3C96ED504F33}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Ad-Aware Antivirus (HKLM\...\{FC9BDF23-3AF3-4F4B-B549-E7D5259736F1}_AdAwareUpdater) (Version: 11.8.586.8535 - Lavasoft)
AdAwareInstaller (Version: 11.8.586.8535 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.8.586.8535 - Lavasoft) Hidden
Adobe Flash Player 18 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
AIM 7 (HKLM\...\AIM_7) (Version:  - )
AntimalwareEngine (Version: 3.0.98.0 - Lavasoft) Hidden
AOL Instant Messenger (HKLM\...\AOL Instant Messenger) (Version:  - )
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVG (HKLM\...\AvgZen) (Version: 1.41.1.56922 - AVG Technologies)
AVG 2016 (Version: 16.0.4533 - AVG Technologies) Hidden
AVG Zen (Version: 1.41.29 - AVG Technologies) Hidden
BitComet 1.36 (HKLM\...\BitComet) (Version: 1.36 - CometNetwork)
Broadcom Gigabit Integrated Controller (HKLM\...\{B7F54262-AB66-44B3-88BF-9FC69941B643}) (Version: 8.10.07 - Broadcom Corporation)
Diablo II (HKLM\...\Diablo II) (Version:  - )
Dragon Raja Global (HKLM\...\Dragon Raja Global) (Version: 1.65.0.0 - Mistralis)
Elsword version v5.0909.6.1 (HKLM\...\{E655DDFC-24DB-4FC3-8474-271E911309B4}_is1) (Version: v5.0909.6.1 - KOGGAMES)
Façade (HKLM\...\{24E34264-D483-477C-A9A0-4E53F69834CF}) (Version: 1.1.2 - Procedural Arts)
FMW 1 (Version: 1.52.1 - AVG Technologies) Hidden
Hero Editor V0.96 (HKLM\...\ST6UNST #1) (Version:  - )
Hero Editor V1.03 (HKLM\...\ST6UNST #2) (Version:  - )
Heroes of Might and Magic III Complete (HKLM\...\Heroes of Might and Magic III Complete) (Version:  - )
Hex Workshop v6.8 (HKLM\...\{A36AC685-4435-4C16-861F-221231DE165D}) (Version: 6.8.0.5419 - BreakPoint Software)
ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel® Graphics Media Accelerator Driver (HKLM\...\{8A708DD8-A5E6-11D4-A706-000629E95E20}) (Version: 6.14.10.4410 - )
iSkysoft Video Editor(Build 4.7.1) (HKLM\...\iSkysoft Video Editor_is1) (Version:  - iSkysoft Software)
Itibiti RTC (Version: 0.0.1 - Itibiti Inc) Hidden
Java 8 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
Java 8 Update 73 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version:  - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Age of Empires Gold (HKLM\...\Age of Empires Gold 1.0) (Version:  - )
Microsoft Age of Empires II (HKLM\...\Age of Empires 2.0) (Version:  - )
Microsoft Age of Empires II: The Conquerors Expansion (HKLM\...\Age of Empires II: The Conquerors Expansion 1.0) (Version:  - )
Microsoft Base Smart Card Cryptographic Service Provider Package (HKLM\...\KB909520) (Version:  - Microsoft Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version:  - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 44.0.2 (x86 en-US) (HKLM\...\Mozilla Firefox 44.0.2 (x86 en-US)) (Version: 44.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 44.0.2.5884 - Mozilla)
QuickTime (HKLM\...\{0E64B098-8018-4256-BA23-C316A43AD9B0}) (Version: 7.72.80.56 - Apple Inc.)
Ralink RT2870 Wireless LAN Card (HKLM\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}) (Version: 1.5.12.0 - Ralink)
Realtek AC'97 Audio (HKLM\...\{FB08F381-6533-4108-B7DD-039E11FBC27E}) (Version: 5.33 - Realtek Semiconductor Corp.)
Seven Kingdoms AA (HKLM\...\Seven Kingdoms AA) (Version:  - )
Seven Kingdoms II (HKLM\...\Seven Kingdoms II) (Version:  - )
SoundMAX (HKLM\...\{F0A37341-D692-11D4-A984-009027EC0A9C}) (Version: 5.12.01.5246 - Analog Devices)
The Sims 2 (HKLM\...\{8AB8D458-939E-403F-0097-9BA1C1F013D5}) (Version:  - )
The Sims 2 Nightlife (HKLM\...\{F7529650-B9DB-481B-0089-A2AC3C2821C1}) (Version:  - )
The Sims 2 University (HKLM\...\{8FD3F4BA-A4A6-4380-00A6-CC6853AB2DC2}) (Version:  - )
The Sims™ 2 Seasons (HKLM\...\{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}) (Version:  - )
Unity Web Player (HKU\S-1-5-21-854245398-1336601894-1177238915-1003\...\UnityWebPlayer) (Version: 5.1.3f1 - Unity Technologies ApS)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.2 - VideoLAN)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray (HKLM\...\KB952011) (Version: 1.0 - Microsoft Corporation)
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version:  - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Management Framework Core (HKLM\...\KB968930) (Version:  - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version:  - )
Windows Search 4.0 (HKLM\...\KB940157) (Version: 04.00.6001.503 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-854245398-1336601894-1177238915-1003_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Documents and Settings\New\Local Settings\Application Data\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-854245398-1336601894-1177238915-1003_Classes\CLSID\{62BE5D10-60EB-11d0-BD3B-00A0C911CE86}\InprocServer32 -> C:\Documents and Settings\New\Application Data\denaf\esgen.dll => No File

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\jx1plgvedP1bSwCZzFu9Zx4h.job => C:\Documents and Settings\New\Application Data\jx1plgvedP1bSwCZzFu9Zx4h.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\klcp_update.job => CMD /C sc create KLCPU binPath CMD /V /C SET \FILE \ ProgramFiles \ Lite Codec Pack Tools CodecTweakTool exe\\ IF EXIST FILE START \CTT\ FILE /verysilent /update /freq 30 type own type interact net start KLCPU sc delete KLCPU CMD New
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Run Tasks.job => C:\Program Files\user extensions\Tasks.exe <==== ATTENTION

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2014-02-04 14:36 - 2013-03-06 10:35 - 07197648 _____ () C:\Program Files\K-Lite Codec Pack\Icaros\avcodec-ics-54.dll
2014-02-04 14:36 - 2013-03-06 10:35 - 00246909 _____ () C:\Program Files\K-Lite Codec Pack\Icaros\avutil-ics-52.dll
2014-02-04 14:36 - 2013-03-06 10:35 - 00963069 _____ () C:\Program Files\K-Lite Codec Pack\Icaros\avformat-ics-54.dll
2014-02-04 14:36 - 2013-03-06 10:35 - 00393273 _____ () C:\Program Files\K-Lite Codec Pack\Icaros\swscale-ics-2.dll
2015-08-27 14:56 - 2015-08-27 14:56 - 02595576 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\AdAwareShellExtension.dll
2015-08-27 14:56 - 2015-08-27 14:56 - 02372816 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\RCF.dll
2015-08-27 14:56 - 2015-08-27 14:56 - 00108808 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\boost_filesystem-vc120-mt-1_57.dll
2015-08-27 14:56 - 2015-08-27 14:56 - 00023296 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\boost_system-vc120-mt-1_57.dll
2015-07-28 15:36 - 2008-09-16 20:18 - 00132608 _____ () C:\Program Files\WinRAR\rarext.dll
2008-04-14 01:00 - 2013-01-02 00:49 - 01292288 _____ () C:\WINDOWS\system32\quartz.dll
2015-10-20 07:17 - 2015-10-20 07:17 - 17599688 _____ () C:\WINDOWS\system32\Macromed\Flash\NPSWF32_19_0_0_226.dll
2015-07-28 11:24 - 2005-07-21 12:52 - 00110592 _____ () C:\Program Files\AIM Original\AIM_xmlp.dll
2015-07-28 11:24 - 2005-07-21 12:52 - 00013312 _____ () C:\Program Files\AIM Original\oscres.dll
2015-07-28 11:24 - 2005-06-16 16:46 - 00081920 _____ () C:\Program Files\AIM Original\AIMToday.dll
2015-07-28 11:24 - 2004-05-18 16:55 - 00053248 _____ () C:\Program Files\AIM Original\xmlparse.dll
2015-07-28 11:24 - 2004-05-18 16:55 - 00081920 _____ () C:\Program Files\AIM Original\xmltok.dll
2015-07-28 11:24 - 2005-07-21 12:54 - 00106496 _____ () C:\Program Files\AIM Original\AIMAX.dll
2015-07-28 11:24 - 2005-07-21 12:58 - 00006656 _____ () C:\Program Files\AIM Original\stats.ocm
2015-07-28 11:24 - 2004-08-18 12:56 - 00176128 _____ () C:\Program Files\AIM Original\nssckbi.dll
2015-07-28 11:24 - 2005-07-21 12:53 - 00229376 _____ () C:\Program Files\AIM Original\inetsocket.dll
2016-01-20 18:00 - 2016-01-20 18:00 - 00144832 _____ () C:\Program Files\VideoLAN\VLC\libvlc.dll
2016-01-20 18:02 - 2016-01-20 18:02 - 02632640 _____ () C:\Program Files\VideoLAN\VLC\libvlccore.dll
2016-01-20 18:00 - 2016-01-20 18:00 - 00554944 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libdshow_plugin.dll
2016-01-20 18:02 - 2016-01-20 18:02 - 00041920 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_output\libdirectsound_plugin.dll
2016-01-20 18:02 - 2016-01-20 18:02 - 00039872 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_output\libwaveout_plugin.dll
2016-01-20 18:00 - 2016-01-20 18:00 - 00086464 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_output\libdirect3d_plugin.dll
2016-01-20 18:00 - 2016-01-20 18:00 - 00078272 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_output\libdirectdraw_plugin.dll
2016-01-20 18:01 - 2016-01-20 18:01 - 00069568 _____ () C:\Program Files\VideoLAN\VLC\plugins\control\libhotkeys_plugin.dll
2016-01-20 18:01 - 2016-01-20 18:01 - 00048576 _____ () C:\Program Files\VideoLAN\VLC\plugins\control\libwin_hotkeys_plugin.dll
2016-01-20 18:02 - 2016-01-20 18:02 - 11997632 _____ () C:\Program Files\VideoLAN\VLC\plugins\gui\libqt4_plugin.dll
2016-01-20 18:01 - 2016-01-20 18:01 - 00334784 _____ () C:\Program Files\VideoLAN\VLC\plugins\lua\liblua_plugin.dll
2016-01-20 18:00 - 2016-01-20 18:00 - 00089536 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libvdr_plugin.dll
2016-01-20 18:00 - 2016-01-20 18:00 - 00055744 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libfilesystem_plugin.dll
2016-01-20 18:00 - 2016-01-20 18:00 - 00072128 _____ () C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libsmooth_plugin.dll
2016-01-20 18:00 - 2016-01-20 18:00 - 00598464 _____ () C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libhttplive_plugin.dll
2016-01-20 18:00 - 2016-01-20 18:00 - 00771520 _____ () C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libdash_plugin.dll
2016-01-20 18:00 - 2016-01-20 18:00 - 00131520 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libzip_plugin.dll
2016-01-20 18:00 - 2016-01-20 18:00 - 00052672 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\librar_plugin.dll
2016-01-20 18:00 - 2016-01-20 18:00 - 00023488 _____ () C:\Program Files\VideoLAN\VLC\plugins\stream_filter\librecord_plugin.dll
2016-01-20 18:00 - 2016-01-20 18:00 - 00036800 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libes_plugin.dll
2016-01-20 18:00 - 2016-01-20 18:00 - 02198464 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\liblibbluray_plugin.dll
2016-01-20 18:01 - 2016-01-20 18:01 - 00344512 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libtheora_plugin.dll
2016-01-20 18:00 - 2016-01-20 18:00 - 00114112 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_bd_plugin.dll
2016-01-20 18:00 - 2016-01-20 18:00 - 00245184 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libdvdnav_plugin.dll
2016-01-20 18:01 - 2016-01-20 18:01 - 00024512 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\librawvideo_plugin.dll
2016-01-20 18:01 - 2016-01-20 18:01 - 00157632 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libspeex_plugin.dll
2016-01-20 18:01 - 2016-01-20 18:01 - 00754624 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libvorbis_plugin.dll
2016-01-20 18:01 - 2016-01-20 18:01 - 00024512 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libaes3_plugin.dll
2016-01-20 18:01 - 2016-01-20 18:01 - 00031680 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\liblpcm_plugin.dll
2016-01-20 18:02 - 2016-01-20 18:02 - 00089024 _____ () C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_h264_plugin.dll
2016-01-20 18:02 - 2016-01-20 18:02 - 00032192 _____ () C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_flac_plugin.dll
2016-01-20 18:02 - 2016-01-20 18:02 - 00040384 _____ () C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_dirac_plugin.dll
2016-01-20 18:02 - 2016-01-20 18:02 - 00030144 _____ () C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mlp_plugin.dll
2016-01-20 18:02 - 2016-01-20 18:02 - 00078272 _____ () C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpeg4audio_plugin.dll
2016-01-20 18:02 - 2016-01-20 18:02 - 00044992 _____ () C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_vc1_plugin.dll
2016-01-20 18:01 - 2016-01-20 18:01 - 00026048 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libsvcdsub_plugin.dll
2016-01-20 18:01 - 2016-01-20 18:01 - 00028608 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libspudec_plugin.dll
2016-01-20 18:02 - 2016-01-20 18:02 - 00035264 _____ () C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpeg4video_plugin.dll
2016-01-20 18:02 - 2016-01-20 18:02 - 00037312 _____ () C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpegvideo_plugin.dll
2016-01-20 18:01 - 2016-01-20 18:01 - 00028096 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libcvdsub_plugin.dll
2016-01-20 18:02 - 2016-01-20 18:02 - 00025536 _____ () C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_hevc_plugin.dll
2016-01-20 18:01 - 2016-01-20 18:01 - 14929344 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libavcodec_plugin.dll
2016-01-20 18:00 - 2016-01-20 18:00 - 00242624 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libmp4_plugin.dll
2016-01-20 18:00 - 2016-01-20 18:00 - 00108992 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libavi_plugin.dll
2016-01-20 18:01 - 2016-01-20 18:01 - 00046528 _____ () C:\Program Files\VideoLAN\VLC\plugins\meta_engine\libfolder_plugin.dll
2016-01-20 18:00 - 2016-01-20 18:00 - 00096704 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libasf_plugin.dll
2016-01-20 18:01 - 2016-01-20 18:01 - 00028096 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libmpeg_audio_plugin.dll
2016-01-20 18:00 - 2016-01-20 18:00 - 00091584 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libflacsys_plugin.dll
2016-01-20 18:01 - 2016-01-20 18:01 - 01566656 _____ () C:\Program Files\VideoLAN\VLC\plugins\meta_engine\libtaglib_plugin.dll
2016-01-20 18:02 - 2016-01-20 18:02 - 00261056 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libjpeg_plugin.dll
2016-01-20 18:02 - 2016-01-20 18:02 - 00027072 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libcdg_plugin.dll
2016-01-20 18:02 - 2016-01-20 18:02 - 00298944 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libpng_plugin.dll
2016-01-20 18:01 - 2016-01-20 18:01 - 01291200 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libschroedinger_plugin.dll
2016-01-20 18:01 - 2016-01-20 18:01 - 00028608 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libdts_plugin.dll
2016-01-20 18:01 - 2016-01-20 18:01 - 00036800 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libaraw_plugin.dll
2016-01-20 18:01 - 2016-01-20 18:01 - 00052160 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libsubstx3g_plugin.dll
2016-01-20 18:01 - 2016-01-20 18:01 - 00456128 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libflac_plugin.dll
2016-01-20 18:01 - 2016-01-20 18:01 - 00035776 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libg711_plugin.dll
2016-01-20 18:01 - 2016-01-20 18:01 - 02668480 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\liblibass_plugin.dll
2016-01-20 18:01 - 2016-01-20 18:01 - 00356288 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libfaad_plugin.dll
2016-01-20 18:01 - 2016-01-20 18:01 - 00028096 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\liba52_plugin.dll
2016-01-20 18:01 - 2016-01-20 18:01 - 00022464 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_mixer\libfloat_mixer_plugin.dll
2016-01-20 18:01 - 2016-01-20 18:01 - 00027072 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libscaletempo_plugin.dll
2016-01-20 18:01 - 2016-01-20 18:01 - 00140224 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libmpgatofixed32_plugin.dll
2016-01-20 18:01 - 2016-01-20 18:01 - 00176576 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libdtstofloat32_plugin.dll
2016-01-20 18:01 - 2016-01-20 18:01 - 00067520 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\liba52tofloat32_plugin.dll
2016-01-20 18:01 - 2016-01-20 18:01 - 01504704 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libsamplerate_plugin.dll
2016-01-20 18:01 - 2016-01-20 18:01 - 00028096 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libsimple_channel_mixer_plugin.dll
2016-01-20 18:01 - 2016-01-20 18:01 - 00022464 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\liba52tospdif_plugin.dll
2016-01-20 18:01 - 2016-01-20 18:01 - 00022976 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libdtstospdif_plugin.dll
2016-01-20 18:01 - 2016-01-20 18:01 - 00029632 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libdolby_surround_decoder_plugin.dll
2016-01-20 18:01 - 2016-01-20 18:01 - 00022464 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libugly_resampler_plugin.dll
2016-01-20 18:01 - 2016-01-20 18:01 - 00024512 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libtrivial_channel_mixer_plugin.dll
2016-01-20 18:01 - 2016-01-20 18:01 - 00034240 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libaudio_format_plugin.dll
2016-01-20 18:01 - 2016-01-20 18:01 - 00370112 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libopus_plugin.dll
2016-01-20 18:01 - 2016-01-20 18:01 - 00121792 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libdvbsub_plugin.dll
2016-01-20 18:00 - 2016-01-20 18:00 - 00789952 _____ () C:\Program Files\VideoLAN\VLC\plugins\text_renderer\libfreetype_plugin.dll
2016-01-20 18:00 - 2016-01-20 18:00 - 00038848 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_sse2_plugin.dll
2016-01-20 18:00 - 2016-01-20 18:00 - 00030144 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_mmx_plugin.dll
2016-01-20 18:00 - 2016-01-20 18:00 - 00746432 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libswscale_plugin.dll
2016-01-20 18:00 - 2016-01-20 18:00 - 00036800 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_sse2_plugin.dll
2016-01-20 18:00 - 2016-01-20 18:00 - 00125376 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_sse2_plugin.dll
2016-01-20 18:00 - 2016-01-20 18:00 - 00064448 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_mmx_plugin.dll
2016-01-20 18:00 - 2016-01-20 18:00 - 00028608 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_mmx_plugin.dll
2016-01-20 18:00 - 2016-01-20 18:00 - 00027584 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libyuy2_i422_plugin.dll
2016-01-20 18:00 - 2016-01-20 18:00 - 00024512 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libgrey_yuv_plugin.dll
2016-01-20 18:00 - 2016-01-20 18:00 - 00030656 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libyuy2_i420_plugin.dll
2016-01-20 18:00 - 2016-01-20 18:00 - 00027584 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_plugin.dll
2016-01-20 18:00 - 2016-01-20 18:00 - 00029120 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_plugin.dll
2016-01-20 18:00 - 2016-01-20 18:00 - 00037312 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_plugin.dll
2016-01-20 18:00 - 2016-01-20 18:00 - 00024000 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi422_i420_plugin.dll
2016-01-20 18:01 - 2016-01-20 18:01 - 00023488 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_filter\libscale_plugin.dll
2016-01-20 18:01 - 2016-01-20 18:01 - 00022976 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_filter\libyuvp_plugin.dll
2016-01-20 18:01 - 2016-01-20 18:01 - 00201152 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_filter\libblend_plugin.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-854245398-1336601894-1177238915-1003\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-854245398-1336601894-1177238915-1003\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2008-04-14 01:00 - 2008-04-14 01:00 - 00000734 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-854245398-1336601894-1177238915-1003\Control Panel\Desktop\\Wallpaper -> C:\Documents and Settings\New\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
DNS Servers: 204.186.110.114 - 216.144.187.199
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\WINDOWS\pss\McAfee Security Scan Plus.lnkCommon Startup
MSCONFIG\startupreg: AdAwareTray => "C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\AdAwareTray.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: AvastUI.exe => "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
MSCONFIG\startupreg: AvgUi => "C:\Program Files\AVG\Framework\Common\avguirnx.exe" /lps=fmw
MSCONFIG\startupreg: ctfmon.exe => C:\WINDOWS\system32\ctfmon.exe
MSCONFIG\startupreg: DriverToolkit => "C:\Program Files\DriverToolkit\DriverToolkit.exe" --autorun
MSCONFIG\startupreg: igfxhkcmd => C:\WINDOWS\system32\hkcmd.exe
MSCONFIG\startupreg: igfxpers => C:\WINDOWS\system32\igfxpers.exe
MSCONFIG\startupreg: igfxtray => C:\WINDOWS\system32\igfxtray.exe
MSCONFIG\startupreg: iSkysoft Helper Compact.exe => C:\Program Files\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
MSCONFIG\startupreg: KernelFaultCheck => %systemroot%\system32\dumprep 0 -k
MSCONFIG\startupreg: MSC => "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
MSCONFIG\startupreg: Phone Dialer Pro => "c:\program files\phone dialer pro\phonepro.exe" /min
MSCONFIG\startupreg: ProPCCleaner => C:\Program Files\Pro PC Cleaner\ProPCCleaner.exe true
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RoxioDragToDisc => "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SoundMAXPnP => C:\Program Files\Analog Devices\Core\smax4pnp.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

DomainProfile\AuthorizedApplications: [C:\Documents and Settings\All Users\Application Data\EroBisis\onuaci.exe] => Enabled:huyjuooe
StandardProfile\AuthorizedApplications: [C:\Program Files\AIM7\aim.exe] => Enabled:AIM
StandardProfile\AuthorizedApplications: [C:\Documents and Settings\All Users\Application Data\EroBisis\onuaci.exe] => Enabled:huyjuooe
StandardProfile\AuthorizedApplications: [C:\Program Files\BitComet\BitComet.exe] => Enabled:BitComet.exe
StandardProfile\AuthorizedApplications: [C:\WINDOWS\TEMP\4fnoihfhd.exe] => Enabled:Policy
StandardProfile\AuthorizedApplications: [C:\Program Files\Crossbrowse\Crossbrowse\Application\crossbrowse.exe] => Enabled:Crossbrowse
StandardProfile\AuthorizedApplications: [C:\Program Files\Mozilla Firefox\firefox.exe] => Enabled:Firefox (C:\Program Files\Mozilla Firefox)
StandardProfile\GloballyOpenPorts: [5985:TCP] => Disabled:Windows Remote Management
StandardProfile\GloballyOpenPorts: [80:TCP] => Disabled:Windows Remote Management - Compatibility Mode (HTTP-In)
StandardProfile\GloballyOpenPorts: [1900:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22007
StandardProfile\GloballyOpenPorts: [2869:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22008
StandardProfile\GloballyOpenPorts: [139:TCP] => :LocalSubNet:Disabled:@xpsp2res.dll,-22004
StandardProfile\GloballyOpenPorts: [445:TCP] => :LocalSubNet:Disabled:@xpsp2res.dll,-22005
StandardProfile\GloballyOpenPorts: [137:UDP] => :LocalSubNet:Disabled:@xpsp2res.dll,-22001
StandardProfile\GloballyOpenPorts: [138:UDP] => :LocalSubNet:Disabled:@xpsp2res.dll,-22002
StandardProfile\GloballyOpenPorts: [19935:TCP] => Enabled:BitComet 19935 TCP
StandardProfile\GloballyOpenPorts: [19935:UDP] => Enabled:BitComet 19935 UDP
StandardProfile\GloballyOpenPorts: [6881:TCP] => Enabled:Policy

==================== Restore Points =========================

25-11-2015 12:43:59 System Checkpoint
26-11-2015 14:26:17 System Checkpoint
27-11-2015 15:20:21 System Checkpoint
28-11-2015 16:37:50 System Checkpoint
29-11-2015 16:38:45 System Checkpoint
30-11-2015 22:04:34 System Checkpoint
01-12-2015 23:47:09 System Checkpoint
03-12-2015 00:26:53 System Checkpoint
04-12-2015 01:26:51 System Checkpoint
05-12-2015 02:26:51 System Checkpoint
06-12-2015 03:26:53 System Checkpoint
07-12-2015 03:38:51 System Checkpoint
08-12-2015 04:26:51 System Checkpoint
09-12-2015 04:43:47 System Checkpoint
09-12-2015 10:00:17 Software Distribution Service 3.0
10-12-2015 13:51:38 System Checkpoint
11-12-2015 15:39:30 System Checkpoint
12-12-2015 16:11:40 System Checkpoint
13-12-2015 16:23:29 System Checkpoint
14-12-2015 16:57:09 System Checkpoint
15-12-2015 19:46:58 System Checkpoint
16-12-2015 20:07:18 System Checkpoint
17-12-2015 20:46:38 System Checkpoint
18-12-2015 21:06:30 System Checkpoint
19-12-2015 21:37:24 System Checkpoint
20-12-2015 21:55:45 System Checkpoint
21-12-2015 22:27:31 System Checkpoint
23-12-2015 02:55:18 System Checkpoint
24-12-2015 03:27:32 System Checkpoint
25-12-2015 04:27:31 System Checkpoint
26-12-2015 05:27:32 System Checkpoint
27-12-2015 08:41:34 System Checkpoint
28-12-2015 10:13:21 System Checkpoint
29-12-2015 10:57:08 System Checkpoint
30-12-2015 12:21:12 System Checkpoint
31-12-2015 21:05:41 System Checkpoint
01-01-2016 21:52:48 System Checkpoint
03-01-2016 01:29:39 System Checkpoint
04-01-2016 15:22:20 System Checkpoint
05-01-2016 20:09:16 System Checkpoint
06-01-2016 20:49:52 System Checkpoint
07-01-2016 21:16:41 System Checkpoint
09-01-2016 10:53:34 System Checkpoint
10-01-2016 12:16:18 System Checkpoint
11-01-2016 17:56:36 System Checkpoint
12-01-2016 20:18:38 System Checkpoint
13-01-2016 10:00:16 Software Distribution Service 3.0
14-01-2016 10:53:26 System Checkpoint
15-01-2016 13:41:15 System Checkpoint
16-01-2016 15:39:54 System Checkpoint
17-01-2016 21:03:49 System Checkpoint
19-01-2016 17:21:25 System Checkpoint
20-01-2016 17:32:21 System Checkpoint
22-01-2016 02:51:31 System Checkpoint
23-01-2016 03:07:27 System Checkpoint
24-01-2016 04:06:23 System Checkpoint
25-01-2016 05:06:22 System Checkpoint
26-01-2016 08:48:28 System Checkpoint
27-01-2016 10:34:26 System Checkpoint
28-01-2016 12:03:00 System Checkpoint
29-01-2016 13:01:04 System Checkpoint
30-01-2016 15:05:37 System Checkpoint
31-01-2016 16:59:10 System Checkpoint
01-02-2016 17:03:55 System Checkpoint
02-02-2016 17:45:28 System Checkpoint
03-02-2016 21:20:24 System Checkpoint
04-02-2016 21:38:31 System Checkpoint
06-02-2016 12:02:46 System Checkpoint
07-02-2016 16:58:56 System Checkpoint
08-02-2016 20:59:53 System Checkpoint
10-02-2016 10:00:20 Software Distribution Service 3.0
11-02-2016 11:01:59 System Checkpoint
12-02-2016 13:27:46 System Checkpoint
13-02-2016 21:20:27 System Checkpoint
14-02-2016 21:23:43 System Checkpoint
17-02-2016 12:19:13 System Checkpoint
19-02-2016 06:39:47 System Checkpoint
20-02-2016 14:59:41 System Checkpoint
21-02-2016 10:39:42 Removed Apple Application Support
21-02-2016 10:41:03 Removed Skype™ 7.13
22-02-2016 09:54:09 Installed AVG 2016
22-02-2016 09:56:08 Installed AVG
22-02-2016 14:35:40 Restore Operation
22-02-2016 16:38:48 Installed Windows Media Player 11
22-02-2016 16:41:08 Installed Windows XP MSCompPackV1.
23-02-2016 07:22:13 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/22/2016 04:54:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application plugin-container.exe, version 44.0.2.5884, faulting module mozglue.dll, version 44.0.2.5884, fault address 0x0000ed3b.
Processing media-specific event for [plugin-container.exe!ws!]

Error: (02/22/2016 04:26:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application mpc-hc.exe, version 1.3.1774.0, faulting module mpc-hc.exe, version 1.3.1774.0, fault address 0x0009b3a6.
Processing media-specific event for [mpc-hc.exe!ws!]

Error: (02/22/2016 04:26:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application mpc-hc.exe, version 1.3.1774.0, faulting module mpc-hc.exe, version 1.3.1774.0, fault address 0x0009b3a6.
Processing media-specific event for [mpc-hc.exe!ws!]

Error: (02/22/2016 09:24:10 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\NEW\MY DOCUMENTS\DAI'S REUNION.AVI> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (02/22/2016 09:24:10 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\NEW\MY DOCUMENTS\CUTEPLUSHIES.BMP> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (02/22/2016 09:24:10 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\NEW\MY DOCUMENTS\CLIP1160.AVI> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (02/22/2016 09:24:10 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\NEW\MY DOCUMENTS\CLIP1155.AVI> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (02/22/2016 09:24:10 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\NEW\MY DOCUMENTS\CLIP1154.AVI> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (02/22/2016 09:24:10 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\NEW\MY DOCUMENTS\CLIP1153.AVI> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (02/22/2016 09:24:10 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\NEW\MY DOCUMENTS\CLIP1152.AVI> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
    A device attached to the system is not functioning.   (0x8007001f)


System errors:
=============
Error: (02/23/2016 07:23:20 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Ad-Aware Service 11 service terminated unexpectedly.  It has done this 1 time(s).

Error: (02/23/2016 07:23:20 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The WMDM PMSP Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (02/23/2016 07:23:20 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Timeout (60000 milliseconds) waiting for a transaction response from the MBAMScheduler service.

Error: (02/23/2016 07:22:19 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The World Wide Web Publishing service terminated unexpectedly.  It has done this 1 time(s).

Error: (02/23/2016 07:22:19 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Simple Mail Transfer Protocol (SMTP) service terminated unexpectedly.  It has done this 1 time(s).

Error: (02/23/2016 07:22:19 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The IIS Admin service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 1 milliseconds: Run the configured recovery program.

Error: (02/23/2016 07:22:19 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The AVG Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.

Error: (02/23/2016 07:16:51 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
m2jimzv2mhnkbdz

Error: (02/23/2016 07:12:37 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Application Layer Gateway Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (02/23/2016 07:12:37 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.


==================== Memory info ===========================

Processor:  Intel® Pentium® D CPU 3.00GHz
Percentage of memory in use: 32%
Total physical RAM: 3062.07 MB
Available physical RAM: 2064.71 MB
Total Virtual: 4948.15 MB
Available Virtual: 4033.86 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.51 GB) (Free:848.26 GB) NTFS ==>[drive with boot components (Windows XP)]
Drive g: (BACKUP) (Fixed) (Total:149.01 GB) (Free:1.05 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 9996FC4B)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 149.1 GB) (Disk ID: 3454F8C1)
Partition 1: (Not Active) - (Size=149.1 GB) - (Type=0B)

==================== End of Addition.txt ============================


  • 0

#7
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,029 posts
  • MVP
 
Download the attached fixlist.txt to the same location as FRST
 
[attachment=80424:fixlist.txt]
 
Run FRST and press Fix
A fix log will be generated please post that 
 
Go back into msconfig
 
Make sure everything is checked  OK and reboot.
 
Uninstall:
Ad-Aware Antivirus
AVG
BitComet 1.36 
Java 8 Update 51
 
Reboot.  Run FRST scan with Addition.txt checked and post both logs.
 
 
 

  • 0

#8
Paulos

Paulos

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts

Ok ... this is confusing but I as best as I could recall and put the Fixlist.txt in the FRST folder... now I'm going to post the ONE LOG it showed...

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:21-02-2016 01
Ran by New (administrator) on NEW-C38666AC652 (23-02-2016 09:05:11)
Running from C:\Documents and Settings\New\My Documents\Downloads
Loaded Profiles: New (Available Profiles: New)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) Language: English (United States)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avgsvcx.exe
(Microsoft Corporation) C:\WINDOWS\system32\inetsrv\inetinfo.exe
(Microsoft Corporation) C:\WINDOWS\system32\MsPMSPSv.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(America Online, Inc.) C:\Program Files\AIM Original\aim.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MSConfig] => C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe [169984 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-19\...\Policies\Explorer: [CDRAutoRun] 0
HKU\S-1-5-21-854245398-1336601894-1177238915-1003\...\Run: [AIM] => C:\Program Files\AIM Original\aim.exe [67160 2005-07-21] (America Online, Inc.)
HKU\S-1-5-21-854245398-1336601894-1177238915-1003\...\MountPoints2: {9afd757f-4ce8-11e5-ae08-0013722f4085} - F:\HPLauncher.exe
HKU\S-1-5-21-854245398-1336601894-1177238915-1003\...\MountPoints2: {c0c0e1e0-8dda-11e3-b70b-001372c1e370} - RunClubSanDisk.exe
HKU\S-1-5-21-854245398-1336601894-1177238915-1003\...\MountPoints2: {e3953827-1574-11e3-baca-0014223a28a9} - E:\RunClubSanDisk.exe
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 204.186.110.114 216.144.187.199 204.186.0.180
Tcpip\..\Interfaces\{BA58842D-01A3-4227-BF22-31E77F5007D5}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{E26E5228-D04C-4A87-B078-397FE29B9D33}: [DhcpNameServer] 204.186.110.114 216.144.187.199 204.186.0.180
ManualProxies:

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-854245398-1336601894-1177238915-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-854245398-1336601894-1177238915-1003 -> {c9ab6446-7efc-47fe-966c-dc54324eff9f} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_73\bin\ssv.dll [2016-02-10] (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-10] (Oracle Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Documents and Settings\New\Application Data\Mozilla\Firefox\Profiles\ujrt5is7.default-1455489104109
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-20] ()
FF Plugin: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-10] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-10] (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-01-20] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-854245398-1336601894-1177238915-1003: @unity3d.com/UnityPlayer,version=1.0 -> C:\Documents and Settings\New\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-18] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2015-09-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2015-09-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2015-09-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2015-09-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2015-09-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll [2015-09-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll [2015-09-25] (Apple Inc.)
FF Extension: Video AdBlock - C:\Documents and Settings\New\Application Data\Mozilla\Firefox\Profiles\ujrt5is7.default-1455489104109\extensions\{068e178c-61a9-4a63-b74f-87404a6f5ea1} [2016-02-22]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2014-02-04] [not signed]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-854245398-1336601894-1177238915-1003\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome - chrome.exe

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgsvc; C:\Program Files\AVG\Framework\Common\avgsvcx.exe [865704 2016-01-12] (AVG Technologies CZ, s.r.o.)
R2 IISADMIN; C:\WINDOWS\system32\inetsrv\inetinfo.exe [15360 2008-04-14] (Microsoft Corporation)
S2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\AdAwareService.exe [659872 2015-08-27] ()
S2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S4 npggsvc; C:\WINDOWS\system32\GameMon.des [3568840 2015-08-16] (INCA Internet Co., Ltd.)
R2 SMTPSVC; C:\WINDOWS\system32\inetsrv\inetinfo.exe [15360 2008-04-14] (Microsoft Corporation)
R2 W3SVC; C:\WINDOWS\system32\inetsrv\inetinfo.exe [15360 2008-04-14] (Microsoft Corporation)
R2 WMDM PMSP Service; C:\WINDOWS\system32\MsPMSPSv.exe [53248 2001-05-01] (Microsoft Corporation) [File not signed]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 bdselfpr; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.98.0\bdselfpr.sys [135600 2015-01-22] (BitDefender LLC)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [170200 2016-02-23] (Malwarebytes)
S3 rt2870; C:\WINDOWS\System32\DRIVERS\rt2870.sys [1174976 2011-04-25] (Ralink Technology, Corp.)
S3 Trufos; C:\WINDOWS\System32\DRIVERS\Trufos.sys [408280 2015-01-22] (BitDefender S.R.L.)
S0 cerc6; no ImagePath
S4 IntelIde; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-23 09:04 - 2016-02-23 09:04 - 00000582 _____ C:\Documents and Settings\New\Desktop\Shortcut to FRST.exe.lnk
2016-02-23 07:31 - 2016-02-23 07:31 - 00000719 _____ C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
2016-02-23 07:31 - 2016-02-23 07:31 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\VideoLAN
2016-02-23 07:30 - 2016-02-23 07:30 - 00000000 ____D C:\Program Files\VideoLAN
2016-02-23 07:26 - 2016-02-23 09:05 - 00000000 ____D C:\FRST
2016-02-23 07:25 - 2016-02-23 07:25 - 00003840 _____ C:\Documents and Settings\New\Desktop\JRT.txt
2016-02-23 07:19 - 2016-02-23 07:19 - 00000616 _____ C:\Documents and Settings\New\Desktop\Shortcut to AdwCleaner.exe.lnk
2016-02-23 07:01 - 2016-02-23 07:19 - 00000000 ____D C:\AdwCleaner
2016-02-22 16:41 - 2006-09-25 17:58 - 00014640 ____N (Microsoft Corporation) C:\WINDOWS\system32\spmsg.dll
2016-02-22 14:33 - 2016-02-22 14:33 - 00000000 ____D C:\Documents and Settings\New\Application Data\AVG10
2016-02-22 14:33 - 2016-02-22 14:33 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\AVG Zen
2016-02-22 09:49 - 2016-02-22 14:32 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\MFAData
2016-02-22 09:49 - 2016-02-22 09:49 - 00000000 ____D C:\Documents and Settings\New\Local Settings\Application Data\MFAData
2016-02-22 09:48 - 2016-02-22 09:48 - 00000617 _____ C:\Documents and Settings\All Users\Desktop\AVG.lnk
2016-02-22 09:46 - 2016-02-22 14:32 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Avg
2016-02-22 09:45 - 2016-02-22 09:48 - 00000000 ____D C:\Documents and Settings\New\Local Settings\Application Data\AvgSetupLog
2016-02-22 09:45 - 2016-02-22 09:45 - 00000000 ____D C:\Documents and Settings\New\Local Settings\Application Data\Avg
2016-02-22 08:28 - 2016-02-22 09:26 - 00000000 ____D C:\Documents and Settings\New\Application Data\denaf
2016-02-21 10:48 - 2016-02-21 10:47 - 00069584 ____H C:\WINDOWS\Minidump\Mini022116-03.dmp
2016-02-21 10:32 - 2016-02-21 10:31 - 00069584 ____H C:\WINDOWS\Minidump\Mini022116-02.dmp
2016-02-21 10:31 - 2016-02-21 10:47 - 00000664 _____ C:\Documents and Settings\New\Local Settings\Application Data\d3d9caps.dat
2016-02-21 09:49 - 2016-02-21 09:48 - 00069584 ____H C:\WINDOWS\Minidump\Mini022116-01.dmp
2016-02-20 20:34 - 2016-02-20 20:34 - 00000933 _____ C:\Documents and Settings\New\Desktop\The story of my life.txt
2016-02-20 19:26 - 2016-02-20 19:26 - 06912054 _____ C:\Documents and Settings\New\Desktop\TEmp calling me thank you Tails always thank you 2 20 16.bmp
2016-02-20 11:40 - 2016-02-20 11:40 - 06912054 _____ C:\Documents and Settings\New\Desktop\lisalisa happy with my explanation yay depression chat room 2 20 16.bmp
2016-02-20 10:45 - 2016-02-21 10:48 - 00000000 ____D C:\WINDOWS\Minidump
2016-02-20 10:45 - 2016-02-20 10:44 - 00069584 ____H C:\WINDOWS\Minidump\Mini022016-01.dmp
2016-02-20 10:44 - 2016-02-21 09:48 - 00000664 _____ C:\WINDOWS\system32\d3d9caps.dat
2016-02-19 08:03 - 2016-02-22 18:53 - 00000000 ____D C:\Documents and Settings\New\Desktop\When she's been online February
2016-02-16 19:30 - 2016-02-16 19:30 - 00000101 _____ C:\Documents and Settings\New\Desktop\TO DO LIST EVERY DAY IF YOU CAN PAUL FROM ALIS REMEMBER.txt
2016-02-15 10:17 - 2016-02-15 10:17 - 08208579 _____ C:\Documents and Settings\New\My Documents\我那覇響/Rebellion.mp4
2016-02-15 10:14 - 2016-02-15 10:14 - 21379042 _____ C:\Documents and Settings\New\My Documents\[720p] The [email protected] 2nd-Mix - Quintet (from THE [email protected] 2 S4U mode).mp4
2016-02-15 09:58 - 2016-02-22 15:34 - 00000000 ____D C:\Documents and Settings\New\Desktop\Depression Chat Room Logs
2016-02-14 08:51 - 2016-02-14 08:51 - 06912054 _____ C:\Documents and Settings\New\Desktop\Carina on Valentines day 2 14 16 thank you Carina thank you.bmp
2016-02-13 16:31 - 2016-02-13 16:31 - 02786333 _____ C:\Documents and Settings\New\My Documents\[Thug Life] Thug In The Kitchen.mp4
2016-02-11 18:34 - 2016-02-14 16:31 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-02-10 15:08 - 2016-02-10 15:08 - 00000000 ____D C:\Program Files\Common Files\Java
2016-02-10 15:07 - 2016-02-10 15:07 - 00000000 ____D C:\Documents and Settings\New\.oracle_jre_usage
2016-02-10 15:02 - 2016-02-10 15:02 - 00000000 ____D C:\Documents and Settings\New\Application Data\Oracle
2016-02-10 12:03 - 2016-02-10 12:03 - 00010320 _____ C:\Documents and Settings\New\Desktop\th.jpeg
2016-02-02 19:10 - 2016-02-02 19:10 - 00006489 _____ C:\Documents and Settings\New\Desktop\in jail.jpeg
2016-01-30 14:40 - 2016-01-30 14:40 - 00000051 _____ C:\Documents and Settings\New\Desktop\wei five generals dt2 not sure.txt

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-23 09:05 - 2012-01-18 13:04 - 00000000 ____D C:\Documents and Settings\New\Local Settings\Temp
2016-02-23 09:04 - 2008-04-14 01:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2016-02-23 09:02 - 2012-01-18 05:40 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2016-02-23 09:01 - 2012-01-18 13:02 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-02-23 09:01 - 2012-01-18 05:51 - 00000211 ___SH C:\boot.ini
2016-02-23 09:01 - 2008-04-14 01:00 - 00000555 _____ C:\WINDOWS\win.ini
2016-02-23 09:01 - 2008-04-14 01:00 - 00000227 _____ C:\WINDOWS\system.ini
2016-02-23 09:00 - 2012-01-18 13:04 - 00000178 ___SH C:\Documents and Settings\New\ntuser.ini
2016-02-23 09:00 - 2012-01-18 13:02 - 00032454 _____ C:\WINDOWS\SchedLgU.Txt
2016-02-23 08:59 - 2012-01-18 13:02 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\Temp
2016-02-23 08:59 - 2012-01-18 13:01 - 00000000 ____D C:\Documents and Settings\NetworkService\Local Settings\Temp
2016-02-23 08:55 - 2015-08-27 23:13 - 00000000 ____D C:\Documents and Settings\New\Application Data\vlc
2016-02-23 08:44 - 2014-02-04 14:42 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-02-23 07:22 - 2014-02-04 19:33 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2016-02-23 07:17 - 2015-08-29 13:36 - 00170200 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-02-23 07:16 - 2015-08-28 11:59 - 00001062 _____ C:\Documents and Settings\All Users\Desktop\Ad-Aware Antivirus.lnk
2016-02-23 07:12 - 2012-01-18 13:04 - 00000000 ___RD C:\Documents and Settings\New\My Documents
2016-02-22 17:31 - 2014-02-04 14:36 - 00000000 ____D C:\Program Files\K-Lite Codec Pack
2016-02-22 16:59 - 2015-07-28 11:24 - 00169850 _____ C:\Documents and Settings\New\Desktop\My SCREAM.txt
2016-02-22 16:51 - 2012-01-18 12:52 - 00023392 _____ C:\WINDOWS\system32\nscompat.tlb
2016-02-22 16:51 - 2012-01-18 12:52 - 00016832 _____ C:\WINDOWS\system32\amcompat.tlb
2016-02-22 16:41 - 2012-01-18 13:04 - 00000788 _____ C:\Documents and Settings\New\Start Menu\Programs\Windows Media Player.lnk
2016-02-22 16:41 - 2012-01-18 05:40 - 00000000 ___HD C:\WINDOWS\inf
2016-02-22 16:40 - 2014-02-04 19:32 - 00000000 ____D C:\Program Files\Windows Media Connect 2
2016-02-22 16:40 - 2012-01-18 05:40 - 00000000 RSHDC C:\WINDOWS\system32\dllcache
2016-02-22 16:26 - 2014-02-04 14:36 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\K-Lite Codec Pack
2016-02-22 14:32 - 2015-08-28 11:45 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\AVAST Software
2016-02-22 09:54 - 2015-07-28 14:33 - 00000000 ____D C:\Program Files\AVG
2016-02-22 09:27 - 2014-02-04 19:34 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2492386$
2016-02-22 09:26 - 2014-02-04 18:02 - 00131072 _____ C:\WINDOWS\system32\config\WindowsPowerShell.evt
2016-02-22 09:26 - 2012-01-18 05:40 - 00000000 ____D C:\WINDOWS\L2Schemas
2016-02-22 08:52 - 2012-01-18 12:52 - 00000000 __SHD C:\Documents and Settings\All Users\DRM
2016-02-22 08:42 - 2014-02-04 16:45 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB973904$
2016-02-22 08:41 - 2016-01-08 08:13 - 00000585 _____ C:\Documents and Settings\All Users\Desktop\Dragon Raja Global.lnk
2016-02-22 08:41 - 2015-10-19 23:58 - 00000983 _____ C:\Documents and Settings\All Users\Desktop\Façade.lnk
2016-02-22 08:41 - 2015-09-13 14:53 - 00000615 _____ C:\Documents and Settings\All Users\Desktop\Elsword.lnk
2016-02-22 08:41 - 2015-08-15 10:38 - 00001564 _____ C:\Documents and Settings\All Users\Desktop\Diablo II.lnk
2016-02-22 08:41 - 2015-07-28 14:22 - 00001553 _____ C:\Documents and Settings\All Users\Desktop\AIM.lnk
2016-02-22 08:41 - 2012-01-18 12:52 - 00001523 _____ C:\WINDOWS\OEWABLog.txt
2016-02-22 08:40 - 2016-01-02 11:29 - 00001045 _____ C:\Documents and Settings\New\Desktop\Shortcut to Shining Force I Editor v1.0.exe.lnk
2016-02-22 08:40 - 2015-12-24 07:58 - 00001678 _____ C:\Documents and Settings\New\Desktop\Shortcut to U13 - Sonic And The Secret Rings - Seven Rings In Hand.mp3.lnk
2016-02-22 08:40 - 2015-12-24 07:58 - 00001608 _____ C:\Documents and Settings\New\Desktop\Shortcut to U09 - Sonic Adventure 2 - Live And Learn.mp3.lnk
2016-02-22 08:40 - 2015-12-24 07:57 - 00001618 _____ C:\Documents and Settings\New\Desktop\Shortcut to U12 - Sonic The Hedgehog - His World Remix.mp3.lnk
2016-02-22 08:40 - 2015-12-23 07:59 - 00000670 _____ C:\Documents and Settings\New\Desktop\Shortcut to ATB - Ecstasy.mp3.lnk
2016-02-22 08:40 - 2015-10-14 11:42 - 00000718 _____ C:\Documents and Settings\New\Desktop\Shortcut to Hero Editor.exe.lnk
2016-02-22 08:40 - 2015-09-25 23:13 - 00000535 _____ C:\Documents and Settings\New\Desktop\Shortcut to Youtube Video Tags.txt.lnk
2016-02-22 08:40 - 2015-08-22 15:04 - 00000104 _____ C:\Documents and Settings\New\Desktop\Shortcut to Search Results.lnk
2016-02-22 08:40 - 2015-08-09 14:33 - 00000679 _____ C:\Documents and Settings\New\Desktop\Shortcut (3) to aim.lnk
2016-02-22 08:40 - 2015-07-30 13:30 - 00000375 _____ C:\Documents and Settings\New\Desktop\Shortcut to Saved Movies.lnk
2016-02-22 08:40 - 2015-07-29 20:25 - 00001785 _____ C:\Documents and Settings\New\Desktop\Age of Empires.lnk
2016-02-22 08:40 - 2015-07-29 17:49 - 00000258 __RSH C:\Documents and Settings\All Users\ntuser.pol
2016-02-22 08:40 - 2015-07-28 15:34 - 00000654 _____ C:\Documents and Settings\New\Desktop\Shortcut to HyCam2.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00001978 _____ C:\Documents and Settings\New\Desktop\Shortcut to 206  Juno Reactor Vs. Don Davis - Burly Brawl SMIT.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00001848 _____ C:\Documents and Settings\New\Desktop\Shortcut to 204  Rob Dougan - Chateau BATTLE.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00001792 _____ C:\Documents and Settings\New\Desktop\Age of Empires Expansion.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00001748 _____ C:\Documents and Settings\New\Desktop\Shortcut to Super Street Fighter 4 Juri Theme Soundtrack HD  .lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00001603 _____ C:\Documents and Settings\New\Desktop\A Small Measure of Peace Part of my Favorite tune LAST SAMURAI.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00001593 _____ C:\Documents and Settings\New\Desktop\Age Of Wonders.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00001564 _____ C:\Documents and Settings\New\Desktop\Diablo II - Lord of Destruction.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00001548 _____ C:\Documents and Settings\New\Desktop\A Way of Life Part of my Favorite tune LAST SAMURAI.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00001510 _____ C:\Documents and Settings\New\Desktop\Shortcut to Super Street Fighter 4 Trial Theme Soundtrack HD  .lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00001510 _____ C:\Documents and Settings\New\Desktop\Shortcut to Super Street Fighter 4 Character Select Arcade The.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00001460 _____ C:\Documents and Settings\New\Desktop\Shortcut to Vicodin Withdrawal and info on PILL TAKING.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00001385 _____ C:\Documents and Settings\New\Desktop\Shortcut to 238. Training Stage Clip1.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00001362 _____ C:\Documents and Settings\New\Desktop\Shortcut (2) to Mortal Kombat- Final Combat (Techno Syndrome Mix).lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00001345 _____ C:\Documents and Settings\New\Desktop\Shortcut to Pho's Vicodin WD Advice.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00001323 _____ C:\Documents and Settings\New\Desktop\Shortcut to Gemfire BIG CODES.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00001270 _____ C:\Documents and Settings\New\Desktop\Shortcut to Japanese.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00001254 _____ C:\Documents and Settings\New\Desktop\Shortcut to Dynasty Warriors 7 Original Soundtrack.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00001239 _____ C:\Documents and Settings\New\Desktop\Shortcut to 1Musou Orochi 2 Original Soundtrack.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00001239 _____ C:\Documents and Settings\New\Desktop\Nero StartSmart.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000976 _____ C:\Documents and Settings\New\Desktop\Shortcut to David Bowie & Freddy Mercury - Under Pressure.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000971 _____ C:\Documents and Settings\New\Desktop\Shortcut to An 8 Bit Reenactment of Dungeons and Dragons.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000926 _____ C:\Documents and Settings\New\Desktop\Shortcut to Beethoven - Moonlight Sonata (FULL).lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000901 _____ C:\Documents and Settings\New\Desktop\Shortcut to Dynasty Tactics II.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000848 _____ C:\Documents and Settings\New\Desktop\Shortcut to Heroes3_C_crked.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000815 _____ C:\Documents and Settings\New\Desktop\Shortcut to AmishHilarious.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000801 _____ C:\Documents and Settings\New\Desktop\Shortcut to Company.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000796 _____ C:\Documents and Settings\New\Desktop\Shortcut to VisualBoyAdvance.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000753 _____ C:\Documents and Settings\New\Desktop\Shortcut to IG - Snap - Ive Got the Power.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000728 _____ C:\Documents and Settings\New\Desktop\Shortcut to Gemfire Game Genie Codes.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000705 _____ C:\Documents and Settings\New\Desktop\Shortcut to AoWEd.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000696 _____ C:\Documents and Settings\New\Desktop\Shortcut to moviemk.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000696 _____ C:\Documents and Settings\New\Desktop\Shortcut to Faces.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000686 _____ C:\Documents and Settings\New\Desktop\Shortcut to snes9x.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000663 _____ C:\Documents and Settings\New\Desktop\Shortcut to mame32k.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000633 _____ C:\Documents and Settings\New\Desktop\Shortcut to SFedit.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000625 _____ C:\Documents and Settings\New\Desktop\Shortcut to gens.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000621 _____ C:\Documents and Settings\New\Desktop\Shortcut to fceu.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000617 _____ C:\Documents and Settings\New\Desktop\Shortcut to Songs.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000592 _____ C:\Documents and Settings\New\Desktop\Shortcut to CASTLE2.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000556 _____ C:\Documents and Settings\New\Desktop\Shortcut to Whoomp there it is.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000534 _____ C:\Documents and Settings\New\Desktop\Shortcut to civ2.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000511 _____ C:\Documents and Settings\New\Desktop\Shortcut to Chat Logs.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000511 _____ C:\Documents and Settings\New\Desktop\Shortcut (2) to RPG STUFF.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000484 _____ C:\Documents and Settings\New\Desktop\Shortcut to Ren and Stimpy.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000450 _____ C:\Documents and Settings\New\Desktop\Shortcut to Woman Anime Cartoon Photos.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000350 _____ C:\Documents and Settings\New\Desktop\Shortcut to Shared.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000260 _____ C:\Documents and Settings\New\Desktop\Shortcut (2) to Porn Vids.lnk
2016-02-22 08:40 - 2015-07-28 11:23 - 00000718 _____ C:\Documents and Settings\New\Desktop\WO2 Abilities of Chars.lnk
2016-02-22 08:40 - 2012-01-18 05:52 - 00000000 ____D C:\Documents and Settings\All Users
2016-02-22 07:49 - 2012-01-18 13:04 - 00000738 _____ C:\Documents and Settings\New\Start Menu\Programs\Outlook Express.lnk
2016-02-22 07:47 - 2012-01-18 13:04 - 00000000 ___RD C:\Documents and Settings\New\My Documents\My Pictures
2016-02-22 07:47 - 2012-01-18 13:04 - 00000000 ___RD C:\Documents and Settings\New\My Documents\My Music
2016-02-21 11:39 - 2015-07-28 11:32 - 00000000 ____D C:\Documents and Settings\New\Desktop\Important Documents
2016-02-21 10:42 - 2012-01-18 06:07 - 00670330 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-02-21 10:41 - 2015-10-30 17:32 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Skype
2016-02-21 10:41 - 2012-01-18 05:59 - 01124276 _____ C:\WINDOWS\setupapi.log.0.old
2016-02-20 15:16 - 2015-07-28 11:32 - 00000000 ____D C:\Documents and Settings\New\Desktop\Pics Misc Documents
2016-02-18 07:22 - 2015-07-28 14:15 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-02-17 13:25 - 2016-01-08 08:06 - 00000000 ____D C:\Dragon Raja Global
2016-02-16 21:07 - 2015-11-02 07:21 - 00188928 ___SH C:\Documents and Settings\New\Desktop\Thumbs.db
2016-02-15 09:52 - 2014-02-04 18:02 - 00000000 __SHD C:\Documents and Settings\New\IETldCache
2016-02-10 15:32 - 2014-02-04 18:05 - 00000000 __SHD C:\Documents and Settings\New\PrivacIE
2016-02-10 15:32 - 2014-02-04 18:05 - 00000000 __SHD C:\Documents and Settings\New\IECompatCache
2016-02-10 15:08 - 2015-07-31 08:02 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Oracle
2016-02-10 15:07 - 2014-02-04 19:21 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Java
2016-02-10 15:07 - 2012-01-18 13:04 - 00000000 ____D C:\Documents and Settings\New
2016-02-10 15:06 - 2014-02-04 19:22 - 00146432 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2016-02-10 15:06 - 2014-02-04 19:21 - 00095840 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2016-02-10 15:06 - 2014-01-06 11:59 - 00000000 ____D C:\Program Files\Java
2016-02-10 10:05 - 2014-11-14 11:33 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-02-10 10:00 - 2014-02-04 16:54 - 144254680 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-02-09 16:53 - 2015-09-25 22:55 - 00002425 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Apple Software Update.lnk
2016-02-09 16:53 - 2015-09-18 18:44 - 00001025 _____ C:\Documents and Settings\All Users\Desktop\Hex Workshop Hex Editor (32 bit).lnk
2016-02-09 16:53 - 2015-08-29 13:36 - 00000777 _____ C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2016-02-09 16:53 - 2015-08-05 14:44 - 00000554 _____ C:\Documents and Settings\All Users\Desktop\Seven Kingdoms II.lnk
2016-02-09 16:53 - 2015-07-31 16:21 - 00001713 _____ C:\Documents and Settings\All Users\Desktop\The Conquerors.lnk
2016-02-09 16:53 - 2015-07-29 20:31 - 00001696 _____ C:\Documents and Settings\All Users\Desktop\Heroes 3 Complete.lnk
2016-02-09 16:53 - 2014-02-04 19:33 - 00001761 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Windows Search.lnk
2016-02-09 16:53 - 2014-01-06 13:10 - 00002347 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk
2016-02-09 16:53 - 2012-01-18 12:51 - 00000786 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Windows Movie Maker.lnk
2016-02-09 16:53 - 2012-01-18 12:27 - 00000605 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Windows Messenger.lnk
2016-02-09 16:23 - 2015-08-29 13:36 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
2016-02-09 16:23 - 2015-08-29 13:35 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2016-02-09 15:21 - 2014-01-06 11:56 - 00000000 __SHD C:\Documents and Settings\New\UserData
2016-01-31 10:19 - 2015-07-28 11:24 - 00003340 _____ C:\Documents and Settings\New\Desktop\Passwords Info about friends.txt
2016-01-29 21:53 - 2015-07-29 17:51 - 00000000 ____D C:\Documents and Settings\New\Local Settings\Application Data\WMTools Downloaded Files

==================== Files in the root of some directories =======

2015-07-28 16:07 - 2015-07-28 16:07 - 0000037 ___SH () C:\Documents and Settings\New\Local Settings\Application Data\20986331705021ca58edc424.96250074
2016-02-21 10:31 - 2016-02-21 10:47 - 0000664 _____ () C:\Documents and Settings\New\Local Settings\Application Data\d3d9caps.dat

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================

 

And now I will follow what you just said to do, msconfig ... when you say UNINSTALL ... like in Add/Remove programs?


  • 0

#9
Paulos

Paulos

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts

I'm also assuming when you typed RUN that means ... Scan and then Fix I assume o_O I just uninstalled what you told me, now I will post the logs what I get. FRST.txt and then addition.txt here they are.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:21-02-2016 01
Ran by New (administrator) on NEW-C38666AC652 (23-02-2016 09:12:13)
Running from C:\Documents and Settings\New\My Documents\Downloads
Loaded Profiles: New (Available Profiles: New)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) Language: English (United States)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\WINDOWS\system32\inetsrv\inetinfo.exe
(Microsoft Corporation) C:\WINDOWS\system32\MsPMSPSv.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(America Online, Inc.) C:\Program Files\AIM Original\aim.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MSConfig] => C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe [169984 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-19\...\Policies\Explorer: [CDRAutoRun] 0
HKU\S-1-5-21-854245398-1336601894-1177238915-1003\...\Run: [AIM] => C:\Program Files\AIM Original\aim.exe [67160 2005-07-21] (America Online, Inc.)
HKU\S-1-5-21-854245398-1336601894-1177238915-1003\...\MountPoints2: {9afd757f-4ce8-11e5-ae08-0013722f4085} - F:\HPLauncher.exe
HKU\S-1-5-21-854245398-1336601894-1177238915-1003\...\MountPoints2: {c0c0e1e0-8dda-11e3-b70b-001372c1e370} - RunClubSanDisk.exe
HKU\S-1-5-21-854245398-1336601894-1177238915-1003\...\MountPoints2: {e3953827-1574-11e3-baca-0014223a28a9} - E:\RunClubSanDisk.exe
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 204.186.110.114 216.144.187.199 204.186.0.180
Tcpip\..\Interfaces\{BA58842D-01A3-4227-BF22-31E77F5007D5}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{E26E5228-D04C-4A87-B078-397FE29B9D33}: [DhcpNameServer] 204.186.110.114 216.144.187.199 204.186.0.180
ManualProxies:

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-854245398-1336601894-1177238915-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-854245398-1336601894-1177238915-1003 -> {c9ab6446-7efc-47fe-966c-dc54324eff9f} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_73\bin\ssv.dll [2016-02-10] (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-10] (Oracle Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Documents and Settings\New\Application Data\Mozilla\Firefox\Profiles\ujrt5is7.default-1455489104109
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-20] ()
FF Plugin: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-10] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-10] (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-01-20] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-854245398-1336601894-1177238915-1003: @unity3d.com/UnityPlayer,version=1.0 -> C:\Documents and Settings\New\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-18] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2015-09-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2015-09-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2015-09-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2015-09-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2015-09-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll [2015-09-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll [2015-09-25] (Apple Inc.)
FF Extension: Video AdBlock - C:\Documents and Settings\New\Application Data\Mozilla\Firefox\Profiles\ujrt5is7.default-1455489104109\extensions\{068e178c-61a9-4a63-b74f-87404a6f5ea1} [2016-02-22]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2014-02-04] [not signed]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-854245398-1336601894-1177238915-1003\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome - chrome.exe

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 IISADMIN; C:\WINDOWS\system32\inetsrv\inetinfo.exe [15360 2008-04-14] (Microsoft Corporation)
S2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S4 npggsvc; C:\WINDOWS\system32\GameMon.des [3568840 2015-08-16] (INCA Internet Co., Ltd.)
R2 SMTPSVC; C:\WINDOWS\system32\inetsrv\inetinfo.exe [15360 2008-04-14] (Microsoft Corporation)
R2 W3SVC; C:\WINDOWS\system32\inetsrv\inetinfo.exe [15360 2008-04-14] (Microsoft Corporation)
R2 WMDM PMSP Service; C:\WINDOWS\system32\MsPMSPSv.exe [53248 2001-05-01] (Microsoft Corporation) [File not signed]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [170200 2016-02-23] (Malwarebytes)
S3 rt2870; C:\WINDOWS\System32\DRIVERS\rt2870.sys [1174976 2011-04-25] (Ralink Technology, Corp.)
R4 bdselfpr; \??\C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.98.0\bdselfpr.sys [X]
S0 cerc6; no ImagePath
S4 IntelIde; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-23 09:08 - 2016-02-23 09:08 - 00000000 ____D C:\WINDOWS\LastGood
2016-02-23 09:04 - 2016-02-23 09:04 - 00000582 _____ C:\Documents and Settings\New\Desktop\Shortcut to FRST.exe.lnk
2016-02-23 07:31 - 2016-02-23 07:31 - 00000719 _____ C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
2016-02-23 07:31 - 2016-02-23 07:31 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\VideoLAN
2016-02-23 07:30 - 2016-02-23 07:30 - 00000000 ____D C:\Program Files\VideoLAN
2016-02-23 07:26 - 2016-02-23 09:12 - 00000000 ____D C:\FRST
2016-02-23 07:25 - 2016-02-23 07:25 - 00003840 _____ C:\Documents and Settings\New\Desktop\JRT.txt
2016-02-23 07:19 - 2016-02-23 07:19 - 00000616 _____ C:\Documents and Settings\New\Desktop\Shortcut to AdwCleaner.exe.lnk
2016-02-23 07:01 - 2016-02-23 07:19 - 00000000 ____D C:\AdwCleaner
2016-02-22 16:41 - 2006-09-25 17:58 - 00014640 ____N (Microsoft Corporation) C:\WINDOWS\system32\spmsg.dll
2016-02-22 14:33 - 2016-02-22 14:33 - 00000000 ____D C:\Documents and Settings\New\Application Data\AVG10
2016-02-22 09:49 - 2016-02-22 14:32 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\MFAData
2016-02-22 09:49 - 2016-02-22 09:49 - 00000000 ____D C:\Documents and Settings\New\Local Settings\Application Data\MFAData
2016-02-22 09:46 - 2016-02-23 09:10 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Avg
2016-02-22 09:45 - 2016-02-23 09:10 - 00000000 ____D C:\Documents and Settings\New\Local Settings\Application Data\AvgSetupLog
2016-02-22 09:45 - 2016-02-22 09:45 - 00000000 ____D C:\Documents and Settings\New\Local Settings\Application Data\Avg
2016-02-22 08:28 - 2016-02-22 09:26 - 00000000 ____D C:\Documents and Settings\New\Application Data\denaf
2016-02-21 10:48 - 2016-02-21 10:47 - 00069584 ____H C:\WINDOWS\Minidump\Mini022116-03.dmp
2016-02-21 10:32 - 2016-02-21 10:31 - 00069584 ____H C:\WINDOWS\Minidump\Mini022116-02.dmp
2016-02-21 10:31 - 2016-02-21 10:47 - 00000664 _____ C:\Documents and Settings\New\Local Settings\Application Data\d3d9caps.dat
2016-02-21 09:49 - 2016-02-21 09:48 - 00069584 ____H C:\WINDOWS\Minidump\Mini022116-01.dmp
2016-02-20 20:34 - 2016-02-20 20:34 - 00000933 _____ C:\Documents and Settings\New\Desktop\The story of my life.txt
2016-02-20 19:26 - 2016-02-20 19:26 - 06912054 _____ C:\Documents and Settings\New\Desktop\TEmp calling me thank you Tails always thank you 2 20 16.bmp
2016-02-20 11:40 - 2016-02-20 11:40 - 06912054 _____ C:\Documents and Settings\New\Desktop\lisalisa happy with my explanation yay depression chat room 2 20 16.bmp
2016-02-20 10:45 - 2016-02-21 10:48 - 00000000 ____D C:\WINDOWS\Minidump
2016-02-20 10:45 - 2016-02-20 10:44 - 00069584 ____H C:\WINDOWS\Minidump\Mini022016-01.dmp
2016-02-20 10:44 - 2016-02-21 09:48 - 00000664 _____ C:\WINDOWS\system32\d3d9caps.dat
2016-02-19 08:03 - 2016-02-22 18:53 - 00000000 ____D C:\Documents and Settings\New\Desktop\When she's been online February
2016-02-16 19:30 - 2016-02-16 19:30 - 00000101 _____ C:\Documents and Settings\New\Desktop\TO DO LIST EVERY DAY IF YOU CAN PAUL FROM ALIS REMEMBER.txt
2016-02-15 10:17 - 2016-02-15 10:17 - 08208579 _____ C:\Documents and Settings\New\My Documents\我那覇響/Rebellion.mp4
2016-02-15 10:14 - 2016-02-15 10:14 - 21379042 _____ C:\Documents and Settings\New\My Documents\[720p] The [email protected] 2nd-Mix - Quintet (from THE [email protected] 2 S4U mode).mp4
2016-02-15 09:58 - 2016-02-22 15:34 - 00000000 ____D C:\Documents and Settings\New\Desktop\Depression Chat Room Logs
2016-02-14 08:51 - 2016-02-14 08:51 - 06912054 _____ C:\Documents and Settings\New\Desktop\Carina on Valentines day 2 14 16 thank you Carina thank you.bmp
2016-02-13 16:31 - 2016-02-13 16:31 - 02786333 _____ C:\Documents and Settings\New\My Documents\[Thug Life] Thug In The Kitchen.mp4
2016-02-11 18:34 - 2016-02-14 16:31 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-02-10 15:08 - 2016-02-10 15:08 - 00000000 ____D C:\Program Files\Common Files\Java
2016-02-10 15:07 - 2016-02-10 15:07 - 00000000 ____D C:\Documents and Settings\New\.oracle_jre_usage
2016-02-10 15:02 - 2016-02-10 15:02 - 00000000 ____D C:\Documents and Settings\New\Application Data\Oracle
2016-02-10 12:03 - 2016-02-10 12:03 - 00010320 _____ C:\Documents and Settings\New\Desktop\th.jpeg
2016-02-02 19:10 - 2016-02-02 19:10 - 00006489 _____ C:\Documents and Settings\New\Desktop\in jail.jpeg
2016-01-30 14:40 - 2016-01-30 14:40 - 00000051 _____ C:\Documents and Settings\New\Desktop\wei five generals dt2 not sure.txt

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-23 09:12 - 2012-01-18 13:04 - 00000000 ____D C:\Documents and Settings\New\Local Settings\Temp
2016-02-23 09:11 - 2014-02-04 19:21 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Java
2016-02-23 09:11 - 2012-01-18 05:40 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2016-02-23 09:10 - 2015-07-28 14:33 - 00000000 ____D C:\Program Files\AVG
2016-02-23 09:04 - 2008-04-14 01:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2016-02-23 09:01 - 2012-01-18 13:02 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-02-23 09:01 - 2012-01-18 05:51 - 00000211 ___SH C:\boot.ini
2016-02-23 09:01 - 2008-04-14 01:00 - 00000555 _____ C:\WINDOWS\win.ini
2016-02-23 09:01 - 2008-04-14 01:00 - 00000227 _____ C:\WINDOWS\system.ini
2016-02-23 09:00 - 2012-01-18 13:04 - 00000178 ___SH C:\Documents and Settings\New\ntuser.ini
2016-02-23 09:00 - 2012-01-18 13:02 - 00032454 _____ C:\WINDOWS\SchedLgU.Txt
2016-02-23 08:59 - 2012-01-18 13:02 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\Temp
2016-02-23 08:59 - 2012-01-18 13:01 - 00000000 ____D C:\Documents and Settings\NetworkService\Local Settings\Temp
2016-02-23 08:55 - 2015-08-27 23:13 - 00000000 ____D C:\Documents and Settings\New\Application Data\vlc
2016-02-23 08:44 - 2014-02-04 14:42 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-02-23 07:22 - 2014-02-04 19:33 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2016-02-23 07:17 - 2015-08-29 13:36 - 00170200 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-02-23 07:12 - 2012-01-18 13:04 - 00000000 ___RD C:\Documents and Settings\New\My Documents
2016-02-22 17:31 - 2014-02-04 14:36 - 00000000 ____D C:\Program Files\K-Lite Codec Pack
2016-02-22 16:59 - 2015-07-28 11:24 - 00169850 _____ C:\Documents and Settings\New\Desktop\My SCREAM.txt
2016-02-22 16:51 - 2012-01-18 12:52 - 00023392 _____ C:\WINDOWS\system32\nscompat.tlb
2016-02-22 16:51 - 2012-01-18 12:52 - 00016832 _____ C:\WINDOWS\system32\amcompat.tlb
2016-02-22 16:41 - 2012-01-18 13:04 - 00000788 _____ C:\Documents and Settings\New\Start Menu\Programs\Windows Media Player.lnk
2016-02-22 16:41 - 2012-01-18 05:40 - 00000000 ___HD C:\WINDOWS\inf
2016-02-22 16:40 - 2014-02-04 19:32 - 00000000 ____D C:\Program Files\Windows Media Connect 2
2016-02-22 16:40 - 2012-01-18 05:40 - 00000000 RSHDC C:\WINDOWS\system32\dllcache
2016-02-22 16:26 - 2014-02-04 14:36 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\K-Lite Codec Pack
2016-02-22 14:32 - 2015-08-28 11:45 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\AVAST Software
2016-02-22 09:27 - 2014-02-04 19:34 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2492386$
2016-02-22 09:26 - 2014-02-04 18:02 - 00131072 _____ C:\WINDOWS\system32\config\WindowsPowerShell.evt
2016-02-22 09:26 - 2012-01-18 05:40 - 00000000 ____D C:\WINDOWS\L2Schemas
2016-02-22 08:52 - 2012-01-18 12:52 - 00000000 __SHD C:\Documents and Settings\All Users\DRM
2016-02-22 08:42 - 2014-02-04 16:45 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB973904$
2016-02-22 08:41 - 2016-01-08 08:13 - 00000585 _____ C:\Documents and Settings\All Users\Desktop\Dragon Raja Global.lnk
2016-02-22 08:41 - 2015-10-19 23:58 - 00000983 _____ C:\Documents and Settings\All Users\Desktop\Façade.lnk
2016-02-22 08:41 - 2015-09-13 14:53 - 00000615 _____ C:\Documents and Settings\All Users\Desktop\Elsword.lnk
2016-02-22 08:41 - 2015-08-15 10:38 - 00001564 _____ C:\Documents and Settings\All Users\Desktop\Diablo II.lnk
2016-02-22 08:41 - 2015-07-28 14:22 - 00001553 _____ C:\Documents and Settings\All Users\Desktop\AIM.lnk
2016-02-22 08:41 - 2012-01-18 12:52 - 00001523 _____ C:\WINDOWS\OEWABLog.txt
2016-02-22 08:40 - 2016-01-02 11:29 - 00001045 _____ C:\Documents and Settings\New\Desktop\Shortcut to Shining Force I Editor v1.0.exe.lnk
2016-02-22 08:40 - 2015-12-24 07:58 - 00001678 _____ C:\Documents and Settings\New\Desktop\Shortcut to U13 - Sonic And The Secret Rings - Seven Rings In Hand.mp3.lnk
2016-02-22 08:40 - 2015-12-24 07:58 - 00001608 _____ C:\Documents and Settings\New\Desktop\Shortcut to U09 - Sonic Adventure 2 - Live And Learn.mp3.lnk
2016-02-22 08:40 - 2015-12-24 07:57 - 00001618 _____ C:\Documents and Settings\New\Desktop\Shortcut to U12 - Sonic The Hedgehog - His World Remix.mp3.lnk
2016-02-22 08:40 - 2015-12-23 07:59 - 00000670 _____ C:\Documents and Settings\New\Desktop\Shortcut to ATB - Ecstasy.mp3.lnk
2016-02-22 08:40 - 2015-10-14 11:42 - 00000718 _____ C:\Documents and Settings\New\Desktop\Shortcut to Hero Editor.exe.lnk
2016-02-22 08:40 - 2015-09-25 23:13 - 00000535 _____ C:\Documents and Settings\New\Desktop\Shortcut to Youtube Video Tags.txt.lnk
2016-02-22 08:40 - 2015-08-22 15:04 - 00000104 _____ C:\Documents and Settings\New\Desktop\Shortcut to Search Results.lnk
2016-02-22 08:40 - 2015-08-09 14:33 - 00000679 _____ C:\Documents and Settings\New\Desktop\Shortcut (3) to aim.lnk
2016-02-22 08:40 - 2015-07-30 13:30 - 00000375 _____ C:\Documents and Settings\New\Desktop\Shortcut to Saved Movies.lnk
2016-02-22 08:40 - 2015-07-29 20:25 - 00001785 _____ C:\Documents and Settings\New\Desktop\Age of Empires.lnk
2016-02-22 08:40 - 2015-07-29 17:49 - 00000258 __RSH C:\Documents and Settings\All Users\ntuser.pol
2016-02-22 08:40 - 2015-07-28 15:34 - 00000654 _____ C:\Documents and Settings\New\Desktop\Shortcut to HyCam2.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00001978 _____ C:\Documents and Settings\New\Desktop\Shortcut to 206  Juno Reactor Vs. Don Davis - Burly Brawl SMIT.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00001848 _____ C:\Documents and Settings\New\Desktop\Shortcut to 204  Rob Dougan - Chateau BATTLE.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00001792 _____ C:\Documents and Settings\New\Desktop\Age of Empires Expansion.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00001748 _____ C:\Documents and Settings\New\Desktop\Shortcut to Super Street Fighter 4 Juri Theme Soundtrack HD  .lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00001603 _____ C:\Documents and Settings\New\Desktop\A Small Measure of Peace Part of my Favorite tune LAST SAMURAI.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00001593 _____ C:\Documents and Settings\New\Desktop\Age Of Wonders.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00001564 _____ C:\Documents and Settings\New\Desktop\Diablo II - Lord of Destruction.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00001548 _____ C:\Documents and Settings\New\Desktop\A Way of Life Part of my Favorite tune LAST SAMURAI.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00001510 _____ C:\Documents and Settings\New\Desktop\Shortcut to Super Street Fighter 4 Trial Theme Soundtrack HD  .lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00001510 _____ C:\Documents and Settings\New\Desktop\Shortcut to Super Street Fighter 4 Character Select Arcade The.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00001460 _____ C:\Documents and Settings\New\Desktop\Shortcut to Vicodin Withdrawal and info on PILL TAKING.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00001385 _____ C:\Documents and Settings\New\Desktop\Shortcut to 238. Training Stage Clip1.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00001362 _____ C:\Documents and Settings\New\Desktop\Shortcut (2) to Mortal Kombat- Final Combat (Techno Syndrome Mix).lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00001345 _____ C:\Documents and Settings\New\Desktop\Shortcut to Pho's Vicodin WD Advice.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00001323 _____ C:\Documents and Settings\New\Desktop\Shortcut to Gemfire BIG CODES.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00001270 _____ C:\Documents and Settings\New\Desktop\Shortcut to Japanese.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00001254 _____ C:\Documents and Settings\New\Desktop\Shortcut to Dynasty Warriors 7 Original Soundtrack.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00001239 _____ C:\Documents and Settings\New\Desktop\Shortcut to 1Musou Orochi 2 Original Soundtrack.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00001239 _____ C:\Documents and Settings\New\Desktop\Nero StartSmart.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000976 _____ C:\Documents and Settings\New\Desktop\Shortcut to David Bowie & Freddy Mercury - Under Pressure.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000971 _____ C:\Documents and Settings\New\Desktop\Shortcut to An 8 Bit Reenactment of Dungeons and Dragons.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000926 _____ C:\Documents and Settings\New\Desktop\Shortcut to Beethoven - Moonlight Sonata (FULL).lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000901 _____ C:\Documents and Settings\New\Desktop\Shortcut to Dynasty Tactics II.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000848 _____ C:\Documents and Settings\New\Desktop\Shortcut to Heroes3_C_crked.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000815 _____ C:\Documents and Settings\New\Desktop\Shortcut to AmishHilarious.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000801 _____ C:\Documents and Settings\New\Desktop\Shortcut to Company.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000796 _____ C:\Documents and Settings\New\Desktop\Shortcut to VisualBoyAdvance.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000753 _____ C:\Documents and Settings\New\Desktop\Shortcut to IG - Snap - Ive Got the Power.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000728 _____ C:\Documents and Settings\New\Desktop\Shortcut to Gemfire Game Genie Codes.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000705 _____ C:\Documents and Settings\New\Desktop\Shortcut to AoWEd.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000696 _____ C:\Documents and Settings\New\Desktop\Shortcut to moviemk.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000696 _____ C:\Documents and Settings\New\Desktop\Shortcut to Faces.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000686 _____ C:\Documents and Settings\New\Desktop\Shortcut to snes9x.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000663 _____ C:\Documents and Settings\New\Desktop\Shortcut to mame32k.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000633 _____ C:\Documents and Settings\New\Desktop\Shortcut to SFedit.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000625 _____ C:\Documents and Settings\New\Desktop\Shortcut to gens.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000621 _____ C:\Documents and Settings\New\Desktop\Shortcut to fceu.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000617 _____ C:\Documents and Settings\New\Desktop\Shortcut to Songs.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000592 _____ C:\Documents and Settings\New\Desktop\Shortcut to CASTLE2.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000556 _____ C:\Documents and Settings\New\Desktop\Shortcut to Whoomp there it is.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000534 _____ C:\Documents and Settings\New\Desktop\Shortcut to civ2.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000511 _____ C:\Documents and Settings\New\Desktop\Shortcut to Chat Logs.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000511 _____ C:\Documents and Settings\New\Desktop\Shortcut (2) to RPG STUFF.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000484 _____ C:\Documents and Settings\New\Desktop\Shortcut to Ren and Stimpy.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000450 _____ C:\Documents and Settings\New\Desktop\Shortcut to Woman Anime Cartoon Photos.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000350 _____ C:\Documents and Settings\New\Desktop\Shortcut to Shared.lnk
2016-02-22 08:40 - 2015-07-28 11:24 - 00000260 _____ C:\Documents and Settings\New\Desktop\Shortcut (2) to Porn Vids.lnk
2016-02-22 08:40 - 2015-07-28 11:23 - 00000718 _____ C:\Documents and Settings\New\Desktop\WO2 Abilities of Chars.lnk
2016-02-22 08:40 - 2012-01-18 05:52 - 00000000 ____D C:\Documents and Settings\All Users
2016-02-22 07:49 - 2012-01-18 13:04 - 00000738 _____ C:\Documents and Settings\New\Start Menu\Programs\Outlook Express.lnk
2016-02-22 07:47 - 2012-01-18 13:04 - 00000000 ___RD C:\Documents and Settings\New\My Documents\My Pictures
2016-02-22 07:47 - 2012-01-18 13:04 - 00000000 ___RD C:\Documents and Settings\New\My Documents\My Music
2016-02-21 11:39 - 2015-07-28 11:32 - 00000000 ____D C:\Documents and Settings\New\Desktop\Important Documents
2016-02-21 10:42 - 2012-01-18 06:07 - 00670330 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-02-21 10:41 - 2015-10-30 17:32 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Skype
2016-02-21 10:41 - 2012-01-18 05:59 - 01124276 _____ C:\WINDOWS\setupapi.log.0.old
2016-02-20 15:16 - 2015-07-28 11:32 - 00000000 ____D C:\Documents and Settings\New\Desktop\Pics Misc Documents
2016-02-18 07:22 - 2015-07-28 14:15 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-02-17 13:25 - 2016-01-08 08:06 - 00000000 ____D C:\Dragon Raja Global
2016-02-16 21:07 - 2015-11-02 07:21 - 00188928 ___SH C:\Documents and Settings\New\Desktop\Thumbs.db
2016-02-15 09:52 - 2014-02-04 18:02 - 00000000 __SHD C:\Documents and Settings\New\IETldCache
2016-02-10 15:32 - 2014-02-04 18:05 - 00000000 __SHD C:\Documents and Settings\New\PrivacIE
2016-02-10 15:32 - 2014-02-04 18:05 - 00000000 __SHD C:\Documents and Settings\New\IECompatCache
2016-02-10 15:08 - 2015-07-31 08:02 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Oracle
2016-02-10 15:07 - 2012-01-18 13:04 - 00000000 ____D C:\Documents and Settings\New
2016-02-10 15:06 - 2014-02-04 19:22 - 00146432 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2016-02-10 15:06 - 2014-02-04 19:21 - 00095840 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2016-02-10 15:06 - 2014-01-06 11:59 - 00000000 ____D C:\Program Files\Java
2016-02-10 10:05 - 2014-11-14 11:33 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-02-10 10:00 - 2014-02-04 16:54 - 144254680 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-02-09 16:53 - 2015-09-25 22:55 - 00002425 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Apple Software Update.lnk
2016-02-09 16:53 - 2015-09-18 18:44 - 00001025 _____ C:\Documents and Settings\All Users\Desktop\Hex Workshop Hex Editor (32 bit).lnk
2016-02-09 16:53 - 2015-08-29 13:36 - 00000777 _____ C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2016-02-09 16:53 - 2015-08-05 14:44 - 00000554 _____ C:\Documents and Settings\All Users\Desktop\Seven Kingdoms II.lnk
2016-02-09 16:53 - 2015-07-31 16:21 - 00001713 _____ C:\Documents and Settings\All Users\Desktop\The Conquerors.lnk
2016-02-09 16:53 - 2015-07-29 20:31 - 00001696 _____ C:\Documents and Settings\All Users\Desktop\Heroes 3 Complete.lnk
2016-02-09 16:53 - 2014-02-04 19:33 - 00001761 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Windows Search.lnk
2016-02-09 16:53 - 2014-01-06 13:10 - 00002347 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk
2016-02-09 16:53 - 2012-01-18 12:51 - 00000786 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Windows Movie Maker.lnk
2016-02-09 16:53 - 2012-01-18 12:27 - 00000605 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Windows Messenger.lnk
2016-02-09 16:23 - 2015-08-29 13:36 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
2016-02-09 16:23 - 2015-08-29 13:35 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2016-02-09 15:21 - 2014-01-06 11:56 - 00000000 __SHD C:\Documents and Settings\New\UserData
2016-01-31 10:19 - 2015-07-28 11:24 - 00003340 _____ C:\Documents and Settings\New\Desktop\Passwords Info about friends.txt
2016-01-29 21:53 - 2015-07-29 17:51 - 00000000 ____D C:\Documents and Settings\New\Local Settings\Application Data\WMTools Downloaded Files

==================== Files in the root of some directories =======

2015-07-28 16:07 - 2015-07-28 16:07 - 0000037 ___SH () C:\Documents and Settings\New\Local Settings\Application Data\20986331705021ca58edc424.96250074
2016-02-21 10:31 - 2016-02-21 10:47 - 0000664 _____ () C:\Documents and Settings\New\Local Settings\Application Data\d3d9caps.dat

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version:21-02-2016 01
Ran by New (2016-02-23 09:12:48)
Running from C:\Documents and Settings\New\My Documents\Downloads
Microsoft Windows XP Professional Service Pack 3 (X86) (2012-01-18 19:00:58)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-854245398-1336601894-1177238915-500 - Administrator - Enabled)
Guest (S-1-5-21-854245398-1336601894-1177238915-501 - Limited - Disabled)
HelpAssistant (S-1-5-21-854245398-1336601894-1177238915-1000 - Limited - Disabled)
IUSR_NEW-C38666AC652 (S-1-5-21-854245398-1336601894-1177238915-1005 - Limited - Enabled)
IWAM_NEW-C38666AC652 (S-1-5-21-854245398-1336601894-1177238915-1006 - Limited - Enabled)
New (S-1-5-21-854245398-1336601894-1177238915-1003 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\New
SUPPORT_388945a0 (S-1-5-21-854245398-1336601894-1177238915-1002 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Disabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 18 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
AIM 7 (HKLM\...\AIM_7) (Version:  - )
AOL Instant Messenger (HKLM\...\AOL Instant Messenger) (Version:  - )
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVG 2016 (Version: 16.0.4533 - AVG Technologies) Hidden
Broadcom Gigabit Integrated Controller (HKLM\...\{B7F54262-AB66-44B3-88BF-9FC69941B643}) (Version: 8.10.07 - Broadcom Corporation)
Diablo II (HKLM\...\Diablo II) (Version:  - )
Dragon Raja Global (HKLM\...\Dragon Raja Global) (Version: 1.65.0.0 - Mistralis)
Elsword version v5.0909.6.1 (HKLM\...\{E655DDFC-24DB-4FC3-8474-271E911309B4}_is1) (Version: v5.0909.6.1 - KOGGAMES)
Façade (HKLM\...\{24E34264-D483-477C-A9A0-4E53F69834CF}) (Version: 1.1.2 - Procedural Arts)
Hero Editor V0.96 (HKLM\...\ST6UNST #1) (Version:  - )
Hero Editor V1.03 (HKLM\...\ST6UNST #2) (Version:  - )
Heroes of Might and Magic III Complete (HKLM\...\Heroes of Might and Magic III Complete) (Version:  - )
Hex Workshop v6.8 (HKLM\...\{A36AC685-4435-4C16-861F-221231DE165D}) (Version: 6.8.0.5419 - BreakPoint Software)
ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel® Graphics Media Accelerator Driver (HKLM\...\{8A708DD8-A5E6-11D4-A706-000629E95E20}) (Version: 6.14.10.4410 - )
iSkysoft Video Editor(Build 4.7.1) (HKLM\...\iSkysoft Video Editor_is1) (Version:  - iSkysoft Software)
Itibiti RTC (Version: 0.0.1 - Itibiti Inc) Hidden
Java 8 Update 73 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version:  - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Age of Empires Gold (HKLM\...\Age of Empires Gold 1.0) (Version:  - )
Microsoft Age of Empires II (HKLM\...\Age of Empires 2.0) (Version:  - )
Microsoft Age of Empires II: The Conquerors Expansion (HKLM\...\Age of Empires II: The Conquerors Expansion 1.0) (Version:  - )
Microsoft Base Smart Card Cryptographic Service Provider Package (HKLM\...\KB909520) (Version:  - Microsoft Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version:  - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 44.0.2 (x86 en-US) (HKLM\...\Mozilla Firefox 44.0.2 (x86 en-US)) (Version: 44.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 44.0.2.5884 - Mozilla)
QuickTime (HKLM\...\{0E64B098-8018-4256-BA23-C316A43AD9B0}) (Version: 7.72.80.56 - Apple Inc.)
Ralink RT2870 Wireless LAN Card (HKLM\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}) (Version: 1.5.12.0 - Ralink)
Realtek AC'97 Audio (HKLM\...\{FB08F381-6533-4108-B7DD-039E11FBC27E}) (Version: 5.33 - Realtek Semiconductor Corp.)
Seven Kingdoms AA (HKLM\...\Seven Kingdoms AA) (Version:  - )
Seven Kingdoms II (HKLM\...\Seven Kingdoms II) (Version:  - )
SoundMAX (HKLM\...\{F0A37341-D692-11D4-A984-009027EC0A9C}) (Version: 5.12.01.5246 - Analog Devices)
The Sims 2 (HKLM\...\{8AB8D458-939E-403F-0097-9BA1C1F013D5}) (Version:  - )
The Sims 2 Nightlife (HKLM\...\{F7529650-B9DB-481B-0089-A2AC3C2821C1}) (Version:  - )
The Sims 2 University (HKLM\...\{8FD3F4BA-A4A6-4380-00A6-CC6853AB2DC2}) (Version:  - )
The Sims™ 2 Seasons (HKLM\...\{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}) (Version:  - )
Unity Web Player (HKU\S-1-5-21-854245398-1336601894-1177238915-1003\...\UnityWebPlayer) (Version: 5.1.3f1 - Unity Technologies ApS)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.2 - VideoLAN)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray (HKLM\...\KB952011) (Version: 1.0 - Microsoft Corporation)
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version:  - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Management Framework Core (HKLM\...\KB968930) (Version:  - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version:  - )
Windows Search 4.0 (HKLM\...\KB940157) (Version: 04.00.6001.503 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-854245398-1336601894-1177238915-1003_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Documents and Settings\New\Local Settings\Application Data\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-854245398-1336601894-1177238915-1003_Classes\CLSID\{62BE5D10-60EB-11d0-BD3B-00A0C911CE86}\InprocServer32 -> C:\Documents and Settings\New\Application Data\denaf\esgen.dll => No File

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-07-28 15:36 - 2008-09-16 20:18 - 00132608 _____ () C:\Program Files\WinRAR\rarext.dll
2015-07-28 11:24 - 2005-07-21 12:52 - 00110592 _____ () C:\Program Files\AIM Original\AIM_xmlp.dll
2015-07-28 11:24 - 2005-07-21 12:52 - 00013312 _____ () C:\Program Files\AIM Original\oscres.dll
2015-07-28 11:24 - 2005-06-16 16:46 - 00081920 _____ () C:\Program Files\AIM Original\AIMToday.dll
2015-07-28 11:24 - 2004-05-18 16:55 - 00053248 _____ () C:\Program Files\AIM Original\xmlparse.dll
2015-07-28 11:24 - 2004-05-18 16:55 - 00081920 _____ () C:\Program Files\AIM Original\xmltok.dll
2015-07-28 11:24 - 2005-07-21 12:54 - 00106496 _____ () C:\Program Files\AIM Original\AIMAX.dll
2015-07-28 11:24 - 2005-07-21 12:58 - 00006656 _____ () C:\Program Files\AIM Original\stats.ocm
2015-07-28 11:24 - 2004-08-18 12:56 - 00176128 _____ () C:\Program Files\AIM Original\nssckbi.dll
2008-04-14 01:00 - 2013-01-02 00:49 - 01292288 _____ () C:\WINDOWS\system32\quartz.dll
2015-07-28 11:24 - 2005-07-21 12:53 - 00229376 _____ () C:\Program Files\AIM Original\inetsocket.dll
2015-10-20 07:17 - 2015-10-20 07:17 - 17599688 _____ () C:\WINDOWS\system32\Macromed\Flash\NPSWF32_19_0_0_226.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-854245398-1336601894-1177238915-1003\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-854245398-1336601894-1177238915-1003\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2008-04-14 01:00 - 2008-04-14 01:00 - 00000734 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-854245398-1336601894-1177238915-1003\Control Panel\Desktop\\Wallpaper -> C:\Documents and Settings\New\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
DNS Servers: 204.186.110.114 - 216.144.187.199
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\WINDOWS\pss\McAfee Security Scan Plus.lnkCommon Startup
MSCONFIG\startupreg: AdAwareTray => "C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\AdAwareTray.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: AvastUI.exe => "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
MSCONFIG\startupreg: AvgUi => "C:\Program Files\AVG\Framework\Common\avguirnx.exe" /lps=fmw
MSCONFIG\startupreg: ctfmon.exe => C:\WINDOWS\system32\ctfmon.exe
MSCONFIG\startupreg: DriverToolkit => "C:\Program Files\DriverToolkit\DriverToolkit.exe" --autorun
MSCONFIG\startupreg: igfxhkcmd => C:\WINDOWS\system32\hkcmd.exe
MSCONFIG\startupreg: igfxpers => C:\WINDOWS\system32\igfxpers.exe
MSCONFIG\startupreg: igfxtray => C:\WINDOWS\system32\igfxtray.exe
MSCONFIG\startupreg: iSkysoft Helper Compact.exe => C:\Program Files\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
MSCONFIG\startupreg: KernelFaultCheck => %systemroot%\system32\dumprep 0 -k
MSCONFIG\startupreg: MSC => "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
MSCONFIG\startupreg: Phone Dialer Pro => "c:\program files\phone dialer pro\phonepro.exe" /min
MSCONFIG\startupreg: ProPCCleaner => C:\Program Files\Pro PC Cleaner\ProPCCleaner.exe true
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RoxioDragToDisc => "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SoundMAXPnP => C:\Program Files\Analog Devices\Core\smax4pnp.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

StandardProfile\AuthorizedApplications: [C:\Program Files\AIM7\aim.exe] => Enabled:AIM
StandardProfile\AuthorizedApplications: [C:\Program Files\Mozilla Firefox\firefox.exe] => Enabled:Firefox (C:\Program Files\Mozilla Firefox)
StandardProfile\GloballyOpenPorts: [5985:TCP] => Disabled:Windows Remote Management
StandardProfile\GloballyOpenPorts: [80:TCP] => Disabled:Windows Remote Management - Compatibility Mode (HTTP-In)
StandardProfile\GloballyOpenPorts: [1900:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22007
StandardProfile\GloballyOpenPorts: [2869:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22008
StandardProfile\GloballyOpenPorts: [139:TCP] => :LocalSubNet:Disabled:@xpsp2res.dll,-22004
StandardProfile\GloballyOpenPorts: [445:TCP] => :LocalSubNet:Disabled:@xpsp2res.dll,-22005
StandardProfile\GloballyOpenPorts: [137:UDP] => :LocalSubNet:Disabled:@xpsp2res.dll,-22001
StandardProfile\GloballyOpenPorts: [138:UDP] => :LocalSubNet:Disabled:@xpsp2res.dll,-22002

==================== Restore Points =========================

25-11-2015 12:43:59 System Checkpoint
26-11-2015 14:26:17 System Checkpoint
27-11-2015 15:20:21 System Checkpoint
28-11-2015 16:37:50 System Checkpoint
29-11-2015 16:38:45 System Checkpoint
30-11-2015 22:04:34 System Checkpoint
01-12-2015 23:47:09 System Checkpoint
03-12-2015 00:26:53 System Checkpoint
04-12-2015 01:26:51 System Checkpoint
05-12-2015 02:26:51 System Checkpoint
06-12-2015 03:26:53 System Checkpoint
07-12-2015 03:38:51 System Checkpoint
08-12-2015 04:26:51 System Checkpoint
09-12-2015 04:43:47 System Checkpoint
09-12-2015 10:00:17 Software Distribution Service 3.0
10-12-2015 13:51:38 System Checkpoint
11-12-2015 15:39:30 System Checkpoint
12-12-2015 16:11:40 System Checkpoint
13-12-2015 16:23:29 System Checkpoint
14-12-2015 16:57:09 System Checkpoint
15-12-2015 19:46:58 System Checkpoint
16-12-2015 20:07:18 System Checkpoint
17-12-2015 20:46:38 System Checkpoint
18-12-2015 21:06:30 System Checkpoint
19-12-2015 21:37:24 System Checkpoint
20-12-2015 21:55:45 System Checkpoint
21-12-2015 22:27:31 System Checkpoint
23-12-2015 02:55:18 System Checkpoint
24-12-2015 03:27:32 System Checkpoint
25-12-2015 04:27:31 System Checkpoint
26-12-2015 05:27:32 System Checkpoint
27-12-2015 08:41:34 System Checkpoint
28-12-2015 10:13:21 System Checkpoint
29-12-2015 10:57:08 System Checkpoint
30-12-2015 12:21:12 System Checkpoint
31-12-2015 21:05:41 System Checkpoint
01-01-2016 21:52:48 System Checkpoint
03-01-2016 01:29:39 System Checkpoint
04-01-2016 15:22:20 System Checkpoint
05-01-2016 20:09:16 System Checkpoint
06-01-2016 20:49:52 System Checkpoint
07-01-2016 21:16:41 System Checkpoint
09-01-2016 10:53:34 System Checkpoint
10-01-2016 12:16:18 System Checkpoint
11-01-2016 17:56:36 System Checkpoint
12-01-2016 20:18:38 System Checkpoint
13-01-2016 10:00:16 Software Distribution Service 3.0
14-01-2016 10:53:26 System Checkpoint
15-01-2016 13:41:15 System Checkpoint
16-01-2016 15:39:54 System Checkpoint
17-01-2016 21:03:49 System Checkpoint
19-01-2016 17:21:25 System Checkpoint
20-01-2016 17:32:21 System Checkpoint
22-01-2016 02:51:31 System Checkpoint
23-01-2016 03:07:27 System Checkpoint
24-01-2016 04:06:23 System Checkpoint
25-01-2016 05:06:22 System Checkpoint
26-01-2016 08:48:28 System Checkpoint
27-01-2016 10:34:26 System Checkpoint
28-01-2016 12:03:00 System Checkpoint
29-01-2016 13:01:04 System Checkpoint
30-01-2016 15:05:37 System Checkpoint
31-01-2016 16:59:10 System Checkpoint
01-02-2016 17:03:55 System Checkpoint
02-02-2016 17:45:28 System Checkpoint
03-02-2016 21:20:24 System Checkpoint
04-02-2016 21:38:31 System Checkpoint
06-02-2016 12:02:46 System Checkpoint
07-02-2016 16:58:56 System Checkpoint
08-02-2016 20:59:53 System Checkpoint
10-02-2016 10:00:20 Software Distribution Service 3.0
11-02-2016 11:01:59 System Checkpoint
12-02-2016 13:27:46 System Checkpoint
13-02-2016 21:20:27 System Checkpoint
14-02-2016 21:23:43 System Checkpoint
17-02-2016 12:19:13 System Checkpoint
19-02-2016 06:39:47 System Checkpoint
20-02-2016 14:59:41 System Checkpoint
21-02-2016 10:39:42 Removed Apple Application Support
21-02-2016 10:41:03 Removed Skype™ 7.13
22-02-2016 09:54:09 Installed AVG 2016
22-02-2016 09:56:08 Installed AVG
22-02-2016 14:35:40 Restore Operation
22-02-2016 16:38:48 Installed Windows Media Player 11
22-02-2016 16:41:08 Installed Windows XP MSCompPackV1.
23-02-2016 07:22:13 JRT Pre-Junkware Removal
23-02-2016 09:07:49 AA11
23-02-2016 09:11:13 Removed Java 8 Update 51

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/23/2016 08:58:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application plugin-container.exe, version 44.0.2.5884, faulting module mozglue.dll, version 44.0.2.5884, fault address 0x0000ed3b.
Processing media-specific event for [plugin-container.exe!ws!]

Error: (02/22/2016 04:54:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application plugin-container.exe, version 44.0.2.5884, faulting module mozglue.dll, version 44.0.2.5884, fault address 0x0000ed3b.
Processing media-specific event for [plugin-container.exe!ws!]

Error: (02/22/2016 04:26:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application mpc-hc.exe, version 1.3.1774.0, faulting module mpc-hc.exe, version 1.3.1774.0, fault address 0x0009b3a6.
Processing media-specific event for [mpc-hc.exe!ws!]

Error: (02/22/2016 04:26:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application mpc-hc.exe, version 1.3.1774.0, faulting module mpc-hc.exe, version 1.3.1774.0, fault address 0x0009b3a6.
Processing media-specific event for [mpc-hc.exe!ws!]

Error: (02/22/2016 09:24:10 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\NEW\MY DOCUMENTS\DAI'S REUNION.AVI> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (02/22/2016 09:24:10 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\NEW\MY DOCUMENTS\CUTEPLUSHIES.BMP> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (02/22/2016 09:24:10 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\NEW\MY DOCUMENTS\CLIP1160.AVI> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (02/22/2016 09:24:10 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\NEW\MY DOCUMENTS\CLIP1155.AVI> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (02/22/2016 09:24:10 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\NEW\MY DOCUMENTS\CLIP1154.AVI> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (02/22/2016 09:24:10 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\NEW\MY DOCUMENTS\CLIP1153.AVI> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
    A device attached to the system is not functioning.   (0x8007001f)


System errors:
=============
Error: (02/23/2016 09:04:04 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Ad-Aware Service 11 service terminated unexpectedly.  It has done this 1 time(s).

Error: (02/23/2016 09:04:04 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The MBAMScheduler service terminated unexpectedly.  It has done this 1 time(s).

Error: (02/23/2016 09:04:04 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The MBAMService service terminated unexpectedly.  It has done this 1 time(s).

Error: (02/23/2016 08:59:39 AM) (Source: 0) (EventID: 7) (User: )
Description: \Device\Harddisk2\D

Error: (02/23/2016 08:59:37 AM) (Source: 0) (EventID: 7) (User: )
Description: \Device\Harddisk2\D

Error: (02/23/2016 08:59:35 AM) (Source: 0) (EventID: 55) (User: )
Description: F:

Error: (02/23/2016 08:59:34 AM) (Source: 0) (EventID: 7) (User: )
Description: \Device\Harddisk2\D

Error: (02/23/2016 08:59:32 AM) (Source: 0) (EventID: 7) (User: )
Description: \Device\Harddisk2\D

Error: (02/23/2016 08:59:30 AM) (Source: 0) (EventID: 7) (User: )
Description: \Device\Harddisk2\D

Error: (02/23/2016 08:59:27 AM) (Source: 0) (EventID: 7) (User: )
Description: \Device\Harddisk2\D


==================== Memory info ===========================

Processor:  Intel® Pentium® D CPU 3.00GHz
Percentage of memory in use: 21%
Total physical RAM: 3062.07 MB
Available physical RAM: 2395.45 MB
Total Virtual: 4948.15 MB
Available Virtual: 4392.78 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.51 GB) (Free:850.15 GB) NTFS ==>[drive with boot components (Windows XP)]
Drive e: (Movies and Shows Drive) (Fixed) (Total:149.05 GB) (Free:1.19 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 9996FC4B)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 149.1 GB) (Disk ID: 7EECE9E1)
Partition 1: (Active) - (Size=149 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================


  • 0

#10
Paulos

Paulos

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts

Okay ... well ... I don't know if it did anything- yeah I'm a genius here >_> lol, thank you for your help... now I don't know what to do o_O lol. Computer started up slightly faster THIS time ... huh. Not sure now what to do o_O uninstalled those programs as you said, so... that's where I'm at right now- just rebooted.


  • 0

Advertisements


#11
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,029 posts
  • MVP

When you run FRST you need to press the FIX button instead of Scan.  FRST will find the fixlist and then create a log that shows the changes.


  • 0

#12
Paulos

Paulos

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts

Let me try that again... right now ... o_O


  • 0

#13
Paulos

Paulos

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts

I attempted to do Fix before Scan, it said no fixlist found ... so ... yeah


  • 0

#14
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,029 posts
  • MVP

Try downloading the fixlist again and make sure it gets in the same folder where FRST lives.


  • 0

#15
Paulos

Paulos

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts

Alright- and I'll put it back in the ... folder.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP