I have an XP and it has gotten really slow and I keep getting 'stop script' screens. Here are the FRST screens.
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:07-05-2016
Ran by Milisa (administrator) on DONA (08-05-2016 11:41:04)
Running from C:\Documents and Settings\Milisa\Desktop
Loaded Profiles: Milisa (Available Profiles: Milisa & Administrator)
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) Language: English (United States)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
(Seiko Epson Corporation) C:\WINDOWS\system32\escsvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON Software\Event Manager\EEventManager.exe
(CloudCanvas) C:\Program Files\CloudCanvas\CloudCanvas.exe
(Microsoft Corporation) C:\Program Files\Messenger\msmsgs.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ISUSPM Startup] => C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [249856 2005-06-10] (InstallShield Software Corporation)
HKLM\...\Run: [EEventManager] => C:\Program Files\Epson Software\Event Manager\EEventManager.exe [1065968 2015-07-23] (SEIKO EPSON CORPORATION)
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKU\S-1-5-21-2814364803-843946100-1677762924-1008\...\Run: [CloudCanvas] => C:\Program Files\CloudCanvas\CloudCanvas.exe [138752 2012-04-17] (CloudCanvas)
HKU\S-1-5-21-2814364803-843946100-1677762924-1008\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-13] (Microsoft Corporation)
HKU\S-1-5-21-2814364803-843946100-1677762924-1008\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\ssmypics.scr [47104 2008-04-13] (Microsoft Corporation)
ShellExecuteHooks: - {56F9679E-7826-4C84-81F3-532071A8BCC5} - No File [ ]
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyServer: [.DEFAULT] => ftp=192.168.0.1:23;http=192.168.0.1:80
AutoConfigURL: [.DEFAULT] => ftp=192.168.0.1:23;http=192.168.0.1:80
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62
Tcpip\..\Interfaces\{FF40CF62-29EF-4D53-8605-8CFDC1B2D6BA}: [DhcpNameServer] 209.18.47.61 209.18.47.62
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2814364803-843946100-1677762924-1008\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2814364803-843946100-1677762924-1008\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-2814364803-843946100-1677762924-1008\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.google.com/?trackid=sp-006
SearchScopes: HKLM -> {A25AC313-DD19-4238-ACA2-401D6BEE4321} URL =
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2814364803-843946100-1677762924-1008 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2814364803-843946100-1677762924-1008 -> {55BF085E-B9D8-4A5A-A701-9B6A3A79C28D} URL = hxxps://search.yahoo.com/search?fr=mcafee&type=B011US0D20150405&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2814364803-843946100-1677762924-1008 -> {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = hxxp://search.yahoo.com/search?p={searchTerms}
SearchScopes: HKU\S-1-5-21-2814364803-843946100-1677762924-1008 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
Toolbar: HKU\.DEFAULT -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll No File
Toolbar: HKU\S-1-5-21-2814364803-843946100-1677762924-1008 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll No File
DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} hxxp://office.microsoft.com/officeupdate/content/opuc3.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2006-06-05] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Intern
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Milisa\Application Data\Mozilla\Firefox\Profiles\tat9zqy3.default-1441292214421
FF NewTab: about:newtab
FF DefaultSearchEngine: Yahoo
FF DefaultSearchEngine.US: Findwide Search Engine
FF SelectedSearchEngine: Yahoo
FF Homepage: hxxps://duckduckgo.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-07] ()
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF SearchPlugin: C:\Documents and Settings\Milisa\Application Data\Mozilla\Firefox\Profiles\tat9zqy3.default-1441292214421\searchplugins\googletranslate.xml [2015-11-11]
FF Extension: Pin It button - C:\Documents and Settings\Milisa\Application Data\Mozilla\Firefox\Profiles\tat9zqy3.default-1441292214421\Extensions\[email protected] [2015-09-15]
FF Extension: Findwide Search Engine - C:\Documents and Settings\Milisa\Application Data\Mozilla\Firefox\Profiles\tat9zqy3.default-1441292214421\Extensions\{58d735b4-9d6c-4e37-b146-7b9f7e79e318}.xpi [2016-05-05]
Opera:
=======
StartMenuInternet: (HKLM) Opera.exe - blank
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 Browser; C:\WINDOWS\System32\browser.dll [78336 2012-07-06] (Microsoft Corporation) [File not signed]
R2 DcomLaunch; C:\WINDOWS\system32\rpcss.dll [401408 2009-02-09] (Microsoft Corporation) [File not signed]
R2 Dnscache; C:\WINDOWS\System32\dnsrslvr.dll [45568 2009-04-20] (Microsoft Corporation) [File not signed]
R2 EpsonCustomerParticipation; C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe [577008 2014-11-04] (SEIKO EPSON CORPORATION)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc.exe [126128 2012-05-17] (Seiko Epson Corporation)
R2 Eventlog; C:\WINDOWS\system32\services.exe [110592 2009-02-06] (Microsoft Corporation) [File not signed]
R3 EventSystem; C:\WINDOWS\system32\es.dll [253952 2008-07-07] (Microsoft Corporation) [File not signed]
R3 FastUserSwitchingCompatibility; C:\WINDOWS\System32\shsvcs.dll [135168 2009-07-27] (Microsoft Corporation) [File not signed]
R2 lanmanserver; C:\WINDOWS\System32\srvsvc.dll [99840 2010-08-27] (Microsoft Corporation) [File not signed]
S4 lanmanworkstation; C:\WINDOWS\System32\wkssvc.dll [132096 2009-06-10] (Microsoft Corporation) [File not signed]
S3 LPDSVC; C:\WINDOWS\system32\tcpsvcs.exe [19456 2004-08-04] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\WINDOWS\system32\HPZinw12.dll [44544 2008-12-04] (Hewlett-Packard) [File not signed]
S3 NetSvc; C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe [143360 2003-12-17] (Intel® Corporation) [File not signed]
R3 Nla; C:\WINDOWS\System32\mswsock.dll [245248 2008-06-20] (Microsoft Corporation) [File not signed]
R2 PlugPlay; C:\WINDOWS\system32\services.exe [110592 2009-02-06] (Microsoft Corporation) [File not signed]
R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [53760 2008-12-04] (Hewlett-Packard) [File not signed]
R2 RpcSs; C:\WINDOWS\System32\rpcss.dll [401408 2009-02-09] (Microsoft Corporation) [File not signed]
R2 ShellHWDetection; C:\WINDOWS\System32\shsvcs.dll [135168 2009-07-27] (Microsoft Corporation) [File not signed]
R2 Spooler; C:\WINDOWS\system32\spoolsv.exe [58880 2010-08-17] (Microsoft Corporation) [File not signed]
R2 Themes; C:\WINDOWS\System32\shsvcs.dll [135168 2009-07-27] (Microsoft Corporation) [File not signed]
S2 WSearch; C:\WINDOWS\system32\SearchIndexer.exe [439808 2008-05-27] (Microsoft Corporation) [File not signed]
S4 getPlusHelper; C:\Program Files\NOS\bin\getPlus_Helper.dll [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 abp480n5; C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS [23552 2001-08-17] (Microsoft Corporation)
R1 AFD; C:\WINDOWS\System32\drivers\afd.sys [138496 2011-08-17] (Microsoft Corporation) [File not signed]
S3 aswTap; C:\WINDOWS\System32\DRIVERS\aswTap.sys [35144 2016-01-30] (The OpenVPN Project)
R3 E100B; C:\WINDOWS\System32\DRIVERS\e100b325.sys [154112 2004-02-10] (Intel Corporation) [File not signed]
R0 giveio; C:\WINDOWS\System32\giveio.sys [5248 1996-04-03] () [File not signed]
S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49920 2008-10-28] (HP)
S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2008-10-28] (HP)
S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2008-10-28] (HP)
R3 HSFHWBS2; C:\WINDOWS\System32\DRIVERS\HSFHWBS2.sys [212224 2003-11-17] (Conexant Systems, Inc.) [File not signed]
R3 HSF_DP; C:\WINDOWS\System32\DRIVERS\HSF_DP.sys [1042432 2003-11-17] (Conexant Systems, Inc.) [File not signed]
R3 HTTP; C:\WINDOWS\System32\Drivers\HTTP.sys [265728 2009-10-20] (Microsoft Corporation) [File not signed]
R0 KSecDD; C:\WINDOWS\system32\Drivers\KSecDD.sys [92928 2009-06-24] (Microsoft Corporation) [File not signed]
R2 mdmxsdk; C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys [11043 2003-04-09] (Conexant) [File not signed]
R1 MRxSmb; C:\WINDOWS\System32\DRIVERS\mrxsmb.sys [456320 2011-07-15] (Microsoft Corporation) [File not signed]
R0 Mup; C:\WINDOWS\system32\Drivers\Mup.sys [105472 2011-04-21] (Microsoft Corporation) [File not signed]
R3 NdisTapi; C:\WINDOWS\System32\DRIVERS\ndistapi.sys [10496 2011-07-08] (Microsoft Corporation) [File not signed]
R3 NDProxy; C:\WINDOWS\system32\Drivers\NDProxy.sys [40960 2013-11-27] (Microsoft Corporation) [File not signed]
S3 Pcouffin; C:\WINDOWS\System32\Drivers\Pcouffin.sys [47360 2009-11-19] (VSO Software) [File not signed]
R0 speedfan; C:\WINDOWS\System32\speedfan.sys [24184 2012-12-29] (Almico Software)
R3 Srv; C:\WINDOWS\System32\DRIVERS\srv.sys [357888 2011-02-17] (Microsoft Corporation) [File not signed]
R1 Tcpip; C:\WINDOWS\System32\DRIVERS\tcpip.sys [361600 2008-06-20] (Microsoft Corporation) [File not signed]
R2 tifsfilter; C:\WINDOWS\System32\DRIVERS\tifsfilt.sys [44384 2008-01-06] (Acronis)
S3 usbaudio; C:\WINDOWS\System32\drivers\usbaudio.sys [60160 2013-07-16] (Microsoft Corporation) [File not signed]
R3 usbccgp; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [32384 2013-08-08] (Microsoft Corporation) [File not signed]
R3 usbehci; C:\WINDOWS\System32\DRIVERS\usbehci.sys [30336 2009-03-18] (Microsoft Corporation) [File not signed]
S3 usbscan; C:\WINDOWS\System32\DRIVERS\usbscan.sys [14976 2013-07-02] (Microsoft Corporation) [File not signed]
R3 winachsf; C:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys [680704 2003-11-17] (Conexant Systems, Inc.) [File not signed]
S2 adfs; no ImagePath
S3 BCMH43XX; system32\DRIVERS\bcmwlhigh5.sys [X]
S3 cpuz134; \??\C:\DOCUME~1\Milisa\LOCALS~1\Temp\cpuz134\cpuz134_x32.sys [X]
S3 NPF; system32\DRIVERS\npf.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfd.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U3 TlntSvr; no ImagePath
S3 wanatw; system32\DRIVERS\wanatw4.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-05-08 11:41 - 2016-05-08 11:41 - 00013434 _____ C:\Documents and Settings\Milisa\Desktop\FRST.txt
2016-05-08 11:40 - 2016-05-08 11:41 - 00000000 ____D C:\FRST
2016-05-08 11:39 - 2016-05-08 11:39 - 01730048 _____ (Farbar) C:\Documents and Settings\Milisa\Desktop\FRST.exe
2016-05-08 11:19 - 2016-05-08 11:19 - 04759456 _____ (LionSea Software co., ltd ) C:\Documents and Settings\Milisa\Desktop\setup.exe
2016-05-07 14:49 - 2016-05-07 14:49 - 00009728 _____ C:\Documents and Settings\Milisa\My Documents\dead sea rewrite.wps
2016-05-07 14:21 - 2016-05-07 14:21 - 00091839 _____ C:\Documents and Settings\Milisa\Desktop\FedEx%20Ship%20Manager%20-%20Print%20Your%20Label(s)(4).pdf
2016-05-07 14:03 - 2016-05-07 14:03 - 00091839 _____ C:\Documents and Settings\Milisa\Desktop\FedEx%20Ship%20Manager%20-%20Print%20Your%20Label(s).pdf
2016-05-06 22:52 - 2016-05-06 22:53 - 22851472 _____ (Malwarebytes ) C:\Documents and Settings\Milisa\Desktop\mbam-setup-2.2.1.1043.exe
2016-05-06 08:44 - 2016-05-08 09:51 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-05-05 19:17 - 2016-05-05 19:17 - 00001569 _____ C:\Documents and Settings\Milisa\.recently-used.xbel
2016-05-05 18:56 - 2016-05-05 18:56 - 00000000 ____D C:\Documents and Settings\Milisa\My Documents\gegl-0.0
2016-05-04 19:01 - 2016-05-04 19:01 - 00000000 ____D C:\Documents and Settings\Milisa\My Documents\Updater5
2016-05-04 17:19 - 2016-05-07 19:54 - 00012800 _____ C:\Documents and Settings\Milisa\My Documents\inflammatory stage.wps
2016-05-01 14:19 - 2016-05-01 19:09 - 00000000 ____D C:\Documents and Settings\Milisa\Local Settings\Application Data\Polaroid Instant Memories
2016-05-01 14:19 - 2016-05-01 19:07 - 00000000 ____D C:\Documents and Settings\Milisa\Application Data\vlc
2016-05-01 14:18 - 2016-05-01 14:19 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Polaroid
2016-05-01 14:18 - 2016-05-01 14:18 - 00000000 ____D C:\Program Files\ffdshow
2016-05-01 14:18 - 2016-05-01 14:18 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\ffdshow
2016-05-01 14:18 - 2008-12-17 19:22 - 00057344 _____ C:\WINDOWS\system32\ff_vfw.dll
2016-05-01 14:18 - 2008-12-11 13:27 - 00000547 _____ C:\WINDOWS\system32\ff_vfw.dll.manifest
2016-05-01 14:18 - 2008-12-11 13:26 - 00060273 _____ (Open Source Software community project) C:\WINDOWS\system32\pthreadGC2.dll
2016-04-30 15:23 - 2016-04-30 19:44 - 00009728 _____ C:\Documents and Settings\Milisa\My Documents\date site letter.wps
2016-04-30 13:11 - 2016-04-30 13:11 - 00018944 _____ C:\Documents and Settings\Milisa\My Documents\[bleep]ing americans.wps
2016-04-21 19:10 - 2016-04-21 19:10 - 00018944 _____ C:\Documents and Settings\Milisa\My Documents\paypaljava.wps
2016-04-14 17:20 - 2016-04-14 17:20 - 00010240 _____ C:\Documents and Settings\Milisa\My Documents\expat notes.wps
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-05-08 11:41 - 2011-07-06 10:55 - 00000000 ____D C:\Documents and Settings\Milisa\Local Settings\Temp
2016-05-08 11:38 - 2011-04-08 13:51 - 00000424 ____H C:\WINDOWS\Tasks\User_Feed_Synchronization-{3FC32BFE-2D0E-4558-B1AC-B97DECCA73A5}.job
2016-05-08 11:32 - 2015-08-17 20:32 - 00000917 _____ C:\WINDOWS\Tasks\EPSON XP-410 Series Update {1021F97F-E103-44FB-B493-B45A6521AC55}.job
2016-05-08 11:32 - 2015-08-17 20:32 - 00000731 _____ C:\WINDOWS\Tasks\EPSON XP-410 Series Invitation {1021F97F-E103-44FB-B493-B45A6521AC55}.job
2016-05-08 11:18 - 2004-08-10 14:08 - 00032378 _____ C:\WINDOWS\SchedLgU.Txt
2016-05-08 10:58 - 2015-09-01 13:52 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-05-08 10:24 - 2009-11-07 15:33 - 00000000 ___RD C:\Documents and Settings\Milisa\My Documents\My Pictures
2016-05-08 10:00 - 2016-02-13 16:28 - 00000434 _____ C:\WINDOWS\Tasks\At4.job
2016-05-08 09:29 - 2016-02-25 17:03 - 00000472 _____ C:\WINDOWS\Tasks\ParetoLogic Update Version3 Startup Task.job
2016-05-08 09:29 - 2004-08-10 14:08 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-05-08 09:29 - 2004-08-10 13:51 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2016-05-07 19:56 - 2009-11-07 15:33 - 00000278 ___SH C:\Documents and Settings\Milisa\ntuser.ini
2016-05-07 19:54 - 2011-07-06 12:38 - 00025898 _____ C:\Documents and Settings\Milisa\Application Data\wklnhst.dat
2016-05-07 16:00 - 2016-02-13 16:28 - 00000434 _____ C:\WINDOWS\Tasks\At5.job
2016-05-07 15:19 - 2014-07-04 17:10 - 00000218 _____ C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2016-05-07 14:52 - 2015-07-18 17:39 - 00009216 _____ C:\Documents and Settings\Milisa\My Documents\ablog shallow deep.wps
2016-05-07 14:49 - 2009-11-07 15:33 - 00000000 ___RD C:\Documents and Settings\Milisa\My Documents
2016-05-07 14:00 - 2016-02-13 16:28 - 00000434 _____ C:\WINDOWS\Tasks\At2.job
2016-05-07 13:22 - 2014-10-03 21:54 - 00000000 ____D C:\Documents and Settings\Milisa\Local Settings\Application Data\Adobe
2016-05-07 13:22 - 2007-11-16 12:13 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-05-07 13:22 - 2007-11-16 12:13 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Adobe
2016-05-07 13:22 - 2006-09-07 14:07 - 00000000 ____D C:\Program Files\Adobe
2016-05-07 12:00 - 2016-02-13 16:28 - 00000434 _____ C:\WINDOWS\Tasks\At1.job
2016-05-07 00:55 - 2010-04-15 03:46 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB978338$
2016-05-06 22:59 - 2006-09-07 13:48 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2016-05-06 22:57 - 2016-01-02 22:03 - 00135774 _____ C:\WINDOWS\ntbtlog.txt
2016-05-06 22:44 - 2009-12-11 18:12 - 00001324 _____ C:\WINDOWS\system32\d3d9caps.dat
2016-05-06 22:09 - 2015-12-25 16:19 - 00001891 _____ C:\WINDOWS\imsins.BAK
2016-05-06 22:05 - 2004-08-10 13:52 - 00000000 ___HD C:\WINDOWS\inf
2016-05-06 20:00 - 2016-02-13 16:28 - 00000434 _____ C:\WINDOWS\Tasks\At7.job
2016-05-06 10:29 - 2015-07-18 16:38 - 00010752 _____ C:\Documents and Settings\Milisa\My Documents\ablog the dead sea.wps
2016-05-06 10:22 - 2015-07-18 17:04 - 00013824 _____ C:\Documents and Settings\Milisa\My Documents\ablog sad.wps
2016-05-06 08:00 - 2016-02-13 16:28 - 00000434 _____ C:\WINDOWS\Tasks\At3.job
2016-05-05 22:00 - 2016-02-13 16:28 - 00000434 _____ C:\WINDOWS\Tasks\At8.job
2016-05-05 19:17 - 2011-04-16 18:27 - 00000000 ____D C:\Documents and Settings\Milisa\Application Data\gtk-2.0
2016-05-05 19:17 - 2011-04-16 18:22 - 00000000 ____D C:\Documents and Settings\Milisa\.gimp-2.6
2016-05-05 19:17 - 2009-11-07 15:33 - 00000000 ____D C:\Documents and Settings\Milisa
2016-05-04 18:00 - 2016-02-25 17:04 - 00000446 _____ C:\WINDOWS\Tasks\ParetoLogic Registration3.job
2016-05-04 18:00 - 2016-02-13 16:28 - 00000434 _____ C:\WINDOWS\Tasks\At6.job
2016-05-01 15:08 - 2009-11-07 20:05 - 00000000 ___RD C:\Documents and Settings\Milisa\My Documents\My Videos
2016-04-14 17:19 - 2016-01-17 21:47 - 00009728 _____ C:\Documents and Settings\Milisa\My Documents\[bleep].wps
2016-04-13 13:43 - 2014-07-04 13:53 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-04-13 13:43 - 2006-09-17 00:08 - 132539272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-04-10 01:02 - 2016-02-25 17:03 - 00000420 _____ C:\WINDOWS\Tasks\ParetoLogic Update Version3.job
==================== Files in the root of some directories =======
2016-02-23 13:35 - 2016-02-23 13:39 - 0000053 ____C () C:\Documents and Settings\Milisa\Application Data\LogFile.txt
2010-06-10 15:59 - 2010-12-10 19:57 - 0002555 ____C () C:\Documents and Settings\Milisa\Application Data\SAS7_000.DAT
2011-07-06 12:38 - 2016-05-07 19:54 - 0025898 _____ () C:\Documents and Settings\Milisa\Application Data\wklnhst.dat
2010-03-09 19:07 - 2014-12-31 12:35 - 0008704 ____C () C:\Documents and Settings\Milisa\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2009-11-22 05:47 - 2015-08-31 23:32 - 0089172 ____C () C:\Documents and Settings\Milisa\Local Settings\Application Data\FASTWiz.log
2009-11-07 15:33 - 2006-09-07 14:13 - 0000128 ____C () C:\Documents and Settings\Milisa\Local Settings\Application Data\fusioncache.dat
2007-08-01 00:03 - 2009-11-15 16:54 - 0001755 ____C () C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
Files to move or delete:
====================
C:\Windows\Tasks\At1.job
C:\Windows\Tasks\At2.job
C:\Windows\Tasks\At3.job
C:\Windows\Tasks\At4.job
C:\Windows\Tasks\At5.job
C:\Windows\Tasks\At6.job
C:\Windows\Tasks\At7.job
C:\Windows\Tasks\At8.job
Some files in TEMP:
====================
C:\Documents and Settings\Milisa\Local Settings\Temp\HubManager.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => MD5 is legit
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\dnsapi.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version:07-05-2016
Ran by Milisa (2016-05-08 11:42:30)
Running from C:\Documents and Settings\Milisa\Desktop
Microsoft Windows XP Home Edition Service Pack 3 (X86) (2006-09-16 21:06:15)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2814364803-843946100-1677762924-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
Guest (S-1-5-21-2814364803-843946100-1677762924-501 - Limited - Enabled)
HelpAssistant (S-1-5-21-2814364803-843946100-1677762924-1006 - Limited - Disabled)
Milisa (S-1-5-21-2814364803-843946100-1677762924-1008 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Milisa
SUPPORT_388945a0 (S-1-5-21-2814364803-843946100-1677762924-1002 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Antivirus (Disabled) {7591DB91-41F0-48A3-B128-1A293FD8233D}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
32 Bit HP CIO Components Installer (Version: 6.1.1 - Hewlett-Packard) Hidden
Adobe Flash Player 21 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Conexant D850 56K V.9x DFVc Modem (HKLM\...\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1) (Version: - )
Dell CinePlayer (HKLM\...\{43CAC9A1-1993-4F65-9096-7C9AFC2BBF54}) (Version: 3.0 - Dell)
Dell Driver Reset Tool (HKLM\...\{5905F42D-3F5F-4916-ADA6-94A3646AEE76}) (Version: 1.02.0000 - Dell Inc.)
Dell System Detect (HKU\S-1-5-21-2814364803-843946100-1677762924-1008\...\58d94f3ce2c27db0) (Version: 6.12.0.5 - Dell)
Dell System Restore (HKLM\...\{74F7662C-B1DB-489E-A8AC-07A06B24978B}) (Version: 2.00.0000 - Dell Inc.)
Digital Content Portal (HKLM\...\{6D5FCA42-1486-4E32-AFE8-1B7E2AA59D33}) (Version: 1.00.0000 - Dell)
EducateU (HKLM\...\{A683A2C0-821C-486F-858C-FA634DB5E864}) (Version: 1.00.0000 - Dell)
ELIcon (Version: 1.00.0000 - Dell) Hidden
EPSON Connect version 1.0 (HKLM\...\EPSON Connect_is1) (Version: 1.0 - Epson America Inc.)
Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.7.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM\...\{17FA0444-A025-43B9-862C-81AE6307C2F2}) (Version: 3.10.0050 - Seiko Epson Corporation)
EPSON Scan (HKLM\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON XP-410 Series Printer Uninstall (HKLM\...\EPSON XP-410 Series) (Version: - SEIKO EPSON Corporation)
Epson XP-410 User's Guide version 1.0 (HKLM\...\UsersGuideEpson XP-410 User's Guide_is1) (Version: 1.0 - )
EpsonNet Print (HKLM\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
ffdshow [rev 2527] [2008-12-19] (HKLM\...\ffdshow_is1) (Version: 1.0 - )
Google Update Helper (Version: 1.3.21.169 - Google Inc.) Hidden
Intel® Extreme Graphics 2 Driver (HKLM\...\{8A708DD8-A5E6-11D4-A706-000629E95E20}) (Version: 6.14.10.4299 - )
Intel® PRO Network Adapters and Drivers (HKLM\...\PROSet) (Version: - )
Intel® PROSet for Wired Connections (HKLM\...\{17334AAF-C9E7-483B-9F45-E3FCAF07FFA7}) (Version: 8.00.5000 - Dell)
MCU (Version: 1.00.0000 - Dell) Hidden
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version: - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Base Smart Card Cryptographic Service Provider Package (HKLM\...\KB909520) (Version: - Microsoft Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Office XP Professional (HKLM\...\{91110409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Plus! Digital Media Edition Installer (HKLM\...\{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}) (Version: 1.1.0.3514 - Microsoft Corporation)
Microsoft Plus! Photo Story 2 LE (HKLM\...\{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}) (Version: 1.1.0.3463 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Windows Media Video 9 VCM (HKLM\...\WMV9_VCM) (Version: - )
Microsoft Works (HKLM\...\{6D52C408-B09A-4520-9B18-475B81D393F1}) (Version: 08.05.0818 - Microsoft Corporation)
Mozilla Firefox 46.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 46.0.1 (x86 en-US)) (Version: 46.0.1 - Mozilla)
MSVC80_x86 (Version: 1.0.1.0 - Nokia) Hidden
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
PrintMaster Gold 3.00 (HKLM\...\PrintMaster Gold 3.00) (Version: - )
SAMSUNG SYMBIAN USB Download Driver (HKLM\...\{D8CE69B0-9274-4b8c-BA49-0FF6A20A3C65}) (Version: 1.1.808.7165 - SAMSUNG Electronics CO,.LTD)
Segoe UI (Version: 14.0.4327.805 - Microsoft Corp) Hidden
Software Updater (HKLM\...\{8DBC5A0A-31C4-46C7-B252-6B593EA11A87}) (Version: 4.3.7 - SEIKO EPSON CORPORATION)
Sonic Activation Module (Version: 1.0 - Sonic Solutions) Hidden
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WebCyberCoach 3.2 Dell (HKLM\...\WebCyberCoach_wtrb) (Version: - )
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Installer Clean Up (HKLM\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sign-in Assistant (HKLM\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Upload Tool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - )
Windows Search 4.0 (HKLM\...\KB940157) (Version: 04.00.6001.503 - Microsoft Corporation)
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
XML Paper Specification Shared Components Pack 1.0 (Version: - Microsoft Corporation) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\At1.job => C:\Documents and Settings\All Users\Application Data\iolo\SCU\scuststr.lnk
Task: C:\WINDOWS\Tasks\At2.job => C:\Documents and Settings\All Users\Application Data\iolo\SCU\scuststr.lnk
Task: C:\WINDOWS\Tasks\At3.job => C:\Documents and Settings\All Users\Application Data\iolo\SCU\scuststr.lnk
Task: C:\WINDOWS\Tasks\At4.job => C:\Documents and Settings\All Users\Application Data\iolo\SCU\scuststr.lnk
Task: C:\WINDOWS\Tasks\At5.job => C:\Documents and Settings\All Users\Application Data\iolo\SCU\scuststr.lnk
Task: C:\WINDOWS\Tasks\At6.job => C:\Documents and Settings\All Users\Application Data\iolo\SCU\scuststr.lnk
Task: C:\WINDOWS\Tasks\At7.job => C:\Documents and Settings\All Users\Application Data\iolo\SCU\scuststr.lnk
Task: C:\WINDOWS\Tasks\At8.job => C:\Documents and Settings\All Users\Application Data\iolo\SCU\scuststr.lnk
Task: C:\WINDOWS\Tasks\EPSON XP-410 Series Invitation {1021F97F-E103-44FB-B493-B45A6521AC55}.job => C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FTSLAE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-410 Series Update {1021F97F-E103-44FB-B493-B45A6521AC55}.job => C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FTSLAE.EXE:/EXE:{1021F97F-E103-44FB-B493-B45A6521AC55} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\ParetoLogic Registration3.job => C:\WINDOWS\system32\rundll32.exeAC:\Program Files\Common Files\ParetoLogic\UUS3\UUS3.dll
Task: C:\WINDOWS\Tasks\ParetoLogic Update Version3 Startup Task.job => C:\Program Files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe
Task: C:\WINDOWS\Tasks\ParetoLogic Update Version3.job => C:\Program Files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe
Task: C:\WINDOWS\Tasks\SafeZone scheduled Autoupdate 1457541863.job => C:\Program Files\AVAST Software\SZBrowser\launcher.exe
Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{3FC32BFE-2D0E-4558-B1AC-B97DECCA73A5}.job => C:\WINDOWS\system32\msfeedssync.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2004-08-10 13:51 - 2013-01-02 02:49 - 01292288 _____ () C:\WINDOWS\system32\quartz.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:15D5AA51 [124]
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2 [220]
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:F35A93AD [149]
AlternateDataStreams: C:\Documents and Settings\Milisa\My Documents\Files named ablog jemima and hitler .fnd:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-2814364803-843946100-1677762924-1008\...\dell.com -> dell.com
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2004-08-10 13:51 - 2016-02-15 14:07 - 00000734 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2814364803-843946100-1677762924-1008\Control Panel\Desktop\\Wallpaper -> C:\Documents and Settings\Milisa\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
DNS Servers: 209.18.47.61 - 209.18.47.62
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
StandardProfile\AuthorizedApplications: [C:\Program Files\EPSON Software\Event Manager\EEventManager.exe] => Enabled:EEventManager Application
StandardProfile\AuthorizedApplications: [C:\Program Files\Mozilla Firefox\firefox.exe] => Enabled:Firefox (C:\Program Files\Mozilla Firefox)
==================== Restore Points =========================
22-02-2016 17:05:47 Reimage Express Restore Point
23-02-2016 18:17:04 System Checkpoint
24-02-2016 22:09:09 System Checkpoint
27-02-2016 15:29:27 System Checkpoint
02-03-2016 02:16:48 System Checkpoint
03-03-2016 20:01:20 System Checkpoint
04-03-2016 23:44:57 System Checkpoint
07-03-2016 13:09:20 System Checkpoint
08-03-2016 13:18:26 System Checkpoint
09-03-2016 01:33:36 Restore Operation
09-03-2016 12:43:14 Installed Windows XP Wdf01009.
09-03-2016 13:02:17 Restore Operation
09-03-2016 13:15:49 Software Distribution Service 3.0
10-03-2016 13:29:11 System Checkpoint
10-03-2016 19:00:28 Installed Windows XP Wdf01009.
10-03-2016 19:26:21 Installed Windows XP Wdf01009.
11-03-2016 21:51:19 System Checkpoint
14-03-2016 12:59:27 System Checkpoint
15-03-2016 13:43:39 System Checkpoint
16-03-2016 15:03:19 System Checkpoint
18-03-2016 16:51:03 System Checkpoint
19-03-2016 14:16:03 Restore Operation
21-03-2016 13:29:24 System Checkpoint
22-03-2016 14:16:16 System Checkpoint
29-03-2016 11:48:53 System Checkpoint
30-03-2016 18:16:17 System Checkpoint
03-04-2016 15:09:16 System Checkpoint
06-04-2016 12:28:29 System Checkpoint
09-04-2016 11:15:39 System Checkpoint
11-04-2016 13:36:57 System Checkpoint
12-04-2016 13:52:23 System Checkpoint
13-04-2016 13:42:57 Software Distribution Service 3.0
16-04-2016 11:44:09 System Checkpoint
19-04-2016 11:38:57 System Checkpoint
20-04-2016 14:28:38 System Checkpoint
21-04-2016 16:31:46 System Checkpoint
26-04-2016 22:04:39 System Checkpoint
27-04-2016 22:27:28 System Checkpoint
29-04-2016 13:03:16 System Checkpoint
01-05-2016 14:42:41 System Checkpoint
02-05-2016 21:10:41 System Checkpoint
03-05-2016 22:29:38 System Checkpoint
06-05-2016 22:05:30 Installed Adobe Reader 8
07-05-2016 13:22:27 Removed Adobe Reader 8
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (05/08/2016 11:41:25 AM) (Source: crypt32) (EventID: 8) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download....uthrootseq.txt>with error: This operation returned because the timeout period expired.
Error: (05/07/2016 01:25:11 PM) (Source: CardSpace 3.0.0.0) (EventID: 269) (User: NT AUTHORITY)
Description: The Windows CardSpace service is too busy to process this request.
User has too many outstanding requests.
Additional Information:
at System.Environment.GetStackTrace(Exception e, Boolean needFileInfo)
at System.Environment.get_StackTrace()
at Microsoft.InfoCards.Diagnostics.InfoCardTrace.BuildMessage(InfoCardBaseException ie)
at Microsoft.InfoCards.Diagnostics.InfoCardTrace.TraceAndLogException(Exception e)
at Microsoft.InfoCards.Diagnostics.InfoCardTrace.ThrowHelperError(Exception e)
at Microsoft.InfoCards.UIAgentMonitor.AddNewClient(UIAgentMonitorHandle handle)
at Microsoft.InfoCards.UIAgentMonitorHandle.CreateAgent(Int32 callerPid, WindowsIdentity callerIdentity, Int32 tsSessionId)
at Microsoft.InfoCards.RequestFactory.CreateClientRequestInstance(UIAgentMonitorHandle monitorHandle, String reqName, IntPtr rpcHandle, Stream inStream, Stream outStream)
at Microsoft.InfoCards.RequestFactory.ProcessNewRequest(Int32 parentRequestHandle, IntPtr rpcHandle, IntPtr inArgs, IntPtr& outArgs)
Error: (05/07/2016 01:25:11 PM) (Source: CardSpace 3.0.0.0) (EventID: 269) (User: NT AUTHORITY)
Description: The Windows CardSpace service is too busy to process this request.
User has too many outstanding requests.
Additional Information:
at System.Environment.GetStackTrace(Exception e, Boolean needFileInfo)
at System.Environment.get_StackTrace()
at Microsoft.InfoCards.Diagnostics.InfoCardTrace.BuildMessage(InfoCardBaseException ie)
at Microsoft.InfoCards.Diagnostics.InfoCardTrace.TraceAndLogException(Exception e)
at Microsoft.InfoCards.Diagnostics.InfoCardTrace.ThrowHelperError(Exception e)
at Microsoft.InfoCards.UIAgentMonitor.AddNewClient(UIAgentMonitorHandle handle)
at Microsoft.InfoCards.UIAgentMonitorHandle.CreateAgent(Int32 callerPid, WindowsIdentity callerIdentity, Int32 tsSessionId)
at Microsoft.InfoCards.RequestFactory.CreateClientRequestInstance(UIAgentMonitorHandle monitorHandle, String reqName, IntPtr rpcHandle, Stream inStream, Stream outStream)
at Microsoft.InfoCards.RequestFactory.ProcessNewRequest(Int32 parentRequestHandle, IntPtr rpcHandle, IntPtr inArgs, IntPtr& outArgs)
Error: (05/07/2016 12:52:27 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application firefox.exe, version 46.0.1.5966, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Error: (05/06/2016 11:37:02 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application mbam.exe, version 2.3.173.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Error: (05/06/2016 08:15:54 PM) (Source: Application Hang) (EventID: 1001) (User: )
Description: Fault bucket 762636590.
Error: (05/06/2016 08:15:54 PM) (Source: crypt32) (EventID: 8) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download....uthrootseq.txt>with error: The specified server cannot perform the requested operation.
Error: (05/06/2016 08:15:54 PM) (Source: crypt32) (EventID: 8) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download....uthrootseq.txt>with error: This operation returned because the timeout period expired.
Error: (05/06/2016 08:15:35 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application firefox.exe, version 46.0.1.5966, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Error: (04/14/2016 11:47:06 AM) (Source: Application Hang) (EventID: 1001) (User: )
Description: Fault bucket 713865802.
System errors:
=============
Error: (05/08/2016 10:00:00 AM) (Source: Schedule) (EventID: 7901) (User: )
Description: The At4.job command failed to start due to the following error:
%%2147942402
Error: (05/08/2016 09:29:57 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Windows Search service terminated with service-specific error 2147746132 (0x80040154).
Error: (05/08/2016 09:29:57 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Routing and Remote Access service terminated with service-specific error 711 (0x2C7).
Error: (05/08/2016 09:29:57 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Windows Media Player Network Sharing Service service depends on the Universal Plug and Play Device Host service which failed to start because of the following error:
%%1058
Error: (05/08/2016 09:29:57 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Alerter service depends on the Workstation service which failed to start because of the following error:
%%1058
Error: (05/08/2016 09:29:57 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The adfs service failed to start due to the following error:
%%2
Error: (05/07/2016 07:22:42 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Windows Search service terminated with service-specific error 2147746132 (0x80040154).
Error: (05/07/2016 07:22:42 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Routing and Remote Access service terminated with service-specific error 711 (0x2C7).
Error: (05/07/2016 07:22:42 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Windows Media Player Network Sharing Service service depends on the Universal Plug and Play Device Host service which failed to start because of the following error:
%%1058
Error: (05/07/2016 07:22:42 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Alerter service depends on the Workstation service which failed to start because of the following error:
%%1058
==================== Memory info ===========================
Processor: Intel® Celeron® CPU 2.53GHz
Percentage of memory in use: 47%
Total physical RAM: 1277.98 MB
Available physical RAM: 665.21 MB
Total Virtual: 1900.75 MB
Available Virtual: 1475.79 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:52.71 GB) (Free:25.12 GB) NTFS ==>[drive with boot components (Windows XP)]
Drive d: (COMPAQ) (Fixed) (Total:7.86 GB) (Free:7.86 GB) FAT32
Drive e: (Backup) (Fixed) (Total:18.17 GB) (Free:18.08 GB) NTFS
Drive f: (Kodak_CD-ROM) (CDROM) (Total:0.43 GB) (Free:0 GB) UDF
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 74.5 GB) (Disk ID: D0F4738C)
Partition 1: (Not Active) - (Size=31 MB) - (Type=DE)
Partition 2: (Active) - (Size=52.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=18.2 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=3.6 GB) - (Type=DB)
========================================================
Disk: 1 (Size: 7.9 GB) (Disk ID: C197C197)
Partition 1: (Active) - (Size=7.9 GB) - (Type=0C)
==================== End of Addition.txt ============================