Hmmm... Updatus User? What is this?
PS: I have some important .txt, .doc or .xls files. I don't want to lose them.
Here are the results:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 02-07-2016
Ran by Bogdanian (administrator) on ACASA (05-07-2016 00:04:47)
Running from C:\Documents and Settings\Bogdanian\Desktop
Loaded Profiles: Bogdanian & UpdatusUser (Available Profiles: Bogdanian & UpdatusUser)
Platform: Microsoft Windows XP Professional Service Pack 2 (X86) Language: English (United States)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Creative Technology Ltd) C:\WINDOWS\system32\CTSVCCDA.EXE
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jqs.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesApp32.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] => RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [1634112 2000-01-01] ()
HKLM\...\Run: [NeroFilterCheck] => C:\WINDOWS\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254696 2012-01-18] (Sun Microsystems, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7139256 2016-03-23] (AVAST Software)
HKU\S-1-5-21-1214440339-308236825-682003330-1003\...\Run: [Messenger (Yahoo!)] => C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.)
HKU\S-1-5-21-1214440339-308236825-682003330-1003\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-1214440339-308236825-682003330-1003\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-1214440339-308236825-682003330-1003\...\MountPoints2: K - K:\Autorun.exe
IFEO\yahoomessenger.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2016-02-26] (AVAST Software)
BootExecute: autocheck autochk * eautocheck autochk *
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 95.77.94.88 78.96.7.88
Tcpip\..\Interfaces\{A88D0840-2D22-42BA-9327-A7A8CF463606}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{A88D0840-2D22-42BA-9327-A7A8CF463606}: [DhcpNameServer] 95.77.94.88 78.96.7.88
Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.geocities.com/netpocalypse/index.html
HKU\S-1-5-21-1214440339-308236825-682003330-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
URLSearchHook: [S-1-5-21-1214440339-308236825-682003330-1005] ATTENTION => Default URLSearchHook is missing
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll [2012-09-08] (Sun Microsystems, Inc.)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-02-26] (AVAST Software)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-09-08] (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class -> {E7E6F031-17CE-4C07-BC86-EABFE594F69C} -> C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2012-09-08] (Sun Microsystems, Inc.)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL [2000-04-19] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Bogdanian\Application Data\Mozilla\Firefox\Profiles\prsknhop.default-1431867247000
FF Homepage: hxxp://google.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-24] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1223183.dll [2015-12-22] (Adobe Systems, Inc.)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll [2012-09-08] (Sun Microsystems, Inc.)
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files\Yahoo!\Shared\npYState.dll [2012-05-25] (Yahoo! Inc.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-09-23] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-09-23] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-12-18] (Adobe Systems Inc.)
FF Extension: YouTube ALL HTML5 - C:\Documents and Settings\Bogdanian\Application Data\Mozilla\Firefox\Profiles\prsknhop.default-1431867247000\Extensions\jid1-qj0w91o64N7Eeg@jetpack.xpi [2016-02-05]
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF Extension: Java Quick Starter - C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2012-09-08] [not signed]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2014-01-04] [not signed]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-02-27]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-02-27]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2016-02-26]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-02-26]
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - <no Path\update_url>
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2012-09-16] (Adobe Systems) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [237096 2016-02-26] (AVAST Software)
R2 Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.exe [44032 1999-12-13] (Creative Technology Ltd) [File not signed]
R2 JavaQuickStarterService; C:\Program Files\Java\jre6\bin\jqs.exe [153376 2012-09-08] (Sun Microsystems, Inc.)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 MDM; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [315392 2002-01-05] (Microsoft Corporation) [File not signed]
S3 MozillaMaintenance; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [146888 2016-06-13] (Mozilla Foundation) [File not signed]
R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe [1774904 2014-04-15] (TuneUp Software)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [32792 2016-02-26] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [35096 2016-03-22] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [91168 2016-03-09] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [64272 2016-02-26] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [58776 2016-02-26] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [816304 2016-03-09] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [447848 2016-02-26] (AVAST Software)
R3 aswStmXP; C:\WINDOWS\system32\drivers\aswStmXP.sys [171608 2016-02-26] (AVAST Software)
S3 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [67088 2016-02-26] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [221240 2016-02-26] (AVAST Software)
R0 d347bus; C:\WINDOWS\System32\DRIVERS\d347bus.sys [155136 2004-08-22] ( ) [File not signed]
R0 d347prt; C:\WINDOWS\System32\Drivers\d347prt.sys [5248 2004-08-22] ( ) [File not signed]
R0 giveio; C:\WINDOWS\System32\giveio.sys [5248 1996-04-03] () [File not signed]
R3 HdAudAddService; C:\WINDOWS\System32\drivers\HdAudio.sys [145920 2005-01-07] (Windows ® Server 2003 DDK provider)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [24448 2016-03-10] (Malwarebytes)
R3 MTsensor; C:\WINDOWS\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
R3 pfc; C:\WINDOWS\System32\drivers\pfc.sys [10368 2012-07-05] (Padus, Inc.) [File not signed]
S3 ptun0901; C:\WINDOWS\System32\DRIVERS\ptun0901.sys [35288 2014-03-10] (The OpenVPN Project)
R2 Secdrv; C:\WINDOWS\System32\DRIVERS\secdrv.sys [11973 2012-10-18] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
R0 speedfan; C:\WINDOWS\System32\speedfan.sys [25240 2011-03-18] (Almico Software)
R1 SSHDRV65; C:\WINDOWS\system32\drivers\SSHDRV65.sys [120320 2013-06-21] () [File not signed]
R3 stdriver; C:\WINDOWS\System32\DRIVERS\stdriverx86.sys [44624 2014-12-20] ()
S3 tap0901; C:\WINDOWS\System32\DRIVERS\tap0901.sys [35288 2013-08-22] (The OpenVPN Project)
R3 taphss; C:\WINDOWS\System32\DRIVERS\taphss.sys [33512 2015-12-15] (AnchorFree Inc)
R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesDriver32.sys [12320 2014-03-26] (TuneUp Software)
S4 IntelIde; no ImagePath
S3 pccsmcfd; system32\DRIVERS\pccsmcfd.sys [X]
S3 SASPROT; \??\C:\Program Files\Systweak AntiSpyware\sasprot.sys [X]
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [File not signed]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-07-05 00:04 - 2016-07-05 00:05 - 00013057 _____ C:\Documents and Settings\Bogdanian\Desktop\FRST.txt
2016-07-05 00:04 - 2016-07-05 00:04 - 00000000 ____D C:\FRST
2016-07-05 00:03 - 2016-07-05 00:03 - 01740288 _____ (Farbar) C:\Documents and Settings\Bogdanian\Desktop\FRST.exe
2016-07-04 22:39 - 2016-07-04 22:45 - 00051176 _____ C:\Speccy log.txt
2016-07-04 22:37 - 2016-07-04 22:37 - 00000654 _____ C:\Documents and Settings\All Users\Desktop\Speccy.lnk
2016-07-04 22:37 - 2016-07-04 22:37 - 00000000 ____D C:\Program Files\Speccy
2016-07-04 22:37 - 2016-07-04 22:37 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Speccy
2016-07-04 22:35 - 2016-07-04 22:35 - 00014231 _____ C:\VEW2.txt
2016-07-04 22:29 - 2016-07-04 22:29 - 00008531 _____ C:\VEW1.txt
2016-07-04 22:25 - 2016-07-04 22:32 - 00015418 _____ C:\VEW.txt
2016-07-04 22:23 - 2016-07-04 22:23 - 00061440 _____ ( ) C:\Documents and Settings\Bogdanian\Desktop\VEW.exe
2016-07-04 21:34 - 2016-07-04 21:34 - 00002982 _____ C:\System Idle Process.txt
2016-07-04 21:26 - 2016-07-04 21:26 - 00003066 _____ C:\JRT.txt
2016-07-04 21:24 - 2016-07-04 21:24 - 00003066 _____ C:\Documents and Settings\Bogdanian\Desktop\JRT.txt
2016-07-04 21:21 - 2016-07-04 21:21 - 00014011 _____ C:\AdwCleaner[C1].txt
2016-07-04 18:35 - 2016-07-04 18:35 - 01270466 _____ C:\ProcessExplorer.zip
2016-07-04 18:35 - 2016-07-04 18:35 - 00000000 ____D C:\ProcessExplorer
2016-07-03 21:35 - 2016-07-03 21:36 - 00000000 ____D C:\Program Files\BookCAT
2016-07-03 21:35 - 2016-07-03 21:35 - 00001528 _____ C:\Documents and Settings\All Users\Desktop\BookCAT.lnk
2016-07-03 21:35 - 2016-07-03 21:35 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\BookCAT
2016-07-03 01:00 - 2016-07-04 00:24 - 00053956 _____ C:\Documents and Settings\Bogdanian\Desktop\jo_Cosmina.txt
2016-07-01 19:11 - 2016-07-03 17:13 - 00000077 _____ C:\Documents and Settings\Bogdanian\Desktop\Caltut Valentin adresa.txt
2016-06-27 21:54 - 2016-06-27 21:54 - 00000036 _____ C:\Documents and Settings\Bogdanian\Desktop\adresa bucur obor.txt
2016-06-26 16:42 - 2016-06-26 16:43 - 00000000 ____D C:\Documents and Settings\Bogdanian\Desktop\GrantPerms
2016-06-26 16:41 - 2016-06-26 16:41 - 00453083 _____ C:\Documents and Settings\Bogdanian\Desktop\GrantPerms.zip
2016-06-25 00:12 - 2016-07-03 00:59 - 00061349 _____ C:\Documents and Settings\Bogdanian\Desktop\hera.txt
2016-06-24 18:37 - 2016-06-24 18:37 - 20019904 _____ (Adobe Systems Incorporated) C:\Documents and Settings\Bogdanian\My Documents\install_flash_player.exe
2016-06-24 00:04 - 2016-06-24 00:04 - 00106496 _____ C:\WINDOWS\Minidump\Mini062416-01.dmp
2016-06-13 21:17 - 2016-06-13 21:17 - 21027355 _____ C:\Documents and Settings\Bogdanian\Desktop\wetransfer-8bd6d5.zip
2016-06-13 20:02 - 2016-07-04 23:23 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-06-13 00:26 - 2016-06-14 02:14 - 00019456 _____ C:\Documents and Settings\Bogdanian\My Documents\Juniori A1.xls
2016-06-08 20:36 - 2016-06-08 20:36 - 00000215 _____ C:\Documents and Settings\Bogdanian\Desktop\Singureni Malu 0-2.txt
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-07-05 00:05 - 2012-07-04 21:22 - 00000000 ____D C:\Documents and Settings\Bogdanian\Local Settings\Temp
2016-07-05 00:01 - 2001-08-23 17:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2016-07-04 23:13 - 2012-07-04 20:48 - 00000886 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-04 22:45 - 2015-04-10 23:41 - 00000364 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job
2016-07-04 22:44 - 2012-07-04 22:55 - 00000000 ____D C:\WINDOWS\security
2016-07-04 22:26 - 2012-07-04 21:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-07-04 22:26 - 2012-07-04 20:48 - 00000882 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-04 21:22 - 2012-07-04 21:22 - 00000000 ___RD C:\Documents and Settings\Bogdanian\My Documents
2016-07-04 21:21 - 2012-07-04 21:09 - 00000178 ___SH C:\Documents and Settings\UpdatusUser\ntuser.ini
2016-07-04 21:16 - 2015-03-13 20:17 - 00196608 _____ C:\WINDOWS\system32\config\TuneUp.evt
2016-07-04 21:16 - 2012-07-04 21:22 - 00000278 ___SH C:\Documents and Settings\Bogdanian\ntuser.ini
2016-07-04 21:16 - 2012-07-04 21:21 - 00032554 _____ C:\WINDOWS\SchedLgU.Txt
2016-07-04 21:15 - 2013-08-23 19:14 - 00000000 ____D C:\AdwCleaner
2016-07-04 21:15 - 2012-07-04 22:37 - 00000000 ____D C:\Program Files\Yahoo!
2016-07-04 21:02 - 2016-04-27 19:19 - 00000000 ____D C:\Documents and Settings\Bogdanian\Application Data\.purple
2016-07-04 04:58 - 2012-07-04 21:22 - 00000000 ____D C:\Documents and Settings\Bogdanian
2016-07-04 04:53 - 2014-05-25 00:55 - 00000000 ____D C:\WINDOWS\uninstall
2016-07-04 02:01 - 2015-01-23 21:23 - 00170200 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-07-04 01:26 - 2012-07-05 16:56 - 00000000 ____D C:\Documents and Settings\Bogdanian\Local Settings\Application Data\ApplicationHistory
2016-06-26 14:58 - 2012-07-04 21:32 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2016-06-24 19:21 - 2012-07-04 20:55 - 00796352 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2016-06-24 19:21 - 2012-07-04 20:55 - 00142528 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2016-06-24 18:36 - 2014-09-01 00:19 - 00000000 ____D C:\Documents and Settings\Bogdanian\Local Settings\Application Data\Adobe
2016-06-24 00:04 - 2012-10-01 18:25 - 00000000 ____D C:\WINDOWS\Minidump
2016-06-23 03:11 - 2012-07-04 21:22 - 00000000 ___RD C:\Documents and Settings\Bogdanian\My Documents\My Pictures
2016-06-21 22:04 - 2016-05-24 22:30 - 00035066 _____ C:\Documents and Settings\Bogdanian\Desktop\Ariel.txt
2016-06-21 19:23 - 2012-07-05 17:59 - 00000000 ____D C:\Documents and Settings\Bogdanian\Application Data\mIRC
2016-06-21 19:21 - 2012-07-05 17:59 - 00000000 ____D C:\Program Files\mIRC
2016-06-18 13:01 - 2012-11-22 22:16 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\EA SPORTS
2016-06-14 11:26 - 2015-08-28 23:32 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
==================== Files in the root of some directories =======
2012-08-12 18:01 - 2012-08-12 18:05 - 0008063 _____ () C:\Documents and Settings\Bogdanian\Application Data\Swoosh.game
2012-07-05 05:00 - 2016-05-03 00:33 - 0039424 _____ () C:\Documents and Settings\Bogdanian\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-07-05 16:56 - 2012-07-05 16:56 - 0000132 _____ () C:\Documents and Settings\Bogdanian\Local Settings\Application Data\fusioncache.dat
2013-02-03 04:45 - 2013-08-07 23:07 - 0000054 _____ () C:\Documents and Settings\Bogdanian\Local Settings\Application Data\info.ini
2013-02-03 04:33 - 2013-02-03 04:33 - 0000741 _____ () C:\Documents and Settings\Bogdanian\Local Settings\Application Data\recently-used.xbel
Some files in TEMP:
====================
C:\Documents and Settings\Bogdanian\Local Settings\Temp\bassmod.dll
C:\Documents and Settings\Bogdanian\Local Settings\Temp\libeay32.dll
C:\Documents and Settings\Bogdanian\Local Settings\Temp\msvcr120.dll
C:\Documents and Settings\Bogdanian\Local Settings\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 02-07-2016
Ran by Bogdanian (2016-07-05 00:07:20)
Running from C:\Documents and Settings\Bogdanian\Desktop
Microsoft Windows XP Professional Service Pack 2 (X86) (2012-07-04 18:20:29)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1214440339-308236825-682003330-500 - Administrator - Enabled)
ASPNET (S-1-5-21-1214440339-308236825-682003330-1006 - Limited - Enabled)
Bogdanian (S-1-5-21-1214440339-308236825-682003330-1003 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Bogdanian
Guest (S-1-5-21-1214440339-308236825-682003330-501 - Limited - Disabled)
HelpAssistant (S-1-5-21-1214440339-308236825-682003330-1000 - Limited - Disabled)
SUPPORT_388945a0 (S-1-5-21-1214440339-308236825-682003330-1002 - Limited - Disabled)
UpdatusUser (S-1-5-21-1214440339-308236825-682003330-1005 - Limited - Enabled) => %SystemDrive%\Documents and Settings\UpdatusUser
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ACDSee Pro (HKLM\...\{F99F74B4-972B-4B06-B893-6B3B0DB0128B}) (Version: 8.0.67 - ACD Systems Ltd.)
Adobe Flash Player 21 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Adobe Photoshop CS2 (HKLM\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.01) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.01 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM\...\Adobe Shockwave Player) (Version: 12.2.3.183 - Adobe Systems, Inc.)
AGEIA PhysX v7.03.21 (HKLM\...\{85EBB283-65AF-4C53-9EBE-7C0A232762F7}) (Version: 7.03.21 - AGEIA Technologies, Inc.)
AIDA64 Extreme Edition v2.50 (HKLM\...\AIDA64 Extreme Edition_is1) (Version: 2.50 - FinalWire Ltd.)
Attribute Changer 6.20 (HKLM\...\{27263813-8BDE-4CD2-84D3-02536743428A}_is1) (Version: 6.20 - Romain Petges)
Aurora SVG Viewer & Converter version 11.5 (HKLM\...\{086EADE2-99F8-40BB-AFB0-C9B950501AF5}_is1) (Version: 11.5 - Aurora3D, Inc.)
Avast Free Antivirus (HKLM\...\Avast) (Version: 11.1.2253 - AVAST Software)
Basketball Stat Manager 2.0 (HKLM\...\Basketball Stat Manager) (Version: 2.0 - Stat Manager)
BookCAT (HKLM\...\BookCAT_is1) (Version: - FNProgramvare)
Carambis Driver Updater (HKLM\...\Driver Updater) (Version: 2.0.0.7613 - MEDIA FOG LTD)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6514.5001 - Microsoft Corporation)
Creative MediaSource 5 (HKLM\...\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}) (Version: 5.00 - )
Creative Software AutoUpdate (HKLM\...\Creative Software AutoUpdate) (Version: - )
Das Fussball Studio 8.5.2 (Beta) (HKLM\...\{F804CEB4-747E-46D5-B8AB-C56E3BAF27D9}_is1) (Version: 8.5.2 - vmLOGIC - Volker Mallmann)
DFS Map-Tool 1.0.4 (HKLM\...\{9C0A20E6-A9E1-44BE-8E3E-3E6529FCCC61}_is1) (Version: 1.0.4 - Harry Rechten)
Easy MP3 Sound Recorder 2.01 (HKLM\...\{3E1ECEEC-814C-4B53-9E08-9B1F2FA83434}) (Version: 2.01.0000 - Shiyi Software Workroom)
FIFA MANAGER 10 (HKLM\...\FIFA MANAGER 10) (Version: 2.0.0.6 - Electronic Arts)
FormatFactory 2.96 (HKLM\...\FormatFactory) (Version: 2.96 - Free Time)
Free Sound Recorder v9.4.1 (HKLM\...\Free Sound Recorder_is1) (Version: - Copyright© 2005-2012 FreeSoundRecorder Technologies, Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.30.3 - Google Inc.) Hidden
Groove Games\Land Of The Dead (HKLM\...\LandOfTheDead) (Version: - )
High Definition Audio Driver Package - KB888111 (HKLM\...\KB888111WXPSP2) (Version: 20040219.000000 - Microsoft Corporation)
IMosaic (HKLM\...\{89F72A6E-05C7-4066-BC80-3DBEDA4E8BF2}) (Version: 0.9.6 - IMosaic)
Java 6 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)
LeaguePad (HKLM\...\LeaguePad4.5) (Version: - )
Ltrack 7.3 (HKLM\...\Ltrack_is1) (Version: - Nigel Thomas)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 1.1 (HKLM\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office 2003 Romanian User Interface Pack (HKLM\...\{901E0418-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{90110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation)
Microsoft Report Viewer Redistributable 2008 (HKLM\...\Microsoft Report Viewer Redistributable 2008) (Version: - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.9 (HKLM\...\Wudf01009) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
mIRC (HKLM\...\mIRC) (Version: 7.25 - mIRC Co. Ltd.)
Mozilla Firefox 47.0 (x86 en-US) (HKLM\...\Mozilla Firefox 47.0 (x86 en-US)) (Version: 47.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 47.0.0.5999 - Mozilla)
MSVC80_x86 (Version: 1.0.1.0 - Nokia) Hidden
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSXML 6.0 Parser (KB933579) (HKLM\...\{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}) (Version: 6.10.1200.0 - Microsoft Corporation)
MX vs ATV Unleashed (HKLM\...\{BBE18EBD-CD44-4C51-8BC5-577ECCCEC68F}) (Version: 1.00.0000 - THQ)
MySQL Connector/ODBC 3.51 (HKLM\...\{0CB3C535-1171-4A20-B549-E2CB5DEB9723}) (Version: 3.51.12 - MySQL AB)
NEF to JPG (HKLM\...\{13D87B39-2A3B-4675-A0D9-B8B01EA2F8E3}_is1) (Version: - neftojpg.com)
Nero 6 Ultra Edition (HKLM\...\Nero - Burning Rom!UninstallKey) (Version: - )
NSIS LHM2005 (remove only) (HKLM\...\LHM2005) (Version: - )
NSIS LHM2006 (remove only) (HKLM\...\LHM2006) (Version: - )
NVIDIA Graphics Driver 301.42 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 301.42 - NVIDIA Corporation)
NVIDIA nView 136.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 136.27 - NVIDIA Corporation)
NVIDIA Update 1.8.15 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.8.15 - NVIDIA Corporation)
Origin (HKLM\...\Origin) (Version: 9.2.1.4399 - Electronic Arts, Inc.)
PC Connectivity Solution (HKLM\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.3.2 - Frank Heindörfer, Philip Chinery)
Perfect Uninstaller v6.3.3.9 (HKLM\...\Perfect Uninstaller_is1) (Version: - www.PerfectUninstaller.com)
PhotoScape (HKLM\...\PhotoScape) (Version: - )
Pidgin (HKLM\...\Pidgin) (Version: 2.10.12 - )
Realtek AC'97 Audio (HKLM\...\{FB08F381-6533-4108-B7DD-039E11FBC27E}) (Version: 5.33 - Realtek Semiconductor Corp.)
REALTEK GbE & FE Ethernet PCI NIC Driver (HKLM\...\{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}) (Version: 1.23.0000 - Realtek)
REALTEK GbE & FE Ethernet PCI-E NIC Driver (HKLM\...\{C9BED750-1211-4480-B1A5-718A3BE15525}) (Version: 1.00.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.6013 - Realtek Semiconductor Corp.)
RecordPad Sound Recorder (HKLM\...\Recordpad) (Version: 5.28 - NCH Software)
Revo Uninstaller Pro 3.1.5 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.5 - VS Revo Group, Ltd.)
SevenZip (HKLM\...\SevenZip) (Version: 9.20 - SevenZip)
SopCast 3.5.0 (HKLM\...\SopCast) (Version: 3.5.0 - www.sopcast.com)
SoundTap Streaming Audio Recorder (HKLM\...\SoundTap) (Version: 2.31 - NCH Software)
Speccy (HKLM\...\Speccy) (Version: 1.29 - Piriform)
SpeedFan (remove only) (HKLM\...\SpeedFan) (Version: - )
SPMT (HKLM\...\{097AE5D5-478A-4F29-A8D9-95575F0A0C00}) (Version: 2.6.0 - SPMT)
Sport Tables 2.4 (HKLM\...\Sport Tables_is1) (Version: - FN Systems, Ltd.)
Sports Card Collector v5.1 (HKLM\...\Sports Card Collector v5.1) (Version: - )
SUPER © v2012.build.52 (July 7, 2012) version v2012.build.52 (HKLM\...\{8F311E2E-C275-4CF0-8154-B63991832668}_is1) (Version: v2012.build.52 - eRightSoft)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Total Club Manager 2004 (HKLM\...\{6E5BC38E-F22B-4197-00A2-CD8E58EF139C}) (Version: - )
Total Video Converter 3.21 090220 (HKLM\...\Total Video Converter 3.21_is1) (Version: - EffectMatrix Inc.)
TuneUp Utilities 2014 (en-US) (Version: 14.0.1000.296 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM\...\TuneUp Utilities) (Version: 14.0.1000.296 - TuneUp Software)
TuneUp Utilities 2014 (Version: 14.0.1000.296 - TuneUp Software) Hidden
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Vector Magic (HKLM\...\Vector Magic) (Version: 1.15 - Vector Magic, Inc.)
VLC media player 2.1.0 (HKLM\...\VLC media player) (Version: 2.1.0 - VideoLAN)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Winamp (remove only) (HKLM\...\Winamp) (Version: - )
Windows Driver Package - Nokia Modem (06/01/2009 4.1) (HKLM\...\E8A6D621B6D3FC5D43C68C549D959DE76EEF5D84) (Version: 06/01/2009 4.1 - Nokia)
Windows Driver Package - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia)
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray (HKLM\...\KB952011) (Version: 1.0 - Microsoft Corporation)
Windows Imaging Component (HKLM\...\WIC) (Version: 3.0.0.0 - Microsoft Corporation)
Windows Installer 3.1 (KB893803) (HKLM\...\KB893803v2) (Version: 3.1 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows Media Player 10 (HKLM\...\Windows Media Player) (Version: - )
WinRAR 4.01 beta 1 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.1 - win.rar GmbH)
Wizard Sports (HKU\S-1-5-21-1214440339-308236825-682003330-1003\...\Wizard Sports) (Version: - )
Yahoo! Messenger (HKLM\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)
Yahoo! Software Update (HKLM\...\Yahoo! Software Update) (Version: - )
Yammy 0.7 (HKLM\...\Yammy) (Version: 0.7 - Pravin Paratey)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Documents and Settings\Bogdanian\Start Menu\Programs\SevenZip 9.20\Visit SevenZip website.lnk -> hxxp://www.sevenzip.info/ (No File)
Shortcut: C:\Documents and Settings\Bogdanian\Start Menu\Programs\Basketball Stat Manager\Stat Manager Website.lnk -> hxxp://www.basketballstatmanager.com/ (No File)
Shortcut: C:\Documents and Settings\Bogdanian\Favorites\NCH Software Download Site.lnk -> hxxp://www.nch.com.au/index.html (No File)
Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Super Hide IP\Help.lnk -> hxxp://client.superhideip.com/client/?PID=SHI&ACTION=help (No File)
==================== Loaded Modules (Whitelisted) ==============
2015-04-10 23:40 - 2016-02-26 23:44 - 00113496 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-04-10 23:40 - 2016-02-26 23:44 - 00133768 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-07-04 20:36 - 2016-07-04 20:36 - 02996736 _____ () C:\Program Files\AVAST Software\Avast\defs\16070401\algo.dll
2016-04-14 19:19 - 2016-04-14 19:19 - 00509344 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2004-08-22 17:04 - 2004-08-22 17:04 - 00069120 _____ () C:\WINDOWS\daemon.dll
2003-12-30 21:52 - 2003-12-30 21:52 - 00007168 _____ () C:\Program Files\D-Tools\Plugins\Images\bw5mount.dll
2015-04-10 23:40 - 2015-12-21 22:47 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2004-08-04 03:56 - 2004-08-04 03:56 - 01287680 _____ () C:\WINDOWS\system32\quartz.dll
2016-06-24 18:38 - 2016-06-24 19:21 - 19455168 _____ () C:\WINDOWS\system32\Macromed\Flash\NPSWF32_22_0_0_192.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:373E1720 [119]
AlternateDataStreams: C:\Documents and Settings\Bogdanian\My Documents\8c283f0cbe825f93ca4fac16e2a6d414.zip:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2001-08-23 17:00 - 2014-09-18 21:02 - 00000732 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1214440339-308236825-682003330-1003\Control Panel\Desktop\\Wallpaper -> C:\Documents and Settings\Bogdanian\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
HKU\S-1-5-21-1214440339-308236825-682003330-1005\Control Panel\Desktop\\Wallpaper -> (None)
DNS Servers: 8.8.8.8 - 8.8.4.4
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^Documents and Settings^Bogdanian^Start Menu^Programs^Startup^Adobe Gamma.lnk => C:\WINDOWS\pss\Adobe Gamma.lnkStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: CreativeTaskScheduler => "C:\Program Files\Creative\Shared Files\CTSched.exe" /logon
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
StandardProfile\AuthorizedApplications: [C:\Program Files\mIRC\mirc.exe] => Enabled:mIRC
StandardProfile\AuthorizedApplications: [C:\Program Files\Internet Explorer\iexplore.exe] => Enabled:Internet Explorer
StandardProfile\AuthorizedApplications: [E:\Yu-Gi-Oh! Trilogy\Yu-Gi-Oh! Joey the Passion\joey_pc.exe] => Enabled:joey_pc
StandardProfile\AuthorizedApplications: [C:\WINDOWS\system32\dpnsvr.exe] => Enabled:Microsoft DirectPlay8 Server
StandardProfile\AuthorizedApplications: [C:\Program Files\SopCast\SopCast.exe] => Enabled:SopCast Main Application
StandardProfile\AuthorizedApplications: [C:\Program Files\Mozilla Firefox\firefox.exe] => Enabled:Firefox (C:\Program Files\Mozilla Firefox)
DomainProfile\GloballyOpenPorts: [139:TCP] => Enabled:@xpsp2res.dll,-22004
DomainProfile\GloballyOpenPorts: [445:TCP] => Enabled:@xpsp2res.dll,-22005
DomainProfile\GloballyOpenPorts: [137:UDP] => Enabled:@xpsp2res.dll,-22001
DomainProfile\GloballyOpenPorts: [138:UDP] => Enabled:@xpsp2res.dll,-22002
StandardProfile\GloballyOpenPorts: [139:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22004
StandardProfile\GloballyOpenPorts: [445:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22005
StandardProfile\GloballyOpenPorts: [137:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22001
StandardProfile\GloballyOpenPorts: [138:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22002
==================== Restore Points =========================
27-06-2016 19:35:59 System Checkpoint
29-06-2016 20:23:57 System Checkpoint
01-07-2016 22:19:04 System Checkpoint
02-07-2016 22:20:21 System Checkpoint
04-07-2016 21:21:56 JRT Pre-Junkware Removal
==================== Faulty Device Manager Devices =============
Name: Multimedia Audio Controller
Description: Multimedia Audio Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: SM Bus Controller
Description: SM Bus Controller
Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (06/28/2016 11:41:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application plugin-container.exe, version 47.0.0.5999, faulting module mozglue.dll, version 47.0.0.5999, fault address 0x0000f3ad.
Processing media-specific event for [plugin-container.exe!ws!]
Error: (06/24/2016 09:25:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application plugin-container.exe, version 47.0.0.5999, faulting module mozglue.dll, version 47.0.0.5999, fault address 0x0000f3ad.
Processing media-specific event for [plugin-container.exe!ws!]
Error: (06/24/2016 09:25:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application plugin-container.exe, version 47.0.0.5999, faulting module mozglue.dll, version 47.0.0.5999, fault address 0x0000f3ad.
Processing media-specific event for [plugin-container.exe!ws!]
Error: (06/15/2016 11:30:02 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Error: (06/15/2016 11:16:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module unknown, version 0.0.0.0, fault address 0x053cd2c8.
Processing media-specific event for [iexplore.exe!ws!]
Error: (06/14/2016 09:59:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module unknown, version 0.0.0.0, fault address 0x0bdf05cf.
Processing media-specific event for [iexplore.exe!ws!]
Error: (06/12/2016 06:47:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module sopadv.dll, version 3.1.0.0, fault address 0x000051a9.
Processing media-specific event for [iexplore.exe!ws!]
Error: (06/10/2016 07:31:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application plugin-container.exe, version 46.0.1.5966, faulting module mozglue.dll, version 46.0.1.5966, fault address 0x0000efdc.
Processing media-specific event for [plugin-container.exe!ws!]
System errors:
=============
Error: (07/05/2016 12:03:04 AM) (Source: Schannel) (EventID: 4108) (User: )
Description: The certificate received from the remote server has not validated correctly. The
error code is 0x80096004. The SSL connection request has failed. The attached data contains
the server certificate.
Error: (07/04/2016 10:27:24 PM) (Source: Schannel) (EventID: 4108) (User: )
Description: The certificate received from the remote server has not validated correctly. The
error code is 0x80096004. The SSL connection request has failed. The attached data contains
the server certificate.
Error: (07/04/2016 10:25:36 PM) (Source: 0) (EventID: 15) (User: )
Description: \Device\CdRom3
Error: (07/04/2016 10:25:36 PM) (Source: 0) (EventID: 15) (User: )
Description: \Device\CdRom2
Error: (07/04/2016 10:25:36 PM) (Source: 0) (EventID: 15) (User: )
Description: \Device\CdRom1
Error: (07/04/2016 10:23:22 PM) (Source: Schannel) (EventID: 4108) (User: )
Description: The certificate received from the remote server has not validated correctly. The
error code is 0x80096004. The SSL connection request has failed. The attached data contains
the server certificate.
Error: (07/04/2016 09:21:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The TuneUp Utilities Service service terminated unexpectedly. It has done this 1 time(s).
Error: (07/04/2016 09:21:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The NVIDIA Update Service Daemon service terminated unexpectedly. It has done this 1 time(s).
Error: (07/04/2016 09:21:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The NVIDIA Driver Helper Service service terminated unexpectedly. It has done this 1 time(s).
Error: (07/04/2016 09:21:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Machine Debug Manager service terminated unexpectedly. It has done this 1 time(s).
==================== Memory info ===========================
Processor: Intel® Pentium® 4 CPU 3.20GHz
Percentage of memory in use: 53%
Total physical RAM: 2047.11 MB
Available physical RAM: 947.68 MB
Total Virtual: 3433.26 MB
Available Virtual: 2541.69 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:19.53 GB) (Free:1.61 GB) NTFS ==>[drive with boot components (Windows XP)]
Drive d: () (Fixed) (Total:68.36 GB) (Free:0.24 GB) NTFS
Drive e: () (Fixed) (Total:68.36 GB) (Free:0.23 GB) NTFS
Drive f: (filme) (Fixed) (Total:68.36 GB) (Free:2.57 GB) NTFS
Drive g: () (Fixed) (Total:73.46 GB) (Free:0.32 GB) NTFS
Drive j: (NHL 2005_CD2) (CDROM) (Total:0.46 GB) (Free:0 GB) CDFS
Drive k: (FIFA07) (CDROM) (Total:2.79 GB) (Free:0 GB) UDF
Drive l: (USB DISK) (Removable) (Total:3.61 GB) (Free:0.04 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 298.1 GB) (Disk ID: 00D300D3)
Partition 1: (Active) - (Size=19.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=278.5 GB) - (Type=OF Extended)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 3.6 GB) (Disk ID: C3072E18)
Partition 1: (Not Active) - (Size=3.6 GB) - (Type=0C)
==================== End of Addition.txt ============================