Have a Dell Lattitude D620
Running XP.
Thank you for your help.
Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!
Have a Dell Lattitude D620
Running XP.
Thank you for your help.
Hi monkeyboyblues,
Welcome to Geeks to Go. My name is dbreeze and I'll be helping you with this problem. Before I get into the removal of malware / correction of your problem, I need you to be aware of the following:
- Save ALL Tools to your Desktop-
Quoted from and used by permission of BrianDrab. Thank you.
Not much to go on so far. Can you read through the steps here ( http://www.geekstogo...cleaning-guide/) and provide the FRST.txt and Addition.txt logs please?
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 02-07-2016
Ran by Administrator (administrator) on LATITUDED620 (07-07-2016 13:25:10)
Running from C:\Documents and Settings\Administrator\Desktop
Loaded Profiles: Administrator (Available Profiles: Administrator)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) Language: English (United States)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() C:\WINDOWS\system32\WLTRYSVC.EXE
(Dell Inc.) C:\WINDOWS\system32\BCMWLTRY.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\WINDOWS\system32\scardsvr.exe
(Skype Technologies S.A.) C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
(Dell Inc.) C:\WINDOWS\system32\WLTRAY.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Program Files\Messenger\msmsgs.exe
(FileHippo.com) C:\Program Files\FileHippo.com\UpdateChecker.exe
(FUJIFILM Corporation) C:\Program Files\FinePixViewer\QuickDCF2.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\setup\instup.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SigmatelSysTrayApp] => C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe [405504 2007-05-10] (SigmaTel, Inc.)
HKLM\...\Run: [REGSHAVE] => C:\Program Files\REGSHAVE\REGSHAVE.EXE [53248 2002-02-04] (FUJI PHOTO FILM CO., LTD.)
HKLM\...\Run: [nwiz] => nwiz.exe /installquiet
HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [NVHotkey] => rundll32.exe nvHotkey.dll,Start
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NeroFilterCheck] => C:\WINDOWS\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49152 2005-05-11] (Hewlett-Packard Co.)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\WINDOWS\system32\WLTRAY.exe [2498560 2010-10-29] (Dell Inc.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3774312 2014-04-11] (AVAST Software)
HKLM Group Policy restriction on software: *.ppt.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.com <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.scr <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\RECYCLER\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\RECYCLER\*\*\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.com <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\RECYCLER\*\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.com <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\RECYCLER\*\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.png.pif <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\RECYCLER\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\RECYCLER\*\*\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\RECYCLER\*\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\RECYCLER\*\*\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\RECYCLER\*\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.com <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.com <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.png.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.exe <====== ATTENTION
HKLM Group Policy restriction on software: ** <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.com <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\RECYCLER\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.com <====== ATTENTION
HKLM Group Policy restriction on software: *.png.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.pif <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\RECYCLER\*\*\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.png.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\RECYCLER\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.scr <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.com <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\zalmaninstaller_52330\otshotcomponent39.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\zalmaninstaller_52330\otshotcomponent39.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\zalmaninstaller_52330\otshotcomponent39.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\zalmaninstaller_52330\otshotcomponent39.exe <====== ATTENTION
HKU\S-1-5-21-515967899-1604221776-1417001333-500\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-21-515967899-1604221776-1417001333-500\...\Run: [FileHippo.com] => C:\Program Files\FileHippo.com\UpdateChecker.exe [307712 2012-11-23] (FileHippo.com)
HKU\S-1-5-21-515967899-1604221776-1417001333-500\...\Run: [GoogleDriveSync] => "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
HKU\S-1-5-21-515967899-1604221776-1417001333-500\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [9216 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [DWQueuedReporting] => c:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE [437160 2007-02-26] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2014-01-28] (AVAST Software)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ExifLauncher2.lnk [2011-09-29]
ShortcutTarget: ExifLauncher2.lnk -> C:\Program Files\FinePixViewer\QuickDCF2.exe (FUJIFILM Corporation)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2011-10-04]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 4.2.2.2
Tcpip\..\Interfaces\{3D27322F-F708-4BD9-BFB0-B4DBBD8B4353}: [DhcpNameServer] 192.168.1.1 192.168.0.1
Tcpip\..\Interfaces\{9C365071-9F7B-41CF-AA92-AF6A97F3D08C}: [DhcpNameServer] 8.8.8.8 4.2.2.2
Internet Explorer:
==================
HKU\S-1-5-21-515967899-1604221776-1417001333-500\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope value is missing
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-01-28] (AVAST Software)
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09] (Skype Technologies S.A.)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-01-28] (AVAST Software)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09] (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\ub598o2b.default
FF DefaultSearchEngine: Startpage HTTPS
FF SelectedSearchEngine: Startpage HTTPS
FF Homepage: hxxps://ixquick.com/
FF Session Restore: -> is enabled.
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_22_0_0_207.dll [2016-07-05] ()
FF Plugin: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Documents and Settings\All Users\Application Data\Visan\plugins\npRLSecurePluginLayer.dll [2011-06-07] (RocketLife, LLP)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-07-04] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-07-04] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-02-04] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-02-04] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npLegitCheckPlugin.dll [2009-06-25] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL [2003-07-14] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF SearchPlugin: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\ub598o2b.default\searchplugins\startpage-https.xml [2014-01-19]
FF Extension: Video DownloadHelper - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\ub598o2b.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-07-05]
FF Extension: Adblock Plus - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\ub598o2b.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-07-05]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2016-07-06] [not signed]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2016-07-06] [not signed]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-01-28] [not signed]
FF ExtraCheck: C:\Program Files\mozilla firefox\firefox.cfg [2013-10-20] <==== ATTENTION
Chrome:
=======
CHR Profile: C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-28]
CHR Extension: (Google Drive) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-28]
CHR Extension: (YouTube) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-28]
CHR Extension: (Google Search) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-28]
CHR Extension: (Store) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-01-28]
CHR Extension: (Store) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-01-28]
CHR Extension: (Google Wallet) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-28]
CHR Extension: (Gmail) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-28]
CHR HKLM\...\Chrome\Extension: [daanglpcpkjjlkhcbladppjphglbigam] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-01-28]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-10-09]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-01-28] (AVAST Software)
S2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [69632 2004-09-29] (HP) [File not signed]
R2 Skype C2C Service; C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3275136 2013-10-09] (Skype Technologies S.A.)
R2 wltrysvc; C:\WINDOWS\System32\bcmwltry.exe [2232320 2010-10-29] (Dell Inc.) [File not signed]
S2 XAudioService; C:\WINDOWS\system32\DRIVERS\xaudio.exe [386560 2006-08-04] (Conexant Systems, Inc.) [File not signed]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2014-02-05] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [54832 2014-01-28] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2014-01-19] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [775952 2014-01-28] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [410784 2014-01-28] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57672 2014-01-28] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [180248 2014-01-19] ()
R3 BCM43XX; C:\WINDOWS\System32\DRIVERS\bcmwl5.sys [2649216 2010-10-29] (Broadcom Corporation)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
R3 guardian2; C:\WINDOWS\System32\Drivers\oz776.sys [68696 2007-12-23] (O2Micro)
S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [51120 2005-03-08] (HP)
S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2005-03-08] (HP)
S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21744 2005-03-08] (HP)
R3 HSF_DPV; C:\WINDOWS\System32\DRIVERS\HSX_DPV.sys [986624 2006-10-18] (Conexant Systems, Inc.) [File not signed]
R3 HSXHWAZL; C:\WINDOWS\System32\DRIVERS\HSXHWAZL.sys [206848 2006-10-18] (Conexant Systems, Inc.) [File not signed]
R2 mdmxsdk; C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys [12672 2006-06-19] (Conexant) [File not signed]
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
S3 PCX500; C:\WINDOWS\System32\DRIVERS\pcx500.sys [169984 2008-04-13] (Cisco Systems)
R3 STHDA; C:\WINDOWS\System32\drivers\sthda.sys [1222840 2007-05-10] (SigmaTel, Inc.)
R3 winachsf; C:\WINDOWS\System32\DRIVERS\HSX_CNXT.sys [659968 2006-10-18] (Conexant Systems, Inc.) [File not signed]
R2 XAudio; C:\WINDOWS\System32\DRIVERS\xaudio.sys [8192 2006-08-04] (Conexant Systems, Inc.) [File not signed]
S4 IntelIde; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-07-07 13:25 - 2016-07-07 13:26 - 00027384 _____ C:\Documents and Settings\Administrator\Desktop\FRST.txt
2016-07-07 13:25 - 2016-07-07 13:25 - 00000000 ____D C:\FRST
2016-07-07 13:24 - 2016-07-07 13:24 - 01740288 _____ (Farbar) C:\Documents and Settings\Administrator\Desktop\FRST.exe
2016-07-06 10:00 - 2016-07-06 13:55 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-07-06 09:39 - 2016-07-06 19:16 - 00170200 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-07-06 09:38 - 2016-07-06 09:38 - 00000777 _____ C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2016-07-06 09:37 - 2016-07-06 09:38 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
2016-07-06 09:37 - 2016-07-06 09:37 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2016-07-06 09:37 - 2016-03-10 14:09 - 00123264 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-07-04 10:38 - 2016-07-04 10:46 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\iolo
2016-07-04 10:38 - 2016-07-04 10:45 - 00065536 _____ C:\WINDOWS\system32\config\iolo App.evt
2016-07-04 10:38 - 2016-07-04 10:38 - 00074703 _____ C:\WINDOWS\system32\mfc45.dat
2016-07-04 10:38 - 2016-07-04 10:38 - 00000000 ____D C:\Documents and Settings\Administrator\Application Data\iolo
2016-06-28 20:30 - 2016-06-28 20:30 - 01785094 _____ C:\Documents and Settings\Administrator\Desktop\IMSLP26217-PMLP01595-Beethoven_-_Symphony_No6_in_F_Major_Op68_Pastoral__cello-part_a.pdf
2016-06-28 16:38 - 2016-06-28 16:38 - 00001049 _____ C:\Documents and Settings\Administrator\Desktop\Audio1.nra
2016-06-26 16:40 - 2016-06-26 16:40 - 00400896 _____ C:\Documents and Settings\Administrator\Desktop\CD Cover.zdp
2016-06-22 09:20 - 2016-06-22 09:22 - 16821402 _____ C:\Documents and Settings\Administrator\Desktop\Allison & Guilty.zip
2016-06-18 23:05 - 2016-06-18 23:05 - 02125004 _____ C:\Documents and Settings\Administrator\Desktop\Bach Chorale #65.mp4
2016-06-17 12:26 - 2016-06-18 11:29 - 00050062 _____ C:\Documents and Settings\Administrator\Desktop\Rhythmic Exercise in 3 parts.mus
2016-06-17 09:34 - 2016-06-16 23:19 - 00049278 _____ C:\Documents and Settings\Administrator\Desktop\Sight Singing Intonation Exercise #59.mus
2016-06-16 12:26 - 2016-06-16 12:26 - 11042860 _____ C:\Documents and Settings\Administrator\Desktop\Bach Chorale #65.wav
2016-06-16 10:16 - 2016-06-16 11:46 - 00049190 _____ C:\Documents and Settings\Administrator\Desktop\3rd species counterpoint.mus
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-07-07 13:26 - 2011-04-15 15:06 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Temp
2016-07-07 13:25 - 2014-01-19 13:46 - 00000378 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job
2016-07-07 13:20 - 2014-04-20 17:45 - 00000882 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-07 13:20 - 2011-04-15 15:06 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-07-07 13:17 - 2011-04-15 15:06 - 00000278 ___SH C:\Documents and Settings\Administrator\ntuser.ini
2016-07-07 13:14 - 2014-04-20 17:45 - 00000886 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-07 12:55 - 2011-04-15 15:06 - 00000000 ___RD C:\Documents and Settings\Administrator\My Documents
2016-07-07 12:41 - 2013-09-07 01:09 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-07-07 11:57 - 2012-08-30 18:32 - 00000664 _____ C:\WINDOWS\system32\d3d9caps.dat
2016-07-06 20:12 - 2011-04-15 15:06 - 00032480 _____ C:\WINDOWS\SchedLgU.Txt
2016-07-06 19:15 - 2012-05-23 10:49 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-07-06 10:55 - 2013-10-20 18:58 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\ZalmanInstaller_52330
2016-07-06 09:38 - 2012-06-30 16:14 - 00000000 ____D C:\Documents and Settings\Administrator\Application Data\Malwarebytes
2016-07-06 09:37 - 2012-06-30 16:13 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2016-07-06 09:37 - 2012-06-30 16:13 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
2016-07-06 09:37 - 2012-06-30 16:13 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Malwarebytes
2016-07-05 15:52 - 2012-05-16 19:13 - 00000000 ____D C:\Documents and Settings\Administrator\dwhelper
2016-07-05 09:44 - 2012-07-10 15:25 - 00800448 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2016-07-05 09:44 - 2011-11-18 11:32 - 00143040 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2016-07-05 09:44 - 2011-04-15 14:59 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-07-04 21:52 - 2011-10-05 18:30 - 00000000 ____D C:\Documents and Settings\Administrator\Application Data\vlc
2016-07-04 14:36 - 2011-11-17 00:27 - 00000000 ____D C:\Documents and Settings\Administrator\Application Data\Skype
2016-07-04 14:34 - 2014-01-28 17:13 - 00002265 _____ C:\Documents and Settings\All Users\Desktop\Skype.lnk
2016-07-04 13:59 - 2011-11-14 22:23 - 00000730 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
2016-07-04 13:59 - 2011-04-15 16:14 - 00000724 _____ C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
2016-07-04 10:44 - 2011-04-15 15:26 - 00000000 ____D C:\WINDOWS\system32\ReinstallBackups
2016-07-04 10:44 - 2011-04-15 09:41 - 00000000 ____D C:\WINDOWS\Help
2016-07-03 10:15 - 2015-08-15 14:21 - 00000000 ____D C:\Documents and Settings\Administrator\My Documents\Solutions for Creditors
2016-07-01 10:16 - 2011-04-15 09:50 - 00578438 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-07-01 10:09 - 2008-04-14 08:00 - 00001374 _____ C:\WINDOWS\system32\wpa.dbl
2016-06-26 18:20 - 2012-06-30 18:29 - 00000000 ____D C:\Documents and Settings\Administrator\Application Data\Audacity
2016-06-22 09:23 - 2011-04-15 15:06 - 00000000 ___RD C:\Documents and Settings\Administrator\My Documents\My Music
2016-06-18 23:05 - 2012-05-18 18:51 - 00000000 ____D C:\Documents and Settings\Administrator\Application Data\ConverterLite
==================== Files in the root of some directories =======
2012-05-16 19:21 - 2014-04-01 17:11 - 0019968 _____ () C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-08-13 21:12 - 2012-08-13 21:12 - 0000136 _____ () C:\Documents and Settings\Administrator\Local Settings\Application Data\fusioncache.dat
2013-07-10 23:15 - 2013-11-16 15:15 - 0019472 __RSH () C:\Documents and Settings\All Users\Application Data\3002.abs
2013-07-10 23:15 - 2014-03-18 17:12 - 0000100 __RSH () C:\Documents and Settings\All Users\Application Data\3002.xml
2011-10-04 11:17 - 2012-08-13 21:22 - 0002399 _____ () C:\Documents and Settings\All Users\Application Data\hpzinstall.log
Some files in TEMP:
====================
C:\Documents and Settings\Administrator\Local Settings\Temp\vlc-2.1.3-win32.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 02-07-2016
Ran by Administrator (2016-07-07 13:28:10)
Running from C:\Documents and Settings\Administrator\Desktop
Microsoft Windows XP Professional Service Pack 3 (X86) (2011-04-15 19:02:58)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-515967899-1604221776-1417001333-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
ASPNET (S-1-5-21-515967899-1604221776-1417001333-1003 - Limited - Enabled)
Guest (S-1-5-21-515967899-1604221776-1417001333-501 - Limited - Disabled)
HelpAssistant (S-1-5-21-515967899-1604221776-1417001333-1000 - Limited - Disabled)
SUPPORT_388945a0 (S-1-5-21-515967899-1604221776-1417001333-1002 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Out of date) {7591DB91-41F0-48A3-B128-1A293FD8233D}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
5600 (Version: 50.0.206.000 - Hewlett-Packard) Hidden
5600_Help (Version: 50.0.206.000 - Hewlett-Packard) Hidden
5600Trb (Version: 50.0.206.000 - Hewlett-Packard) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 13.0.0.61 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 22.0.0.207 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
AiO_Scan (Version: 50.0.206.000 - Hewlett-Packard) Hidden
AiOSoftware (Version: 50.0.206.000 - Hewlett-Packard) Hidden
Audacity 2.0 (HKLM\...\Audacity_is1) (Version: - Audacity Team)
avast! Free Antivirus (HKLM\...\Avast) (Version: 9.0.2013 - Avast Software)
Avery DesignPro (HKLM\...\{2CC982C0-7EAE-11D4-ACC3-0050568AD318}) (Version: - )
Broadcom Gigabit Integrated Controller (HKLM\...\{B7F54262-AB66-44B3-88BF-9FC69941B643}) (Version: 8.22.11 - Broadcom Corporation)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6514.5001 - Microsoft Corporation)
ConverterLite 1.4.0 (HKLM\...\ConverterLite) (Version: 1.4.0 - ConverterLite)
ConvertHelper 2.2 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1) (Version: - DownloadHelper)
CP_Package_Variety1 (Version: 53.0.13.000 - Hewlett-Packard) Hidden
CP_Package_Variety2 (Version: 53.0.13.000 - Hewlett-Packard) Hidden
CP_Package_Variety3 (Version: 53.0.13.000 - Hewlett-Packard) Hidden
CustomerResearchQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
Destinations (Version: 53.0.13.000 - Hewlett-Packard) Hidden
DeviceFunctionQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
DeviceManagementQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
DocProc (Version: 5.2.0.0 - Hewlett-Packard) Hidden
DocumentViewer (Version: 53.0.13.000 - Hewlett-Packard) Hidden
DocumentViewerQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
DW WLAN Card Utility (HKLM\...\DW WLAN Card Utility) (Version: 5.60.18.47 - Dell Inc.)
eSupportQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
EZdrummer (HKLM\...\{43E8D9E7-AFC9-4BA3-8106-B95E02B87AB7}) (Version: 1.3.0 - Toontrack)
EZXCocktail (HKLM\...\{147567F0-8575-4BE0-B5B3-62706C67FA5A}) (Version: 1.2.4 - Toontrack)
Fax (Version: 50.0.206.000 - Hewlett-Packard) Hidden
FileHippo.com Update Checker (HKLM\...\FileHippo.com) (Version: - )
Finale NotePad 2012 (HKLM\...\Finale NotePad 2012) (Version: 2012..r1.5 - MakeMusic)
FinePix Studio (HKLM\...\{E3B3AB03-8ABC-46CF-8CA9-DB5581E1F368}) (Version: - )
FinePixViewer Resource (HKLM\...\{B44529FF-501E-47CD-A06D-223C161BE058}) (Version: 1.2 - FUJIFILM Corporation)
FinePixViewer Ver.5.4 (HKLM\...\{24ED4D80-8294-11D5-96CD-0040266301AD}) (Version: 5.4 - FUJIFILM Corporation)
FinePrint (HKLM\...\FinePrint) (Version: 7.04 - FinePrint Software, LLC)
FUJIFILM USB Driver (HKLM\...\{5490882C-6961-11D5-BAE5-00E0188E010B}) (Version: - )
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.30.3 - Google Inc.) Hidden
HP Document Viewer 5.3 (HKLM\...\HP Document Viewer) (Version: 5.3 - HP)
HP Extended Capabilities 5.3 (HKLM\...\HPExtendedCapabilities) (Version: 5.3 - HP)
HP Image Zone Express (HKLM\...\{FE64AE29-0883-4C70-8388-DC026019C900}) (Version: 1.5.1.29 - Hewlett-Packard)
HP Imaging Device Functions 5.3 (HKLM\...\HP Imaging Device Functions) (Version: 5.3 - HP)
HP PSC & OfficeJet 5.3.B (HKLM\...\{5B79CFD1-6845-4158-9D7D-6BE89DF2C135}) (Version: - HP)
HP Solution Center & Imaging Support Tools 5.3 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 5.3 - HP)
HPProductAssistant (Version: 53.0.13.000 - Hewlett-Packard) Hidden
I-Doser Free (HKLM\...\I-Doser) (Version: 5.0 - I-Doser.com)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
MarketResearch (Version: 53.0.13.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 1.1 (HKLM\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 2.0 Service Pack 1 (HKLM\...\{B508B3F1-A24A-32C0-B310-85786919EF28}) (Version: 2.1.21022 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{90110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Midisport 1x1 1.0.1.0 (HKLM\...\MidiSport1x1) (Version: - )
Mozilla Firefox 47.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 47.0.1 (x86 en-US)) (Version: 47.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 47.0.1.6018 - Mozilla)
Nero Suite (HKLM\...\NeroMultiInstaller!UninstallKey) (Version: - )
NetAssistant (Version: 3.6.5 - Freeze.com) Hidden
NetAssistant for Firefox (HKU\S-1-5-21-515967899-1604221776-1417001333-500\...\NetAssistant 3.6.5) (Version: 3.6.5 - Freeze.com)
NewCopy (Version: 50.0.206.000 - Hewlett-Packard) Hidden
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: - )
OZ776 SCR Driver V1.1.4.202 (HKLM\...\InstallShield_{EDC2B89F-3F72-48EA-B63E-985BC51622E4}) (Version: 1.1.4.202 - O2Micro)
OZ776 SCR Driver V1.1.4.202 (Version: 1.1.4.202 - O2Micro) Hidden
PanoStandAlone (Version: 53.0.13.000 - Hewlett-Packard) Hidden
ProductContext (Version: 50.0.206.000 - Hewlett-Packard) Hidden
Readme (Version: 50.0.206.000 - Hewlett-Packard) Hidden
saveansHare (HKLM\...\{62D82EC1-0D3A-DF54-8E3E-07E1337A5311}) (Version: 2.3.0.1859 - savensHaore) <==== ATTENTION
Scan (Version: 5.2.0.0 - Hewlett-Packard) Hidden
ScannerCopy (Version: 5.2.0.0 - Hewlett-Packard) Hidden
SigmaTel Audio (HKLM\...\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}) (Version: 5.10.5210.0 - SigmaTel)
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.13.13771 - Skype Technologies S.A.)
Skype™ 6.14 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
SolutionCenter (Version: 50.0.152.000 - Hewlett-Packard) Hidden
Status (Version: 53.0.13.000 - Hewlett-Packard) Hidden
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Toontrack solo (HKLM\...\{5866520C-8857-4986-833A-039F4584C3F7}) (Version: 1.3.1 - Toontrack)
TrayApp (Version: 53.0.13.000 - Hewlett-Packard) Hidden
Unload (Version: 5.0.0 - Hewlett-Packard) Hidden
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
WebReg (Version: 53.0.13.000 - Hewlett-Packard) Hidden
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray (HKLM\...\KB952011) (Version: 1.0 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - )
ZSMC USB PC Camera (ZS211) (HKLM\...\{44D02D8B-FFB3-4245-8D26-68D10B4C4023}) (Version: 2007.07.05 - ZSMC)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2011-04-15 16:18 - 2010-10-29 10:14 - 00025088 _____ () C:\WINDOWS\System32\WLTRYSVC.EXE
2011-04-15 16:18 - 2010-10-29 10:14 - 00761856 _____ () C:\WINDOWS\System32\bcm1xsup.dll
2014-07-03 16:00 - 2014-07-03 15:03 - 02789888 _____ () C:\Program Files\AVAST Software\Avast\defs\14070301\algo.dll
2011-04-15 16:18 - 2010-10-29 10:14 - 00143360 _____ () C:\WINDOWS\system32\preflib.dll
2014-01-19 13:42 - 2014-01-19 13:42 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2011-09-29 15:12 - 2007-02-16 20:01 - 00081920 _____ () C:\Program Files\FinePixViewer\wia_register_event.dll
2008-04-14 08:00 - 2008-04-14 08:00 - 01288192 _____ () C:\WINDOWS\system32\quartz.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:430C6D84 [127]
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:80337C03 [124]
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2 [109]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\rpcnet => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rpcnet => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2008-04-14 08:00 - 2014-01-19 12:27 - 00000098 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-515967899-1604221776-1417001333-500\Control Panel\Desktop\\Wallpaper -> C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Desktop Background.bmp
DNS Servers: 8.8.8.8 - 4.2.2.2
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
StandardProfile\AuthorizedApplications: [C:\Documents and Settings\Administrator\Application Data\Dropbox\bin\Dropbox.exe] => Enabled:Dropbox
StandardProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe] => Enabled:hpqtra08.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe] => Enabled:hpqste08.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe] => Enabled:hpofxm08.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe] => Enabled:hposfx08.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hposid01.exe] => Enabled:hposid01.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe] => Enabled:hpqscnvw.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe] => Enabled:hpqkygrp.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe] => Enabled:hpqcopy.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe] => Enabled:hpfccopy.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe] => Enabled:hpzwiz01.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe] => Enabled:hpqphunl.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe] => Enabled:hpqdia.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe] => Enabled:hpoews01.exe
StandardProfile\AuthorizedApplications: [C:\WINDOWS\system32\dmwu.exe] => Enabled:dmwu
StandardProfile\AuthorizedApplications: [C:\Program Files\Skype\Phone\Skype.exe] => Enabled:Skype
StandardProfile\AuthorizedApplications: [C:\Program Files\Mozilla Firefox\firefox.exe] => Enabled:Firefox (C:\Program Files\Mozilla Firefox)
==================== Restore Points =========================
11-04-2016 14:39:23 System Checkpoint
22-04-2016 19:05:33 System Checkpoint
23-04-2016 19:30:00 System Checkpoint
26-04-2016 13:51:22 System Checkpoint
27-04-2016 19:15:05 System Checkpoint
29-04-2016 21:13:56 System Checkpoint
11-05-2016 13:18:03 System Checkpoint
20-05-2016 10:11:20 System Checkpoint
26-05-2016 12:11:47 System Checkpoint
28-05-2016 19:42:45 System Checkpoint
31-05-2016 11:37:39 System Checkpoint
04-06-2016 14:07:04 System Checkpoint
06-06-2016 16:31:12 System Checkpoint
08-06-2016 19:54:37 System Checkpoint
15-06-2016 09:57:58 System Checkpoint
16-06-2016 11:16:47 System Checkpoint
17-06-2016 11:42:27 System Checkpoint
26-06-2016 15:16:39 System Checkpoint
28-06-2016 10:22:15 System Checkpoint
29-06-2016 21:56:28 System Checkpoint
02-07-2016 21:44:04 System Checkpoint
03-07-2016 21:57:17 System Checkpoint
06-07-2016 19:54:51 System Checkpoint
==================== Faulty Device Manager Devices =============
Name: Video Controller (VGA Compatible)
Description: Video Controller (VGA Compatible)
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Video Controller
Description: Video Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (07/06/2016 01:53:52 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application mbam.exe, version 2.3.173.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Error: (07/06/2016 01:52:08 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application mbam.exe, version 2.3.173.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Error: (07/04/2016 01:56:34 PM) (Source: crypt32) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
Error: (07/04/2016 01:56:34 PM) (Source: crypt32) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
Error: (07/04/2016 01:54:46 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application firefox.exe, version 31.0.0.5294, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Error: (07/04/2016 01:44:45 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application firefox.exe, version 31.0.0.5294, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Error: (07/04/2016 11:18:14 AM) (Source: crypt32) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
Error: (07/04/2016 11:18:14 AM) (Source: crypt32) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
Error: (07/04/2016 10:02:05 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application mbam.exe, version 1.75.0.1, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Error: (06/16/2016 09:23:27 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application Finale NotePad.exe, version 2012.0.4.1, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
System errors:
=============
Error: (07/07/2016 09:16:18 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: Generate Activation Context failed for C:\Program Files\AVAST Software\Avast\defs\99999999\aswEngin.dll.
Reference error message: The operation completed successfully.
.
Error: (07/07/2016 09:16:18 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: Resolve Partial Assembly failed for Avast.VC140.CRT.
Reference error message: The referenced assembly is not installed on your system.
.
Error: (07/07/2016 09:16:18 AM) (Source: SideBySide) (EventID: 32) (User: )
Description: Dependent Assembly Avast.VC140.CRT could not be found and Last Error was The referenced assembly is not installed on your system.
Error: (07/07/2016 09:08:44 AM) (Source: Dhcp) (EventID: 1002) (User: )
Description: The IP address lease 172.16.0.22 for the Network Card with network address 0016CF6B0602 has been
denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
Error: (07/07/2016 09:08:15 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The XAudioService service failed to start due to the following error:
%%193
Error: (07/06/2016 09:35:14 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: Generate Activation Context failed for C:\Program Files\AVAST Software\Avast\defs\99999999\aswEngin.dll.
Reference error message: The operation completed successfully.
.
Error: (07/06/2016 09:35:14 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: Resolve Partial Assembly failed for Avast.VC140.CRT.
Reference error message: The referenced assembly is not installed on your system.
.
Error: (07/06/2016 09:35:14 AM) (Source: SideBySide) (EventID: 32) (User: )
Description: Dependent Assembly Avast.VC140.CRT could not be found and Last Error was The referenced assembly is not installed on your system.
Error: (07/06/2016 09:30:15 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The XAudioService service failed to start due to the following error:
%%193
Error: (07/05/2016 01:39:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The XAudioService service failed to start due to the following error:
%%193
==================== Memory info ===========================
Processor: Genuine Intel® CPU T2400 @ 1.83GHz
Percentage of memory in use: 65%
Total physical RAM: 1014.11 MB
Available physical RAM: 352.02 MB
Total Virtual: 2963.14 MB
Available Virtual: 2397.8 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:74.53 GB) (Free:42.71 GB) NTFS ==>[drive with boot components (Windows XP)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 74.5 GB) (Disk ID: BFFFBFFF)
Partition 1: (Active) - (Size=74.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
FIRST >>>>
Please go to START (Windows Orb) >> Control Panel >> Uninstall a Program or Programs and Features and remove the following (if listed):
saveansHare
NetAssistant for Firefox
To do so, left clicking on the name once and then click Uninstall/Change at the bar above the list window.
Follow the prompts of the uninstaller BUT please read carefully any questions it asks before answering; some uninstallers will try and deceive you into keeping the software.
SECOND >>>>
Open notepad by pressing the Windows Key + R key, typing notepad in the Run box and pressing Enter. Please copy the contents of the quote box below. To do this highlight the contents of the box and right click on it and select copy. Paste this into the open notepad. Save it to your desktop as fixlist.txt
Start
CreateRestorePoint:
CloseProcesses:
SearchScopes: HKLM -> DefaultScope value is missing
FF DefaultSearchEngine: Startpage HTTPS
FF SelectedSearchEngine: Startpage HTTPS
FF Session Restore: -> is enabled.
FF SearchPlugin: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\ub598o2b.default\searchplugins\startpage-https.xml [2014-01-19]
C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\ub598o2b.default\searchplugins\startpage-https.xml
FF ExtraCheck: C:\Program Files\mozilla firefox\firefox.cfg [2013-10-20] <==== ATTENTION
CHR Extension: (Store) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-01-28]
CHR Extension: (Store) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-01-28]
CHR Extension: (Google Wallet) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-28]
S4 IntelIde; no ImagePath
C:\Documents and Settings\Administrator\Local Settings\Temp\vlc-2.1.3-win32.exe
NetAssistant (Version: 3.6.5 - Freeze.com) Hidden
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:430C6D84 [127]
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:80337C03 [124]
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2 [109]
cmd: ipconfig /flushdns
cmd: netsh advfirewall reset
cmd: netsh advfirewall set allprofiles state on
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
CMD: bitsadmin /reset /allusers
RemoveProxy:
EmptyTemp:
Reboot:
end
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
Start FRST that is on the desktop by right clicking on file and selecting "Run as Administrator..." and press the Fix button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.
LAST >>>>
Junkware Removal Tool
Please download JRT from here to your desktop.
Note: Temporarily disable/shut down your protection software now to avoid potential conflicts, how to do so can be read here.
Double click the JRT.exe file to run the application.
The application will open an Command Prompt window and run from there (this is normal for this program, so not to be alarmed).
When it is asked, press any key to allow the program to continue / run.
This will create a log on the desktop; please copy and paste the JRT.txt log text in your next post.
Note: After the log file is created, please enable your protection software / reboot your system and verify your protection software is enabled.
Fix result of Farbar Recovery Scan Tool (x86) Version: 09-07-2016
Ran by Administrator (2016-07-09 12:24:11) Run:1
Running from C:\Documents and Settings\Administrator\Desktop
Loaded Profiles: Administrator (Available Profiles: Administrator)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
SearchScopes: HKLM -> DefaultScope value is missing
FF DefaultSearchEngine: Startpage HTTPS
FF SelectedSearchEngine: Startpage HTTPS
FF Session Restore: -> is enabled.
FF SearchPlugin: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\ub598o2b.default\searchplugins\startpage-https.xml [2014-01-19]
C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\ub598o2b.default\searchplugins\startpage-https.xml
FF ExtraCheck: C:\Program Files\mozilla firefox\firefox.cfg [2013-10-20] <==== ATTENTION
CHR Extension: (Store) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-01-28]
CHR Extension: (Store) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-01-28]
CHR Extension: (Google Wallet) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-28]
S4 IntelIde; no ImagePath
C:\Documents and Settings\Administrator\Local Settings\Temp\vlc-2.1.3-win32.exe
NetAssistant (Version: 3.6.5 - Freeze.com) Hidden
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:430C6D84 [127]
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:80337C03 [124]
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2 [109]
cmd: ipconfig /flushdns
cmd: netsh advfirewall reset
cmd: netsh advfirewall set allprofiles state on
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
CMD: bitsadmin /reset /allusers
RemoveProxy:
EmptyTemp:
Reboot:
end
*****************
Restore point was successfully created.
Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
Firefox DefaultSearchEngine removed successfully.
Firefox SelectedSearchEngine removed successfully.
FF Session Restore: -> removed successfully.
C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\ub598o2b.default\searchplugins\startpage-https.xml => moved successfully
"C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\ub598o2b.default\searchplugins\startpage-https.xml" => not found.
C:\Program Files\mozilla firefox\firefox.cfg => moved successfully
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki => moved successfully
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl => moved successfully
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda => moved successfully
IntelIde => service removed successfully.
C:\Documents and Settings\Administrator\Local Settings\Temp\vlc-2.1.3-win32.exe => moved successfully
C:\Documents and Settings\All Users\Application Data\TEMP => ":430C6D84" ADS removed successfully..
C:\Documents and Settings\All Users\Application Data\TEMP => ":80337C03" ADS removed successfully..
C:\Documents and Settings\All Users\Application Data\TEMP => ":DFC5A2B2" ADS removed successfully..
========= ipconfig /flushdns =========
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
========= End of CMD: =========
========= netsh advfirewall reset =========
The following command was not found: advfirewall reset.
========= End of CMD: =========
========= netsh advfirewall set allprofiles state on =========
The following command was not found: advfirewall set allprofiles state on.
========= End of CMD: =========
========= reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========
The operation completed successfully
========= End of Reg: =========
========= reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========
The operation completed successfully
========= End of Reg: =========
========= bitsadmin /reset /allusers =========
'bitsadmin' is not recognized as an internal or external command,
operable program or batch file.
========= End of CMD: =========
========= RemoveProxy: =========
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully.
HKU\S-1-5-21-515967899-1604221776-1417001333-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully.
HKU\S-1-5-21-515967899-1604221776-1417001333-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully.
========= End of RemoveProxy: =========
=========== EmptyTemp: ==========
BITS transfer queue => 13552 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache => 139841 B
Java, Flash, Steam htmlcache => 1237 B
Windows/system/dllcache/drivers => 10745482 B
Edge => 0 B
Chrome => 7369236 B
Firefox => 377848344 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default User => 32994 B
All Users => 0 B
systemprofile => 32994 B
LocalService => 977 B
NetworkService => 76364 B
Administrator => 2926310440 B
RecycleBin => 615158998 B
EmptyTemp: => 3.7 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 12:33:40 ====
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.7 (07.03.2016)
Operating System: Microsoft Windows XP x86
Ran by Administrator (Administrator) on Sat 07/09/2016 at 12:41:33.48
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 9
Successfully deleted: C:\user.js (File)
Successfully deleted: C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\A4JHW1EB (Temporary Internet Files Folder)
Successfully deleted: C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\NBCU8S57 (Temporary Internet Files Folder)
Successfully deleted: C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\NMSPKGKF (Temporary Internet Files Folder)
Successfully deleted: C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\UDBDMCSK (Temporary Internet Files Folder)
Successfully deleted: C:\WINDOWS\System32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\A4JHW1EB (Temporary Internet Files Folder)
Successfully deleted: C:\WINDOWS\System32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\NBCU8S57 (Temporary Internet Files Folder)
Successfully deleted: C:\WINDOWS\System32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\NMSPKGKF (Temporary Internet Files Folder)
Successfully deleted: C:\WINDOWS\System32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\UDBDMCSK (Temporary Internet Files Folder)
Deleted the following from C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\ub598o2b.default\prefs.js
user_pref(CT2704262.RSSapp2704262a129531303481232105000000cat3, %5B%7B%22type%22%3A%22rss%22%2C%22version%22%3A%222.0%22%2C%22title%22%3A%22TechCrunch%22%2C%22link%22%3A%22
user_pref(browser.startup.homepage, hxxps://ixquick.com/);
user_pref(valueApps.storage.mam_gk_userId, 30626635623362332D666438662D346261352D613931352D636661653566316335373339);
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 07/09/2016 at 12:48:06.59
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Nothing found on Adware Cleaner of Malware Bytes.
Internet is running pretty good now thanks.
The only issue is the long lag when bringing up the Shut Down Menu.
And the long lag when shutting down the computer.
Let's take a look at some things that could be affecting that system lag:
FIRST >>>>
Please download Farbar Service Scanner to your desktop and double click on the file to run it.
SECOND >>>>
Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
Farbar Service Scanner Version: 27-01-2016
Ran by Administrator (administrator) on 14-07-2016 at 11:19:15
Running from "C:\Documents and Settings\Administrator\Desktop"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
Windows Firewall:
=============
Firewall Disabled Policy:
==================
System Restore:
============
System Restore Policy:
========================
Security Center:
============
Windows Update:
============
Windows Autoupdate Disabled Policy:
============================
Other Services:
==============
File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\afd.sys => File is digitally signed
C:\WINDOWS\system32\Drivers\netbt.sys => File is digitally signed
C:\WINDOWS\system32\Drivers\tcpip.sys => File is digitally signed
C:\WINDOWS\system32\Drivers\ipsec.sys => File is digitally signed
C:\WINDOWS\system32\dnsrslvr.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\ipnathlp.dll => File is digitally signed
C:\WINDOWS\system32\netman.dll => File is digitally signed
C:\WINDOWS\system32\wbem\WMIsvc.dll => File is digitally signed
C:\WINDOWS\system32\srsvc.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\sr.sys => File is digitally signed
C:\WINDOWS\system32\wscsvc.dll => File is digitally signed
C:\WINDOWS\system32\wbem\WMIsvc.dll => File is digitally signed
C:\WINDOWS\system32\wuauserv.dll => File is digitally signed
C:\WINDOWS\system32\qmgr.dll => File is digitally signed
C:\WINDOWS\system32\es.dll => File is digitally signed
C:\WINDOWS\system32\cryptsvc.dll => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
Extra List:
=======
aswTdi(8) Gpc(3) IPSec(5) NetBT(6) PSched(7) Tcpip(4)
0x080000000500000001000000020000000300000004000000080000000600000007000000
IpSec Tag value is correct.
**** End of log ****
MiniToolBox by Farbar Version: 17-06-2016
Ran by Administrator (administrator) on 14-07-2016 at 11:21:11
Running from "C:\Documents and Settings\Administrator\Desktop"
Microsoft Windows XP Professional Service Pack 3 (X86)
Model: Latitude D620 Manufacturer: Dell Inc.
Boot Mode: Normal
***************************************************************************
========================= Flush DNS: ===================================
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
========================= IE Proxy Settings: ==============================
Proxy is not enabled.
No Proxy Server is set.
========================= FF Proxy Settings: ==============================
========================= Hosts content: =================================
127.0.0.1 localhost
========================= IP Configuration: ================================
Dell Wireless 1490 Dual Band WLAN Mini-Card = Wireless Network Connection 4 (Connected)
Broadcom NetXtreme 57xx Gigabit Controller = Local Area Connection (Media disconnected)
# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip
# Interface IP Configuration for "Local Area Connection"
set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp
# Interface IP Configuration for "Wireless Network Connection 4"
set address name="Wireless Network Connection 4" source=dhcp
set dns name="Wireless Network Connection 4" source=dhcp register=PRIMARY
set wins name="Wireless Network Connection 4" source=dhcp
popd
# End of interface IP configuration
Windows IP Configuration
Host Name . . . . . . . . . . . . : latituded620
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
Ethernet adapter Local Area Connection:
Media State . . . . . . . . . . . : Media disconnected
Description . . . . . . . . . . . : Broadcom NetXtreme 57xx Gigabit Controller
Physical Address. . . . . . . . . : 00-15-C5-53-31-2A
Ethernet adapter Wireless Network Connection 4:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Dell Wireless 1490 Dual Band WLAN Mini-Card
Physical Address. . . . . . . . . : 00-16-CF-6B-06-02
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.168.1.153
Subnet Mask . . . . . . . . . . . : 255.255.252.0
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 8.8.8.8
4.2.2.2
Lease Obtained. . . . . . . . . . : Thursday, July 14, 2016 11:03:12 AM
Lease Expires . . . . . . . . . . : Thursday, July 14, 2016 12:03:12 PM
Server: google-public-dns-a.google.com
Address: 8.8.8.8
Name: google.com
Address: 172.217.4.78
Pinging google.com [172.217.4.78] with 32 bytes of data:
Reply from 172.217.4.78: bytes=32 time=12ms TTL=55
Reply from 172.217.4.78: bytes=32 time=12ms TTL=55
Ping statistics for 172.217.4.78:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 12ms, Maximum = 12ms, Average = 12ms
Server: google-public-dns-a.google.com
Address: 8.8.8.8
Name: yahoo.com
Addresses: 98.139.183.24, 98.138.253.109, 206.190.36.45
Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=23ms TTL=48
Reply from 98.139.183.24: bytes=32 time=22ms TTL=48
Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 22ms, Maximum = 23ms, Average = 22ms
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 15 c5 53 31 2a ...... Broadcom NetXtreme 57xx Gigabit Controller - Packet Scheduler Miniport
0x3 ...00 16 cf 6b 06 02 ...... Dell Wireless 1490 Dual Band WLAN Mini-Card - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.153 25
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.0.0 255.255.252.0 192.168.1.153 192.168.1.153 25
192.168.1.153 255.255.255.255 127.0.0.1 127.0.0.1 25
192.168.1.255 255.255.255.255 192.168.1.153 192.168.1.153 25
224.0.0.0 240.0.0.0 192.168.1.153 192.168.1.153 25
255.255.255.255 255.255.255.255 192.168.1.153 2 1
255.255.255.255 255.255.255.255 192.168.1.153 192.168.1.153 1
Default Gateway: 192.168.1.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================
Catalog5 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\system32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
========================= Event log errors: ===============================
Application errors:
==================
Error: (07/13/2016 03:28:00 PM) (Source: Application Hang) (User: )
Description: Hanging application firefox.exe, version 47.0.1.6018, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Error: (07/11/2016 07:46:32 PM) (Source: Application Hang) (User: )
Description: Hanging application mbam.exe, version 2.3.173.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Error: (07/11/2016 07:40:09 PM) (Source: Application Hang) (User: )
Description: Hanging application nero.exe, version 6.6.0.13, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Error: (07/11/2016 04:25:55 PM) (Source: Application Hang) (User: )
Description: Hanging application mbam.exe, version 2.3.173.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Error: (07/11/2016 04:23:28 PM) (Source: Application Hang) (User: )
Description: Hanging application mbam.exe, version 2.3.173.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Error: (07/11/2016 04:22:16 PM) (Source: Application Hang) (User: )
Description: Hanging application mbam.exe, version 2.3.173.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Error: (07/10/2016 04:54:09 PM) (Source: Application Hang) (User: )
Description: Hanging application mbam.exe, version 2.3.173.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
System errors:
=============
Error: (07/14/2016 09:46:45 AM) (Source: SideBySide) (User: )
Description: Generate Activation Context failed for C:\Program Files\AVAST Software\Avast\defs\99999999\aswEngin.dll.
Reference error message: The operation completed successfully.
.
Error: (07/14/2016 09:46:45 AM) (Source: SideBySide) (User: )
Description: Resolve Partial Assembly failed for Avast.VC140.CRT.
Reference error message: The referenced assembly is not installed on your system.
.
Error: (07/14/2016 09:46:45 AM) (Source: SideBySide) (User: )
Description: Dependent Assembly Avast.VC140.CRT could not be found and Last Error was The referenced assembly is not installed on your system.
Error: (07/14/2016 09:31:15 AM) (Source: Service Control Manager) (User: )
Description: The XAudioService service failed to start due to the following error:
%%193
Error: (07/13/2016 10:01:11 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: The server {9B1F122C-2982-4E91-AA8B-E071D54F2A4D} did not register with DCOM within the required timeout.
Error: (07/13/2016 09:58:38 PM) (Source: DCOM) (User: LATITUDED620)
Description: The server {9B1F122C-2982-4E91-AA8B-E071D54F2A4D} did not register with DCOM within the required timeout.
Error: (07/13/2016 09:17:41 PM) (Source: Dhcp) (User: )
Description: Your computer was not assigned an address from the network (by the DHCP
Server) for the Network Card with network address 0016CF6B0602. The following error
occurred:
%%1223 = The operation was canceled by the user.
.
Your computer will continue to try and obtain an address on its own from
the network address (DHCP) server.
Error: (07/13/2016 08:31:01 PM) (Source: Service Control Manager) (User: )
Description: The XAudioService service failed to start due to the following error:
%%193
Error: (07/13/2016 03:39:05 PM) (Source: SideBySide) (User: )
Description: Generate Activation Context failed for C:\Program Files\AVAST Software\Avast\defs\99999999\aswEngin.dll.
Reference error message: The operation completed successfully.
.
Error: (07/13/2016 03:39:05 PM) (Source: SideBySide) (User: )
Description: Resolve Partial Assembly failed for Avast.VC140.CRT.
Reference error message: The referenced assembly is not installed on your system.
.
Microsoft Office Sessions:
=========================
Error: (07/13/2016 03:28:00 PM) (Source: Application Hang)(User: )
Description: firefox.exe47.0.1.6018hungapp0.0.0.000000000
Error: (07/11/2016 07:46:32 PM) (Source: Application Hang)(User: )
Description: mbam.exe2.3.173.0hungapp0.0.0.000000000
Error: (07/11/2016 07:40:09 PM) (Source: Application Hang)(User: )
Description: nero.exe6.6.0.13hungapp0.0.0.000000000
Error: (07/11/2016 04:25:55 PM) (Source: Application Hang)(User: )
Description: mbam.exe2.3.173.0hungapp0.0.0.000000000
Error: (07/11/2016 04:23:28 PM) (Source: Application Hang)(User: )
Description: mbam.exe2.3.173.0hungapp0.0.0.000000000
Error: (07/11/2016 04:22:16 PM) (Source: Application Hang)(User: )
Description: mbam.exe2.3.173.0hungapp0.0.0.000000000
Error: (07/10/2016 04:54:09 PM) (Source: Application Hang)(User: )
Description: mbam.exe2.3.173.0hungapp0.0.0.000000000
=========================== Installed Programs ============================
5600 (HKLM\...\{2466E904-7E48-4597-9321-722CF02930EB}) (Version: 50.0.206.000 - Hewlett-Packard) Hidden
5600_Help (HKLM\...\{CC7984C5-020D-4944-85A0-58D09D4A8BFB}) (Version: 50.0.206.000 - Hewlett-Packard) Hidden
5600Trb (HKLM\...\{BFD5AC8A-5884-4da8-9873-3DF8E3DCCE18}) (Version: 50.0.206.000 - Hewlett-Packard) Hidden
Adobe AIR (HKLM\...\{0A3925EA-5B0E-401B-A189-7419149747B2}) (Version: 13.0.0.61 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 13.0.0.61 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 22.0.0.207 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
AiO_Scan (HKLM\...\{0B33B738-AD79-4E32-90C5-E67BFB10BBFF}) (Version: 50.0.206.000 - Hewlett-Packard) Hidden
AiOSoftware (HKLM\...\{7850A6D2-CBEA-4728-9877-F1BEDEA9F619}) (Version: 50.0.206.000 - Hewlett-Packard) Hidden
Audacity 2.0 (HKLM\...\Audacity_is1) (Version: - Audacity Team)
avast! Free Antivirus (HKLM\...\Avast) (Version: 9.0.2013 - Avast Software)
Avery DesignPro (HKLM\...\{2CC982C0-7EAE-11D4-ACC3-0050568AD318}) (Version: - )
Broadcom Gigabit Integrated Controller (HKLM\...\{B7F54262-AB66-44B3-88BF-9FC69941B643}) (Version: 8.22.11 - Broadcom Corporation)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6514.5001 - Microsoft Corporation)
ConverterLite 1.4.0 (HKLM\...\ConverterLite) (Version: 1.4.0 - ConverterLite)
ConvertHelper 2.2 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1) (Version: - DownloadHelper)
CP_Package_Variety1 (HKLM\...\{0611BD4E-4FE4-4a62-B0C0-18A4CC463428}) (Version: 53.0.13.000 - Hewlett-Packard) Hidden
CP_Package_Variety2 (HKLM\...\{B824B5C9-849F-4b9e-9EA7-6FD8CD8116DA}) (Version: 53.0.13.000 - Hewlett-Packard) Hidden
CP_Package_Variety3 (HKLM\...\{1C139D7D-9FEA-468d-A9C8-2A6E3BDE564A}) (Version: 53.0.13.000 - Hewlett-Packard) Hidden
CustomerResearchQFolder (HKLM\...\{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
Destinations (HKLM\...\{09984AEC-6B9F-4ca7-B78D-CB44D4771DA3}) (Version: 53.0.13.000 - Hewlett-Packard) Hidden
DeviceFunctionQFolder (HKLM\...\{5F26311C-B135-4F7F-B11E-8E650F83651E}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
DeviceManagementQFolder (HKLM\...\{AB5D51AE-EBC3-438D-872C-705C7C2084B0}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
DocProc (HKLM\...\{6BB6627C-694F-4FDC-A3E5-C7F4BED4C724}) (Version: 5.2.0.0 - Hewlett-Packard) Hidden
DocumentViewer (HKLM\...\{172975EB-9465-4861-95B5-C7BB6D3DE62A}) (Version: 53.0.13.000 - Hewlett-Packard) Hidden
DocumentViewerQFolder (HKLM\...\{7C03270C-4FAB-4F5C-B10D-52FEDA190790}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
DW WLAN Card Utility (HKLM\...\DW WLAN Card Utility) (Version: 5.60.18.47 - Dell Inc.)
eSupportQFolder (HKLM\...\{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
EZdrummer (HKLM\...\{43E8D9E7-AFC9-4BA3-8106-B95E02B87AB7}) (Version: 1.3.0 - Toontrack)
EZXCocktail (HKLM\...\{147567F0-8575-4BE0-B5B3-62706C67FA5A}) (Version: 1.2.4 - Toontrack)
Fax (HKLM\...\{CE24344F-DFD8-40C8-8FD8-C9740B5F25AC}) (Version: 50.0.206.000 - Hewlett-Packard) Hidden
FileHippo.com Update Checker (HKLM\...\FileHippo.com) (Version: - )
Finale NotePad 2012 (HKLM\...\Finale NotePad 2012) (Version: 2012..r1.5 - MakeMusic)
FinePix Studio (HKLM\...\{E3B3AB03-8ABC-46CF-8CA9-DB5581E1F368}) (Version: - )
FinePixViewer Resource (HKLM\...\{B44529FF-501E-47CD-A06D-223C161BE058}) (Version: 1.2 - FUJIFILM Corporation)
FinePixViewer Ver.5.4 (HKLM\...\{24ED4D80-8294-11D5-96CD-0040266301AD}) (Version: 5.4 - FUJIFILM Corporation)
FinePrint (HKLM\...\FinePrint) (Version: 7.04 - FinePrint Software, LLC)
FUJIFILM USB Driver (HKLM\...\{5490882C-6961-11D5-BAE5-00E0188E010B}) (Version: - )
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.30.3 - Google Inc.) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.24.15 - Google Inc.) Hidden
HP Document Viewer 5.3 (HKLM\...\HP Document Viewer) (Version: 5.3 - HP)
HP Extended Capabilities 5.3 (HKLM\...\HPExtendedCapabilities) (Version: 5.3 - HP)
HP Image Zone Express (HKLM\...\{FE64AE29-0883-4C70-8388-DC026019C900}) (Version: 1.5.1.29 - Hewlett-Packard)
HP Imaging Device Functions 5.3 (HKLM\...\HP Imaging Device Functions) (Version: 5.3 - HP)
HP PSC & OfficeJet 5.3.B (HKLM\...\{5B79CFD1-6845-4158-9D7D-6BE89DF2C135}) (Version: - HP)
HP Solution Center & Imaging Support Tools 5.3 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 5.3 - HP)
HPProductAssistant (HKLM\...\{E3F90083-80D4-4b5a-87C7-E97E12F5516D}) (Version: 53.0.13.000 - Hewlett-Packard) Hidden
I-Doser Free (HKLM\...\I-Doser) (Version: 5.0 - I-Doser.com)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
MarketResearch (HKLM\...\{5B622B7A-60FB-4630-B11D-F121D20BCCD6}) (Version: 53.0.13.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 1.1 (HKLM\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 2.0 Service Pack 1 (HKLM\...\{B508B3F1-A24A-32C0-B310-85786919EF28}) (Version: 2.1.21022 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{90110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Midisport 1x1 1.0.1.0 (HKLM\...\MidiSport1x1) (Version: - )
Mozilla Firefox 47.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 47.0.1 (x86 en-US)) (Version: 47.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 47.0.1.6018 - Mozilla)
Nero Suite (HKLM\...\NeroMultiInstaller!UninstallKey) (Version: - )
NewCopy (HKLM\...\{54E3707F-808E-4fd4-95C9-15D1AB077E5D}) (Version: 50.0.206.000 - Hewlett-Packard) Hidden
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: - )
OZ776 SCR Driver V1.1.4.202 (HKLM\...\{EDC2B89F-3F72-48EA-B63E-985BC51622E4}) (Version: 1.1.4.202 - O2Micro) Hidden
OZ776 SCR Driver V1.1.4.202 (HKLM\...\InstallShield_{EDC2B89F-3F72-48EA-B63E-985BC51622E4}) (Version: 1.1.4.202 - O2Micro)
PanoStandAlone (HKLM\...\{B4D279F1-4309-49cc-A4B5-3A0D2E59C7B5}) (Version: 53.0.13.000 - Hewlett-Packard) Hidden
ProductContext (HKLM\...\{7C9B95B7-B598-4398-B30F-7F6827192E6C}) (Version: 50.0.206.000 - Hewlett-Packard) Hidden
Readme (HKLM\...\{923A7F5A-1E8C-4FBE-8DF6-85940A60A79F}) (Version: 50.0.206.000 - Hewlett-Packard) Hidden
Scan (HKLM\...\{C506A18C-1469-4678-B094-F4EC9DAE6DB7}) (Version: 5.2.0.0 - Hewlett-Packard) Hidden
ScannerCopy (HKLM\...\{A195B13E-A5E3-4BAF-A995-7F70F445CD06}) (Version: 5.2.0.0 - Hewlett-Packard) Hidden
SigmaTel Audio (HKLM\...\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}) (Version: 5.10.5210.0 - SigmaTel)
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.13.13771 - Skype Technologies S.A.)
Skype™ 6.14 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
SolutionCenter (HKLM\...\{EA103B64-C0E4-4C0E-A506-751590E1653D}) (Version: 50.0.152.000 - Hewlett-Packard) Hidden
Status (HKLM\...\{F4C2E5F5-2970-45f4-ABD3-C180C4D961C4}) (Version: 53.0.13.000 - Hewlett-Packard) Hidden
swMSM (HKLM\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Toontrack solo (HKLM\...\{5866520C-8857-4986-833A-039F4584C3F7}) (Version: 1.3.1 - Toontrack)
TrayApp (HKLM\...\{30C19FF2-7FBA-4d09-B9DE-1659977F64F6}) (Version: 53.0.13.000 - Hewlett-Packard) Hidden
Unload (HKLM\...\{2CADCEAB-D5DA-44D6-B5FC-7DEE87AB3C0C}) (Version: 5.0.0 - Hewlett-Packard) Hidden
Update for Windows Internet Explorer 8 (KB2598845) (HKLM\...\KB2598845-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2467659) (HKLM\...\KB2467659) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB898461) (HKLM\...\KB898461) (Version: 1 - Microsoft Corporation)
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WebFldrs XP (HKLM\...\{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}) (Version: 9.50.7523 - Microsoft Corporation) Hidden
WebReg (HKLM\...\{56F8AFC3-FA98-4ff1-9673-8A026CBF85BE}) (Version: 53.0.13.000 - Hewlett-Packard) Hidden
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray (HKLM\...\KB952011) (Version: 1.0 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - )
ZSMC USB PC Camera (ZS211) (HKLM\...\{44D02D8B-FFB3-4245-8D26-68D10B4C4023}) (Version: 2007.07.05 - ZSMC)
========================= Devices: ================================
Name: Video Controller (VGA Compatible)
Description: Video Controller (VGA Compatible)
Class Guid:
Manufacturer:
Service:
Device ID: PCI\VEN_8086&DEV_27A2&SUBSYS_01C21028&REV_03\3&61AAA01&0&10
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Video Controller
Description: Video Controller
Class Guid:
Manufacturer:
Service:
Device ID: PCI\VEN_8086&DEV_27A6&SUBSYS_01C21028&REV_03\3&61AAA01&0&11
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
========================= Memory info: ===================================
Percentage of memory in use: 80%
Total physical RAM: 1014.11 MB
Available physical RAM: 194.92 MB
Total Virtual: 2963.14 MB
Available Virtual: 2097.43 MB
========================= Partitions: =====================================
1 Drive c: () (Fixed) (Total:74.53 GB) (Free:45.33 GB) NTFS
========================= Users: ========================================
User accounts for \\LATITUDED620
Administrator ASPNET Guest
HelpAssistant SUPPORT_388945a0
========================= Minidump Files ==================================
C:\WINDOWS\Minidump\Mini122813-01.dmp
========================= Restore Points ==================================
22-04-2016 23:05:33 System Checkpoint
23-04-2016 23:30:00 System Checkpoint
26-04-2016 17:51:22 System Checkpoint
27-04-2016 23:15:05 System Checkpoint
30-04-2016 01:13:56 System Checkpoint
11-05-2016 17:18:03 System Checkpoint
20-05-2016 14:11:20 System Checkpoint
26-05-2016 16:11:47 System Checkpoint
28-05-2016 23:42:45 System Checkpoint
31-05-2016 15:37:39 System Checkpoint
04-06-2016 18:07:04 System Checkpoint
06-06-2016 20:31:12 System Checkpoint
08-06-2016 23:54:37 System Checkpoint
15-06-2016 13:57:58 System Checkpoint
16-06-2016 15:16:47 System Checkpoint
17-06-2016 15:42:27 System Checkpoint
26-06-2016 19:16:39 System Checkpoint
28-06-2016 14:22:15 System Checkpoint
30-06-2016 01:56:28 System Checkpoint
03-07-2016 01:44:04 System Checkpoint
04-07-2016 01:57:17 System Checkpoint
06-07-2016 23:54:51 System Checkpoint
08-07-2016 13:54:31 Removed NetAssistant
09-07-2016 16:24:19 Restore Point Created by FRST
09-07-2016 16:41:41 JRT Pre-Junkware Removal
10-07-2016 23:06:49 System Checkpoint
11-07-2016 23:35:41 System Checkpoint
13-07-2016 01:16:08 System Checkpoint
**** End of log ****
The log says there is no video driver installed. If you go to START > Control Panel > Device Manager, is there a yellow triangle on the video (display) adapter? Expand the line to get to the graphic card and double click on it. Under Driver, click on Update Driver and follow the prompts. Once this updates the driver, reboot your system and see if that helps.
Dell shows three different drivers for a D620 Latitude ( http://www.dell.com/...rivers/advanced). They may even have a working tool on the site to detect and repair device drivers.
It appears I updated the driver but shut down still very slow.
Actually, for now, it would be best to removal our Malware Removal tools and let you post in the XP support section. While competent in Malware Removal, I am no where near the expertise that our Technical staff has with Hardware / OS issues.
All right!! Your logs are clean and you're good to go now!! We've got some final steps left to do to clean up our tools and get your system in good running condition and then you are on your way. I must say though, even though we met through less than ideal circumstances, it has been really great to work with you. Thanks.
Clean up of Malware Removal Tools
Now that we are through using these tools, let's clean them off your system so that should you ever need to have malware removed again (we hope not) fresh, updated copies will be downloaded.
The program will run for a few moments and then notepad will open with a log. Please paste the log in your next reply
You can delete any log files left on your desktop as these are no longer needed.
Keep Windows Updated
Please make sure you follow this and activate the Update function to get all the available updates as Microsoft has been known to release some support updates for XP.
If you want to change the view of the Control Panel display, click on the View by: in the upper right hand corner and select an option you prefer.
Keep other Important Programs Updated
Along with keeping Windows updated, it is a good idea to keep important programs updated. Java and Adobe Reader both need to be kept updated to the latest versions; malware writers utilize exploits in the unpatched versions to their advantages.
Java
Most security experts and the US CERT (part of the US Homeland Security) now recommend that users uninstall Java from their systems; if you don't have any programs that need Java on your system, you are safe to do this. You can read some of the articles on this here and here. I strongly suggest you uninstall Java unless you need it run certain software; in that case I would recommend that you disable or unplug Java from your web browsers and only enable it when you need it.
To disable / unplug Java in your browsers:
To uninstall Java (on Win XP):
If more than one version of Java shows in your program list, you should repeat the selection and uninstall until all of them are removed.
To check for the latest version of Java and installation steps:
Adobe Reader
Adobe Reader is the second most targeted (by malware) common software. If all you ever do with Adobe Reader is view PDF files, then please consider replacing it with a lighter, free PDF reader that is not exploitable. One that we recommend is Sumatra PDF.
To update Adobe Reader:
Consider a program that will check for out-of-date programs on your system
Some programs don't have update checks built in or make you run the application to start the check for updates process. An easier way to stay on top of the current versions of your installed programs is to use a version checking program like Update Checker from FileHippo.com (you can get the software from here and read more about it on the same page).
You are now done!
Now some information on programs to help keep you safe:
I know that you have a Malware Protection Suite from Rogers running on your system now; should you ever stop using that, here is some points to consider:
First, an Antivirus program. You NEED one; free is just as good as paid-for as long as you keep them updated. ONLY use one at a time as having more than that will cause system problems. Here are some free ones to check out:
Avast! Free Antivirus
Avira Free Antivirus
Next, a firewall is a must have now-a-days. For XP, you need a third party firewall; the built in firewall in Vista /Windows 7 is fine (just make sure it is turned on (Start > Control Panel > Windows Firewall)). Or, if you like, you could choose one of the free ones listed here:
Zone Alarm Free Firewall
=== options ====
Unchecky is a small service that runs in the background to help keep those "extra toolbars" and tag along search engines from automatically installing. By automatically directing you to a custom install with all the options unchecked, only what you manually choose and confirm gets installed.
CryptoPrevent is a free program that prevents CryptoLocker / ransomware from infecting your PC by locking down the OS so the malware can not get a grip on your system. You can read the details about this program here.
Also, consider keep MalwareBytes Antimalware to your arsenal of safe keeping programs. Use the free version (not the paid or trial version) and you won't have a problem with your antivirus scanner program. Keep it updated and run a scan with it once a week.
Lastly, if you use Firefox as your main web browser, consider adding the NoScript and AdBlockPlus add-ons to the browser to block scripting hijacks and remove unwanted ads from the pages you view.
You may also find some information and tips at this thread: How did I get infected in the first place?
Also, I noticed that your system was running low on available free memory (when we first started the cleaning process). How is your system running now? If you still find it a little slow, you might consider adding some more RAM memory to allow the processes a little more freedom of 'running'.
I'll leave this topic open for a few days so that if you have any questions you can come back here. Surf safe, my friend!!
The XP support section is here. You can link this topic in a post there by referencing this post.
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.
If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.
Everyone else please begin a New Topic.
0 members, 0 guests, 0 anonymous users
Community Forum Software by IP.Board
Licensed to: Geeks to Go, Inc.