Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Very slow computer, XP sp3 no threats found when running Scans

Malware Slow

  • Please log in to reply

#1
jkeithjr

jkeithjr

    New Member

  • Member
  • Pip
  • 1 posts

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15-03-2017
Ran by destiny (administrator) on DESTINY2 (01-04-2017 12:37:27)
Running from C:\Documents and Settings\destiny\Desktop
Loaded Profiles: destiny (Available Profiles: installer & destiny & QBDataServiceUser17)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) Language: English (United States)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [vProt] => C:\Program Files\AVG Secure Search\vprot.exe [2510784 2015-05-07] ()
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\Framework\Common\avguirnx.exe [220944 2016-12-06] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [Reader Library Launcher] => C:\Program Files\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe [906648 2010-07-13] (Sony Corporation)
HKLM\...\Run: [AvgUi] => C:\Program Files\AVG\Framework\Common\avguirnx.exe [220944 2016-12-06] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [MSConfig] => C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe [169984 2008-04-13] (Microsoft Corporation)
HKU\S-1-5-21-1343024091-261478967-1801674531-1008\...\MountPoints2: {590393f6-0976-11e0-8b1e-00138f2c8050} - E:\sources\sperr32.exe x64
HKU\S-1-5-21-1343024091-261478967-1801674531-1008\...\MountPoints2: {a45a5e93-2d5c-11df-8ab1-00138f2c8050} - E:\hbcd\wintools\autorun.exe
HKU\S-1-5-21-1343024091-261478967-1801674531-1008\...\MountPoints2: {e349cc5b-149f-11e2-8b55-00022af12858} - E:\PcOptions.exe
HKU\S-1-5-21-1343024091-261478967-1801674531-1008\...\MountPoints2: {fd3d8c5c-3759-11df-8ac3-00138f2c8050} - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL launcher.exe
Lsa: [Notification Packages] scecli scecli
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)
BootExecute: autocheck autochk * C:\PROGRA~1\AVG\Av\avgrsx.exe /sync /restart

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62
Tcpip\..\Interfaces\{2B8B43BC-2A98-440F-881D-617C8C3B45C9}: [DhcpNameServer] 209.18.47.61 209.18.47.62
Tcpip\..\Interfaces\{921ABC4C-5543-459B-A7B7-58140D9F31D2}: [DhcpNameServer] 66.75.164.89 66.75.164.90

Internet Explorer:
==================
HKU\S-1-5-21-1343024091-261478967-1801674531-1008\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yahoo.com/
HKU\S-1-5-21-1343024091-261478967-1801674531-1008\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/
URLSearchHook: HKU\S-1-5-21-1343024091-261478967-1801674531-1008 - (No Name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} -  No File
URLSearchHook: HKU\S-1-5-21-1343024091-261478967-1801674531-1008 - YTNavAssistPlugin Class - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
SearchScopes: HKU\.DEFAULT -> {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL =
SearchScopes: HKU\S-1-5-21-1343024091-261478967-1801674531-1008 -> {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL =
BHO: &Yahoo! Toolbar Helper -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll [2013-11-18] (Yahoo! Inc.)
BHO: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23] (Adobe Systems Incorporated)
BHO: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> No File
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation)
BHO: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO: AVG Security Toolbar -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Secure Search\18.5.0.895\AVG Secure Search_toolbar.dll [2015-05-07] (AVG Secure Search)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-03-24] (Sun Microsystems, Inc.)
BHO: Windows Live Toolbar Helper -> {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} -> C:\Program Files\Windows Live\Toolbar\wltcore.dll [2010-04-16] (Microsoft Corporation)
BHO: JQSIEStartDetectorImpl Class -> {E7E6F031-17CE-4C07-BC86-EABFE594F69C} -> C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-03-24] (Sun Microsystems, Inc.)
Toolbar: HKLM - &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2010-04-16] (Microsoft Corporation)
Toolbar: HKLM - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} -  No File
Toolbar: HKLM - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\18.5.0.895\AVG Secure Search_toolbar.dll [2015-05-07] (AVG Secure Search)
Toolbar: HKLM - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll [2013-11-18] (Yahoo! Inc.)
Toolbar: HKU\.DEFAULT -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
Toolbar: HKU\S-1-5-21-1343024091-261478967-1801674531-1008 -> &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2010-04-16] (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-1343024091-261478967-1801674531-1008 -> No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} -  No File
Toolbar: HKU\S-1-5-21-1343024091-261478967-1801674531-1008 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1268336728890
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxps://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} hxxps://akamaicdn.webex.com/client/WBXclient-T27L10NSP25-10481/webex/ieatgpc.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  No File
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.3.0\ViProtocol.dll [2015-04-24] (AVG Secure Search)

FireFox:
========
FF ProfilePath: C:\Documents and Settings\destiny\Application Data\Mozilla\Firefox\Profiles\5d9vrsg2.default-1491073672843 [2017-04-01]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-03-11] [not signed]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF Extension: (Java Quick Starter) - C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2010-03-24] [not signed]
FF HKLM\...\Firefox\Extensions: [{3f963a5b-e555-4543-90e2-c3908898db71}] - C:\Program Files\AVG\AVG10\Firefox => not found
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Documents and Settings\All Users\Application Data\AVG Secure Search\FireFoxExt\18.5.0.895
FF Extension: (AVG Security Toolbar) - C:\Documents and Settings\All Users\Application Data\AVG Secure Search\FireFoxExt\18.5.0.895 [2015-05-07] [not signed]
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\avg-secure-search.xml [2015-04-24]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-08] ()
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\18.3.0\\npsitesafety.dll [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-01-10] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-16] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @sony.com/eBookLibrary -> C:\Program Files\Sony\Reader\Data\bin\npebldetectmoz.dll [2010-07-13] (Sony Corporation)

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\Documents and Settings\All Users\Application Data\AVG Secure Search\ChromeExt\17.3.0.49\avg.crx [2014-02-03]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AVGIDSAgent; C:\Program Files\AVG\Av\avgidsagent.exe [4153408 2017-03-23] (AVG Technologies CZ, s.r.o.)
S2 avgsvc; C:\Program Files\AVG\Framework\Common\avgsvcx.exe [935184 2016-12-06] (AVG Technologies CZ, s.r.o.)
S2 avgwd; C:\Program Files\AVG\Av\avgwdsvcx.exe [606360 2017-03-23] (AVG Technologies CZ, s.r.o.)
S4 JavaQuickStarterService; C:\Program Files\Java\jre6\bin\jqs.exe [153376 2010-03-24] (Sun Microsystems, Inc.)
S2 QBCFMonitorService; C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe [20480 2009-09-16] (Intuit) [File not signed]
S4 QBFCService; C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [65536 2006-11-09] (Intuit Inc.) [File not signed]
S4 QuickBooksDB17; C:\Program Files\Intuit\QuickBooks 2007\QBDBMgrN.exe [128536 2006-09-13] (iAnywhere Solutions, Inc.)
S4 Sony SCSI Helper Service; C:\Program Files\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe [73728 2010-04-02] (Sony Corporation) [File not signed]
S2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe [1742136 2013-12-18] (TuneUp Software)
S4 vToolbarUpdater18.3.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.3.0\ToolbarUpdater.exe [1802776 2015-04-24] (AVG Secure Search)
S4 ZuneBusEnum; c:\Program Files\Zune\ZuneBusEnum.exe [57056 2011-08-05] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S1 Avgdiskx; C:\WINDOWS\System32\DRIVERS\avgdiskx.sys [134912 2016-05-13] (AVG Technologies CZ, s.r.o.)
S1 AVGIDSDriverl; C:\WINDOWS\System32\DRIVERS\avgidsdriverlx.sys [247552 2017-02-20] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [207616 2016-10-05] (AVG Technologies CZ, s.r.o.)
S1 AVGIDSShim; C:\WINDOWS\System32\DRIVERS\avgidsshimx.sys [31664 2015-11-20] (AVG Technologies CZ, s.r.o.)
S1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [244992 2016-11-30] (AVG Technologies CZ, s.r.o.)
S0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [287008 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [197376 2016-09-26] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [47360 2016-06-01] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\WINDOWS\System32\DRIVERS\avgtdix.sys [231680 2016-07-27] (AVG Technologies CZ, s.r.o.)
S0 avgunivx; C:\WINDOWS\System32\DRIVERS\avgunivx.sys [65280 2016-06-20] (AVG Technologies CZ, s.r.o.)
S3 cmuda; C:\WINDOWS\System32\drivers\cmuda.sys [1368000 2005-12-15] (C-Media Inc)
S3 FETNDIS; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [27165 2001-08-17] (VIA Technologies, Inc.              )
S2 fssfltr; C:\WINDOWS\System32\DRIVERS\fssfltr_tdi.sys [54760 2010-04-28] (Microsoft Corporation)
S3 irsir; C:\WINDOWS\System32\DRIVERS\irsir.sys [18688 2001-08-17] (Microsoft Corporation)
R3 Rasirda; C:\WINDOWS\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Corporation)
R3 rtl8139; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [20992 2004-08-03] (Realtek Semiconductor Corporation)
S3 RTL8192cu; C:\WINDOWS\System32\DRIVERS\RTL8192cu.sys [890016 2010-11-03] (Realtek Semiconductor Corporation                           )
S1 SCDEmu; C:\WINDOWS\system32\Drivers\SCDEmu.sys [114408 2013-12-16] (Power Software Ltd)
S3 viagfx; C:\WINDOWS\System32\DRIVERS\vtmini.sys [283008 2010-03-12] (Copyright © VIA/S3 Graphics Co, Ltd.)
S2 WinisoCDBus; C:\WINDOWS\System32\drivers\WinisoCDBus.sys [121600 2014-01-23] (WinISO.com)
R2 zumbus; C:\WINDOWS\System32\DRIVERS\zumbus.sys [41472 2011-08-05] (Microsoft Corporation)
S4 IntelIde; no ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U1 WS2IFSL; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-04-01 12:37 - 2017-04-01 12:37 - 00015183 _____ C:\Documents and Settings\destiny\Desktop\FRST.txt
2017-04-01 12:26 - 2017-04-01 12:37 - 00000000 ____D C:\FRST
2017-04-01 12:26 - 2017-04-01 12:26 - 01766912 _____ (Farbar) C:\Documents and Settings\destiny\Desktop\FRST.exe
2017-04-01 12:08 - 2017-04-01 12:08 - 00000000 ____D C:\Documents and Settings\destiny\Desktop\Old Firefox Data
2017-04-01 12:06 - 2017-04-01 12:16 - 00000000 ____D C:\Documents and Settings\destiny\Local Settings\Application Data\AvgSetupLog
2017-04-01 11:21 - 2017-04-01 11:31 - 00000666 _____ C:\Documents and Settings\destiny\Desktop\avgrep.txt
2017-04-01 09:10 - 2017-04-01 09:10 - 00000000 ____D C:\Documents and Settings\destiny\Local Settings\Application Data\CEF
2017-04-01 09:04 - 2017-04-01 09:04 - 00001573 _____ C:\Documents and Settings\All Users\Start Menu\Activate Windows.lnk

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-04-01 12:37 - 2010-03-15 10:06 - 00000000 ____D C:\Documents and Settings\destiny\Local Settings\Temp
2017-04-01 12:15 - 2016-10-13 11:03 - 00000314 ____H C:\WINDOWS\Tasks\AVG EUpdate Task.job
2017-04-01 12:08 - 2010-03-17 13:25 - 00077384 _____ C:\Documents and Settings\destiny\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2017-04-01 12:01 - 2004-08-04 05:00 - 00001230 _____ C:\WINDOWS\system32\wpa.dbl
2017-04-01 12:00 - 2010-03-15 10:06 - 00000178 ___SH C:\Documents and Settings\destiny\ntuser.ini
2017-04-01 12:00 - 2010-03-11 04:11 - 00000229 ___SH C:\boot.ini
2017-04-01 12:00 - 2004-08-04 05:00 - 00000582 _____ C:\WINDOWS\win.ini
2017-04-01 12:00 - 2004-08-04 05:00 - 00000227 _____ C:\WINDOWS\system.ini
2017-04-01 11:35 - 2010-10-19 13:14 - 00000000 ____D C:\WINDOWS\pss
2017-04-01 11:19 - 2010-12-16 17:48 - 00803962 _____ C:\WINDOWS\ntbtlog.txt
2017-04-01 10:50 - 2010-03-11 16:04 - 00170200 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2017-04-01 10:46 - 2014-02-06 16:27 - 00065536 _____ C:\WINDOWS\system32\config\TuneUp.evt
2017-04-01 10:46 - 2010-03-11 12:34 - 00032320 _____ C:\WINDOWS\SchedLgU.Txt
2017-04-01 10:46 - 2010-03-11 12:34 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-04-01 10:44 - 2010-03-11 14:41 - 00000430 ____H C:\WINDOWS\Tasks\User_Feed_Synchronization-{09A34813-5EB1-43F2-A3E1-793FC9E0AC47}.job
2017-04-01 10:40 - 2010-12-15 11:49 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\MFAData
2017-04-01 10:38 - 2014-10-23 13:21 - 00000226 _____ C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2017-04-01 09:24 - 2010-03-19 09:09 - 00000000 ____D C:\Documents and Settings\destiny\Application Data\Move Networks
2017-04-01 09:19 - 2010-03-11 04:12 - 01010253 _____ C:\WINDOWS\setuplog.txt
2017-04-01 09:13 - 2010-10-19 13:14 - 00000426 ____H C:\WINDOWS\Tasks\User_Feed_Synchronization-{C13A1355-A4FF-440B-A202-5CDF1B95DD55}.job
2017-04-01 09:06 - 2014-10-23 13:21 - 00000220 _____ C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2017-04-01 08:55 - 2010-03-11 04:05 - 00000000 ____D C:\WINDOWS\Help
2017-04-01 08:29 - 2012-05-30 12:30 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-04-01 01:23 - 2014-12-18 09:28 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\AVG
2017-04-01 01:05 - 2010-03-11 16:11 - 00000530 _____ C:\WINDOWS\Tasks\Malwarebytes' Scheduled Scan for installer.job
2017-04-01 01:00 - 2010-03-11 16:11 - 00000516 _____ C:\WINDOWS\Tasks\Malwarebytes' Scheduled Update for installer.job
2017-03-16 12:30 - 2016-08-12 18:00 - 00000617 _____ C:\Documents and Settings\All Users\Desktop\AVG.lnk
2017-03-16 12:30 - 2016-08-12 18:00 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\AVG Zen
2017-03-16 12:23 - 2010-03-11 04:05 - 00000000 ___HD C:\WINDOWS\inf
2017-03-16 11:21 - 2010-03-17 12:38 - 00000000 __SHD C:\WINDOWS\CSC

==================== Files in the root of some directories =======

2010-03-17 14:49 - 2011-03-14 14:15 - 0015360 _____ () C:\Documents and Settings\destiny\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-03-17 13:50 - 2010-03-17 13:50 - 0000130 _____ () C:\Documents and Settings\destiny\Local Settings\Application Data\fusioncache.dat

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 15-03-2017
Ran by destiny (01-04-2017 12:38:59)
Running from C:\Documents and Settings\destiny\Desktop
Microsoft Windows XP Professional Service Pack 3 (X86) (2010-03-11 19:32:26)
Boot Mode: Safe Mode (with Networking)
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1343024091-261478967-1801674531-500 - Administrator - Enabled)
ASPNET (S-1-5-21-1343024091-261478967-1801674531-1004 - Limited - Enabled)
destiny (S-1-5-21-1343024091-261478967-1801674531-1008 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\destiny
Guest (S-1-5-21-1343024091-261478967-1801674531-501 - Limited - Enabled)
HelpAssistant (S-1-5-21-1343024091-261478967-1801674531-1000 - Limited - Disabled)
installer (S-1-5-21-1343024091-261478967-1801674531-1003 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\installer
QBDataServiceUser17 (S-1-5-21-1343024091-261478967-1801674531-1009 - Limited - Enabled) => %SystemDrive%\Documents and Settings\QBDataServiceUser17
SUPPORT_388945a0 (S-1-5-21-1343024091-261478967-1801674531-1002 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG AntiVirus Free Edition (Enabled - Up to date) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.4.0.2540 - Adobe Systems Incorporated)
Adobe Flash Player 23 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 23.0.0.207 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated)
Adobe Reader 8.1.2 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A81200000003}) (Version: 8.1.2 - Adobe Systems Incorporated)
AVG (HKLM\...\AvgZen) (Version: 1.113.2.50020 - AVG Technologies)
AVG (Version: 16.151.8012 - AVG Technologies) Hidden
AVG 2011 (Version: 10.0.1170 - AVG Technologies) Hidden
AVG 2013 (Version: 13.0.3204 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4769 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.151.8012 - AVG Technologies)
AVG Security Toolbar (HKLM\...\AVG Secure Search) (Version: 18.5.0.895 - AVG Technologies)
AVG Zen (Version: 1.113.1 - AVG Technologies) Hidden
Calyx LoanBridge 5.3 (HKLM\...\{CAA73495-D542-4BD2-B2F2-886C316868C7}) (Version: 5.3 - Calyx Software)
CCScore (Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
C-Media WDM Audio Driver (HKLM\...\C-Media Audio Driver) (Version:  - )
DVD Shrink 3.2 (HKLM\...\DVD Shrink_is1) (Version:  - DVD Shrink)
ESSBrwr (Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
ESSCDBK (Version: 8.03.0000.0001 - EASTMAN KODAK Company) Hidden
ESScore (Version: 8.03.0000.0001 - EASTMAN KODAK Company) Hidden
ESSgui (Version: 8.03.0000.0001 - EASTMAN KODAK Company) Hidden
ESSini (Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
ESSPCD (Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
ESSPDock (Version: 6.03.0001.0004 - EASTMAN KODAK Company) Hidden
ESSTOOLS (Version: 5.00.0000.0004 - EASTMAN KODAK Company) Hidden
essvatgt (Version: 8.00.0000.0001 - EASTMAN KODAK Company) Hidden
FMW 1 (Version: 1.143.3 - AVG Technologies) Hidden
Java™ 6 Update 18 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216018FF}) (Version: 6.0.180 - Sun Microsystems, Inc.)
Junk Mail filter update (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Malwarebytes' Anti-Malware (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version:  - Malwarebytes Corporation)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version:  - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Base Smart Card Cryptographic Service Provider Package (HKLM\...\KB909520) (Version:  - Microsoft Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.9 (HKLM\...\Wudf01009) (Version:  - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft WinUsb 1.0 (HKLM\...\winusb0100) (Version:  - Microsoft Corporation)
Microsoft WSE 2.0 SP3 Runtime (HKLM\...\{F3CA9611-CD42-4562-ADAB-A554CF8E17F1}) (Version: 2.0.5050.0 - Microsoft Corp.)
Mozilla Firefox 43.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 43.0.1 (x86 en-US)) (Version: 43.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 43.0.1.5828 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Nero 6 Ultra Edition (HKLM\...\Nero - Burning Rom!UninstallKey) (Version:  - )
netbrdg (Version: 7.01.0000.0001 - EASTMAN KODAK Company) Hidden
OfotoXMI (Version: 8.03.0000.0001 - EASTMAN KODAK Company) Hidden
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
PaperPort (HKLM\...\{A17EABB6-D0C6-44E5-820C-72DC7F495064}) (Version: 9.02.0814 - ScanSoft, Inc.)
Point (HKLM\...\{F05E2B98-DA04-4FFA-8D08-DA218E6A2B47}) (Version: 5.3 - )
Point (Version: 5.3 - Calyx Software) Hidden
PowerDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version:  - )
PowerISO (HKLM\...\PowerISO) (Version: 5.8 - Power Software Ltd)
PRS-500 USB driver (HKLM\...\{A212E6C2-20F7-4A8E-BD8E-DC3EE7483FA2}) (Version: 1.0.00.08110 - Sony)
QuickBooks Pro 2007 (HKLM\...\{7E545666-F422-45FD-B3DF-C0B99A1A579F}) (Version:  - )
Reader Library by Sony (HKLM\...\{B70E5793-F912-4C62-AFE2-C4F0B078FD31}) (Version: 3.3.00.07130 - Sony Corporation)
Segoe UI (Version: 14.0.4327.805 - Microsoft Corp) Hidden
SFR (Version: 8.01.0000.0001 - Eastman Kodak Company) Hidden
SHASTA (Version: 7.01.0000.0001 - EASTMAN KODAK Company) Hidden
skin0001 (Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
SKINXSDK (Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
staticcr (Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
TeamViewer 5 (HKLM\...\TeamViewer 5) (Version: 5.0.8232  - TeamViewer GmbH)
TuneUp Utilities 2014 (en-US) (Version: 14.0.1000.221 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM\...\TuneUp Utilities) (Version: 14.0.1000.221 - TuneUp Software)
TuneUp Utilities 2014 (Version: 14.0.1000.221 - TuneUp Software) Hidden
VIA/S3G Display Driver 6.14.10.0380 (HKLM\...\VIA/S3G UniChrome Family Win2K/XP/Server2003 Display) (Version:  - )
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VPRINTOL (Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
WebEx (HKLM\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Driver Package - Sony Corporation (PRSUSB) USB  (08/08/2006 1.0.03.08080) (HKLM\...\75070B1806113224B16C70296B90DD1AD8A53479) (Version: 08/08/2006 1.0.03.08080 - Sony Corporation)
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray (HKLM\...\KB952011) (Version: 1.0 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Sign-in Assistant (HKLM\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live Upload Tool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Management Framework Core (HKLM\...\KB968930) (Version:  - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version:  - )
Windows PowerShell™ 1.0 MUI pack (HKLM\...\KB926141) (Version: 2 - Microsoft Corporation)
Windows Search 4.0 (HKLM\...\KB940157) (Version: 04.00.6001.503 - Microsoft Corporation)
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
WINForms Desktop (HKLM\...\WINForms Desktop) (Version:  - )
WinISO (HKLM\...\WinISO) (Version: 6.4.0.5136 - WinISO Computing Inc.)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version:  - )
WIRELESS (Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
Yahoo! Software Update (HKLM\...\Yahoo! Software Update) (Version:  - )
Yahoo! Toolbar (HKLM\...\Yahoo! Companion) (Version:  - Yahoo! Inc.)
zipForm6 (HKLM\...\zipForm6) (Version: 1.0.0.0 - )
Zune (HKLM\...\Zune) (Version: 04.08.2345.00 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1343024091-261478967-1801674531-1008_Classes\CLSID\{05EC5C13-D255-4592-9CCB-98615172F0D6}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1343024091-261478967-1801674531-1008_Classes\CLSID\{0ADF9C35-0D5E-4B75-88DD-B64868907E17}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1343024091-261478967-1801674531-1008_Classes\CLSID\{123FAF7F-3FB1-4B8F-AD18-0047401D436A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1343024091-261478967-1801674531-1008_Classes\CLSID\{32D32337-1511-4416-85C5-FD96C99322A0}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1343024091-261478967-1801674531-1008_Classes\CLSID\{37A2FC00-1795-4679-94A3-A153F1A8BB54}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1343024091-261478967-1801674531-1008_Classes\CLSID\{37A2FC02-1795-4679-94A3-A153F1A8BB54}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1343024091-261478967-1801674531-1008_Classes\CLSID\{3928D252-6BB4-4C0D-BE70-1E03AF93D464}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1343024091-261478967-1801674531-1008_Classes\CLSID\{4716D3CE-55DB-4D2A-818C-87D912895890}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1343024091-261478967-1801674531-1008_Classes\CLSID\{4844F3F7-2161-4AC4-B219-B3B4311782AA}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1343024091-261478967-1801674531-1008_Classes\CLSID\{4E5E74B5-8EB5-4859-A335-837EED412620}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1343024091-261478967-1801674531-1008_Classes\CLSID\{5428A9ED-6CD8-11D6-9C8A-0001023DCAA2}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1343024091-261478967-1801674531-1008_Classes\CLSID\{547C8F00-5567-4AE3-8BB0-CC3CE2AB9070}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1343024091-261478967-1801674531-1008_Classes\CLSID\{57D590F1-91EB-44CE-8088-AE4AE19D30A1}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1343024091-261478967-1801674531-1008_Classes\CLSID\{596801D8-2C9D-4627-9C67-195CB81B655A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1343024091-261478967-1801674531-1008_Classes\CLSID\{5B7331FA-8910-4748-A8A4-60B445041F28}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1343024091-261478967-1801674531-1008_Classes\CLSID\{7DBF8260-30AD-4D1B-876A-8032B87B809F}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1343024091-261478967-1801674531-1008_Classes\CLSID\{8034BBB8-2145-4159-9A34-51E21A0A981F}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1343024091-261478967-1801674531-1008_Classes\CLSID\{828E5386-74CF-4019-B356-C857CD028A7D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1343024091-261478967-1801674531-1008_Classes\CLSID\{82CC31B3-53B4-4161-A4E9-6B4F1290A6C8}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1343024091-261478967-1801674531-1008_Classes\CLSID\{8572570D-12D9-4F2C-8BB8-EB8848178B94}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1343024091-261478967-1801674531-1008_Classes\CLSID\{89D426E0-F105-4fec-BA2E-72CF470F93E8}\InprocServer32 -> C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1343024091-261478967-1801674531-1008_Classes\CLSID\{8CA5338E-3C5E-4087-ADEC-B1CA665BC293}\localserver32 -> C:\Program Files\Intuit\QuickBooks 2007\qbw32.exe (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1343024091-261478967-1801674531-1008_Classes\CLSID\{8E590317-1329-11D1-B70B-00805F29CD16}\localserver32 -> C:\Program Files\Intuit\QuickBooks 2007\QBW32.EXE (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1343024091-261478967-1801674531-1008_Classes\CLSID\{8FEDE364-AB37-4551-80C9-6D468E222AB2}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1343024091-261478967-1801674531-1008_Classes\CLSID\{97090E2F-3062-4459-855B-014F0D3CDBB1}\InprocServer32 -> C:\Program Files\Windows Desktop Search\deskbar.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1343024091-261478967-1801674531-1008_Classes\CLSID\{9D9B61F2-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1343024091-261478967-1801674531-1008_Classes\CLSID\{9D9B61F3-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1343024091-261478967-1801674531-1008_Classes\CLSID\{9D9B61F4-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1343024091-261478967-1801674531-1008_Classes\CLSID\{9D9B61F5-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1343024091-261478967-1801674531-1008_Classes\CLSID\{9D9B61F6-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1343024091-261478967-1801674531-1008_Classes\CLSID\{9D9B61F7-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1343024091-261478967-1801674531-1008_Classes\CLSID\{A63E42D0-9C63-47B5-ABF2-0C839EC20778}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1343024091-261478967-1801674531-1008_Classes\CLSID\{A63E42D2-9C63-47B5-ABF2-0C839EC20778}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1343024091-261478967-1801674531-1008_Classes\CLSID\{AF5E0A13-CEAB-47CE-991D-77E82CD1BF3F}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1343024091-261478967-1801674531-1008_Classes\CLSID\{B66F2BF1-91EB-44CE-8088-AE4AE19D30A1}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1343024091-261478967-1801674531-1008_Classes\CLSID\{D14FD6B3-6A9F-4537-9460-07B836707127}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1343024091-261478967-1801674531-1008_Classes\CLSID\{D4A12AAF-E15E-470B-A6B6-63032186F91F}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1343024091-261478967-1801674531-1008_Classes\CLSID\{D9B9C060-0954-11D3-9E07-00104BD2BE34}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\ViewSource.dll (Intuit, Inc.)
CustomCLSID: HKU\S-1-5-21-1343024091-261478967-1801674531-1008_Classes\CLSID\{D9BC6F81-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\cominifile.dll (Intuit, Inc.)
CustomCLSID: HKU\S-1-5-21-1343024091-261478967-1801674531-1008_Classes\CLSID\{D9BC6F84-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\cominifile.dll (Intuit, Inc.)
CustomCLSID: HKU\S-1-5-21-1343024091-261478967-1801674531-1008_Classes\CLSID\{D9BC6F87-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\cominifile.dll (Intuit, Inc.)
CustomCLSID: HKU\S-1-5-21-1343024091-261478967-1801674531-1008_Classes\CLSID\{D9BC6FA1-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\GraphSeriesCol.dll (Intuit, Inc.)
CustomCLSID: HKU\S-1-5-21-1343024091-261478967-1801674531-1008_Classes\CLSID\{D9BC6FA6-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\GraphSeriesCol.dll (Intuit, Inc.)
CustomCLSID: HKU\S-1-5-21-1343024091-261478967-1801674531-1008_Classes\CLSID\{D9BC6FB2-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\StorageClasses.dll (Intuit, Inc.)
CustomCLSID: HKU\S-1-5-21-1343024091-261478967-1801674531-1008_Classes\CLSID\{DCB2B478-EFF6-48F6-B718-13E98876854E}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1343024091-261478967-1801674531-1008_Classes\CLSID\{DFD0AF10-B86C-4AF3-B609-1348D513E565}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1343024091-261478967-1801674531-1008_Classes\CLSID\{E1A173E1-D957-4C3E-A098-43756A3DB454}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1343024091-261478967-1801674531-1008_Classes\CLSID\{E1A173E3-D957-4C3E-A098-43756A3DB454}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1343024091-261478967-1801674531-1008_Classes\CLSID\{EADA914E-5B08-4E85-8440-5A087504DF87}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1343024091-261478967-1801674531-1008_Classes\CLSID\{EAEF733D-5B08-4E85-8440-5A087504DF87}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1343024091-261478967-1801674531-1008_Classes\CLSID\{F19F9A95-7A43-4A93-80B0-C9C1FF6F63F9}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1343024091-261478967-1801674531-1008_Classes\CLSID\{F9EF917A-E55E-4242-B205-E778395AC313}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\BbfDepCalc.ocx (Intuit)
CustomCLSID: HKU\S-1-5-21-1343024091-261478967-1801674531-1008_Classes\CLSID\{FAC93D42-FFC2-11d1-9DEB-0008C7A08EBA}\localserver32 -> C:\Program Files\Intuit\QuickBooks 2007\qbw32.exe (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-1343024091-261478967-1801674531-1008_Classes\CLSID\{FB17915F-06D1-4214-A902-CC5EE05186E9}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AVG EUpdate Task.job => C:\Program Files\AVG\Setup AVG Technologies   ጃ  0 ߡ              0ߡ              
Task: C:\WINDOWS\Tasks\Malwarebytes' Scheduled Scan for installer.job => C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
Task: C:\WINDOWS\Tasks\Malwarebytes' Scheduled Update for installer.job => C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{09A34813-5EB1-43F2-A3E1-793FC9E0AC47}.job => C:\WINDOWS\system32\msfeedssync.exe
Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{C13A1355-A4FF-440B-A202-5CDF1B95DD55}.job => C:\WINDOWS\system32\msfeedssync.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Documents and Settings\destiny\NetHood\respaforms on www.stearnswholesale.com\target.lnk -> hxxp://www.stearnswholesale.com/forms/pdf/respaform
Shortcut: C:\Documents and Settings\destiny\NetHood\My Web Sites on MSN\target.lnk -> hxxp://www.msnusers.co

==================== Loaded Modules (Whitelisted) ==============

2010-01-09 20:18 - 2010-01-09 20:18 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-21 01:34 - 2010-01-21 01:34 - 08793952 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2010-03-12 01:28 - 2008-09-16 21:18 - 00132608 _____ () C:\Program Files\WinRAR\rarext.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"
e"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2004-08-04 05:00 - 2004-08-04 05:00 - 00000734 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1343024091-261478967-1801674531-1008\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Bliss.bmp
DNS Servers: 209.18.47.61 - 209.18.47.62
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak EasyShare software.lnk => C:\WINDOWS\pss\Kodak EasyShare software.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^QuickBooks Database Server Manager.lnk => C:\WINDOWS\pss\QuickBooks Database Server Manager.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^QuickBooks Update Agent.lnk => C:\WINDOWS\pss\QuickBooks Update Agent.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Search.lnk => C:\WINDOWS\pss\Windows Search.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^destiny^Start Menu^Programs^Startup^LimeWire On Startup.lnk => C:\WINDOWS\pss\LimeWire On Startup.lnkStartup
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AVG_TRAY => C:\Program Files\AVG\AVG10\avgtray.exe
MSCONFIG\startupreg: BCSSync => "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: Cmaudio => RunDll32 cmicnfg.cpl,CMICtrlWnd
MSCONFIG\startupreg: ctfmon.exe => C:\WINDOWS\system32\ctfmon.exe
MSCONFIG\startupreg: Google Desktop Search => "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
MSCONFIG\startupreg: IndexSearch => C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
MSCONFIG\startupreg: Malwarebytes' Anti-Malware => "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
MSCONFIG\startupreg: msnmsgr => "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: NeroFilterCheck => C:\WINDOWS\system32\NeroCheck.exe
MSCONFIG\startupreg: PaperPort PTD => C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
MSCONFIG\startupreg: SSBkgdUpdate => "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: VTTimer => VTTimer.exe
MSCONFIG\startupreg: VTTrayp => VTtrayp.exe
MSCONFIG\startupreg: Zune Launcher => "c:\Program Files\Zune\ZuneLauncher.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

StandardProfile\AuthorizedApplications: [C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe] => Enabled:EasyShare
StandardProfile\AuthorizedApplications: [C:\Program Files\AVG\AVG2013\avgmfapx.exe] => Enabled:AVG Installer
StandardProfile\AuthorizedApplications: [C:\Program Files\Intuit\QuickBooks 2007\QBDBMgrN.exe] => Enabled:QuickBooks 2007 Data Manager
StandardProfile\AuthorizedApplications: [C:\Program Files\AVG\Av\avgmfapx.exe] => Enabled:AVG Installer
StandardProfile\AuthorizedApplications: [C:\Program Files\Mozilla Firefox\firefox.exe] => Enabled:Firefox (C:\Program Files\Mozilla Firefox)
StandardProfile\AuthorizedApplications: [C:\Program Files\Microsoft Office\Office14\GROOVE.EXE] => Enabled:Microsoft SharePoint Workspace
StandardProfile\AuthorizedApplications: [C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE] => Enabled:Microsoft OneNote
StandardProfile\AuthorizedApplications: [C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE] => Enabled:Microsoft Office Outlook
StandardProfile\AuthorizedApplications: [C:\Program Files\AVG\Av\avgnsx.exe] => Enabled:Online Shield
DomainProfile\GloballyOpenPorts: [139:TCP] => Enabled:@xpsp2res.dll,-22004
DomainProfile\GloballyOpenPorts: [445:TCP] => Enabled:@xpsp2res.dll,-22005
DomainProfile\GloballyOpenPorts: [137:UDP] => Enabled:@xpsp2res.dll,-22001
DomainProfile\GloballyOpenPorts: [138:UDP] => Enabled:@xpsp2res.dll,-22002
StandardProfile\GloballyOpenPorts: [1900:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22007
StandardProfile\GloballyOpenPorts: [2869:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22008
StandardProfile\GloballyOpenPorts: [139:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22004
StandardProfile\GloballyOpenPorts: [445:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22005
StandardProfile\GloballyOpenPorts: [137:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22001
StandardProfile\GloballyOpenPorts: [138:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22002

==================== Restore Points =========================

16-03-2017 11:55:48 System Checkpoint
17-03-2017 12:34:16 System Checkpoint
18-03-2017 13:34:13 System Checkpoint
19-03-2017 14:34:13 System Checkpoint
20-03-2017 15:34:13 System Checkpoint
21-03-2017 16:33:31 System Checkpoint
22-03-2017 16:34:17 System Checkpoint
23-03-2017 16:34:55 System Checkpoint
24-03-2017 16:35:10 System Checkpoint
25-03-2017 17:35:10 System Checkpoint
26-03-2017 18:33:28 System Checkpoint
27-03-2017 18:35:11 System Checkpoint
28-03-2017 19:35:10 System Checkpoint
29-03-2017 20:35:14 System Checkpoint
30-03-2017 21:06:28 System Checkpoint
31-03-2017 22:06:28 System Checkpoint

==================== Faulty Device Manager Devices =============

Name: VIA Compatable Fast Ethernet Adapter
Description: VIA Compatable Fast Ethernet Adapter
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: VIA Technologies, Inc.
Service: FETNDIS
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/01/2017 12:16:36 PM) (Source: MsiInstaller) (EventID: 1008) (User: DESTINY2)
Description: The installation of C:\WINDOWS\Temp\AvgSetup\9f7e3c8e-0915-47cf-a87d-d14b6c15c1ab\install\fmw\avgfmwsetupx86.msi is not permitted due to an error in software restriction policy processing. The object cannot be trusted.

Error: (04/01/2017 12:13:58 PM) (Source: crypt32) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (04/01/2017 12:13:58 PM) (Source: crypt32) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (03/30/2017 12:12:41 PM) (Source: Windows Product Activation) (EventID: 1009) (User: )
Description: You have not activated Windows within the grace period. To activate Windows, contact a customer service representative by telephone.

Error: (03/30/2017 12:10:41 PM) (Source: Windows Product Activation) (EventID: 1009) (User: )
Description: You have not activated Windows within the grace period. To activate Windows, contact a customer service representative by telephone.

Error: (10/24/2016 10:23:56 AM) (Source: Windows Product Activation) (EventID: 1009) (User: )
Description: You have not activated Windows within the grace period. To activate Windows, contact a customer service representative by telephone.

Error: (10/24/2016 10:23:00 AM) (Source: Windows Product Activation) (EventID: 1009) (User: )
Description: You have not activated Windows within the grace period. To activate Windows, contact a customer service representative by telephone.

Error: (10/17/2016 02:19:03 PM) (Source: Windows Product Activation) (EventID: 1009) (User: )
Description: You have not activated Windows within the grace period. To activate Windows, contact a customer service representative by telephone.

Error: (10/17/2016 01:58:53 PM) (Source: Windows Product Activation) (EventID: 1009) (User: )
Description: You have not activated Windows within the grace period. To activate Windows, contact a customer service representative by telephone.

Error: (10/17/2016 01:54:54 PM) (Source: Windows Product Activation) (EventID: 1009) (User: )
Description: You have not activated Windows within the grace period. To activate Windows, contact a customer service representative by telephone.


System errors:
=============
Error: (04/01/2017 12:04:27 PM) (Source: DCOM) (EventID: 10005) (User: DESTINY2)
Description: DCOM got error "%%1084 = This service cannot be started in Safe Mode" attempting to start the service TuneUp.UtilitiesSvc with arguments ""
in order to run the server:
{5EF1CF5D-87A9-434B-8786-2A08E1C30F6C}

Error: (04/01/2017 12:04:19 PM) (Source: DCOM) (EventID: 10005) (User: DESTINY2)
Description: DCOM got error "%%1084 = This service cannot be started in Safe Mode" attempting to start the service TuneUp.UtilitiesSvc with arguments ""
in order to run the server:
{FCA02D56-BF9D-4591-AD41-E59AF763C64A}

Error: (04/01/2017 12:03:54 PM) (Source: DCOM) (EventID: 10005) (User: DESTINY2)
Description: DCOM got error "%%1084 = This service cannot be started in Safe Mode" attempting to start the service TuneUp.UtilitiesSvc with arguments ""
in order to run the server:
{5EF1CF5D-87A9-434B-8786-2A08E1C30F6C}

Error: (04/01/2017 12:03:40 PM) (Source: DCOM) (EventID: 10005) (User: DESTINY2)
Description: DCOM got error "%%1084 = This service cannot be started in Safe Mode" attempting to start the service TuneUp.UtilitiesSvc with arguments ""
in order to run the server:
{5EF1CF5D-87A9-434B-8786-2A08E1C30F6C}

Error: (04/01/2017 12:03:26 PM) (Source: DCOM) (EventID: 10005) (User: DESTINY2)
Description: DCOM got error "%%1084 = This service cannot be started in Safe Mode" attempting to start the service TuneUp.UtilitiesSvc with arguments ""
in order to run the server:
{FCA02D56-BF9D-4591-AD41-E59AF763C64A}

Error: (04/01/2017 12:03:14 PM) (Source: DCOM) (EventID: 10005) (User: DESTINY2)
Description: DCOM got error "%%1084 = This service cannot be started in Safe Mode" attempting to start the service TuneUp.UtilitiesSvc with arguments ""
in order to run the server:
{FCA02D56-BF9D-4591-AD41-E59AF763C64A}

Error: (04/01/2017 12:03:14 PM) (Source: DCOM) (EventID: 10005) (User: DESTINY2)
Description: DCOM got error "%%1084 = This service cannot be started in Safe Mode" attempting to start the service TuneUp.UtilitiesSvc with arguments ""
in order to run the server:
{5EF1CF5D-87A9-434B-8786-2A08E1C30F6C}

Error: (04/01/2017 12:03:01 PM) (Source: DCOM) (EventID: 10005) (User: DESTINY2)
Description: DCOM got error "%%1084 = This service cannot be started in Safe Mode" attempting to start the service TuneUp.UtilitiesSvc with arguments ""
in order to run the server:
{5EF1CF5D-87A9-434B-8786-2A08E1C30F6C}

Error: (04/01/2017 12:03:00 PM) (Source: DCOM) (EventID: 10005) (User: DESTINY2)
Description: DCOM got error "%%1084 = This service cannot be started in Safe Mode" attempting to start the service TuneUp.UtilitiesSvc with arguments ""
in order to run the server:
{5EF1CF5D-87A9-434B-8786-2A08E1C30F6C}

Error: (04/01/2017 12:02:37 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Avgdiskx
AVGIDSDriverl
AVGIDSShim
Avgldx86
Avglogx
avgunivx
Fips
intelppm
SCDEmu


==================== Memory info ===========================

Processor:  Intel® Pentium® 4 CPU 2.40GHz
Percentage of memory in use: 65%
Total physical RAM: 703.23 MB
Available physical RAM: 245.18 MB
Total Virtual: 1338.05 MB
Available Virtual: 983.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:76.68 GB) (Free:8.17 GB) NTFS ==>[drive with boot components (Windows XP)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 76.7 GB) (Disk ID: E391E391)
Partition 1: (Active) - (Size=76.7 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================


  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,788 posts
  • MVP

Error: (03/30/2017 12:12:41 PM) (Source: Windows Product Activation) (EventID: 1009) (User: )

Description: You have not activated Windows within the grace period. To activate Windows, contact a customer service representative by telephone.

 

 

 

Not much we can do for you until you activate your copy of Windows.  Not even sure it's still possible the normal way since Microsoft pulled the plug on XP.  There are ways around it but we can't help you with that.


  • 0






Similar Topics


Also tagged with one or more of these keywords: Malware, Slow

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP