Sorry for the delay. Heres the logs you asked.
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English (United States)
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Windows ® Codename Longhorn DDK provider) C:\Program Files\UPHClean\uphclean.exe
(Compaq Computer Corporation) C:\Program Files\compaq\Easy Access Button Support\STARTEAK.exe
(Compaq Computer Corporation) C:\Program Files\compaq\Easy Access Button Support\CPQEADM.exe
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [hpsysdrv] => c:\windows\system\hpsysdrv.exe [52736 1998-05-07] (Hewlett-Packard Company)
HKLM\...\Run: [dla] => C:\WINDOWS\system32\dla\tfswctrl.exe [106549 2002-07-16] (VERITAS Software, Inc.)
HKLM\...\Run: [WCOLOREAL] => C:\Program Files\COMPAQ\Coloreal\coloreal.exe [143360 2002-02-20] ()
HKLM\...\Run: [CPQEASYACC] => C:\Program Files\COMPAQ\Easy Access Button Support\StartEAK.exe [32768 2001-12-15] (Compaq Computer Corporation)
HKLM\...\Run: [hpbdfawep] => C:\Program Files\HP\Dfawep\bin\hpbdfawep.exe [954368 2007-04-25] ()
HKLM\...\Run: [AlcxMonitor] => C:\WINDOWS\ALCXMNTR.EXE [57344 2004-09-07] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Malwarebytes' Anti-Malware] => C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [460872 2011-12-24] (Malwarebytes Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5226600 2014-12-07] (AVAST Software)
HKU\S-1-5-18\...\RunOnce: [RunNarrator] => C:\WINDOWS\system32\Narrator.exe [53760 2008-04-13] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2234620177-1887795725-650978795-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
URLSearchHook: HKU\S-1-5-21-2234620177-1887795725-650978795-1003 - (No Name) - {472734EA-242A-422b-ADF8-83D1E48CC825} - No File
BHO: SpywareGuardDLBLOCK.CBrowserHelper -> {4A368E80-174F-4872-96B5-0B27DDD11DB2} -> C:\Program Files\SpywareGuard\dlprotect.dll ()
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: SimpleAdblock Class -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Common Files\Simple Adblock\SimpleAdblock.dll (Simple Adblock)
Toolbar: HKU\S-1-5-21-2234620177-1887795725-650978795-1003 -> No Name - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
Handler: lid - {5C135180-9973-46D9-ABF4-148267CBB8BF} - C:\WINDOWS\System32\msvidctl.dll (Microsoft Corporation)
ShellExecuteHooks: SpywareGuard.Handler - {81559C35-8464-49F7-BB0E-07A383BEF910} - C:\Program Files\SpywareGuard\spywareguard.dll [126976 2003-08-02] ()
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [115440 2013-05-07] (SuperAdBlocker.com)
FF ProfilePath: C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\a7r646om.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @movenetworks.com/Quantum Media Player -> C:\Documents and Settings\Owner\Application Data\Move Networks\plugins\npqmp071503000010.dll (Move Networks)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2234620177-1887795725-650978795-1003: @movenetworks.com/Quantum Media Player -> C:\Documents and Settings\Owner\Application Data\Move Networks\plugins\npqmp071503000010.dll (Move Networks)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll (Oracle Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\a7r646om.default\searchplugins\aol-search.xml
FF SearchPlugin: C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\a7r646om.default\searchplugins\yahoo-avast.xml
FF Extension: Yahoo! Toolbar - C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\a7r646om.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2014-12-07]
FF Extension: AOL Toolbar - C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\a7r646om.default\Extensions\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1} [2013-11-08]
FF Extension: Adblock Plus - C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\a7r646om.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-10-24]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2011-10-23]
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-12-07]
FF Extension: Move Media Player - C:\Documents and Settings\Owner\Application Data\Move Networks [2009-09-23]
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\39.0.2171.71\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Java Platform SE 6 U13) - C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll No File
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\39.0.2171.71\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\39.0.2171.71\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Acrobat 7.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Coupons Inc., Coupon Printer Manager ) - C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll No File
CHR Plugin: (Coupons Inc., Coupon Printer Manager ) - C:\Program Files\Mozilla Firefox\plugins\npMozCouponPrinter.dll No File
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Move Streaming Media Player) - C:\Documents and Settings\Owner\Application Data\Move Networks\plugins\npqmp071503000010.dll (Move Networks)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll No File
CHR Plugin: (MetaStream 3 Plugin) - C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll No File
CHR Profile: C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-04]
CHR Extension: (Avast Online Security) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-12-07]
CHR Extension: (Google Wallet) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-24]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-07]
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2014-07-22] (SUPERAntiSpyware.com)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-07] (AVAST Software)
S4 Compaq_RBA; C:\Program Files\compaq\Compaq Advisor\bin\compaq-rba.exe [262144 2002-05-17] (NeoPlanet) [File not signed]
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [161664 2011-10-25] (Oracle Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [652872 2011-12-24] (Malwarebytes Corporation)
R2 Net Driver HPZ12; C:\WINDOWS\system32\HPZinw12.dll [43520 2008-02-28] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [53248 2008-02-28] (Hewlett-Packard) [File not signed]
R2 UPHClean; C:\Program Files\UPHClean\uphclean.exe [399872 2010-09-13] (Windows ® Codename Longhorn DDK provider) [File not signed]
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 ALCXWDM; C:\WINDOWS\System32\drivers\ALCXWDM.SYS [2279424 2004-10-01] (Realtek Semiconductor Corp.)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [70384 2014-12-07] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55240 2014-12-07] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [787800 2014-12-07] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [423784 2014-12-07] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57928 2014-12-07] (AVAST Software)
R1 BANTExt; C:\WINDOWS\System32\Drivers\BANTExt.sys [3840 2011-08-09] () [File not signed]
S3 Dot4Print HPH11; C:\WINDOWS\System32\DRIVERS\hphipr11.sys [16112 2002-05-24] (HP)
S3 Dot4Usb HPH11; C:\WINDOWS\System32\drivers\hphius11.sys [18928 2002-05-24] (HP)
R0 drvmcdb; C:\WINDOWS\System32\drivers\drvmcdb.sys [81552 2002-06-05] (VERITAS Software, Inc.) [File not signed]
R2 drvnddm; C:\WINDOWS\System32\drivers\drvnddm.sys [40368 2002-06-06] (VERITAS Software, Inc.) [File not signed]
R3 eaps2kbd; C:\WINDOWS\System32\DRIVERS\eaps2kbd.sys [24035 2001-12-28] (Compaq Computer Corp.)
R1 EAWDMFD; C:\WINDOWS\System32\DRIVERS\eawdmfd.sys [24348 1999-10-30] (Compaq Computer Corporation)
S3 i81x; C:\WINDOWS\System32\DRIVERS\i81xnt5.sys [158140 2001-08-08] (Intel® Corporation)
S3 iAimFP0; C:\WINDOWS\System32\DRIVERS\wADV01nt.sys [12479 2001-08-08] (Intel® Corporation)
S3 iAimFP1; C:\WINDOWS\System32\DRIVERS\wADV02NT.sys [12031 2001-08-08] (Intel® Corporation)
S3 iAimFP2; C:\WINDOWS\System32\DRIVERS\wADV05NT.sys [11679 2001-08-08] (Intel® Corporation)
S3 iAimFP3; C:\WINDOWS\System32\DRIVERS\wSiINTxx.sys [11999 2001-08-08] (Intel® Corporation)
S3 iAimFP4; C:\WINDOWS\System32\DRIVERS\wVchNTxx.sys [19359 2001-08-08] (Intel® Corporation)
S3 iAimTV0; C:\WINDOWS\System32\DRIVERS\wATV01nt.sys [29215 2001-08-08] (Intel® Corporation)
S3 iAimTV1; C:\WINDOWS\System32\DRIVERS\wATV02NT.sys [19199 2001-08-08] (Intel® Corporation)
S3 iAimTV3; C:\WINDOWS\System32\DRIVERS\wATV04nt.sys [33503 2001-08-08] (Intel® Corporation)
S3 iAimTV4; C:\WINDOWS\System32\DRIVERS\wCh7xxNT.sys [23519 2001-08-08] (Intel® Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [20464 2011-12-10] (Malwarebytes Corporation) [File not signed]
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\mbamswissarmy.sys [40776 2014-12-04] (Malwarebytes Corporation)
R0 PxHelp20; C:\WINDOWS\System32\DRIVERS\PxHelp20.sys [16288 2002-04-18] (VERITAS Software, Inc.) [File not signed]
R3 rtl8139; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [20992 2004-08-03] (Realtek Semiconductor Corporation)
S3 S3Psddr; C:\WINDOWS\System32\DRIVERS\s3gnbm.sys [155008 2002-07-13] (S3 Graphics, Inc.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 sscdbhk5; C:\WINDOWS\System32\drivers\sscdbhk5.sys [5589 2002-06-19] (VERITAS Software, Inc.) [File not signed]
R1 ssrtln; C:\WINDOWS\System32\drivers\ssrtln.sys [22995 2002-06-19] (VERITAS Software, Inc.) [File not signed]
R2 tfsnboio; C:\WINDOWS\System32\dla\tfsnboio.sys [23701 2002-07-16] (VERITAS Software, Inc.) [File not signed]
R2 tfsncofs; C:\WINDOWS\System32\dla\tfsncofs.sys [34805 2002-07-16] (VERITAS Software, Inc.) [File not signed]
R2 tfsndrct; C:\WINDOWS\System32\dla\tfsndrct.sys [4117 2002-07-16] (VERITAS Software, Inc.) [File not signed]
R2 tfsndres; C:\WINDOWS\System32\dla\tfsndres.sys [2201 2002-07-16] (VERITAS Software, Inc.) [File not signed]
R2 tfsnifs; C:\WINDOWS\System32\dla\tfsnifs.sys [54900 2002-07-16] (VERITAS Software, Inc.) [File not signed]
R2 tfsnopio; C:\WINDOWS\System32\dla\tfsnopio.sys [14421 2002-07-16] (VERITAS Software, Inc.) [File not signed]
R2 tfsnpool; C:\WINDOWS\System32\dla\tfsnpool.sys [6325 2002-07-16] (VERITAS Software, Inc.) [File not signed]
R2 tfsnudf; C:\WINDOWS\System32\dla\tfsnudf.sys [91156 2002-07-16] (VERITAS Software, Inc.) [File not signed]
R2 tfsnudfa; C:\WINDOWS\System32\dla\tfsnudfa.sys [95125 2002-07-16] (VERITAS Software, Inc.) [File not signed]
S3 wandrv; C:\WINDOWS\System32\DRIVERS\wandrv.sys [22608 2001-08-10] (America Online, Inc.)
S1 {6080A529-897E-4629-A488-ABA0C29B635E}; C:\WINDOWS\System32\drivers\ialmsbw.sys [90336 2002-05-22] (Intel Corporation)
S3 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91}; C:\WINDOWS\System32\drivers\ialmkchw.sys [69504 2002-05-22] (Intel Corporation)
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
2014-12-08 17:59 - 2014-12-08 18:00 - 00021396 _____ () C:\Documents and Settings\Owner\Desktop\FRST.txt
2014-12-08 17:58 - 2014-12-08 17:55 - 01111040 _____ (Farbar) C:\Documents and Settings\Owner\Desktop\FRST.exe
2014-12-08 17:25 - 2014-12-08 17:25 - 00000316 _____ () C:\WINDOWS\Tasks\HP WEP.job
2014-12-07 21:59 - 2014-12-07 22:00 - 00395363 _____ () C:\Documents and Settings\Owner\Desktop\YOUR-PA86Z1I3G7.txt
2014-12-07 21:55 - 2014-12-07 21:55 - 00002358 _____ () C:\Documents and Settings\Owner\Desktop\VEW.txt
2014-12-07 21:20 - 2014-12-07 21:20 - 00005212 _____ () C:\Documents and Settings\Owner\Desktop\procexp.TXT
2014-12-07 21:20 - 2014-12-07 14:33 - 00061440 _____ ( ) C:\Documents and Settings\Owner\Desktop\VEW.exe
2014-12-07 21:15 - 2014-12-07 14:33 - 02480312 _____ (Sysinternals - www.sysinternals.com) C:\Documents and Settings\Owner\Desktop\procexp.exe
2014-12-07 20:26 - 2014-12-07 20:26 - 00000000 ____D () C:\Documents and Settings\Owner\Application Data\AVAST Software
2014-12-07 18:49 - 2014-12-07 18:49 - 00001797 _____ () C:\Documents and Settings\All Users\Desktop\Avast Free Antivirus.lnk
2014-12-07 18:49 - 2014-12-07 18:49 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\AVAST Software
2014-12-07 18:48 - 2014-12-08 17:26 - 00000362 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2014-12-07 18:48 - 2014-12-07 18:48 - 00423784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2014-12-07 18:48 - 2014-12-07 18:47 - 00206248 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-12-07 18:48 - 2014-12-07 18:47 - 00070384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-12-07 18:48 - 2014-12-07 18:47 - 00057928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2014-12-07 18:48 - 2014-12-07 18:47 - 00055240 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2014-12-07 18:48 - 2014-12-07 18:47 - 00049944 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-12-07 18:48 - 2014-12-07 18:47 - 00024184 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-12-07 18:47 - 2014-12-07 18:49 - 00787800 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2014-12-07 18:47 - 2014-12-07 18:47 - 00291352 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-12-07 18:47 - 2014-12-07 18:47 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-12-07 18:45 - 2014-12-07 18:45 - 00000000 ____D () C:\Program Files\AVAST Software
2014-12-07 14:31 - 2014-12-07 14:33 - 132469808 _____ (AVAST Software) C:\Documents and Settings\All Users\Desktop\avast_free_antivirus_setup (1).exe
2014-12-05 21:44 - 2014-12-05 21:44 - 00046178 _____ () C:\Documents and Settings\Owner\Desktop\Extras.Txt
2014-12-05 21:43 - 2014-12-05 21:43 - 00069294 _____ () C:\Documents and Settings\Owner\Desktop\OTL.Txt
2014-12-05 21:34 - 2014-12-05 21:34 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\Owner\Desktop\OTL.exe
2014-12-04 22:59 - 2014-12-04 22:59 - 00000000 ____D () C:\Documents and Settings\Owner\Application Data\SUPERAntiSpyware.com
2014-12-04 22:35 - 2014-12-07 18:38 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-12-04 22:35 - 2014-12-04 22:35 - 00001744 _____ () C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
2014-12-04 22:35 - 2014-12-04 22:35 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware
2014-12-04 22:35 - 2014-12-04 22:35 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2014-12-03 23:27 - 2014-12-04 21:22 - 00040776 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2014-12-03 21:53 - 2014-12-03 21:53 - 00147514 _____ () C:\Documents and Settings\Owner\Desktop\cc_20141203_215310.reg
2014-11-25 15:30 - 2014-11-25 15:23 - 00615062 _____ () C:\Documents and Settings\Owner\Desktop\BECKY1.TXT
2014-11-25 15:30 - 2014-11-25 15:22 - 01358890 _____ () C:\Documents and Settings\Owner\Desktop\BECKY.TXT
2014-12-08 18:00 - 2011-10-23 17:02 - 00000422 ____H () C:\WINDOWS\Tasks\User_Feed_Synchronization-{F88E048E-B866-4852-A9E1-B67483BEB339}.job
2014-12-08 18:00 - 2011-10-19 20:27 - 00000000 ____D () C:\Documents and Settings\Owner\Local Settings\temp
2014-12-08 17:24 - 2011-10-07 10:23 - 01638728 _____ () C:\WINDOWS\WindowsUpdate.log
2014-12-08 17:20 - 2011-08-27 09:21 - 00000886 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-08 17:19 - 2013-02-04 07:29 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-12-08 17:14 - 2011-08-27 09:21 - 00000882 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-08 17:14 - 2002-11-13 17:37 - 00000191 _____ () C:\WINDOWS\system\hpsysdrv.DAT
2014-12-08 17:14 - 2002-08-01 21:32 - 00012598 _____ () C:\WINDOWS\system32\wpa.dbl
2014-12-08 17:13 - 2014-04-09 08:09 - 00000222 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2014-12-07 23:26 - 2011-10-23 21:17 - 00001024 ____H () C:\WINDOWS\system32\default_user_class.dat.LOG
2014-12-07 23:26 - 2002-08-01 21:51 - 00000178 ___SH () C:\Documents and Settings\Owner\ntuser.ini
2014-12-07 21:14 - 2011-09-26 08:22 - 00000778 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
2014-12-07 21:14 - 2008-12-17 09:47 - 00000778 _____ () C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
2014-12-07 20:28 - 2011-10-25 20:02 - 00000000 ____D () C:\Documents and Settings\Owner\Local Settings\Application Data\Temp
2014-12-07 18:45 - 2011-10-07 11:46 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVAST Software
2014-12-07 14:40 - 2011-10-05 15:06 - 00001945 _____ () C:\WINDOWS\epplauncher.mif
2014-12-07 14:04 - 2011-10-19 20:27 - 00000000 ____D () C:\Documents and Settings\NetworkService\Local Settings\temp
2014-12-03 23:24 - 2002-01-01 00:25 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-12-03 23:22 - 2002-01-01 00:25 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
2014-12-03 22:50 - 2002-08-01 14:37 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-12-03 22:20 - 2011-11-17 15:21 - 00000000 ____D () C:\Program Files\QuickTime
2014-12-03 22:02 - 2004-01-14 16:49 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AOL
2014-12-03 22:02 - 2002-11-26 21:34 - 00000000 ____D () C:\Program Files\Common Files\AOL
2014-12-03 21:37 - 2003-09-15 09:17 - 00000000 __SHD () C:\Documents and Settings\Owner\UserData
2014-12-03 21:37 - 2002-08-01 21:51 - 00000000 ____D () C:\Documents and Settings\Owner
2014-12-02 11:13 - 2002-08-01 21:42 - 00000000 ____D () C:\WINDOWS\system32\FxsTmp
2014-11-26 12:19 - 2011-08-27 09:23 - 00001879 _____ () C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
2014-11-26 05:20 - 2013-02-04 07:29 - 00701104 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-11-26 05:20 - 2011-08-27 09:19 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-11-20 11:31 - 2002-08-01 14:37 - 00527394 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-11-15 03:11 - 2005-05-21 14:31 - 100445232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-11-08 15:00 - 2014-04-09 08:09 - 00000216 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 08-12-2014
Ran by Owner at 2014-12-08 18:03:37
Running from C:\Documents and Settings\Owner\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Disabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
32 Bit HP CIO Components Installer (Version: 2.1.4 - Hewlett-Packard) Hidden
Actinic Catalog 3 (HKLM\...\Actinic Catalog v3) (Version: 3.10.1.0.1.9INB - Actinic Software Ltd.)
Actiontec USB/Ethernet Home DSL Modem (HKLM\...\{9692FD03-6662-4E62-B08C-30DFF51651E1}) (Version: - )
Adobe Download Manager 2.0 (Remove Only) (HKLM\...\AdobeESD) (Version: 2.0 - )
Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Adobe® Photoshop® Album Starter Edition 3.0 (HKLM\...\{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}) (Version: 3.0.1 - Adobe Systems, Inc.)
Adobe® Photoshop® Album Starter Edition 3.0.1 (HKLM\...\{C9618743-1A5C-461E-91C4-E013A3D70F3C}) (Version: 3.0.1 - Adobe Systems, Inc.)
Auslogics Disk Defrag (HKLM\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: version 3.3 - Auslogics Software Pty Ltd)
Avast Free Antivirus (HKLM\...\Avast) (Version: 10.0.2208 - AVAST Software)
Belarc Advisor 8.2 (HKLM\...\Belarc Advisor) (Version: 8.2.6.0 - Belarc Inc.)
BufferChm (Version: 110.0.180.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.12 - Piriform)
Coloreal (HKLM\...\{BDE90251-93EB-4F6A-89D8-086E2D91DC56}) (Version: - )
Compaq Advisor (HKLM\...\{C4C1AFCD-2C72-48B4-AE2E-A7354A525E87}) (Version: - )
Corel WinDVD (Version: 11 - Corel Inc.) Hidden
Corel WinDVD Pro 11 (HKLM\...\_{991D8429-CFD9-48D9-BD85-6EDD3007B5A9}) (Version: 11.0.0.289 - Corel Inc.)
Coupon Printer for Windows (HKLM\...\Coupon Printer for Windows4.0) (Version: 4.0 - Coupons, Inc.) <==== ATTENTION
Crystal Reports for PFW (HKLM\...\{7699B723-9718-41DE-8C18-549F341C02CE}) (Version: 8.5.0.2175 - Seagate Software, Inc.)
DLA (HKLM\...\{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}) (Version: 3.50 - VERITAS Software)
Easy Access Button Support (HKLM\...\{93539D60-1817-11D1-9504-00805F26A89C}) (Version: - )
ERUNT 1.1j (HKLM\...\ERUNT_is1) (Version: - Lars Hederer)
FileHippo.com Update Checker (HKLM\...\FileHippo.com) (Version: - )
Google Chrome (HKLM\...\Google Chrome) (Version: 39.0.2171.71 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
HP LaserJet P1500 series (HKLM\...\HP LaserJet P1500 series) (Version: - )
HP Photosmart C5500 All-In-One Driver Software 11.0 Rel .4 (HKLM\...\{8A558B0C-541D-47e0-A177-8635CE723B07}) (Version: 11.0 - HP)
HPCarePackCore (HKLM\...\{7B02BF60-796D-4616-908B-B31A63CFDEFB}) (Version: 10.0.0.1 - Hewlett-Packard)
HPCarePackProducts (Version: 1.0.0.1 - HP) Hidden
hppMSRedist (Version: 1.00.0000 - Hewlett-Packard) Hidden
hppusgP1500 (Version: 000.000.00003 - Hewlett-Packard) Hidden
HPSSupply (HKLM\...\{7902E313-FF0F-4493-ACB1-A8147B78DCD0}) (Version: 2.1.1.0000 - Hewlett Packard Development Company L.P.)
ICA (Version: 1.0 - Corel Inc.) Hidden
Inactive HP Printer Drivers (Remove only) (HKLM\...\Inactive HP Printer Drivers (Remove only)) (Version: - )
Intel® Extreme Graphics Driver (HKLM\...\{8A708DD8-A5E6-11D4-A706-000629E95E20}) (Version: - )
InterVideo WinDVD (HKLM\...\{C1939820-A945-11D4-86F6-0001031E5712}) (Version: - InterVideo Inc.)
IPM (Version: 1.00.0000 - Corel Inc.) Hidden
Java 2 Runtime Environment Standard Edition v1.3.1 (HKLM\...\JRE 1.3.1) (Version: - )
Java 6 Update 13 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216012FF}) (Version: 6.0.130 - Sun Microsystems, Inc.)
Java 6 Update 7 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160070}) (Version: 1.6.0.70 - Sun Microsystems, Inc.)
Java 7 Update 1 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217001FF}) (Version: 7.0.10 - Oracle)
Learn2 Player (Uninstall Only) (HKLM\...\StreetPlugin) (Version: - )
Macromedia Dreamweaver MX (HKLM\...\{8B4AB829-DFD3-436D-B808-D9733D76C590}) (Version: 6.0 - Macromedia)
Macromedia Extension Manager (HKLM\...\{A5BA14E0-7384-11D4-BAE7-00409631A2C8}) (Version: 1.5 - Macromedia)
Malwarebytes Anti-Malware version 1.60.0.1800 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.60.0.1800 - Malwarebytes Corporation)
MarketResearch (Version: 90.0.146.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version: - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Works 6.0 (HKLM\...\{A1B7B9B3-E1D2-41CA-9B4A-F18DC2710704}) (Version: 06.00.0000 - Microsoft Corporation)
Move Media Player (HKU\S-1-5-21-2234620177-1887795725-650978795-1003\...\Move Media Player) (Version: - Move Networks)
Mozilla Firefox 32.0.3 (x86 en-US) (HKLM\...\Mozilla Firefox 32.0.3 (x86 en-US)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 6.0 Parser (KB933579) (HKLM\...\{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}) (Version: 6.10.1200.0 - Microsoft Corporation)
OpenOffice.org 3.3 (HKLM\...\{ED23E382-E5E3-4E21-B616-01FC59A40916}) (Version: 3.3.9567 - OpenOffice.org)
Pervasive.SQL 2000 Client (SP3) (HKLM\...\Pervasive.SQL 2000 Client) (Version: - )
PFW File Associations (HKLM\...\PFW95Files) (Version: - )
Photosmart 130,230,7150,7345,7350,7550 (Remove only) (HKLM\...\hphuni04) (Version: - )
Platinum for Windows by Best (HKLM\...\Platinum for Windows by Best) (Version: - )
PS_AIO_04_C5500_Software (Version: 110.0.209.000 - Hewlett-Packard) Hidden
PS_AIO_04_C5500_Software_Min (Version: 110.0.209.000 - Hewlett-Packard) Hidden
Python 2.2 combined Win32 extensions (HKLM\...\Python 2.2 combined Win32 extensions) (Version: - )
Python 2.2.1 (HKLM\...\Python 2.2.1) (Version: 2.2.1 - PythonLabs at Zope Corporation)
RealOne Player (HKLM\...\RealPlayer 6.0) (Version: - )
RecordNow (HKLM\...\{8214CC02-6271-4DC8-B8DD-779933450264}) (Version: 4.10 - VERITAS Software)
RecordNow Update Manager (HKLM\...\{09DA4F91-2A09-4232-AB8C-6BC740096DE3}) (Version: 2.70 - VERITAS Software)
S3Display (HKLM\...\S3Display) (Version: - )
S3Gamma2 (HKLM\...\S3Gamma2) (Version: - )
S3Info2 (HKLM\...\S3Info2) (Version: - )
S3Overlay (HKLM\...\S3Overlay) (Version: - )
Scan (Version: 11.0.0.0 - Hewlett-Packard) Hidden
Setup (Version: 11.0 - Corel Inc.) Hidden
Shipping Assistant 3.6 (HKLM\...\{15C77FC3-8137-4A5E-8F81-F559045DD6B0}) (Version: 3.6.80.0 - United States Postal Service)
Simple Adblock (HKLM\...\{54B19DCE-232F-45A3-80D9-2141DEDF6D8F}) (Version: 1.1.0 - Simple Adblock)
SpywareBlaster 4.4 (HKLM\...\SpywareBlaster_is1) (Version: 4.4.0 - Javacool Software LLC)
SpywareGuard v2.2 (HKLM\...\SpywareGuard_is1) (Version: 2.2 - Javacool Software LLC)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1164 - SUPERAntiSpyware.com)
Toolbox (Version: 110.0.180.000 - Hewlett-Packard) Hidden
UnloadSupport (Version: 11.0.0 - Hewlett-Packard) Hidden
User Profile Hive Cleanup Service (HKLM\...\{7D15B945-2725-4443-AB3F-D900556612FE}) (Version: 1.6.36 - Microsoft Corporation)
WebFldrs XP (Version: 9.50.5318 - Microsoft Corporation) Hidden
WebReg (Version: 110.0.180.000 - Hewlett-Packard) Hidden
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)
Windows Imaging Component (HKLM\...\WIC) (Version: 3.0.0.0 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Live Upload Tool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - )
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
Works Suite OS Pack (Version: 1.0.0.0000 - Microsoft Corporation) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-2234620177-1887795725-650978795-1003_Classes\CLSID\{e3e02f12-2adb-478c-8742-5f0819f9f0f4}\InprocServer32 -> C:\Documents and Settings\Owner\Application Data\Move Networks\plugins\npqmp071503000010.dll (Move Networks)
CustomCLSID: HKU\S-1-5-21-2234620177-1887795725-650978795-1003_Classes\CLSID\{e473a65c-8087-49a3-affd-c5bc4a10669b}\InprocServer32 -> C:\Documents and Settings\Owner\Application Data\Move Networks\plugins\npqmp071503000010.dll (Move Networks)
CustomCLSID: HKU\S-1-5-21-2234620177-1887795725-650978795-1003_Classes\CLSID\{fc345d4c-b8f4-4674-bff7-3c37d2e535ee}\InprocServer32 -> C:\Documents and Settings\Owner\Application Data\Move Networks\plugins\npqmp071503000010.dll (Move Networks)
CustomCLSID: HKU\S-1-5-21-2234620177-1887795725-650978795-1003_Classes\CLSID\{fd6484ed-ebe3-4c3d-938a-8238003b41b7}\InprocServer32 -> C:\Documents and Settings\Owner\Application Data\Move Networks\plugins\npqmp071503000010.dll (Move Networks)
==================== Restore Points =========================
24-10-2014 20:10:21 Software Distribution Service 3.0
25-10-2014 20:10:06 Software Distribution Service 3.0
26-10-2014 20:10:22 Software Distribution Service 3.0
27-10-2014 06:14:35 Software Distribution Service 3.0
27-10-2014 20:10:12 Software Distribution Service 3.0
28-10-2014 21:49:59 System Checkpoint
28-10-2014 22:49:39 Software Distribution Service 3.0
29-10-2014 23:21:33 System Checkpoint
29-10-2014 23:23:16 Software Distribution Service 3.0
31-10-2014 00:21:49 System Checkpoint
31-10-2014 01:12:30 Software Distribution Service 3.0
31-10-2014 23:23:04 Software Distribution Service 3.0
01-11-2014 23:47:16 Software Distribution Service 3.0
02-11-2014 23:35:15 Software Distribution Service 3.0
03-11-2014 10:09:58 Software Distribution Service 3.0
04-11-2014 00:14:40 Software Distribution Service 3.0
05-11-2014 00:42:05 System Checkpoint
06-11-2014 01:13:00 System Checkpoint
06-11-2014 01:56:08 Software Distribution Service 3.0
06-11-2014 23:58:07 Software Distribution Service 3.0
08-11-2014 00:22:44 System Checkpoint
08-11-2014 00:53:13 Software Distribution Service 3.0
09-11-2014 00:13:28 Software Distribution Service 3.0
10-11-2014 00:21:48 Software Distribution Service 3.0
10-11-2014 09:59:24 Software Distribution Service 3.0
11-11-2014 11:14:41 System Checkpoint
12-11-2014 00:17:21 Software Distribution Service 3.0
13-11-2014 00:57:43 System Checkpoint
13-11-2014 04:52:14 Software Distribution Service 3.0
14-11-2014 05:11:36 Software Distribution Service 3.0
14-11-2014 20:28:31 Software Distribution Service 3.0
15-11-2014 08:06:20 Software Distribution Service 3.0
15-11-2014 21:06:45 Software Distribution Service 3.0
16-11-2014 21:22:06 Software Distribution Service 3.0
17-11-2014 12:12:04 Software Distribution Service 3.0
17-11-2014 21:35:04 Software Distribution Service 3.0
18-11-2014 22:18:20 System Checkpoint
19-11-2014 20:26:36 Software Distribution Service 3.0
20-11-2014 22:43:56 System Checkpoint
21-11-2014 16:20:03 Software Distribution Service 3.0
22-11-2014 16:33:06 Software Distribution Service 3.0
23-11-2014 16:53:36 System Checkpoint
23-11-2014 18:32:20 Software Distribution Service 3.0
24-11-2014 09:13:08 Software Distribution Service 3.0
24-11-2014 16:45:41 Software Distribution Service 3.0
25-11-2014 16:55:35 System Checkpoint
25-11-2014 17:59:51 Software Distribution Service 3.0
26-11-2014 17:41:54 Software Distribution Service 3.0
27-11-2014 20:07:32 Software Distribution Service 3.0
28-11-2014 16:27:03 Software Distribution Service 3.0
29-11-2014 17:26:24 System Checkpoint
29-11-2014 19:33:16 Software Distribution Service 3.0
30-11-2014 20:22:45 Software Distribution Service 3.0
01-12-2014 07:17:00 Software Distribution Service 3.0
01-12-2014 19:39:47 Software Distribution Service 3.0
04-12-2014 00:18:26 System Checkpoint
04-12-2014 03:09:46 Removed Apple Application Support
04-12-2014 03:12:56 Removed Apple Software Update
04-12-2014 03:19:23 Removed QuickTime
04-12-2014 03:50:31 Removed Windows Live Sign-in Assistant
05-12-2014 05:25:43 System Checkpoint
06-12-2014 01:49:04 Software Distribution Service 3.0
07-12-2014 18:45:11 Software Distribution Service 3.0
07-12-2014 23:45:09 avast! antivirus system restore point
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2011-10-06 11:38 - 2011-10-07 10:24 - 00000027 ____N C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HP WEP.job => C:\Program Files\HP\Dfawep\bin\hpbdfawep.exeOwner$Task for execution of hpbdfawep.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Registration reminder 1.job => C:\WINDOWS\System32\OOBE\oobebaln.exe
Task: C:\WINDOWS\Tasks\Registration reminder 2.job => C:\WINDOWS\System32\OOBE\oobebaln.exe
Task: C:\WINDOWS\Tasks\Registration reminder 3.job => C:\WINDOWS\System32\OOBE\oobebaln.exe
Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{F88E048E-B866-4852-A9E1-B67483BEB339}.job => C:\WINDOWS\system32\msfeedssync.exe
==================== Loaded Modules (whitelisted) =============
2014-12-08 17:19 - 2014-12-08 17:19 - 02905088 _____ () C:\Program Files\AVAST Software\Avast\defs\14120801\algo.dll
2003-08-02 23:20 - 2003-08-02 22:20 - 00126976 ____R () C:\Program Files\SpywareGuard\spywareguard.dll
2002-08-02 00:19 - 1998-12-21 03:35 - 00024576 _____ () C:\Program Files\Compaq\Easy Access Button Support\BttnSeps.dll
2014-12-07 18:47 - 2014-12-07 18:47 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2004-08-04 07:00 - 2008-04-13 19:11 - 00059904 _____ () C:\WINDOWS\system32\devenum.dll
2004-08-04 07:00 - 2008-04-13 19:11 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2014-11-26 11:18 - 2014-11-25 01:39 - 09009480 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.71\pdf.dll
2014-11-26 11:15 - 2014-11-25 01:39 - 01677128 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.71\ffmpegsumo.dll
2014-11-26 11:20 - 2014-11-25 01:39 - 14910280 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.71\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\WINDOWS\$NtUninstallKB41753$:SummaryInformation
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk => C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^America Online 9.0 Tray Icon.lnk => C:\WINDOWS\pss\America Online 9.0 Tray Icon.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^AOL Companion.lnk => C:\WINDOWS\pss\AOL Companion.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^Owner^Start Menu^Programs^Startup^ERUNT AutoBackup.lnk => C:\WINDOWS\pss\ERUNT AutoBackup.lnkStartup
MSCONFIG\startupfolder: C:^Documents and Settings^Owner^Start Menu^Programs^Startup^OpenOffice.org 3.0.lnk => C:\WINDOWS\pss\OpenOffice.org 3.0.lnkStartup
MSCONFIG\startupfolder: C:^Documents and Settings^Owner^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk => C:\WINDOWS\pss\OpenOffice.org 3.3.lnkStartup
MSCONFIG\startupfolder: C:^Documents and Settings^Owner^Start Menu^Programs^Startup^SpywareGuard.lnk => C:\WINDOWS\pss\SpywareGuard.lnkStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Photo Downloader => "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: FileHippo.com => "C:\Program Files\FileHippo.com\UpdateChecker.exe" /background
MSCONFIG\startupreg: HostManager => C:\Program Files\Common Files\AOL\1187716252\ee\AOLSoftware.exe
MSCONFIG\startupreg: HPDJ Taskbar Utility => C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
MSCONFIG\startupreg: HPHmon04 => C:\WINDOWS\System32\hphmon04.exe
MSCONFIG\startupreg: IgfxTray => C:\WINDOWS\system32\igfxtray.exe
MSCONFIG\startupreg: Malwarebytes' Anti-Malware => "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
MSCONFIG\startupreg: Microsoft Works Update Detection => c:\Program Files\Microsoft Works\WkDetect.exe
MSCONFIG\startupreg: MSC => "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
MSCONFIG\startupreg: MSMSGS => "C:\Program Files\Messenger\msmsgs.exe" /background
MSCONFIG\startupreg: msnmsgr => "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Recguard => C:\WINDOWS\SMINST\RECGUARD.EXE
MSCONFIG\startupreg: srmclean => C:\Cpqs\Scom\srmclean.exe
MSCONFIG\startupreg: StorageGuard => "C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
MSCONFIG\startupreg: TkBellExe => C:\Program Files\Common Files\Real\Update_OB\evntsvc.exe -osboot
MSCONFIG\startupreg: updateMgr => "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
========================= Accounts: ==========================
Administrator (S-1-5-21-2234620177-1887795725-650978795-500 - Administrator - Enabled)
ASPNET (S-1-5-21-2234620177-1887795725-650978795-1006 - Limited - Enabled)
Guest (S-1-5-21-2234620177-1887795725-650978795-501 - Limited - Disabled)
HelpAssistant (S-1-5-21-2234620177-1887795725-650978795-1005 - Limited - Disabled)
LogMeInRemoteUser (S-1-5-21-2234620177-1887795725-650978795-1007 - Administrator - Enabled)
Owner (S-1-5-21-2234620177-1887795725-650978795-1003 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Owner
SUPPORT_388945a0 (S-1-5-21-2234620177-1887795725-650978795-1002 - Limited - Disabled)
SUPPORT_b326ad0c (S-1-5-21-2234620177-1887795725-650978795-1004 - Limited - Disabled)
==================== Faulty Device Manager Devices =============
Name: Compaq Easy Access PS2 Internet Keyboard
Description: Compaq Easy Access PS2 Internet Keyboard
Class Guid: {4D36E96B-E325-11CE-BFC1-08002BE10318}
Manufacturer: Compaq Computer Corporation
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (12/08/2014 05:12:52 PM) (Source: AutoEnrollment) (EventID: 15) (User: )
Description: Automatic certificate enrollment for local system failed to contact the active directory (0x8007054b). The specified domain either does not exist or could not be contacted.
Enrollment will not be performed.
Error: (12/08/2014 05:12:50 PM) (Source: Userenv) (EventID: 1054) (User: NT AUTHORITY)
Description: Windows cannot obtain the domain controller name for your computer network. (The specified domain either does not exist or could not be contacted. ). Group Policy processing aborted.
Error: (12/07/2014 09:24:57 PM) (Source: AutoEnrollment) (EventID: 15) (User: )
Description: Automatic certificate enrollment for local system failed to contact the active directory (0x8007054b). The specified domain either does not exist or could not be contacted.
Enrollment will not be performed.
Error: (12/07/2014 09:24:48 PM) (Source: Userenv) (EventID: 1054) (User: NT AUTHORITY)
Description: Windows cannot obtain the domain controller name for your computer network. (The specified domain either does not exist or could not be contacted. ). Group Policy processing aborted.
System errors:
=============
Error: (12/08/2014 05:13:55 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
viaagp1
Error: (12/08/2014 05:13:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The LogMeIn Kernel Information Provider service failed to start due to the following error:
%%3
Error: (12/08/2014 05:12:51 PM) (Source: NETLOGON) (EventID: 5719) (User: )
Description: No Domain Controller is available for domain AD due to the following:
%%1311.
Make sure that the computer is connected to the network and try
again. If the problem persists, please contact your domain administrator.
Error: (12/07/2014 09:26:02 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
viaagp1
Error: (12/07/2014 09:26:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The LogMeIn Kernel Information Provider service failed to start due to the following error:
%%3
Error: (12/07/2014 09:24:47 PM) (Source: NETLOGON) (EventID: 5719) (User: )
Description: No Domain Controller is available for domain AD due to the following:
%%1311.
Make sure that the computer is connected to the network and try
again. If the problem persists, please contact your domain administrator.
Error: (12/07/2014 09:24:32 PM) (Source: 0) (EventID: 1) (User: )
Description: 0xC0000001HarddiskVolume1
Microsoft Office Sessions:
=========================
Error: (12/08/2014 05:12:52 PM) (Source: AutoEnrollment) (EventID: 15) (User: )
Description: local system0x8007054bThe specified domain either does not exist or could not be contacted.
Error: (12/08/2014 05:12:50 PM) (Source: Userenv) (EventID: 1054) (User: NT AUTHORITY)
Description: The specified domain either does not exist or could not be contacted.
Error: (12/07/2014 09:24:57 PM) (Source: AutoEnrollment) (EventID: 15) (User: )
Description: local system0x8007054bThe specified domain either does not exist or could not be contacted.
Error: (12/07/2014 09:24:48 PM) (Source: Userenv) (EventID: 1054) (User: NT AUTHORITY)
Description: The specified domain either does not exist or could not be contacted.
==================== Memory info ===========================
Processor: Intel® Pentium® 4 CPU 2.00GHz
Percentage of memory in use: 60%
Total physical RAM: 510.52 MB
Available physical RAM: 200.58 MB
Total Pagefile: 1248.48 MB
Available Pagefile: 695.87 MB
Total Virtual: 2047.88 MB
Available Virtual: 1945.43 MB
==================== Drives ================================
Drive c: (PRESARIO) (Fixed) (Total:55.93 GB) (Free:33.71 GB) NTFS ==>[Drive with boot components (Windows XP)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 55.9 GB) (Disk ID: FCB1EC06)
Partition 1: (Active) - (Size=55.9 GB) - (Type=07 NTFS)
==================== End Of Log ============================
OTL logfile created on: 12/8/2014 6:07:57 p. m. - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
510.52 Mb Total Physical Memory | 322.81 Mb Available Physical Memory | 63.23% Memory free
1.22 Gb Paging File | 0.99 Gb Available in Paging File | 81.27% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55.93 Gb Total Space | 33.71 Gb Free Space | 60.28% Space Free | Partition Type: NTFS
Computer Name: YOUR-PA86Z1I3G7 | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014/12/07 18:48:58 | 005,226,600 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\avastui.exe
PRC - [2014/12/07 18:47:19 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014/12/05 21:34:22 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
PRC - [2014/07/22 18:47:10 | 000,142,648 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2011/12/24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/10/25 06:07:55 | 000,161,664 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2010/09/13 19:02:44 | 000,399,872 | ---- | M] (Windows ® Codename Longhorn DDK provider) -- C:\Program Files\UPHClean\uphclean.exe
PRC - [2010/03/10 13:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/09/10 15:12:44 | 000,069,632 | ---- | M] (Software 2000 Limited) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\HP1006MC.EXE
PRC - [2002/06/17 20:14:38 | 000,090,112 | ---- | M] (Compaq) -- C:\Compaq\EAKDRV\EAUSBKBD.exe
PRC - [2002/04/14 06:29:58 | 000,438,272 | ---- | M] (Compaq Computer Corporation) -- C:\Program Files\compaq\Easy Access Button Support\CPQEADM.exe
PRC - [2001/12/15 00:01:24 | 000,032,768 | ---- | M] (Compaq Computer Corporation) -- C:\Program Files\compaq\Easy Access Button Support\STARTEAK.exe
PRC - [2001/03/23 21:34:10 | 000,122,880 | ---- | M] (Compaq Computer Corporation) -- C:\Program Files\compaq\Easy Access Button Support\BttnServ.exe
========== Modules (No Company Name) ==========
MOD - [2014/12/08 17:19:56 | 002,905,088 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\14120801\algo.dll
MOD - [2014/12/07 18:47:44 | 038,562,088 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2003/08/02 22:20:57 | 000,126,976 | R--- | M] () -- C:\Program Files\SpywareGuard\spywareguard.dll
MOD - [1998/12/21 03:35:36 | 000,024,576 | ---- | M] () -- C:\Program Files\compaq\Easy Access Button Support\BttnSeps.dll
========== Services (SafeList) ==========
SRV - [2014/12/07 18:47:19 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2014/11/26 05:20:34 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/10/01 14:14:22 | 000,114,288 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/07/22 18:47:10 | 000,142,648 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore.exe -- (!SASCORE)
SRV - [2011/12/24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/10/25 06:07:55 | 000,161,664 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2010/09/13 19:02:44 | 000,399,872 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Auto | Running] -- C:\Program Files\UPHClean\uphclean.exe -- (UPHClean)
SRV - [2010/03/10 13:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2002/05/24 12:46:14 | 000,077,824 | ---- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\hphipm11.exe -- (Pml Driver HPH11)
SRV - [2002/05/17 02:30:12 | 000,262,144 | ---- | M] (NeoPlanet) [Disabled | Stopped] -- C:\Program Files\compaq\Compaq Advisor\bin\compaq-rba.exe -- (Compaq_RBA)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\DRIVERS\wanatw4.sys -- (wanatw)
DRV - File not found [Kernel | Boot | Stopped] -- System32\DRIVERS\viaagp1.sys -- (viaagp1)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | Auto | Stopped] -- C:\Program Files\LogMeIn\x86\RaInfo.sys -- (LMIInfo)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\DRIVERS\wATV03nt.sys -- (iAimTV2)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\AMERIC~2.0\ATWPKT2.SYS -- (ATWPKT2)
DRV - [2014/12/07 18:49:01 | 000,787,800 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\aswsnx.sys -- (aswSnx)
DRV - [2014/12/07 18:48:56 | 000,423,784 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\aswsp.sys -- (aswSP)
DRV - [2014/12/07 18:47:49 | 000,206,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2014/12/07 18:47:49 | 000,070,384 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2014/12/07 18:47:49 | 000,057,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2014/12/07 18:47:49 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2014/12/07 18:47:49 | 000,024,184 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\aswHwid.sys -- (aswHwid)
DRV - [2014/12/07 18:47:48 | 000,055,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2014/12/04 21:22:55 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2011/12/10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/08/09 16:33:58 | 000,003,840 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\BANTExt.sys -- (BANTExt)
DRV - [2011/07/22 11:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 16:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/11/15 23:24:48 | 000,013,880 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\regi.sys -- (regi)
DRV - [2008/10/16 20:35:58 | 000,083,288 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2008/07/24 18:46:10 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2004/10/01 09:24:02 | 002,279,424 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM)
DRV - [2004/08/03 22:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139)
DRV - [2003/03/31 13:29:00 | 000,625,537 | ---- | M] (LT) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ltmdmnt.sys -- (ltmodem5)
DRV - [2002/07/13 06:27:04 | 000,155,008 | ---- | M] (S3 Graphics, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s3gnbm.sys -- (S3Psddr)
DRV - [2002/05/24 12:46:14 | 000,050,896 | ---- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hphid411.sys -- (Dot4 HPH11)
DRV - [2002/05/24 12:46:14 | 000,018,928 | ---- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hphius11.sys -- (Dot4Usb HPH11)
DRV - [2002/05/24 12:46:14 | 000,016,112 | ---- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hphipr11.sys -- (Dot4Print HPH11)
DRV - [2001/08/10 03:26:02 | 000,022,608 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wandrv.sys -- (wandrv)
DRV - [2001/08/08 15:13:36 | 000,158,140 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\i81xnt5.sys -- (i81x)
DRV - [2001/08/08 15:13:30 | 000,012,479 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV01nt.sys -- (iAimFP0)
DRV - [2001/08/08 15:13:30 | 000,012,031 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV02NT.sys -- (iAimFP1)
DRV - [2001/08/08 15:13:30 | 000,011,679 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV05NT.sys -- (iAimFP2)
DRV - [2001/08/08 15:13:28 | 000,019,359 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wVchNTxx.sys -- (iAimFP4)
DRV - [2001/08/08 15:13:28 | 000,011,999 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wSiINTxx.sys -- (iAimFP3)
DRV - [2001/08/08 15:13:26 | 000,033,503 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV04nt.sys -- (iAimTV3)
DRV - [2001/08/08 15:13:24 | 000,029,215 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV01nt.sys -- (iAimTV0)
DRV - [2001/08/08 15:13:24 | 000,023,519 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wCh7xxNT.sys -- (iAimTV4)
DRV - [2001/08/08 15:13:24 | 000,019,199 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV02NT.sys -- (iAimTV1)
DRV - [1999/10/30 00:35:08 | 000,024,348 | ---- | M] (Compaq Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\EAWDMFD.SYS -- (EAWDMFD)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {958A91A2-C0A5-4125-BE5C-0CC04963DADE}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Yahoo! (Avast)"
FF - prefs.js..browser.search.defaultenginename: "Yahoo! (Avast)"
FF - prefs.js..browser.search.defaultthis.engineName: "Yahoo! (Avast)"
FF - prefs.js..browser.search.order.1: "Yahoo! (Avast)"
FF - prefs.js..browser.search.selectedEngine: "Yahoo! (Avast)"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:32.0.3
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\Owner\Application Data\Move Networks\plugins\npqmp071503000010.dll (Move Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\Owner\Application Data\Move Networks\plugins\npqmp071503000010.dll (Move Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\
[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014/12/07 18:47:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 32.0.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2014/12/03 22:17:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 32.0.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014/12/03 22:17:45 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\
[email protected]: C:\Documents and Settings\Owner\Application Data\Move Networks [2009/09/24 08:05:47 | 000,000,000 | ---D | M]
[2008/12/17 09:48:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions
[2014/12/07 23:23:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\a7r646om.default\extensions
[2014/12/07 23:23:00 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\a7r646om.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2013/11/08 10:59:43 | 000,000,000 | ---D | M] ("AOL Toolbar") -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\a7r646om.default\extensions\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1}
[2014/12/07 23:22:54 | 000,979,699 | ---- | M] () (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\a7r646om.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/11/08 10:59:52 | 000,002,568 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\a7r646om.default\searchplugins\aol-search.xml
[2014/12/07 21:14:12 | 000,009,405 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\a7r646om.default\searchplugins\yahoo-avast.xml
[2014/10/01 14:08:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014/10/01 14:15:48 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014/10/01 14:08:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\distribution\extensions
[2014/10/01 14:08:37 | 000,000,000 | ---D | M] (AOL Toolbar) -- C:\Program Files\Mozilla Firefox\distribution\extensions\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1}
[2011/10/25 06:08:00 | 000,611,224 | ---- | M] (Oracle Corporation) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
========== Chrome ==========
CHR - default_search_provider: (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\39.0.2171.71\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Platform SE 6 U13 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\39.0.2171.71\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\39.0.2171.71\pdf.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Acrobat 7.0\Reader\Browser\nppdf32.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npMozCouponPrinter.dll
CHR - plugin: Microsoft® DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft® DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Move Streaming Media Player (Enabled) = C:\Documents and Settings\Owner\Application Data\Move Networks\plugins\npqmp071503000010.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: MetaStream 3 Plugin (Enabled) = C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - default_search_provider: 5E465C779E5DB8612D77535A0F1FB4C5C1FE0C4E799F16E184A78BC355CCE684 (Enabled)
CHR - default_search_provider: search_url = 19C3F72EEC30C07CD4FAC62A54F2DC900B6D7CDF568B4A95C70792A9B0D4F661
CHR - default_search_provider: suggest_url =
CHR - homepage: BA7925A63BFC82F1BB785872B440FF709DFC6795F046B640942C190250AED6BD
CHR - Extension: Google Voice Search Hotword (Beta) = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\
CHR - Extension: Avast Online Security = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.0.2502.149_0\
CHR - Extension: Google Wallet = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
O1 HOSTS File: ([2011/10/07 10:24:53 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (SpywareGuardDLBLOCK.CBrowserHelper) - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll ()
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SimpleAdblock Class) - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Common Files\Simple Adblock\SimpleAdblock.dll (Simple Adblock)
O3 - HKLM\..\Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CPQEASYACC] C:\Program Files\compaq\Easy Access Button Support\STARTEAK.exe (Compaq Computer Corporation)
O4 - HKLM..\Run: [hpbdfawep] C:\Program Files\HP\Dfawep\bin\hpbdfawep.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [WCOLOREAL] C:\Program Files\COMPAQ\Coloreal\coloreal.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: RemindU. - C:\Program Files\Upromise_Remind_U\UpromisesRemindU\UpromisetRemindU\uproC0.htm ()
O15 - HKCU\..Trusted Domains: ([]msn in My Computer)
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} Reg Error: Key error. (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.76.76 75.75.75.75
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = Ad.pewtarex.com
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{800B941B-1605-49D1-A59E-567F4C06CBA9}: DhcpNameServer = 75.75.76.76 75.75.75.75
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxsrvc.dll) - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O20 - Winlogon\Notify\LMIinit: DllName - (LMIinit.dll) - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {81559C35-8464-49F7-BB0E-07A383BEF910} - C:\Program Files\SpywareGuard\spywareguard.dll ()
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/05/29 11:35:32 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2002/08/01 21:46:53 | 000,000,000 | ---- | M] () - C:\autoexec.PU_ -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2014/12/08 17:58:54 | 000,000,000 | ---D | C] -- C:\FRST
[2014/12/08 17:58:10 | 001,111,040 | ---- | C] (Farbar) -- C:\Documents and Settings\Owner\Desktop\FRST.exe
[2014/12/07 21:15:18 | 002,480,312 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Documents and Settings\Owner\Desktop\procexp.exe
[2014/12/07 20:26:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\AVAST Software
[2014/12/07 18:49:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\jumpshot.com
[2014/12/07 18:49:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AVAST Software
[2014/12/07 18:48:05 | 000,057,928 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2014/12/07 18:48:04 | 000,423,784 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswsp.sys
[2014/12/07 18:48:03 | 000,070,384 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys
[2014/12/07 18:48:02 | 000,055,240 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2014/12/07 18:47:59 | 000,787,800 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswsnx.sys
[2014/12/07 18:47:54 | 000,291,352 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2014/12/07 18:47:46 | 000,043,152 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2014/12/07 18:45:09 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2014/12/07 14:31:00 | 132,469,808 | ---- | C] (AVAST Software) -- C:\Documents and Settings\All Users\Desktop\avast_free_antivirus_setup (1).exe
[2014/12/05 21:34:05 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2014/12/04 22:59:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\SUPERAntiSpyware.com
[2014/12/04 22:35:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware
[2014/12/04 22:35:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2014/12/04 22:35:03 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2014/12/03 23:27:05 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2014/12/03 21:37:32 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Owner\Recent
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014/12/08 18:20:03 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/12/08 18:19:02 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014/12/08 18:15:45 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{F88E048E-B866-4852-A9E1-B67483BEB339}.job
[2014/12/08 17:55:48 | 001,111,040 | ---- | M] (Farbar) -- C:\Documents and Settings\Owner\Desktop\FRST.exe
[2014/12/08 17:26:07 | 000,000,362 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2014/12/08 17:25:50 | 000,000,316 | ---- | M] () -- C:\WINDOWS\tasks\HP WEP.job
[2014/12/08 17:14:38 | 000,000,191 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.DAT
[2014/12/08 17:14:22 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/12/08 17:14:12 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014/12/08 17:13:51 | 000,000,222 | ---- | M] () -- C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Logon.job
[2014/12/08 17:12:29 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/12/08 17:12:27 | 535,392,256 | -HS- | M] () -- C:\hiberfil.sys
[2014/12/07 21:57:39 | 000,000,181 | ---- | M] () -- C:\WINDOWS\hpbafd.ini
[2014/12/07 21:14:15 | 000,000,778 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2014/12/07 18:49:12 | 000,001,797 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Avast Free Antivirus.lnk
[2014/12/07 18:49:01 | 000,787,800 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswsnx.sys
[2014/12/07 18:48:56 | 000,423,784 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswsp.sys
[2014/12/07 18:47:49 | 000,206,248 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2014/12/07 18:47:49 | 000,070,384 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys
[2014/12/07 18:47:49 | 000,057,928 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2014/12/07 18:47:49 | 000,049,944 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2014/12/07 18:47:49 | 000,024,184 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswHwid.sys
[2014/12/07 18:47:48 | 000,055,240 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2014/12/07 18:47:46 | 000,291,352 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2014/12/07 18:47:46 | 000,043,152 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2014/12/07 18:39:08 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2014/12/07 14:40:51 | 000,001,945 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2014/12/07 14:33:39 | 000,061,440 | ---- | M] ( ) -- C:\Documents and Settings\Owner\Desktop\VEW.exe
[2014/12/07 14:33:35 | 132,469,808 | ---- | M] (AVAST Software) -- C:\Documents and Settings\All Users\Desktop\avast_free_antivirus_setup (1).exe
[2014/12/07 14:33:29 | 002,480,312 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Documents and Settings\Owner\Desktop\procexp.exe
[2014/12/05 21:34:22 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2014/12/04 22:35:36 | 000,001,744 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2014/12/04 21:22:55 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2014/12/03 22:17:17 | 000,000,012 | ---- | M] () -- C:\WINDOWS\msoffice.ini
[2014/12/03 21:53:21 | 000,147,514 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\cc_20141203_215310.reg
[2014/11/26 12:19:40 | 000,001,879 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2014/11/26 05:20:30 | 000,701,104 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2014/11/26 05:20:29 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2014/11/20 11:31:14 | 000,444,666 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2014/11/20 11:31:14 | 000,073,212 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014/12/08 17:25:49 | 000,000,316 | ---- | C] () -- C:\WINDOWS\tasks\HP WEP.job
[2014/12/07 21:20:37 | 000,061,440 | ---- | C] ( ) -- C:\Documents and Settings\Owner\Desktop\VEW.exe
[2014/12/07 18:49:12 | 000,001,797 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Avast Free Antivirus.lnk
[2014/12/07 18:48:53 | 000,000,362 | -H-- | C] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2014/12/07 18:48:05 | 000,206,248 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2014/12/07 18:48:04 | 000,049,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2014/12/07 18:48:02 | 000,024,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswHwid.sys
[2014/12/04 22:35:36 | 000,001,744 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2014/12/03 22:01:16 | 000,000,012 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2014/12/03 21:53:15 | 000,147,514 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\cc_20141203_215310.reg
[2014/07/02 11:53:44 | 000,000,181 | ---- | C] () -- C:\WINDOWS\hpbafd.ini
[2013/05/29 11:43:15 | 000,061,504 | ---- | C] () -- C:\WINDOWS\System32\licensemanager.exe
[2013/05/29 11:43:15 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\U25STORE.DLL
[2013/05/29 11:43:15 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\U25TOTAL.DLL
[2013/05/29 11:43:14 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\smtls32.dll
[2013/05/29 11:43:14 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\U2LBAR.DLL
[2013/05/29 11:43:06 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\Lftif60n.dll
[2013/05/29 11:43:06 | 000,043,008 | ---- | C] () -- C:\WINDOWS\System32\Ltfil60n.dll
[2013/05/29 11:43:06 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\Lfbmp60n.dll
[2013/05/29 11:43:06 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\Lfpsd60n.dll
[2013/05/29 11:43:06 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\Lftga60n.dll
[2013/05/29 11:43:06 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\Lfwmf60n.dll
[2013/05/29 11:43:05 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\Lffax60n.dll
[2013/05/29 11:43:05 | 000,141,824 | ---- | C] () -- C:\WINDOWS\System32\Lfcmp60n.dll
[2013/05/29 11:43:05 | 000,110,080 | ---- | C] () -- C:\WINDOWS\System32\Lfpng60n.dll
[2013/05/29 11:43:05 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\Lfpcx60n.dll
[2013/05/29 11:43:05 | 000,022,528 | ---- | C] () -- C:\WINDOWS\System32\Lfpct60n.dll
[2013/05/29 11:43:05 | 000,022,528 | ---- | C] () -- C:\WINDOWS\System32\Lfeps60n.dll
[2013/05/29 11:43:05 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\Lfwpg60n.dll
[2013/05/29 11:43:05 | 000,018,432 | ---- | C] () -- C:\WINDOWS\System32\Lfmsp60n.dll
[2013/05/29 11:43:05 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\Lfmac60n.dll
[2013/05/29 11:43:04 | 000,005,679 | ---- | C] () -- C:\WINDOWS\System32\Regsvr16.exe
[2013/05/29 11:38:39 | 000,000,184 | ---- | C] () -- C:\WINDOWS\BTI.INI
[2011/10/21 19:41:19 | 000,010,445 | ---- | C] () -- C:\Documents and Settings\Owner\datastore.INTEG.RAW
[2011/10/11 09:07:02 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\{8AF1CB84-6885-4017-BD07-F0BEC571FE26}
[2011/10/05 15:54:54 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\fusioncache.dat
[2011/10/04 15:13:15 | 000,001,213 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\ldr.ini
[2009/10/14 08:58:09 | 000,000,133 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.351.32.bc
[2005/08/02 08:55:14 | 000,017,920 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/03/10 10:20:27 | 000,000,595 | ---- | C] () -- C:\Documents and Settings\Owner\plugin131.trace
[2003/07/10 12:07:00 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\dm.ini
[2002/08/02 00:08:45 | 000,000,173 | ---- | C] () -- C:\Documents and Settings\Owner\oobecmt.ini
[2002/08/01 22:04:15 | 000,006,905 | ---- | C] () -- C:\Documents and Settings\Owner\ml2.srt
[2002/08/01 22:04:15 | 000,006,892 | ---- | C] () -- C:\Documents and Settings\Owner\ml1.srt
========== ZeroAccess Check ==========
[2009/02/11 14:01:19 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/13 19:12:05 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 07:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/13 19:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== Custom Scans ==========
< MD5 for: VIAAGP1.SYS >
[2002/03/04 13:10:00 | 000,027,648 | ---- | M] (VIA Technologies, Inc.) MD5=099F10C7B9D4C7A2BF48D4C6ECA1E7F1 -- C:\hp\drivers\video\S3_VIA\VIAAGP1.SYS
========== Alternate Data Streams ==========
@Alternate Data Stream - 95 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
< End of report >