Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account

XP is freezing

xp freezing

  • Please log in to reply




  • Member
  • PipPip
  • 80 posts

I have an XP and about a month ago it started freezing up after I'd be on a site for about a half hour or so. Then it started having trouble opening a site? I go to pinterest and the blue circle in the left upper corner just keeps spinning and I can see the page but when I move mouse around it can't click on anything and get a response. I hit Ctrl Alt delete and task manager says it's running. So I hit Ctrl Alt delete again and then it'll start to respond. Then in a little while it'll freeze up again. This mostly happens on pinterest and Ribbet and facebook. But happens on other sites too. It's getting more and more frequent. Until now, where it takes me 2 or more tries to go from one site to another. Also odd is my one email account will say I have 22 emails (for example) but when I open it up, I may only have 4. I don't know if one has anything to do with the other? 

Here's those two things you wanted pasted. Thank you so much. Sorry I couldn't donate more, but I am poor as [bleep] right now.  


Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:10-01-2015 01
Ran by Milisa (administrator) on DONA (14-01-2016 17:36:23)
Running from C:\Documents and Settings\Milisa\My Documents\Downloads
Loaded Profiles: Milisa (Available Profiles: Milisa & Administrator)
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) Language: English (United States)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
(Seiko Epson Corporation) C:\WINDOWS\system32\escsvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
() C:\Program Files\NETGEAR\WNA3100\WifiSvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON Software\Event Manager\EEventManager.exe
(CloudCanvas) C:\Program Files\CloudCanvas\CloudCanvas.exe
(SEIKO EPSON CORPORATION) C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FATILAE.EXE
(Microsoft Corporation) C:\Program Files\Messenger\msmsgs.exe
() C:\Program Files\NETGEAR\WNA3100\WNA3100.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ISUSPM Startup] => C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [249856 2005-06-10] (InstallShield Software Corporation)
HKLM\...\Run: [EEventManager] => C:\Program Files\Epson Software\Event Manager\EEventManager.exe [1057920 2012-07-31] (SEIKO EPSON CORPORATION)
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKU\S-1-5-21-2814364803-843946100-1677762924-1008\...\Run: [CloudCanvas] => C:\Program Files\CloudCanvas\CloudCanvas.exe [138752 2012-04-17] (CloudCanvas)
HKU\S-1-5-21-2814364803-843946100-1677762924-1008\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATILAE.EXE [260160 2013-01-24] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2814364803-843946100-1677762924-1008\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-13] (Microsoft Corporation)
HKU\S-1-5-21-2814364803-843946100-1677762924-1008\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\ssmypics.scr [47104 2008-04-13] (Microsoft Corporation)
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [304128 2009-05-25] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\Uninstall SafeKey RunOnce.lnk [2015-08-11]
ShortcutTarget: Uninstall SafeKey RunOnce.lnk -> C:\Program Files\Common Files\lpuninstall.exe (McAfee)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Install SafeKey FF RunOnce.lnk [2015-04-05]
ShortcutTarget: Install SafeKey FF RunOnce.lnk -> C:\Program Files\Common Files\lpuninstall.exe (McAfee)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NETGEAR WNA3100 Genie.lnk [2015-07-15]
ShortcutTarget: NETGEAR WNA3100 Genie.lnk -> C:\Program Files\NETGEAR\WNA3100\WNA3100.exe ()
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [.DEFAULT] => ftp=;http=
AutoConfigURL: [.DEFAULT] => ftp=;http=
Tcpip\Parameters: [DhcpNameServer]
Tcpip\..\Interfaces\{219A7CC0-44C8-451B-9EB5-C7EF8D729273}: [DhcpNameServer]

Internet Explorer:
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2814364803-843946100-1677762924-1008\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2814364803-843946100-1677762924-1008\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-2814364803-843946100-1677762924-1008\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.google.com/?trackid=sp-006
URLSearchHook: HKU\S-1-5-21-2814364803-843946100-1677762924-1008 - (No Name) - {472734EA-242A-422b-ADF8-83D1E48CC825} -  No File
URLSearchHook: HKU\S-1-5-21-2814364803-843946100-1677762924-1008 - (No Name) - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} -  No File
SearchScopes: HKLM -> {A25AC313-DD19-4238-ACA2-401D6BEE4321} URL =
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2814364803-843946100-1677762924-1008 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2814364803-843946100-1677762924-1008 -> {34F578FD-7E82-4328-9D87-73D7750703B6} URL = hxxp://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_ggbg_15_01_ch&cd=2XzuyEtN2Y1L1QzutDtDtCyCyByCzytA0BtAyEzyzy0F0B0FtN0D0Tzu0StCtDzyyDtN1L2XzutAtFyCtFtCyCtFyCtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StCyC0FyBtCtAzytAtGtBtAtD0EtGyBzz0C0AtGyD0F0CyCtGyD0D0AtDyE0FyCzzzzzz0B0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEyCzzyCzytB0CtDtGtB0F0AtAtGyEzztB0BtG0A0BtAtBtGyDyC0B0F0B0AyBtByEzy0BtD2Q&cr=655180873&ir=
SearchScopes: HKU\S-1-5-21-2814364803-843946100-1677762924-1008 -> {36377DD7-B3EB-42f5-986F-680BAF59BA9D} URL = hxxp://mumbojumbo.start.iplay.com/searchresults.aspx?o=chrome&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2814364803-843946100-1677762924-1008 -> {55BF085E-B9D8-4A5A-A701-9B6A3A79C28D} URL = hxxps://search.yahoo.com/search?fr=mcafee&type=B011US0D20150405&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2814364803-843946100-1677762924-1008 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={0BD0F9C3-280B-45ED-BC66-A42B0007C459}&mid=1b52fedc71d947cdbd0dd15f30775aba-13eecaac61dea38c0411f64c0cc1b2e30c3b7cca&lang=en&ds=AVG&coid=avgtbavg&cmpid=0615pit&pr=fr&d=2015-08-10 23:23:46&v={searchTerms}
SearchScopes: HKU\S-1-5-21-2814364803-843946100-1677762924-1008 -> {A25AC313-DD19-4238-ACA2-401D6BEE4321} URL = hxxp://www.internet-home-page.com/search.php?q={searchTerms}&cof=FORID:10&ie={inputEncoding}
SearchScopes: HKU\S-1-5-21-2814364803-843946100-1677762924-1008 -> {DA29DA19-DD7F-4C32-9FA1-609B94DD970A} URL = hxxp://Lasaoren.com/results.php?f=4&q={searchTerms}&a=lrn_dnldstr_14_38_ff&cd=2XzuyEtN2Y1L1QzutDtDtCyCyByCzytA0BtAyEzyzy0F0B0FtN0D0Tzu0SzyzytDtN1L2XzutAtFtBtFyEtFtBtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StAzzyCtAyEzz0F0FtGtByBtBzztG0A0CtA0CtGtCtAyB0AtGtAzz0AtAyCyDyE0D0E0B0Bzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDyE0B0ByBzyzz0BtG0B0FtCyDtGyEyEzy0BtGzytCyE0CtG0DtB0ByByCtCyD0ByEtDyB0F2Q&cr=1186213622&ir=
SearchScopes: HKU\S-1-5-21-2814364803-843946100-1677762924-1008 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = hxxps://search.yahoo.com/search?p={searchTerms}&ei=UTF-8&fr=w3i&type=W3i_DS,136,0_0,Search,20150104,20028,0,8,0
SearchScopes: HKU\S-1-5-21-2814364803-843946100-1677762924-1008 -> {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = hxxp://search.yahoo.com/search?p={searchTerms}
SearchScopes: HKU\S-1-5-21-2814364803-843946100-1677762924-1008 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-18] (Google Inc.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-06-06] (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class -> {E7E6F031-17CE-4C07-BC86-EABFE594F69C} -> C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-06-06] (Sun Microsystems, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-18] (Google Inc.)
Toolbar: HKU\.DEFAULT -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-18] (Google Inc.)
Toolbar: HKU\S-1-5-21-2814364803-843946100-1677762924-1008 -> No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} -  No File
Toolbar: HKU\S-1-5-21-2814364803-843946100-1677762924-1008 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-18] (Google Inc.)
DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} hxxp://office.microsoft.com/officeupdate/content/opuc3.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2006-06-05] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Intern

FF ProfilePath: C:\Documents and Settings\Milisa\Application Data\Mozilla\Firefox\Profiles\tat9zqy3.default-1441292214421
FF NewTab: about:newtab
FF DefaultSearchEngine: Yahoo
FF SelectedSearchEngine: Yahoo
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_20_0_0_267.dll [2015-12-29] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF SearchPlugin: C:\Documents and Settings\Milisa\Application Data\Mozilla\Firefox\Profiles\tat9zqy3.default-1441292214421\searchplugins\googletranslate.xml [2015-11-11]
FF SearchPlugin: C:\Documents and Settings\Milisa\Application Data\Mozilla\Firefox\Profiles\tat9zqy3.default-1441292214421\searchplugins\web-search.xml [2016-01-09]
FF Extension: Pin It button - C:\Documents and Settings\Milisa\Application Data\Mozilla\Firefox\Profiles\tat9zqy3.default-1441292214421\Extensions\[email protected] [2015-09-15]
FF HKU\S-1-5-21-2814364803-843946100-1677762924-1008\...\Firefox\Extensions: [[email protected]] - C:\Program Files\FriendsChecker\DynConFf => not found

CHR Profile: C:\Documents and Settings\Milisa\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR HKLM\...\Chrome\Extension: [eefhnbpnnaaokmclnihgajdnlgljajjg] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ggebenakhmhfdkmkemdmllecchcldgec] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2814364803-843946100-1677762924-1008\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - hxxps://clients2.google.com/service/update2/crx

StartMenuInternet: (HKLM) Opera.exe - blank

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 EpsonCustomerParticipation; C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe [577008 2014-11-04] (SEIKO EPSON CORPORATION)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc.exe [126128 2012-05-16] (Seiko Epson Corporation)
S2 Net Driver HPZ12; C:\WINDOWS\system32\HPZinw12.dll [44544 2008-12-03] (Hewlett-Packard) [File not signed]
S3 NetSvc; C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe [143360 2003-12-17] (Intel® Corporation) [File not signed]
S2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [53760 2008-12-03] (Hewlett-Packard) [File not signed]
R2 WSWNA3100; C:\Program Files\NETGEAR\WNA3100\WifiSvc.exe [316120 2014-08-18] ()
S4 AcrSch2Svc; "C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe" [X]
S4 getPlusHelper; C:\Program Files\NOS\bin\getPlus_Helper.dll [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 abp480n5; C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS [23552 2001-08-17] (Microsoft Corporation)
R3 BCMH43XX; C:\WINDOWS\System32\DRIVERS\bcmwlhigh5.sys [642432 2009-11-06] (Broadcom Corporation)
S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49920 2008-10-28] (HP)
S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2008-10-28] (HP)
S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2008-10-28] (HP)
S3 NPF; C:\WINDOWS\System32\DRIVERS\npf.sys [50704 2010-02-03] (CACE Technologies, Inc.)
S3 Pcouffin; C:\WINDOWS\System32\Drivers\Pcouffin.sys [47360 2009-11-19] (VSO Software) [File not signed]
S3 SWDUMon; C:\WINDOWS\System32\DRIVERS\SWDUMon.sys [13368 2015-11-04] (SlimWare Utilities, Inc.)
R2 tifsfilter; C:\WINDOWS\System32\DRIVERS\tifsfilt.sys [44384 2008-01-06] (Acronis)
S2 adfs; no ImagePath
S3 catchme; \??\C:\DOCUME~1\Milisa\LOCALS~1\Temp\catchme.sys [X]
S3 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [X]
U0 mfewfpk; no ImagePath
S3 pccsmcfd; system32\DRIVERS\pccsmcfd.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U3 TlntSvr; no ImagePath
S3 wanatw; system32\DRIVERS\wanatw4.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-14 17:35 - 2016-01-14 17:36 - 00000000 ____D C:\FRST
2016-01-13 22:24 - 2016-01-13 22:24 - 00013824 _____ C:\Documents and Settings\Milisa\My Documents\bundy.wps
2016-01-12 13:51 - 2016-01-12 13:51 - 00001813 _____ C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
2016-01-12 13:51 - 2016-01-12 13:51 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Google Chrome
2016-01-12 13:12 - 2016-01-12 13:12 - 00000000 __HDC C:\WINDOWS\$NtUninstallWdf01009$
2016-01-12 13:12 - 2008-11-07 18:55 - 00016928 ____N (Microsoft Corporation) C:\WINDOWS\system32\spmsgXP_2k3.dll
2016-01-12 13:07 - 2016-01-12 13:07 - 00000000 ____D C:\Documents and Settings\Milisa\Local Settings\Application Data\FusionBrowser
2016-01-12 13:06 - 2016-01-12 13:37 - 00000000 ____D C:\Program Files\FusionBrowser
2016-01-11 22:54 - 2016-01-11 22:55 - 00000000 ____D C:\Documents and Settings\Milisa\My Documents\ebay
2016-01-10 13:25 - 2016-01-10 13:25 - 00090112 _____ C:\WINDOWS\Minidump\Mini011016-01.dmp
2016-01-08 22:41 - 2016-01-08 22:41 - 00000000 ____D C:\Documents and Settings\Milisa\My Documents\c3
2016-01-07 07:03 - 2016-01-07 07:03 - 00068096 _____ C:\Documents and Settings\Milisa\My Documents\psycho gov 2.wps
2016-01-07 07:02 - 2016-01-07 07:02 - 00038400 _____ C:\Documents and Settings\Milisa\My Documents\psyco gov.wps
2016-01-07 01:35 - 2016-01-14 13:18 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-01-03 19:15 - 2016-01-03 19:15 - 00000000 ____D C:\Documents and Settings\Milisa\My Documents\My Smilebox Creations
2016-01-03 19:14 - 2016-01-03 19:14 - 00001930 _____ C:\Documents and Settings\Milisa\Start Menu\Programs\Smilebox.lnk
2016-01-02 21:03 - 2016-01-02 21:05 - 00080604 _____ C:\WINDOWS\ntbtlog.txt
2015-12-29 14:50 - 2015-12-29 14:50 - 00029184 _____ C:\Documents and Settings\Milisa\My Documents\5.wps
2015-12-25 15:19 - 2016-01-09 02:25 - 00001891 _____ C:\WINDOWS\imsins.BAK
2015-12-24 19:00 - 2015-12-24 19:00 - 00041984 _____ C:\Documents and Settings\Milisa\My Documents\doc1.wps
2015-12-24 19:00 - 2015-12-24 19:00 - 00028672 _____ C:\Documents and Settings\Milisa\My Documents\2.wps
2015-12-23 19:23 - 2015-12-23 18:35 - 00683598 _____ C:\Documents and Settings\Milisa\My Documents\The-Ultimate-List-2015.pdf
2015-12-17 12:07 - 2015-12-17 12:07 - 00014848 _____ C:\Documents and Settings\Milisa\My Documents\DMT.wps
2015-12-15 23:42 - 2015-12-15 23:42 - 00056832 _____ C:\Documents and Settings\Milisa\My Documents\paradigm.wps
2015-12-15 22:50 - 2015-12-16 22:58 - 00344576 _____ C:\Documents and Settings\Milisa\My Documents\silli milli.wps
2015-12-15 22:50 - 2015-12-15 22:51 - 00017920 _____ C:\Documents and Settings\Milisa\My Documents\anxiety.wps

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-14 17:37 - 2011-07-06 09:55 - 00000000 ____D C:\Documents and Settings\Milisa\Local Settings\Temp
2016-01-14 17:35 - 2006-09-07 12:24 - 00000000 ____D C:\WINDOWS
2016-01-14 17:32 - 2015-08-17 19:32 - 00000917 _____ C:\WINDOWS\Tasks\EPSON XP-410 Series Update {1021F97F-E103-44FB-B493-B45A6521AC55}.job
2016-01-14 17:32 - 2015-08-17 19:32 - 00000731 _____ C:\WINDOWS\Tasks\EPSON XP-410 Series Invitation {1021F97F-E103-44FB-B493-B45A6521AC55}.job
2016-01-14 17:23 - 2011-04-08 12:51 - 00000424 ____H C:\WINDOWS\Tasks\User_Feed_Synchronization-{3FC32BFE-2D0E-4558-B1AC-B97DECCA73A5}.job
2016-01-14 17:09 - 2015-09-01 13:48 - 00000886 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-14 16:58 - 2015-09-01 12:52 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-01-14 16:38 - 2015-07-20 13:18 - 00011264 _____ C:\Documents and Settings\Milisa\My Documents\ablog the story teller.wps
2016-01-14 16:38 - 2011-07-06 11:38 - 00035968 _____ C:\Documents and Settings\Milisa\Application Data\wklnhst.dat
2016-01-14 15:22 - 2015-07-20 14:00 - 00012800 _____ C:\Documents and Settings\Milisa\My Documents\ablog people of color beware.wps
2016-01-14 15:19 - 2009-11-07 14:33 - 00000000 ___RD C:\Documents and Settings\Milisa\My Documents
2016-01-14 12:51 - 2009-11-07 14:33 - 00000000 ___RD C:\Documents and Settings\Milisa\My Documents\My Pictures
2016-01-14 12:32 - 2004-08-10 13:08 - 00032446 _____ C:\WINDOWS\SchedLgU.Txt
2016-01-14 12:21 - 2015-11-09 12:21 - 00000368 _____ C:\WINDOWS\Tasks\SlimCleaner Plus (Scheduled Scan - Milisa).job
2016-01-14 12:19 - 2014-07-04 12:53 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-01-14 12:09 - 2015-09-01 13:48 - 00000882 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-14 11:53 - 2006-09-16 23:08 - 141317472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-01-12 14:29 - 2009-11-07 14:33 - 00000000 ____D C:\Documents and Settings\Milisa\Local Settings\Application Data\ApplicationHistory
2016-01-12 14:05 - 2004-08-10 12:51 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2016-01-12 14:04 - 2011-08-12 15:26 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\AVAST Software
2016-01-12 14:04 - 2004-08-10 13:08 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-01-12 14:03 - 2009-11-07 14:33 - 00000278 ___SH C:\Documents and Settings\Milisa\ntuser.ini
2016-01-12 13:57 - 2004-08-10 12:52 - 00000000 ___HD C:\WINDOWS\inf
2016-01-12 13:49 - 2011-08-05 13:27 - 00000000 ____D C:\Program Files\Google
2016-01-12 13:28 - 2011-04-08 12:43 - 00002329 _____ C:\Documents and Settings\Milisa\Start Menu\Programs\Windows Install Clean Up.lnk
2016-01-12 13:20 - 2009-11-07 14:33 - 00000000 ____D C:\Documents and Settings\Milisa
2016-01-10 13:25 - 2009-10-27 12:02 - 00000000 ____D C:\WINDOWS\Minidump
2016-01-09 02:20 - 2011-08-05 13:27 - 00000000 ____D C:\Documents and Settings\Milisa\Local Settings\Application Data\Google
2016-01-07 15:43 - 2014-07-04 16:10 - 00000218 _____ C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2016-01-05 02:20 - 2015-07-18 16:39 - 00009216 _____ C:\Documents and Settings\Milisa\My Documents\ablog shallow deep.wps
2016-01-03 02:41 - 2015-07-18 16:04 - 00013824 _____ C:\Documents and Settings\Milisa\My Documents\ablog sad.wps
2016-01-02 21:18 - 2011-04-08 11:18 - 00000000 ____D C:\Documents and Settings\Administrator
2016-01-02 21:18 - 2004-08-10 13:08 - 00000000 __SHD C:\Documents and Settings\NetworkService
2016-01-02 21:18 - 2004-08-10 13:08 - 00000000 __SHD C:\Documents and Settings\LocalService
2016-01-02 21:18 - 2004-08-10 13:02 - 00000000 ____D C:\WINDOWS\Registration
2016-01-02 21:15 - 2004-08-10 12:51 - 00000751 _____ C:\WINDOWS\win.ini
2016-01-02 21:15 - 2004-08-10 12:51 - 00000227 _____ C:\WINDOWS\system.ini
2016-01-02 21:13 - 2006-09-18 21:26 - 00000000 ____D C:\WINDOWS\pss
2016-01-02 00:58 - 2015-09-01 12:52 - 00796864 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2016-01-02 00:58 - 2015-09-01 12:52 - 00142528 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-12-25 15:16 - 2015-01-21 14:03 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Yahoo!
2015-12-25 15:16 - 2015-01-21 14:02 - 00000000 ____D C:\Documents and Settings\Milisa\Application Data\Yahoo!
2015-12-25 15:05 - 2004-08-10 12:57 - 00673536 _____ C:\WINDOWS\system32\PerfStringBackup.INI

==================== Files in the root of some directories =======

2015-04-05 19:52 - 2015-08-11 11:16 - 27093992 _____ (McAfee) C:\Program Files\Common Files\lpuninstall.exe
2010-06-10 14:59 - 2010-12-10 18:57 - 0002555 _____ () C:\Documents and Settings\Milisa\Application Data\SAS7_000.DAT
2011-07-06 11:38 - 2016-01-14 16:38 - 0035968 _____ () C:\Documents and Settings\Milisa\Application Data\wklnhst.dat
2015-01-21 14:04 - 2015-01-21 14:04 - 0000108 _____ () C:\Documents and Settings\Milisa\Local Settings\Application Data\35d9d94d597756656d8c7da8923e4721
2010-03-09 18:07 - 2014-12-31 11:35 - 0008704 _____ () C:\Documents and Settings\Milisa\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2009-11-22 04:47 - 2015-08-31 22:32 - 0089172 _____ () C:\Documents and Settings\Milisa\Local Settings\Application Data\FASTWiz.log
2009-11-07 14:33 - 2006-09-07 13:13 - 0000128 _____ () C:\Documents and Settings\Milisa\Local Settings\Application Data\fusioncache.dat
2009-11-08 21:56 - 2013-07-16 14:00 - 0008036 _____ () C:\Documents and Settings\All Users\Application Data\hpzinstall.log
2007-07-31 23:03 - 2009-11-15 15:54 - 0001755 _____ () C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache

Some files in TEMP:
C:\Documents and Settings\Milisa\Local Settings\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpishoze.dll

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================


Additional scan result of Farbar Recovery Scan Tool (x86) Version:10-01-2015 01
Ran by Milisa (2016-01-14 17:37:52)
Running from C:\Documents and Settings\Milisa\My Documents\Downloads
Microsoft Windows XP Home Edition Service Pack 3 (X86) (2006-09-16 21:06:15)
Boot Mode: Normal

==================== Accounts: =============================

Administrator (S-1-5-21-2814364803-843946100-1677762924-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
Guest (S-1-5-21-2814364803-843946100-1677762924-501 - Limited - Enabled)
HelpAssistant (S-1-5-21-2814364803-843946100-1677762924-1006 - Limited - Disabled)
Milisa (S-1-5-21-2814364803-843946100-1677762924-1008 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Milisa
SUPPORT_388945a0 (S-1-5-21-2814364803-843946100-1677762924-1002 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

32 Bit HP CIO Components Installer (Version: 6.1.1 - Hewlett-Packard) Hidden
Adobe Flash Player 20 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: - Adobe Systems Incorporated)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Conexant D850 56K V.9x DFVc Modem (HKLM\...\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1) (Version:  - )
Dell CinePlayer (HKLM\...\{43CAC9A1-1993-4F65-9096-7C9AFC2BBF54}) (Version: 3.0 - Dell)
Dell Driver Reset Tool (HKLM\...\{5905F42D-3F5F-4916-ADA6-94A3646AEE76}) (Version: 1.02.0000 - Dell Inc.)
Dell System Restore (HKLM\...\{74F7662C-B1DB-489E-A8AC-07A06B24978B}) (Version: 2.00.0000 - Dell Inc.)
Digital Content Portal (HKLM\...\{6D5FCA42-1486-4E32-AFE8-1B7E2AA59D33}) (Version: 1.00.0000 - Dell)
EducateU (HKLM\...\{A683A2C0-821C-486F-858C-FA634DB5E864}) (Version: 1.00.0000 - Dell)
ELIcon (Version: 1.00.0000 - Dell) Hidden
EPSON Connect version 1.0 (HKLM\...\EPSON Connect_is1) (Version: 1.0 - Epson America Inc.)
Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM\...\{10144CFE-D76C-4CFA-81A1-37A1642349A3}) (Version: 3.01.0013 - Seiko Epson Corporation)
EPSON Scan (HKLM\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON XP-410 Series Printer Uninstall (HKLM\...\EPSON XP-410 Series) (Version:  - SEIKO EPSON Corporation)
Epson XP-410 User's Guide version 1.0 (HKLM\...\UsersGuideEpson XP-410 User's Guide_is1) (Version: 1.0 - )
EpsonNet Print (HKLM\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
Google Chrome (HKLM\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7210.1528 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: - Google Inc.) Hidden
Google Update Helper (Version: - Google Inc.) Hidden
InstallIQ Updater (HKLM\...\{A9FE59F0-5BFA-4FDF-84C6-F45457715379}) (Version: - W3i, LLC)
Intel® Extreme Graphics 2 Driver (HKLM\...\{8A708DD8-A5E6-11D4-A706-000629E95E20}) (Version: - )
Intel® PRO Network Adapters and Drivers (HKLM\...\PROSet) (Version:  - )
Intel® PROSet for Wired Connections (HKLM\...\{17334AAF-C9E7-483B-9F45-E3FCAF07FFA7}) (Version: 8.00.5000 - Dell)
Java™ 6 Update 22 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216022F0}) (Version: 6.0.220 - Oracle)
Java™ 6 Update 25 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216025FF}) (Version: 6.0.250 - Oracle)
MCU (Version: 1.00.0000 - Dell) Hidden
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version:  - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Base Smart Card Cryptographic Service Provider Package (HKLM\...\KB909520) (Version:  - Microsoft Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Office XP Professional (HKLM\...\{91110409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Plus! Digital Media Edition Installer (HKLM\...\{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}) (Version: - Microsoft Corporation)
Microsoft Plus! Photo Story 2 LE (HKLM\...\{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}) (Version: - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version:  - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Windows Media Video 9 VCM (HKLM\...\WMV9_VCM) (Version:  - )
Microsoft Works (HKLM\...\{6D52C408-B09A-4520-9B18-475B81D393F1}) (Version: 08.05.0818 - Microsoft Corporation)
Mozilla Firefox 43.0.4 (x86 en-US) (HKLM\...\Mozilla Firefox 43.0.4 (x86 en-US)) (Version: 43.0.4 - Mozilla)
MSVC80_x86 (Version: - Nokia) Hidden
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NETGEAR WNA3100 wireless USB 2.0 driver (HKLM\...\{C2425F91-1F7B-4037-9A05-9F290184798D}) (Version: - NETGEAR)
PrintMaster Gold 3.00 (HKLM\...\PrintMaster Gold 3.00) (Version:  - )
SAMSUNG SYMBIAN USB Download Driver (HKLM\...\{D8CE69B0-9274-4b8c-BA49-0FF6A20A3C65}) (Version: 1.1.808.7165 - SAMSUNG Electronics CO,.LTD)
Segoe UI (Version: 14.0.4327.805 - Microsoft Corp) Hidden
Software Updater (HKLM\...\{D60071DB-459C-465C-92EF-336E65F1A436}) (Version: 4.0.1 - SEIKO EPSON CORPORATION)
Sonic Activation Module (Version: 1.0 - Sonic Solutions) Hidden
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: - AVG Technologies CZ, s.r.o.)
WebCyberCoach 3.2 Dell (HKLM\...\WebCyberCoach_wtrb) (Version:  - )
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.7.0017.0 - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version:  - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Installer 3.1 (KB893803) (HKLM\...\KB893803v2) (Version:  - Microsoft Corporation)
Windows Installer Clean Up (HKLM\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sign-in Assistant (HKLM\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Upload Tool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version:  - )
Windows Search 4.0 (HKLM\...\KB940157) (Version: 04.00.6001.503 - Microsoft Corporation)
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
XML Paper Specification Shared Components Pack 1.0 (Version:  - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2814364803-843946100-1677762924-1008_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Documents and Settings\Milisa\Application Data\Dropbox\bin\Dropbox.exe /autoplay => No File
CustomCLSID: HKU\S-1-5-21-2814364803-843946100-1677762924-1008_Classes\CLSID\{0507EEDE-3AE7-49c7-BF37-0EB4A62D8638}\localserver32 -> C:\Program Files\Google\Google Talk\googletalk.exe => No File
CustomCLSID: HKU\S-1-5-21-2814364803-843946100-1677762924-1008_Classes\CLSID\{33b07fd4-5917-43e1-968d-4c79231836bf}\localserver32 -> C:\Program Files\Google\Google Talk\googletalk.exe => No File
CustomCLSID: HKU\S-1-5-21-2814364803-843946100-1677762924-1008_Classes\CLSID\{A8F086C3-2497-4229-82FE-586F2D326F95}\localserver32 -> C:\Program Files\Google\Google Talk\googletalk.exe => No File
CustomCLSID: HKU\S-1-5-21-2814364803-843946100-1677762924-1008_Classes\CLSID\{d33f3ced-d7d5-44f1-a9fe-6927dabb1934}\localserver32 -> C:\Program Files\Google\Google Talk\googletalk.exe => No File
CustomCLSID: HKU\S-1-5-21-2814364803-843946100-1677762924-1008_Classes\CLSID\{E69341A3-E6D2-4175-B60C-C9D3D6FA40F6}\localserver32 -> C:\Documents and Settings\Milisa\Application Data\Dropbox\bin\Dropbox.exe /wiacallback => No File

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\EPSON XP-410 Series Invitation {1021F97F-E103-44FB-B493-B45A6521AC55}.job => C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FTSLAE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-410 Series Update {1021F97F-E103-44FB-B493-B45A6521AC55}.job => C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FTSLAE.EXE:/EXE:{1021F97F-E103-44FB-B493-B45A6521AC55} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\SlimCleaner Plus (Scheduled Scan - Milisa).job => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe
Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{3FC32BFE-2D0E-4558-B1AC-B97DECCA73A5}.job => C:\WINDOWS\system32\msfeedssync.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-07-15 14:55 - 2014-08-18 16:50 - 00316120 _____ () C:\Program Files\NETGEAR\WNA3100\WifiSvc.exe
2015-07-15 14:44 - 2014-10-29 14:40 - 00319488 _____ () C:\Program Files\NETGEAR\WNA3100\WifiLib.dll
2015-07-15 14:44 - 2014-08-18 16:49 - 08274648 _____ () C:\Program Files\NETGEAR\WNA3100\WNA3100.exe
2015-07-15 14:44 - 2014-07-22 09:18 - 00278528 _____ () C:\Program Files\NETGEAR\WNA3100\WifiSvcLib.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:15D5AA51
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:F35A93AD
AlternateDataStreams: C:\Documents and Settings\Milisa\My Documents\Files named ablog jemima and hitler .fnd:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2004-08-10 12:51 - 2015-09-04 08:27 - 00000029 ____A C:\WINDOWS\system32\Drivers\etc\hosts       localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2814364803-843946100-1677762924-1008\Control Panel\Desktop\\Wallpaper -> C:\Documents and Settings\Milisa\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
DNS Servers: -
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

DomainProfile\AuthorizedApplications: [C:\Program Files\Common Files\AOL\ACS\AOLDial.exe] => Enabled:AOL
DomainProfile\AuthorizedApplications: [C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe] => Enabled:AOL
DomainProfile\AuthorizedApplications: [C:\Program Files\America Online 9.0\waol.exe] => Enabled:AOL
DomainProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe] => Enabled:hpqtra08.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe] => Enabled:hpqste08.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hposid01.exe] => Enabled:hposid01.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe] => Enabled:hpqkygrp.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe] => Enabled:hpfccopy.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe] => Enabled:hpoews01.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe] => Enabled:hpiscnapp.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe] => Enabled:hpqphotocrm.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe] => Enabled:hpqgplgtupl.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe] => Enabled:hpqgpc01.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe] => Enabled:hpqusgm.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe] => Enabled:hpqusgh.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\HP\HP Software Update\HPWUCli.exe] => Enabled:hpwucli.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe] => Enabled:smartwebprintexe.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe] => Enabled:Windows Live Sync
StandardProfile\AuthorizedApplications: [C:\Program Files\Common Files\AOL\ACS\AOLDial.exe] => Enabled:AOL
StandardProfile\AuthorizedApplications: [C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe] => Enabled:AOL
StandardProfile\AuthorizedApplications: [C:\Program Files\America Online 9.0\waol.exe] => Enabled:AOL
StandardProfile\AuthorizedApplications: [C:\WINDOWS\system32\usmt\migwiz.exe] => Enabled:Files and Settings Transfer Wizard
StandardProfile\AuthorizedApplications: [C:\Program Files\Grisoft\AVG Free\avginet.exe] => Enabled:avginet.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Grisoft\AVG Free\avgamsvr.exe] => Enabled:avgamsvr.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Grisoft\AVG Free\avgcc.exe] => Enabled:avgcc.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe] => Enabled:hpqtra08.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe] => Enabled:hpqste08.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hposid01.exe] => Enabled:hposid01.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe] => Enabled:hpqkygrp.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe] => Enabled:hpfccopy.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe] => Enabled:hpoews01.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe] => Enabled:hpiscnapp.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe] => Enabled:hpqphotocrm.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe] => Enabled:hpqgplgtupl.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe] => Enabled:hpqgpc01.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe] => Enabled:hpqusgm.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe] => Enabled:hpqusgh.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\HP\HP Software Update\HPWUCli.exe] => Enabled:hpwucli.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe] => Enabled:smartwebprintexe.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe] => Enabled:Windows Live Sync
StandardProfile\AuthorizedApplications: [C:\WINDOWS\Temp\~osF2.tmp\rlvknlg.exe] => Enabled:rlvknlg.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe] => Enabled:backWeb-7288971
StandardProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe] => Disabled:hpgs2wnf Module
StandardProfile\AuthorizedApplications: [C:\Documents and Settings\Milisa\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe] => Enabled:Google Talk Plugin
StandardProfile\AuthorizedApplications: [C:\Program Files\Google\Google Talk\googletalk.exe] => Enabled:Google Talk
StandardProfile\AuthorizedApplications: [C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe] => Enabled:Yahoo! Messenger
StandardProfile\AuthorizedApplications: [C:\Documents and Settings\Milisa\Application Data\Spotify\spotify.exe] => Enabled:Spotify
StandardProfile\AuthorizedApplications: [C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe] => Enabled:McAfee Shared Service Host
StandardProfile\AuthorizedApplications: [C:\Program Files\AVG\AVG2015\avgmfapx.exe] => Enabled:AVG Installer
StandardProfile\AuthorizedApplications: [C:\Program Files\pandasecuritytb\ToolbarCleaner.exe] => Enabled:ToolbarCleaner
StandardProfile\AuthorizedApplications: [C:\Program Files\Mozilla Firefox\firefox.exe] => Enabled:Firefox (C:\Program Files\Mozilla Firefox)
StandardProfile\AuthorizedApplications: [C:\Program Files\Google\Chrome\Application\chrome.exe] => Enabled:Google Chrome
DomainProfile\GloballyOpenPorts: [139:TCP] => Enabled:@xpsp2res.dll,-22004
DomainProfile\GloballyOpenPorts: [445:TCP] => Enabled:@xpsp2res.dll,-22005
DomainProfile\GloballyOpenPorts: [137:UDP] => Enabled:@xpsp2res.dll,-22001
DomainProfile\GloballyOpenPorts: [138:UDP] => Enabled:@xpsp2res.dll,-22002
DomainProfile\GloballyOpenPorts: [1900:UDP] => :LocalSubNet:Disabled:@xpsp2res.dll,-22007
DomainProfile\GloballyOpenPorts: [2869:TCP] => :LocalSubNet:Disabled:@xpsp2res.dll,-22008
DomainProfile\GloballyOpenPorts: [10243:TCP] => :LocalSubNet:Enabled:Windows Media Player Network Sharing Service
DomainProfile\GloballyOpenPorts: [10280:UDP] => :LocalSubNet:Enabled:Windows Media Player Network Sharing Service
DomainProfile\GloballyOpenPorts: [10281:UDP] => :LocalSubNet:Enabled:Windows Media Player Network Sharing Service
DomainProfile\GloballyOpenPorts: [10282:UDP] => :LocalSubNet:Enabled:Windows Media Player Network Sharing Service
DomainProfile\GloballyOpenPorts: [10283:UDP] => :LocalSubNet:Enabled:Windows Media Player Network Sharing Service
DomainProfile\GloballyOpenPorts: [10284:UDP] => :LocalSubNet:Enabled:Windows Media Player Network Sharing Service
StandardProfile\GloballyOpenPorts: [1900:UDP] => :LocalSubNet:Disabled:@xpsp2res.dll,-22007
StandardProfile\GloballyOpenPorts: [2869:TCP] => :LocalSubNet:Disabled:@xpsp2res.dll,-22008
StandardProfile\GloballyOpenPorts: [139:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22004
StandardProfile\GloballyOpenPorts: [445:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22005
StandardProfile\GloballyOpenPorts: [137:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22001
StandardProfile\GloballyOpenPorts: [138:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22002
StandardProfile\GloballyOpenPorts: [10243:TCP] => :LocalSubNet:Enabled:Windows Media Player Network Sharing Service
StandardProfile\GloballyOpenPorts: [10280:UDP] => :LocalSubNet:Enabled:Windows Media Player Network Sharing Service
StandardProfile\GloballyOpenPorts: [10281:UDP] => :LocalSubNet:Enabled:Windows Media Player Network Sharing Service
StandardProfile\GloballyOpenPorts: [10282:UDP] => :LocalSubNet:Enabled:Windows Media Player Network Sharing Service
StandardProfile\GloballyOpenPorts: [10283:UDP] => :LocalSubNet:Enabled:Windows Media Player Network Sharing Service
StandardProfile\GloballyOpenPorts: [10284:UDP] => :LocalSubNet:Enabled:Windows Media Player Network Sharing Service

==================== Restore Points =========================

17-10-2015 12:10:50 System Checkpoint
24-10-2015 11:34:46 System Checkpoint
25-10-2015 11:41:03 System Checkpoint
28-10-2015 21:05:13 System Checkpoint
04-11-2015 12:32:09 System Checkpoint
05-11-2015 15:46:28 System Checkpoint
07-11-2015 12:09:39 System Checkpoint
09-11-2015 18:25:49 Removed DriverUpdate
09-11-2015 19:48:41 Removed SlimCleaner Plus
12-11-2015 10:33:03 Software Distribution Service 3.0
13-11-2015 11:17:38 System Checkpoint
14-11-2015 18:19:02 System Checkpoint
18-11-2015 14:34:50 System Checkpoint
19-11-2015 17:44:05 System Checkpoint
28-11-2015 12:56:14 System Checkpoint
29-11-2015 12:57:07 System Checkpoint
01-12-2015 15:03:59 System Checkpoint
02-12-2015 15:31:49 System Checkpoint
04-12-2015 20:21:59 System Checkpoint
06-12-2015 17:46:07 System Checkpoint
08-12-2015 13:00:00 System Checkpoint
09-12-2015 14:07:04 System Checkpoint
10-12-2015 11:14:30 Software Distribution Service 3.0
12-12-2015 13:13:08 System Checkpoint
14-12-2015 13:10:13 System Checkpoint
15-12-2015 19:06:21 System Checkpoint
18-12-2015 20:09:52 System Checkpoint
20-12-2015 21:45:33 System Checkpoint
22-12-2015 15:20:52 System Checkpoint
24-12-2015 12:02:38 System Checkpoint
25-12-2015 19:56:19 System Checkpoint
27-12-2015 23:21:09 System Checkpoint
29-12-2015 13:17:20 System Checkpoint
02-01-2016 19:22:03 System Checkpoint
02-01-2016 21:17:27 Restore Operation
04-01-2016 01:32:04 System Checkpoint
05-01-2016 10:29:42 System Checkpoint
07-01-2016 14:52:39 System Checkpoint
10-01-2016 01:10:44 System Checkpoint
11-01-2016 19:56:54 System Checkpoint
12-01-2016 13:12:31 Installed Windows XP Wdf01009.
12-01-2016 13:57:03 Installed Windows XP Wdf01009.
14-01-2016 11:52:55 Software Distribution Service 3.0

==================== Faulty Device Manager Devices =============

Name: Intel® PRO/100 VE Network Connection
Description: Intel® PRO/100 VE Network Connection
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service: E100B
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
Error: (01/13/2016 02:28:57 PM) (Source: Application Error) (EventID: 1001) (User: )
Description: Fault bucket 802338525.
The Wep key exchange did not result in a secure connection setup after 802.1x authentication.  The current setting has been marked as failed and the Wireless connection will be disconnected.

Error: (01/13/2016 02:28:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application SearchIndexer.exe, version 7.0.6001.16503, faulting module tquery.dll, version 7.0.6001.16503, fault address 0x00017117.
Processing media-specific event for [SearchIndexer.exe!ws!]

Error: (01/13/2016 02:28:34 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: The search service has detected corrupted data files in the index. The service will attempt to automatically correct this problem by rebuilding the index.

Context: Windows Application, SystemIndex Catalog

     0xc0041801 (0xc0041801)

Error: (01/12/2016 01:06:21 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: WebCompanionInstaller.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.FileNotFoundException
   at WebCompanionInstaller.App.OpenInstallerWcfHost()
   at WebCompanionInstaller.App.Main()

Error: (01/12/2016 01:05:19 PM) (Source: .NET Runtime 4.0 Error Reporting) (EventID: 5000) (User: )
Description: EventType clr20r3, P1 webcompanioninstaller.exe, P2 2.1.1265.2535, P3 565ca245, P4 webcompanioninstaller, P5, P6 565ca245, P7 43d, P8 20, P9 clr20r30, P10 clr20r31.

Error: (01/07/2016 07:03:17 AM) (Source: Application Hang) (EventID: 1001) (User: )
Description: Fault bucket 1420940323.

Error: (01/07/2016 07:02:58 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application WLXPhotoGallery.exe, version 14.0.8081.709, hang module hungapp, version, hang address 0x00000000.

Error: (01/07/2016 07:02:57 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application WLXPhotoGallery.exe, version 14.0.8081.709, hang module hungapp, version, hang address 0x00000000.

Error: (01/07/2016 07:02:53 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application WLXPhotoGallery.exe, version 14.0.8081.709, hang module hungapp, version, hang address 0x00000000.

Error: (12/23/2015 12:35:11 AM) (Source: Application Hang) (EventID: 1001) (User: )
Description: Fault bucket 454387889.

System errors:
Error: (01/14/2016 11:51:15 AM) (Source: Dhcp) (EventID: 1000) (User: )
Description: Your computer has lost the lease to its IP address on the
Network Card with network address A42B8C6FEAEF.

Error: (01/13/2016 04:42:40 PM) (Source: Dhcp) (EventID: 1000) (User: )
Description: Your computer has lost the lease to its IP address on the
Network Card with network address A42B8C6FEAEF.

Error: (01/13/2016 02:29:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (01/13/2016 11:47:40 AM) (Source: Dhcp) (EventID: 1000) (User: )
Description: Your computer has lost the lease to its IP address on the
Network Card with network address A42B8C6FEAEF.

Error: (01/12/2016 05:16:45 PM) (Source: Dhcp) (EventID: 1000) (User: )
Description: Your computer has lost the lease to its IP address on the
Network Card with network address A42B8C6FEAEF.

Error: (01/12/2016 02:21:06 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Alerter service depends on the Workstation service which failed to start because of the following error:

Error: (01/12/2016 02:05:03 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Routing and Remote Access service terminated with service-specific error 711 (0x2C7).

Error: (01/12/2016 02:05:02 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Windows Media Player Network Sharing Service service depends on the Universal Plug and Play Device Host service which failed to start because of the following error:

Error: (01/12/2016 02:05:02 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Alerter service depends on the Workstation service which failed to start because of the following error:

Error: (01/12/2016 02:05:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The adfs service failed to start due to the following error:

==================== Memory info ===========================

Processor:  Intel® Celeron® CPU 2.53GHz
Percentage of memory in use: 54%
Total physical RAM: 1277.98 MB
Available physical RAM: 586.64 MB
Total Virtual: 1900.78 MB
Available Virtual: 1366.48 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:52.71 GB) (Free:23.27 GB) NTFS ==>[drive with boot components (Windows XP)]
Drive d: (COMPAQ) (Fixed) (Total:7.86 GB) (Free:7.86 GB) FAT32
Drive e: (Backup) (Fixed) (Total:18.17 GB) (Free:18.08 GB) NTFS

==================== MBR & Partition Table ==================

Disk: 0 (Size: 74.5 GB) (Disk ID: D0F4738C)
Partition 1: (Not Active) - (Size=31 MB) - (Type=DE)
Partition 2: (Active) - (Size=52.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=18.2 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=3.6 GB) - (Type=DB)

Disk: 1 (Size: 7.9 GB) (Disk ID: C197C197)
Partition 1: (Active) - (Size=7.9 GB) - (Type=0C)

==================== End of Addition.txt ============================


  • 0




    Malware Expert

  • Expert
  • 24,709 posts
  • MVP
Clear the Java Cache by following the instructions on
You do not have the latest Java.
First go into Control Panel, Add/Remove Software (XP) or Programs and Features (Vista/Win 7) and remove any old versions (which may call themselves: Java Runtime, Runtime Environment, Runtime, JRE, Java Virtual Machine, Virtual Machine, Java VM, JVM, VM, J2RE, J2SE)
I see:
Java™ 6 Update 22 
Java™ 6 Update 25 
Java has been very vulnerable to infection so unless you absolutely need it you should not reinstall it.
Also uninstall
InstallIQ Updater

Start, Run, eventvwr.msc, OK to bring up the Event Viewer.  Right click on System and Clear All Events, No (we don't want to save the old log), OK. Repeat for Application. 

Download the attached fixlist.txt to the same location as FRST
Run FRST and press Fix
A fix log will be generated please post that.  (PC will reboot)

Download : ADWCleaner to your desktop.  Make sure you get the correct Download button.  Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @BleepingComputer
NOTE: If using Internet Explorer and you get an alert that stops the program downloading, click on the warning and allow the download to complete.
Close  all programs, pause your anti-virus and run AdwCleaner (Vista or Win 7 => right click and Run As Administrator).
Click on Scan  and follow the prompts. Let it run unhindered. When done, click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy & Paste this report on your next reply.
The report will be saved in the C:\AdwCleaner folder.
Run FRST again, check the Additions box and then Scan.  You will get two logs.  Post them both.

  • 0



    Malware Expert

  • Expert
  • 24,709 posts
  • MVP
Not sure why you PM'd me with this so I put it where it sort of belongs.
The fixlist.txt file was at the bottom of my previous post.  It will clean up some of your errors.
Additional scan result of Farbar Recovery Scan Tool (x86) Version:10-01-2015 01
Ran by Milisa (2016-01-15 21:49:02)
Running from C:\Documents and Settings\Milisa\My Documents\Downloads
Microsoft Windows XP Home Edition Service Pack 3 (X86) (2006-09-16 21:06:15)
Boot Mode: Normal

==================== Accounts: =============================

Administrator (S-1-5-21-2814364803-843946100-1677762924-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
Guest (S-1-5-21-2814364803-843946100-1677762924-501 - Limited - Enabled)
HelpAssistant (S-1-5-21-2814364803-843946100-1677762924-1006 - Limited - Disabled)
Milisa (S-1-5-21-2814364803-843946100-1677762924-1008 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Milisa
SUPPORT_388945a0 (S-1-5-21-2814364803-843946100-1677762924-1002 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

32 Bit HP CIO Components Installer (Version: 6.1.1 - Hewlett-Packard) Hidden
Adobe Flash Player 20 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: - Adobe Systems Incorporated)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Conexant D850 56K V.9x DFVc Modem (HKLM\...\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1) (Version: - )
Dell CinePlayer (HKLM\...\{43CAC9A1-1993-4F65-9096-7C9AFC2BBF54}) (Version: 3.0 - Dell)
Dell Driver Reset Tool (HKLM\...\{5905F42D-3F5F-4916-ADA6-94A3646AEE76}) (Version: 1.02.0000 - Dell Inc.)
Dell System Restore (HKLM\...\{74F7662C-B1DB-489E-A8AC-07A06B24978B}) (Version: 2.00.0000 - Dell Inc.)
Digital Content Portal (HKLM\...\{6D5FCA42-1486-4E32-AFE8-1B7E2AA59D33}) (Version: 1.00.0000 - Dell)
EducateU (HKLM\...\{A683A2C0-821C-486F-858C-FA634DB5E864}) (Version: 1.00.0000 - Dell)
ELIcon (Version: 1.00.0000 - Dell) Hidden
EPSON Connect version 1.0 (HKLM\...\EPSON Connect_is1) (Version: 1.0 - Epson America Inc.)
Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM\...\{10144CFE-D76C-4CFA-81A1-37A1642349A3}) (Version: 3.01.0013 - Seiko Epson Corporation)
EPSON Scan (HKLM\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON XP-410 Series Printer Uninstall (HKLM\...\EPSON XP-410 Series) (Version: - SEIKO EPSON Corporation)
Epson XP-410 User's Guide version 1.0 (HKLM\...\UsersGuideEpson XP-410 User's Guide_is1) (Version: 1.0 - )
EpsonNet Print (HKLM\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
Google Chrome (HKLM\...\Google Chrome) (Version: 47.0.2526.111 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7210.1528 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: - Google Inc.) Hidden
Google Update Helper (Version: - Google Inc.) Hidden
Intel® Extreme Graphics 2 Driver (HKLM\...\{8A708DD8-A5E6-11D4-A706-000629E95E20}) (Version: - )
Intel® PRO Network Adapters and Drivers (HKLM\...\PROSet) (Version: - )
Intel® PROSet for Wired Connections (HKLM\...\{17334AAF-C9E7-483B-9F45-E3FCAF07FFA7}) (Version: 8.00.5000 - Dell)
MCU (Version: 1.00.0000 - Dell) Hidden
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version: - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Base Smart Card Cryptographic Service Provider Package (HKLM\...\KB909520) (Version: - Microsoft Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Office XP Professional (HKLM\...\{91110409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Plus! Digital Media Edition Installer (HKLM\...\{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}) (Version: - Microsoft Corporation)
Microsoft Plus! Photo Story 2 LE (HKLM\...\{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}) (Version: - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Windows Media Video 9 VCM (HKLM\...\WMV9_VCM) (Version: - )
Microsoft Works (HKLM\...\{6D52C408-B09A-4520-9B18-475B81D393F1}) (Version: 08.05.0818 - Microsoft Corporation)
Mozilla Firefox 43.0.4 (x86 en-US) (HKLM\...\Mozilla Firefox 43.0.4 (x86 en-US)) (Version: 43.0.4 - Mozilla)
MSVC80_x86 (Version: - Nokia) Hidden
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NETGEAR WNA3100 wireless USB 2.0 driver (HKLM\...\{C2425F91-1F7B-4037-9A05-9F290184798D}) (Version: - NETGEAR)
PrintMaster Gold 3.00 (HKLM\...\PrintMaster Gold 3.00) (Version: - )
SAMSUNG SYMBIAN USB Download Driver (HKLM\...\{D8CE69B0-9274-4b8c-BA49-0FF6A20A3C65}) (Version: 1.1.808.7165 - SAMSUNG Electronics CO,.LTD)
Segoe UI (Version: 14.0.4327.805 - Microsoft Corp) Hidden
Software Updater (HKLM\...\{D60071DB-459C-465C-92EF-336E65F1A436}) (Version: 4.0.1 - SEIKO EPSON CORPORATION)
Sonic Activation Module (Version: 1.0 - Sonic Solutions) Hidden
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: - AVG Technologies CZ, s.r.o.)
WebCyberCoach 3.2 Dell (HKLM\...\WebCyberCoach_wtrb) (Version: - )
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.7.0017.0 - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version: - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Installer 3.1 (KB893803) (HKLM\...\KB893803v2) (Version: - Microsoft Corporation)
Windows Installer Clean Up (HKLM\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sign-in Assistant (HKLM\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Upload Tool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - )
Windows Search 4.0 (HKLM\...\KB940157) (Version: 04.00.6001.503 - Microsoft Corporation)
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
XML Paper Specification Shared Components Pack 1.0 (Version: - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2814364803-843946100-1677762924-1008_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Documents and Settings\Milisa\Application Data\Dropbox\bin\Dropbox.exe /autoplay => No File
CustomCLSID: HKU\S-1-5-21-2814364803-843946100-1677762924-1008_Classes\CLSID\{0507EEDE-3AE7-49c7-BF37-0EB4A62D8638}\localserver32 -> C:\Program Files\Google\Google Talk\googletalk.exe => No File
CustomCLSID: HKU\S-1-5-21-2814364803-843946100-1677762924-1008_Classes\CLSID\{33b07fd4-5917-43e1-968d-4c79231836bf}\localserver32 -> C:\Program Files\Google\Google Talk\googletalk.exe => No File
CustomCLSID: HKU\S-1-5-21-2814364803-843946100-1677762924-1008_Classes\CLSID\{A8F086C3-2497-4229-82FE-586F2D326F95}\localserver32 -> C:\Program Files\Google\Google Talk\googletalk.exe => No File
CustomCLSID: HKU\S-1-5-21-2814364803-843946100-1677762924-1008_Classes\CLSID\{d33f3ced-d7d5-44f1-a9fe-6927dabb1934}\localserver32 -> C:\Program Files\Google\Google Talk\googletalk.exe => No File
CustomCLSID: HKU\S-1-5-21-2814364803-843946100-1677762924-1008_Classes\CLSID\{E69341A3-E6D2-4175-B60C-C9D3D6FA40F6}\localserver32 -> C:\Documents and Settings\Milisa\Application Data\Dropbox\bin\Dropbox.exe /wiacallback => No File

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\EPSON XP-410 Series Invitation {1021F97F-E103-44FB-B493-B45A6521AC55}.job => C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FTSLAE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-410 Series Update {1021F97F-E103-44FB-B493-B45A6521AC55}.job => C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FTSLAE.EXE:/EXE:{1021F97F-E103-44FB-B493-B45A6521AC55} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\SlimCleaner Plus (Scheduled Scan - Milisa).job => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe
Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{3FC32BFE-2D0E-4558-B1AC-B97DECCA73A5}.job => C:\WINDOWS\system32\msfeedssync.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-07-15 14:55 - 2014-08-18 16:50 - 00316120 _____ () C:\Program Files\NETGEAR\WNA3100\WifiSvc.exe
2015-07-15 14:44 - 2014-10-29 14:40 - 00319488 _____ () C:\Program Files\NETGEAR\WNA3100\WifiLib.dll
2015-07-15 14:44 - 2014-08-18 16:49 - 08274648 _____ () C:\Program Files\NETGEAR\WNA3100\WNA3100.exe
2015-07-15 14:44 - 2014-07-22 09:18 - 00278528 _____ () C:\Program Files\NETGEAR\WNA3100\WifiSvcLib.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:15D5AA51
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:F35A93AD
AlternateDataStreams: C:\Documents and Settings\Milisa\My Documents\Files named ablog jemima and hitler .fnd:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2004-08-10 12:51 - 2015-09-04 08:27 - 00000029 ____A C:\WINDOWS\system32\Drivers\etc\hosts localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2814364803-843946100-1677762924-1008\Control Panel\Desktop\\Wallpaper -> C:\Documents and Settings\Milisa\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
DNS Servers: -
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

DomainProfile\AuthorizedApplications: [C:\Program Files\Common Files\AOL\ACS\AOLDial.exe] => Enabled:AOL
DomainProfile\AuthorizedApplications: [C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe] => Enabled:AOL
DomainProfile\AuthorizedApplications: [C:\Program Files\America Online 9.0\waol.exe] => Enabled:AOL
DomainProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe] => Enabled:hpqtra08.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe] => Enabled:hpqste08.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hposid01.exe] => Enabled:hposid01.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe] => Enabled:hpqkygrp.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe] => Enabled:hpfccopy.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe] => Enabled:hpoews01.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe] => Enabled:hpiscnapp.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe] => Enabled:hpqphotocrm.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe] => Enabled:hpqgplgtupl.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe] => Enabled:hpqgpc01.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe] => Enabled:hpqusgm.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe] => Enabled:hpqusgh.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\HP\HP Software Update\HPWUCli.exe] => Enabled:hpwucli.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe] => Enabled:smartwebprintexe.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe] => Enabled:Windows Live Sync
StandardProfile\AuthorizedApplications: [C:\Program Files\Common Files\AOL\ACS\AOLDial.exe] => Enabled:AOL
StandardProfile\AuthorizedApplications: [C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe] => Enabled:AOL
StandardProfile\AuthorizedApplications: [C:\Program Files\America Online 9.0\waol.exe] => Enabled:AOL
StandardProfile\AuthorizedApplications: [C:\WINDOWS\system32\usmt\migwiz.exe] => Enabled:Files and Settings Transfer Wizard
StandardProfile\AuthorizedApplications: [C:\Program Files\Grisoft\AVG Free\avginet.exe] => Enabled:avginet.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Grisoft\AVG Free\avgamsvr.exe] => Enabled:avgamsvr.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Grisoft\AVG Free\avgcc.exe] => Enabled:avgcc.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe] => Enabled:hpqtra08.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe] => Enabled:hpqste08.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hposid01.exe] => Enabled:hposid01.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe] => Enabled:hpqkygrp.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe] => Enabled:hpfccopy.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe] => Enabled:hpoews01.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe] => Enabled:hpiscnapp.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe] => Enabled:hpqphotocrm.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe] => Enabled:hpqgplgtupl.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe] => Enabled:hpqgpc01.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe] => Enabled:hpqusgm.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe] => Enabled:hpqusgh.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\HP\HP Software Update\HPWUCli.exe] => Enabled:hpwucli.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe] => Enabled:smartwebprintexe.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe] => Enabled:Windows Live Sync
StandardProfile\AuthorizedApplications: [C:\WINDOWS\Temp\~osF2.tmp\rlvknlg.exe] => Enabled:rlvknlg.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe] => Enabled:backWeb-7288971
StandardProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe] => Disabled:hpgs2wnf Module
StandardProfile\AuthorizedApplications: [C:\Documents and Settings\Milisa\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe] => Enabled:Google Talk Plugin
StandardProfile\AuthorizedApplications: [C:\Program Files\Google\Google Talk\googletalk.exe] => Enabled:Google Talk
StandardProfile\AuthorizedApplications: [C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe] => Enabled:Yahoo! Messenger
StandardProfile\AuthorizedApplications: [C:\Documents and Settings\Milisa\Application Data\Spotify\spotify.exe] => Enabled:Spotify
StandardProfile\AuthorizedApplications: [C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe] => Enabled:McAfee Shared Service Host
StandardProfile\AuthorizedApplications: [C:\Program Files\AVG\AVG2015\avgmfapx.exe] => Enabled:AVG Installer
StandardProfile\AuthorizedApplications: [C:\Program Files\pandasecuritytb\ToolbarCleaner.exe] => Enabled:ToolbarCleaner
StandardProfile\AuthorizedApplications: [C:\Program Files\Mozilla Firefox\firefox.exe] => Enabled:Firefox (C:\Program Files\Mozilla Firefox)
StandardProfile\AuthorizedApplications: [C:\Program Files\Google\Chrome\Application\chrome.exe] => Enabled:Google Chrome
DomainProfile\GloballyOpenPorts: [139:TCP] => Enabled:@xpsp2res.dll,-22004
DomainProfile\GloballyOpenPorts: [445:TCP] => Enabled:@xpsp2res.dll,-22005
DomainProfile\GloballyOpenPorts: [137:UDP] => Enabled:@xpsp2res.dll,-22001
DomainProfile\GloballyOpenPorts: [138:UDP] => Enabled:@xpsp2res.dll,-22002
DomainProfile\GloballyOpenPorts: [1900:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22007
DomainProfile\GloballyOpenPorts: [2869:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22008
DomainProfile\GloballyOpenPorts: [10243:TCP] => :LocalSubNet:Enabled:Windows Media Player Network Sharing Service
DomainProfile\GloballyOpenPorts: [10280:UDP] => :LocalSubNet:Enabled:Windows Media Player Network Sharing Service
DomainProfile\GloballyOpenPorts: [10281:UDP] => :LocalSubNet:Enabled:Windows Media Player Network Sharing Service
DomainProfile\GloballyOpenPorts: [10282:UDP] => :LocalSubNet:Enabled:Windows Media Player Network Sharing Service
DomainProfile\GloballyOpenPorts: [10283:UDP] => :LocalSubNet:Enabled:Windows Media Player Network Sharing Service
DomainProfile\GloballyOpenPorts: [10284:UDP] => :LocalSubNet:Enabled:Windows Media Player Network Sharing Service
StandardProfile\GloballyOpenPorts: [1900:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22007
StandardProfile\GloballyOpenPorts: [2869:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22008
StandardProfile\GloballyOpenPorts: [139:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22004
StandardProfile\GloballyOpenPorts: [445:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22005
StandardProfile\GloballyOpenPorts: [137:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22001
StandardProfile\GloballyOpenPorts: [138:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22002
StandardProfile\GloballyOpenPorts: [10243:TCP] => :LocalSubNet:Enabled:Windows Media Player Network Sharing Service
StandardProfile\GloballyOpenPorts: [10280:UDP] => :LocalSubNet:Enabled:Windows Media Player Network Sharing Service
StandardProfile\GloballyOpenPorts: [10281:UDP] => :LocalSubNet:Enabled:Windows Media Player Network Sharing Service
StandardProfile\GloballyOpenPorts: [10282:UDP] => :LocalSubNet:Enabled:Windows Media Player Network Sharing Service
StandardProfile\GloballyOpenPorts: [10283:UDP] => :LocalSubNet:Enabled:Windows Media Player Network Sharing Service
StandardProfile\GloballyOpenPorts: [10284:UDP] => :LocalSubNet:Enabled:Windows Media Player Network Sharing Service

==================== Restore Points =========================

17-10-2015 12:10:50 System Checkpoint
24-10-2015 11:34:46 System Checkpoint
25-10-2015 11:41:03 System Checkpoint
28-10-2015 21:05:13 System Checkpoint
04-11-2015 12:32:09 System Checkpoint
05-11-2015 15:46:28 System Checkpoint
07-11-2015 12:09:39 System Checkpoint
09-11-2015 18:25:49 Removed DriverUpdate
09-11-2015 19:48:41 Removed SlimCleaner Plus
12-11-2015 10:33:03 Software Distribution Service 3.0
13-11-2015 11:17:38 System Checkpoint
14-11-2015 18:19:02 System Checkpoint
18-11-2015 14:34:50 System Checkpoint
19-11-2015 17:44:05 System Checkpoint
28-11-2015 12:56:14 System Checkpoint
29-11-2015 12:57:07 System Checkpoint
01-12-2015 15:03:59 System Checkpoint
02-12-2015 15:31:49 System Checkpoint
04-12-2015 20:21:59 System Checkpoint
06-12-2015 17:46:07 System Checkpoint
08-12-2015 13:00:00 System Checkpoint
09-12-2015 14:07:04 System Checkpoint
10-12-2015 11:14:30 Software Distribution Service 3.0
12-12-2015 13:13:08 System Checkpoint
14-12-2015 13:10:13 System Checkpoint
15-12-2015 19:06:21 System Checkpoint
18-12-2015 20:09:52 System Checkpoint
20-12-2015 21:45:33 System Checkpoint
22-12-2015 15:20:52 System Checkpoint
24-12-2015 12:02:38 System Checkpoint
25-12-2015 19:56:19 System Checkpoint
27-12-2015 23:21:09 System Checkpoint
29-12-2015 13:17:20 System Checkpoint
02-01-2016 19:22:03 System Checkpoint
02-01-2016 21:17:27 Restore Operation
04-01-2016 01:32:04 System Checkpoint
05-01-2016 10:29:42 System Checkpoint
07-01-2016 14:52:39 System Checkpoint
10-01-2016 01:10:44 System Checkpoint
11-01-2016 19:56:54 System Checkpoint
12-01-2016 13:12:31 Installed Windows XP Wdf01009.
12-01-2016 13:57:03 Installed Windows XP Wdf01009.
14-01-2016 11:52:55 Software Distribution Service 3.0
15-01-2016 20:22:19 Removed InstallIQ Updater
15-01-2016 20:23:12 Removed Java™ 6 Update 22
15-01-2016 20:24:13 Removed Java™ 6 Update 25

==================== Faulty Device Manager Devices =============

Name: Intel® PRO/100 VE Network Connection
Description: Intel® PRO/100 VE Network Connection
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service: E100B
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
Error: (01/15/2016 09:20:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application adwcleaner.exe, version, faulting module adwcleaner.exe, version, fault address 0x000211de.
Processing media-specific event for [adwcleaner.exe!ws!]

System errors:
Error: (01/15/2016 09:42:32 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Routing and Remote Access service terminated with service-specific error 711 (0x2C7).

Error: (01/15/2016 09:42:32 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Windows Media Player Network Sharing Service service depends on the Universal Plug and Play Device Host service which failed to start because of the following error: 

Error: (01/15/2016 09:42:32 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Alerter service depends on the Workstation service which failed to start because of the following error: 

Error: (01/15/2016 09:42:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The adfs service failed to start due to the following error: 

Error: (01/15/2016 09:41:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Application Layer Gateway Service service terminated unexpectedly. It has done this 1 time(s).

Error: (01/15/2016 09:41:26 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (01/15/2016 09:41:26 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The WSWNA3100 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.

Error: (01/15/2016 09:41:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Machine Debug Manager service terminated unexpectedly. It has done this 1 time(s).

Error: (01/15/2016 09:41:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Epson Scanner Service service terminated unexpectedly. It has done this 1 time(s).

Error: (01/15/2016 09:41:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The EpsonCustomerParticipation service terminated unexpectedly. It has done this 1 time(s).

==================== Memory info =========================== 

Processor: Intel® Celeron® CPU 2.53GHz
Percentage of memory in use: 43%
Total physical RAM: 1277.98 MB
Available physical RAM: 721.63 MB
Total Virtual: 1900.77 MB
Available Virtual: 1496.03 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:52.71 GB) (Free:23.25 GB) NTFS ==>[drive with boot components (Windows XP)]
Drive d: (COMPAQ) (Fixed) (Total:7.86 GB) (Free:7.86 GB) FAT32
Drive e: (Backup) (Fixed) (Total:18.17 GB) (Free:18.08 GB) NTFS

==================== MBR & Partition Table ==================

Disk: 0 (Size: 74.5 GB) (Disk ID: D0F4738C)
Partition 1: (Not Active) - (Size=31 MB) - (Type=DE)
Partition 2: (Active) - (Size=52.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=18.2 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=3.6 GB) - (Type=DB)

Disk: 1 (Size: 7.9 GB) (Disk ID: C197C197)
Partition 1: (Active) - (Size=7.9 GB) - (Type=0C)

==================== End of Addition.txt ============================

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:10-01-2015 01
Ran by Milisa (administrator) on DONA (15-01-2016 21:45:10)
Running from C:\Documents and Settings\Milisa\My Documents\Downloads
Loaded Profiles: Milisa (Available Profiles: Milisa & Administrator)
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) Language: English (United States)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
(Seiko Epson Corporation) C:\WINDOWS\system32\escsvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON Software\Event Manager\EEventManager.exe
() C:\Program Files\NETGEAR\WNA3100\WifiSvc.exe
(CloudCanvas) C:\Program Files\CloudCanvas\CloudCanvas.exe
(Microsoft Corporation) C:\Program Files\Messenger\msmsgs.exe
() C:\Program Files\NETGEAR\WNA3100\WNA3100.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ISUSPM Startup] => C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [249856 2005-06-10] (InstallShield Software Corporation)
HKLM\...\Run: [EEventManager] => C:\Program Files\Epson Software\Event Manager\EEventManager.exe [1057920 2012-07-31] (SEIKO EPSON CORPORATION)
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKU\S-1-5-21-2814364803-843946100-1677762924-1008\...\Run: [CloudCanvas] => C:\Program Files\CloudCanvas\CloudCanvas.exe [138752 2012-04-17] (CloudCanvas)
HKU\S-1-5-21-2814364803-843946100-1677762924-1008\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-13] (Microsoft Corporation)
HKU\S-1-5-21-2814364803-843946100-1677762924-1008\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\ssmypics.scr [47104 2008-04-13] (Microsoft Corporation)
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [304128 2009-05-25] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\Uninstall SafeKey RunOnce.lnk [2015-08-11]
ShortcutTarget: Uninstall SafeKey RunOnce.lnk -> C:\Program Files\Common Files\lpuninstall.exe (McAfee)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Install SafeKey FF RunOnce.lnk [2015-04-05]
ShortcutTarget: Install SafeKey FF RunOnce.lnk -> C:\Program Files\Common Files\lpuninstall.exe (McAfee)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NETGEAR WNA3100 Genie.lnk [2015-07-15]
ShortcutTarget: NETGEAR WNA3100 Genie.lnk -> C:\Program Files\NETGEAR\WNA3100\WNA3100.exe ()
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [.DEFAULT] => ftp=;http=
 [.DEFAULT] => ftp=;http=
Tcpip\..\Interfaces\{219A7CC0-44C8-451B-9EB5-C7EF8D729273}: [DhcpNameServer]

Internet Explorer:
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2814364803-843946100-1677762924-1008\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2814364803-843946100-1677762924-1008\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-2814364803-843946100-1677762924-1008\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.google.com/?trackid=sp-006
URLSearchHook: HKU\S-1-5-21-2814364803-843946100-1677762924-1008 - (No Name) - {472734EA-242A-422b-ADF8-83D1E48CC825} - No File
URLSearchHook: HKU\S-1-5-21-2814364803-843946100-1677762924-1008 - (No Name) - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No File
SearchScopes: HKLM -> {A25AC313-DD19-4238-ACA2-401D6BEE4321} URL = 
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = 
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2814364803-843946100-1677762924-1008 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2814364803-843946100-1677762924-1008 -> {55BF085E-B9D8-4A5A-A701-9B6A3A79C28D} URL = hxxps://search.yahoo.com/search?fr=mcafee&type=B011US0D20150405&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2814364803-843946100-1677762924-1008 -> {A25AC313-DD19-4238-ACA2-401D6BEE4321} URL = hxxp://www.internet-home-page.com/search.php?q={searchTerms}&cof=FORID:10&ie={inputEncoding}
SearchScopes: HKU\S-1-5-21-2814364803-843946100-1677762924-1008 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = hxxps://search.yahoo.com/search?p={searchTerms}&ei=UTF-8&fr=w3i&type=W3i_DS,136,0_0,Search,20150104,20028,0,8,0
SearchScopes: HKU\S-1-5-21-2814364803-843946100-1677762924-1008 -> {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = hxxp://search.yahoo.com/search?p={searchTerms}
SearchScopes: HKU\S-1-5-21-2814364803-843946100-1677762924-1008 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-18] (Google Inc.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll => No File
BHO: JQSIEStartDetectorImpl Class -> {E7E6F031-17CE-4C07-BC86-EABFE594F69C} -> C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll => No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-18] (Google Inc.)
Toolbar: HKU\.DEFAULT -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-18] (Google Inc.)
Toolbar: HKU\S-1-5-21-2814364803-843946100-1677762924-1008 -> No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
Toolbar: HKU\S-1-5-21-2814364803-843946100-1677762924-1008 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-18] (Google Inc.)
DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} hxxp://office.microsoft.com/officeupdate/content/opuc3.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2006-06-05] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Intern

FF ProfilePath: C:\Documents and Settings\Milisa\Application Data\Mozilla\Firefox\Profiles\tat9zqy3.default-1441292214421
FF NewTab: about:newtab
FF DefaultSearchEngine: Yahoo
FF SelectedSearchEngine: Yahoo
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_20_0_0_267.dll [2015-12-29] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF SearchPlugin: C:\Documents and Settings\Milisa\Application Data\Mozilla\Firefox\Profiles\tat9zqy3.default-1441292214421\searchplugins\googletranslate.xml [2015-11-11]
FF Extension: Pin It button - C:\Documents and Settings\Milisa\Application Data\Mozilla\Firefox\Profiles\tat9zqy3.default-1441292214421\Extensions\[email protected] [2015-09-15]

CHR Profile: C:\Documents and Settings\Milisa\Local Settings\Application Data\Google\Chrome\User Data\Default

StartMenuInternet: (HKLM) Opera.exe - blank

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 EpsonCustomerParticipation; C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe [577008 2014-11-04] (SEIKO EPSON CORPORATION)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc.exe [126128 2012-05-16] (Seiko Epson Corporation)
R2 Net Driver HPZ12; C:\WINDOWS\system32\HPZinw12.dll [44544 2008-12-03] (Hewlett-Packard) [File not signed]
S3 NetSvc; C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe [143360 2003-12-17] (Intel® Corporation) [File not signed]
R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [53760 2008-12-03] (Hewlett-Packard) [File not signed]
R2 WSWNA3100; C:\Program Files\NETGEAR\WNA3100\WifiSvc.exe [316120 2014-08-18] ()
S4 AcrSch2Svc; "C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe" [X]
S4 getPlusHelper; C:\Program Files\NOS\bin\getPlus_Helper.dll [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 abp480n5; C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS [23552 2001-08-17] (Microsoft Corporation)
R3 BCMH43XX; C:\WINDOWS\System32\DRIVERS\bcmwlhigh5.sys [642432 2009-11-06] (Broadcom Corporation)
S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49920 2008-10-28] (HP)
S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2008-10-28] (HP)
S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2008-10-28] (HP)
S3 NPF; C:\WINDOWS\System32\DRIVERS\npf.sys [50704 2010-02-03] (CACE Technologies, Inc.)
S3 Pcouffin; C:\WINDOWS\System32\Drivers\Pcouffin.sys [47360 2009-11-19] (VSO Software) [File not signed]
R2 tifsfilter; C:\WINDOWS\System32\DRIVERS\tifsfilt.sys [44384 2008-01-06] (Acronis)
S2 adfs; no ImagePath
S3 catchme; \??\C:\DOCUME~1\Milisa\LOCALS~1\Temp\catchme.sys [X]
S3 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [X]
U0 mfewfpk; no ImagePath
S3 pccsmcfd; system32\DRIVERS\pccsmcfd.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U3 TlntSvr; no ImagePath
S3 wanatw; system32\DRIVERS\wanatw4.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-15 03:32 - 2016-01-15 03:32 - 00000000 ____D C:\Documents and Settings\Milisa\My Documents\more stuff
2016-01-14 17:35 - 2016-01-15 21:45 - 00000000 ____D C:\FRST
2016-01-13 22:24 - 2016-01-13 22:24 - 00013824 _____ C:\Documents and Settings\Milisa\My Documents\bundy.wps
2016-01-12 13:51 - 2016-01-14 22:16 - 00001813 _____ C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
2016-01-12 13:51 - 2016-01-12 13:51 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Google Chrome
2016-01-12 13:12 - 2016-01-12 13:12 - 00000000 __HDC C:\WINDOWS\$NtUninstallWdf01009$
2016-01-12 13:12 - 2008-11-07 18:55 - 00016928 ____N (Microsoft Corporation) C:\WINDOWS\system32\spmsgXP_2k3.dll
2016-01-12 13:07 - 2016-01-12 13:07 - 00000000 ____D C:\Documents and Settings\Milisa\Local Settings\Application Data\FusionBrowser
2016-01-12 13:06 - 2016-01-12 13:37 - 00000000 ____D C:\Program Files\FusionBrowser
2016-01-11 22:54 - 2016-01-11 22:55 - 00000000 ____D C:\Documents and Settings\Milisa\My Documents\ebay
2016-01-10 13:25 - 2016-01-10 13:25 - 00090112 _____ C:\WINDOWS\Minidump\Mini011016-01.dmp
2016-01-08 22:41 - 2016-01-08 22:41 - 00000000 ____D C:\Documents and Settings\Milisa\My Documents\c3
2016-01-07 07:03 - 2016-01-07 07:03 - 00068096 _____ C:\Documents and Settings\Milisa\My Documents\psycho gov 2.wps
2016-01-07 07:02 - 2016-01-07 07:02 - 00038400 _____ C:\Documents and Settings\Milisa\My Documents\psyco gov.wps
2016-01-07 01:35 - 2016-01-15 20:23 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-01-03 19:15 - 2016-01-03 19:15 - 00000000 ____D C:\Documents and Settings\Milisa\My Documents\My Smilebox Creations
2016-01-03 19:14 - 2016-01-03 19:14 - 00001930 _____ C:\Documents and Settings\Milisa\Start Menu\Programs\Smilebox.lnk
2016-01-02 21:03 - 2016-01-02 21:05 - 00080604 _____ C:\WINDOWS\ntbtlog.txt
2015-12-29 14:50 - 2015-12-29 14:50 - 00029184 _____ C:\Documents and Settings\Milisa\My Documents\5.wps
2015-12-25 15:19 - 2016-01-15 20:28 - 00001917 _____ C:\WINDOWS\imsins.BAK
2015-12-24 19:00 - 2015-12-24 19:00 - 00041984 _____ C:\Documents and Settings\Milisa\My Documents\doc1.wps
2015-12-24 19:00 - 2015-12-24 19:00 - 00028672 _____ C:\Documents and Settings\Milisa\My Documents\2.wps
2015-12-23 19:23 - 2015-12-23 18:35 - 00683598 _____ C:\Documents and Settings\Milisa\My Documents\The-Ultimate-List-2015.pdf
2015-12-17 12:07 - 2015-12-17 12:07 - 00014848 _____ C:\Documents and Settings\Milisa\My Documents\DMT.wps

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-15 21:47 - 2011-07-06 09:55 - 00000000 ____D C:\Documents and Settings\Milisa\Local Settings\Temp
2016-01-15 21:42 - 2015-09-01 13:48 - 00000882 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-15 21:42 - 2004-08-10 13:08 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-01-15 21:42 - 2004-08-10 12:51 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2016-01-15 21:41 - 2014-09-25 08:39 - 00000000 ____D C:\AdwCleaner
2016-01-15 21:41 - 2009-11-07 14:33 - 00000278 ___SH C:\Documents and Settings\Milisa\ntuser.ini
2016-01-15 21:41 - 2004-08-10 13:08 - 00032656 _____ C:\WINDOWS\SchedLgU.Txt
2016-01-15 21:40 - 2011-04-08 12:51 - 00000424 ____H C:\WINDOWS\Tasks\User_Feed_Synchronization-{3FC32BFE-2D0E-4558-B1AC-B97DECCA73A5}.job
2016-01-15 21:32 - 2015-08-17 19:32 - 00000917 _____ C:\WINDOWS\Tasks\EPSON XP-410 Series Update {1021F97F-E103-44FB-B493-B45A6521AC55}.job
2016-01-15 21:32 - 2015-08-17 19:32 - 00000731 _____ C:\WINDOWS\Tasks\EPSON XP-410 Series Invitation {1021F97F-E103-44FB-B493-B45A6521AC55}.job
2016-01-15 21:24 - 2009-10-20 11:34 - 00000000 ____D C:\WINDOWS\system32\GroupPolicy
2016-01-15 21:24 - 2004-08-10 13:02 - 00000000 ____D C:\WINDOWS\Registration
2016-01-15 21:09 - 2015-09-01 13:48 - 00000886 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-15 21:05 - 2011-07-06 11:38 - 00035968 _____ C:\Documents and Settings\Milisa\Application Data\wklnhst.dat
2016-01-15 20:58 - 2015-09-01 12:52 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-01-15 20:54 - 2009-11-07 14:33 - 00000000 ____D C:\Documents and Settings\Milisa\Local Settings\Application Data\ApplicationHistory
2016-01-15 20:54 - 2006-09-07 12:24 - 00000000 ____D C:\WINDOWS
2016-01-15 20:49 - 2004-08-10 12:57 - 00672470 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-01-15 20:24 - 2006-09-07 12:44 - 00000000 ____D C:\Program Files\Java
2016-01-15 20:22 - 2011-05-15 09:02 - 00000000 __SHD C:\WINDOWS\system32\AI_RecycleBin
2016-01-15 12:53 - 2009-11-07 14:33 - 00000000 ___RD C:\Documents and Settings\Milisa\My Documents\My Pictures
2016-01-15 12:21 - 2015-11-09 12:21 - 00000368 _____ C:\WINDOWS\Tasks\SlimCleaner Plus (Scheduled Scan - Milisa).job
2016-01-15 03:32 - 2009-11-07 14:33 - 00000000 ___RD C:\Documents and Settings\Milisa\My Documents
2016-01-14 16:38 - 2015-07-20 13:18 - 00011264 _____ C:\Documents and Settings\Milisa\My Documents\ablog the story teller.wps
2016-01-14 15:22 - 2015-07-20 14:00 - 00012800 _____ C:\Documents and Settings\Milisa\My Documents\ablog people of color beware.wps
2016-01-14 12:19 - 2014-07-04 12:53 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-01-14 11:53 - 2006-09-16 23:08 - 141317472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-01-12 14:04 - 2011-08-12 15:26 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\AVAST Software
2016-01-12 13:57 - 2004-08-10 12:52 - 00000000 ___HD C:\WINDOWS\inf
2016-01-12 13:49 - 2011-08-05 13:27 - 00000000 ____D C:\Program Files\Google
2016-01-12 13:28 - 2011-04-08 12:43 - 00002329 _____ C:\Documents and Settings\Milisa\Start Menu\Programs\Windows Install Clean Up.lnk
2016-01-12 13:20 - 2009-11-07 14:33 - 00000000 ____D C:\Documents and Settings\Milisa
2016-01-10 13:25 - 2009-10-27 12:02 - 00000000 ____D C:\WINDOWS\Minidump
2016-01-09 02:20 - 2011-08-05 13:27 - 00000000 ____D C:\Documents and Settings\Milisa\Local Settings\Application Data\Google
2016-01-07 15:43 - 2014-07-04 16:10 - 00000218 _____ C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2016-01-05 02:20 - 2015-07-18 16:39 - 00009216 _____ C:\Documents and Settings\Milisa\My Documents\ablog shallow deep.wps
2016-01-03 02:41 - 2015-07-18 16:04 - 00013824 _____ C:\Documents and Settings\Milisa\My Documents\ablog sad.wps
2016-01-02 21:18 - 2011-04-08 11:18 - 00000000 ____D C:\Documents and Settings\Administrator
2016-01-02 21:18 - 2004-08-10 13:08 - 00000000 __SHD C:\Documents and Settings\NetworkService
2016-01-02 21:18 - 2004-08-10 13:08 - 00000000 __SHD C:\Documents and Settings\LocalService
2016-01-02 21:15 - 2004-08-10 12:51 - 00000751 _____ C:\WINDOWS\win.ini
2016-01-02 21:15 - 2004-08-10 12:51 - 00000227 _____ C:\WINDOWS\system.ini
2016-01-02 21:13 - 2006-09-18 21:26 - 00000000 ____D C:\WINDOWS\pss
2016-01-02 00:58 - 2015-09-01 12:52 - 00796864 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2016-01-02 00:58 - 2015-09-01 12:52 - 00142528 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-12-25 15:16 - 2015-01-21 14:03 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Yahoo!
2015-12-25 15:16 - 2015-01-21 14:02 - 00000000 ____D C:\Documents and Settings\Milisa\Application Data\Yahoo!
2015-12-16 22:58 - 2015-12-15 22:50 - 00344576 _____ C:\Documents and Settings\Milisa\My Documents\silli milli.wps

==================== Files in the root of some directories =======

2015-04-05 19:52 - 2015-08-11 11:16 - 27093992 _____ (McAfee) C:\Program Files\Common Files\lpuninstall.exe
2010-06-10 14:59 - 2010-12-10 18:57 - 0002555 _____ () C:\Documents and Settings\Milisa\Application Data\SAS7_000.DAT
2011-07-06 11:38 - 2016-01-15 21:05 - 0035968 _____ () C:\Documents and Settings\Milisa\Application Data\wklnhst.dat
2015-01-21 14:04 - 2015-01-21 14:04 - 0000108 _____ () C:\Documents and Settings\Milisa\Local Settings\Application Data\35d9d94d597756656d8c7da8923e4721
2010-03-09 18:07 - 2014-12-31 11:35 - 0008704 _____ () C:\Documents and Settings\Milisa\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2009-11-22 04:47 - 2015-08-31 22:32 - 0089172 _____ () C:\Documents and Settings\Milisa\Local Settings\Application Data\FASTWiz.log
2009-11-07 14:33 - 2006-09-07 13:13 - 0000128 _____ () C:\Documents and Settings\Milisa\Local Settings\Application Data\fusioncache.dat
2009-11-08 21:56 - 2013-07-16 14:00 - 0008036 _____ () C:\Documents and Settings\All Users\Application Data\hpzinstall.log
2007-07-31 23:03 - 2009-11-15 15:54 - 0001755 _____ () C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache

Some files in TEMP:
C:\Documents and Settings\Milisa\Local Settings\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpishoze.dll
C:\Documents and Settings\Milisa\Local Settings\Temp\sqlite3.dll

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================

  • 0

Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP