Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

malware spyware [Solved]

Started by Pearlcatdesign , Feb 05 2016 07:09 PM

This topic is locked

#1
Pearlcatdesign

Posted 05 February 2016 - 07:09 PM

Member

Member
80 posts

I have an XP. It has become really slow. The blue circle in the upper left corner that used to spin for about 2-3 seconds, is turning to a grey circle and now takes 5 or more seconds. Sometimes saying not responding but Ctrl,alt delete most of the time says 'running' I more often get the message 'timed out' or 'secure connection failed'. I share wifi with two roommates who have no problem on their computers. I can't even hardly get onto a site before my computer either times out or it'll just spin that circle forever in the upper left corner. I don't play video games, occasional utube and mostly pinterest.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:27-01-2016
Ran by Milisa (administrator) on DONA (05-02-2016 19:22:22)
Running from C:\Documents and Settings\Milisa\Desktop
Loaded Profiles: Milisa (Available Profiles: Milisa & Administrator)
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) Language: English (United States)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
(Seiko Epson Corporation) C:\WINDOWS\system32\escsvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
() C:\Program Files\NETGEAR\WNA3100\WifiSvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON Software\Event Manager\EEventManager.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(CloudCanvas) C:\Program Files\CloudCanvas\CloudCanvas.exe
(Microsoft Corporation) C:\Program Files\Messenger\msmsgs.exe
() C:\Program Files\NETGEAR\WNA3100\WNA3100.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(The OpenVPN Project) C:\Program Files\AVAST Software\Avast\OpenVPN\openvpn.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ISUSPM Startup] => C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [249856 2005-06-10] (InstallShield Software Corporation)
HKLM\...\Run: [EEventManager] => C:\Program Files\Epson Software\Event Manager\EEventManager.exe [1057920 2012-07-31] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7021880 2016-01-30] (AVAST Software)
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKU\S-1-5-21-2814364803-843946100-1677762924-1008\...\Run: [CloudCanvas] => C:\Program Files\CloudCanvas\CloudCanvas.exe [138752 2012-04-17] (CloudCanvas)
HKU\S-1-5-21-2814364803-843946100-1677762924-1008\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-13] (Microsoft Corporation)
HKU\S-1-5-21-2814364803-843946100-1677762924-1008\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\ssmypics.scr [47104 2008-04-13] (Microsoft Corporation)
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [304128 2009-05-25] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2016-01-30] (AVAST Software)
Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\Uninstall SafeKey RunOnce.lnk [2015-08-11]
ShortcutTarget: Uninstall SafeKey RunOnce.lnk -> C:\Program Files\Common Files\lpuninstall.exe (McAfee)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NETGEAR WNA3100 Genie.lnk [2015-07-15]
ShortcutTarget: NETGEAR WNA3100 Genie.lnk -> C:\Program Files\NETGEAR\WNA3100\WNA3100.exe ()
BootExecute: autocheck autochk * C:\PROGRA~1\AVG\Av\avgrsx.exe /sync /restart
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [.DEFAULT] => ftp=192.168.0.1:23;http=192.168.0.1:80
AutoConfigURL: [.DEFAULT] => ftp=192.168.0.1:23;http=192.168.0.1:80
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62
Tcpip\..\Interfaces\{219A7CC0-44C8-451B-9EB5-C7EF8D729273}: [DhcpNameServer] 209.18.47.61 209.18.47.62
Tcpip\..\Interfaces\{D382B8E5-4549-4FB0-B1FF-DC81F0760373}: [DhcpNameServer] 77.234.40.79

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2814364803-843946100-1677762924-1008\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2814364803-843946100-1677762924-1008\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-2814364803-843946100-1677762924-1008\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.google.com/?trackid=sp-006
URLSearchHook: HKU\S-1-5-21-2814364803-843946100-1677762924-1008 - (No Name) - {472734EA-242A-422b-ADF8-83D1E48CC825} - No File
URLSearchHook: HKU\S-1-5-21-2814364803-843946100-1677762924-1008 - (No Name) - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No File
SearchScopes: HKLM -> {A25AC313-DD19-4238-ACA2-401D6BEE4321} URL =
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2814364803-843946100-1677762924-1008 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2814364803-843946100-1677762924-1008 -> {55BF085E-B9D8-4A5A-A701-9B6A3A79C28D} URL = hxxps://search.yahoo.com/search?fr=mcafee&type=B011US0D20150405&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2814364803-843946100-1677762924-1008 -> {A25AC313-DD19-4238-ACA2-401D6BEE4321} URL = hxxp://www.internet-home-page.com/search.php?q={searchTerms}&cof=FORID:10&ie={inputEncoding}
SearchScopes: HKU\S-1-5-21-2814364803-843946100-1677762924-1008 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = hxxps://search.yahoo.com/search?p={searchTerms}&ei=UTF-8&fr=w3i&type=W3i_DS,136,0_0,Search,20150104,20028,0,8,0
SearchScopes: HKU\S-1-5-21-2814364803-843946100-1677762924-1008 -> {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = hxxp://search.yahoo.com/search?p={searchTerms}
SearchScopes: HKU\S-1-5-21-2814364803-843946100-1677762924-1008 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-01-30] (AVAST Software)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-18] (Google Inc.)
BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
BHO: JQSIEStartDetectorImpl Class -> {E7E6F031-17CE-4C07-BC86-EABFE594F69C} -> No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-18] (Google Inc.)
Toolbar: HKU\.DEFAULT -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-18] (Google Inc.)
Toolbar: HKU\S-1-5-21-2814364803-843946100-1677762924-1008 -> No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
Toolbar: HKU\S-1-5-21-2814364803-843946100-1677762924-1008 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-18] (Google Inc.)
DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} hxxp://office.microsoft.com/officeupdate/content/opuc3.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2006-06-05] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Intern

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Milisa\Application Data\Mozilla\Firefox\Profiles\tat9zqy3.default-1441292214421
FF NewTab: about:newtab
FF DefaultSearchEngine: Yahoo
FF SelectedSearchEngine: Yahoo
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-19] ()
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF SearchPlugin: C:\Documents and Settings\Milisa\Application Data\Mozilla\Firefox\Profiles\tat9zqy3.default-1441292214421\searchplugins\googletranslate.xml [2015-11-11]
FF Extension: Pin It button - C:\Documents and Settings\Milisa\Application Data\Mozilla\Firefox\Profiles\tat9zqy3.default-1441292214421\Extensions\[email protected] [2015-09-15]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-02-01]

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Documents and Settings\Milisa\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Documents and Settings\Milisa\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-30]
CHR Extension: (Avast Online Security) - C:\Documents and Settings\Milisa\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-02-01]
CHR Extension: (Chrome Web Store Payments) - C:\Documents and Settings\Milisa\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-01-30]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-01-30]

Opera:
=======
StartMenuInternet: (HKLM) Opera.exe - blank

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [226440 2016-01-30] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [109520 2016-02-01] (AVAST Software)
R2 EpsonCustomerParticipation; C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe [577008 2014-11-04] (SEIKO EPSON CORPORATION)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc.exe [126128 2012-05-16] (Seiko Epson Corporation)
R2 Net Driver HPZ12; C:\WINDOWS\system32\HPZinw12.dll [44544 2008-12-03] (Hewlett-Packard) [File not signed]
S3 NetSvc; C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe [143360 2003-12-17] (Intel® Corporation) [File not signed]
R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [53760 2008-12-03] (Hewlett-Packard) [File not signed]
R2 WSWNA3100; C:\Program Files\NETGEAR\WNA3100\WifiSvc.exe [316120 2014-08-18] ()
S4 getPlusHelper; C:\Program Files\NOS\bin\getPlus_Helper.dll [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 abp480n5; C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS [23552 2001-08-17] (Microsoft Corporation)
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24016 2016-01-30] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [26096 2016-02-01] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [81168 2016-01-30] (AVAST Software)
R0 aswNdis; C:\WINDOWS\System32\DRIVERS\aswNdis.sys [12112 2016-02-01] (ALWIL Software)
R0 aswNdis2; C:\WINDOWS\system32\Drivers\aswNdis2.sys [257720 2016-02-01] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55200 2016-01-30] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49776 2016-01-30] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [812208 2016-01-30] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [449384 2016-01-30] (AVAST Software)
R3 aswStmXP; C:\WINDOWS\system32\drivers\aswStmXP.sys [165104 2016-01-30] (AVAST Software)
R3 aswTap; C:\WINDOWS\System32\DRIVERS\aswTap.sys [35144 2016-01-30] (The OpenVPN Project)
S3 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [58016 2016-01-30] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [209432 2016-01-30] (AVAST Software)
R3 BCMH43XX; C:\WINDOWS\System32\DRIVERS\bcmwlhigh5.sys [642432 2009-11-06] (Broadcom Corporation)
S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49920 2008-10-28] (HP)
S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2008-10-28] (HP)
S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2008-10-28] (HP)
S3 NPF; C:\WINDOWS\System32\DRIVERS\npf.sys [50704 2010-02-03] (CACE Technologies, Inc.)
S3 Pcouffin; C:\WINDOWS\System32\Drivers\Pcouffin.sys [47360 2009-11-19] (VSO Software) [File not signed]
R2 tifsfilter; C:\WINDOWS\System32\DRIVERS\tifsfilt.sys [44384 2008-01-06] (Acronis)
S2 adfs; no ImagePath
S3 catchme; \??\C:\DOCUME~1\Milisa\LOCALS~1\Temp\catchme.sys [X]
S3 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [X]
U0 mfewfpk; no ImagePath
S3 pccsmcfd; system32\DRIVERS\pccsmcfd.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U3 TlntSvr; no ImagePath
S3 wanatw; system32\DRIVERS\wanatw4.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-05 19:22 - 2016-02-05 19:29 - 00014987 _____ C:\Documents and Settings\Milisa\Desktop\FRST.txt
2016-02-05 19:17 - 2016-02-05 19:21 - 01721856 _____ (Farbar) C:\Documents and Settings\Milisa\Desktop\FRST.exe
2016-02-05 16:55 - 2016-02-05 16:55 - 00000000 ____D C:\WINDOWS\LastGood
2016-02-04 17:04 - 2016-02-04 17:04 - 00013312 _____ C:\Documents and Settings\Milisa\My Documents\gun is civilization.wps
2016-02-01 21:47 - 2016-02-01 21:47 - 00106496 _____ C:\WINDOWS\Minidump\Mini020116-01.dmp
2016-02-01 15:12 - 2016-02-01 15:12 - 00000756 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-02-01 15:12 - 2016-02-01 15:12 - 00000756 _____ C:\Documents and Settings\All Users\Desktop\Avast SafeZone Browser.lnk
2016-02-01 15:12 - 2016-02-01 15:12 - 00000388 _____ C:\WINDOWS\Tasks\SafeZone scheduled Autoupdate 1454357543.job
2016-02-01 15:05 - 2016-02-01 15:05 - 00001689 _____ C:\Documents and Settings\All Users\Desktop\Avast Internet Security.lnk
2016-02-01 15:05 - 2016-02-01 15:05 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\AVAST Software
2016-02-01 15:01 - 2016-02-01 14:59 - 00026096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2016-02-01 15:01 - 2016-02-01 14:58 - 00257720 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNdis2.sys
2016-02-01 15:00 - 2016-01-30 15:46 - 00322760 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2016-02-01 14:58 - 2016-02-01 14:58 - 00012112 _____ (ALWIL Software) C:\WINDOWS\system32\Drivers\aswNdis.sys
2016-02-01 12:24 - 2016-02-01 12:24 - 00000000 ____D C:\Documents and Settings\NetworkService\Local Settings\Application Data\Temp
2016-02-01 11:26 - 2016-02-01 11:26 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\Application Data\Temp
2016-02-01 10:46 - 2016-02-01 10:46 - 00000000 ____D C:\4535820f58621e02d35e64c4f446
2016-02-01 10:45 - 2016-02-01 10:45 - 00000000 ____D C:\Program Files\Intel
2016-02-01 10:45 - 2016-02-01 10:45 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Intel Network Adapters
2016-01-30 15:49 - 2016-01-30 15:49 - 00000000 ____D C:\Documents and Settings\Milisa\Application Data\AVAST Software
2016-01-30 15:46 - 2016-02-05 16:57 - 00000364 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job
2016-01-30 15:46 - 2016-01-30 15:46 - 00812208 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2016-01-30 15:46 - 2016-01-30 15:46 - 00449384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2016-01-30 15:46 - 2016-01-30 15:46 - 00209432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2016-01-30 15:46 - 2016-01-30 15:46 - 00165104 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStmXP.sys
2016-01-30 15:46 - 2016-01-30 15:46 - 00081168 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2016-01-30 15:46 - 2016-01-30 15:46 - 00058016 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2016-01-30 15:46 - 2016-01-30 15:46 - 00055200 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2016-01-30 15:46 - 2016-01-30 15:46 - 00049776 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2016-01-30 15:46 - 2016-01-30 15:46 - 00043112 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2016-01-30 15:46 - 2016-01-30 15:46 - 00024016 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2016-01-30 15:45 - 2016-01-30 15:45 - 00035144 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\aswTap.sys
2016-01-30 15:44 - 2016-02-01 14:59 - 00000000 ____D C:\Program Files\AVAST Software
2016-01-30 01:59 - 2016-01-30 01:59 - 00009216 _____ C:\Documents and Settings\Milisa\My Documents\Lisa is born.wps
2016-01-29 14:22 - 2016-02-01 10:48 - 00000000 ____D C:\Program Files\Common Files\McAfee
2016-01-28 23:33 - 2016-01-28 23:33 - 00009728 _____ C:\Documents and Settings\Milisa\My Documents\Broken Passion.wps
2016-01-20 11:03 - 2016-01-21 00:41 - 00000000 ____D C:\Documents and Settings\Milisa\Local Settings\Application Data\AvgSetupLog
2016-01-19 21:58 - 2016-01-19 21:58 - 04499648 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerInstaller.exe
2016-01-17 20:47 - 2016-01-30 02:38 - 00010240 _____ C:\Documents and Settings\Milisa\My Documents\[bleep].wps
2016-01-15 03:32 - 2016-01-15 03:32 - 00000000 ____D C:\Documents and Settings\Milisa\My Documents\more stuff
2016-01-14 17:35 - 2016-02-05 19:22 - 00000000 ____D C:\FRST
2016-01-13 22:24 - 2016-01-13 22:24 - 00013824 _____ C:\Documents and Settings\Milisa\My Documents\bundy.wps
2016-01-12 13:51 - 2016-02-04 18:27 - 00001819 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Google Chrome.lnk
2016-01-12 13:51 - 2016-02-04 18:27 - 00001813 _____ C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
2016-01-12 13:12 - 2016-01-12 13:12 - 00000000 __HDC C:\WINDOWS\$NtUninstallWdf01009$
2016-01-12 13:12 - 2008-11-07 18:55 - 00016928 ____N (Microsoft Corporation) C:\WINDOWS\system32\spmsgXP_2k3.dll
2016-01-12 13:07 - 2016-01-12 13:07 - 00000000 ____D C:\Documents and Settings\Milisa\Local Settings\Application Data\FusionBrowser
2016-01-12 13:06 - 2016-01-12 13:37 - 00000000 ____D C:\Program Files\FusionBrowser
2016-01-11 22:54 - 2016-01-11 22:55 - 00000000 ____D C:\Documents and Settings\Milisa\My Documents\ebay
2016-01-10 13:25 - 2016-01-10 13:25 - 00090112 _____ C:\WINDOWS\Minidump\Mini011016-01.dmp
2016-01-08 22:41 - 2016-01-08 22:41 - 00000000 ____D C:\Documents and Settings\Milisa\My Documents\c3
2016-01-07 07:03 - 2016-01-07 07:03 - 00068096 _____ C:\Documents and Settings\Milisa\My Documents\psycho gov 2.wps
2016-01-07 07:02 - 2016-01-07 07:02 - 00038400 _____ C:\Documents and Settings\Milisa\My Documents\psyco gov.wps
2016-01-07 01:35 - 2016-02-05 13:11 - 00000000 ____D C:\Program Files\Mozilla Firefox

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-05 19:29 - 2011-07-06 09:55 - 00000000 ____D C:\Documents and Settings\Milisa\Local Settings\Temp
2016-02-05 19:27 - 2011-04-08 12:51 - 00000424 ____H C:\WINDOWS\Tasks\User_Feed_Synchronization-{3FC32BFE-2D0E-4558-B1AC-B97DECCA73A5}.job
2016-02-05 19:18 - 2015-09-01 13:48 - 00000886 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-05 18:58 - 2015-09-01 12:52 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-02-05 18:32 - 2015-08-17 19:32 - 00000917 _____ C:\WINDOWS\Tasks\EPSON XP-410 Series Update {1021F97F-E103-44FB-B493-B45A6521AC55}.job
2016-02-05 18:32 - 2015-08-17 19:32 - 00000731 _____ C:\WINDOWS\Tasks\EPSON XP-410 Series Invitation {1021F97F-E103-44FB-B493-B45A6521AC55}.job
2016-02-05 16:55 - 2004-08-10 12:52 - 00000000 ___HD C:\WINDOWS\inf
2016-02-05 16:52 - 2015-09-01 13:48 - 00000882 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-05 16:52 - 2004-08-10 13:08 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-02-05 16:52 - 2004-08-10 12:51 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2016-02-05 16:42 - 2009-11-07 14:33 - 00000278 ___SH C:\Documents and Settings\Milisa\ntuser.ini
2016-02-05 16:42 - 2004-08-10 13:08 - 00032586 _____ C:\WINDOWS\SchedLgU.Txt
2016-02-05 12:10 - 2009-11-07 14:33 - 00000000 ___RD C:\Documents and Settings\Milisa\My Documents\My Pictures
2016-02-04 17:04 - 2011-07-06 11:38 - 00028242 _____ C:\Documents and Settings\Milisa\Application Data\wklnhst.dat
2016-02-04 17:04 - 2009-11-07 14:33 - 00000000 ___RD C:\Documents and Settings\Milisa\My Documents
2016-02-03 02:03 - 2015-07-18 16:39 - 00009216 _____ C:\Documents and Settings\Milisa\My Documents\ablog shallow deep.wps
2016-02-01 21:47 - 2009-10-27 12:02 - 00000000 ____D C:\WINDOWS\Minidump
2016-02-01 15:14 - 2009-11-07 14:33 - 00000000 ____D C:\Documents and Settings\Milisa
2016-02-01 15:00 - 2011-08-12 15:26 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\AVAST Software
2016-02-01 10:47 - 2011-04-08 11:18 - 00000000 ____D C:\Documents and Settings\Administrator
2016-02-01 10:47 - 2004-08-10 13:08 - 00000000 __SHD C:\Documents and Settings\NetworkService
2016-02-01 10:47 - 2004-08-10 13:08 - 00000000 __SHD C:\Documents and Settings\LocalService
2016-02-01 10:46 - 2004-08-10 13:02 - 00000000 ____D C:\WINDOWS\Registration
2016-01-29 16:16 - 2011-08-05 13:27 - 00000000 ____D C:\Documents and Settings\Milisa\Local Settings\Application Data\Google
2016-01-29 16:14 - 2011-06-06 21:13 - 00000000 ____D C:\Sun
2016-01-29 16:09 - 2012-12-29 22:15 - 00000000 ____D C:\My Destination Directory
2016-01-29 15:50 - 2006-09-07 12:24 - 00000000 ____D C:\i386
2016-01-29 15:38 - 2011-07-06 09:54 - 00000000 ___SD C:\ComboFix
2016-01-29 15:23 - 2004-08-10 12:52 - 00000000 ____D C:\WINDOWS\java
2016-01-29 14:22 - 2012-04-29 09:26 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\McAfee
2016-01-21 00:42 - 2015-08-10 22:38 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\AVG
2016-01-21 00:04 - 2015-08-10 23:33 - 00065536 _____ C:\WINDOWS\system32\config\TuneUp.evt
2016-01-20 23:26 - 2015-12-25 15:19 - 00001917 _____ C:\WINDOWS\imsins.BAK
2016-01-20 12:30 - 2011-04-16 17:26 - 00000000 ____D C:\Documents and Settings\Milisa\.thumbnails
2016-01-20 12:28 - 2007-12-30 13:51 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Medical Library
2016-01-20 11:55 - 2015-08-10 23:45 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\Application Data\AVG
2016-01-20 11:52 - 2015-08-10 23:20 - 00000000 ____D C:\Documents and Settings\Milisa\Application Data\AVG
2016-01-20 11:52 - 2015-08-10 22:55 - 00000000 ____D C:\Documents and Settings\Milisa\Local Settings\Application Data\Avg
2016-01-19 21:58 - 2015-09-01 12:52 - 00796864 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2016-01-19 21:58 - 2015-09-01 12:52 - 00142528 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2016-01-15 21:24 - 2009-10-20 11:34 - 00000000 ____D C:\WINDOWS\system32\GroupPolicy
2016-01-15 20:54 - 2009-11-07 14:33 - 00000000 ____D C:\Documents and Settings\Milisa\Local Settings\Application Data\ApplicationHistory
2016-01-15 20:49 - 2004-08-10 12:57 - 00672470 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-01-15 20:22 - 2011-05-15 09:02 - 00000000 __SHD C:\WINDOWS\system32\AI_RecycleBin
2016-01-14 16:38 - 2015-07-20 13:18 - 00011264 _____ C:\Documents and Settings\Milisa\My Documents\ablog the story teller.wps
2016-01-14 12:19 - 2014-07-04 12:53 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-01-14 11:53 - 2006-09-16 23:08 - 141317472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-01-12 13:49 - 2011-08-05 13:27 - 00000000 ____D C:\Program Files\Google
2016-01-12 13:28 - 2011-04-08 12:43 - 00002329 _____ C:\Documents and Settings\Milisa\Start Menu\Programs\Windows Install Clean Up.lnk
2016-01-07 15:43 - 2014-07-04 16:10 - 00000218 _____ C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job

==================== Files in the root of some directories =======

2015-04-05 19:52 - 2015-08-11 11:16 - 27093992 _____ (McAfee) C:\Program Files\Common Files\lpuninstall.exe
2010-06-10 14:59 - 2010-12-10 18:57 - 0002555 _____ () C:\Documents and Settings\Milisa\Application Data\SAS7_000.DAT
2011-07-06 11:38 - 2016-02-04 17:04 - 0028242 _____ () C:\Documents and Settings\Milisa\Application Data\wklnhst.dat
2015-01-21 14:04 - 2015-01-21 14:04 - 0000108 _____ () C:\Documents and Settings\Milisa\Local Settings\Application Data\35d9d94d597756656d8c7da8923e4721
2010-03-09 18:07 - 2014-12-31 11:35 - 0008704 _____ () C:\Documents and Settings\Milisa\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2009-11-22 04:47 - 2015-08-31 22:32 - 0089172 _____ () C:\Documents and Settings\Milisa\Local Settings\Application Data\FASTWiz.log
2009-11-07 14:33 - 2006-09-07 13:13 - 0000128 _____ () C:\Documents and Settings\Milisa\Local Settings\Application Data\fusioncache.dat
2007-07-31 23:03 - 2009-11-15 15:54 - 0001755 _____ () C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache

Some files in TEMP:
====================
C:\Documents and Settings\Milisa\Local Settings\Temp\sqlite3.dll

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x86) Version:27-01-2016
Ran by Milisa (2016-02-05 19:31:14)
Running from C:\Documents and Settings\Milisa\Desktop
Microsoft Windows XP Home Edition Service Pack 3 (X86) (2006-09-16 21:06:15)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-2814364803-843946100-1677762924-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
Guest (S-1-5-21-2814364803-843946100-1677762924-501 - Limited - Enabled)
HelpAssistant (S-1-5-21-2814364803-843946100-1677762924-1006 - Limited - Disabled)
Milisa (S-1-5-21-2814364803-843946100-1677762924-1008 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Milisa
SUPPORT_388945a0 (S-1-5-21-2814364803-843946100-1677762924-1002 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Antivirus (Disabled) {7591DB91-41F0-48A3-B128-1A293FD8233D}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

32 Bit HP CIO Components Installer (Version: 6.1.1 - Hewlett-Packard) Hidden
Adobe Flash Player 20 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 20.0.0.286 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated)
Avast Internet Security (HKLM\...\Avast) (Version: 11.1.2245 - AVAST Software)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Conexant D850 56K V.9x DFVc Modem (HKLM\...\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1) (Version: - )
Dell CinePlayer (HKLM\...\{43CAC9A1-1993-4F65-9096-7C9AFC2BBF54}) (Version: 3.0 - Dell)
Dell Driver Reset Tool (HKLM\...\{5905F42D-3F5F-4916-ADA6-94A3646AEE76}) (Version: 1.02.0000 - Dell Inc.)
Dell System Restore (HKLM\...\{74F7662C-B1DB-489E-A8AC-07A06B24978B}) (Version: 2.00.0000 - Dell Inc.)
Digital Content Portal (HKLM\...\{6D5FCA42-1486-4E32-AFE8-1B7E2AA59D33}) (Version: 1.00.0000 - Dell)
EducateU (HKLM\...\{A683A2C0-821C-486F-858C-FA634DB5E864}) (Version: 1.00.0000 - Dell)
ELIcon (Version: 1.00.0000 - Dell) Hidden
EPSON Connect version 1.0 (HKLM\...\EPSON Connect_is1) (Version: 1.0 - Epson America Inc.)
Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.7.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM\...\{10144CFE-D76C-4CFA-81A1-37A1642349A3}) (Version: 3.01.0013 - Seiko Epson Corporation)
EPSON Scan (HKLM\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON XP-410 Series Printer Uninstall (HKLM\...\EPSON XP-410 Series) (Version: - SEIKO EPSON Corporation)
Epson XP-410 User's Guide version 1.0 (HKLM\...\UsersGuideEpson XP-410 User's Guide_is1) (Version: 1.0 - )
EpsonNet Print (HKLM\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
Google Chrome (HKLM\...\Google Chrome) (Version: 48.0.2564.103 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7210.1528 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.29.5 - Google Inc.) Hidden
Intel® Extreme Graphics 2 Driver (HKLM\...\{8A708DD8-A5E6-11D4-A706-000629E95E20}) (Version: 6.14.10.4299 - )
Intel® PRO Network Adapters and Drivers (HKLM\...\PROSet) (Version: - )
Intel® PROSet for Wired Connections (HKLM\...\{17334AAF-C9E7-483B-9F45-E3FCAF07FFA7}) (Version: 8.00.5000 - Dell)
MCU (Version: 1.00.0000 - Dell) Hidden
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version: - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Base Smart Card Cryptographic Service Provider Package (HKLM\...\KB909520) (Version: - Microsoft Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Office XP Professional (HKLM\...\{91110409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Plus! Digital Media Edition Installer (HKLM\...\{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}) (Version: 1.1.0.3514 - Microsoft Corporation)
Microsoft Plus! Photo Story 2 LE (HKLM\...\{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}) (Version: 1.1.0.3463 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Windows Media Video 9 VCM (HKLM\...\WMV9_VCM) (Version: - )
Microsoft Works (HKLM\...\{6D52C408-B09A-4520-9B18-475B81D393F1}) (Version: 08.05.0818 - Microsoft Corporation)
Mozilla Firefox 44.0 (x86 en-US) (HKLM\...\Mozilla Firefox 44.0 (x86 en-US)) (Version: 44.0 - Mozilla)
MSVC80_x86 (Version: 1.0.1.0 - Nokia) Hidden
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NETGEAR WNA3100 wireless USB 2.0 driver (HKLM\...\{C2425F91-1F7B-4037-9A05-9F290184798D}) (Version: 2.2.0.2 - NETGEAR)
PrintMaster Gold 3.00 (HKLM\...\PrintMaster Gold 3.00) (Version: - )
SafeZone Stable 1.46.1990.139 (Version: 1.46.1990.139 - Avast Software) Hidden
SAMSUNG SYMBIAN USB Download Driver (HKLM\...\{D8CE69B0-9274-4b8c-BA49-0FF6A20A3C65}) (Version: 1.1.808.7165 - SAMSUNG Electronics CO,.LTD)
Segoe UI (Version: 14.0.4327.805 - Microsoft Corp) Hidden
Software Updater (HKLM\...\{D60071DB-459C-465C-92EF-336E65F1A436}) (Version: 4.0.1 - SEIKO EPSON CORPORATION)
Sonic Activation Module (Version: 1.0 - Sonic Solutions) Hidden
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WebCyberCoach 3.2 Dell (HKLM\...\WebCyberCoach_wtrb) (Version: - )
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Installer Clean Up (HKLM\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sign-in Assistant (HKLM\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Upload Tool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - )
Windows Search 4.0 (HKLM\...\KB940157) (Version: 04.00.6001.503 - Microsoft Corporation)
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
XML Paper Specification Shared Components Pack 1.0 (Version: - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: C:\WINDOWS\Tasks\EPSON XP-410 Series Invitation {1021F97F-E103-44FB-B493-B45A6521AC55}.job => C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FTSLAE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-410 Series Update {1021F97F-E103-44FB-B493-B45A6521AC55}.job => C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FTSLAE.EXE:/EXE:{1021F97F-E103-44FB-B493-B45A6521AC55} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\SafeZone scheduled Autoupdate 1454357543.job => C:\Program Files\AVAST Software\SZBrowser\launcher.exe
Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{3FC32BFE-2D0E-4558-B1AC-B97DECCA73A5}.job => C:\WINDOWS\system32\msfeedssync.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-01-30 15:46 - 2016-01-30 15:46 - 00103888 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2016-01-30 15:45 - 2016-01-30 15:45 - 00125512 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-02-05 16:39 - 2016-02-05 16:39 - 02819072 _____ () C:\Program Files\AVAST Software\Avast\defs\16020501\algo.dll
2016-01-30 15:46 - 2016-01-30 15:46 - 00469008 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2015-07-15 14:55 - 2014-08-18 16:50 - 00316120 _____ () C:\Program Files\NETGEAR\WNA3100\WifiSvc.exe
2015-07-15 14:44 - 2014-10-29 14:40 - 00319488 _____ () C:\Program Files\NETGEAR\WNA3100\WifiLib.dll
2016-01-30 15:46 - 2016-01-30 15:46 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-07-15 14:44 - 2014-08-18 16:49 - 08274648 _____ () C:\Program Files\NETGEAR\WNA3100\WNA3100.exe
2015-07-15 14:44 - 2014-07-22 09:18 - 00278528 _____ () C:\Program Files\NETGEAR\WNA3100\WifiSvcLib.dll
2016-01-30 15:45 - 2016-01-30 15:45 - 00083968 _____ () C:\Program Files\AVAST Software\Avast\OpenVpn\lzo2.dll
2016-01-30 15:45 - 2016-01-30 15:45 - 00065024 _____ () C:\Program Files\AVAST Software\Avast\OpenVpn\libpkcs11-helper-1.dll
2004-08-10 12:51 - 2013-01-02 01:49 - 01292288 _____ () C:\WINDOWS\system32\quartz.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:15D5AA51
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:F35A93AD
AlternateDataStreams: C:\Documents and Settings\Milisa\My Documents\Files named ablog jemima and hitler .fnd:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2004-08-10 12:51 - 2015-09-04 08:27 - 00000029 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2814364803-843946100-1677762924-1008\Control Panel\Desktop\\Wallpaper -> C:\Documents and Settings\Milisa\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
DNS Servers: 77.234.40.79 - 209.18.47.61
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

DomainProfile\AuthorizedApplications: [C:\Program Files\Common Files\AOL\ACS\AOLDial.exe] => Enabled:AOL
DomainProfile\AuthorizedApplications: [C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe] => Enabled:AOL
DomainProfile\AuthorizedApplications: [C:\Program Files\America Online 9.0\waol.exe] => Enabled:AOL
DomainProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe] => Enabled:hpqtra08.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe] => Enabled:hpqste08.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hposid01.exe] => Enabled:hposid01.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe] => Enabled:hpqkygrp.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe] => Enabled:hpfccopy.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe] => Enabled:hpoews01.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe] => Enabled:hpiscnapp.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe] => Enabled:hpqphotocrm.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe] => Enabled:hpqgplgtupl.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe] => Enabled:hpqgpc01.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe] => Enabled:hpqusgm.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe] => Enabled:hpqusgh.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\HP\HP Software Update\HPWUCli.exe] => Enabled:hpwucli.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe] => Enabled:smartwebprintexe.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe] => Enabled:Windows Live Sync
StandardProfile\AuthorizedApplications: [C:\Program Files\Common Files\AOL\ACS\AOLDial.exe] => Enabled:AOL
StandardProfile\AuthorizedApplications: [C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe] => Enabled:AOL
StandardProfile\AuthorizedApplications: [C:\Program Files\America Online 9.0\waol.exe] => Enabled:AOL
StandardProfile\AuthorizedApplications: [C:\WINDOWS\system32\usmt\migwiz.exe] => Enabled:Files and Settings Transfer Wizard
StandardProfile\AuthorizedApplications: [C:\Program Files\Grisoft\AVG Free\avginet.exe] => Enabled:avginet.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Grisoft\AVG Free\avgamsvr.exe] => Enabled:avgamsvr.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Grisoft\AVG Free\avgcc.exe] => Enabled:avgcc.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe] => Enabled:hpqtra08.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe] => Enabled:hpqste08.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hposid01.exe] => Enabled:hposid01.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe] => Enabled:hpqkygrp.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe] => Enabled:hpfccopy.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe] => Enabled:hpoews01.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe] => Enabled:hpiscnapp.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe] => Enabled:hpqphotocrm.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe] => Enabled:hpqgplgtupl.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe] => Enabled:hpqgpc01.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe] => Enabled:hpqusgm.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe] => Enabled:hpqusgh.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\HP\HP Software Update\HPWUCli.exe] => Enabled:hpwucli.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe] => Enabled:smartwebprintexe.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe] => Enabled:Windows Live Sync
StandardProfile\AuthorizedApplications: [C:\WINDOWS\Temp\~osF2.tmp\rlvknlg.exe] => Enabled:rlvknlg.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe] => Enabled:backWeb-7288971
StandardProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe] => Disabled:hpgs2wnf Module
StandardProfile\AuthorizedApplications: [C:\Documents and Settings\Milisa\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe] => Enabled:Google Talk Plugin
StandardProfile\AuthorizedApplications: [C:\Program Files\Google\Google Talk\googletalk.exe] => Enabled:Google Talk
StandardProfile\AuthorizedApplications: [C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe] => Enabled:Yahoo! Messenger
StandardProfile\AuthorizedApplications: [C:\Documents and Settings\Milisa\Application Data\Spotify\spotify.exe] => Enabled:Spotify
StandardProfile\AuthorizedApplications: [C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe] => Enabled:McAfee Shared Service Host
StandardProfile\AuthorizedApplications: [C:\Program Files\AVG\AVG2015\avgmfapx.exe] => Enabled:AVG Installer
StandardProfile\AuthorizedApplications: [C:\Program Files\pandasecuritytb\ToolbarCleaner.exe] => Enabled:ToolbarCleaner
StandardProfile\AuthorizedApplications: [C:\Program Files\Google\Chrome\Application\chrome.exe] => Enabled:Google Chrome
StandardProfile\AuthorizedApplications: [C:\Program Files\AVG\Av\avgnsx.exe] => Enabled:Online Shield
StandardProfile\AuthorizedApplications: [C:\Program Files\AVG\Av\avgdiagex.exe] => Enabled:AVG Diagnostics
StandardProfile\AuthorizedApplications: [C:\Program Files\AVG\Av\avgmfapx.exe] => Enabled:AVG Installer
StandardProfile\AuthorizedApplications: [C:\Program Files\AVG\Av\avgemcx.exe] => Enabled:Personal Email Scanner
StandardProfile\AuthorizedApplications: [C:\Program Files\Mozilla Firefox\firefox.exe] => Enabled:Firefox (C:\Program Files\Mozilla Firefox)
DomainProfile\GloballyOpenPorts: [139:TCP] => Enabled:@xpsp2res.dll,-22004
DomainProfile\GloballyOpenPorts: [445:TCP] => Enabled:@xpsp2res.dll,-22005
DomainProfile\GloballyOpenPorts: [137:UDP] => Enabled:@xpsp2res.dll,-22001
DomainProfile\GloballyOpenPorts: [138:UDP] => Enabled:@xpsp2res.dll,-22002
DomainProfile\GloballyOpenPorts: [1900:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22007
DomainProfile\GloballyOpenPorts: [2869:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22008
DomainProfile\GloballyOpenPorts: [10243:TCP] => :LocalSubNet:Enabled:Windows Media Player Network Sharing Service
DomainProfile\GloballyOpenPorts: [10280:UDP] => :LocalSubNet:Enabled:Windows Media Player Network Sharing Service
DomainProfile\GloballyOpenPorts: [10281:UDP] => :LocalSubNet:Enabled:Windows Media Player Network Sharing Service
DomainProfile\GloballyOpenPorts: [10282:UDP] => :LocalSubNet:Enabled:Windows Media Player Network Sharing Service
DomainProfile\GloballyOpenPorts: [10283:UDP] => :LocalSubNet:Enabled:Windows Media Player Network Sharing Service
DomainProfile\GloballyOpenPorts: [10284:UDP] => :LocalSubNet:Enabled:Windows Media Player Network Sharing Service
StandardProfile\GloballyOpenPorts: [1900:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22007
StandardProfile\GloballyOpenPorts: [2869:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22008
StandardProfile\GloballyOpenPorts: [139:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22004
StandardProfile\GloballyOpenPorts: [445:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22005
StandardProfile\GloballyOpenPorts: [137:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22001
StandardProfile\GloballyOpenPorts: [138:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22002
StandardProfile\GloballyOpenPorts: [10243:TCP] => :LocalSubNet:Enabled:Windows Media Player Network Sharing Service
StandardProfile\GloballyOpenPorts: [10280:UDP] => :LocalSubNet:Enabled:Windows Media Player Network Sharing Service
StandardProfile\GloballyOpenPorts: [10281:UDP] => :LocalSubNet:Enabled:Windows Media Player Network Sharing Service
StandardProfile\GloballyOpenPorts: [10282:UDP] => :LocalSubNet:Enabled:Windows Media Player Network Sharing Service
StandardProfile\GloballyOpenPorts: [10283:UDP] => :LocalSubNet:Enabled:Windows Media Player Network Sharing Service
StandardProfile\GloballyOpenPorts: [10284:UDP] => :LocalSubNet:Enabled:Windows Media Player Network Sharing Service

==================== Restore Points =========================

29-11-2015 12:57:07 System Checkpoint
01-12-2015 15:03:59 System Checkpoint
02-12-2015 15:31:49 System Checkpoint
04-12-2015 20:21:59 System Checkpoint
06-12-2015 17:46:07 System Checkpoint
08-12-2015 13:00:00 System Checkpoint
09-12-2015 14:07:04 System Checkpoint
10-12-2015 11:14:30 Software Distribution Service 3.0
12-12-2015 13:13:08 System Checkpoint
14-12-2015 13:10:13 System Checkpoint
15-12-2015 19:06:21 System Checkpoint
18-12-2015 20:09:52 System Checkpoint
20-12-2015 21:45:33 System Checkpoint
22-12-2015 15:20:52 System Checkpoint
24-12-2015 12:02:38 System Checkpoint
25-12-2015 19:56:19 System Checkpoint
27-12-2015 23:21:09 System Checkpoint
29-12-2015 13:17:20 System Checkpoint
02-01-2016 19:22:03 System Checkpoint
02-01-2016 21:17:27 Restore Operation
04-01-2016 01:32:04 System Checkpoint
05-01-2016 10:29:42 System Checkpoint
07-01-2016 14:52:39 System Checkpoint
10-01-2016 01:10:44 System Checkpoint
11-01-2016 19:56:54 System Checkpoint
12-01-2016 13:12:31 Installed Windows XP Wdf01009.
12-01-2016 13:57:03 Installed Windows XP Wdf01009.
14-01-2016 11:52:55 Software Distribution Service 3.0
15-01-2016 20:22:19 Removed InstallIQ Updater
15-01-2016 20:23:12 Removed Java™ 6 Update 22
15-01-2016 20:24:13 Removed Java™ 6 Update 25
18-01-2016 19:49:52 System Checkpoint
20-01-2016 01:18:51 System Checkpoint
20-01-2016 11:14:17 Installed AVG 2016
20-01-2016 11:16:19 Installed AVG
20-01-2016 23:24:39 Removed AVG
21-01-2016 00:07:08 Restore Operation
21-01-2016 00:11:16 Restore Operation
23-01-2016 18:07:57 System Checkpoint
24-01-2016 21:34:48 System Checkpoint
28-01-2016 14:26:36 System Checkpoint
30-01-2016 15:47:54 Installed Windows XP Wdf01009.
30-01-2016 18:53:12 Installed Windows XP Wdf01009.
01-02-2016 08:59:38 Removed Intel® PROSet for Wired Connections
01-02-2016 09:00:29 Removed Intel® PROSafe for Wired Connections
01-02-2016 10:44:03 Restore Operation
01-02-2016 11:11:32 Installed Windows XP Wdf01009.
01-02-2016 11:19:45 Installed Windows XP Wdf01009.
01-02-2016 15:03:56 Installed Windows XP Wdf01009.
04-02-2016 18:08:03 Removed Microsoft Silverlight

==================== Faulty Device Manager Devices =============

Name: Intel® PRO/100 VE Network Connection
Description: Intel® PRO/100 VE Network Connection
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service: E100B
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================
Error: (02/01/2016 03:05:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application svchost.exe, version 5.1.2600.5512, faulting module wzcsvc.dll, version 5.1.2600.5512, fault address 0x0002d3ae.
Processing media-specific event for [svchost.exe!ws!]

Error: (02/01/2016 10:48:47 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: The application cannot be initialized.

Context: Windows Application

Details:
   The content index cannot be read.   (0xc0041800)

Error: (02/01/2016 10:48:47 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
   The content index cannot be read.   (0xc0041800)

Error: (02/01/2016 10:48:47 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
   The content index cannot be read.   (0xc0041800)

Error: (02/01/2016 10:48:45 AM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: The search service has detected corrupted data files in the index. The service will attempt to automatically correct this problem by rebuilding the index.

Context: Windows Application, SystemIndex Catalog

Details:
   0xc0041801 (0xc0041801)

Error: (02/01/2016 08:44:34 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application chrome.exe, version 48.0.2564.97, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (01/30/2016 07:59:15 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\MILISA\RECENT\MY PICTURES.LNK> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
   A device attached to the system is not functioning.   (0x8007001f)

Error: (01/30/2016 07:59:15 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\MILISA\RECENT\MY PICTURES.LNK> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
   A device attached to the system is not functioning.   (0x8007001f)

Error: (01/21/2016 12:20:13 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application firefox.exe, version 43.0.4.5848, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (01/20/2016 11:39:11 PM) (Source: Windows Search Service) (EventID: 3024) (User: )
Description: The update cannot be started because the content sources cannot be accessed. Fix the errors and try the update again.

Context: Application, SystemIndex Catalog

System errors:
=============
Error: (02/05/2016 04:52:10 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Routing and Remote Access service terminated with service-specific error 711 (0x2C7).

Error: (02/05/2016 04:52:09 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Windows Media Player Network Sharing Service service depends on the Universal Plug and Play Device Host service which failed to start because of the following error:
%%1058

Error: (02/05/2016 04:52:09 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Alerter service depends on the Workstation service which failed to start because of the following error:
%%1058

Error: (02/05/2016 04:52:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The adfs service failed to start due to the following error:
%%2

Error: (02/05/2016 04:44:45 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Windows Media Player Network Sharing Service service depends on the Universal Plug and Play Device Host service which failed to start because of the following error:
%%1058

Error: (02/05/2016 04:44:45 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Alerter service depends on the Workstation service which failed to start because of the following error:
%%1058

Error: (02/05/2016 04:44:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The adfs service failed to start due to the following error:
%%2

Error: (02/05/2016 04:37:30 PM) (Source: Dhcp) (EventID: 1000) (User: )
Description: Your computer has lost the lease to its IP address 192.168.0.15 on the
Network Card with network address A42B8C6FEAEF.

Error: (02/05/2016 04:37:28 PM) (Source: WPDMTPDriver) (EventID: 15300) (User: )
Description: MTP WPD Driver has failed to start. Error 0x8007048f.

Error: (02/05/2016 11:42:38 AM) (Source: Dhcp) (EventID: 1000) (User: )
Description: Your computer has lost the lease to its IP address 192.168.0.15 on the
Network Card with network address A42B8C6FEAEF.

==================== Memory info ===========================

Processor: Intel® Celeron® CPU 2.53GHz
Percentage of memory in use: 58%
Total physical RAM: 1277.98 MB
Available physical RAM: 524.03 MB
Total Virtual: 1900.34 MB
Available Virtual: 1219.45 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:52.71 GB) (Free:21.06 GB) NTFS ==>[drive with boot components (Windows XP)]
Drive d: (COMPAQ) (Fixed) (Total:7.86 GB) (Free:7.86 GB) FAT32
Drive e: (Backup) (Fixed) (Total:18.17 GB) (Free:18.08 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 74.5 GB) (Disk ID: D0F4738C)
Partition 1: (Not Active) - (Size=31 MB) - (Type=DE)
Partition 2: (Active) - (Size=52.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=18.2 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=3.6 GB) - (Type=DB)

========================================================
Disk: 1 (Size: 7.9 GB) (Disk ID: C197C197)
Partition 1: (Active) - (Size=7.9 GB) - (Type=0C)

==================== End of Addition.txt ============================

#2
Essexboy

Posted 06 February 2016 - 12:57 PM

GeekU Moderator

Retired Staff
69,964 posts

Did you set the proxy on your network ?

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:

CreateRestorePoint:
Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\Uninstall SafeKey RunOnce.lnk [2015-08-11]
ShortcutTarget: Uninstall SafeKey RunOnce.lnk -> C:\Program Files\Common Files\lpuninstall.exe (McAfee)
URLSearchHook: HKU\S-1-5-21-2814364803-843946100-1677762924-1008 - (No Name) - {472734EA-242A-422b-ADF8-83D1E48CC825} - No File
URLSearchHook: HKU\S-1-5-21-2814364803-843946100-1677762924-1008 - (No Name) - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No File
SearchScopes: HKU\S-1-5-21-2814364803-843946100-1677762924-1008 -> {A25AC313-DD19-4238-ACA2-401D6BEE4321} URL = hxxp://www.internet-home-page.com/search.php?q={searchTerms}&cof=FORID:10&ie={inputEncoding}
BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
BHO: JQSIEStartDetectorImpl Class -> {E7E6F031-17CE-4C07-BC86-EABFE594F69C} -> No File
Toolbar: HKU\S-1-5-21-2814364803-843946100-1677762924-1008 -> No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
S3 catchme; \??\C:\DOCUME~1\Milisa\LOCALS~1\Temp\catchme.sys [X]
U0 mfewfpk; no ImagePath
2016-01-15 20:22 - 2011-05-15 09:02 - 00000000 __SHD C:\WINDOWS\system32\AI_RecycleBin
2015-04-05 19:52 - 2015-08-11 11:16 - 27093992 _____ (McAfee) C:\Program Files\Common Files\lpuninstall.exe
2015-01-21 14:04 - 2015-01-21 14:04 - 0000108 _____ () C:\Documents and Settings\Milisa\Local Settings\Application Data\35d9d94d597756656d8c7da8923e4721
EmptyTemp:

Save this as fixlist.txt, in the same location as FRST.exe

Run FRST and press Fix
On completion a log will be generated please post that

THEN

Please download AdwCleaner by Xplode onto your desktop.

Close all open programs and internet browsers.
Double click on AdwCleaner.exe to run the tool.
Click on Scan.
After the scan is complete click on "Clean"
Confirm each time with Ok.
Your computer will be rebooted automatically. A text file will open after the restart.
Please post the content of that logfile with your next answer.
You can find the logfile at C:\AdwCleaner[S0].txt as well.

#3
Pearlcatdesign

Posted 07 February 2016 - 09:20 PM

Member

Topic Starter
Member
80 posts

I don't know what ' proxy ' means? Or how far back to go to restore computer? Or what this means This fix is only valid for this specific machine, using it on another may break your computer .

#4
Pearlcatdesign

Posted 07 February 2016 - 09:22 PM

Member

Topic Starter
Member
80 posts

And what is ' Safe key ' ? I'm sorry but I'm really stupid with computers. Can you tell yet? lol

#5
Essexboy

Posted 08 February 2016 - 08:55 AM

GeekU Moderator

Retired Staff
69,964 posts

The fix is specific to your computer and no other. When you run the fix as described, FRST will carry out the actions I have asked it to do which will be the start of the cleaning process

We can do this a different way

Download this fixlist.txt to your desktop

fixlist.txt 1.41KB 344 downloads
Then start FRST
When FRST is running on the desktop press the Fix button

The commands will then be actioned and the system rebooted on completions
A log will appear on the desktop please post that

#6
Pearlcatdesign

Posted 08 February 2016 - 09:55 PM

Member

Topic Starter
Member
80 posts

okay I tried but it said FRST has encountered a problem and needs to close then nothing. Then I tried again and I got this? Now my fan has quit running!

#7
Essexboy

Posted 09 February 2016 - 08:42 AM

GeekU Moderator

Retired Staff
69,964 posts

Hmm sounds like you are starting to get hardware problems

Download Speedfan and install it. Once it's installed, run the program and post here the information it shows. The information I want you to post is the stuff that is circled in the example picture I have attached.
If you are running on a vista machine, please go to where you installed the program and run the program as administrator.

(this is a screenshot from a vista machine)

#8
Pearlcatdesign

Posted 09 February 2016 - 06:26 PM

Member

Topic Starter
Member
80 posts

I never got a chance to try the fan. It started making a cricket like sound and then an awful smell like a pesticide smell. Now it works but won't acknowledge internet connection. I'm texting on my phone. Thank you so much for putting up with me. Have iblown my computer?

#9
Pearlcatdesign

Posted 10 February 2016 - 12:29 AM

Member

Topic Starter
Member
80 posts

Ok that wasn't the computer that smelled like it was burning, it was something else. But it still doesn't acknowledge the internet connection. Can it be saved?

#10
Essexboy

Posted 10 February 2016 - 08:36 AM

GeekU Moderator

Retired Staff
69,964 posts

What error does windows give when you try to connect ?

We will see what we can do .. How old is the computer ?

#11
Pearlcatdesign

Posted 10 February 2016 - 12:16 PM

Member

Topic Starter
Member
80 posts

I have a XP 2003 that was upgraded to a 2007 . The netgear symbol just keeps searching . The foxfire symbol isn't even on the screen. It says when I click on netgear that internet connection is good, so I clicked on the reconnect but it says " no wireless networks were found. Also because my life is on there, I tried to quick put everything on one of those little SanDisk thugs and it won't even acknowledge Microsoft Windows content, just the first button for it. Is my computer fried? It has my life on it, every picture, all my writing. Again I thank you so much. I'll send you some money on payday on here.

#12
Essexboy

Posted 10 February 2016 - 02:10 PM

GeekU Moderator

Retired Staff
69,964 posts

OK are you able to browse all your personal files and folders ?

Do you have a CD or USB stick that you can copy the data to ? A sandisc may not work with your hardware

Lets remove the proxy that I saw :

1.Go to Control Panel>Internet Options>Connections>LAN Settings
2.Uncheck "Use a Proxy server for your LAN",and click "ok"Button.
3.Restart Internet Explorer.

#13
Pearlcatdesign

Posted 10 February 2016 - 05:36 PM

Member

Topic Starter
Member
80 posts

I went there after I did that computer still says it could not find a connection.

#14
Essexboy

Posted 11 February 2016 - 08:31 AM

GeekU Moderator

Retired Staff
69,964 posts

OK lets use FRST to set the network

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

fixlist.txt 279bytes 319 downloads
Open notepad and copy/paste the text in the quotebox below into it:

CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset c:\resetlog.txt
CMD: ipconfig /release
CMD: ipconfig /renew
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset

Save this as fixlist.txt, in the same location as FRST.exe

Run FRST and press Fix
On completion a log will be generated please post that

#15
Pearlcatdesign

Posted 11 February 2016 - 12:33 PM

Member

Topic Starter
Member
80 posts

I can't connect to the internet and won't even come up now? I did get it to let me down load some more files onto the SanDisk. Can you connect to my computer from yours if I can't get online?

Back to Virus, Spyware, Malware Removal · Next Unread Topic →

Also tagged with one or more of these keywords: XP

Retired Forums → Windows Vista and Windows 7 → Can I Use Vista With Any Degree of Security? If so, How? Started by Waste of Space , 12 Nov 2020 firewall, vista, security, xp and 4 more...	4 replies 4,943 views	Waste of Space 15 Nov 2020
Answered Hardware → Networking → mobile wifi hotspot won't connect one certain laptop Started by mo713 , 30 Mar 2017 wifi, router, xp, networking	5 replies 6,530 views	samira zamani 16 Apr 2018
Security → Virus, Spyware, Malware Removal → Error on process Started by Gasol , 03 Jul 2016 error, xp, cannot acces 1 2	Hot 20 replies 5,176 views	Gasol 04 Jul 2016
Retired Forums → Windows XP, 2000, 2003, NT → Old laptop running XP Started by notrealbright , 02 Jun 2016 Laptop, XP	5 replies 2,090 views	notrealbright 02 Jun 2016
Security → Computer Won't Boot - Malware Related → Please save me with my Win xp sp3 :( [Closed] Started by Amine Sadoun , 11 Dec 2015 windows, xp, sp3, mbam and 5 more...	2 replies 3,131 views	Essexboy 16 Dec 2015