Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Error on process

Started by Gasol , Jul 03 2016 04:08 PM

error xp cannot acces

Please log in to reply

#16
Gasol

Posted 04 July 2016 - 05:46 PM

Member

Topic Starter
Member
153 posts

- Yes, I'm from Romania.

- I download the intel Chipset Utility, but in the end give an error (it is on attach).

- I don't install another Java. If I'll need it at an application, I will download the last version, like you said.

- The reason because I don't have SP3 it is the low space on C. This PC is from 2007 and some people said 20Gb on C partition it is enough. Another mistake that I see now was five partitions instead of two.

Now the logs:

Yellow Flagged Devices:

Two Yellow Flags on OTHER DEVICES:

1) Multimedia Audio Controller:
PCI\VEN_1102&DEV_0007&SUBSYS_100A1102&REV_00
PCI\VEN_1102&DEV_0007&SUBSYS_100A1102
PCI\VEN_1102&DEV_0007&CC_040100
PCI\VEN_1102&DEV_0007&CC_0401

2) SM Bus Controller
PCI\VEN_8086&DEV_27DA&SUBSYS_81791043&REV_01
PCI\VEN_8086&DEV_27DA&SUBSYS_81791043
PCI\VEN_8086&DEV_27DA&CC_0C0500
PCI\VEN_8086&DEV_27DA&CC_0C05

FRST LOG:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 02-07-2016
Ran by Bogdanian (administrator) on ACASA (05-07-2016 02:09:22)
Running from C:\Documents and Settings\Bogdanian\Desktop
Loaded Profiles: Bogdanian & UpdatusUser (Available Profiles: Bogdanian & UpdatusUser)
Platform: Microsoft Windows XP Professional Service Pack 2 (X86) Language: English (United States)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Creative Technology Ltd) C:\WINDOWS\system32\CTSVCCDA.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesApp32.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] => RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [1634112 2000-01-01] ()
HKLM\...\Run: [NeroFilterCheck] => C:\WINDOWS\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7139256 2016-03-23] (AVAST Software)
HKU\S-1-5-21-1214440339-308236825-682003330-1003\...\Run: [Messenger (Yahoo!)] => C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.)
HKU\S-1-5-21-1214440339-308236825-682003330-1003\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-1214440339-308236825-682003330-1003\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-1214440339-308236825-682003330-1003\...\MountPoints2: K - K:\Autorun.exe
IFEO\yahoomessenger.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2016-02-26] (AVAST Software)
BootExecute: autocheck autochk * eautocheck autochk *

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 95.77.94.88 78.96.7.88
Tcpip\..\Interfaces\{A88D0840-2D22-42BA-9327-A7A8CF463606}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{A88D0840-2D22-42BA-9327-A7A8CF463606}: [DhcpNameServer] 95.77.94.88 78.96.7.88

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.geocities.com/netpocalypse/index.html
HKU\S-1-5-21-1214440339-308236825-682003330-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
URLSearchHook: [S-1-5-21-1214440339-308236825-682003330-1005] ATTENTION => Default URLSearchHook is missing
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-02-26] (AVAST Software)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL [2000-04-19] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Bogdanian\Application Data\Mozilla\Firefox\Profiles\prsknhop.default-1431867247000
FF Homepage: hxxp://google.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-24] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1223183.dll [2015-12-22] (Adobe Systems, Inc.)
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files\Yahoo!\Shared\npYState.dll [2012-05-25] (Yahoo! Inc.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-09-23] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-09-23] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-12-18] (Adobe Systems Inc.)
FF Extension: YouTube ALL HTML5 - C:\Documents and Settings\Bogdanian\Application Data\Mozilla\Firefox\Profiles\prsknhop.default-1431867247000\Extensions\[email protected] [2016-02-05]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2014-01-04] [not signed]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-02-27]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-02-27]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2016-02-26]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-02-26]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2012-09-16] (Adobe Systems) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [237096 2016-02-26] (AVAST Software)
R2 Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.exe [44032 1999-12-13] (Creative Technology Ltd) [File not signed]
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 MDM; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [315392 2002-01-05] (Microsoft Corporation) [File not signed]
S3 MozillaMaintenance; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [146888 2016-06-13] (Mozilla Foundation) [File not signed]
R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe [1774904 2014-04-15] (TuneUp Software)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [32792 2016-02-26] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [35096 2016-03-22] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [91168 2016-03-09] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [64272 2016-02-26] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [58776 2016-02-26] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [816304 2016-03-09] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [447848 2016-02-26] (AVAST Software)
R3 aswStmXP; C:\WINDOWS\system32\drivers\aswStmXP.sys [171608 2016-02-26] (AVAST Software)
S3 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [67088 2016-02-26] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [221240 2016-02-26] (AVAST Software)
R0 d347bus; C:\WINDOWS\System32\DRIVERS\d347bus.sys [155136 2004-08-22] ( ) [File not signed]
R0 d347prt; C:\WINDOWS\System32\Drivers\d347prt.sys [5248 2004-08-22] ( ) [File not signed]
R0 giveio; C:\WINDOWS\System32\giveio.sys [5248 1996-04-03] () [File not signed]
R3 HdAudAddService; C:\WINDOWS\System32\drivers\HdAudio.sys [145920 2005-01-07] (Windows ® Server 2003 DDK provider)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [24448 2016-03-10] (Malwarebytes)
R3 MTsensor; C:\WINDOWS\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
R3 pfc; C:\WINDOWS\System32\drivers\pfc.sys [10368 2012-07-05] (Padus, Inc.) [File not signed]
S3 ptun0901; C:\WINDOWS\System32\DRIVERS\ptun0901.sys [35288 2014-03-10] (The OpenVPN Project)
R2 Secdrv; C:\WINDOWS\System32\DRIVERS\secdrv.sys [11973 2012-10-18] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
R0 speedfan; C:\WINDOWS\System32\speedfan.sys [25240 2011-03-18] (Almico Software)
R1 SSHDRV65; C:\WINDOWS\system32\drivers\SSHDRV65.sys [120320 2013-06-21] () [File not signed]
R3 stdriver; C:\WINDOWS\System32\DRIVERS\stdriverx86.sys [44624 2014-12-20] ()
S3 tap0901; C:\WINDOWS\System32\DRIVERS\tap0901.sys [35288 2013-08-22] (The OpenVPN Project)
R3 taphss; C:\WINDOWS\System32\DRIVERS\taphss.sys [33512 2015-12-15] (AnchorFree Inc)
R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesDriver32.sys [12320 2014-03-26] (TuneUp Software)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [File not signed]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-05 02:09 - 2016-07-05 02:09 - 00004880 _____ C:\Documents and Settings\Bogdanian\Desktop\Fixlog111.txt
2016-07-05 02:01 - 2016-07-05 02:08 - 00004880 _____ C:\Documents and Settings\Bogdanian\Desktop\Fixlog.txt
2016-07-05 01:50 - 2016-07-05 02:03 - 00000401 _____ C:\Yellow flags.txt
2016-07-05 01:37 - 2016-07-05 01:37 - 00000000 ____D C:\Intel
2016-07-05 01:36 - 2016-07-05 01:36 - 02886424 _____ (Intel Corporation) C:\Documents and Settings\Bogdanian\Desktop\infinst_autol.exe
2016-07-05 00:24 - 2016-07-05 00:24 - 00025306 _____ C:\Documents and Settings\Bogdanian\Desktop\Addition1.txt
2016-07-05 00:24 - 2016-07-05 00:24 - 00020983 _____ C:\Documents and Settings\Bogdanian\Desktop\FRST1.txt
2016-07-05 00:07 - 2016-07-05 00:08 - 00027202 _____ C:\Documents and Settings\Bogdanian\Desktop\Addition.txt
2016-07-05 00:04 - 2016-07-05 02:10 - 00011218 _____ C:\Documents and Settings\Bogdanian\Desktop\FRST.txt
2016-07-05 00:04 - 2016-07-05 02:09 - 00000000 ____D C:\FRST
2016-07-05 00:03 - 2016-07-05 00:03 - 01740288 _____ (Farbar) C:\Documents and Settings\Bogdanian\Desktop\FRST.exe
2016-07-04 22:39 - 2016-07-04 22:45 - 00051176 _____ C:\Speccy log.txt
2016-07-04 22:37 - 2016-07-04 22:37 - 00000654 _____ C:\Documents and Settings\All Users\Desktop\Speccy.lnk
2016-07-04 22:37 - 2016-07-04 22:37 - 00000000 ____D C:\Program Files\Speccy
2016-07-04 22:37 - 2016-07-04 22:37 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Speccy
2016-07-04 22:35 - 2016-07-04 22:35 - 00014231 _____ C:\VEW2.txt
2016-07-04 22:29 - 2016-07-04 22:29 - 00008531 _____ C:\VEW1.txt
2016-07-04 22:25 - 2016-07-04 22:32 - 00015418 _____ C:\VEW.txt
2016-07-04 22:23 - 2016-07-04 22:23 - 00061440 _____ ( ) C:\Documents and Settings\Bogdanian\Desktop\VEW.exe
2016-07-04 21:34 - 2016-07-04 21:34 - 00002982 _____ C:\System Idle Process.txt
2016-07-04 21:26 - 2016-07-04 21:26 - 00003066 _____ C:\JRT.txt
2016-07-04 21:24 - 2016-07-04 21:24 - 00003066 _____ C:\Documents and Settings\Bogdanian\Desktop\JRT.txt
2016-07-04 21:21 - 2016-07-04 21:21 - 00014011 _____ C:\AdwCleaner[C1].txt
2016-07-04 18:35 - 2016-07-04 18:35 - 01270466 _____ C:\ProcessExplorer.zip
2016-07-04 18:35 - 2016-07-04 18:35 - 00000000 ____D C:\ProcessExplorer
2016-07-03 21:35 - 2016-07-03 21:36 - 00000000 ____D C:\Program Files\BookCAT
2016-07-03 21:35 - 2016-07-03 21:35 - 00001528 _____ C:\Documents and Settings\All Users\Desktop\BookCAT.lnk
2016-07-03 21:35 - 2016-07-03 21:35 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\BookCAT
2016-07-03 01:00 - 2016-07-04 00:24 - 00053956 _____ C:\Documents and Settings\Bogdanian\Desktop\jo_Cosmina.txt
2016-07-01 19:11 - 2016-07-03 17:13 - 00000077 _____ C:\Documents and Settings\Bogdanian\Desktop\Caltut Valentin adresa.txt
2016-06-27 21:54 - 2016-06-27 21:54 - 00000036 _____ C:\Documents and Settings\Bogdanian\Desktop\adresa bucur obor.txt
2016-06-26 16:42 - 2016-06-26 16:43 - 00000000 ____D C:\Documents and Settings\Bogdanian\Desktop\GrantPerms
2016-06-26 16:41 - 2016-06-26 16:41 - 00453083 _____ C:\Documents and Settings\Bogdanian\Desktop\GrantPerms.zip
2016-06-25 00:12 - 2016-07-03 00:59 - 00061349 _____ C:\Documents and Settings\Bogdanian\Desktop\hera.txt
2016-06-24 18:37 - 2016-06-24 18:37 - 20019904 _____ (Adobe Systems Incorporated) C:\Documents and Settings\Bogdanian\My Documents\install_flash_player.exe
2016-06-24 00:04 - 2016-06-24 00:04 - 00106496 _____ C:\WINDOWS\Minidump\Mini062416-01.dmp
2016-06-13 21:17 - 2016-06-13 21:17 - 21027355 _____ C:\Documents and Settings\Bogdanian\Desktop\wetransfer-8bd6d5.zip
2016-06-13 20:02 - 2016-07-05 01:57 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-06-13 00:26 - 2016-06-14 02:14 - 00019456 _____ C:\Documents and Settings\Bogdanian\My Documents\Juniori A1.xls
2016-06-08 20:36 - 2016-06-08 20:36 - 00000215 _____ C:\Documents and Settings\Bogdanian\Desktop\Singureni Malu 0-2.txt

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-05 02:10 - 2012-07-04 21:22 - 00000000 ____D C:\Documents and Settings\Bogdanian\Local Settings\Temp
2016-07-05 01:43 - 2015-04-10 23:41 - 00000364 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job
2016-07-05 01:42 - 2012-07-04 21:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-07-05 01:42 - 2012-07-04 20:48 - 00000882 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-05 01:41 - 2015-03-13 20:17 - 00196608 _____ C:\WINDOWS\system32\config\TuneUp.evt
2016-07-05 01:41 - 2012-07-04 22:55 - 00000000 ____D C:\WINDOWS\security
2016-07-05 01:41 - 2012-07-04 21:22 - 00000278 ___SH C:\Documents and Settings\Bogdanian\ntuser.ini
2016-07-05 01:41 - 2012-07-04 21:21 - 00032554 _____ C:\WINDOWS\SchedLgU.Txt
2016-07-05 01:40 - 2012-07-04 21:22 - 00000000 ____D C:\Documents and Settings\Bogdanian
2016-07-05 01:39 - 2012-07-04 21:22 - 00000000 ___RD C:\Documents and Settings\Bogdanian\My Documents\My Pictures
2016-07-05 01:38 - 2012-07-04 22:55 - 00000000 RSHDC C:\WINDOWS\system32\dllcache
2016-07-05 01:38 - 2012-07-04 22:55 - 00000000 ___HD C:\WINDOWS\inf
2016-07-05 01:33 - 2012-07-05 16:56 - 00000000 ____D C:\Documents and Settings\Bogdanian\Local Settings\Application Data\ApplicationHistory
2016-07-05 01:13 - 2012-07-04 20:48 - 00000886 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-05 00:01 - 2001-08-23 17:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2016-07-04 21:22 - 2012-07-04 21:22 - 00000000 ___RD C:\Documents and Settings\Bogdanian\My Documents
2016-07-04 21:21 - 2012-07-04 21:09 - 00000178 ___SH C:\Documents and Settings\UpdatusUser\ntuser.ini
2016-07-04 21:15 - 2013-08-23 19:14 - 00000000 ____D C:\AdwCleaner
2016-07-04 21:15 - 2012-07-04 22:37 - 00000000 ____D C:\Program Files\Yahoo!
2016-07-04 21:02 - 2016-04-27 19:19 - 00000000 ____D C:\Documents and Settings\Bogdanian\Application Data\.purple
2016-07-04 04:53 - 2014-05-25 00:55 - 00000000 ____D C:\WINDOWS\uninstall
2016-07-04 02:01 - 2015-01-23 21:23 - 00170200 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-07-03 01:00 - 2016-05-22 19:33 - 00396699 _____ C:\Documents and Settings\Bogdanian\Desktop\Zgatia.txt
2016-06-26 14:58 - 2012-07-04 21:32 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2016-06-24 19:21 - 2012-07-04 20:55 - 00796352 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2016-06-24 19:21 - 2012-07-04 20:55 - 00142528 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2016-06-24 18:36 - 2014-09-01 00:19 - 00000000 ____D C:\Documents and Settings\Bogdanian\Local Settings\Application Data\Adobe
2016-06-24 00:04 - 2012-10-01 18:25 - 00000000 ____D C:\WINDOWS\Minidump
2016-06-21 22:04 - 2016-05-24 22:30 - 00035066 _____ C:\Documents and Settings\Bogdanian\Desktop\Ariel.txt
2016-06-21 19:23 - 2012-07-05 17:59 - 00000000 ____D C:\Documents and Settings\Bogdanian\Application Data\mIRC
2016-06-21 19:21 - 2012-07-05 17:59 - 00000000 ____D C:\Program Files\mIRC
2016-06-18 13:01 - 2012-11-22 22:16 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\EA SPORTS
2016-06-14 19:51 - 2016-06-01 23:37 - 00000884 _____ C:\Documents and Settings\Bogdanian\Desktop\Denumiri.txt
2016-06-14 11:26 - 2015-08-28 23:32 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service

==================== Files in the root of some directories =======

2012-08-12 18:01 - 2012-08-12 18:05 - 0008063 _____ () C:\Documents and Settings\Bogdanian\Application Data\Swoosh.game
2012-07-05 05:00 - 2016-05-03 00:33 - 0039424 _____ () C:\Documents and Settings\Bogdanian\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-07-05 16:56 - 2012-07-05 16:56 - 0000132 _____ () C:\Documents and Settings\Bogdanian\Local Settings\Application Data\fusioncache.dat
2013-02-03 04:45 - 2013-08-07 23:07 - 0000054 _____ () C:\Documents and Settings\Bogdanian\Local Settings\Application Data\info.ini
2013-02-03 04:33 - 2013-02-03 04:33 - 0000741 _____ () C:\Documents and Settings\Bogdanian\Local Settings\Application Data\recently-used.xbel

Some files in TEMP:
====================
C:\Documents and Settings\Bogdanian\Local Settings\Temp\bassmod.dll
C:\Documents and Settings\Bogdanian\Local Settings\Temp\libeay32.dll
C:\Documents and Settings\Bogdanian\Local Settings\Temp\msvcr120.dll
C:\Documents and Settings\Bogdanian\Local Settings\Temp\sqlite3.dll

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================

ADDITION:

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 02-07-2016
Ran by Bogdanian (2016-07-05 02:11:18)
Running from C:\Documents and Settings\Bogdanian\Desktop
Microsoft Windows XP Professional Service Pack 2 (X86) (2012-07-04 18:20:29)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1214440339-308236825-682003330-500 - Administrator - Enabled)
ASPNET (S-1-5-21-1214440339-308236825-682003330-1006 - Limited - Enabled)
Bogdanian (S-1-5-21-1214440339-308236825-682003330-1003 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Bogdanian
Guest (S-1-5-21-1214440339-308236825-682003330-501 - Limited - Disabled)
HelpAssistant (S-1-5-21-1214440339-308236825-682003330-1000 - Limited - Disabled)
SUPPORT_388945a0 (S-1-5-21-1214440339-308236825-682003330-1002 - Limited - Disabled)
UpdatusUser (S-1-5-21-1214440339-308236825-682003330-1005 - Limited - Enabled) => %SystemDrive%\Documents and Settings\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM\...\uTorrent) (Version: 3.2.0 - )
ACDSee Pro (HKLM\...\{F99F74B4-972B-4B06-B893-6B3B0DB0128B}) (Version: 8.0.67 - ACD Systems Ltd.)
Adobe Flash Player 21 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Adobe Photoshop CS2 (HKLM\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.01) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.01 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM\...\Adobe Shockwave Player) (Version: 12.2.3.183 - Adobe Systems, Inc.)
AGEIA PhysX v7.03.21 (HKLM\...\{85EBB283-65AF-4C53-9EBE-7C0A232762F7}) (Version: 7.03.21 - AGEIA Technologies, Inc.)
AIDA64 Extreme Edition v2.50 (HKLM\...\AIDA64 Extreme Edition_is1) (Version: 2.50 - FinalWire Ltd.)
Attribute Changer 6.20 (HKLM\...\{27263813-8BDE-4CD2-84D3-02536743428A}_is1) (Version: 6.20 - Romain Petges)
Aurora SVG Viewer & Converter version 11.5 (HKLM\...\{086EADE2-99F8-40BB-AFB0-C9B950501AF5}_is1) (Version: 11.5 - Aurora3D, Inc.)
Avast Free Antivirus (HKLM\...\Avast) (Version: 11.1.2253 - AVAST Software)
Basketball Stat Manager 2.0 (HKLM\...\Basketball Stat Manager) (Version: 2.0 - Stat Manager)
BookCAT (HKLM\...\BookCAT_is1) (Version: - FNProgramvare)
Carambis Driver Updater (HKLM\...\Driver Updater) (Version: 2.0.0.7613 - MEDIA FOG LTD)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6514.5001 - Microsoft Corporation)
Creative MediaSource 5 (HKLM\...\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}) (Version: 5.00 - )
Creative Software AutoUpdate (HKLM\...\Creative Software AutoUpdate) (Version: - )
Das Fussball Studio 8.5.2 (Beta) (HKLM\...\{F804CEB4-747E-46D5-B8AB-C56E3BAF27D9}_is1) (Version: 8.5.2 - vmLOGIC - Volker Mallmann)
DFS Map-Tool 1.0.4 (HKLM\...\{9C0A20E6-A9E1-44BE-8E3E-3E6529FCCC61}_is1) (Version: 1.0.4 - Harry Rechten)
Easy MP3 Sound Recorder 2.01 (HKLM\...\{3E1ECEEC-814C-4B53-9E08-9B1F2FA83434}) (Version: 2.01.0000 - Shiyi Software Workroom)
FIFA MANAGER 10 (HKLM\...\FIFA MANAGER 10) (Version: 2.0.0.6 - Electronic Arts)
FormatFactory 2.96 (HKLM\...\FormatFactory) (Version: 2.96 - Free Time)
Free Sound Recorder v9.4.1 (HKLM\...\Free Sound Recorder_is1) (Version: - Copyright© 2005-2012 FreeSoundRecorder Technologies, Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.30.3 - Google Inc.) Hidden
High Definition Audio Driver Package - KB888111 (HKLM\...\KB888111WXPSP2) (Version: 20040219.000000 - Microsoft Corporation)
IMosaic (HKLM\...\{89F72A6E-05C7-4066-BC80-3DBEDA4E8BF2}) (Version: 0.9.6 - IMosaic)
LeaguePad (HKLM\...\LeaguePad4.5) (Version: - )
Ltrack 7.3 (HKLM\...\Ltrack_is1) (Version: - Nigel Thomas)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 1.1 (HKLM\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office 2003 Romanian User Interface Pack (HKLM\...\{901E0418-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{90110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation)
Microsoft Report Viewer Redistributable 2008 (HKLM\...\Microsoft Report Viewer Redistributable 2008) (Version: - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.9 (HKLM\...\Wudf01009) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
mIRC (HKLM\...\mIRC) (Version: 7.25 - mIRC Co. Ltd.)
Mozilla Firefox 47.0 (x86 en-US) (HKLM\...\Mozilla Firefox 47.0 (x86 en-US)) (Version: 47.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 47.0.0.5999 - Mozilla)
MSVC80_x86 (Version: 1.0.1.0 - Nokia) Hidden
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSXML 6.0 Parser (KB933579) (HKLM\...\{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}) (Version: 6.10.1200.0 - Microsoft Corporation)
MySQL Connector/ODBC 3.51 (HKLM\...\{0CB3C535-1171-4A20-B549-E2CB5DEB9723}) (Version: 3.51.12 - MySQL AB)
NEF to JPG (HKLM\...\{13D87B39-2A3B-4675-A0D9-B8B01EA2F8E3}_is1) (Version: - neftojpg.com)
Nero 6 Ultra Edition (HKLM\...\Nero - Burning Rom!UninstallKey) (Version: - )
NSIS LHM2005 (remove only) (HKLM\...\LHM2005) (Version: - )
NSIS LHM2006 (remove only) (HKLM\...\LHM2006) (Version: - )
NVIDIA Graphics Driver 301.42 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 301.42 - NVIDIA Corporation)
NVIDIA nView 136.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 136.27 - NVIDIA Corporation)
NVIDIA Update 1.8.15 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.8.15 - NVIDIA Corporation)
Origin (HKLM\...\Origin) (Version: 9.2.1.4399 - Electronic Arts, Inc.)
PC Connectivity Solution (HKLM\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.3.2 - Frank Heindörfer, Philip Chinery)
Perfect Uninstaller v6.3.3.9 (HKLM\...\Perfect Uninstaller_is1) (Version: - www.PerfectUninstaller.com)
PhotoScape (HKLM\...\PhotoScape) (Version: - )
Pidgin (HKLM\...\Pidgin) (Version: 2.10.12 - )
Realtek AC'97 Audio (HKLM\...\{FB08F381-6533-4108-B7DD-039E11FBC27E}) (Version: 5.33 - Realtek Semiconductor Corp.)
REALTEK GbE & FE Ethernet PCI NIC Driver (HKLM\...\{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}) (Version: 1.23.0000 - Realtek)
REALTEK GbE & FE Ethernet PCI-E NIC Driver (HKLM\...\{C9BED750-1211-4480-B1A5-718A3BE15525}) (Version: 1.00.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.6013 - Realtek Semiconductor Corp.)
RecordPad Sound Recorder (HKLM\...\Recordpad) (Version: 5.28 - NCH Software)
Revo Uninstaller Pro 3.1.5 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.5 - VS Revo Group, Ltd.)
SevenZip (HKLM\...\SevenZip) (Version: 9.20 - SevenZip)
SopCast 3.5.0 (HKLM\...\SopCast) (Version: 3.5.0 - www.sopcast.com)
SoundTap Streaming Audio Recorder (HKLM\...\SoundTap) (Version: 2.31 - NCH Software)
Speccy (HKLM\...\Speccy) (Version: 1.29 - Piriform)
SpeedFan (remove only) (HKLM\...\SpeedFan) (Version: - )
SPMT (HKLM\...\{097AE5D5-478A-4F29-A8D9-95575F0A0C00}) (Version: 2.6.0 - SPMT)
Sport Tables 2.4 (HKLM\...\Sport Tables_is1) (Version: - FN Systems, Ltd.)
Sports Card Collector v5.1 (HKLM\...\Sports Card Collector v5.1) (Version: - )
SUPER © v2012.build.52 (July 7, 2012) version v2012.build.52 (HKLM\...\{8F311E2E-C275-4CF0-8154-B63991832668}_is1) (Version: v2012.build.52 - eRightSoft)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Total Club Manager 2004 (HKLM\...\{6E5BC38E-F22B-4197-00A2-CD8E58EF139C}) (Version: - )
Total Video Converter 3.21 090220 (HKLM\...\Total Video Converter 3.21_is1) (Version: - EffectMatrix Inc.)
TuneUp Utilities 2014 (en-US) (Version: 14.0.1000.296 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM\...\TuneUp Utilities) (Version: 14.0.1000.296 - TuneUp Software)
TuneUp Utilities 2014 (Version: 14.0.1000.296 - TuneUp Software) Hidden
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
VLC media player 2.1.0 (HKLM\...\VLC media player) (Version: 2.1.0 - VideoLAN)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Winamp (remove only) (HKLM\...\Winamp) (Version: - )
Windows Driver Package - Nokia Modem (06/01/2009 4.1) (HKLM\...\E8A6D621B6D3FC5D43C68C549D959DE76EEF5D84) (Version: 06/01/2009 4.1 - Nokia)
Windows Driver Package - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia)
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray (HKLM\...\KB952011) (Version: 1.0 - Microsoft Corporation)
Windows Imaging Component (HKLM\...\WIC) (Version: 3.0.0.0 - Microsoft Corporation)
Windows Installer 3.1 (KB893803) (HKLM\...\KB893803v2) (Version: 3.1 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows Media Player 10 (HKLM\...\Windows Media Player) (Version: - )
WinRAR 4.01 beta 1 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.1 - win.rar GmbH)
Wizard Sports (HKU\S-1-5-21-1214440339-308236825-682003330-1003\...\Wizard Sports) (Version: - )
Yahoo! Messenger (HKLM\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)
Yahoo! Software Update (HKLM\...\Yahoo! Software Update) (Version: - )
Yammy 0.7 (HKLM\...\Yammy) (Version: 0.7 - Pravin Paratey)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Documents and Settings\Bogdanian\Start Menu\Programs\SevenZip 9.20\Visit SevenZip website.lnk -> hxxp://www.sevenzip.info/ (No File)
Shortcut: C:\Documents and Settings\Bogdanian\Start Menu\Programs\Basketball Stat Manager\Stat Manager Website.lnk -> hxxp://www.basketballstatmanager.com/ (No File)
Shortcut: C:\Documents and Settings\Bogdanian\Favorites\NCH Software Download Site.lnk -> hxxp://www.nch.com.au/index.html (No File)

==================== Loaded Modules (Whitelisted) ==============

2015-04-10 23:40 - 2016-02-26 23:44 - 00113496 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-04-10 23:40 - 2016-02-26 23:44 - 00133768 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-07-04 20:36 - 2016-07-04 20:36 - 02996736 _____ () C:\Program Files\AVAST Software\Avast\defs\16070401\algo.dll
2016-04-14 19:19 - 2016-04-14 19:19 - 00509344 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2004-08-22 17:04 - 2004-08-22 17:04 - 00069120 _____ () C:\WINDOWS\daemon.dll
2003-12-30 21:52 - 2003-12-30 21:52 - 00007168 _____ () C:\Program Files\D-Tools\Plugins\Images\bw5mount.dll
2015-04-10 23:40 - 2015-12-21 22:47 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2001-08-23 17:00 - 2014-09-18 21:02 - 00000732 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1214440339-308236825-682003330-1003\Control Panel\Desktop\\Wallpaper -> C:\Documents and Settings\Bogdanian\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
HKU\S-1-5-21-1214440339-308236825-682003330-1005\Control Panel\Desktop\\Wallpaper -> (None)
DNS Servers: 8.8.8.8 - 8.8.4.4
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Documents and Settings^Bogdanian^Start Menu^Programs^Startup^Adobe Gamma.lnk => C:\WINDOWS\pss\Adobe Gamma.lnkStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: CreativeTaskScheduler => "C:\Program Files\Creative\Shared Files\CTSched.exe" /logon
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

StandardProfile\AuthorizedApplications: [C:\Program Files\mIRC\mirc.exe] => Enabled:mIRC
StandardProfile\AuthorizedApplications: [C:\Program Files\Internet Explorer\iexplore.exe] => Enabled:Internet Explorer
StandardProfile\AuthorizedApplications: [E:\Yu-Gi-Oh! Trilogy\Yu-Gi-Oh! Joey the Passion\joey_pc.exe] => Enabled:joey_pc
StandardProfile\AuthorizedApplications: [C:\WINDOWS\system32\dpnsvr.exe] => Enabled:Microsoft DirectPlay8 Server
StandardProfile\AuthorizedApplications: [C:\Program Files\uTorrent\uTorrent.exe] => Enabled:µTorrent
StandardProfile\AuthorizedApplications: [C:\Program Files\Mozilla Firefox\firefox.exe] => Enabled:Firefox (C:\Program Files\Mozilla Firefox)
DomainProfile\GloballyOpenPorts: [139:TCP] => Enabled:@xpsp2res.dll,-22004
DomainProfile\GloballyOpenPorts: [445:TCP] => Enabled:@xpsp2res.dll,-22005
DomainProfile\GloballyOpenPorts: [137:UDP] => Enabled:@xpsp2res.dll,-22001
DomainProfile\GloballyOpenPorts: [138:UDP] => Enabled:@xpsp2res.dll,-22002
StandardProfile\GloballyOpenPorts: [139:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22004
StandardProfile\GloballyOpenPorts: [445:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22005
StandardProfile\GloballyOpenPorts: [137:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22001
StandardProfile\GloballyOpenPorts: [138:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22002

==================== Restore Points =========================

29-06-2016 20:23:57 System Checkpoint
01-07-2016 22:19:04 System Checkpoint
02-07-2016 22:20:21 System Checkpoint
04-07-2016 21:21:56 JRT Pre-Junkware Removal
05-07-2016 01:57:34 Java™ 6 Update 31 wird entfernt

==================== Faulty Device Manager Devices =============

Name: Multimedia Audio Controller
Description: Multimedia Audio Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: SM Bus Controller
Description: SM Bus Controller
Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

==================== Event log errors: =========================

Application errors:
==================
Error: (06/28/2016 11:41:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application plugin-container.exe, version 47.0.0.5999, faulting module mozglue.dll, version 47.0.0.5999, fault address 0x0000f3ad.
Processing media-specific event for [plugin-container.exe!ws!]

Error: (06/27/2016 11:22:20 AM) (Source: crypt32) (EventID: 8) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download....uthrootseq.txt>with error: The specified server cannot perform the requested operation.

Error: (06/27/2016 11:22:20 AM) (Source: crypt32) (EventID: 8) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download....uthrootseq.txt>with error: This operation returned because the timeout period expired.

Error: (06/24/2016 09:25:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application plugin-container.exe, version 47.0.0.5999, faulting module mozglue.dll, version 47.0.0.5999, fault address 0x0000f3ad.
Processing media-specific event for [plugin-container.exe!ws!]

Error: (06/24/2016 09:25:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application plugin-container.exe, version 47.0.0.5999, faulting module mozglue.dll, version 47.0.0.5999, fault address 0x0000f3ad.
Processing media-specific event for [plugin-container.exe!ws!]

Error: (06/15/2016 11:30:02 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (06/15/2016 11:16:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module unknown, version 0.0.0.0, fault address 0x053cd2c8.
Processing media-specific event for [iexplore.exe!ws!]

Error: (06/14/2016 09:59:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module unknown, version 0.0.0.0, fault address 0x0bdf05cf.
Processing media-specific event for [iexplore.exe!ws!]

Error: (06/12/2016 06:47:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module sopadv.dll, version 3.1.0.0, fault address 0x000051a9.
Processing media-specific event for [iexplore.exe!ws!]

Error: (06/10/2016 07:31:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application plugin-container.exe, version 46.0.1.5966, faulting module mozglue.dll, version 46.0.1.5966, fault address 0x0000efdc.
Processing media-specific event for [plugin-container.exe!ws!]

System errors:
=============
Error: (07/05/2016 01:43:07 AM) (Source: Schannel) (EventID: 4108) (User: )
Description: The certificate received from the remote server has not validated correctly. The
error code is 0x80096004. The SSL connection request has failed. The attached data contains
the server certificate.

Error: (07/05/2016 01:27:06 AM) (Source: Schannel) (EventID: 4108) (User: )
Description: The certificate received from the remote server has not validated correctly. The
error code is 0x80096004. The SSL connection request has failed. The attached data contains
the server certificate.

Error: (07/05/2016 12:03:04 AM) (Source: Schannel) (EventID: 4108) (User: )
Description: The certificate received from the remote server has not validated correctly. The
error code is 0x80096004. The SSL connection request has failed. The attached data contains
the server certificate.

Error: (07/04/2016 10:27:24 PM) (Source: Schannel) (EventID: 4108) (User: )
Description: The certificate received from the remote server has not validated correctly. The
error code is 0x80096004. The SSL connection request has failed. The attached data contains
the server certificate.

Error: (07/04/2016 10:25:36 PM) (Source: 0) (EventID: 15) (User: )
Description: \Device\CdRom3

Error: (07/04/2016 10:25:36 PM) (Source: 0) (EventID: 15) (User: )
Description: \Device\CdRom2

Error: (07/04/2016 10:25:36 PM) (Source: 0) (EventID: 15) (User: )
Description: \Device\CdRom1

Error: (07/04/2016 10:23:22 PM) (Source: Schannel) (EventID: 4108) (User: )
Description: The certificate received from the remote server has not validated correctly. The
error code is 0x80096004. The SSL connection request has failed. The attached data contains
the server certificate.

Error: (07/04/2016 09:21:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The TuneUp Utilities Service service terminated unexpectedly. It has done this 1 time(s).

Error: (07/04/2016 09:21:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The NVIDIA Update Service Daemon service terminated unexpectedly. It has done this 1 time(s).

==================== Memory info ===========================

Processor: Intel® Pentium® 4 CPU 3.20GHz
Percentage of memory in use: 36%
Total physical RAM: 2047.11 MB
Available physical RAM: 1304.5 MB
Total Virtual: 3433.26 MB
Available Virtual: 2828.64 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:19.53 GB) (Free:2.19 GB) NTFS ==>[drive with boot components (Windows XP)]
Drive d: () (Fixed) (Total:68.36 GB) (Free:0.24 GB) NTFS
Drive e: () (Fixed) (Total:68.36 GB) (Free:0.2 GB) NTFS
Drive f: (filme) (Fixed) (Total:68.36 GB) (Free:2.57 GB) NTFS
Drive g: () (Fixed) (Total:73.46 GB) (Free:0.32 GB) NTFS
Drive l: (USB DISK) (Removable) (Total:3.61 GB) (Free:0.04 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 298.1 GB) (Disk ID: 00D300D3)
Partition 1: (Active) - (Size=19.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=278.5 GB) - (Type=OF Extended)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 3.6 GB) (Disk ID: C3072E18)
Partition 1: (Not Active) - (Size=3.6 GB) - (Type=0C)

==================== End of Addition.txt ============================

Attached Thumbnails

#17
Gasol

Posted 04 July 2016 - 05:48 PM

Member

Topic Starter
Member
153 posts

Now the last log files

FIX LOG:

Fix result of Farbar Recovery Scan Tool (x86) Version: 02-07-2016
Ran by Bogdanian (2016-07-05 02:01:15) Run:1
Running from C:\Documents and Settings\Bogdanian\Desktop
Loaded Profiles: Bogdanian & UpdatusUser (Available Profiles: Bogdanian & UpdatusUser)
Boot Mode: Normal

==============================================

fixlist content:
*****************
URLSearchHook: [S-1-5-21-1214440339-308236825-682003330-1005] ATTENTION => Default URLSearchHook is missing
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll [2012-09-08] (Sun Microsystems, Inc.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-09-08] (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class -> {E7E6F031-17CE-4C07-BC86-EABFE594F69C} -> C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2012-09-08] (Sun Microsystems, Inc.)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll [2012-09-08] (Sun Microsystems, Inc.)
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF Extension: Java Quick Starter - C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2012-09-08] [not signed]
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - <no Path\update_url>
R2 JavaQuickStarterService; C:\Program Files\Java\jre6\bin\jqs.exe [153376 2012-09-08] (Sun Microsystems, Inc.)
S4 IntelIde; no ImagePath
S3 pccsmcfd; system32\DRIVERS\pccsmcfd.sys [X]
S3 SASPROT; \??\C:\Program Files\Systweak AntiSpyware\sasprot.sys [X]
Shortcut: C:\Documents and Settings\Bogdanian\Start Menu\Programs\SevenZip 9.20\Visit SevenZip website.lnk -> hxxp://www.sevenzip.info/ (No File)
Shortcut: C:\Documents and Settings\Bogdanian\Start Menu\Programs\Basketball Stat Manager\Stat Manager Website.lnk -> hxxp://www.basketballstatmanager.com/ (No File)
Shortcut: C:\Documents and Settings\Bogdanian\Favorites\NCH Software Download Site.lnk -> hxxp://www.nch.com.au/index.html (No File)
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:373E1720 [119]
AlternateDataStreams: C:\Documents and Settings\Bogdanian\My Documents\8c283f0cbe825f93ca4fac16e2a6d414.zip:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]

*****************

Could not restore Default URLSearchHook.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}" => key removed successfully.
HKCR\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => key removed successfully.
"HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C} => key not found.
HKCR\CLSID\{E7E6F031-17CE-4C07-BC86-EABFE594F69C} => key not found.
HKLM\Software\MozillaPlugins\@java.com/JavaPlugin => key not found.
C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll => not found.
HKLM\Software\Mozilla\Firefox\Extensions\\[email protected] => value not found.
C:\Program Files\Java\jre6\lib\deploy\jqs\ff => not found.
"HKLM\SOFTWARE\Google\Chrome\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk" => key removed successfully.
JavaQuickStarterService => service not found.
IntelIde => service removed successfully.
pccsmcfd => service removed successfully.
SASPROT => service removed successfully.
Shortcut: C:\Documents and Settings\Bogdanian\Start Menu\Programs\SevenZip 9.20\Visit SevenZip website.lnk -> hxxp://www.sevenzip.info/ (No File) => Error: No automatic fix found for this entry.
Shortcut: C:\Documents and Settings\Bogdanian\Start Menu\Programs\Basketball Stat Manager\Stat Manager Website.lnk -> hxxp://www.basketballstatmanager.com/ (No File) => Error: No automatic fix found for this entry.
Shortcut: C:\Documents and Settings\Bogdanian\Favorites\NCH Software Download Site.lnk -> hxxp://www.nch.com.au/index.html (No File) => Error: No automatic fix found for this entry.
C:\Documents and Settings\All Users\Application Data\TEMP => ":373E1720" ADS removed successfully..
C:\Documents and Settings\Bogdanian\My Documents\8c283f0cbe825f93ca4fac16e2a6d414.zip => ":{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}" ADS removed successfully..

==== End of Fixlog 02:08:05 ====

VEW 1:

Vino's Event Viewer v01c run on Windows XP in English
Report run at 05/07/2016 02:33:17

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 05/07/2016 02:28:31
Type: error Category: 0
Event: 36876 Source: Schannel
The certificate received from the remote server has not validated correctly. The error code is 0x80096004. The SSL connection request has failed. The attached data contains the server certificate.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

VEW 2:

Vino's Event Viewer v01c run on Windows XP in English
Report run at 05/07/2016 02:34:24

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 05/07/2016 02:26:56
Type: warning Category: 0
Event: 1517 Source: Userenv
Windows saved user ACASA\Bogdanian registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use. This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

#18
RKinner

Posted 04 July 2016 - 06:08 PM

Malware Expert

Expert
24,625 posts

The first Driver 1) Multimedia Audio Controller:

PCI\VEN_1102&DEV_0007&SUBSYS_100A1102&REV_00

Creative Sound Blaster Still looking for a driver for it.

Try this one for the second.

https://downloadcent...-?product=81509

Download UPHClean. To download and install UPHClean, visit the following Microsoft Web site:

http://www.microsoft...70-42470E2F3582

You will be prompted to validate your copy of Windows.

As soon as you have downloaded the UPHClean installer (UPHClean-Setup.msi), double-click the installer to begin the installation.

In the User Profile Hive Cleanup Service installation wizard, click Next.

In the License Agreement page, read the license agreement, select I Agree, and then click Next.

In the Select Installation Folder page, click Next.

In the Confirm Installation page, click Next.

When UPHClean is installed, click Close.

Note UPHClean runs as a service in Windows and will start automatically every time that Windows starts.

To confirm that UPHClean is installed and running, click Start, and then click Run.

In Open box, type the following text, and then click OK:

services.msc

In Services, in the Name column, locate User Profile Hive Cleanup. In the Status column, confirm that the User Profile Hive Cleanup service is Started.

#19
Gasol

Posted 04 July 2016 - 06:21 PM

Member

Topic Starter
Member
153 posts

Only errors

Attached Thumbnails

#20
RKinner

Posted 04 July 2016 - 06:31 PM

Malware Expert

Expert
24,625 posts

Microsoft doesn't lke XP any more. UPHClean we can get at MajorGeeks:

http://www.majorgeek...up_service.html

I'm thinking the other fails because you don't have SP3

#21
Gasol

Posted 04 July 2016 - 06:47 PM

Member

Topic Starter
Member
153 posts

Now it works!

I confirm User Profile Hive Cleanup service is Started.

Back to Virus, Spyware, Malware Removal · Next Unread Topic →

Also tagged with one or more of these keywords: error, xp, cannot acces

Retired Forums → Windows Vista and Windows 7 → Can I Use Vista With Any Degree of Security? If so, How? Started by Waste of Space , 12 Nov 2020 firewall, vista, security, xp and 4 more...	4 replies 4,943 views	Waste of Space 15 Nov 2020
Security → Virus, Spyware, Malware Removal → There was a problem starting StartupCheckLibrary.dll Started by pedrozoalencar , 25 May 2020 dll, startup, error, missing	2 replies 5,088 views	zep516 29 May 2020
Answered Hardware → Hardware, Components and Peripherals → 8tb external drive worked now drive is not accessible (Resolved). Started by leader 2 , 16 May 2020 external, hard drive, windows 10 and 5 more...	3 replies 5,051 views	phillpower2 16 May 2020
Security → Virus, Spyware, Malware Removal → Your Connection is not private - Error Started by Emma Ryan , 05 Mar 2020 Error, Chrome, SSL Certificate	2 replies 2,586 views	Gary R 07 Mar 2020
Security → Virus, Spyware, Malware Removal → There was a problem starting StartupCheckLibrary.dll Started by vegetables , 14 Oct 2019 StartupCheckLibrary, dll, error and 2 more...	4 replies 36,147 views	vegetables 15 Oct 2019