Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:05-12-2015
- Ran by Owner (administrator) on ALICEA (06-12-2015 19:33:35)
- Running from C:\Documents and Settings\Owner\My Documents\Downloads
- Loaded Profiles: Owner (Available Profiles: Owner & kids & Administrator)
- Platform: Microsoft Windows XP Service Pack 3 (X86) Language: English (United States)
- Internet Explorer Version 8 (Default browser: Chrome)
- Boot Mode: Normal
- Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
- ==================== Processes (Whitelisted) =================
- (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
- (Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
- ( ) C:\WINDOWS\system32\lxdncoms.exe
- (Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
- (Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
- (Symantec Corporation) C:\Program Files\Norton Security Suite\Engine\5.2.2.3\ccsvchst.exe
- () C:\WINDOWS\system32\SecUPDUtilSvc.exe
- (Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
- (Symantec Corporation) C:\Program Files\Norton Security Suite\Engine\5.2.2.3\ccsvchst.exe
- (BitTorrent Inc.) C:\Documents and Settings\kids\Application Data\BitTorrent\BitTorrent.exe
- (BitTorrent Inc.) C:\Documents and Settings\kids\Application Data\BitTorrent\updates\7.9.5_41373\utorrentie.exe
- (BitTorrent Inc.) C:\Documents and Settings\kids\Application Data\BitTorrent\updates\7.9.5_41373\utorrentie.exe
- (Razer USA Ltd) C:\Program Files\Razer\Razer Game Booster\gbtray.exe
- (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
- ==================== Registry (Whitelisted) ===========================
- (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
- HKLM\...\Run: [GB_UPDATE] => C:\Program Files\Razer\Razer Game Booster\AutoUpdate.exe [2051688 2013-06-05] ()
- HKLM\...\InprocServer32: [Default-wbemess] ATTENTION! ====> ZeroAccess?
- HKU\S-1-5-21-1614895754-1637723038-1417001333-1003\...\Run: [BitTorrent] => C:\Documents and Settings\kids\Application Data\BitTorrent\BitTorrent.exe [1873952 2015-12-01] (BitTorrent Inc.)
- HKU\S-1-5-18\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "C:\WINDOWS\system32\config\systemprofile\Application Data\SearchProtect"
- ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)
- ShellIconOverlayIdentifiers: [OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security Suite\Engine\5.2.2.3\buShell.dll [2011-03-25] (Symantec Corporation)
- ShellIconOverlayIdentifiers: [OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security Suite\Engine\5.2.2.3\buShell.dll [2011-03-25] (Symantec Corporation)
- ShellIconOverlayIdentifiers: [OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security Suite\Engine\5.2.2.3\buShell.dll [2011-03-25] (Symantec Corporation)
- ==================== Internet (Whitelisted) ====================
- (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
- Winsock: Catalog5 01 mswsock.dll No File ATTENTION: LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
- Winsock: Catalog5 03 mswsock.dll No File ATTENTION: LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
- Winsock: Catalog9 04 mswsock.dll No File
- Winsock: Catalog9 05 mswsock.dll No File
- Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
- Tcpip\..\Interfaces\{909834B8-AB4C-4199-A9E7-88696B2D73DE}: [DhcpNameServer] 75.75.75.75 75.75.76.76
- Internet Explorer:
- ==================
- HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
- HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
- HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://securityresponse.symantec.com/avcenter/fix_homepage/
- HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://securityresponse.symantec.com/avcenter/fix_homepage/
- HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://securityresponse.symantec.com/avcenter/fix_homepage/
- HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= ATTENTION
- SearchScopes: HKLM -> DefaultScope {CB98272D-E0E5-4084-B78F-744BD26A3606} URL =
- SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
- SearchScopes: HKU\.DEFAULT -> {85E949C7-3CFA-4631-83B9-CD74E5577E7C} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=OVO2&o=2159&src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=^A2E&apn_dtid=^YYYYYY^U7^US&apn_uid=92728dce-8ff0-461a-bfc2-898046dfb7a7&apn_sauid=32D0C337-6090-4216-90A9-BC59B47B55BB
- SearchScopes: HKU\S-1-5-21-1614895754-1637723038-1417001333-1003 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
- SearchScopes: HKU\S-1-5-21-1614895754-1637723038-1417001333-1003 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
- SearchScopes: HKU\S-1-5-21-1614895754-1637723038-1417001333-1003 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
- BHO: Lexmark Toolbar -> {1017A80C-6F09-4548-A84D-EDD6AC9525F0} -> C:\Program Files\Lexmark Toolbar\toolband.dll [2008-05-09] ()
- BHO: Symantec NCO BHO -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security Suite\Engine\5.2.2.3\coIEPlg.dll [2012-06-07] (Symantec Corporation)
- BHO: Symantec Intrusion Prevention -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files\Norton Security Suite\Engine\5.2.2.3\IPS\IPSBHO.DLL [2011-03-30] (Symantec Corporation)
- BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-02-21] (Oracle Corporation)
- BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-21] (Oracle Corporation)
- Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security Suite\Engine\5.2.2.3\coIEPlg.dll [2012-06-07] (Symantec Corporation)
- Toolbar: HKLM - Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll [2008-05-09] ()
- Toolbar: HKU\.DEFAULT -> Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll No File
- Toolbar: HKU\S-1-5-21-1614895754-1637723038-1417001333-1003 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security Suite\Engine\5.2.2.3\coIEPlg.dll [2012-06-07] (Symantec Corporation)
- Toolbar: HKU\S-1-5-21-1614895754-1637723038-1417001333-1003 -> Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll [2008-05-09] ()
- Toolbar: HKU\S-1-5-21-1614895754-1637723038-1417001333-1003 -> No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
- DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
- FireFox:
- ========
- FF ProfilePath: C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ff4g6axp.default
- FF SearchEngineOrder.1: SafeSearch
- FF SelectedSearchEngine: SafeSearch
- FF Homepage: google.co
- FF Keyword.URL: hxxp://www.safesear.ch/web/?type=ss-ff-kw&q=
- FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-10] ()
- FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1220162.dll [2015-08-31] (Adobe Systems, Inc.)
- FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-21] (Oracle Corporation)
- FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-21] (Oracle Corporation)
- FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
- FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
- FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
- FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
- FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
- FF Plugin HKU\S-1-5-21-1614895754-1637723038-1417001333-1003: @unity3d.com/UnityPlayer,version=1.0 -> C:\Documents and Settings\Owner\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll [No File]
- FF Extension: Performance Cache - C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ff4g6axp.default\extensions\weqbtsfqhw@weqbtsfqhw.org.xpi [2012-07-31] [not signed]
- FF Extension: PageTweak - C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ff4g6axp.default\Extensions\{15312e9a-4905-48da-aae4-15b24bdc2a24}.xpi [2015-11-16]
- FF Extension: XFINITY Toolbar - C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ff4g6axp.default\Extensions\{4b9bcce8-a70b-402a-a7e1-db96831ee26f} [2015-09-19] [not signed]
- FF Extension: Shop to Win 36 - C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ff4g6axp.default\Extensions\{806215f3-1fe9-5c04-f5dd-1617f7bae315} [2013-03-18] [not signed]
- FF Extension: Shop to Win 36 - C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ff4g6axp.default\Extensions\{806215f3-1fe9-5c04-f5dd-1617f7bae315}.xpi [2013-03-18] [not signed]
- FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2015-11-08] [not signed]
- FF HKLM\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\coFFPlgn_2011_7_13_2
- FF Extension: Norton Toolbar - C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\coFFPlgn_2011_7_13_2 [2015-12-06] [not signed]
- FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
- FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-03-06] [not signed]
- Chrome:
- =======
- CHR Profile: C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default
- CHR Extension: (Webchemy) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ahpaegbhedafhepkepfemfbnjkgbedgp [2015-11-22]
- CHR Extension: (Clicking Speed Test) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ainfcnbaendflhcngeajchpabooflble [2015-11-22]
- CHR Extension: (Paintbrush) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\benliocpgpijioclmdjjjjgmimgeodad [2015-11-22]
- CHR Extension: (Pulsate) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bjilkkfelgjefpjbjfnfdhmmoglpbhli [2015-11-22]
- CHR Extension: (Stencil Graffiti Creator II) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bmonioidcehhlkeaflhfhmjeinhlgdmp [2015-11-22]
- CHR Extension: (PokeDream Pokedex Pokemon Search) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dhlghlhbjpgnhdkafnfblngcgldkaagn [2015-11-22]
- CHR Extension: (Denki Word Quest) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dibnbdoaalhdbddheelckdbghjhgkahn [2015-11-22]
- CHR Extension: (Give Up) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\diippoclinjdbklinhchgedilfncehbi [2015-11-22]
- CHR Extension: (Sketch Toy) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ednofnkligfbacmlfggaccfhpkfopojb [2015-11-22]
- CHR Extension: (Polycraft) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\eopfmbpfhhfnklgmjpoehcjaajhpbhbl [2015-11-22]
- CHR Extension: (Relax Inside) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gpigmdgejeepcfnpchfophhkecblanic [2015-11-22]
- CHR Extension: (Read Free Manga Online) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hdegamdckbocolhhkaofdpfadahamcnj [2015-11-22]
- CHR Extension: (ButtonBass Dubstep Balls) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\icmjadonkmcblbkocpaaefjbceiijfdg [2015-11-22]
- CHR Extension: (90`s Games) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\illbbfoihflomkbpcaaakhijinbnejom [2015-11-22]
- CHR Extension: (Papa's Anthology) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jdbdlnjdjegklpfoffcpjmepcacdknpd [2015-11-22]
- CHR Extension: (ButtonBass Player Piano) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lkmkonkgohgomnnkaclbiammkcjenfdi [2015-11-22]
- CHR Extension: (Relaxing PacMan) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lmgkcbpcpncgblalmiafacphddepkghj [2015-11-22]
- CHR Extension: (Browser Pets) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mhgallfjacflgalnbpcpmnfibodgbdkc [2015-11-22]
- CHR Extension: (ButtonBeats Guitar) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mkcpeekapbmklcidenkpbjcpcicmjmnf [2015-11-22]
- CHR Extension: (Listube - Free Online On-Demand Music Player) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mlelfeaeehmpkbcfjmjcbilahepgcjgk [2015-12-05]
- CHR Extension: (deviantART muro) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\namljbfbglehfnlonjmebceimaalofei [2015-11-22]
- CHR Extension: (InspirARTion - Sketch & Draw!) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nhbmpilemgmpbdaniehhmodkkppkelec [2015-11-22]
- CHR Extension: (Wikipedia Instant) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nlnikhpimclelcopmneehjglfppbnojd [2015-11-22]
- CHR Extension: (Chrome Web Store Payments) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-16]
- CHR Extension: (TypingClub) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\obdbgibnhfcjmmpfijkpcihjieedpfah [2015-11-22]
- CHR Extension: (Wallpaper Customizer) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pggbacoeeiigddnlocgkgigllpiennmd [2015-11-28]
- CHR Extension: (Pandemic 2) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\piamnadekmbodeiimejmegflchadggmh [2015-11-22]
- CHR Profile: C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Profile 1
- CHR Extension: (Google Slides) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-26]
- CHR Extension: (Google Drive) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-24]
- CHR Extension: (YouTube) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
- CHR Extension: (Google Search) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
- CHR Extension: (Despicable Me Minions Partying) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\eddehnkimbchcgmbpbpmfiomedigjjki [2015-08-08]
- CHR Extension: (Norton Home Page for Chrome) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\ejbdobdndcjhdmljipngpeoekdinlohe [2015-06-26]
- CHR Extension: (Google Sheets) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-26]
- CHR Extension: (Google Docs Offline) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-19]
- CHR Extension: (XFINITY® One Click) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\gpneloifkenkdnebjkadkmnfekfpggdi [2015-09-19]
- CHR Extension: (Norton Identity Safe) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-06-26]
- CHR Extension: (Norton Safe) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\nmgcfemagnogdodbambjhdcmfcpicngl [2015-06-26]
- CHR Extension: (Chrome Web Store Payments) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-28]
- CHR Extension: (Gmail) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-26]
- ==================== Services (Whitelisted) ========================
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- S2 lxdnCATSCustConnectService; C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdnserv.exe [94208 2009-04-28] (Lexmark International, Inc.)
- R2 lxdn_device; C:\WINDOWS\system32\lxdncoms.exe [589824 2007-11-28] ( )
- R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
- R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
- R2 N360; C:\Program Files\Norton Security Suite\Engine\5.2.2.3\ccSvcHst.exe [130008 2011-04-16] (Symantec Corporation)
- R2 SamsungUPDUtilSvc; C:\WINDOWS\system32\SecUPDUtilSvc.exe [118576 2014-11-26] ()
- S4 AntiSpywareService; C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe [X]
- ===================== Drivers (Whitelisted) ==========================
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- R1 BHDrvx86; C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20151113.001\BHDrvx86.sys [1193032 2015-10-08] (Symantec Corporation)
- S3 CCDECODE; C:\windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
- R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [389968 2015-11-18] (Symantec Corporation)
- R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [125264 2015-11-18] (Symantec Corporation)
- R3 IDSxpx86; C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20151204.001\IDSxpx86.sys [548536 2015-10-16] (Symantec Corporation)
- S3 JL2005C; C:\windows\System32\Drivers\jl2005c.sys [69098 2009-05-25] (Windows (R) 2000 DDK provider) [File not signed]
- R3 KMWDFILTER; C:\windows\System32\DRIVERS\KMWDFILTER.sys [17408 2008-10-09] (Windows (R) Codename Longhorn DDK provider)
- R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes)
- R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [170200 2015-12-06] (Malwarebytes)
- R3 NAVENG; C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20151206.002\NAVENG.SYS [104440 2015-10-27] (Symantec Corporation)
- R3 NAVEX15; C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20151206.002\NAVEX15.SYS [1647216 2015-10-27] (Symantec Corporation)
- S3 NdisIP; C:\windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
- R0 sptd; C:\windows\System32\Drivers\sptd.sys [691696 2015-11-16] () [File not signed]
- R3 SRTSP; C:\windows\System32\Drivers\N360\0502020.003\SRTSP.SYS [516216 2011-03-30] (Symantec Corporation)
- R1 SRTSPX; C:\windows\system32\drivers\N360\0502020.003\SRTSPX.SYS [50168 2011-03-30] (Symantec Corporation)
- R0 SymDS; C:\windows\System32\drivers\N360\0502020.003\SYMDS.SYS [340088 2011-01-27] (Symantec Corporation)
- R0 SymEFA; C:\windows\System32\drivers\N360\0502020.003\SYMEFA.SYS [744568 2011-03-14] (Symantec Corporation)
- R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT.SYS [126584 2012-03-05] (Symantec Corporation)
- R1 SymIRON; C:\windows\system32\drivers\N360\0502020.003\Ironx86.SYS [136312 2010-11-15] (Symantec Corporation)
- R1 SYMTDI; C:\windows\System32\Drivers\N360\0502020.003\SYMTDI.SYS [369784 2011-04-20] (Symantec Corporation)
- U3 a018wcl9; C:\windows\system32\Drivers\a018wcl9.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
- S3 CA561; System32\Drivers\SPCA561.SYS [X]
- S4 IntelIde; no ImagePath
- S3 USBAAPL; System32\Drivers\usbaapl.sys [X]
- U1 WS2IFSL; no ImagePath
- ==================== NetSvcs (Whitelisted) ===================
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- ==================== One Month Created files and folders ========
- (If an entry is included in the fixlist, the file/folder will be moved.)
- 2015-12-06 19:33 - 2015-12-06 19:33 - 00000000 ____D C:\FRST
- 2015-12-06 18:25 - 2015-12-06 18:25 - 00000000 ____D C:\Documents and Settings\Owner\My Documents\Razer
- 2015-12-06 18:23 - 2015-12-06 18:23 - 00000000 ____D C:\Documents and Settings\Owner\Local Settings\Application Data\Razer
- 2015-12-06 18:22 - 2015-12-06 18:22 - 00000851 _____ C:\Documents and Settings\All Users\Desktop\Razer Game Booster.lnk
- 2015-12-06 18:22 - 2015-12-06 18:22 - 00000000 ____D C:\Program Files\Razer
- 2015-12-06 18:22 - 2015-12-06 18:22 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Razer
- 2015-12-06 18:22 - 2015-12-06 18:22 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Razer
- 2015-12-06 18:22 - 2013-01-30 17:47 - 02106216 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_43.dll
- 2015-12-06 18:22 - 2013-01-30 17:47 - 01998168 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_43.dll
- 2015-12-06 18:22 - 2013-01-30 17:47 - 00470880 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_43.dll
- 2015-12-06 18:22 - 2013-01-30 17:47 - 00248672 _____ (Microsoft Corporation) C:\windows\system32\d3dx11_43.dll
- 2015-12-06 17:40 - 2015-12-06 19:35 - 00000000 ____D C:\Documents and Settings\Owner\Local Settings\Temp
- 2015-12-06 17:40 - 2015-12-06 18:31 - 00000000 ____D C:\Documents and Settings\NetworkService\Local Settings\Temp
- 2015-12-06 17:40 - 2015-12-06 17:40 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\Temp
- 2015-12-06 17:40 - 2015-12-06 17:40 - 00000000 ____D C:\Documents and Settings\Default User\Local Settings\Temp
- 2015-12-06 17:40 - 2015-12-06 17:40 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Temp
- 2015-12-06 17:40 - 2015-12-06 16:34 - 00024064 _____ C:\windows\zoek-delete.exe
- 2015-12-06 17:05 - 2015-12-06 17:40 - 00000000 ____D C:\zoek
- 2015-12-06 16:33 - 2015-12-06 17:27 - 00000000 ____D C:\zoek_backup
- 2015-12-06 00:36 - 2015-12-06 18:34 - 00170200 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
- 2015-12-06 00:34 - 2015-12-06 02:17 - 00000777 _____ C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
- 2015-12-06 00:34 - 2015-12-06 00:34 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
- 2015-12-06 00:34 - 2015-12-06 00:34 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
- 2015-12-06 00:34 - 2015-12-06 00:34 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Malwarebytes
- 2015-12-06 00:34 - 2015-10-05 09:50 - 00121560 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamchameleon.sys
- 2015-12-06 00:34 - 2015-10-05 09:50 - 00023256 _____ (Malwarebytes) C:\windows\system32\Drivers\mbam.sys
- 2015-12-05 22:23 - 2015-12-05 22:23 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Application Data\Google
- 2015-12-05 22:12 - 2015-12-06 02:17 - 00001813 _____ C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
- 2015-12-05 22:12 - 2015-12-05 22:12 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Google Chrome
- 2015-12-05 22:08 - 2015-12-06 19:21 - 00000886 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- 2015-12-05 22:08 - 2015-12-06 18:30 - 00000882 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- 2015-11-29 09:22 - 2015-11-29 09:21 - 00102400 _____ C:\windows\Minidump\Mini112915-02.dmp
- 2015-11-29 08:57 - 2015-11-29 08:57 - 00102400 _____ C:\windows\Minidump\Mini112915-01.dmp
- 2015-11-21 14:33 - 2015-11-21 14:33 - 00102400 _____ C:\windows\Minidump\Mini112115-01.dmp
- 2015-11-20 19:55 - 2015-11-20 19:55 - 00000000 ____D C:\Documents and Settings\Owner\.dvdcss
- 2015-11-20 19:52 - 2015-11-20 19:52 - 00000000 ____D C:\.cache
- 2015-11-20 19:51 - 2015-12-06 02:17 - 00000719 _____ C:\Documents and Settings\All Users\Desktop\PS3 Media Server.lnk
- 2015-11-20 19:51 - 2015-11-20 19:51 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\PS3 Media Server
- 2015-11-20 19:48 - 2015-11-20 19:51 - 00000000 ____D C:\Program Files\PS3 Media Server
- 2015-11-20 19:23 - 2015-11-20 19:38 - 734191616 ____R C:\Documents and Settings\kids\Desktop\[ www.UsaBit.com ] - Smiley 2012 DVDRip XviD-VoMiT.avi
- 2015-11-20 18:17 - 2015-11-20 18:17 - 00102400 _____ C:\windows\Minidump\Mini112015-01.dmp
- 2015-11-19 09:57 - 2015-11-19 09:57 - 00102400 _____ C:\windows\Minidump\Mini111915-01.dmp
- 2015-11-17 14:11 - 2015-12-05 21:51 - 00411516 ____C C:\windows\ntbtlog.txt
- 2015-11-17 13:59 - 2015-12-06 01:51 - 00000803 _____ C:\Documents and Settings\Owner\Start Menu\Programs\Internet Explorer (2).lnk
- 2015-11-17 02:24 - 2015-11-17 14:58 - 00000000 ____D C:\windows\pss
- 2015-11-16 20:31 - 2015-11-16 20:37 - 00000000 ____D C:\Documents and Settings\Owner\My Documents\My Games
- 2015-11-16 20:31 - 2015-11-16 20:31 - 00000000 ____D C:\Documents and Settings\Owner\Local Settings\Application Data\Fallout3
- 2015-11-16 19:29 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_1.dll
- 2015-11-16 19:29 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_1.dll
- 2015-11-16 19:29 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\windows\system32\XAPOFX1_0.dll
- 2015-11-16 19:29 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\windows\system32\X3DAudio1_4.dll
- 2015-11-16 19:29 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_38.dll
- 2015-11-16 19:29 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_38.dll
- 2015-11-16 19:29 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_38.dll
- 2015-11-16 19:29 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_0.dll
- 2015-11-16 19:29 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_0.dll
- 2015-11-16 19:29 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\windows\system32\X3DAudio1_3.dll
- 2015-11-16 19:29 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_37.dll
- 2015-11-16 19:29 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_37.dll
- 2015-11-16 19:29 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_37.dll
- 2015-11-16 19:29 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_10.dll
- 2015-11-16 19:29 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\windows\system32\X3DAudio1_2.dll
- 2015-11-16 19:29 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_36.dll
- 2015-11-16 19:29 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_36.dll
- 2015-11-16 19:29 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_36.dll
- 2015-11-16 19:29 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_9.dll
- 2015-11-16 19:29 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_35.dll
- 2015-11-16 19:29 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_35.dll
- 2015-11-16 19:29 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_35.dll
- 2015-11-16 19:29 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_8.dll
- 2015-11-16 19:29 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_34.dll
- 2015-11-16 19:29 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_34.dll
- 2015-11-16 19:29 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_34.dll
- 2015-11-16 19:29 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_7.dll
- 2015-11-16 19:29 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\windows\system32\x3daudio1_1.dll
- 2015-11-16 19:29 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_6.dll
- 2015-11-16 19:29 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_5.dll
- 2015-11-16 19:29 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_32.dll
- 2015-11-16 19:29 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_31.dll
- 2015-11-16 19:29 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_4.dll
- 2015-11-16 19:29 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_3.dll
- 2015-11-16 19:29 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\windows\system32\xinput1_2.dll
- 2015-11-16 19:29 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_2.dll
- 2015-11-16 19:29 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_1.dll
- 2015-11-16 19:29 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\windows\system32\xinput1_1.dll
- 2015-11-16 19:28 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_30.dll
- 2015-11-16 19:28 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_29.dll
- 2015-11-16 19:28 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_0.dll
- 2015-11-16 19:28 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\windows\system32\x3daudio1_0.dll
- 2015-11-16 19:28 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_28.dll
- 2015-11-16 19:28 - 2005-12-05 18:07 - 00061136 _____ (Microsoft Corporation) C:\windows\system32\xinput9_1_0.dll
- 2015-11-16 19:28 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_27.dll
- 2015-11-16 19:28 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_26.dll
- 2015-11-16 19:28 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_25.dll
- 2015-11-16 19:28 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_24.dll
- 2015-11-16 19:26 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\windows\system32\xinput1_3.dll
- 2015-11-16 19:25 - 2015-11-16 19:25 - 00000000 ____D C:\windows\system32\xlive
- 2015-11-16 19:25 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_33.dll
- 2015-11-16 19:25 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_33.dll
- 2015-11-16 19:25 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_33.dll
- 2015-11-16 19:10 - 2015-12-06 02:17 - 00001613 _____ C:\Documents and Settings\All Users\Desktop\DAEMON Tools Lite.lnk
- 2015-11-16 19:10 - 2015-11-16 19:10 - 00691696 _____ C:\windows\system32\Drivers\sptd.sys
- 2015-11-16 19:10 - 2015-11-16 19:10 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\DAEMON Tools Lite
- 2015-11-16 19:09 - 2015-11-16 19:22 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\DAEMON Tools Lite
- 2015-11-16 19:09 - 2015-11-16 19:11 - 00000000 ____D C:\Program Files\DAEMON Tools Lite
- 2015-11-16 19:09 - 2015-11-16 19:09 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
- 2015-11-16 18:22 - 2015-11-16 18:57 - 1635123200 _____ C:\Documents and Settings\kids\Desktop\Fallout 3.iso
- 2015-11-16 15:49 - 2015-12-06 18:33 - 00000008 __RSH C:\Documents and Settings\All Users\ntuser.pol
- 2015-11-12 15:58 - 2015-11-12 15:58 - 00094208 _____ C:\windows\Minidump\Mini111215-01.dmp
- 2015-11-11 08:04 - 2015-11-11 08:09 - 00000000 ____D C:\e035fa04fbeb21d02d
- 2015-11-08 14:51 - 2015-11-08 14:51 - 00000000 ____D C:\Documents and Settings\kids\Application Data\java
- 2015-11-08 14:50 - 2015-12-06 10:51 - 00000000 ____D C:\Documents and Settings\kids\Application Data\.minecraft
- 2015-11-08 14:50 - 2015-11-08 14:50 - 00002144 _____ C:\Documents and Settings\kids\Desktop\Minecraft.lnk
- 2015-11-08 14:50 - 2015-11-08 14:50 - 00000000 ____D C:\Documents and Settings\kids\Start Menu\Programs\Minecraft
- 2015-11-08 14:42 - 2015-11-08 14:42 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\java
- 2015-11-08 14:41 - 2015-12-06 02:17 - 00002151 _____ C:\Documents and Settings\Owner\Desktop\Minecraft.lnk
- 2015-11-08 14:41 - 2015-11-08 14:41 - 00000000 ____D C:\Documents and Settings\Owner\Start Menu\Programs\Minecraft
- 2015-11-08 14:40 - 2015-12-06 15:35 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\.minecraft
- 2015-11-08 14:38 - 2015-12-05 20:21 - 00000000 ____D C:\Documents and Settings\kids\Desktop\Minecraft 1.7.2 by TeamExtremeMc.com
- 2015-11-08 14:26 - 2015-12-05 21:52 - 00000000 ____D C:\Program Files\Mozilla Firefox
- 2015-11-07 21:22 - 2015-11-07 14:47 - 00065536 ____H C:\windows\Minidump\Mini110715-02.dmp
- 2015-11-07 14:48 - 2015-11-07 14:48 - 00094208 _____ C:\windows\Minidump\Mini110715-01.dmp
- ==================== One Month Modified files and folders ========
- (If an entry is included in the fixlist, the file/folder will be moved.)
- 2015-12-06 19:35 - 2015-09-26 16:04 - 00000000 ____D C:\Documents and Settings\kids\Application Data\BitTorrent
- 2015-12-06 19:35 - 2013-06-03 18:40 - 00000294 _____ C:\windows\Tasks\Browser Manager.job
- 2015-12-06 19:33 - 2011-09-03 09:06 - 00000000 ____D C:\WINDOWS
- 2015-12-06 18:53 - 2012-08-15 13:18 - 00000830 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
- 2015-12-06 18:42 - 2011-09-03 13:28 - 00032594 _____ C:\windows\SchedLgU.Txt
- 2015-12-06 18:33 - 2011-09-03 09:11 - 00000000 ____D C:\Documents and Settings\All Users
- 2015-12-06 18:33 - 2008-04-14 07:00 - 00002278 _____ C:\windows\system32\wpa.dbl
- 2015-12-06 18:30 - 2014-04-02 06:57 - 00000222 _____ C:\windows\Tasks\Microsoft Windows XP End of Service Notification Logon.job
- 2015-12-06 18:29 - 2011-09-03 13:28 - 00000006 ____H C:\windows\Tasks\SA.DAT
- 2015-12-06 18:27 - 2013-10-13 06:35 - 00071888 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
- 2015-12-06 18:27 - 2011-09-03 13:29 - 00000178 ___SH C:\Documents and Settings\Owner\ntuser.ini
- 2015-12-06 18:25 - 2011-09-03 13:29 - 00000000 ___RD C:\Documents and Settings\Owner\My Documents
- 2015-12-06 18:17 - 2011-09-03 09:12 - 00676172 ____C C:\windows\system32\PerfStringBackup.INI
- 2015-12-06 17:43 - 2012-07-24 10:21 - 00000000 ____D C:\Documents and Settings\kids\Local Settings\Temp
- 2015-12-06 17:40 - 2012-07-24 10:21 - 00000178 ___SH C:\Documents and Settings\kids\ntuser.ini
- 2015-12-06 17:19 - 2012-07-22 18:32 - 00000000 ___HD C:\windows\system32\GroupPolicy
- 2015-12-06 16:37 - 2012-07-22 18:20 - 00000178 __SHC C:\Documents and Settings\Administrator\ntuser.ini
- 2015-12-06 16:33 - 2015-10-03 01:49 - 01448141 _____ C:\Documents and Settings\Owner\Desktop\zoek.com
- 2015-12-06 16:33 - 2003-01-24 00:11 - 01309184 _____ C:\Documents and Settings\Owner\Desktop\zoek.exe
- 2015-12-06 14:10 - 2012-07-24 10:23 - 00000420 ____H C:\windows\Tasks\User_Feed_Synchronization-{A837C2B8-86B9-41AF-A27C-3E6F30A4395F}.job
- 2015-12-06 02:17 - 2015-08-30 09:47 - 00002137 _____ C:\Documents and Settings\Owner\Desktop\Google Drive.lnk
- 2015-12-06 02:17 - 2015-08-30 09:47 - 00002069 _____ C:\Documents and Settings\Owner\Desktop\Google Slides.lnk
- 2015-12-06 02:17 - 2015-08-30 09:46 - 00002069 _____ C:\Documents and Settings\Owner\Desktop\Gmail.lnk
- 2015-12-06 02:17 - 2015-08-30 09:46 - 00002065 _____ C:\Documents and Settings\Owner\Desktop\Google Sheets.lnk
- 2015-12-06 02:17 - 2015-07-03 08:07 - 00001874 _____ C:\Documents and Settings\All Users\Desktop\Samsung Printer Diagnostics.lnk
- 2015-12-06 02:17 - 2014-11-23 18:03 - 00001813 _____ C:\Documents and Settings\Owner\Desktop\Chrome App Launcher.lnk
- 2015-12-06 02:17 - 2013-10-12 10:15 - 00002347 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk
- 2015-12-06 02:17 - 2012-07-27 12:49 - 00001761 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Windows Search.lnk
- 2015-12-06 02:17 - 2011-09-03 13:22 - 00000786 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Windows Movie Maker.lnk
- 2015-12-06 02:00 - 2012-03-05 15:13 - 00000000 ____D C:\windows\SxsCaPendDel
- 2015-12-06 01:51 - 2011-09-03 13:29 - 00001579 _____ C:\Documents and Settings\Owner\Start Menu\Programs\Remote Assistance.lnk
- 2015-12-06 01:51 - 2011-09-03 13:29 - 00000803 _____ C:\Documents and Settings\Owner\Start Menu\Programs\Internet Explorer.lnk
- 2015-12-06 01:51 - 2011-09-03 13:29 - 00000764 _____ C:\Documents and Settings\Owner\Start Menu\Programs\Windows Media Player.lnk
- 2015-12-06 00:13 - 2011-09-03 13:29 - 00000000 ____D C:\Documents and Settings\Owner
- 2015-12-05 22:48 - 2015-02-08 11:17 - 00000000 ____D C:\Documents and Settings\kids\Start Menu\Programs\Chrome Apps
- 2015-12-05 22:24 - 2014-11-23 18:03 - 00000000 ____D C:\Documents and Settings\Owner\Start Menu\Programs\Chrome Apps
- 2015-12-05 22:14 - 2011-09-03 09:06 - 00000000 RSHDC C:\windows\system32\dllcache
- 2015-12-05 22:10 - 2013-09-06 14:55 - 00000000 ____D C:\Program Files\Google
- 2015-12-05 21:49 - 2012-07-22 18:27 - 00000000 __SHD C:\windows\CSC
- 2015-12-05 20:12 - 2012-07-24 10:21 - 00000000 ___RD C:\Documents and Settings\kids\My Documents
- 2015-12-02 13:35 - 2012-07-24 10:21 - 00000000 ____D C:\Documents and Settings\kids
- 2015-11-29 09:22 - 2013-04-18 13:56 - 00000000 ____D C:\windows\Minidump
- 2015-11-23 15:40 - 2011-09-03 13:21 - 00000000 ____D C:\windows\system32\Macromed
- 2015-11-20 19:53 - 2015-09-26 16:29 - 00000000 ____D C:\Documents and Settings\All Users\PMS
- 2015-11-17 14:58 - 2008-04-14 07:00 - 00000883 _____ C:\windows\win.ini
- 2015-11-17 14:58 - 2008-04-14 07:00 - 00000227 _____ C:\windows\system.ini
- 2015-11-17 14:44 - 2011-09-03 09:12 - 00001943 _____ C:\windows\imsins.BAK
- 2015-11-17 14:32 - 2012-07-22 18:47 - 00000000 ____D C:\Documents and Settings\Owner\Local Settings\Application Data\NPE
- 2015-11-17 14:01 - 2012-03-05 13:43 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\CallingID
- 2015-11-17 02:45 - 2011-09-03 09:06 - 00000000 ____D C:\windows\Help
- 2015-11-17 02:36 - 2012-08-18 07:06 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
- 2015-11-17 02:36 - 2012-06-20 19:44 - 00000000 ____D C:\windows\system32\appmgmt
- 2015-11-16 20:38 - 2011-09-03 13:34 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
- 2015-11-16 19:29 - 2011-09-03 13:22 - 00000000 ____D C:\windows\system32\DirectX
- 2015-11-16 19:29 - 2011-09-03 09:06 - 00000000 ___HD C:\windows\inf
- 2015-11-16 19:11 - 2013-09-16 10:15 - 00128958 ____C C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
- 2015-11-15 11:24 - 2015-09-26 16:49 - 00004608 _____ C:\Documents and Settings\kids\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
- 2015-11-11 08:09 - 2013-08-13 19:27 - 00000000 ____D C:\windows\system32\MRT
- 2015-11-11 08:06 - 2011-09-03 13:55 - 143250520 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
- 2015-11-10 15:53 - 2012-05-04 16:06 - 00780488 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe
- 2015-11-10 15:53 - 2011-09-03 14:07 - 00142536 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl
- 2015-11-08 15:00 - 2014-04-02 06:57 - 00000216 _____ C:\windows\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
- 2015-11-07 16:31 - 2015-02-08 11:17 - 00001845 _____ C:\Documents and Settings\kids\Desktop\Chrome App Launcher.lnk
- 2015-11-07 15:50 - 2015-07-01 08:53 - 00001993 _____ C:\Documents and Settings\kids\Desktop\mya - Chrome.lnk
- ==================== Files in the root of some directories =======
- 2012-03-04 14:06 - 2013-04-28 12:54 - 0014336 ____C () C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
- 2012-05-05 20:29 - 2014-03-09 11:37 - 0000675 ____C () C:\Documents and Settings\All Users\lxdnDiagnostics.log
- 2014-06-29 15:17 - 2014-06-29 15:17 - 0221367 ____C () C:\Documents and Settings\All Users\SPL17.tmp
- 2014-06-16 20:42 - 2014-06-16 20:42 - 0462312 ____C () C:\Documents and Settings\All Users\SPL2.tmp
- 2014-06-16 20:46 - 2014-06-16 20:46 - 0462312 ____C () C:\Documents and Settings\All Users\SPL3.tmp
- 2014-06-29 15:07 - 2014-06-29 15:07 - 0219658 ____C () C:\Documents and Settings\All Users\SPL4.tmp
- 2014-06-17 13:41 - 2014-06-17 13:41 - 0547768 ____C () C:\Documents and Settings\All Users\SPL6.tmp
- 2014-06-16 18:21 - 2014-06-16 18:21 - 0462312 ____C () C:\Documents and Settings\All Users\SPL7.tmp
- 2014-06-29 15:01 - 2014-06-29 15:01 - 0219658 ____C () C:\Documents and Settings\All Users\SPLBD.tmp
- 2012-05-05 20:29 - 2012-05-05 20:29 - 0000000 ____C () C:\Documents and Settings\All Users\UpdaterLog.txt
- ZeroAccess:
- C:\Windows\Installer\{1cdee83a-7fae-83cc-ac21-a0f30123f493}
- C:\Windows\Installer\{1cdee83a-7fae-83cc-ac21-a0f30123f493}\@
- ZeroAccess :
- Attention: Before removing "C:\windows\$NtUninstallKB27263$" the mount point attached to it should be removed.
- C:\windows\$NtUninstallKB27263$
- ==================== Bamital & volsnap =================
- (There is no automatic fix for files that do not pass verification.)
- C:\windows\explorer.exe => File is digitally signed
- C:\windows\system32\winlogon.exe => File is digitally signed
- C:\windows\system32\svchost.exe => File is digitally signed
- C:\windows\system32\services.exe => File is digitally signed
- C:\windows\system32\User32.dll => File is digitally signed
- C:\windows\system32\userinit.exe => File is digitally signed
- C:\windows\system32\rpcss.dll => File is digitally signed
- C:\windows\system32\dnsapi.dll => File is digitally signed
- C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
- ==================== End of FRST.txt ============================
- Additional scan result of Farbar Recovery Scan Tool (x86) Version:05-12-2015
- Ran by Owner (2015-12-06 19:36:10)
- Running from C:\Documents and Settings\Owner\My Documents\Downloads
- Microsoft Windows XP Service Pack 3 (X86) (2011-09-03 18:25:22)
- Boot Mode: Normal
- ==========================================================
- ==================== Accounts: =============================
- Administrator (S-1-5-21-1614895754-1637723038-1417001333-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
- ASPNET (S-1-5-21-1614895754-1637723038-1417001333-1006 - Limited - Enabled)
- Guest (S-1-5-21-1614895754-1637723038-1417001333-501 - Limited - Enabled)
- HelpAssistant (S-1-5-21-1614895754-1637723038-1417001333-1000 - Limited - Disabled)
- kids (S-1-5-21-1614895754-1637723038-1417001333-1004 - Limited - Enabled) => %SystemDrive%\Documents and Settings\kids
- Owner (S-1-5-21-1614895754-1637723038-1417001333-1003 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Owner
- SUPPORT_388945a0 (S-1-5-21-1614895754-1637723038-1417001333-1002 - Limited - Disabled)
- ==================== Security Center ========================
- (If an entry is included in the fixlist, it will be removed.)
- ==================== Installed Programs ======================
- (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
- Action Replay PowerSaves 3DS version 1.18 (HKLM\...\{CD24B06F-0A4D-410A-AEF2-DFE6A28AB4C0}_is1) (Version: 1.18 - Datel Design & Development)
- Adobe Flash Player 19 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 19.0.0.245 - Adobe Systems Incorporated)
- Adobe Flash Player 19 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)
- Adobe Reader XI (11.0.08) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
- Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.4.154 - Adobe Systems, Inc.)
- Angry Birds (HKLM\...\{0CE0711D-A5E3-4E98-B3C0-0227A5E000CA}) (Version: 2.2.0 - Rovio)
- Broadcom Gigabit Integrated Controller (HKLM\...\{FC57FC53-104C-415C-98D7-B05E659461A9}) (Version: 10.50.03 - Broadcom Corporation)
- Common Desktop Agent (Version: 1.62.0 - OEM) Hidden
- Google Chrome (HKLM\...\Google Chrome) (Version: 47.0.2526.73 - Google Inc.)
- Google Update Helper (Version: 1.3.21.153 - Google Inc.) Hidden
- Google Update Helper (Version: 1.3.29.1 - Google Inc.) Hidden
- InfraRecorder (HKLM\...\InfraRecorder) (Version: - Christian Kindahl)
- Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - Intel Corporation)
- Java 8 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
- Lexmark 2600 Series (HKLM\...\Lexmark 2600 Series) (Version: - Lexmark International, Inc.)
- Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
- Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
- Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version: - )
- Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version: - )
- Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
- Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
- Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
- Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
- Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
- Microsoft Base Smart Card Cryptographic Service Provider Package (HKLM\...\KB909520) (Version: - Microsoft Corporation)
- Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
- Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{929CE49F-1CA7-4CF3-A9A1-6D757443C63F}) (Version: 1.2.0241 - Microsoft Corporation)
- Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
- Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version: - Microsoft Corporation)
- Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
- Minecraft1.7.2 (HKLM\...\Minecraft1.7.2) (Version: - )
- MSXML 6.0 Parser (KB925673) (HKLM\...\{FE9126DB-5F84-495A-BB46-3C724F1C2D08}) (Version: 6.00.3888.0 - Microsoft Corporation)
- Norton Security Suite (HKLM\...\N360) (Version: 5.2.2.3 - Symantec Corporation)
- ooVoo toolbar, powered by Ask.com (HKLM\...\{86D4B82A-ABED-442A-BE86-96357B70F4FE}) (Version: 1.17.3.0 - Ask.com) <==== ATTENTION
- OpenOffice.org 3.3 (HKLM\...\{ED23E382-E5E3-4E21-B616-01FC59A40916}) (Version: 3.3.9567 - OpenOffice.org)
- Peggle Nights 1.0 (HKLM\...\Peggle Nights 1.0) (Version: 1.0 - PopCap Games)
- Razer Game Booster (HKLM\...\Razer Game Booster_is1) (Version: 3.7 - Razer USA Ltd)
- Samsung Easy Document Creator (HKLM\...\Samsung Easy Document Creator) (Version: 1.06.60 (3/17/2015) - Samsung Electronics Co., Ltd.)
- Samsung Easy Printer Manager (HKLM\...\Samsung Easy Printer Manager) (Version: 1.05.81.00(5/25/2015) - Samsung Electronics Co., Ltd.)
- Samsung Easy Wireless Setup (HKLM\...\Easy Wireless Setup) (Version: 3.70.18.0 - Samsung Electronics Co., Ltd.)
- Samsung M2070 Series (HKLM\...\Samsung M2070 Series) (Version: 1.22 (9/7/2015) - Samsung Electronics Co., Ltd.)
- Samsung Printer Diagnostics (HKLM\...\Samsung Printer Diagnostics) (Version: 1.0.1.6.02 - Samsung Electronics Co., Ltd.)
- Samsung Printer Live Update (HKLM\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
- Samsung Scan Process Machine (Version: 1.03.05.25 - Samsung Electronics Co., Ltd.) Hidden
- Samsung Universal Print Driver 2 (HKLM\...\Samsung Universal Print Driver 2) (Version: 2.50.06.00 - Samsung Electronics Co., Ltd.)
- SNS Upload for Easy Document Creator (HKLM\...\{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}) (Version: 1.0.0 - Samsung Electronics Co.,Ltd)
- SoundMAX (HKLM\...\{F0A37341-D692-11D4-A984-009027EC0A9C}) (Version: 5.10.01.7265 - Analog Devices)
- swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
- Uninstall Dual Mode Camera (ST606) (HKLM\...\ST606_2009_0603_1256_is1) (Version: - )
- VoiceOver Kit (HKLM\...\{6B4AD1A9-E73A-4184-9D6B-072F8A3C5EBA}) (Version: 1.42.128.0 - Apple Inc.)
- WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
- Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)
- Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version: - Microsoft Corporation)
- Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
- Windows Management Framework Core (HKLM\...\KB968930) (Version: - Microsoft Corporation)
- Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
- Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - )
- Windows Search 4.0 (HKLM\...\KB940157) (Version: 04.00.6001.503 - Microsoft Corporation)
- XML Paper Specification Shared Components Pack 1.0 (Version: - Microsoft Corporation) Hidden
- ==================== Custom CLSID (Whitelisted): ==========================
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- CustomCLSID: HKU\S-1-5-21-1614895754-1637723038-1417001333-1003_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Documents and Settings\Owner\Local Settings\Application Data\Unity\WebPlayer\loader\UnityWebPlugi (the data entry has 18 more characters).
- ==================== Restore Points =========================
- Could not list restore points
- Check "winmgmt" service or repair WMI.
- ==================== Hosts content: ===============================
- (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
- 2008-04-14 07:00 - 2008-04-14 07:00 - 00000734 ____A C:\windows\system32\Drivers\etc\hosts
- 127.0.0.1 localhost
- ==================== Scheduled Tasks (Whitelisted) =============
- (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
- Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
- Task: C:\windows\Tasks\Browser Manager.job => C:\WINDOWS\system32\sc.exe
- Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
- Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
- Task: C:\windows\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe
- Task: C:\windows\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe
- Task: C:\windows\Tasks\User_Feed_Synchronization-{A837C2B8-86B9-41AF-A27C-3E6F30A4395F}.job => C:\WINDOWS\system32\msfeedssync.exe
- ==================== Shortcuts =============================
- (The entries could be listed to be restored or removed.)
- ==================== Loaded Modules (Whitelisted) ==============
- 2015-07-03 08:06 - 2015-06-11 08:59 - 00018432 _____ () C:\windows\system32\ssm4mlm.dll
- 2015-09-21 16:36 - 2014-04-16 03:22 - 00025600 _____ () C:\windows\system32\usp02l.dll
- 2012-03-14 12:04 - 2009-08-13 03:02 - 00147968 _____ () C:\windows\System32\spool\PRTPROCS\W32X86\lxdndrpp.dll
- 2015-12-06 18:22 - 2012-08-01 15:44 - 00121472 _____ () C:\Program Files\Razer\Razer Game Booster\GBV3ContextMenu.dll
- 2015-09-21 16:36 - 2014-11-26 06:07 - 00118576 _____ () C:\WINDOWS\system32\SecUPDUtilSvc.exe
- 2015-09-21 16:30 - 2013-02-22 12:31 - 00408064 _____ () C:\WINDOWS\system32\SaXPWIA.dll
- 2014-07-24 23:36 - 2015-06-10 01:18 - 00094208 ____N () C:\windows\system32\SSDEVM.DLL
- 2015-12-06 18:22 - 2012-08-01 15:44 - 00519600 _____ () C:\Program Files\Razer\Razer Game Booster\sqlite3.dll
- 2015-12-06 18:22 - 2013-06-04 16:07 - 00535480 _____ () C:\Program Files\Razer\Razer Game Booster\K_fps.dll
- 2015-12-06 18:22 - 2013-06-04 16:07 - 00272360 _____ () C:\Program Files\Razer\Razer Game Booster\D3DX8Wrapper.dll
- 2015-12-06 18:22 - 2013-06-04 16:07 - 00133280 _____ () C:\Program Files\Razer\Razer Game Booster\Mpeg2Video.dll
- 2015-12-06 18:22 - 2013-01-30 17:48 - 07477262 _____ () C:\Program Files\Razer\Razer Game Booster\avcodec-54.dll
- 2015-12-06 18:22 - 2013-01-30 17:48 - 00156174 _____ () C:\Program Files\Razer\Razer Game Booster\keutil-51.dll
- 2015-12-06 18:22 - 2013-01-30 17:48 - 01191950 _____ () C:\Program Files\Razer\Razer Game Booster\avformat-54.dll
- 2015-12-06 18:22 - 2013-01-30 17:48 - 00333326 _____ () C:\Program Files\Razer\Razer Game Booster\swscale-2.dll
- ==================== Alternate Data Streams (Whitelisted) =========
- (If an entry is included in the fixlist, only the ADS will be removed.)
- ==================== Safe Mode (Whitelisted) ===================
- (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
- ==================== EXE Association (Whitelisted) ===============
- (If an entry is included in the fixlist, the registry item will be restored to default or removed.)
- ==================== Internet Explorer trusted/restricted ===============
- (If an entry is included in the fixlist, it will be removed from the registry.)
- IE trusted site: HKU\S-1-5-21-1614895754-1637723038-1417001333-1003\...\microsoft.com -> hxxps://windowsupdate.microsoft.com
- ==================== Other Areas ============================
- (Currently there is no automatic fix for this section.)
- HKU\S-1-5-21-1614895754-1637723038-1417001333-1003\Control Panel\Desktop\\Wallpaper -> C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
- DNS Servers: 75.75.75.75 - 75.75.76.76
- sharedaccess => Firewall Service is not running.
- ==================== MSCONFIG/TASK MANAGER disabled items ==
- (Currently there is no automatic fix for this section.)
- MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Search.lnk => C:\WINDOWS\pss\Windows Search.lnkCommon Startup
- MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
- MSCONFIG\startupreg: BitTorrent => "C:\Documents and Settings\kids\Application Data\BitTorrent\BitTorrent.exe" /MINIMIZED
- MSCONFIG\startupreg: CDAServer => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
- MSCONFIG\startupreg: ctfmon.exe => C:\WINDOWS\system32\ctfmon.exe
- MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
- MSCONFIG\startupreg: HotKeysCmds => C:\WINDOWS\system32\hkcmd.exe
- MSCONFIG\startupreg: IgfxTray => C:\WINDOWS\system32\igfxtray.exe
- MSCONFIG\startupreg: Persistence => C:\WINDOWS\system32\igfxpers.exe
- MSCONFIG\startupreg: SoundMAXPnP => C:\Program Files\Analog Devices\Core\smax4pnp.exe
- ==================== FirewallRules (Whitelisted) ===============
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- DomainProfile\GloballyOpenPorts: [139:TCP] => Enabled:@xpsp2res.dll,-22004
- DomainProfile\GloballyOpenPorts: [445:TCP] => Enabled:@xpsp2res.dll,-22005
- DomainProfile\GloballyOpenPorts: [137:UDP] => Enabled:@xpsp2res.dll,-22001
- DomainProfile\GloballyOpenPorts: [138:UDP] => Enabled:@xpsp2res.dll,-22002
- DomainProfile\GloballyOpenPorts: [1900:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22007
- DomainProfile\GloballyOpenPorts: [2869:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22008
- DomainProfile\GloballyOpenPorts: [10243:TCP] => :LocalSubNet:Enabled:Windows Media Player Network Sharing Service
- DomainProfile\GloballyOpenPorts: [10280:UDP] => :LocalSubNet:Enabled:Windows Media Player Network Sharing Service
- DomainProfile\GloballyOpenPorts: [10281:UDP] => :LocalSubNet:Enabled:Windows Media Player Network Sharing Service
- DomainProfile\GloballyOpenPorts: [10282:UDP] => :LocalSubNet:Enabled:Windows Media Player Network Sharing Service
- DomainProfile\GloballyOpenPorts: [10283:UDP] => :LocalSubNet:Enabled:Windows Media Player Network Sharing Service
- DomainProfile\GloballyOpenPorts: [10284:UDP] => :LocalSubNet:Enabled:Windows Media Player Network Sharing Service
- StandardProfile\GloballyOpenPorts: [139:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22004
- StandardProfile\GloballyOpenPorts: [445:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22005
- StandardProfile\GloballyOpenPorts: [137:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22001
- StandardProfile\GloballyOpenPorts: [138:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22002
- StandardProfile\GloballyOpenPorts: [1900:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22007
- StandardProfile\GloballyOpenPorts: [2869:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22008
- StandardProfile\GloballyOpenPorts: [10243:TCP] => :LocalSubNet:Enabled:Windows Media Player Network Sharing Service
- StandardProfile\GloballyOpenPorts: [10280:UDP] => :LocalSubNet:Enabled:Windows Media Player Network Sharing Service
- StandardProfile\GloballyOpenPorts: [10281:UDP] => :LocalSubNet:Enabled:Windows Media Player Network Sharing Service
- StandardProfile\GloballyOpenPorts: [10282:UDP] => :LocalSubNet:Enabled:Windows Media Player Network Sharing Service
- StandardProfile\GloballyOpenPorts: [10283:UDP] => :LocalSubNet:Enabled:Windows Media Player Network Sharing Service
- StandardProfile\GloballyOpenPorts: [10284:UDP] => :LocalSubNet:Enabled:Windows Media Player Network Sharing Service
- ==================== Faulty Device Manager Devices =============
- Could not list Devices. Check "winmgmt" service or repair WMI.
- ==================== Event log errors: =========================
- Application errors:
- ==================
- Error: (12/06/2015 06:31:45 PM) (Source: WinMgmt) (EventID: 28) (User: )
- Description: WinMgmt could not initialize the core parts. This could be due to a badly installed version of WinMgmt, WinMgmt repository upgrade failure, insufficient disk space or insufficient memory.
- Error: (12/06/2015 05:44:39 PM) (Source: WinMgmt) (EventID: 28) (User: )
- Description: WinMgmt could not initialize the core parts. This could be due to a badly installed version of WinMgmt, WinMgmt repository upgrade failure, insufficient disk space or insufficient memory.
- Error: (12/06/2015 04:52:39 PM) (Source: Userenv) (EventID: 1090) (User: NT AUTHORITY)
- Description: Windows couldn't log the RSoP (Resultant Set of Policies) session status. An attempt to connect to WMI failed. No more RSoP logging will be done for this application of policy.
- Error: (12/06/2015 04:47:09 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
- Description: Application: DaS_21.exe
- Framework Version: v4.0.30319
- Description: The process was terminated due to an unhandled exception.
- Exception Info: System.Runtime.InteropServices.COMException
- Stack:
- at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32, IntPtr)
- at System.Management.ManagementScope.InitializeGuts(System.Object)
- at System.Management.ManagementScope.Initialize()
- at System.Management.ManagementObject.Initialize(Boolean)
- at System.Management.ManagementObject.Get()
- at DriverAndServicesOut.GetProcess.StartMode(System.String)
- at DriverAndServicesOut.GetProcess.GetAllServices(System.String)
- at DriverAndServicesOut.Program.Main(System.String[])
- Error: (12/06/2015 04:47:04 PM) (Source: .NET Runtime 4.0 Error Reporting) (EventID: 5000) (User: )
- Description: EventType clr20r3, P1 das_21.exe, P2 2.1.0.4, P3 540c90b2, P4 system.management, P5 4.0.0.0, P6 4ba1e140, P7 24e, P8 10f, P9 clr20r30, P10 clr20r31.
- Error: (12/06/2015 04:09:37 PM) (Source: Userenv) (EventID: 1090) (User: NT AUTHORITY)
- Description: Windows couldn't log the RSoP (Resultant Set of Policies) session status. An attempt to connect to WMI failed. No more RSoP logging will be done for this application of policy.
- Error: (12/06/2015 03:08:39 PM) (Source: Userenv) (EventID: 1090) (User: NT AUTHORITY)
- Description: Windows couldn't log the RSoP (Resultant Set of Policies) session status. An attempt to connect to WMI failed. No more RSoP logging will be done for this application of policy.
- Error: (12/06/2015 02:37:37 PM) (Source: Userenv) (EventID: 1090) (User: NT AUTHORITY)
- Description: Windows couldn't log the RSoP (Resultant Set of Policies) session status. An attempt to connect to WMI failed. No more RSoP logging will be done for this application of policy.
- Error: (12/06/2015 01:23:38 PM) (Source: Userenv) (EventID: 1090) (User: NT AUTHORITY)
- Description: Windows couldn't log the RSoP (Resultant Set of Policies) session status. An attempt to connect to WMI failed. No more RSoP logging will be done for this application of policy.
- Error: (12/06/2015 01:06:37 PM) (Source: Userenv) (EventID: 1090) (User: NT AUTHORITY)
- Description: Windows couldn't log the RSoP (Resultant Set of Policies) session status. An attempt to connect to WMI failed. No more RSoP logging will be done for this application of policy.
- System errors:
- =============
- Error: (12/06/2015 06:31:43 PM) (Source: WMPNetworkSvc) (EventID: 14344) (User: )
- Description: A new media server was not initialized because WMCreateDeviceRegistration() encountered error '0x80070057'. The Windows Media DRM components on your computer might be corrupted. Verify that protected files play correctly in Windows Media Player, and then restart the WMPNetworkSvc service.
- Error: (12/06/2015 06:31:39 PM) (Source: WMPNetworkSvc) (EventID: 14344) (User: )
- Description: A new media server was not initialized because WMCreateDeviceRegistration() encountered error '0x80070057'. The Windows Media DRM components on your computer might be corrupted. Verify that protected files play correctly in Windows Media Player, and then restart the WMPNetworkSvc service.
- Error: (12/06/2015 05:45:02 PM) (Source: WMPNetworkSvc) (EventID: 14344) (User: )
- Description: A new media server was not initialized because WMCreateDeviceRegistration() encountered error '0x80070057'. The Windows Media DRM components on your computer might be corrupted. Verify that protected files play correctly in Windows Media Player, and then restart the WMPNetworkSvc service.
- Error: (12/06/2015 05:44:55 PM) (Source: WMPNetworkSvc) (EventID: 14344) (User: )
- Description: A new media server was not initialized because WMCreateDeviceRegistration() encountered error '0x80070057'. The Windows Media DRM components on your computer might be corrupted. Verify that protected files play correctly in Windows Media Player, and then restart the WMPNetworkSvc service.
- Error: (12/06/2015 08:08:11 AM) (Source: WMPNetworkSvc) (EventID: 14344) (User: )
- Description: A new media server was not initialized because WMCreateDeviceRegistration() encountered error '0x80070057'. The Windows Media DRM components on your computer might be corrupted. Verify that protected files play correctly in Windows Media Player, and then restart the WMPNetworkSvc service.
- Error: (12/06/2015 08:08:08 AM) (Source: WMPNetworkSvc) (EventID: 14344) (User: )
- Description: A new media server was not initialized because WMCreateDeviceRegistration() encountered error '0x80070057'. The Windows Media DRM components on your computer might be corrupted. Verify that protected files play correctly in Windows Media Player, and then restart the WMPNetworkSvc service.
- Error: (12/06/2015 02:03:23 AM) (Source: WMPNetworkSvc) (EventID: 14344) (User: )
- Description: A new media server was not initialized because WMCreateDeviceRegistration() encountered error '0x80070057'. The Windows Media DRM components on your computer might be corrupted. Verify that protected files play correctly in Windows Media Player, and then restart the WMPNetworkSvc service.
- Error: (12/06/2015 02:03:21 AM) (Source: WMPNetworkSvc) (EventID: 14344) (User: )
- Description: A new media server was not initialized because WMCreateDeviceRegistration() encountered error '0x80070057'. The Windows Media DRM components on your computer might be corrupted. Verify that protected files play correctly in Windows Media Player, and then restart the WMPNetworkSvc service.
- Error: (12/06/2015 12:18:23 AM) (Source: WMPNetworkSvc) (EventID: 14344) (User: )
- Description: A new media server was not initialized because WMCreateDeviceRegistration() encountered error '0x80070057'. The Windows Media DRM components on your computer might be corrupted. Verify that protected files play correctly in Windows Media Player, and then restart the WMPNetworkSvc service.
- Error: (12/06/2015 12:18:22 AM) (Source: WMPNetworkSvc) (EventID: 14344) (User: )
- Description: A new media server was not initialized because WMCreateDeviceRegistration() encountered error '0x80070057'. The Windows Media DRM components on your computer might be corrupted. Verify that protected files play correctly in Windows Media Player, and then restart the WMPNetworkSvc service.
- ==================== Memory info ===========================
- Processor: Intel(R) Core(TM)2 CPU 6300 @ 1.86GHz
- Percentage of memory in use: 61%
- Total physical RAM: 2037.54 MB
- Available physical RAM: 779.88 MB
- Total Virtual: 4948.06 MB
- Available Virtual: 3719.39 MB
- ==================== Drives ================================
- Drive c: () (Fixed) (Total:74.53 GB) (Free:7.07 GB) NTFS
- ==================== MBR & Partition Table ==================
- ========================================================
- Disk: 0 (MBR Code: Windows XP) (Size: 74.5 GB) (Disk ID: 17053C7F)
- Partition 1: (Active) - (Size=74.5 GB) - (Type=07 NTFS)
- ==================== End of Addition.txt ============================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement