API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Dec 6th, 2015
202
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 69.06 KB | None | 0 0
raw download clone embed print report
  1. Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:05-12-2015
  2. Ran by Owner (administrator) on ALICEA (06-12-2015 19:33:35)
  3. Running from C:\Documents and Settings\Owner\My Documents\Downloads
  4. Loaded Profiles: Owner (Available Profiles: Owner & kids & Administrator)
  5. Platform: Microsoft Windows XP Service Pack 3 (X86) Language: English (United States)
  6. Internet Explorer Version 8 (Default browser: Chrome)
  7. Boot Mode: Normal
  8. Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
  9.  
  10. ==================== Processes (Whitelisted) =================
  11.  
  12. (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
  13.  
  14. (Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
  15. ( ) C:\WINDOWS\system32\lxdncoms.exe
  16. (Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
  17. (Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
  18. (Symantec Corporation) C:\Program Files\Norton Security Suite\Engine\5.2.2.3\ccsvchst.exe
  19. () C:\WINDOWS\system32\SecUPDUtilSvc.exe
  20. (Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
  21. (Symantec Corporation) C:\Program Files\Norton Security Suite\Engine\5.2.2.3\ccsvchst.exe
  22. (BitTorrent Inc.) C:\Documents and Settings\kids\Application Data\BitTorrent\BitTorrent.exe
  23. (BitTorrent Inc.) C:\Documents and Settings\kids\Application Data\BitTorrent\updates\7.9.5_41373\utorrentie.exe
  24. (BitTorrent Inc.) C:\Documents and Settings\kids\Application Data\BitTorrent\updates\7.9.5_41373\utorrentie.exe
  25. (Razer USA Ltd) C:\Program Files\Razer\Razer Game Booster\gbtray.exe
  26. (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
  27. (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
  28. (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
  29. (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
  30.  
  31.  
  32. ==================== Registry (Whitelisted) ===========================
  33.  
  34. (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
  35.  
  36. HKLM\...\Run: [GB_UPDATE] => C:\Program Files\Razer\Razer Game Booster\AutoUpdate.exe [2051688 2013-06-05] ()
  37. HKLM\...\InprocServer32: [Default-wbemess] ATTENTION! ====> ZeroAccess?
  38. HKU\S-1-5-21-1614895754-1637723038-1417001333-1003\...\Run: [BitTorrent] => C:\Documents and Settings\kids\Application Data\BitTorrent\BitTorrent.exe [1873952 2015-12-01] (BitTorrent Inc.)
  39. HKU\S-1-5-18\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "C:\WINDOWS\system32\config\systemprofile\Application Data\SearchProtect"
  40. ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)
  41. ShellIconOverlayIdentifiers: [OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security Suite\Engine\5.2.2.3\buShell.dll [2011-03-25] (Symantec Corporation)
  42. ShellIconOverlayIdentifiers: [OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security Suite\Engine\5.2.2.3\buShell.dll [2011-03-25] (Symantec Corporation)
  43. ShellIconOverlayIdentifiers: [OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security Suite\Engine\5.2.2.3\buShell.dll [2011-03-25] (Symantec Corporation)
  44.  
  45. ==================== Internet (Whitelisted) ====================
  46.  
  47. (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
  48.  
  49. Winsock: Catalog5 01 mswsock.dll No File ATTENTION: LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
  50. Winsock: Catalog5 03 mswsock.dll No File ATTENTION: LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
  51. Winsock: Catalog9 04 mswsock.dll No File
  52. Winsock: Catalog9 05 mswsock.dll No File
  53. Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
  54. Tcpip\..\Interfaces\{909834B8-AB4C-4199-A9E7-88696B2D73DE}: [DhcpNameServer] 75.75.75.75 75.75.76.76
  55.  
  56. Internet Explorer:
  57. ==================
  58. HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
  59. HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
  60. HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://securityresponse.symantec.com/avcenter/fix_homepage/
  61. HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://securityresponse.symantec.com/avcenter/fix_homepage/
  62. HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://securityresponse.symantec.com/avcenter/fix_homepage/
  63. HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= ATTENTION
  64. SearchScopes: HKLM -> DefaultScope {CB98272D-E0E5-4084-B78F-744BD26A3606} URL =
  65. SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
  66. SearchScopes: HKU\.DEFAULT -> {85E949C7-3CFA-4631-83B9-CD74E5577E7C} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=OVO2&o=2159&src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=^A2E&apn_dtid=^YYYYYY^U7^US&apn_uid=92728dce-8ff0-461a-bfc2-898046dfb7a7&apn_sauid=32D0C337-6090-4216-90A9-BC59B47B55BB
  67. SearchScopes: HKU\S-1-5-21-1614895754-1637723038-1417001333-1003 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
  68. SearchScopes: HKU\S-1-5-21-1614895754-1637723038-1417001333-1003 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  69. SearchScopes: HKU\S-1-5-21-1614895754-1637723038-1417001333-1003 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
  70. BHO: Lexmark Toolbar -> {1017A80C-6F09-4548-A84D-EDD6AC9525F0} -> C:\Program Files\Lexmark Toolbar\toolband.dll [2008-05-09] ()
  71. BHO: Symantec NCO BHO -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security Suite\Engine\5.2.2.3\coIEPlg.dll [2012-06-07] (Symantec Corporation)
  72. BHO: Symantec Intrusion Prevention -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files\Norton Security Suite\Engine\5.2.2.3\IPS\IPSBHO.DLL [2011-03-30] (Symantec Corporation)
  73. BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-02-21] (Oracle Corporation)
  74. BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-21] (Oracle Corporation)
  75. Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security Suite\Engine\5.2.2.3\coIEPlg.dll [2012-06-07] (Symantec Corporation)
  76. Toolbar: HKLM - Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll [2008-05-09] ()
  77. Toolbar: HKU\.DEFAULT -> Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll No File
  78. Toolbar: HKU\S-1-5-21-1614895754-1637723038-1417001333-1003 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security Suite\Engine\5.2.2.3\coIEPlg.dll [2012-06-07] (Symantec Corporation)
  79. Toolbar: HKU\S-1-5-21-1614895754-1637723038-1417001333-1003 -> Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll [2008-05-09] ()
  80. Toolbar: HKU\S-1-5-21-1614895754-1637723038-1417001333-1003 -> No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
  81. DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
  82.  
  83. FireFox:
  84. ========
  85. FF ProfilePath: C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ff4g6axp.default
  86. FF SearchEngineOrder.1: SafeSearch
  87. FF SelectedSearchEngine: SafeSearch
  88. FF Homepage: google.co
  89. FF Keyword.URL: hxxp://www.safesear.ch/web/?type=ss-ff-kw&q=
  90. FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-10] ()
  91. FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1220162.dll [2015-08-31] (Adobe Systems, Inc.)
  92. FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-21] (Oracle Corporation)
  93. FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-21] (Oracle Corporation)
  94. FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
  95. FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
  96. FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
  97. FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
  98. FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
  99. FF Plugin HKU\S-1-5-21-1614895754-1637723038-1417001333-1003: @unity3d.com/UnityPlayer,version=1.0 -> C:\Documents and Settings\Owner\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll [No File]
  100. FF Extension: Performance Cache - C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ff4g6axp.default\extensions\weqbtsfqhw@weqbtsfqhw.org.xpi [2012-07-31] [not signed]
  101. FF Extension: PageTweak - C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ff4g6axp.default\Extensions\{15312e9a-4905-48da-aae4-15b24bdc2a24}.xpi [2015-11-16]
  102. FF Extension: XFINITY Toolbar - C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ff4g6axp.default\Extensions\{4b9bcce8-a70b-402a-a7e1-db96831ee26f} [2015-09-19] [not signed]
  103. FF Extension: Shop to Win 36 - C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ff4g6axp.default\Extensions\{806215f3-1fe9-5c04-f5dd-1617f7bae315} [2013-03-18] [not signed]
  104. FF Extension: Shop to Win 36 - C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ff4g6axp.default\Extensions\{806215f3-1fe9-5c04-f5dd-1617f7bae315}.xpi [2013-03-18] [not signed]
  105. FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2015-11-08] [not signed]
  106. FF HKLM\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\coFFPlgn_2011_7_13_2
  107. FF Extension: Norton Toolbar - C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\coFFPlgn_2011_7_13_2 [2015-12-06] [not signed]
  108. FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
  109. FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-03-06] [not signed]
  110.  
  111. Chrome:
  112. =======
  113. CHR Profile: C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default
  114. CHR Extension: (Webchemy) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ahpaegbhedafhepkepfemfbnjkgbedgp [2015-11-22]
  115. CHR Extension: (Clicking Speed Test) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ainfcnbaendflhcngeajchpabooflble [2015-11-22]
  116. CHR Extension: (Paintbrush) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\benliocpgpijioclmdjjjjgmimgeodad [2015-11-22]
  117. CHR Extension: (Pulsate) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bjilkkfelgjefpjbjfnfdhmmoglpbhli [2015-11-22]
  118. CHR Extension: (Stencil Graffiti Creator II) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bmonioidcehhlkeaflhfhmjeinhlgdmp [2015-11-22]
  119. CHR Extension: (PokeDream Pokedex Pokemon Search) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dhlghlhbjpgnhdkafnfblngcgldkaagn [2015-11-22]
  120. CHR Extension: (Denki Word Quest) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dibnbdoaalhdbddheelckdbghjhgkahn [2015-11-22]
  121. CHR Extension: (Give Up) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\diippoclinjdbklinhchgedilfncehbi [2015-11-22]
  122. CHR Extension: (Sketch Toy) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ednofnkligfbacmlfggaccfhpkfopojb [2015-11-22]
  123. CHR Extension: (Polycraft) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\eopfmbpfhhfnklgmjpoehcjaajhpbhbl [2015-11-22]
  124. CHR Extension: (Relax Inside) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gpigmdgejeepcfnpchfophhkecblanic [2015-11-22]
  125. CHR Extension: (Read Free Manga Online) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hdegamdckbocolhhkaofdpfadahamcnj [2015-11-22]
  126. CHR Extension: (ButtonBass Dubstep Balls) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\icmjadonkmcblbkocpaaefjbceiijfdg [2015-11-22]
  127. CHR Extension: (90`s Games) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\illbbfoihflomkbpcaaakhijinbnejom [2015-11-22]
  128. CHR Extension: (Papa's Anthology) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jdbdlnjdjegklpfoffcpjmepcacdknpd [2015-11-22]
  129. CHR Extension: (ButtonBass Player Piano) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lkmkonkgohgomnnkaclbiammkcjenfdi [2015-11-22]
  130. CHR Extension: (Relaxing PacMan) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lmgkcbpcpncgblalmiafacphddepkghj [2015-11-22]
  131. CHR Extension: (Browser Pets) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mhgallfjacflgalnbpcpmnfibodgbdkc [2015-11-22]
  132. CHR Extension: (ButtonBeats Guitar) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mkcpeekapbmklcidenkpbjcpcicmjmnf [2015-11-22]
  133. CHR Extension: (Listube - Free Online On-Demand Music Player) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mlelfeaeehmpkbcfjmjcbilahepgcjgk [2015-12-05]
  134. CHR Extension: (deviantART muro) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\namljbfbglehfnlonjmebceimaalofei [2015-11-22]
  135. CHR Extension: (InspirARTion - Sketch & Draw!) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nhbmpilemgmpbdaniehhmodkkppkelec [2015-11-22]
  136. CHR Extension: (Wikipedia Instant) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nlnikhpimclelcopmneehjglfppbnojd [2015-11-22]
  137. CHR Extension: (Chrome Web Store Payments) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-16]
  138. CHR Extension: (TypingClub) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\obdbgibnhfcjmmpfijkpcihjieedpfah [2015-11-22]
  139. CHR Extension: (Wallpaper Customizer) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pggbacoeeiigddnlocgkgigllpiennmd [2015-11-28]
  140. CHR Extension: (Pandemic 2) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\piamnadekmbodeiimejmegflchadggmh [2015-11-22]
  141. CHR Profile: C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Profile 1
  142. CHR Extension: (Google Slides) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-26]
  143. CHR Extension: (Google Drive) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-24]
  144. CHR Extension: (YouTube) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
  145. CHR Extension: (Google Search) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
  146. CHR Extension: (Despicable Me Minions Partying) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\eddehnkimbchcgmbpbpmfiomedigjjki [2015-08-08]
  147. CHR Extension: (Norton Home Page for Chrome) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\ejbdobdndcjhdmljipngpeoekdinlohe [2015-06-26]
  148. CHR Extension: (Google Sheets) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-26]
  149. CHR Extension: (Google Docs Offline) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-19]
  150. CHR Extension: (XFINITY® One Click) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\gpneloifkenkdnebjkadkmnfekfpggdi [2015-09-19]
  151. CHR Extension: (Norton Identity Safe) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-06-26]
  152. CHR Extension: (Norton Safe) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\nmgcfemagnogdodbambjhdcmfcpicngl [2015-06-26]
  153. CHR Extension: (Chrome Web Store Payments) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-28]
  154. CHR Extension: (Gmail) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-26]
  155.  
  156. ==================== Services (Whitelisted) ========================
  157.  
  158. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  159.  
  160. S2 lxdnCATSCustConnectService; C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdnserv.exe [94208 2009-04-28] (Lexmark International, Inc.)
  161. R2 lxdn_device; C:\WINDOWS\system32\lxdncoms.exe [589824 2007-11-28] ( )
  162. R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
  163. R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
  164. R2 N360; C:\Program Files\Norton Security Suite\Engine\5.2.2.3\ccSvcHst.exe [130008 2011-04-16] (Symantec Corporation)
  165. R2 SamsungUPDUtilSvc; C:\WINDOWS\system32\SecUPDUtilSvc.exe [118576 2014-11-26] ()
  166. S4 AntiSpywareService; C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe [X]
  167.  
  168. ===================== Drivers (Whitelisted) ==========================
  169.  
  170. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  171.  
  172. R1 BHDrvx86; C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20151113.001\BHDrvx86.sys [1193032 2015-10-08] (Symantec Corporation)
  173. S3 CCDECODE; C:\windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
  174. R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [389968 2015-11-18] (Symantec Corporation)
  175. R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [125264 2015-11-18] (Symantec Corporation)
  176. R3 IDSxpx86; C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20151204.001\IDSxpx86.sys [548536 2015-10-16] (Symantec Corporation)
  177. S3 JL2005C; C:\windows\System32\Drivers\jl2005c.sys [69098 2009-05-25] (Windows (R) 2000 DDK provider) [File not signed]
  178. R3 KMWDFILTER; C:\windows\System32\DRIVERS\KMWDFILTER.sys [17408 2008-10-09] (Windows (R) Codename Longhorn DDK provider)
  179. R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes)
  180. R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [170200 2015-12-06] (Malwarebytes)
  181. R3 NAVENG; C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20151206.002\NAVENG.SYS [104440 2015-10-27] (Symantec Corporation)
  182. R3 NAVEX15; C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20151206.002\NAVEX15.SYS [1647216 2015-10-27] (Symantec Corporation)
  183. S3 NdisIP; C:\windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
  184. R0 sptd; C:\windows\System32\Drivers\sptd.sys [691696 2015-11-16] () [File not signed]
  185. R3 SRTSP; C:\windows\System32\Drivers\N360\0502020.003\SRTSP.SYS [516216 2011-03-30] (Symantec Corporation)
  186. R1 SRTSPX; C:\windows\system32\drivers\N360\0502020.003\SRTSPX.SYS [50168 2011-03-30] (Symantec Corporation)
  187. R0 SymDS; C:\windows\System32\drivers\N360\0502020.003\SYMDS.SYS [340088 2011-01-27] (Symantec Corporation)
  188. R0 SymEFA; C:\windows\System32\drivers\N360\0502020.003\SYMEFA.SYS [744568 2011-03-14] (Symantec Corporation)
  189. R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT.SYS [126584 2012-03-05] (Symantec Corporation)
  190. R1 SymIRON; C:\windows\system32\drivers\N360\0502020.003\Ironx86.SYS [136312 2010-11-15] (Symantec Corporation)
  191. R1 SYMTDI; C:\windows\System32\Drivers\N360\0502020.003\SYMTDI.SYS [369784 2011-04-20] (Symantec Corporation)
  192. U3 a018wcl9; C:\windows\system32\Drivers\a018wcl9.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
  193. S3 CA561; System32\Drivers\SPCA561.SYS [X]
  194. S4 IntelIde; no ImagePath
  195. S3 USBAAPL; System32\Drivers\usbaapl.sys [X]
  196. U1 WS2IFSL; no ImagePath
  197.  
  198. ==================== NetSvcs (Whitelisted) ===================
  199.  
  200. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  201.  
  202.  
  203. ==================== One Month Created files and folders ========
  204.  
  205. (If an entry is included in the fixlist, the file/folder will be moved.)
  206.  
  207. 2015-12-06 19:33 - 2015-12-06 19:33 - 00000000 ____D C:\FRST
  208. 2015-12-06 18:25 - 2015-12-06 18:25 - 00000000 ____D C:\Documents and Settings\Owner\My Documents\Razer
  209. 2015-12-06 18:23 - 2015-12-06 18:23 - 00000000 ____D C:\Documents and Settings\Owner\Local Settings\Application Data\Razer
  210. 2015-12-06 18:22 - 2015-12-06 18:22 - 00000851 _____ C:\Documents and Settings\All Users\Desktop\Razer Game Booster.lnk
  211. 2015-12-06 18:22 - 2015-12-06 18:22 - 00000000 ____D C:\Program Files\Razer
  212. 2015-12-06 18:22 - 2015-12-06 18:22 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Razer
  213. 2015-12-06 18:22 - 2015-12-06 18:22 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Razer
  214. 2015-12-06 18:22 - 2013-01-30 17:47 - 02106216 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_43.dll
  215. 2015-12-06 18:22 - 2013-01-30 17:47 - 01998168 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_43.dll
  216. 2015-12-06 18:22 - 2013-01-30 17:47 - 00470880 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_43.dll
  217. 2015-12-06 18:22 - 2013-01-30 17:47 - 00248672 _____ (Microsoft Corporation) C:\windows\system32\d3dx11_43.dll
  218. 2015-12-06 17:40 - 2015-12-06 19:35 - 00000000 ____D C:\Documents and Settings\Owner\Local Settings\Temp
  219. 2015-12-06 17:40 - 2015-12-06 18:31 - 00000000 ____D C:\Documents and Settings\NetworkService\Local Settings\Temp
  220. 2015-12-06 17:40 - 2015-12-06 17:40 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\Temp
  221. 2015-12-06 17:40 - 2015-12-06 17:40 - 00000000 ____D C:\Documents and Settings\Default User\Local Settings\Temp
  222. 2015-12-06 17:40 - 2015-12-06 17:40 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Temp
  223. 2015-12-06 17:40 - 2015-12-06 16:34 - 00024064 _____ C:\windows\zoek-delete.exe
  224. 2015-12-06 17:05 - 2015-12-06 17:40 - 00000000 ____D C:\zoek
  225. 2015-12-06 16:33 - 2015-12-06 17:27 - 00000000 ____D C:\zoek_backup
  226. 2015-12-06 00:36 - 2015-12-06 18:34 - 00170200 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
  227. 2015-12-06 00:34 - 2015-12-06 02:17 - 00000777 _____ C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
  228. 2015-12-06 00:34 - 2015-12-06 00:34 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
  229. 2015-12-06 00:34 - 2015-12-06 00:34 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
  230. 2015-12-06 00:34 - 2015-12-06 00:34 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Malwarebytes
  231. 2015-12-06 00:34 - 2015-10-05 09:50 - 00121560 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamchameleon.sys
  232. 2015-12-06 00:34 - 2015-10-05 09:50 - 00023256 _____ (Malwarebytes) C:\windows\system32\Drivers\mbam.sys
  233. 2015-12-05 22:23 - 2015-12-05 22:23 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Application Data\Google
  234. 2015-12-05 22:12 - 2015-12-06 02:17 - 00001813 _____ C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
  235. 2015-12-05 22:12 - 2015-12-05 22:12 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Google Chrome
  236. 2015-12-05 22:08 - 2015-12-06 19:21 - 00000886 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
  237. 2015-12-05 22:08 - 2015-12-06 18:30 - 00000882 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
  238. 2015-11-29 09:22 - 2015-11-29 09:21 - 00102400 _____ C:\windows\Minidump\Mini112915-02.dmp
  239. 2015-11-29 08:57 - 2015-11-29 08:57 - 00102400 _____ C:\windows\Minidump\Mini112915-01.dmp
  240. 2015-11-21 14:33 - 2015-11-21 14:33 - 00102400 _____ C:\windows\Minidump\Mini112115-01.dmp
  241. 2015-11-20 19:55 - 2015-11-20 19:55 - 00000000 ____D C:\Documents and Settings\Owner\.dvdcss
  242. 2015-11-20 19:52 - 2015-11-20 19:52 - 00000000 ____D C:\.cache
  243. 2015-11-20 19:51 - 2015-12-06 02:17 - 00000719 _____ C:\Documents and Settings\All Users\Desktop\PS3 Media Server.lnk
  244. 2015-11-20 19:51 - 2015-11-20 19:51 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\PS3 Media Server
  245. 2015-11-20 19:48 - 2015-11-20 19:51 - 00000000 ____D C:\Program Files\PS3 Media Server
  246. 2015-11-20 19:23 - 2015-11-20 19:38 - 734191616 ____R C:\Documents and Settings\kids\Desktop\[ www.UsaBit.com ] - Smiley 2012 DVDRip XviD-VoMiT.avi
  247. 2015-11-20 18:17 - 2015-11-20 18:17 - 00102400 _____ C:\windows\Minidump\Mini112015-01.dmp
  248. 2015-11-19 09:57 - 2015-11-19 09:57 - 00102400 _____ C:\windows\Minidump\Mini111915-01.dmp
  249. 2015-11-17 14:11 - 2015-12-05 21:51 - 00411516 ____C C:\windows\ntbtlog.txt
  250. 2015-11-17 13:59 - 2015-12-06 01:51 - 00000803 _____ C:\Documents and Settings\Owner\Start Menu\Programs\Internet Explorer (2).lnk
  251. 2015-11-17 02:24 - 2015-11-17 14:58 - 00000000 ____D C:\windows\pss
  252. 2015-11-16 20:31 - 2015-11-16 20:37 - 00000000 ____D C:\Documents and Settings\Owner\My Documents\My Games
  253. 2015-11-16 20:31 - 2015-11-16 20:31 - 00000000 ____D C:\Documents and Settings\Owner\Local Settings\Application Data\Fallout3
  254. 2015-11-16 19:29 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_1.dll
  255. 2015-11-16 19:29 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_1.dll
  256. 2015-11-16 19:29 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\windows\system32\XAPOFX1_0.dll
  257. 2015-11-16 19:29 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\windows\system32\X3DAudio1_4.dll
  258. 2015-11-16 19:29 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_38.dll
  259. 2015-11-16 19:29 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_38.dll
  260. 2015-11-16 19:29 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_38.dll
  261. 2015-11-16 19:29 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_0.dll
  262. 2015-11-16 19:29 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_0.dll
  263. 2015-11-16 19:29 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\windows\system32\X3DAudio1_3.dll
  264. 2015-11-16 19:29 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_37.dll
  265. 2015-11-16 19:29 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_37.dll
  266. 2015-11-16 19:29 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_37.dll
  267. 2015-11-16 19:29 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_10.dll
  268. 2015-11-16 19:29 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\windows\system32\X3DAudio1_2.dll
  269. 2015-11-16 19:29 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_36.dll
  270. 2015-11-16 19:29 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_36.dll
  271. 2015-11-16 19:29 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_36.dll
  272. 2015-11-16 19:29 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_9.dll
  273. 2015-11-16 19:29 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_35.dll
  274. 2015-11-16 19:29 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_35.dll
  275. 2015-11-16 19:29 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_35.dll
  276. 2015-11-16 19:29 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_8.dll
  277. 2015-11-16 19:29 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_34.dll
  278. 2015-11-16 19:29 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_34.dll
  279. 2015-11-16 19:29 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_34.dll
  280. 2015-11-16 19:29 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_7.dll
  281. 2015-11-16 19:29 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\windows\system32\x3daudio1_1.dll
  282. 2015-11-16 19:29 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_6.dll
  283. 2015-11-16 19:29 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_5.dll
  284. 2015-11-16 19:29 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_32.dll
  285. 2015-11-16 19:29 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_31.dll
  286. 2015-11-16 19:29 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_4.dll
  287. 2015-11-16 19:29 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_3.dll
  288. 2015-11-16 19:29 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\windows\system32\xinput1_2.dll
  289. 2015-11-16 19:29 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_2.dll
  290. 2015-11-16 19:29 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_1.dll
  291. 2015-11-16 19:29 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\windows\system32\xinput1_1.dll
  292. 2015-11-16 19:28 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_30.dll
  293. 2015-11-16 19:28 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_29.dll
  294. 2015-11-16 19:28 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_0.dll
  295. 2015-11-16 19:28 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\windows\system32\x3daudio1_0.dll
  296. 2015-11-16 19:28 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_28.dll
  297. 2015-11-16 19:28 - 2005-12-05 18:07 - 00061136 _____ (Microsoft Corporation) C:\windows\system32\xinput9_1_0.dll
  298. 2015-11-16 19:28 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_27.dll
  299. 2015-11-16 19:28 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_26.dll
  300. 2015-11-16 19:28 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_25.dll
  301. 2015-11-16 19:28 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_24.dll
  302. 2015-11-16 19:26 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\windows\system32\xinput1_3.dll
  303. 2015-11-16 19:25 - 2015-11-16 19:25 - 00000000 ____D C:\windows\system32\xlive
  304. 2015-11-16 19:25 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_33.dll
  305. 2015-11-16 19:25 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_33.dll
  306. 2015-11-16 19:25 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_33.dll
  307. 2015-11-16 19:10 - 2015-12-06 02:17 - 00001613 _____ C:\Documents and Settings\All Users\Desktop\DAEMON Tools Lite.lnk
  308. 2015-11-16 19:10 - 2015-11-16 19:10 - 00691696 _____ C:\windows\system32\Drivers\sptd.sys
  309. 2015-11-16 19:10 - 2015-11-16 19:10 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\DAEMON Tools Lite
  310. 2015-11-16 19:09 - 2015-11-16 19:22 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\DAEMON Tools Lite
  311. 2015-11-16 19:09 - 2015-11-16 19:11 - 00000000 ____D C:\Program Files\DAEMON Tools Lite
  312. 2015-11-16 19:09 - 2015-11-16 19:09 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
  313. 2015-11-16 18:22 - 2015-11-16 18:57 - 1635123200 _____ C:\Documents and Settings\kids\Desktop\Fallout 3.iso
  314. 2015-11-16 15:49 - 2015-12-06 18:33 - 00000008 __RSH C:\Documents and Settings\All Users\ntuser.pol
  315. 2015-11-12 15:58 - 2015-11-12 15:58 - 00094208 _____ C:\windows\Minidump\Mini111215-01.dmp
  316. 2015-11-11 08:04 - 2015-11-11 08:09 - 00000000 ____D C:\e035fa04fbeb21d02d
  317. 2015-11-08 14:51 - 2015-11-08 14:51 - 00000000 ____D C:\Documents and Settings\kids\Application Data\java
  318. 2015-11-08 14:50 - 2015-12-06 10:51 - 00000000 ____D C:\Documents and Settings\kids\Application Data\.minecraft
  319. 2015-11-08 14:50 - 2015-11-08 14:50 - 00002144 _____ C:\Documents and Settings\kids\Desktop\Minecraft.lnk
  320. 2015-11-08 14:50 - 2015-11-08 14:50 - 00000000 ____D C:\Documents and Settings\kids\Start Menu\Programs\Minecraft
  321. 2015-11-08 14:42 - 2015-11-08 14:42 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\java
  322. 2015-11-08 14:41 - 2015-12-06 02:17 - 00002151 _____ C:\Documents and Settings\Owner\Desktop\Minecraft.lnk
  323. 2015-11-08 14:41 - 2015-11-08 14:41 - 00000000 ____D C:\Documents and Settings\Owner\Start Menu\Programs\Minecraft
  324. 2015-11-08 14:40 - 2015-12-06 15:35 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\.minecraft
  325. 2015-11-08 14:38 - 2015-12-05 20:21 - 00000000 ____D C:\Documents and Settings\kids\Desktop\Minecraft 1.7.2 by TeamExtremeMc.com
  326. 2015-11-08 14:26 - 2015-12-05 21:52 - 00000000 ____D C:\Program Files\Mozilla Firefox
  327. 2015-11-07 21:22 - 2015-11-07 14:47 - 00065536 ____H C:\windows\Minidump\Mini110715-02.dmp
  328. 2015-11-07 14:48 - 2015-11-07 14:48 - 00094208 _____ C:\windows\Minidump\Mini110715-01.dmp
  329.  
  330. ==================== One Month Modified files and folders ========
  331.  
  332. (If an entry is included in the fixlist, the file/folder will be moved.)
  333.  
  334. 2015-12-06 19:35 - 2015-09-26 16:04 - 00000000 ____D C:\Documents and Settings\kids\Application Data\BitTorrent
  335. 2015-12-06 19:35 - 2013-06-03 18:40 - 00000294 _____ C:\windows\Tasks\Browser Manager.job
  336. 2015-12-06 19:33 - 2011-09-03 09:06 - 00000000 ____D C:\WINDOWS
  337. 2015-12-06 18:53 - 2012-08-15 13:18 - 00000830 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
  338. 2015-12-06 18:42 - 2011-09-03 13:28 - 00032594 _____ C:\windows\SchedLgU.Txt
  339. 2015-12-06 18:33 - 2011-09-03 09:11 - 00000000 ____D C:\Documents and Settings\All Users
  340. 2015-12-06 18:33 - 2008-04-14 07:00 - 00002278 _____ C:\windows\system32\wpa.dbl
  341. 2015-12-06 18:30 - 2014-04-02 06:57 - 00000222 _____ C:\windows\Tasks\Microsoft Windows XP End of Service Notification Logon.job
  342. 2015-12-06 18:29 - 2011-09-03 13:28 - 00000006 ____H C:\windows\Tasks\SA.DAT
  343. 2015-12-06 18:27 - 2013-10-13 06:35 - 00071888 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
  344. 2015-12-06 18:27 - 2011-09-03 13:29 - 00000178 ___SH C:\Documents and Settings\Owner\ntuser.ini
  345. 2015-12-06 18:25 - 2011-09-03 13:29 - 00000000 ___RD C:\Documents and Settings\Owner\My Documents
  346. 2015-12-06 18:17 - 2011-09-03 09:12 - 00676172 ____C C:\windows\system32\PerfStringBackup.INI
  347. 2015-12-06 17:43 - 2012-07-24 10:21 - 00000000 ____D C:\Documents and Settings\kids\Local Settings\Temp
  348. 2015-12-06 17:40 - 2012-07-24 10:21 - 00000178 ___SH C:\Documents and Settings\kids\ntuser.ini
  349. 2015-12-06 17:19 - 2012-07-22 18:32 - 00000000 ___HD C:\windows\system32\GroupPolicy
  350. 2015-12-06 16:37 - 2012-07-22 18:20 - 00000178 __SHC C:\Documents and Settings\Administrator\ntuser.ini
  351. 2015-12-06 16:33 - 2015-10-03 01:49 - 01448141 _____ C:\Documents and Settings\Owner\Desktop\zoek.com
  352. 2015-12-06 16:33 - 2003-01-24 00:11 - 01309184 _____ C:\Documents and Settings\Owner\Desktop\zoek.exe
  353. 2015-12-06 14:10 - 2012-07-24 10:23 - 00000420 ____H C:\windows\Tasks\User_Feed_Synchronization-{A837C2B8-86B9-41AF-A27C-3E6F30A4395F}.job
  354. 2015-12-06 02:17 - 2015-08-30 09:47 - 00002137 _____ C:\Documents and Settings\Owner\Desktop\Google Drive.lnk
  355. 2015-12-06 02:17 - 2015-08-30 09:47 - 00002069 _____ C:\Documents and Settings\Owner\Desktop\Google Slides.lnk
  356. 2015-12-06 02:17 - 2015-08-30 09:46 - 00002069 _____ C:\Documents and Settings\Owner\Desktop\Gmail.lnk
  357. 2015-12-06 02:17 - 2015-08-30 09:46 - 00002065 _____ C:\Documents and Settings\Owner\Desktop\Google Sheets.lnk
  358. 2015-12-06 02:17 - 2015-07-03 08:07 - 00001874 _____ C:\Documents and Settings\All Users\Desktop\Samsung Printer Diagnostics.lnk
  359. 2015-12-06 02:17 - 2014-11-23 18:03 - 00001813 _____ C:\Documents and Settings\Owner\Desktop\Chrome App Launcher.lnk
  360. 2015-12-06 02:17 - 2013-10-12 10:15 - 00002347 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk
  361. 2015-12-06 02:17 - 2012-07-27 12:49 - 00001761 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Windows Search.lnk
  362. 2015-12-06 02:17 - 2011-09-03 13:22 - 00000786 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Windows Movie Maker.lnk
  363. 2015-12-06 02:00 - 2012-03-05 15:13 - 00000000 ____D C:\windows\SxsCaPendDel
  364. 2015-12-06 01:51 - 2011-09-03 13:29 - 00001579 _____ C:\Documents and Settings\Owner\Start Menu\Programs\Remote Assistance.lnk
  365. 2015-12-06 01:51 - 2011-09-03 13:29 - 00000803 _____ C:\Documents and Settings\Owner\Start Menu\Programs\Internet Explorer.lnk
  366. 2015-12-06 01:51 - 2011-09-03 13:29 - 00000764 _____ C:\Documents and Settings\Owner\Start Menu\Programs\Windows Media Player.lnk
  367. 2015-12-06 00:13 - 2011-09-03 13:29 - 00000000 ____D C:\Documents and Settings\Owner
  368. 2015-12-05 22:48 - 2015-02-08 11:17 - 00000000 ____D C:\Documents and Settings\kids\Start Menu\Programs\Chrome Apps
  369. 2015-12-05 22:24 - 2014-11-23 18:03 - 00000000 ____D C:\Documents and Settings\Owner\Start Menu\Programs\Chrome Apps
  370. 2015-12-05 22:14 - 2011-09-03 09:06 - 00000000 RSHDC C:\windows\system32\dllcache
  371. 2015-12-05 22:10 - 2013-09-06 14:55 - 00000000 ____D C:\Program Files\Google
  372. 2015-12-05 21:49 - 2012-07-22 18:27 - 00000000 __SHD C:\windows\CSC
  373. 2015-12-05 20:12 - 2012-07-24 10:21 - 00000000 ___RD C:\Documents and Settings\kids\My Documents
  374. 2015-12-02 13:35 - 2012-07-24 10:21 - 00000000 ____D C:\Documents and Settings\kids
  375. 2015-11-29 09:22 - 2013-04-18 13:56 - 00000000 ____D C:\windows\Minidump
  376. 2015-11-23 15:40 - 2011-09-03 13:21 - 00000000 ____D C:\windows\system32\Macromed
  377. 2015-11-20 19:53 - 2015-09-26 16:29 - 00000000 ____D C:\Documents and Settings\All Users\PMS
  378. 2015-11-17 14:58 - 2008-04-14 07:00 - 00000883 _____ C:\windows\win.ini
  379. 2015-11-17 14:58 - 2008-04-14 07:00 - 00000227 _____ C:\windows\system.ini
  380. 2015-11-17 14:44 - 2011-09-03 09:12 - 00001943 _____ C:\windows\imsins.BAK
  381. 2015-11-17 14:32 - 2012-07-22 18:47 - 00000000 ____D C:\Documents and Settings\Owner\Local Settings\Application Data\NPE
  382. 2015-11-17 14:01 - 2012-03-05 13:43 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\CallingID
  383. 2015-11-17 02:45 - 2011-09-03 09:06 - 00000000 ____D C:\windows\Help
  384. 2015-11-17 02:36 - 2012-08-18 07:06 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
  385. 2015-11-17 02:36 - 2012-06-20 19:44 - 00000000 ____D C:\windows\system32\appmgmt
  386. 2015-11-16 20:38 - 2011-09-03 13:34 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
  387. 2015-11-16 19:29 - 2011-09-03 13:22 - 00000000 ____D C:\windows\system32\DirectX
  388. 2015-11-16 19:29 - 2011-09-03 09:06 - 00000000 ___HD C:\windows\inf
  389. 2015-11-16 19:11 - 2013-09-16 10:15 - 00128958 ____C C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
  390. 2015-11-15 11:24 - 2015-09-26 16:49 - 00004608 _____ C:\Documents and Settings\kids\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
  391. 2015-11-11 08:09 - 2013-08-13 19:27 - 00000000 ____D C:\windows\system32\MRT
  392. 2015-11-11 08:06 - 2011-09-03 13:55 - 143250520 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
  393. 2015-11-10 15:53 - 2012-05-04 16:06 - 00780488 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe
  394. 2015-11-10 15:53 - 2011-09-03 14:07 - 00142536 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl
  395. 2015-11-08 15:00 - 2014-04-02 06:57 - 00000216 _____ C:\windows\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
  396. 2015-11-07 16:31 - 2015-02-08 11:17 - 00001845 _____ C:\Documents and Settings\kids\Desktop\Chrome App Launcher.lnk
  397. 2015-11-07 15:50 - 2015-07-01 08:53 - 00001993 _____ C:\Documents and Settings\kids\Desktop\mya - Chrome.lnk
  398.  
  399. ==================== Files in the root of some directories =======
  400.  
  401. 2012-03-04 14:06 - 2013-04-28 12:54 - 0014336 ____C () C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
  402. 2012-05-05 20:29 - 2014-03-09 11:37 - 0000675 ____C () C:\Documents and Settings\All Users\lxdnDiagnostics.log
  403. 2014-06-29 15:17 - 2014-06-29 15:17 - 0221367 ____C () C:\Documents and Settings\All Users\SPL17.tmp
  404. 2014-06-16 20:42 - 2014-06-16 20:42 - 0462312 ____C () C:\Documents and Settings\All Users\SPL2.tmp
  405. 2014-06-16 20:46 - 2014-06-16 20:46 - 0462312 ____C () C:\Documents and Settings\All Users\SPL3.tmp
  406. 2014-06-29 15:07 - 2014-06-29 15:07 - 0219658 ____C () C:\Documents and Settings\All Users\SPL4.tmp
  407. 2014-06-17 13:41 - 2014-06-17 13:41 - 0547768 ____C () C:\Documents and Settings\All Users\SPL6.tmp
  408. 2014-06-16 18:21 - 2014-06-16 18:21 - 0462312 ____C () C:\Documents and Settings\All Users\SPL7.tmp
  409. 2014-06-29 15:01 - 2014-06-29 15:01 - 0219658 ____C () C:\Documents and Settings\All Users\SPLBD.tmp
  410. 2012-05-05 20:29 - 2012-05-05 20:29 - 0000000 ____C () C:\Documents and Settings\All Users\UpdaterLog.txt
  411.  
  412. ZeroAccess:
  413. C:\Windows\Installer\{1cdee83a-7fae-83cc-ac21-a0f30123f493}
  414. C:\Windows\Installer\{1cdee83a-7fae-83cc-ac21-a0f30123f493}\@
  415.  
  416. ZeroAccess :
  417. Attention: Before removing "C:\windows\$NtUninstallKB27263$" the mount point attached to it should be removed.
  418. C:\windows\$NtUninstallKB27263$
  419.  
  420. ==================== Bamital & volsnap =================
  421.  
  422. (There is no automatic fix for files that do not pass verification.)
  423.  
  424. C:\windows\explorer.exe => File is digitally signed
  425. C:\windows\system32\winlogon.exe => File is digitally signed
  426. C:\windows\system32\svchost.exe => File is digitally signed
  427. C:\windows\system32\services.exe => File is digitally signed
  428. C:\windows\system32\User32.dll => File is digitally signed
  429. C:\windows\system32\userinit.exe => File is digitally signed
  430. C:\windows\system32\rpcss.dll => File is digitally signed
  431. C:\windows\system32\dnsapi.dll => File is digitally signed
  432. C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
  433.  
  434. ==================== End of FRST.txt ============================
  435.  
  436. Additional scan result of Farbar Recovery Scan Tool (x86) Version:05-12-2015
  437. Ran by Owner (2015-12-06 19:36:10)
  438. Running from C:\Documents and Settings\Owner\My Documents\Downloads
  439. Microsoft Windows XP Service Pack 3 (X86) (2011-09-03 18:25:22)
  440. Boot Mode: Normal
  441. ==========================================================
  442.  
  443.  
  444. ==================== Accounts: =============================
  445.  
  446. Administrator (S-1-5-21-1614895754-1637723038-1417001333-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
  447. ASPNET (S-1-5-21-1614895754-1637723038-1417001333-1006 - Limited - Enabled)
  448. Guest (S-1-5-21-1614895754-1637723038-1417001333-501 - Limited - Enabled)
  449. HelpAssistant (S-1-5-21-1614895754-1637723038-1417001333-1000 - Limited - Disabled)
  450. kids (S-1-5-21-1614895754-1637723038-1417001333-1004 - Limited - Enabled) => %SystemDrive%\Documents and Settings\kids
  451. Owner (S-1-5-21-1614895754-1637723038-1417001333-1003 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Owner
  452. SUPPORT_388945a0 (S-1-5-21-1614895754-1637723038-1417001333-1002 - Limited - Disabled)
  453.  
  454. ==================== Security Center ========================
  455.  
  456. (If an entry is included in the fixlist, it will be removed.)
  457.  
  458.  
  459. ==================== Installed Programs ======================
  460.  
  461. (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
  462.  
  463. Action Replay PowerSaves 3DS version 1.18 (HKLM\...\{CD24B06F-0A4D-410A-AEF2-DFE6A28AB4C0}_is1) (Version: 1.18 - Datel Design & Development)
  464. Adobe Flash Player 19 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 19.0.0.245 - Adobe Systems Incorporated)
  465. Adobe Flash Player 19 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)
  466. Adobe Reader XI (11.0.08) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
  467. Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.4.154 - Adobe Systems, Inc.)
  468. Angry Birds (HKLM\...\{0CE0711D-A5E3-4E98-B3C0-0227A5E000CA}) (Version: 2.2.0 - Rovio)
  469. Broadcom Gigabit Integrated Controller (HKLM\...\{FC57FC53-104C-415C-98D7-B05E659461A9}) (Version: 10.50.03 - Broadcom Corporation)
  470. Common Desktop Agent (Version: 1.62.0 - OEM) Hidden
  471. Google Chrome (HKLM\...\Google Chrome) (Version: 47.0.2526.73 - Google Inc.)
  472. Google Update Helper (Version: 1.3.21.153 - Google Inc.) Hidden
  473. Google Update Helper (Version: 1.3.29.1 - Google Inc.) Hidden
  474. InfraRecorder (HKLM\...\InfraRecorder) (Version: - Christian Kindahl)
  475. Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - Intel Corporation)
  476. Java 8 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
  477. Lexmark 2600 Series (HKLM\...\Lexmark 2600 Series) (Version: - Lexmark International, Inc.)
  478. Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
  479. Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
  480. Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version: - )
  481. Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version: - )
  482. Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
  483. Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
  484. Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
  485. Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
  486. Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
  487. Microsoft Base Smart Card Cryptographic Service Provider Package (HKLM\...\KB909520) (Version: - Microsoft Corporation)
  488. Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
  489. Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{929CE49F-1CA7-4CF3-A9A1-6D757443C63F}) (Version: 1.2.0241 - Microsoft Corporation)
  490. Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
  491. Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version: - Microsoft Corporation)
  492. Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
  493. Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
  494. Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
  495. Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
  496. Minecraft1.7.2 (HKLM\...\Minecraft1.7.2) (Version: - )
  497. MSXML 6.0 Parser (KB925673) (HKLM\...\{FE9126DB-5F84-495A-BB46-3C724F1C2D08}) (Version: 6.00.3888.0 - Microsoft Corporation)
  498. Norton Security Suite (HKLM\...\N360) (Version: 5.2.2.3 - Symantec Corporation)
  499. ooVoo toolbar, powered by Ask.com (HKLM\...\{86D4B82A-ABED-442A-BE86-96357B70F4FE}) (Version: 1.17.3.0 - Ask.com) <==== ATTENTION
  500. OpenOffice.org 3.3 (HKLM\...\{ED23E382-E5E3-4E21-B616-01FC59A40916}) (Version: 3.3.9567 - OpenOffice.org)
  501. Peggle Nights 1.0 (HKLM\...\Peggle Nights 1.0) (Version: 1.0 - PopCap Games)
  502. Razer Game Booster (HKLM\...\Razer Game Booster_is1) (Version: 3.7 - Razer USA Ltd)
  503. Samsung Easy Document Creator (HKLM\...\Samsung Easy Document Creator) (Version: 1.06.60 (3/17/2015) - Samsung Electronics Co., Ltd.)
  504. Samsung Easy Printer Manager (HKLM\...\Samsung Easy Printer Manager) (Version: 1.05.81.00(5/25/2015) - Samsung Electronics Co., Ltd.)
  505. Samsung Easy Wireless Setup (HKLM\...\Easy Wireless Setup) (Version: 3.70.18.0 - Samsung Electronics Co., Ltd.)
  506. Samsung M2070 Series (HKLM\...\Samsung M2070 Series) (Version: 1.22 (9/7/2015) - Samsung Electronics Co., Ltd.)
  507. Samsung Printer Diagnostics (HKLM\...\Samsung Printer Diagnostics) (Version: 1.0.1.6.02 - Samsung Electronics Co., Ltd.)
  508. Samsung Printer Live Update (HKLM\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
  509. Samsung Scan Process Machine (Version: 1.03.05.25 - Samsung Electronics Co., Ltd.) Hidden
  510. Samsung Universal Print Driver 2 (HKLM\...\Samsung Universal Print Driver 2) (Version: 2.50.06.00 - Samsung Electronics Co., Ltd.)
  511. SNS Upload for Easy Document Creator (HKLM\...\{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}) (Version: 1.0.0 - Samsung Electronics Co.,Ltd)
  512. SoundMAX (HKLM\...\{F0A37341-D692-11D4-A984-009027EC0A9C}) (Version: 5.10.01.7265 - Analog Devices)
  513. swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
  514. Uninstall Dual Mode Camera (ST606) (HKLM\...\ST606_2009_0603_1256_is1) (Version: - )
  515. VoiceOver Kit (HKLM\...\{6B4AD1A9-E73A-4184-9D6B-072F8A3C5EBA}) (Version: 1.42.128.0 - Apple Inc.)
  516. WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
  517. Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)
  518. Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version: - Microsoft Corporation)
  519. Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
  520. Windows Management Framework Core (HKLM\...\KB968930) (Version: - Microsoft Corporation)
  521. Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
  522. Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - )
  523. Windows Search 4.0 (HKLM\...\KB940157) (Version: 04.00.6001.503 - Microsoft Corporation)
  524. XML Paper Specification Shared Components Pack 1.0 (Version: - Microsoft Corporation) Hidden
  525.  
  526. ==================== Custom CLSID (Whitelisted): ==========================
  527.  
  528. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  529.  
  530. CustomCLSID: HKU\S-1-5-21-1614895754-1637723038-1417001333-1003_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Documents and Settings\Owner\Local Settings\Application Data\Unity\WebPlayer\loader\UnityWebPlugi (the data entry has 18 more characters).
  531.  
  532. ==================== Restore Points =========================
  533.  
  534. Could not list restore points
  535. Check "winmgmt" service or repair WMI.
  536.  
  537.  
  538. ==================== Hosts content: ===============================
  539.  
  540. (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
  541.  
  542. 2008-04-14 07:00 - 2008-04-14 07:00 - 00000734 ____A C:\windows\system32\Drivers\etc\hosts
  543.  
  544. 127.0.0.1 localhost
  545.  
  546. ==================== Scheduled Tasks (Whitelisted) =============
  547.  
  548. (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
  549.  
  550. Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
  551. Task: C:\windows\Tasks\Browser Manager.job => C:\WINDOWS\system32\sc.exe
  552. Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
  553. Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
  554. Task: C:\windows\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe
  555. Task: C:\windows\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe
  556. Task: C:\windows\Tasks\User_Feed_Synchronization-{A837C2B8-86B9-41AF-A27C-3E6F30A4395F}.job => C:\WINDOWS\system32\msfeedssync.exe
  557.  
  558. ==================== Shortcuts =============================
  559.  
  560. (The entries could be listed to be restored or removed.)
  561.  
  562. ==================== Loaded Modules (Whitelisted) ==============
  563.  
  564. 2015-07-03 08:06 - 2015-06-11 08:59 - 00018432 _____ () C:\windows\system32\ssm4mlm.dll
  565. 2015-09-21 16:36 - 2014-04-16 03:22 - 00025600 _____ () C:\windows\system32\usp02l.dll
  566. 2012-03-14 12:04 - 2009-08-13 03:02 - 00147968 _____ () C:\windows\System32\spool\PRTPROCS\W32X86\lxdndrpp.dll
  567. 2015-12-06 18:22 - 2012-08-01 15:44 - 00121472 _____ () C:\Program Files\Razer\Razer Game Booster\GBV3ContextMenu.dll
  568. 2015-09-21 16:36 - 2014-11-26 06:07 - 00118576 _____ () C:\WINDOWS\system32\SecUPDUtilSvc.exe
  569. 2015-09-21 16:30 - 2013-02-22 12:31 - 00408064 _____ () C:\WINDOWS\system32\SaXPWIA.dll
  570. 2014-07-24 23:36 - 2015-06-10 01:18 - 00094208 ____N () C:\windows\system32\SSDEVM.DLL
  571. 2015-12-06 18:22 - 2012-08-01 15:44 - 00519600 _____ () C:\Program Files\Razer\Razer Game Booster\sqlite3.dll
  572. 2015-12-06 18:22 - 2013-06-04 16:07 - 00535480 _____ () C:\Program Files\Razer\Razer Game Booster\K_fps.dll
  573. 2015-12-06 18:22 - 2013-06-04 16:07 - 00272360 _____ () C:\Program Files\Razer\Razer Game Booster\D3DX8Wrapper.dll
  574. 2015-12-06 18:22 - 2013-06-04 16:07 - 00133280 _____ () C:\Program Files\Razer\Razer Game Booster\Mpeg2Video.dll
  575. 2015-12-06 18:22 - 2013-01-30 17:48 - 07477262 _____ () C:\Program Files\Razer\Razer Game Booster\avcodec-54.dll
  576. 2015-12-06 18:22 - 2013-01-30 17:48 - 00156174 _____ () C:\Program Files\Razer\Razer Game Booster\keutil-51.dll
  577. 2015-12-06 18:22 - 2013-01-30 17:48 - 01191950 _____ () C:\Program Files\Razer\Razer Game Booster\avformat-54.dll
  578. 2015-12-06 18:22 - 2013-01-30 17:48 - 00333326 _____ () C:\Program Files\Razer\Razer Game Booster\swscale-2.dll
  579.  
  580. ==================== Alternate Data Streams (Whitelisted) =========
  581.  
  582. (If an entry is included in the fixlist, only the ADS will be removed.)
  583.  
  584.  
  585. ==================== Safe Mode (Whitelisted) ===================
  586.  
  587. (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
  588.  
  589.  
  590. ==================== EXE Association (Whitelisted) ===============
  591.  
  592. (If an entry is included in the fixlist, the registry item will be restored to default or removed.)
  593.  
  594.  
  595. ==================== Internet Explorer trusted/restricted ===============
  596.  
  597. (If an entry is included in the fixlist, it will be removed from the registry.)
  598.  
  599. IE trusted site: HKU\S-1-5-21-1614895754-1637723038-1417001333-1003\...\microsoft.com -> hxxps://windowsupdate.microsoft.com
  600.  
  601. ==================== Other Areas ============================
  602.  
  603. (Currently there is no automatic fix for this section.)
  604.  
  605. HKU\S-1-5-21-1614895754-1637723038-1417001333-1003\Control Panel\Desktop\\Wallpaper -> C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
  606. DNS Servers: 75.75.75.75 - 75.75.76.76
  607. sharedaccess => Firewall Service is not running.
  608.  
  609. ==================== MSCONFIG/TASK MANAGER disabled items ==
  610.  
  611. (Currently there is no automatic fix for this section.)
  612.  
  613. MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Search.lnk => C:\WINDOWS\pss\Windows Search.lnkCommon Startup
  614. MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
  615. MSCONFIG\startupreg: BitTorrent => "C:\Documents and Settings\kids\Application Data\BitTorrent\BitTorrent.exe" /MINIMIZED
  616. MSCONFIG\startupreg: CDAServer => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
  617. MSCONFIG\startupreg: ctfmon.exe => C:\WINDOWS\system32\ctfmon.exe
  618. MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
  619. MSCONFIG\startupreg: HotKeysCmds => C:\WINDOWS\system32\hkcmd.exe
  620. MSCONFIG\startupreg: IgfxTray => C:\WINDOWS\system32\igfxtray.exe
  621. MSCONFIG\startupreg: Persistence => C:\WINDOWS\system32\igfxpers.exe
  622. MSCONFIG\startupreg: SoundMAXPnP => C:\Program Files\Analog Devices\Core\smax4pnp.exe
  623.  
  624. ==================== FirewallRules (Whitelisted) ===============
  625.  
  626. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  627.  
  628. DomainProfile\GloballyOpenPorts: [139:TCP] => Enabled:@xpsp2res.dll,-22004
  629. DomainProfile\GloballyOpenPorts: [445:TCP] => Enabled:@xpsp2res.dll,-22005
  630. DomainProfile\GloballyOpenPorts: [137:UDP] => Enabled:@xpsp2res.dll,-22001
  631. DomainProfile\GloballyOpenPorts: [138:UDP] => Enabled:@xpsp2res.dll,-22002
  632. DomainProfile\GloballyOpenPorts: [1900:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22007
  633. DomainProfile\GloballyOpenPorts: [2869:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22008
  634. DomainProfile\GloballyOpenPorts: [10243:TCP] => :LocalSubNet:Enabled:Windows Media Player Network Sharing Service
  635. DomainProfile\GloballyOpenPorts: [10280:UDP] => :LocalSubNet:Enabled:Windows Media Player Network Sharing Service
  636. DomainProfile\GloballyOpenPorts: [10281:UDP] => :LocalSubNet:Enabled:Windows Media Player Network Sharing Service
  637. DomainProfile\GloballyOpenPorts: [10282:UDP] => :LocalSubNet:Enabled:Windows Media Player Network Sharing Service
  638. DomainProfile\GloballyOpenPorts: [10283:UDP] => :LocalSubNet:Enabled:Windows Media Player Network Sharing Service
  639. DomainProfile\GloballyOpenPorts: [10284:UDP] => :LocalSubNet:Enabled:Windows Media Player Network Sharing Service
  640. StandardProfile\GloballyOpenPorts: [139:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22004
  641. StandardProfile\GloballyOpenPorts: [445:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22005
  642. StandardProfile\GloballyOpenPorts: [137:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22001
  643. StandardProfile\GloballyOpenPorts: [138:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22002
  644. StandardProfile\GloballyOpenPorts: [1900:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22007
  645. StandardProfile\GloballyOpenPorts: [2869:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22008
  646. StandardProfile\GloballyOpenPorts: [10243:TCP] => :LocalSubNet:Enabled:Windows Media Player Network Sharing Service
  647. StandardProfile\GloballyOpenPorts: [10280:UDP] => :LocalSubNet:Enabled:Windows Media Player Network Sharing Service
  648. StandardProfile\GloballyOpenPorts: [10281:UDP] => :LocalSubNet:Enabled:Windows Media Player Network Sharing Service
  649. StandardProfile\GloballyOpenPorts: [10282:UDP] => :LocalSubNet:Enabled:Windows Media Player Network Sharing Service
  650. StandardProfile\GloballyOpenPorts: [10283:UDP] => :LocalSubNet:Enabled:Windows Media Player Network Sharing Service
  651. StandardProfile\GloballyOpenPorts: [10284:UDP] => :LocalSubNet:Enabled:Windows Media Player Network Sharing Service
  652.  
  653. ==================== Faulty Device Manager Devices =============
  654.  
  655. Could not list Devices. Check "winmgmt" service or repair WMI.
  656.  
  657.  
  658. ==================== Event log errors: =========================
  659.  
  660. Application errors:
  661. ==================
  662. Error: (12/06/2015 06:31:45 PM) (Source: WinMgmt) (EventID: 28) (User: )
  663. Description: WinMgmt could not initialize the core parts. This could be due to a badly installed version of WinMgmt, WinMgmt repository upgrade failure, insufficient disk space or insufficient memory.
  664.  
  665. Error: (12/06/2015 05:44:39 PM) (Source: WinMgmt) (EventID: 28) (User: )
  666. Description: WinMgmt could not initialize the core parts. This could be due to a badly installed version of WinMgmt, WinMgmt repository upgrade failure, insufficient disk space or insufficient memory.
  667.  
  668. Error: (12/06/2015 04:52:39 PM) (Source: Userenv) (EventID: 1090) (User: NT AUTHORITY)
  669. Description: Windows couldn't log the RSoP (Resultant Set of Policies) session status. An attempt to connect to WMI failed. No more RSoP logging will be done for this application of policy.
  670.  
  671. Error: (12/06/2015 04:47:09 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
  672. Description: Application: DaS_21.exe
  673. Framework Version: v4.0.30319
  674. Description: The process was terminated due to an unhandled exception.
  675. Exception Info: System.Runtime.InteropServices.COMException
  676. Stack:
  677. at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32, IntPtr)
  678. at System.Management.ManagementScope.InitializeGuts(System.Object)
  679. at System.Management.ManagementScope.Initialize()
  680. at System.Management.ManagementObject.Initialize(Boolean)
  681. at System.Management.ManagementObject.Get()
  682. at DriverAndServicesOut.GetProcess.StartMode(System.String)
  683. at DriverAndServicesOut.GetProcess.GetAllServices(System.String)
  684. at DriverAndServicesOut.Program.Main(System.String[])
  685.  
  686. Error: (12/06/2015 04:47:04 PM) (Source: .NET Runtime 4.0 Error Reporting) (EventID: 5000) (User: )
  687. Description: EventType clr20r3, P1 das_21.exe, P2 2.1.0.4, P3 540c90b2, P4 system.management, P5 4.0.0.0, P6 4ba1e140, P7 24e, P8 10f, P9 clr20r30, P10 clr20r31.
  688.  
  689. Error: (12/06/2015 04:09:37 PM) (Source: Userenv) (EventID: 1090) (User: NT AUTHORITY)
  690. Description: Windows couldn't log the RSoP (Resultant Set of Policies) session status. An attempt to connect to WMI failed. No more RSoP logging will be done for this application of policy.
  691.  
  692. Error: (12/06/2015 03:08:39 PM) (Source: Userenv) (EventID: 1090) (User: NT AUTHORITY)
  693. Description: Windows couldn't log the RSoP (Resultant Set of Policies) session status. An attempt to connect to WMI failed. No more RSoP logging will be done for this application of policy.
  694.  
  695. Error: (12/06/2015 02:37:37 PM) (Source: Userenv) (EventID: 1090) (User: NT AUTHORITY)
  696. Description: Windows couldn't log the RSoP (Resultant Set of Policies) session status. An attempt to connect to WMI failed. No more RSoP logging will be done for this application of policy.
  697.  
  698. Error: (12/06/2015 01:23:38 PM) (Source: Userenv) (EventID: 1090) (User: NT AUTHORITY)
  699. Description: Windows couldn't log the RSoP (Resultant Set of Policies) session status. An attempt to connect to WMI failed. No more RSoP logging will be done for this application of policy.
  700.  
  701. Error: (12/06/2015 01:06:37 PM) (Source: Userenv) (EventID: 1090) (User: NT AUTHORITY)
  702. Description: Windows couldn't log the RSoP (Resultant Set of Policies) session status. An attempt to connect to WMI failed. No more RSoP logging will be done for this application of policy.
  703.  
  704.  
  705. System errors:
  706. =============
  707. Error: (12/06/2015 06:31:43 PM) (Source: WMPNetworkSvc) (EventID: 14344) (User: )
  708. Description: A new media server was not initialized because WMCreateDeviceRegistration() encountered error '0x80070057'. The Windows Media DRM components on your computer might be corrupted. Verify that protected files play correctly in Windows Media Player, and then restart the WMPNetworkSvc service.
  709.  
  710. Error: (12/06/2015 06:31:39 PM) (Source: WMPNetworkSvc) (EventID: 14344) (User: )
  711. Description: A new media server was not initialized because WMCreateDeviceRegistration() encountered error '0x80070057'. The Windows Media DRM components on your computer might be corrupted. Verify that protected files play correctly in Windows Media Player, and then restart the WMPNetworkSvc service.
  712.  
  713. Error: (12/06/2015 05:45:02 PM) (Source: WMPNetworkSvc) (EventID: 14344) (User: )
  714. Description: A new media server was not initialized because WMCreateDeviceRegistration() encountered error '0x80070057'. The Windows Media DRM components on your computer might be corrupted. Verify that protected files play correctly in Windows Media Player, and then restart the WMPNetworkSvc service.
  715.  
  716. Error: (12/06/2015 05:44:55 PM) (Source: WMPNetworkSvc) (EventID: 14344) (User: )
  717. Description: A new media server was not initialized because WMCreateDeviceRegistration() encountered error '0x80070057'. The Windows Media DRM components on your computer might be corrupted. Verify that protected files play correctly in Windows Media Player, and then restart the WMPNetworkSvc service.
  718.  
  719. Error: (12/06/2015 08:08:11 AM) (Source: WMPNetworkSvc) (EventID: 14344) (User: )
  720. Description: A new media server was not initialized because WMCreateDeviceRegistration() encountered error '0x80070057'. The Windows Media DRM components on your computer might be corrupted. Verify that protected files play correctly in Windows Media Player, and then restart the WMPNetworkSvc service.
  721.  
  722. Error: (12/06/2015 08:08:08 AM) (Source: WMPNetworkSvc) (EventID: 14344) (User: )
  723. Description: A new media server was not initialized because WMCreateDeviceRegistration() encountered error '0x80070057'. The Windows Media DRM components on your computer might be corrupted. Verify that protected files play correctly in Windows Media Player, and then restart the WMPNetworkSvc service.
  724.  
  725. Error: (12/06/2015 02:03:23 AM) (Source: WMPNetworkSvc) (EventID: 14344) (User: )
  726. Description: A new media server was not initialized because WMCreateDeviceRegistration() encountered error '0x80070057'. The Windows Media DRM components on your computer might be corrupted. Verify that protected files play correctly in Windows Media Player, and then restart the WMPNetworkSvc service.
  727.  
  728. Error: (12/06/2015 02:03:21 AM) (Source: WMPNetworkSvc) (EventID: 14344) (User: )
  729. Description: A new media server was not initialized because WMCreateDeviceRegistration() encountered error '0x80070057'. The Windows Media DRM components on your computer might be corrupted. Verify that protected files play correctly in Windows Media Player, and then restart the WMPNetworkSvc service.
  730.  
  731. Error: (12/06/2015 12:18:23 AM) (Source: WMPNetworkSvc) (EventID: 14344) (User: )
  732. Description: A new media server was not initialized because WMCreateDeviceRegistration() encountered error '0x80070057'. The Windows Media DRM components on your computer might be corrupted. Verify that protected files play correctly in Windows Media Player, and then restart the WMPNetworkSvc service.
  733.  
  734. Error: (12/06/2015 12:18:22 AM) (Source: WMPNetworkSvc) (EventID: 14344) (User: )
  735. Description: A new media server was not initialized because WMCreateDeviceRegistration() encountered error '0x80070057'. The Windows Media DRM components on your computer might be corrupted. Verify that protected files play correctly in Windows Media Player, and then restart the WMPNetworkSvc service.
  736.  
  737.  
  738. ==================== Memory info ===========================
  739.  
  740. Processor: Intel(R) Core(TM)2 CPU 6300 @ 1.86GHz
  741. Percentage of memory in use: 61%
  742. Total physical RAM: 2037.54 MB
  743. Available physical RAM: 779.88 MB
  744. Total Virtual: 4948.06 MB
  745. Available Virtual: 3719.39 MB
  746.  
  747. ==================== Drives ================================
  748.  
  749. Drive c: () (Fixed) (Total:74.53 GB) (Free:7.07 GB) NTFS
  750.  
  751. ==================== MBR & Partition Table ==================
  752.  
  753. ========================================================
  754. Disk: 0 (MBR Code: Windows XP) (Size: 74.5 GB) (Disk ID: 17053C7F)
  755. Partition 1: (Active) - (Size=74.5 GB) - (Type=07 NTFS)
  756.  
  757. ==================== End of Addition.txt ============================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!