1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

AVG software restriction issue using Windows XP

Discussion in 'Virus & Other Malware Removal' started by Jimboliah, Jan 15, 2015.

Thread Status:
Not open for further replies.
Advertisement
  1. Jimboliah

    Jimboliah Thread Starter

    Joined:
    Jan 15, 2015
    Messages:
    10
    Hello,
    I am having issues with AVG being blocked by software restrictions using Windows XP. Can you please help get my PC cleaned up! Thank you!

    Here is the TSG SysInfo results:

    Tech Support Guy System Info Utility version 1.0.0.2
    OS Version: Microsoft Windows XP Professional, Service Pack 3, 32 bit
    Processor: Intel(R) Pentium(R) M processor 1.70GHz, x86 Family 6 Model 13 Stepping 8
    Processor Count: 1
    RAM: 503 Mb
    Graphics Card: Mobile Intel(R) 915GM/GMS,910GML Express Chipset Family, 96 Mb
    Hard Drives: C: Total - 57223 MB, Free - 31728 MB;
    Motherboard: Dell Inc., 0RJ272
    Antivirus: AVG AntiVirus Free Edition 2015, Updated: No, On-Demand Scanner: Enabled
     
  2. Jimboliah

    Jimboliah Thread Starter

    Joined:
    Jan 15, 2015
    Messages:
    10
    Anybody there???? Please take a look I just need a little help here....I think.
     
  3. JSntgRvr

    JSntgRvr Retired Moderator and Malware Specialist

    Joined:
    Jul 1, 2003
    Messages:
    18,552
    First Name:
    José
    Welcome. :)

    Please download Farbar Recovery Scan Tool and save it to your desktop.

    Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
    • Double-click to run it. When the tool opens click Yes to disclaimer.
    • Make sure that under Optional Scans, there is a checkmark on Addition.txt and Shortcut.
    • Press Scan button.
    • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
    • The tool will also produce another two logs (Addition.txt and Shortcut.txt). Please attach these to your reply.
     
  4. Jimboliah

    Jimboliah Thread Starter

    Joined:
    Jan 15, 2015
    Messages:
    10
    Thank you so much!! Here are the Farbar results:

    Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 19-01-2015
    Ran by user (administrator) on HOMEPC on 19-01-2015 18:34:15
    Running from C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\TQK7IEE3
    Loaded Profiles: user (Available profiles: user)
    Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English (United States)
    Internet Explorer Version 8 (Default browser: IE)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
    ==================== Processes (Whitelisted) =================
    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
    (AVG Technologies CZ, s.r.o.) C:\PROGRA~1\AVG\AVG2015\avgrsx.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgcsrvx.exe
    (Intel Corporation) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    (Intel Corporation ) C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    (Intel(R) Corporation) C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe
    (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgidsagent.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgwdsvc.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
    (Intel Corporation) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    (Yahoo! Inc.) C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgnsx.exe
    (SigmaTel, Inc.) C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe
    (Intel Corporation) C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
    (Intel Corporation) C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
    (Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
    (Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
    (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
    (Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    (Dropbox, Inc.) C:\Documents and Settings\user\Application Data\Dropbox\bin\Dropbox.exe
    (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
    (Intel Corporation) C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
    (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
    (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
    (Microsoft Corporation.) C:\Program Files\Microsoft\BingBar\7.3.132.0\BingApp.exe
    (Microsoft Corporation.) C:\Program Files\Microsoft\BingBar\7.3.132.0\BingBar.exe
    (Microsoft Corporation.) C:\Program Files\Microsoft\BingBar\7.3.132.0\bingsurrogate.exe
    (Microsoft Corporation.) C:\Program Files\Microsoft\BingBar\7.3.132.0\bingsurrogate.exe
    (Microsoft Corporation.) C:\Program Files\Microsoft\BingBar\7.3.132.0\bingsurrogate.exe
    (Microsoft Corporation.) C:\Program Files\Microsoft\BingBar\7.3.132.0\bingsurrogate.exe
    (Microsoft Corporation.) C:\Program Files\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
    (Farbar) C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\TQK7IEE3\FRST[1].exe

    ==================== Registry (Whitelisted) ==================
    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
    HKLM\...\Run: [SigmatelSysTrayApp] => C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe [405504 2007-05-10] (SigmaTel, Inc.)
    HKLM\...\Run: [IntelZeroConfig] => C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [819200 2007-02-21] (Intel Corporation)
    HKLM\...\Run: [IntelWireless] => C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [970752 2007-02-21] (Intel Corporation)
    HKLM\...\Run: [NeroFilterCheck] => C:\WINDOWS\system32\NeroCheck.exe [155648 2006-01-12] (Nero AG)
    HKLM\...\Run: [igfxhkcmd] => C:\WINDOWS\system32\hkcmd.exe [77824 2006-06-06] (Intel Corporation)
    HKLM\...\Run: [igfxpers] => C:\WINDOWS\system32\igfxpers.exe [118784 2006-06-06] (Intel Corporation)
    HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [141624 2010-06-15] (Apple Inc.)
    HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [41208 2012-12-19] (Adobe Systems Incorporated)
    HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
    HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2015\avgui.exe [3593744 2014-09-05] (AVG Technologies CZ, s.r.o.)
    HKLM Group Policy restriction on software: C:\Program Files\AVG\ <====== ATTENTION
    HKLM Group Policy restriction on software: C:\Program Files\AVG <====== ATTENTION
    HKLM Group Policy restriction on software: C:\Program Files\Lavasoft <====== ATTENTION
    HKLM\...\Winlogon: [Taskman] C:\RECYCLER\S-1-5-21-0462396701-4788539127-961003338-2496\MsMxEng.exe No File <=== ATTENTION
    HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore: [DisableSR/DisableConfig] <===== ATTENTION
    HKU\S-1-5-18\...\RunOnce: [AutoLaunch] => C:\Program Files\Lavasoft\Ad-Aware\AutoLaunch.exe monthly
    Startup: C:\Documents and Settings\user\Start Menu\Programs\Startup\Dropbox.lnk
    ShortcutTarget: Dropbox.lnk -> C:\Documents and Settings\user\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    Startup: C:\Documents and Settings\user\Start Menu\Programs\Startup\SnappleCalendar.lnk
    ShortcutTarget: SnappleCalendar.lnk -> C:\Program Files\SnappleCalendar\SnappleCalendar.exe ()
    BootExecute: autocheck autochk * C:\PROGRA~1\AVG\AVG2015\avgrsx.exe /sync /restart
    ==================== Internet (Whitelisted) ====================
    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
    HKU\S-1-5-21-507921405-436374069-725345543-1003\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
    HKU\S-1-5-21-507921405-436374069-725345543-1003\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKU\S-1-5-21-507921405-436374069-725345543-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?ocid=OIE8HP&PC=UP62
    URLSearchHook: HKU\S-1-5-21-507921405-436374069-725345543-1003 - YTNavAssist.YTNavAssistPlugin Class - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTNavAssist.dll (Yahoo! Inc.)
    SearchScopes: HKU\S-1-5-21-507921405-436374069-725345543-1003 -> {38293D6E-6D5B-424F-82B6-FE0975D21D17} URL = http://search.yahoo.com/search?p={s...ype=W3i_DS,136,0_0,Search,20110832,6901,0,8,0
    BHO: &Yahoo! Toolbar Helper -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
    BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
    BHO: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> C:\Program Files\AVG\AVG2012\avgssie.dll No File
    BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
    BHO: SingleInstance Class -> {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} -> C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
    Toolbar: HKLM - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
    Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
    DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1244567412593
    DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} http://office.microsoft.com/officeupdate/content/opuc4.cab
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll No File
    Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
    Tcpip\Parameters: [DhcpNameServer] 74.40.74.40 74.40.74.41 192.168.1.1
    FireFox:
    ========
    FF ProfilePath: C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\076mr179.default
    FF Homepage: hxxp://www.msn.com/
    FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_257.dll ()
    FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
    FF Extension: Microsoft .NET Framework Assistant - C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\076mr179.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-07-19]
    FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
    FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-06-12]
    FF HKU\.DEFAULT\...\Firefox\Extensions: [[email protected]] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2
    Chrome:
    =======
    CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\23.0.1271.64\PepperFlash\pepflashplayer.dll No File
    CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
    CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\23.0.1271.64\ppGoogleNaClPluginChrome.dll No File
    CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\23.0.1271.64\pdf.dll No File
    CHR Plugin: (AVG Internet Security) - C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2210_0\plugins/avgnpss.dll (AVG Technologies CZ, s.r.o.)
    CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
    CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll No File
    CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll No File
    CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll No File
    CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll No File
    CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll No File
    CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
    CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
    CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
    CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
    CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
    CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll No File
    CHR Plugin: (Windows Presentation Foundation) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    CHR Profile: C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\User Data\Default
    CHR Extension: (Google Drive) - C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-11-12]
    CHR Extension: (YouTube) - C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-11-12]
    CHR Extension: (Google Search) - C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-11-12]
    CHR Extension: (AVG Safe Search) - C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla [2012-11-12]
    CHR Extension: (AVG Do Not Track) - C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2012-11-12]
    CHR Extension: (Gmail) - C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-12]
    ========================== Services (Whitelisted) =================
    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
    R2 AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [3364368 2014-09-05] (AVG Technologies CZ, s.r.o.)
    R2 avgwd; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [293448 2014-09-05] (AVG Technologies CZ, s.r.o.)
    R2 EvtEng; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [643072 2007-02-21] (Intel Corporation) [File not signed]
    R2 MDM; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
    R2 Net Driver HPZ12; C:\WINDOWS\system32\HPZinw12.dll [44032 2008-07-18] (Hewlett-Packard) [File not signed]
    R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [53760 2008-07-18] (Hewlett-Packard) [File not signed]
    R2 RegSrvc; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [327680 2007-02-21] (Intel Corporation) [File not signed]
    R2 S24EventMonitor; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [983040 2007-02-21] (Intel Corporation ) [File not signed]
    R2 WLANKEEPER; C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe [294912 2007-02-21] (Intel(R) Corporation) [File not signed]
    S3 SwPrv; C:\WINDOWS\system32\dllhost.exe /Processid:{5719E5B3-3AA5-43C3-8FBB-FEF22ED63DE5}
    ==================== Drivers (Whitelisted) ====================
    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
    R2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [21425 2009-06-10] (Meetinghouse Data Communications) [File not signed]
    R1 Avgdiskx; C:\WINDOWS\System32\DRIVERS\avgdiskx.sys [121624 2014-06-18] (AVG Technologies CZ, s.r.o.)
    R1 AVGIDSDriverl; C:\WINDOWS\System32\DRIVERS\avgidsdriverlx.sys [192280 2014-07-24] (AVG Technologies CZ, s.r.o.)
    R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [147736 2014-06-18] (AVG Technologies CZ, s.r.o.)
    R1 AVGIDSShim; C:\WINDOWS\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-18] (AVG Technologies CZ, s.r.o.)
    R1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [193304 2014-08-20] (AVG Technologies CZ, s.r.o.)
    R0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [230680 2014-07-18] (AVG Technologies CZ, s.r.o.)
    R0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [98584 2014-08-06] (AVG Technologies CZ, s.r.o.)
    R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [27416 2014-06-18] (AVG Technologies CZ, s.r.o.)
    R1 Avgtdix; C:\WINDOWS\System32\DRIVERS\avgtdix.sys [199448 2014-07-02] (AVG Technologies CZ, s.r.o.)
    S0 cercsr6; C:\WINDOWS\system32\Drivers\cercsr6.sys [39904 2004-12-13] (Adaptec, Inc.) [File not signed]
    S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49920 2007-07-09] (HP)
    S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2007-07-09] (HP)
    S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2007-07-09] (HP)
    R2 s24trans; C:\WINDOWS\System32\DRIVERS\s24trans.sys [12416 2007-02-21] (Intel Corporation) [File not signed]
    R3 STHDA; C:\WINDOWS\System32\drivers\sthda.sys [1222840 2007-05-10] (SigmaTel, Inc.)
    R3 w29n51; C:\WINDOWS\System32\DRIVERS\w29n51.sys [2209408 2007-02-08] (Intel® Corporation)
    U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
    S3 UIUSys; system32\DRIVERS\UIUSYS.SYS [X]
    U1 WS2IFSL; No ImagePath
    ==================== NetSvcs (Whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

    ==================== One Month Created Files and Folders ========
    (If an entry is included in the fixlist, the file\folder will be moved.)
    2015-01-15 09:45 - 2015-01-19 18:34 - 00000000 ____D () C:\FRST
    ==================== One Month Modified Files and Folders =======
    (If an entry is included in the fixlist, the file\folder will be moved.)
    2015-01-19 18:35 - 2009-06-09 09:00 - 00000000 ____D () C:\Documents and Settings\user\Local Settings\Temp
    2015-01-19 18:21 - 2012-11-10 10:13 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
    2015-01-19 15:29 - 2010-11-01 08:16 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\MFAData
    2015-01-19 11:31 - 2011-08-05 10:31 - 00000384 _____ () C:\WINDOWS\Tasks\Final Media Player Update Checker.job
    2015-01-19 09:44 - 2009-06-16 08:45 - 00000472 _____ () C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
    2015-01-19 06:36 - 2009-06-09 08:49 - 01190463 _____ () C:\WINDOWS\WindowsUpdate.log
    2015-01-17 21:21 - 2009-06-09 08:59 - 00032454 _____ () C:\WINDOWS\SchedLgU.Txt
    2015-01-17 08:23 - 2010-07-17 01:34 - 00000284 _____ () C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
    2015-01-16 00:21 - 2012-11-10 10:13 - 00701616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
    2015-01-16 00:21 - 2011-11-03 12:50 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
    2015-01-15 08:43 - 2014-07-02 15:37 - 00000000 ___RD () C:\Documents and Settings\user\My Documents\Dropbox
    2015-01-15 08:43 - 2014-07-02 14:28 - 00000000 ____D () C:\Documents and Settings\user\Application Data\Dropbox
    2015-01-15 08:40 - 2004-08-04 05:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
    2015-01-15 08:39 - 2009-06-09 08:59 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
    2015-01-15 08:39 - 2009-06-08 18:03 - 00000157 _____ () C:\WINDOWS\wiadebug.log
    2015-01-15 08:39 - 2009-06-08 18:03 - 00000049 _____ () C:\WINDOWS\wiaservc.log
    2015-01-14 23:54 - 2013-07-20 13:06 - 00000000 ____D () C:\WINDOWS\system32\MRT
    2015-01-14 23:34 - 2009-06-12 10:43 - 110348472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2015-01-14 23:32 - 2009-06-09 09:00 - 00000178 ___SH () C:\Documents and Settings\user\ntuser.ini
    2015-01-14 22:21 - 2014-10-21 08:06 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVG2015
    2015-01-13 00:34 - 2014-12-07 23:15 - 00000664 _____ () C:\WINDOWS\system32\d3d9caps.dat
    ==================== Files in the root of some directories =======
    2012-07-15 14:42 - 2012-07-15 14:42 - 0027520 _____ () C:\Documents and Settings\user\Local Settings\Application Data\dt.dat
    Some content of TEMP:
    ====================
    C:\Documents and Settings\user\Local Settings\Temp\Core.dll
    C:\Documents and Settings\user\Local Settings\Temp\difxapi.dll
    C:\Documents and Settings\user\Local Settings\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpjqms8_.dll
    C:\Documents and Settings\user\Local Settings\Temp\Engine.dll
    C:\Documents and Settings\user\Local Settings\Temp\errfix.exe
    C:\Documents and Settings\user\Local Settings\Temp\fixutil.exe
    C:\Documents and Settings\user\Local Settings\Temp\hpzmsi01.exe
    C:\Documents and Settings\user\Local Settings\Temp\hpzscr01.EXE
    C:\Documents and Settings\user\Local Settings\Temp\hpzswp01.exe
    C:\Documents and Settings\user\Local Settings\Temp\IFC23.dll
    C:\Documents and Settings\user\Local Settings\Temp\install_flashplayer11x32ax_gtba_chra_dy_aih[1].exe
    C:\Documents and Settings\user\Local Settings\Temp\MSVCR70.dll
    C:\Documents and Settings\user\Local Settings\Temp\ogg.dll
    C:\Documents and Settings\user\Local Settings\Temp\ose00000.exe
    C:\Documents and Settings\user\Local Settings\Temp\repfix.exe
    C:\Documents and Settings\user\Local Settings\Temp\Setup.exe
    C:\Documents and Settings\user\Local Settings\Temp\urepair.exe
    C:\Documents and Settings\user\Local Settings\Temp\vorbis.dll
    C:\Documents and Settings\user\Local Settings\Temp\vorbisfile.dll
    C:\Documents and Settings\user\Local Settings\Temp\Window.dll
    C:\Documents and Settings\user\Local Settings\Temp\_unps.exe

    ==================== Bamital & volsnap Check =================
    (There is no automatic fix for files that do not pass verification.)
    C:\WINDOWS\explorer.exe => File is digitally signed
    C:\WINDOWS\system32\winlogon.exe => File is digitally signed
    C:\WINDOWS\system32\svchost.exe => File is digitally signed
    C:\WINDOWS\system32\services.exe => File is digitally signed
    C:\WINDOWS\system32\User32.dll => File is digitally signed
    C:\WINDOWS\system32\userinit.exe => File is digitally signed
    C:\WINDOWS\system32\rpcss.dll => File is digitally signed
    C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
    ==================== End Of Log ============================


    Additional scan result of Farbar Recovery Scan Tool (x86) Version: 19-01-2015
    Ran by user at 2015-01-19 18:36:08
    Running from C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\TQK7IEE3
    Boot Mode: Normal
    ==========================================================

    ==================== Security Center ========================
    (If an entry is included in the fixlist, it will be removed.)
    AV: AVG AntiVirus Free Edition 2015 (Disabled - Up to date) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
    ==================== Installed Programs ======================
    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
    32 Bit HP CIO Components Installer (Version: 3.1.1 - Hewlett-Packard) Hidden
    Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.4.0.2710 - Adobe Systems Incorporated)
    Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.257 - Adobe Systems Incorporated)
    Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.257 - Adobe Systems Incorporated)
    Adobe Reader 9.5.3 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A95000000001}) (Version: 9.5.3 - Adobe Systems Incorporated)
    Apple Application Support (HKLM\...\{B2D328BE-45AD-4D92-96F9-2151490A203E}) (Version: 1.3.0 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{85991ED2-010C-4930-96FA-52F43C2CE98A}) (Version: 3.1.0.62 - Apple Inc.)
    Apple Software Update (HKLM\...\{C41300B9-185D-475E-BFEC-39EF732F19B1}) (Version: 2.1.2.120 - Apple Inc.)
    AVG 2011 (Version: 10.0.426 - AVG Technologies) Hidden
    AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5315 - AVG Technologies)
    AVG 2015 (Version: 15.0.4235 - AVG Technologies) Hidden
    AVG 2015 (Version: 15.0.5315 - AVG Technologies) Hidden
    Bing Bar (HKLM\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
    Bonjour (HKLM\...\{0CB9668D-F979-4F31-B8B8-67FE90F929F8}) (Version: 2.0.2.0 - Apple Inc.)
    Broadcom 440x 10/100 Integrated Controller (HKLM\...\{9C9D0F85-5658-4A5E-95A9-65F7DB2916EE}) (Version: 8.03.06 - Broadcom Corporation)
    Cisco Connect (HKLM\...\Cisco Connect) (Version: 1.3.11006.1 - Cisco Consumer Products LLC)
    Conexant HDA D110 MDC V.92 Modem (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3) (Version: - )
    Critical Update for Windows Media Player 11 (KB959772) (HKLM\...\KB959772_WM11) (Version: - Microsoft Corporation)
    DocProc (Version: 12.0.0.0 - Hewlett-Packard) Hidden
    Dropbox (HKU\S-1-5-21-507921405-436374069-725345543-1003\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
    File Type Assistant (HKLM\...\Trusted Software Assistant_is1) (Version: - Trusted Software) <==== ATTENTION
    Final Media Player 2011 (HKLM\...\FinalMediaPlayer_is1) (Version: - Bitberry Software) <==== ATTENTION
    High Definition Audio Driver Package - KB835221 (HKLM\...\KB835221WXP) (Version: 20040219.000000 - Microsoft Corporation)
    Intel(R) Graphics Media Accelerator Driver for Mobile (HKLM\...\{8A708DD8-A5E6-11D4-A706-000629E95E20}) (Version: 6.14.10.4609 - )
    Intel(R) PROSet/Wireless Software (HKLM\...\ProInst) (Version: 11.01.0000 - Intel Corporation)
    iTunes (HKLM\...\{7AB3A249-FB81-416B-917A-A2A10E74C503}) (Version: 9.2.0.61 - Apple Inc.)
    mCore (Version: 9.03.0000 - Intel Corporation) Hidden
    mDriver (Version: 9.03.0000 - Intel) Hidden
    mDrWiFi (Version: 9.03.0000 - Intel Corporation) Hidden
    mHlpDell (Version: 9.03.0000 - Intel) Hidden
    Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
    Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version: - )
    Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version: - )
    Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version: - )
    Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
    Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
    Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
    Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
    Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
    Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
    Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version: - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    mIWA (Version: 9.03.0000 - Intel Corporation) Hidden
    mLogView (Version: 9.03.0000 - Intel Corporation) Hidden
    mMHouse (Version: 9.03.0000 - Intel Corporation) Hidden
    Mozilla Firefox 26.0 (x86 en-US) (HKLM\...\Mozilla Firefox 26.0 (x86 en-US)) (Version: 26.0 - Mozilla)
    Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 26.0 - Mozilla)
    mPfMgr (Version: 9.03.0000 - Intel Corporation) Hidden
    mPfWiz (Version: 9.03.0000 - Intel Corporation) Hidden
    mProSafe (Version: 9.00.0000 - Intel) Hidden
    mSCfg (Version: 9.03.0000 - Intel Corporation) Hidden
    mSSO (Version: 9.03.0000 - Intel Corporation) Hidden
    MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    MSXML 6.0 Parser (Version: 6.00.3883.8 - Microsoft Corporation) Hidden
    mWlsSafe (Version: 9.00.0000 - Intel) Hidden
    mWMI (Version: 9.03.0000 - Intel Corporation) Hidden
    mZConfig (Version: 9.03.0000 - Intel Corporation) Hidden
    Nero 6 Ultra Edition (HKLM\...\Nero - Burning Rom!UninstallKey) (Version: - )
    OCR Software by I.R.I.S. 12.0 (HKLM\...\HPOCR) (Version: 12.0 - HP)
    QuickTime Alternative 1.95 (HKLM\...\QuicktimeAlt_is1) (Version: 1.9.5 - )
    SigmaTel Audio (HKLM\...\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}) (Version: 5.10.5210.0 - SigmaTel)
    Snapple Calendar (HKLM\...\com.snapple.SnappleCalendar) (Version: 1.0.0 - UNKNOWN)
    Snapple Calendar (Version: 1.0.0 - UNKNOWN) Hidden
    Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
    Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
    WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
    Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)
    Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version: - Microsoft Corporation)
    Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
    Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
    Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
    Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - )
    Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
    Yahoo! Software Update (HKLM\...\Yahoo! Software Update) (Version: - )
    Yahoo! Toolbar (HKLM\...\Yahoo! Companion) (Version: - Yahoo! Inc.)
    ==================== Custom CLSID (selected items): ==========================
    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
    CustomCLSID: HKU\S-1-5-21-507921405-436374069-725345543-1003_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Documents and Settings\user\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-507921405-436374069-725345543-1003_Classes\CLSID\{E69341A3-E6D2-4175-B60C-C9D3D6FA40F6}\localserver32 -> C:\Documents and Settings\user\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-507921405-436374069-725345543-1003_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\user\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-507921405-436374069-725345543-1003_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\user\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-507921405-436374069-725345543-1003_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\user\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-507921405-436374069-725345543-1003_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\user\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-507921405-436374069-725345543-1003_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\user\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-507921405-436374069-725345543-1003_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\user\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-507921405-436374069-725345543-1003_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\user\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-507921405-436374069-725345543-1003_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\user\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
    ==================== Restore Points =========================
    ATTENTION: System Restore is disabled.
    ==================== Hosts content: ==========================
    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
    2004-08-04 05:00 - 2004-08-04 05:00 - 00000734 ____A C:\WINDOWS\system32\Drivers\etc\hosts
    127.0.0.1 localhost
    ==================== Scheduled Tasks (whitelisted) =============

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
    Task: C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job => C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
    Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
    Task: C:\WINDOWS\Tasks\Final Media Player Update Checker.job => C:\Program Files\FinalMediaPlayer\FMPCheckForUpdates.exe
    Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe
    ==================== Loaded Modules (whitelisted) =============
    2007-02-21 10:13 - 2007-02-21 10:13 - 00118784 _____ () C:\Program Files\Intel\Wireless\Bin\IWMSPROV.DLL
    2014-10-21 19:22 - 2014-10-21 19:22 - 00750080 _____ () C:\Documents and Settings\user\Application Data\Dropbox\bin\libGLESv2.dll
    2015-01-15 08:42 - 2015-01-15 08:42 - 00043008 _____ () c:\Documents and Settings\user\Local Settings\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpjqms8_.dll
    2014-10-21 19:22 - 2014-10-21 19:22 - 00047616 _____ () C:\Documents and Settings\user\Application Data\Dropbox\bin\libEGL.dll
    2014-10-21 19:22 - 2014-10-21 19:22 - 00863744 _____ () C:\Documents and Settings\user\Application Data\Dropbox\bin\plugins\platforms\qwindows.dll
    2014-10-21 19:22 - 2014-10-21 19:22 - 00200704 _____ () C:\Documents and Settings\user\Application Data\Dropbox\bin\plugins\imageformats\qjpeg.dll
    2006-10-17 15:13 - 2006-10-17 15:13 - 01167360 _____ () C:\Program Files\Intel\Wireless\Bin\acAuth.dll
    ==================== Alternate Data Streams (whitelisted) =========
    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

    ==================== Safe Mode (whitelisted) ===================
    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    ==================== EXE Association (whitelisted) =============
    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

    ==================== MSCONFIG/TASK MANAGER disabled items =========
    (Currently there is no automatic fix for this section.)

    ========================= Accounts: ==========================
    Administrator (S-1-5-21-507921405-436374069-725345543-500 - Administrator - Enabled)
    ASPNET (S-1-5-21-507921405-436374069-725345543-1004 - Limited - Enabled)
    Guest (S-1-5-21-507921405-436374069-725345543-501 - Limited - Disabled)
    HelpAssistant (S-1-5-21-507921405-436374069-725345543-1000 - Limited - Disabled)
    SUPPORT_388945a0 (S-1-5-21-507921405-436374069-725345543-1002 - Limited - Disabled)
    user (S-1-5-21-507921405-436374069-725345543-1003 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\user
    ==================== Faulty Device Manager Devices =============

    ==================== Event log errors: =========================
    Application errors:
    ==================
    Error: (01/19/2015 00:11:01 AM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong
    Error: (01/19/2015 00:05:55 AM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong
    Error: (01/19/2015 00:05:47 AM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong
    Error: (01/19/2015 00:05:46 AM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong
    Error: (01/19/2015 00:05:43 AM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong
    Error: (01/19/2015 00:05:42 AM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong
    Error: (01/19/2015 00:05:42 AM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong
    Error: (01/19/2015 00:05:41 AM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong
    Error: (01/19/2015 00:05:41 AM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong
    Error: (01/19/2015 00:05:41 AM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong

    System errors:
    =============
    Error: (12/10/2014 06:07:49 PM) (Source: 0) (EventID: 55) (User: )
    Description: C:
    Error: (12/07/2014 08:11:40 PM) (Source: DCOM) (EventID: 10010) (User: HOMEPC)
    Description: The server {C2BFE331-6739-4270-86C9-493D9A04CD38} did not register with DCOM within the required timeout.
    Error: (12/04/2014 09:49:03 PM) (Source: DCOM) (EventID: 10010) (User: HOMEPC)
    Description: The server {C2BFE331-6739-4270-86C9-493D9A04CD38} did not register with DCOM within the required timeout.

    Microsoft Office Sessions:
    =========================
    Error: (03/21/2013 11:07:36 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
    Description: 1Microsoft Office Excel12.0.6504.500112.0.6425.100093820480

    ==================== Memory info ===========================
    Processor: Intel(R) Pentium(R) M processor 1.70GHz
    Percentage of memory in use: 89%
    Total physical RAM: 503.37 MB
    Available physical RAM: 55.27 MB
    Total Pagefile: 1996.11 MB
    Available Pagefile: 1112.92 MB
    Total Virtual: 2047.88 MB
    Available Virtual: 1926.71 MB
    ==================== Drives ================================
    Drive c: () (Fixed) (Total:55.88 GB) (Free:30.97 GB) NTFS ==>[Drive with boot components (Windows XP)]
    ==================== MBR & Partition Table ==================
    ========================================================
    Disk: 0 (Size: 55.9 GB) (Disk ID: 145160C3)
    Partition 1: (Active) - (Size=55.9 GB) - (Type=07 NTFS)
    ==================== End Of Log ============================

    Users shortcut scan result (x86) Version: 19-01-2015
    Ran by user at 2015-01-19 18:39:24
    Running from C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\TQK7IEE3
    Boot Mode: Normal
    ==================== Shortcuts =============================
    (The entries could be listed to be restored or removed.)

    Shortcut: C:\Documents and Settings\All Users\Start Menu\FinalMediaPlayer.lnk -> C:\Program Files\FinalMediaPlayer\FinalMediaPlayer.exe (Bitberry Software)
    Shortcut: C:\Documents and Settings\All Users\Start Menu\Windows Update.lnk -> C:\WINDOWS\system32\wupdmgr.exe (Microsoft Corporation)
    Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader 9.lnk -> C:\WINDOWS\Installer\{AC76BA86-7AD7-1033-7B44-A95000000001}\SC_Reader.ico ()
    Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Apple Software Update.lnk -> C:\WINDOWS\Installer\{C41300B9-185D-475E-BFEC-39EF732F19B1}\AppleSoftwareUpdateIco.exe ()
    Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\I.R.I.S. OCR Registration.lnk -> C:\Program Files\HP\Digital Imaging\DocProc\regipe.exe (I.R.I.S. SA)
    Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
    Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\MSN.lnk -> C:\Program Files\MSN\MSNCoreFiles\Install\msnsusii.exe (Microsoft Corporation)
    Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\SnappleCalendar.lnk -> C:\Program Files\SnappleCalendar\SnappleCalendar.exe ()
    Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Windows Messenger.lnk -> C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
    Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Windows Movie Maker.lnk -> C:\Program Files\Movie Maker\moviemk.exe (Microsoft Corporation)
    Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime Alternative\Media Player Classic.lnk -> C:\Program Files\QuickTime Alternative\Media Player Classic\mplayerc.exe (Gabest)
    Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime Alternative\Uninstall\Uninstall QuickTime Alternative.lnk -> C:\Program Files\QuickTime Alternative\unins000.exe ()
    Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime Alternative\Help\FAQ.lnk -> C:\Program Files\QuickTime Alternative\Info\faq.htm ()
    Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Nero\Nero StartSmart.lnk -> C:\Program Files\Ahead\Nero StartSmart\NeroStartSmart.exe (Ahead Software AG)
    Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Nero\User's Guides\Nero BackItUp [English Help].lnk -> C:\Program Files\Ahead\Nero BackItUp\NeroBackItUp_eng.chm ()
    Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Nero\User's Guides\Nero Burning ROM [English Help].lnk -> C:\Program Files\Ahead\Nero\NeroBurningRom_eng.chm ()
    Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Nero\User's Guides\Nero Cover Designer [English Help].lnk -> C:\Program Files\Ahead\CoverDesigner\NeroCoverDesigner_eng.chm ()
    Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Nero\User's Guides\Nero Express [English Help].lnk -> C:\Program Files\Ahead\Nero\NeroExpress_eng.chm ()
    Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Nero\User's Guides\Nero SoundTrax [English Help].lnk -> C:\Program Files\Ahead\Nero SoundTrax\NeroSoundTrax_eng.chm ()
    Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Nero\User's Guides\Nero Wave Editor [English Help].lnk -> C:\Program Files\Ahead\Nero Wave Editor\NeroWaveEditor_eng.chm ()
    Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Nero\Nero Toolkit\Nero CD-DVD Speed.lnk -> C:\Program Files\Ahead\Nero Toolkit\CDSpeed.exe (Nero AG)
    Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Nero\Nero Toolkit\Nero DriveSpeed.lnk -> C:\Program Files\Ahead\Nero Toolkit\DriveSpeed.exe (Nero AG)
    Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Nero\Nero Toolkit\Nero InfoTool.lnk -> C:\Program Files\Ahead\Nero Toolkit\InfoTool.exe (Nero AG)
    Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Nero\Nero 6 Ultra Edition\Nero BackItUp.lnk -> C:\Program Files\Ahead\Nero BackItUp\BackItUp.exe (Ahead Software AG)
    Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Nero\Nero 6 Ultra Edition\Nero Burning ROM.lnk -> C:\Program Files\Ahead\Nero\nero.exe (Ahead Software AG)
    Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Nero\Nero 6 Ultra Edition\Nero Cover Designer.lnk -> C:\Program Files\Ahead\CoverDesigner\CoverDes.exe (Nero AG)
    Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Nero\Nero 6 Ultra Edition\Nero ImageDrive.lnk -> C:\Program Files\Ahead\ImageDrive\ImageDrive.exe (Ahead Software AG)
    Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Nero\Nero 6 Ultra Edition\Nero SoundTrax.lnk -> C:\Program Files\Ahead\Nero SoundTrax\SoundTrax.exe (Nero AG)
    Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Nero\Nero 6 Ultra Edition\Nero Wave Editor.lnk -> C:\Program Files\Ahead\Nero Wave Editor\WaveEdit.exe (Nero AG)
    Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Nero\Nero 6 Demo\Nero BackItUp.lnk -> C:\Program Files\Ahead\Nero BackItUp\BackItUp.exe (Ahead Software AG)
    Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Nero\Nero 6 Demo\Nero Burning ROM.lnk -> C:\Program Files\Ahead\Nero\nero.exe (Ahead Software AG)
    Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Nero\Nero 6 Demo\Nero Cover Designer.lnk -> C:\Program Files\Ahead\CoverDesigner\CoverDes.exe (Nero AG)
    Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Nero\Nero 6 Demo\Nero ImageDrive.lnk -> C:\Program Files\Ahead\ImageDrive\ImageDrive.exe (Ahead Software AG)
    Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Nero\Nero 6 Demo\Nero SoundTrax.lnk -> C:\Program Files\Ahead\Nero SoundTrax\SoundTrax.exe (Nero AG)
    Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Nero\Nero 6 Demo\Nero Wave Editor.lnk -> C:\Program Files\Ahead\Nero Wave Editor\WaveEdit.exe (Nero AG)
    Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
    Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\Silverlight.Configuration.exe (Microsoft Corporation)
    Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\iTunes\About iTunes.lnk -> C:\Program Files\iTunes\iTunes.Resources\en.lproj\About iTunes.rtf ()
    Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\iTunes\iTunes.lnk -> C:\WINDOWS\Installer\{7AB3A249-FB81-416B-917A-A2A10E74C503}\iTunesIco.exe ()
    Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\InstallConverter\Install_Converter.lnk -> C:\Program Files\InstallConverter\Converter.exe (No File)
    Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Games\Freecell.lnk -> C:\WINDOWS\system32\freecell.exe (Microsoft Corporation)
    Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Games\Hearts.lnk -> C:\WINDOWS\system32\mshearts.exe (Microsoft Corporation)
    Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Games\Internet Backgammon.lnk -> C:\Program Files\MSN Gaming Zone\Windows\bckgzm.exe (Microsoft Corporation)
    Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Games\Internet Checkers.lnk -> C:\Program Files\MSN Gaming Zone\Windows\chkrzm.exe (Microsoft Corporation)
    Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Games\Internet Hearts.lnk -> C:\Program Files\MSN Gaming Zone\Windows\hrtzzm.exe (Microsoft Corporation)
    Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Games\Internet Reversi.lnk -> C:\Program Files\MSN Gaming Zone\Windows\Rvsezm.exe (Microsoft Corporation)
    Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Games\Internet Spades.lnk -> C:\Program Files\MSN Gaming Zone\Windows\shvlzm.exe (Microsoft Corporation)
    Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Games\Minesweeper.lnk -> C:\WINDOWS\system32\winmine.exe (Microsoft Corporation)
    Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Games\Pinball.lnk -> C:\Program Files\Windows NT\Pinball\pinball.exe (Cinematronics)
    Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Games\Solitaire.lnk -> C:\WINDOWS\system32\sol.exe (Microsoft Corporation)
    Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Games\Spider Solitaire.lnk -> C:\WINDOWS\system32\spider.exe (Microsoft Corporation)
    Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\FinalMediaPlayer\FinalMediaPlayer.lnk -> C:\Program Files\FinalMediaPlayer\FinalMediaPlayer.exe (Bitberry Software)
    Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\FinalMediaPlayer\Uninstall.lnk -> C:\Program Files\FinalMediaPlayer\unins000.exe ()
    Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\AVG\AVG 2015.lnk -> C:\Program Files\AVG\AVG2015\avgui.exe (AVG Technologies CZ, s.r.o.)
    Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\WINDOWS\system32\Com\comexp.msc ()
    Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools\Data Sources (ODBC).lnk -> C:\WINDOWS\system32\odbcad32.exe (Microsoft Corporation)
    Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools\Microsoft .NET Framework 1.1 Configuration.lnk -> C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorcfg.msc ()
    Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools\Microsoft .NET Framework 1.1 Wizards.lnk -> C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\ConfigWizards.exe ( )
    Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Accessories\Calculator.lnk -> C:\WINDOWS\system32\calc.exe (Microsoft Corporation)
    Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Accessories\Paint.lnk -> C:\WINDOWS\system32\mspaint.exe (Microsoft Corporation)
    Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\WINDOWS\system32\mstsc.exe (Microsoft Corporation)
    Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Accessories\WordPad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
    Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Accessories\System Tools\Backup.lnk -> C:\WINDOWS\system32\ntbackup.exe (Microsoft Corporation)
    Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\WINDOWS\system32\charmap.exe (Microsoft Corporation)
    Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Accessories\System Tools\Disk Cleanup.lnk -> C:\WINDOWS\system32\cleanmgr.exe (Microsoft Corporation)
    Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Accessories\System Tools\Disk Defragmenter.lnk -> C:\WINDOWS\system32\dfrg.msc ()
    Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Accessories\System Tools\Files and Settings Transfer Wizard.lnk -> C:\WINDOWS\system32\usmt\migwiz.exe (Microsoft Corporation)
    Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Accessories\System Tools\System Information.lnk -> C:\Program Files\Common Files\Microsoft Shared\MSInfo\msinfo32.exe (Microsoft Corporation)
    Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Accessories\System Tools\System Restore.lnk -> C:\WINDOWS\system32\Restore\rstrui.exe (Microsoft Corporation)
    Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Accessories\Entertainment\Sound Recorder.lnk -> C:\WINDOWS\system32\sndrec32.exe (Microsoft Corporation)
    Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Accessories\Entertainment\Volume Control.lnk -> C:\WINDOWS\system32\sndvol32.exe (Microsoft Corporation)
    Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Accessories\Communications\HyperTerminal.lnk -> C:\Program Files\Windows NT\hypertrm.exe (Hilgraeve, Inc.)
    Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Accessories\Accessibility\Accessibility Wizard.lnk -> C:\WINDOWS\system32\accwiz.exe (Microsoft Corporation)
    Shortcut: C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
    Shortcut: C:\Documents and Settings\Default User\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\WINDOWS\system32\cmd.exe (Microsoft Corporation)
    Shortcut: C:\Documents and Settings\Default User\Start Menu\Programs\Accessories\Notepad.lnk -> C:\WINDOWS\system32\notepad.exe (Microsoft Corporation)
    Shortcut: C:\Documents and Settings\Default User\Start Menu\Programs\Accessories\Synchronize.lnk -> C:\WINDOWS\system32\mobsync.exe (Microsoft Corporation)
    Shortcut: C:\Documents and Settings\Default User\Start Menu\Programs\Accessories\Tour Windows XP.lnk -> C:\WINDOWS\system32\tourstart.exe (Microsoft Corporation)
    Shortcut: C:\Documents and Settings\Default User\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\WINDOWS\explorer.exe (Microsoft Corporation)
    Shortcut: C:\Documents and Settings\Default User\Start Menu\Programs\Accessories\Accessibility\Magnifier.lnk -> C:\WINDOWS\system32\magnify.exe (Microsoft Corporation)
    Shortcut: C:\Documents and Settings\Default User\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\WINDOWS\system32\narrator.exe (Microsoft Corporation)
    Shortcut: C:\Documents and Settings\Default User\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\WINDOWS\system32\osk.exe (Microsoft Corporation)
    Shortcut: C:\Documents and Settings\user\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
    Shortcut: C:\Documents and Settings\user\Start Menu\Programs\Outlook Express.lnk -> C:\Program Files\Outlook Express\msimn.exe (Microsoft Corporation)
    Shortcut: C:\Documents and Settings\user\Start Menu\Programs\Startup\SnappleCalendar.lnk -> C:\Program Files\SnappleCalendar\SnappleCalendar.exe ()
    Shortcut: C:\Documents and Settings\user\Start Menu\Programs\Dropbox\Uninstall Dropbox.lnk -> C:\Documents and Settings\user\Application Data\Dropbox\bin\DropboxUninstaller.exe (Dropbox, Inc.)
    Shortcut: C:\Documents and Settings\user\Start Menu\Programs\Accessories\Address Book.lnk -> C:\Program Files\Outlook Express\wab.exe (Microsoft Corporation)
    Shortcut: C:\Documents and Settings\user\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\WINDOWS\system32\cmd.exe (Microsoft Corporation)
    Shortcut: C:\Documents and Settings\user\Start Menu\Programs\Accessories\Notepad.lnk -> C:\WINDOWS\system32\notepad.exe (Microsoft Corporation)
    Shortcut: C:\Documents and Settings\user\Start Menu\Programs\Accessories\Synchronize.lnk -> C:\WINDOWS\system32\mobsync.exe (Microsoft Corporation)
    Shortcut: C:\Documents and Settings\user\Start Menu\Programs\Accessories\Tour Windows XP.lnk -> C:\WINDOWS\system32\tourstart.exe (Microsoft Corporation)
    Shortcut: C:\Documents and Settings\user\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\WINDOWS\explorer.exe (Microsoft Corporation)
    Shortcut: C:\Documents and Settings\user\Start Menu\Programs\Accessories\Accessibility\Magnifier.lnk -> C:\WINDOWS\system32\magnify.exe (Microsoft Corporation)
    Shortcut: C:\Documents and Settings\user\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\WINDOWS\system32\narrator.exe (Microsoft Corporation)
    Shortcut: C:\Documents and Settings\user\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\WINDOWS\system32\osk.exe (Microsoft Corporation)
    Shortcut: C:\Documents and Settings\user\SendTo\Dropbox.lnk -> C:\Documents and Settings\user\My Documents\Dropbox ()
    Shortcut: C:\Documents and Settings\user\My Documents\My Music\Sample Music.lnk -> C:\Documents and Settings\All Users\Documents\My Music\Sample Music ()
    Shortcut: C:\Documents and Settings\user\Desktop\Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
    Shortcut: C:\Documents and Settings\user\Desktop\MP3 Downloads\Shortcut to 01AsiaHeatoftheMoment.lnk -> C:\Documents and Settings\user\My Documents\My Music\01AsiaHeatoftheMoment.mp3 ()
    Shortcut: C:\Documents and Settings\user\Desktop\MP3 Downloads\Shortcut to 12.lnk -> C:\Documents and Settings\user\My Documents\My Music\12.mp3 ()
    Shortcut: C:\Documents and Settings\user\Desktop\MP3 Downloads\Shortcut to Estimated Prophet.lnk -> C:\Documents and Settings\user\My Documents\My Music\Estimated Prophet.mp3 ()
    Shortcut: C:\Documents and Settings\user\Desktop\MP3 Downloads\Shortcut to free_wil.lnk -> C:\Documents and Settings\user\My Documents\My Music\free_wil.mp3 ()
    Shortcut: C:\Documents and Settings\user\Desktop\MP3 Downloads\Shortcut to I'm Alright.lnk -> C:\Documents and Settings\user\My Documents\My Music\I'm Alright.mp3 ()
    Shortcut: C:\Documents and Settings\user\Desktop\MP3 Downloads\Shortcut to IsayaLittlePrayer.lnk -> C:\Documents and Settings\user\My Documents\My Music\IsayaLittlePrayer.mp3 ()
    Shortcut: C:\Documents and Settings\user\Desktop\MP3 Downloads\Shortcut to It Keeps You Runnin.lnk -> C:\Documents and Settings\user\My Documents\My Music\It Keeps You Runnin.mp3 ()
    Shortcut: C:\Documents and Settings\user\Desktop\MP3 Downloads\Shortcut to Jefferson Starship - Find Your Way Back.lnk -> C:\Documents and Settings\user\My Documents\My Music\Jefferson Starship - Find Your Way Back.mp3 ()
    Shortcut: C:\Documents and Settings\user\Desktop\MP3 Downloads\Shortcut to Kinks_-_Sunny_Afternoon.lnk -> C:\Documents and Settings\user\My Documents\My Music\Kinks_-_Sunny_Afternoon.mp3 ()
    Shortcut: C:\Documents and Settings\user\Desktop\MP3 Downloads\Shortcut to overkill.lnk -> C:\Documents and Settings\user\My Documents\My Music\overkill.mp3 ()
    Shortcut: C:\Documents and Settings\user\Desktop\MP3 Downloads\Shortcut to Saturday In The Park.lnk -> C:\Documents and Settings\user\My Documents\My Music\Saturday In The Park.mp3 ()
    Shortcut: C:\Documents and Settings\user\Desktop\MP3 Downloads\Shortcut to Stevie Nicks & Don Henley - Leather And Lace.lnk -> C:\Documents and Settings\user\My Documents\My Music\Stevie Nicks & Don Henley - Leather And Lace.mp3 ()
    Shortcut: C:\Documents and Settings\user\Desktop\MP3 Downloads\Shortcut to Still you turn me on-ELP.lnk -> C:\Documents and Settings\user\My Documents\My Music\Still you turn me on-ELP.mp3 ()
    Shortcut: C:\Documents and Settings\user\Desktop\MP3 Downloads\Shortcut to Takin it to the streets.lnk -> C:\Documents and Settings\user\My Documents\My Music\Takin it to the streets.mp3 ()
    Shortcut: C:\Documents and Settings\user\Desktop\MP3 Downloads\Shortcut to The Rolling Stones - 03 - Wild Horses.lnk -> C:\Documents and Settings\user\My Documents\My Music\The Rolling Stones - 03 - Wild Horses.mp3 ()
    Shortcut: C:\Documents and Settings\user\Desktop\MP3 Downloads\Shortcut to time.lnk -> C:\Documents and Settings\user\My Documents\My Music\time.mp3 ()
    Shortcut: C:\Documents and Settings\user\Desktop\MP3 Downloads\Shortcut to Toto- Rosanna.lnk -> C:\Documents and Settings\user\My Documents\My Music\Toto- Rosanna.mp3 ()
    Shortcut: C:\Documents and Settings\user\Desktop\MP3 Downloads\Shortcut to Track 12.lnk -> C:\Documents and Settings\user\My Documents\My Music\Track 12.mp3 ()
    Shortcut: C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\FinalMediaPlayer.lnk -> C:\Program Files\FinalMediaPlayer\FinalMediaPlayer.exe (Bitberry Software)
    Shortcut: C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
    Shortcut: C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)


    ShortcutWithArgument: C:\Documents and Settings\All Users\Start Menu\Set Program Access and Defaults.lnk -> C:\WINDOWS\system32\control.exe (Microsoft Corporation) -> appwiz.cpl,,3
    ShortcutWithArgument: C:\Documents and Settings\All Users\Start Menu\Programs\Cisco Connect.lnk -> C:\Program Files\Cisco Systems\Cisco Connect\Cisco Connect.exe (Cisco Consumer Products LLC) ->
    ShortcutWithArgument: C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime Alternative\Configuration\QuickTime.lnk -> C:\WINDOWS\system32\control.exe (Microsoft Corporation) -> "C:\Program Files\QuickTime Alternative\QTSystem\quicktime.cpl"
    ShortcutWithArgument: C:\Documents and Settings\All Users\Start Menu\Programs\Nero\Nero 6 Ultra Edition\Nero Express.lnk -> C:\Program Files\Ahead\Nero\nero.exe (Ahead Software AG) -> /w
    ShortcutWithArgument: C:\Documents and Settings\All Users\Start Menu\Programs\Nero\Nero 6 Demo\Nero Express.lnk -> C:\Program Files\Ahead\Nero\nero.exe (Ahead Software AG) -> /w
    ShortcutWithArgument: C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox\Mozilla Firefox (Safe Mode).lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> -safe-mode
    ShortcutWithArgument: C:\Documents and Settings\All Users\Start Menu\Programs\Intel PROSet Wireless\Intel PROSet Wireless.lnk -> C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe (Intel Corporation) -> /af Intel PROSet/Wireless
    ShortcutWithArgument: C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\WINDOWS\system32\compmgmt.msc () -> /s
    ShortcutWithArgument: C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\WINDOWS\system32\eventvwr.msc () -> /s
    ShortcutWithArgument: C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools\Local Security Policy.lnk -> C:\WINDOWS\system32\secpol.msc () -> /s
    ShortcutWithArgument: C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools\Performance.lnk -> C:\WINDOWS\system32\perfmon.msc () -> /s
    ShortcutWithArgument: C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools\Services.lnk -> C:\WINDOWS\system32\services.msc () -> /s
    ShortcutWithArgument: C:\Documents and Settings\All Users\Start Menu\Programs\Accessories\Scanner and Camera Wizard.lnk -> C:\WINDOWS\system32\wiaacmgr.exe (Microsoft Corporation) -> -SelectDevice
    ShortcutWithArgument: C:\Documents and Settings\All Users\Start Menu\Programs\Accessories\System Tools\Scheduled Tasks.lnk -> C:\WINDOWS\explorer.exe (Microsoft Corporation) -> ::{20D04FE0-3AEA-1069-A2D8-08002B30309D}\::{21EC2020-3AEA-1069-A2DD-08002B30309D}\::{D6277990-4C6A-11CF-8D87-00AA0060F5BF}
    ShortcutWithArgument: C:\Documents and Settings\All Users\Start Menu\Programs\Accessories\Communications\Network Connections.lnk -> C:\WINDOWS\explorer.exe (Microsoft Corporation) -> ::{20D04FE0-3AEA-1069-A2D8-08002B30309D}\::{21EC2020-3AEA-1069-A2DD-08002B30309D}\::{7007acc7-3202-11d1-aad2-00805fc1270e}
    ShortcutWithArgument: C:\Documents and Settings\All Users\Start Menu\Programs\Accessories\Communications\Network Setup Wizard.lnk -> C:\WINDOWS\system32\rundll32.exe (Microsoft Corporation) -> hnetwiz.dll,HomeNetWizardRunDll
    ShortcutWithArgument: C:\Documents and Settings\All Users\Start Menu\Programs\Accessories\Communications\New Connection Wizard.lnk -> C:\WINDOWS\system32\rundll32.exe (Microsoft Corporation) -> netshell.dll,StartNCW
    ShortcutWithArgument: C:\Documents and Settings\All Users\Start Menu\Programs\Accessories\Communications\Wireless Network Setup Wizard.lnk -> C:\WINDOWS\system32\rundll32.exe (Microsoft Corporation) -> shell32.dll,Control_RunDLL NetSetup.cpl,@0,WNSW
    ShortcutWithArgument: C:\Documents and Settings\Default User\Start Menu\Programs\Remote Assistance.lnk -> C:\WINDOWS\system32\rcimlby.exe (Microsoft Corporation) -> -LaunchRA
    ShortcutWithArgument: C:\Documents and Settings\Default User\Start Menu\Programs\Windows Media Player.lnk -> C:\Program Files\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
    ShortcutWithArgument: C:\Documents and Settings\Default User\Start Menu\Programs\Accessories\Entertainment\Windows Media Player.lnk -> C:\Program Files\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
    ShortcutWithArgument: C:\Documents and Settings\Default User\Start Menu\Programs\Accessories\Accessibility\Utility Manager.lnk -> C:\WINDOWS\system32\utilman.exe (Microsoft Corporation) -> /start
    ShortcutWithArgument: C:\Documents and Settings\user\Start Menu\Programs\Remote Assistance.lnk -> C:\WINDOWS\system32\rcimlby.exe (Microsoft Corporation) -> -LaunchRA
    ShortcutWithArgument: C:\Documents and Settings\user\Start Menu\Programs\Windows Media Player.lnk -> C:\Program Files\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
    ShortcutWithArgument: C:\Documents and Settings\user\Start Menu\Programs\Startup\Dropbox.lnk -> C:\Documents and Settings\user\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) -> /systemstartup
    ShortcutWithArgument: C:\Documents and Settings\user\Start Menu\Programs\Dropbox\Dropbox.lnk -> C:\Documents and Settings\user\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) -> /home
    ShortcutWithArgument: C:\Documents and Settings\user\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -extoff
    ShortcutWithArgument: C:\Documents and Settings\user\Start Menu\Programs\Accessories\Accessibility\Utility Manager.lnk -> C:\WINDOWS\system32\utilman.exe (Microsoft Corporation) -> /start
    ShortcutWithArgument: C:\Documents and Settings\user\Desktop\Dropbox.lnk -> C:\Documents and Settings\user\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) -> /home
    ShortcutWithArgument: C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk -> C:\Program Files\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1

    InternetURL: C:\Documents and Settings\user\Start Menu\Programs\Dropbox\Dropbox Website.URL -> hxxp://www.dropbox.com
    InternetURL: C:\Documents and Settings\user\Favorites\(0 unread) att.net Mail, [email protected] -> hxxp://us.mg201.mail.yahoo.com/dc/launch?.partner=sbc&.gx=1&.rand=4spdn8ktct4o5
    InternetURL: C:\Documents and Settings\user\Favorites\Account Executive (765384) for AlphaGraphics New Haven.url -> hxxp://www.jobhost.org/jobs/viewjob/account-executive-765384-6807050f9bda6629?source=indeed&medium=sponsored
    InternetURL: C:\Documents and Settings\user\Favorites\Adhesives Research's Job Opportunities.url -> hxxp://www.adhesivesresearch.com/Careers/JobListings.aspx
    InternetURL: C:\Documents and Settings\user\Favorites\AirMp3 FREE MP3 Downloads & Free Music Downloads.url -> hxxp://www.airmp3.me/
    InternetURL: C:\Documents and Settings\user\Favorites\AT&T U-verse - Why Switch to U-verse - Resources.url -> hxxp://www.att.com/u-verse/explore/uverse-difference.jsp?wtSlotClick=1-003JE2-0-1&wtSlotClick=1-003I43-0-1
    InternetURL: C:\Documents and Settings\user\Favorites\AT&T U-verse Choice Bundles.url -> hxxp://www.att.com/u-verse/promotional-bundles/index.jsp
    InternetURL: C:\Documents and Settings\user\Favorites\Beacon Consultants Group, LLC Home.url -> hxxp://www.beacon-consults.com/
    InternetURL: C:\Documents and Settings\user\Favorites\Belize Vacations - Belize Vacation Planner.url -> hxxp://www.belize.com/belize-vacation
    InternetURL: C:\Documents and Settings\user\Favorites\Beverly Tank WhitePages.url -> hxxp://www.whitepages.com/name/Beverly-Tank/
    InternetURL: C:\Documents and Settings\user\Favorites\Bing.url -> hxxp://g.msn.com/1me10IE8ENUS02/401
    InternetURL: C:\Documents and Settings\user\Favorites\Bonding Tape, Surface Protection Tape & Splicing Tape - Specialty Tapes - Specialty Tapes.url -> hxxp://www.specialtytapes.net/index.php
    InternetURL: C:\Documents and Settings\user\Favorites\Boost slower Windows XP clients by adjusting the Performance Options dialog box TechRepublic.url -> hxxp://www.techrepublic.com/article/boost-slower-windows-xp-clients-by-adjusting-the-performance-options-dialog-box/5032840
    InternetURL: C:\Documents and Settings\user\Favorites\Business Development, Sales Territory Manager Job in Hartford, Connecticut US.url -> hxxp://jobview.monster.com/Business-Development-Sales-Territory-Manager-Job-Hartford-CT-97437724.aspx
    InternetURL: C:\Documents and Settings\user\Favorites\Candidate Services Candidates Banking & Finance Recruiters, Energy Jobs The Lewis Group.url -> hxxp://www.lewgrp.com/refresh/templates/candidates.php?id=4
    InternetURL: C:\Documents and Settings\user\Favorites\careerbuilder.com-JobSeeker-Jobs-JobDetails.aspxIPath=QHKCVGV6M&ff=21&APath=2.21.21.0.0&job_did=J8B1446Q7Q6R1WXW43N.url -> hxxp://www.careerbuilder.com/JobSeeker/Jobs/JobDetails.aspx?IPath=QHKCVGV6M&ff=21&APath=2.21.21.0.0&job_did=J8B1446Q7Q6R1WXW43N
    InternetURL: C:\Documents and Settings\user\Favorites\careerbuilder.com-JobSeeker-Jobs-JobDetails.aspxIPath=QHKCVGV9Y&ff=21&APath=2.21.21.0.0&job_did=J3H5RT60BCSCM8XZPR0.url -> hxxp://www.careerbuilder.com/JobSeeker/Jobs/JobDetails.aspx?IPath=QHKCVGV9Y&ff=21&APath=2.21.21.0.0&job_did=J3H5RT60BCSCM8XZPR0
    InternetURL: C:\Documents and Settings\user\Favorites\Conformal coating market growing for electronics.url -> hxxp://www.eetimes.com/electronics-news/4080224/Conformal-coating-market-growing-for-electronics
    InternetURL: C:\Documents and Settings\user\Favorites\Conformal Coatings in the Global Electronics Industry Industry Research Report.url -> hxxp://www.mindbranch.com/Conformal-Coatings-Global-R2-1398/
    InternetURL: C:\Documents and Settings\user\Favorites\Contact Us Hobson Associates.url -> hxxp://www.hobsonassoc.com/contact
    InternetURL: C:\Documents and Settings\user\Favorites\Diabetes - type 1.url -> hxxp://adam.about.com/reports/Diabetes-type-1.htm
    InternetURL: C:\Documents and Settings\user\Favorites\Discover Bing.url -> hxxp://g.msn.com/1me10IE8ENUS02/402
    InternetURL: C:\Documents and Settings\user\Favorites\District Sales Manager Job in Hartford, Connecticut US.url -> hxxp://jobview.monster.com/District-Sales-Manager-Job-Hartford-CT-97216104.aspx
    InternetURL: C:\Documents and Settings\user\Favorites\Division Sales and Marketing Manager Job in New Britain 06051, Connecticut US.url -> hxxp://jobview.monster.com/Division-Sales-Marketing-Manager-Job-New-Britain-CT-97736562.aspx
    InternetURL: C:\Documents and Settings\user\Favorites\Division Sales Manager - Connecticut - 11-6652 Job in Hartford 06107, Connecticut US.url -> hxxp://jobview.monster.com/Division-Sales-Manager-Connecticut-11-6652-Job-Hartford-CT-97602574.aspx
    InternetURL: C:\Documents and Settings\user\Favorites\Don’t Apply Without a Cover Letter.url -> hxxp://www.careerbuilder.com/Article/CB-779-Resumes-Cover-Letters-Don%e2%80%99t-Apply-Without-a-Cover-Letter/
    InternetURL: C:\Documents and Settings\user\Favorites\DYMAX Corporation - Career Opportunities.url -> hxxp://www.dymax.com/employment/index.php
    InternetURL: C:\Documents and Settings\user\Favorites\Equifax Personal Solutions Credit Reports, Credit Scores, Protection Against Identity Theft and more.url -> https://www.econsumer.equifax.com/otc/verifyAuthentication.ehtml
    InternetURL: C:\Documents and Settings\user\Favorites\Excel Tutorial.url -> hxxp://people.usd.edu/~bwjames/tut/excel/index.html
    InternetURL: C:\Documents and Settings\user\Favorites\Find Jobs - 1340 - Sales Executive Northeast Jobs in Hartford, Connecticut - VHA Inc..url -> hxxp://www.careerbuilder.com/JobSeeker/Jobs/JobDetails.aspx?IPath=QHKCV0D&ff=21&APath=2.21.0.0.0&job_did=J8D41Q6MZHT6RMGSPHM
    InternetURL: C:\Documents and Settings\user\Favorites\Find Jobs - Major Accounts Sales Representative Job Jobs in Milford, Connecticut - ADP - Automatic Data Processing.url -> hxxp://www.careerbuilder.com/JobSeeker/Jobs/JobDetails.aspx?IPath=QHKCVGV9Y&ff=21&APath=2.21.21.0.0&job_did=J3H5RT60BCSCM8XZPR0
    InternetURL: C:\Documents and Settings\user\Favorites\Find Jobs - Manager, International Operations Jobs in Stamford, Connecticut - World Wrestling Entertainment.url -> 0
    InternetURL: C:\Documents and Settings\user\Favorites\Find Jobs - Medical Device Sales- Hartford, CT Jobs in Hartford, Connecticut - CCS Medical.url -> hxxp://www.careerbuilder.com/JobSeeker/Jobs/JobDetails.aspx?IPath=QHKCVGV6M&ff=21&APath=2.21.21.0.0&job_did=J8B1446Q7Q6R1WXW43N
    InternetURL: C:\Documents and Settings\user\Favorites\Find Jobs - Ms Bus Sales Consultant 1 Jobs in WOODBRIDGE, Connecticut - Wells Fargo.url -> hxxp://www.careerbuilder.com/JobSeeker/Jobs/JobDetails.aspx?IPath=QHKCVGV7D&ff=21&APath=2.21.21.0.0&job_did=J3H70J6SJP54YQHXW2S
    InternetURL: C:\Documents and Settings\user\Favorites\Find Jobs - Outside Sales Representative - Middletown-New Haven, CT Jobs in Cromwell, Connecticut - PrimePay.url -> hxxp://www.careerbuilder.com/JobSeeker/Jobs/JobDetails.aspx?IPath=QHKCVGV6O&ff=21&APath=2.21.21.0.0&job_did=J8D7LF63X80TY9MC03M
    InternetURL: C:\Documents and Settings\user\Favorites\Find Jobs - Product Manager Jobs in Branford, Connecticut - Brady Corporation.url -> hxxp://www.careerbuilder.com/JobSeeker/Jobs/JobDetails.aspx?IPath=QHKCVGV&ff=21&APath=2.21.21.0.0&job_did=J3F3J078K57C5VFHZP9
    InternetURL: C:\Documents and Settings\user\Favorites\Find Jobs - STG Industry Marketing Manager Jobs in Somers, Connecticut - IBM USA.url -> hxxp://www.careerbuilder.com/JobSeeker/Jobs/JobDetails.aspx?IPath=QHKCVGV&ff=21&APath=2.21.21.0.0&job_did=J3I4DR6114PWB25H133
    InternetURL: C:\Documents and Settings\user\Favorites\Find Jobs - Strategic Account Executive-Wallingford, Connecticut Jobs in Wallingford, Connecticut - Quest Diagnostics.url -> hxxp://www.careerbuilder.com/JobSeeker/Jobs/JobDetails.aspx?IPath=QHKCVGV1D&ff=21&APath=2.21.21.0.0&job_did=J3F6BZ6287L54R6ZCTF
    InternetURL: C:\Documents and Settings\user\Favorites\Find Jobs - Territory Sales Representative Jobs in Hartford, Connecticut - NuCO2.url -> hxxp://www.careerbuilder.com/JobSeeker/Jobs/JobDetails.aspx?IPath=QHKTCVGV2T&ff=21&APath=2.21.21.0.0&job_did=J8B5QP61S1B90XRD066
    InternetURL: C:\Documents and Settings\user\Favorites\Fix Squeaky Floor How to Repair Squeaky Floors SqueakyFloor.com.url -> hxxp://www.squeakyfloor.com/
    InternetURL: C:\Documents and Settings\user\Favorites\Fix Squeaky Floors - Repair Carpeted, Hardwood, Subfloor, and Stair Squeaks.url -> hxxp://www.mysqueakyfloors.com/store/index.php?&mktsrc=squeakyfloor
    InternetURL: C:\Documents and Settings\user\Favorites\FloorsNow!-Floors Now Outlet-Discount Carpet-Hardwood-Wood Flooring-Newington CT 06111.url -> hxxp://floorsnowoutlet.com/index.htm
    InternetURL: C:\Documents and Settings\user\Favorites\Henkel North America - Job Openings.url -> hxxp://www.henkelna.com/careers/job-openings-5685.htm
    InternetURL: C:\Documents and Settings\user\Favorites\Highland Group Search.url -> hxxp://highlandgroupsearch.com/candidate_services.htm
    InternetURL: C:\Documents and Settings\user\Favorites\Hobson Associates Executive Search & Recruiting.url -> hxxp://www.hobsonassoc.com/
    InternetURL: C:\Documents and Settings\user\Favorites\home.eease.com-recruit2-id=572311&t=1.url -> https://home.eease.com/recruit2/?id=572311&t=1
    InternetURL: C:\Documents and Settings\user\Favorites\How to Include a Cover Letter When Applying for Jobs Online eHow.com.url -> hxxp://www.ehow.com/how_2209104_include-cover-letter-applying-jobs.html
    InternetURL: C:\Documents and Settings\user\Favorites\How to Quit Eight Former Smokers Show the Way - 1 - MSN Health & Fitness - AddictionQuit Smoking Slide Show.url -> hxxp://health.msn.com/health-topics/quit-smoking/slideshow.aspx?cp-documentid=100266656&gt1=31036
    InternetURL: C:\Documents and Settings\user\Favorites\http--www.courant.com-.url -> hxxp://www.courant.com/
    InternetURL: C:\Documents and Settings\user\Favorites\http--www.ct.gov-dmv-lib-dmv-20-29-j23.pdf.url -> hxxp://www.ct.gov/dmv/lib/dmv/20/29/j23.pdf
    InternetURL: C:\Documents and Settings\user\Favorites\http--www.myflexpen.com-ROI=S.url -> hxxp://www.myflexpen.com/?ROI=S
    InternetURL: C:\Documents and Settings\user\Favorites\http--www.smiths-medical.com-Upload-products-product_relateddocs-diabetes-prepump-Insulin_to_Carb_p14.pdf.url -> hxxp://www.smiths-medical.com/Upload/products/product_relateddocs/diabetes/prepump/Insulin_to_Carb_p14.pdf
    InternetURL: C:\Documents and Settings\user\Favorites\Injection molded medical product market to grow at 4.4 % to reach 350,000 tons by 2012.url -> hxxp://www.plastemart.com/Plastic-Technical-Article.asp?LiteratureID=1542&Paper=injection-molded-medical-product-market-to-grow-%20injection-molded-medical-product-devices-disposable
    InternetURL: C:\Documents and Settings\user\Favorites\Inside Sales Support Manager Job in Norwalk 06851, Connecticut US.url -> hxxp://jobview.monster.com/Inside-Sales-Support-Manager-Job-Norwalk-CT-97019659.aspx
    InternetURL: C:\Documents and Settings\user\Favorites\Job Description - Product Manager (P0341703122011).url -> https://brady.taleo.net/careersection/brady+external/jobdetail.ftl?job=20160
    InternetURL: C:\Documents and Settings\user\Favorites\Job Seeker Portal- Chemtura.url -> https://chemtura.tms.hrdepartment.com/cgi-bin/a/searchjobs_quick.cgi
    InternetURL: C:\Documents and Settings\user\Favorites\Jobs Stanley Black & Decker.url -> hxxp://www.stanleyblackanddecker.com/jobs
    InternetURL: C:\Documents and Settings\user\Favorites\jobview.monster.com-Inside-Sales-Support-Manager-Job-Norwalk-CT-97019659.aspx.url -> hxxp://jobview.monster.com/Inside-Sales-Support-Manager-Job-Norwalk-CT-97019659.aspx
    InternetURL: C:\Documents and Settings\user\Favorites\Leather and Vinyl Dye Recoloring Kit by Leather World -.url -> hxxp://www.leatherworldtech.com/Products/LeatherVinyl--Recoloring-Kit__LVRCK.aspx?Choice1=6938&choice2=Ivory
    InternetURL: C:\Documents and Settings\user\Favorites\M&C Specialties.url -> hxxp://www.mcspecialties.com/index
    InternetURL: C:\Documents and Settings\user\Favorites\Maui Jim Sunglasses - Full Frame Metal.url -> hxxp://www.mauijim.com/webapp/wcs/stores/servlet/CategoryDisplay?storeId=10001&langId=-1&catalogId=11601&categoryId=17602
    InternetURL: C:\Documents and Settings\user\Favorites\MP3 Music Downloads - Buy MP3 Music Online - Digital Music Downloads.url -> hxxp://www.mp3.com/
    InternetURL: C:\Documents and Settings\user\Favorites\Mp3Raid.com - Free Mp3 Downloads, Free Music Downloads.url -> hxxp://www.mp3raid.com/
    InternetURL: C:\Documents and Settings\user\Favorites\MSN Careers - How to navigate the unstable job market - Career Advice Article.url -> hxxp://msn.careerbuilder.com/Article/MSN-2731-Job-Search-How-to-navigate-the-unstable-job-market/?SiteId=cbmsnhp42731&sc_extcmp=JS_2731_home&gt1=23000
    InternetURL: C:\Documents and Settings\user\Favorites\MSN.com.url -> hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=IStart
    InternetURL: C:\Documents and Settings\user\Favorites\Music Download Sites - The Best Sites for Music Downloads - Songs to Download.url -> hxxp://www.reviewmusicdownloads.com/
    InternetURL: C:\Documents and Settings\user\Favorites\New App Transfers Contacts And More From BlackBerry to iPhone.url -> hxxp://www.prweb.com/releases/2011/10/prweb8858577.htm
    InternetURL: C:\Documents and Settings\user\Favorites\Order confirmation at ProForm.com.url -> https://www.proform.com/webapp/wcs/...T7jXIHu2RCXqKCvg==&ddkey=hxxp:CategoryDisplay
    InternetURL: C:\Documents and Settings\user\Favorites\Outside Sales Executive Job in Windsor 06095, Connecticut US.url -> hxxp://jobview.monster.com/Outside-Sales-Executive-Job-Windsor-CT-96666381.aspx
    InternetURL: C:\Documents and Settings\user\Favorites\Pioneers in Talent Management and Career Management - Right Management.url -> hxxp://www.right.com/about-us/default.aspx
    InternetURL: C:\Documents and Settings\user\Favorites\Plastic Surgery Sales Representative - New Haven, CT - Mentor Worldwide LLC Job in New Haven, Connecticut US.url -> hxxp://jobview.monster.com/Plastic-Surgery-Sales-Representative-New-Haven-CT-Mentor-Worldwide-LLC-Job-New-Haven-CT-110479413.aspx
    InternetURL: C:\Documents and Settings\user\Favorites\Radio Station Guide.url -> hxxp://www.microsoft.com/isapi/redir.dll?prd=windows&sbp=mediaplayer&plcid=&pver=6.1&os=&over=&olcid=&clcid=&ar=Media&sba=RadioBar&o1=&o2=&o3=
    InternetURL: C:\Documents and Settings\user\Favorites\Recruit Wizard- Adhesives Research position.url -> https://home.eease.com/recruit2/?id=563330&t=1
    InternetURL: C:\Documents and Settings\user\Favorites\Recruit Wizard.url -> https://home.eease.com/recruit2/?id=572311&t=1
    InternetURL: C:\Documents and Settings\user\Favorites\recruiter Gerry Sorge, CPC, CSP Hobson Associates.url -> hxxp://www.hobsonassoc.com/recruiters/detail/gerry_sorge_cpc
    InternetURL: C:\Documents and Settings\user\Favorites\Recruiter Specialist - Sales and Marketing, Jobs.url -> hxxp://www.centraljobs.com/sales-and-marketing-jobs/
    InternetURL: C:\Documents and Settings\user\Favorites\Recruiting Firm – Executive Search Firm – Recruiting – PA Jobs – Philadelphia – PA – NJ – Right Recruiting.url -> hxxp://rightrecruiting.com/ourcompany.html
    InternetURL: C:\Documents and Settings\user\Favorites\Regional Sales Manager - Eastern US Job in New Haven, Connecticut US.url -> hxxp://jobview.monster.com/Regional-Sales-Manager-Eastern-US-Job-New-Haven-CT-94612875.aspx
    InternetURL: C:\Documents and Settings\user\Favorites\Regional Sales Manager- NorthEast Job in Cheshire , Connecticut US.url -> hxxp://jobview.monster.com/Regional-Sales-Manager-NorthEast-Job-Cheshire-CT-96123830.aspx
    InternetURL: C:\Documents and Settings\user\Favorites\Sales Executive Job in Shelton, Connecticut US.url -> hxxp://jobview.monster.com/Sales-Executive-Job-Shelton-CT-97699068.aspx
    InternetURL: C:\Documents and Settings\user\Favorites\SalesJobs.com.url -> hxxp://www.salesjobs.com/findajob/index.asp?keywords=&location=ct&industry=15&action=jobSearchResults&search.x=41&search.y=9
    InternetURL: C:\Documents and Settings\user\Favorites\scout.com The Boneyard Men's Hoop Board.url -> hxxp://mbd.scout.com/mb.aspx?s=342&f=2871
    InternetURL: C:\Documents and Settings\user\Favorites\Suppliers Directory MassMEDIC.url -> hxxp://www.massmedic.com/directory/
    InternetURL: C:\Documents and Settings\user\Favorites\Thank You - AT&T U-verse - Digital TV, High Speed Internet & Phone.url -> https://www.att.com/u-verse/checkout/thanks.jsp?_requestid=2219622
    InternetURL: C:\Documents and Settings\user\Favorites\Ticketmaster Confirmation.url -> https://www.ticketmaster.com/checko...UIYpZFFGSQuP6RbKAISBB_RjSsmfoGIomXtLfK_LJhUJA
    InternetURL: C:\Documents and Settings\user\Favorites\UConn Men's Basketball The Boneyard.url -> hxxp://the-boneyard.com/forums/uconn-mens-basketball.3/
    InternetURL: C:\Documents and Settings\user\Favorites\Understanding Non-Compete Agreements - Job-Hunt.org.url -> hxxp://www.job-hunt.org/onlinejobsearchguide/article_noncompete_agreements.shtml
    InternetURL: C:\Documents and Settings\user\Favorites\UV-Visible Light Curing Adhesives, Light Curing Systems, and Dispensing Equipment.url -> hxxp://www.dymax.com/
    InternetURL: C:\Documents and Settings\user\Favorites\Welcome to Kanzaki Specialty Papers North America Office.url -> hxxp://www.kanzakiusa.com/about.html
    InternetURL: C:\Documents and Settings\user\Favorites\MSN Websites\MSN Autos.url -> hxxp://g.msn.com/1me10IE8ENUS02/405
    InternetURL: C:\Documents and Settings\user\Favorites\MSN Websites\MSN Entertainment.url -> hxxp://g.msn.com/1me10IE8ENUS02/406
    InternetURL: C:\Documents and Settings\user\Favorites\MSN Websites\MSN Lifestyle.url -> hxxp://g.msn.com/1me10IE8ENUS02/407
    InternetURL: C:\Documents and Settings\user\Favorites\MSN Websites\MSN Money.url -> hxxp://g.msn.com/1me10IE8ENUS02/408
    InternetURL: C:\Documents and Settings\user\Favorites\MSN Websites\MSN.url -> hxxp://g.msn.com/1me10IE8ENUS02/403
    InternetURL: C:\Documents and Settings\user\Favorites\MSN Websites\MSNBC News.url -> hxxp://g.msn.com/1me10IE8ENUS02/404
    InternetURL: C:\Documents and Settings\user\Favorites\Microsoft Websites\IE Add-on site.url -> hxxp://go.microsoft.com/fwlink/?LinkId=50893
    InternetURL: C:\Documents and Settings\user\Favorites\Microsoft Websites\IE site on Microsoft.com.url -> hxxp://go.microsoft.com/fwlink/?linkid=44661
    InternetURL: C:\Documents and Settings\user\Favorites\Microsoft Websites\Microsoft At Home.url -> hxxp://go.microsoft.com/fwlink/?linkid=55424
    InternetURL: C:\Documents and Settings\user\Favorites\Microsoft Websites\Microsoft At Work.url -> hxxp://go.microsoft.com/fwlink/?linkid=68920
    InternetURL: C:\Documents and Settings\user\Favorites\Microsoft Websites\Microsoft Showcase.url -> hxxp://g.msn.com/1me10IE8ENUS02/413
    InternetURL: C:\Documents and Settings\user\Favorites\Microsoft Websites\Microsoft Store.url -> hxxp://go.microsoft.com/fwlink/?linkid=140813
    InternetURL: C:\Documents and Settings\user\Favorites\Microsoft Websites\Microsoft.com.url -> hxxp://g.msn.com/1me10IE8ENUS02/412
    InternetURL: C:\Documents and Settings\user\Favorites\Links\Free Hotmail.url -> hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=hotmail
    InternetURL: C:\Documents and Settings\user\Favorites\Links\Suggested Sites.url -> https://ieonline.microsoft.com/#ieslice
    InternetURL: C:\Documents and Settings\user\Favorites\Links\Web Slice Gallery.url -> hxxp://go.microsoft.com/fwlink/?LinkId=121315
    InternetURL: C:\Documents and Settings\user\Desktop\ITWemployee.url -> https://www.itwemployee.com/
    InternetURL: C:\Documents and Settings\user\Desktop\[email protected] - att.net Mail.url -> hxxp://us-mg205.mail.yahoo.com/neo/launch?.partner=sbc&.rand=0v114knrfobq1
    InternetURL: C:\Documents and Settings\user\Desktop\Outlook - [email protected] -> https://bay179.mail.live.com/default.aspx?id=64855
    InternetURL: C:\Documents and Settings\user\Desktop\Received Messages LinkedIn.url -> hxxp://www.linkedin.com/inbox/messages/received?trk=hb_tab_inbox_top
    ==================== End of log =============================
     
  5. JSntgRvr

    JSntgRvr Retired Moderator and Malware Specialist

    Joined:
    Jul 1, 2003
    Messages:
    18,552
    First Name:
    José
    You must download FRST to the desktop.

    Then, download the enclosed file (see below). Save it in the same location FRST is saved. Launch FRST and click on the Fix button. The tool will produce a log, fixlog.txt, in the same location FRST is saved. Please post it in your next reply.

    [​IMG] Please download Junkware Removal Tool to your desktop.
    • Shut down your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.

    Download AdwCleaner from here. Save the file to the desktop.


    NOTE: If you are using IE 8 or above you may get a warning that stops the program from downloading. Just click on the warning and allow the download to complete.

    Close all open windows and browsers.
    • XP users: Double click the AdwCleaner icon to start the program.
    • Vista/7/8 users: Right click the AdwCleaner icon on the desktop, click Run as administrator and accept the UAC prompt to run AdwCleaner.
      You will see the following console:
    [​IMG]
    • Click the Scan button and wait for the scan to finish.
    • After the Scan has finished the window may or may not show what it found and above, in the progress bar, you will see: Pending. Please uncheck elements you don't want to remove.
    • Click the Clean button.
    • Everything checked will be deleted.
    • When the program has finished cleaning a report appears.Once done it will ask to reboot, allow this
    [​IMG]
    • On reboot a log will be produced please copy / paste that in your next reply. This report is also saved to C:\AdwCleaner\AdwCleaner[S0].txt

    [​IMG] Please download Malwarebytes' Anti-Malware from Here.

    Double Click mbam-setup-2.0..exe to install the application. (The revision number may vary.)
    • Select the language and click OK.
    • Accept the agreement
    • Make sure a checkmark is placed next to Enable the Free Trial and Launch [*]Malwarebytes' Anti-Malware, then click on finish.
    • If an update is found, it will download and install the latest version.
    • Once the program has loaded, select "Scan Now".
    • The scan may take some time to finish,so please be patient.
    • When the scan is complete, click on Quanrantee All,.
    • When disinfection is completed, a dialog will open and you may be prompted to Restart.(See Extra Note)
    • Upon restart, launch Malwarebytes Antimalware and select History.
    • Double click on the last scan done, then on Copy to Clipboard.
    • Right click on your next reply and select Paste.
    • Submit your reply.

    Extra Note:

    If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediatly.
     

    Attached Files:

  6. Jimboliah

    Jimboliah Thread Starter

    Joined:
    Jan 15, 2015
    Messages:
    10
    Hello,
    I downloaded and saved FRST to desktop. I ran scan but when trying to run fix it said "no fixlist.txt found". Here are the JRT results:

    Junkware Removal Tool (JRT) by Thisisu
    Version: 6.4.1 (12.28.2014:1)
    OS: Microsoft Windows XP x86
    Ran by user on Tue 01/20/2015 at 7:38:10.78
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


    ~~~ Services

    ~~~ Registry Values
    Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
    Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL

    ~~~ Registry Keys
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

    ~~~ Files

    ~~~ Folders


    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on Tue 01/20/2015 at 7:49:06.56
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    Here are the AdwCleaner results:

    AdwCleaner v4.108 - Report created 20/01/2015 at 21:32:52
    # Updated 17/01/2015 by Xplode
    # Database : 2015-01-18.1 [Live]
    # Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
    # Username : user - HOMEPC
    # Running from : C:\Documents and Settings\user\Desktop\adwcleaner_4.108.exe
    # Option : Clean
    ***** [ Services ] *****
    [x] Not Deleted : YahooAUService
    ***** [ Files / Folders ] *****
    Folder Deleted : C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
    Folder Deleted : C:\Documents and Settings\All Users\Start Menu\Programs\FinalMediaPlayer
    Folder Deleted : C:\Program Files\File Type Assistant
    Folder Deleted : C:\Program Files\FinalMediaPlayer
    Folder Deleted : C:\Program Files\Moozy
    Folder Deleted : C:\Documents and Settings\user\Application Data\FinalMediaPlayer
    Folder Deleted : C:\Documents and Settings\user\Application Data\HPAppData
    [!] Folder Deleted : C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
    [!] Folder Deleted : C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
    File Deleted : C:\Documents and Settings\All Users\Start Menu\FinalMediaPlayer.lnk
    File Deleted : C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\FinalMediaPlayer.lnk
    ***** [ Scheduled Tasks ] *****
    Task Deleted : Final Media Player Update Checker
    ***** [ Shortcuts ] *****

    ***** [ Registry ] *****
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8DCB7100-DF86-4384-8842-8FA844297B3F}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E38FA08E-F56A-4169-ABF5-5C71E3C153A1}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8DCB7100-DF86-4384-8842-8FA844297B3F}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E38FA08E-F56A-4169-ABF5-5C71E3C153A1}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8DCB7100-DF86-4384-8842-8FA844297B3F}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
    Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{8DCB7100-DF86-4384-8842-8FA844297B3F}]
    Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}]
    Key Deleted : HKCU\Software\AVG SafeGuard toolbar
    Key Deleted : HKCU\Software\Bitberry
    Key Deleted : HKCU\Software\Conduit
    Key Deleted : HKLM\SOFTWARE\AVG Secure Search
    Key Deleted : HKLM\SOFTWARE\AVG Security Toolbar
    Key Deleted : HKLM\SOFTWARE\Freeze.com
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FinalMediaPlayer_is1
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Trusted Software Assistant_is1
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Toolbar
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Companion
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\FinalMediaPlayer_is1
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Trusted Software Assistant_is1
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Yahoo! Companion
    ***** [ Browsers ] *****
    -\\ Internet Explorer v8.0.6001.18702

    -\\ Mozilla Firefox v26.0 (en-US)

    -\\ Google Chrome v
    [C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : jmfkcklnlgedgbglfkkgedjfmejoahla
    [C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : ndibdjnfmopecpmkdieinmbadjfpblof
    *************************
    AdwCleaner[R0].txt - [6030 octets] - [20/01/2015 21:27:14]
    AdwCleaner[S0].txt - [5892 octets] - [20/01/2015 21:32:52]
    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5952 octets] ##########


    MBAM results with next post.

    Thank you so much for your help!!
     
  7. JSntgRvr

    JSntgRvr Retired Moderator and Malware Specialist

    Joined:
    Jul 1, 2003
    Messages:
    18,552
    First Name:
    José
    Both, the fixlist.txt that appear as an attachment, and FRST must be saved in the same location. In your case, if you moved FRST to the desktop, then make sure the fixlist.txt is downloaded or placed on the desktop.
     
  8. Jimboliah

    Jimboliah Thread Starter

    Joined:
    Jan 15, 2015
    Messages:
    10
    Sorry I finally saw the fixlist.txt file you attached, but after download and scan I hit fix and it said "fixing...please be patient"...but kept clocking and was unresponsive for long time.

    Here is my scan results from MBAM:

    alwarebytes Anti-Malware
    www.malwarebytes.org
    Scan Date: 1/21/2015
    Scan Time: 7:38:49 AM
    Logfile: MBAM scan.txt
    Administrator: Yes
    Version: 0.00.0.0000
    Malware Database: v2015.01.21.06
    Rootkit Database: v2015.01.14.01
    License: Trial
    Malware Protection: Enabled
    Malicious Website Protection: Enabled
    Self-protection: Disabled
    OS: Windows XP Service Pack 3
    CPU: x86
    File System: NTFS
    User: user
    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 363515
    Time Elapsed: 2 hr, 45 min, 59 sec
    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Disabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled
    Processes: 0
    (No malicious items detected)
    Modules: 0
    (No malicious items detected)
    Registry Keys: 0
    (No malicious items detected)
    Registry Values: 0
    (No malicious items detected)
    Registry Data: 0
    (No malicious items detected)
    Folders: 0
    (No malicious items detected)
    Files: 0
    (No malicious items detected)
    Physical Sectors: 0
    (No malicious items detected)

    (end)
     
  9. JSntgRvr

    JSntgRvr Retired Moderator and Malware Specialist

    Joined:
    Jul 1, 2003
    Messages:
    18,552
    First Name:
    José
    Please allow FRST to update to the latest version and try again.

    How is the computer doing?
     
  10. Jimboliah

    Jimboliah Thread Starter

    Joined:
    Jan 15, 2015
    Messages:
    10
    Hi there,
    So far so good, but just got another MBAM update with 4 malicious Trojan type files quarantined. Can you please tell me what to do/how to handle going forward?. Also if I will ever need to install anything else to help in the future (AVG? which seems useless).

    You have been so very helpful land I truly appreciate your guidance.

    Thanks again.
     
  11. JSntgRvr

    JSntgRvr Retired Moderator and Malware Specialist

    Joined:
    Jul 1, 2003
    Messages:
    18,552
    First Name:
    José
    There are policy restrictions on AVG. We must first remove those restrictions before installing another antivirus. Have you been able to run the latest fixlist?

    Lets try Combofix.

    Please download ComboFix from Here to your Desktop.

    **Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
    -----------------------------------------------------------​
    1. Please, never rename Combofix unless instructed.
    2. Close any open browsers.
    3. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
      -----------------------------------------------------------​
      • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
      • Click on this link or this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
      -----------------------------------------------------------​
    4. Close any open browsers.
    5. WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
    6. Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
    7. If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
      • Double click on combofix.exe & follow the prompts.
      • Install the Recovery Console if prompted.
      • When finished, it will produce a report for you.
      • Please post the "C:\ComboFix.txt" .
      • **Note: Do not mouseclick combofix's window while it's running. That may cause it to stall**
    Note: ComboFix may reset a number of Internet Explorer's settings, including making it the default browser.
    Note: Combofix prevents autorun of ALL CDs, floppies and USB devices to assist with malware removal & increase security.Please do not install any new programs or update anything (always allow your antivirus/antispyware to update) unless told to do so while we are fixing your problem. If combofix alerts to a new version and offers to update, please let it. It is essential we always use the latest version.
     
  12. Jimboliah

    Jimboliah Thread Starter

    Joined:
    Jan 15, 2015
    Messages:
    10
    Hi,
    Yes I was able to run the latest fixlist.

    Here are the ComboFix results:

    ComboFix 15-01-22.02 - user 01/23/2015 16:14:17.2.1 - x86
    Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.503.234 [GMT -5:00]
    Running from: c:\documents and settings\user\Desktop\ComboFix.exe
    AV: AVG AntiVirus Free Edition 2015 *Disabled/Outdated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
    .
    .
    ((((((((((((((((((((((((( Files Created from 2014-12-23 to 2015-01-23 )))))))))))))))))))))))))))))))
    .
    .
    2015-01-21 03:58 . 2015-01-23 19:28 114904 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
    2015-01-21 03:56 . 2014-11-21 11:14 54360 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
    2015-01-21 03:56 . 2014-11-21 11:14 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
    2015-01-21 03:56 . 2015-01-21 03:56 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
    2015-01-21 03:56 . 2015-01-21 03:56 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
    2015-01-21 02:26 . 2015-01-21 02:33 -------- d-----w- C:\AdwCleaner
    2015-01-20 12:37 . 2015-01-20 12:37 -------- d-----w- c:\windows\ERUNT
    2015-01-15 14:45 . 2015-01-23 18:31 -------- d-----w- C:\FRST
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2015-01-23 12:21 . 2012-11-10 15:13 701616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
    2015-01-23 12:21 . 2011-11-03 17:50 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
    2014-06-24 22:04 131480 ----a-w- c:\documents and settings\user\Application Data\Dropbox\bin\DropboxExt.24.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
    2014-06-24 22:04 131480 ----a-w- c:\documents and settings\user\Application Data\Dropbox\bin\DropboxExt.24.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
    @="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
    2014-06-24 22:04 131480 ----a-w- c:\documents and settings\user\Application Data\Dropbox\bin\DropboxExt.24.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
    @="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
    2014-06-24 22:04 131480 ----a-w- c:\documents and settings\user\Application Data\Dropbox\bin\DropboxExt.24.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
    2014-06-24 22:04 131480 ----a-w- c:\documents and settings\user\Application Data\Dropbox\bin\DropboxExt.24.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
    @="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
    2014-06-24 22:04 131480 ----a-w- c:\documents and settings\user\Application Data\Dropbox\bin\DropboxExt.24.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
    @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
    2014-06-24 22:04 131480 ----a-w- c:\documents and settings\user\Application Data\Dropbox\bin\DropboxExt.24.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
    @="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
    2014-06-24 22:04 131480 ----a-w- c:\documents and settings\user\Application Data\Dropbox\bin\DropboxExt.24.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SigmatelSysTrayApp"="c:\program files\SigmaTel\C-Major Audio\WDM\stsystra.exe" [2007-05-10 405504]
    "IntelZeroConfig"="c:\program files\Intel\Wireless\bin\ZCfgSvc.exe" [2007-02-21 819200]
    "IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2007-02-21 970752]
    "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2006-01-12 155648]
    "igfxtray"="c:\windows\system32\igfxtray.exe" [2006-06-06 94208]
    "igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2006-06-06 77824]
    "igfxpers"="c:\windows\system32\igfxpers.exe" [2006-06-06 118784]
    "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-06-15 141624]
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-12-19 41208]
    "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
    "AVG_UI"="c:\program files\AVG\AVG2015\avgui.exe" [2014-09-05 3593744]
    .
    c:\documents and settings\user\Start Menu\Programs\Startup\
    Dropbox.lnk - c:\documents and settings\user\Application Data\Dropbox\bin\Dropbox.exe /systemstartup [2014-12-8 39207112]
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
    BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2015\avgrsx.exe /sync /restart
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "AntiVirusOverride"=dword:00000001
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
    "c:\\Program Files\\iTunes\\iTunes.exe"=
    "c:\\Documents and Settings\\user\\Application Data\\Dropbox\\bin\\Dropbox.exe"=
    "c:\\Program Files\\AVG\\AVG2015\\avgnsx.exe"=
    "c:\\Program Files\\AVG\\AVG2015\\avgdiagex.exe"=
    "c:\\Program Files\\AVG\\AVG2015\\avgmfapx.exe"=
    .
    R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [4/19/2012 3:50 AM 147736]
    R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [7/18/2014 2:55 PM 230680]
    R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [9/7/2010 3:48 AM 27416]
    R1 Avgdiskx;AVG Disk Driver;c:\windows\system32\drivers\avgdiskx.sys [6/18/2014 8:03 PM 121624]
    R1 AVGIDSDriverl;AVGIDSDriverl;c:\windows\system32\drivers\avgidsdriverlx.sys [7/24/2014 1:04 PM 192280]
    R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [12/23/2011 12:32 PM 21272]
    R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [9/7/2010 3:48 AM 193304]
    R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [11/9/2010 10:20 PM 199448]
    R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2015\avgwdsvc.exe [9/5/2014 3:23 PM 293448]
    R2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes Anti-Malware\mbamscheduler.exe [1/20/2015 10:56 PM 1871160]
    R2 MBAMService;MBAMService;c:\program files\Malwarebytes Anti-Malware\mbamservice.exe [1/20/2015 10:56 PM 969016]
    R3 BBUpdate;BBUpdate;c:\program files\Microsoft\BingBar\7.3.132.0\SeaPort.EXE [3/11/2014 10:36 PM 247968]
    R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [1/20/2015 10:56 PM 23256]
    R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [1/20/2015 10:58 PM 114904]
    S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2015\avgidsagent.exe [9/5/2014 3:34 PM 3364368]
    S2 BBSvc;BingBar Service;c:\program files\Microsoft\BingBar\7.3.132.0\BBSvc.EXE [3/11/2014 10:36 PM 193696]
    .
    --- Other Services/Drivers In Memory ---
    .
    *NewlyCreated* - MBAMSWISSARMY
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2015-01-23 c:\windows\Tasks\Adobe Flash Player Updater.job
    - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-10 12:21]
    .
    2015-01-17 c:\windows\Tasks\AppleSoftwareUpdate.job
    - c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 15:50]
    .
    2014-10-08 c:\windows\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
    - c:\windows\system32\xp_eos.exe [2014-03-13 01:59]
    .
    .
    ------- Supplementary Scan -------
    .
    uStart Page = https://www.google.com/
    uInternet Settings,ProxyOverride = *.local
    IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
    Trusted Zone: dell.com
    TCP: DhcpNameServer = 74.40.74.40 74.40.74.41 192.168.1.1
    FF - ProfilePath - c:\documents and settings\user\Application Data\Mozilla\Firefox\Profiles\076mr179.default\
    FF - prefs.js: browser.startup.homepage - hxxp://www.msn.com/
    .
    .
    **************************************************************************
    .
    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2015-01-23 16:25
    Windows 5.1.2600 Service Pack 3 NTFS
    .
    scanning hidden processes ...
    .
    scanning hidden autostart entries ...
    .
    scanning hidden files ...
    .
    scan completed successfully
    hidden files: 0
    .
    **************************************************************************
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_16_0_0_287_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
    @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_16_0_0_287_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker6"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    --------------------- DLLs Loaded Under Running Processes ---------------------
    .
    - - - - - - - > 'explorer.exe'(3532)
    c:\windows\system32\WININET.dll
    c:\documents and settings\user\Application Data\Dropbox\bin\DropboxExt.24.dll
    c:\windows\system32\ieframe.dll
    c:\windows\system32\webcheck.dll
    c:\windows\system32\WPDShServiceObj.dll
    c:\windows\system32\PortableDeviceTypes.dll
    c:\windows\system32\PortableDeviceApi.dll
    .
    Completion time: 2015-01-23 16:28:34
    ComboFix-quarantined-files.txt 2015-01-23 21:28
    ComboFix2.txt 2015-01-23 20:39
    .
    Pre-Run: 37,426,974,720 bytes free
    Post-Run: 37,416,865,792 bytes free
    .
    - - End Of File - - 704F0C8197DB39A315244EB7994458B6
    5F8B5082F3482CC06B72EC5806598AE9
     
  13. JSntgRvr

    JSntgRvr Retired Moderator and Malware Specialist

    Joined:
    Jul 1, 2003
    Messages:
    18,552
    First Name:
    José
    Please re-scan with FRST and post the new FRST.txt log
     
  14. Jimboliah

    Jimboliah Thread Starter

    Joined:
    Jan 15, 2015
    Messages:
    10
    Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 19-01-2015
    Ran by user (administrator) on HOMEPC on 24-01-2015 01:24:32
    Running from C:\Documents and Settings\user\Desktop
    Loaded Profiles: user (Available profiles: user)
    Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English (United States)
    Internet Explorer Version 8 (Default browser: IE)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
    ==================== Processes (Whitelisted) =================
    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
    (AVG Technologies CZ, s.r.o.) C:\PROGRA~1\AVG\AVG2015\avgrsx.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgcsrvx.exe
    (Intel Corporation) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    (Intel Corporation ) C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    (Intel(R) Corporation) C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe
    (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgidsagent.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgwdsvc.exe
    (Microsoft Corporation.) C:\Program Files\Microsoft\BingBar\7.3.132.0\BBSvc.EXE
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
    (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
    (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
    (Intel Corporation) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgnsx.exe
    (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
    (Yahoo! Inc.) C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
    (SigmaTel, Inc.) C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe
    (Intel Corporation) C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
    (Intel Corporation) C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
    (Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
    (Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
    (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgui.exe
    (Dropbox, Inc.) C:\Documents and Settings\user\Application Data\Dropbox\bin\Dropbox.exe
    (Intel Corporation) C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
    (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

    ==================== Registry (Whitelisted) ==================
    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
    HKLM\...\Run: [SigmatelSysTrayApp] => C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe [405504 2007-05-10] (SigmaTel, Inc.)
    HKLM\...\Run: [IntelZeroConfig] => C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [819200 2007-02-21] (Intel Corporation)
    HKLM\...\Run: [IntelWireless] => C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [970752 2007-02-21] (Intel Corporation)
    HKLM\...\Run: [NeroFilterCheck] => C:\WINDOWS\system32\NeroCheck.exe [155648 2006-01-12] (Nero AG)
    HKLM\...\Run: [igfxhkcmd] => C:\WINDOWS\system32\hkcmd.exe [77824 2006-06-06] (Intel Corporation)
    HKLM\...\Run: [igfxpers] => C:\WINDOWS\system32\igfxpers.exe [118784 2006-06-06] (Intel Corporation)
    HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [141624 2010-06-15] (Apple Inc.)
    HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [41208 2012-12-19] (Adobe Systems Incorporated)
    HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
    HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2015\avgui.exe [3593744 2014-09-05] (AVG Technologies CZ, s.r.o.)
    Startup: C:\Documents and Settings\user\Start Menu\Programs\Startup\Dropbox.lnk
    ShortcutTarget: Dropbox.lnk -> C:\Documents and Settings\user\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    BootExecute: autocheck autochk * C:\PROGRA~1\AVG\AVG2015\avgrsx.exe /sync /restart
    ==================== Internet (Whitelisted) ====================
    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
    HKU\S-1-5-21-507921405-436374069-725345543-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
    HKU\S-1-5-21-507921405-436374069-725345543-1003\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
    HKU\S-1-5-21-507921405-436374069-725345543-1003\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-507921405-436374069-725345543-1003 -> {38293D6E-6D5B-424F-82B6-FE0975D21D17} URL = http://search.yahoo.com/search?p={s...ype=W3i_DS,136,0_0,Search,20110832,6901,0,8,0
    BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
    BHO: SingleInstance Class -> {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} -> C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
    DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1244567412593
    DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} http://office.microsoft.com/officeupdate/content/opuc4.cab
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll No File
    Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
    Tcpip\Parameters: [DhcpNameServer] 74.40.74.40 74.40.74.41 192.168.1.1
    FireFox:
    ========
    FF ProfilePath: C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\076mr179.default
    FF Homepage: hxxp://www.msn.com/
    FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_287.dll ()
    FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
    FF Extension: Microsoft .NET Framework Assistant - C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\076mr179.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-07-19]
    FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
    FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-06-12]
    FF HKU\.DEFAULT\...\Firefox\Extensions: [[email protected]] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2
    Chrome:
    =======
    CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\23.0.1271.64\PepperFlash\pepflashplayer.dll No File
    CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
    CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\23.0.1271.64\ppGoogleNaClPluginChrome.dll No File
    CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\23.0.1271.64\pdf.dll No File
    CHR Plugin: (AVG Internet Security) - C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2210_0\plugins/avgnpss.dll No File
    CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
    CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll No File
    CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll No File
    CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll No File
    CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll No File
    CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll No File
    CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
    CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
    CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
    CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
    CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
    CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll No File
    CHR Plugin: (Windows Presentation Foundation) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    CHR Profile: C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\User Data\Default
    CHR Extension: (Google Drive) - C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-11-12]
    CHR Extension: (YouTube) - C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-11-12]
    CHR Extension: (Google Search) - C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-11-12]
    CHR Extension: (Gmail) - C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-12]
    ========================== Services (Whitelisted) =================
    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
    R2 AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [3364368 2014-09-05] (AVG Technologies CZ, s.r.o.)
    R2 avgwd; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [293448 2014-09-05] (AVG Technologies CZ, s.r.o.)
    R2 EvtEng; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [643072 2007-02-21] (Intel Corporation) [File not signed]
    R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
    R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
    R2 MDM; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
    R2 Net Driver HPZ12; C:\WINDOWS\system32\HPZinw12.dll [44032 2008-07-18] (Hewlett-Packard) [File not signed]
    R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [53760 2008-07-18] (Hewlett-Packard) [File not signed]
    R2 RegSrvc; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [327680 2007-02-21] (Intel Corporation) [File not signed]
    R2 S24EventMonitor; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [983040 2007-02-21] (Intel Corporation ) [File not signed]
    R2 WLANKEEPER; C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe [294912 2007-02-21] (Intel(R) Corporation) [File not signed]
    S3 SwPrv; C:\WINDOWS\system32\dllhost.exe /Processid:{5719E5B3-3AA5-43C3-8FBB-FEF22ED63DE5}
    ==================== Drivers (Whitelisted) ====================
    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
    R2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [21425 2009-06-10] (Meetinghouse Data Communications) [File not signed]
    R1 Avgdiskx; C:\WINDOWS\System32\DRIVERS\avgdiskx.sys [121624 2014-06-18] (AVG Technologies CZ, s.r.o.)
    R1 AVGIDSDriverl; C:\WINDOWS\System32\DRIVERS\avgidsdriverlx.sys [192280 2014-07-24] (AVG Technologies CZ, s.r.o.)
    R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [147736 2014-06-18] (AVG Technologies CZ, s.r.o.)
    R1 AVGIDSShim; C:\WINDOWS\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-18] (AVG Technologies CZ, s.r.o.)
    R1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [193304 2014-08-20] (AVG Technologies CZ, s.r.o.)
    R0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [230680 2014-07-18] (AVG Technologies CZ, s.r.o.)
    R0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [98584 2014-08-06] (AVG Technologies CZ, s.r.o.)
    R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [27416 2014-06-18] (AVG Technologies CZ, s.r.o.)
    R1 Avgtdix; C:\WINDOWS\System32\DRIVERS\avgtdix.sys [199448 2014-07-02] (AVG Technologies CZ, s.r.o.)
    S0 cercsr6; C:\WINDOWS\system32\Drivers\cercsr6.sys [39904 2004-12-13] (Adaptec, Inc.) [File not signed]
    S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49920 2007-07-09] (HP)
    S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2007-07-09] (HP)
    S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2007-07-09] (HP)
    R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2014-11-21] (Malwarebytes Corporation)
    R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [114904 2015-01-24] (Malwarebytes Corporation)
    R2 s24trans; C:\WINDOWS\System32\DRIVERS\s24trans.sys [12416 2007-02-21] (Intel Corporation) [File not signed]
    R3 STHDA; C:\WINDOWS\System32\drivers\sthda.sys [1222840 2007-05-10] (SigmaTel, Inc.)
    R3 w29n51; C:\WINDOWS\System32\DRIVERS\w29n51.sys [2209408 2007-02-08] (Intel® Corporation)
    S3 catchme; \??\C:\DOCUME~1\user\LOCALS~1\Temp\catchme.sys [X]
    U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
    S3 UIUSys; system32\DRIVERS\UIUSYS.SYS [X]
    ==================== NetSvcs (Whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

    ==================== One Month Created Files and Folders ========
    (If an entry is included in the fixlist, the file\folder will be moved.)
    2015-01-23 16:28 - 2015-01-23 16:28 - 00011499 _____ () C:\ComboFix.txt
    2015-01-23 16:28 - 2015-01-23 16:28 - 00000000 ____D () C:\Documents and Settings\NetworkService\Local Settings\temp
    2015-01-23 16:28 - 2015-01-23 16:28 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\temp
    2015-01-23 16:28 - 2015-01-23 16:28 - 00000000 ____D () C:\Documents and Settings\Default User\Local Settings\temp
    2015-01-23 14:06 - 2015-01-23 14:06 - 00000000 _RSHD () C:\cmdcons
    2015-01-23 14:06 - 2009-06-09 08:45 - 00000211 _____ () C:\Boot.bak
    2015-01-23 14:06 - 2004-08-03 23:00 - 00260272 __RSH () C:\cmldr
    2015-01-23 14:03 - 2015-01-23 16:28 - 00000000 ____D () C:\Qoobox
    2015-01-23 14:03 - 2011-06-26 01:45 - 00256000 _____ () C:\WINDOWS\PEV.exe
    2015-01-23 14:03 - 2010-11-07 12:20 - 00208896 _____ () C:\WINDOWS\MBR.exe
    2015-01-23 14:03 - 2009-04-19 23:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe
    2015-01-23 14:03 - 2000-08-30 19:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe
    2015-01-23 14:03 - 2000-08-30 19:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe
    2015-01-23 14:03 - 2000-08-30 19:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe
    2015-01-23 14:03 - 2000-08-30 19:00 - 00098816 _____ () C:\WINDOWS\sed.exe
    2015-01-23 14:03 - 2000-08-30 19:00 - 00080412 _____ () C:\WINDOWS\grep.exe
    2015-01-23 14:03 - 2000-08-30 19:00 - 00068096 _____ () C:\WINDOWS\zip.exe
    2015-01-23 14:02 - 2015-01-23 15:37 - 00000000 ____D () C:\WINDOWS\erdnt
    2015-01-23 14:01 - 2015-01-23 14:01 - 05609462 ____R (Swearware) C:\Documents and Settings\user\Desktop\ComboFix.exe
    2015-01-21 08:46 - 2015-01-21 08:46 - 00001067 _____ () C:\Documents and Settings\user\Desktop\MBAM scan.txt
    2015-01-20 22:58 - 2015-01-24 01:17 - 00114904 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
    2015-01-20 22:56 - 2015-01-20 22:56 - 00000777 _____ () C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
    2015-01-20 22:56 - 2015-01-20 22:56 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
    2015-01-20 22:56 - 2015-01-20 22:56 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
    2015-01-20 22:56 - 2015-01-20 22:56 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2015-01-20 22:56 - 2014-11-21 06:14 - 00054360 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
    2015-01-20 22:56 - 2014-11-21 06:14 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
    2015-01-20 22:15 - 2015-01-20 22:15 - 20447072 _____ (Malwarebytes Corporation ) C:\Documents and Settings\user\Desktop\mbam-setup-2.0.4.1028.exe
    2015-01-20 21:26 - 2015-01-20 21:33 - 00000000 ____D () C:\AdwCleaner
    2015-01-20 21:24 - 2015-01-20 21:24 - 02186752 _____ () C:\Documents and Settings\user\Desktop\adwcleaner_4.108.exe
    2015-01-20 21:06 - 2015-01-20 21:06 - 00047780 _____ () C:\Documents and Settings\user\Desktop\Shortcut.txt
    2015-01-20 21:03 - 2015-01-20 21:06 - 00017419 _____ () C:\Documents and Settings\user\Desktop\Addition.txt
    2015-01-20 21:02 - 2015-01-24 01:26 - 00015286 _____ () C:\Documents and Settings\user\Desktop\FRST.txt
    2015-01-20 07:49 - 2015-01-20 07:49 - 00001078 _____ () C:\Documents and Settings\user\Desktop\JRT.txt
    2015-01-20 07:37 - 2015-01-20 07:37 - 00000000 ____D () C:\WINDOWS\ERUNT
    2015-01-20 07:34 - 2015-01-20 07:35 - 01707939 _____ (Thisisu) C:\Documents and Settings\user\Desktop\JRT.exe
    2015-01-20 07:33 - 2015-01-20 07:33 - 01118208 _____ (Farbar) C:\Documents and Settings\user\Desktop\FRST.exe
    2015-01-15 09:45 - 2015-01-24 01:25 - 00000000 ____D () C:\FRST
    ==================== One Month Modified Files and Folders =======
    (If an entry is included in the fixlist, the file\folder will be moved.)
    2015-01-24 01:26 - 2009-06-09 09:00 - 00000000 ____D () C:\Documents and Settings\user\Local Settings\Temp
    2015-01-24 01:21 - 2014-07-02 15:37 - 00000000 ___RD () C:\Documents and Settings\user\My Documents\Dropbox
    2015-01-24 01:21 - 2014-07-02 14:28 - 00000000 ____D () C:\Documents and Settings\user\Application Data\Dropbox
    2015-01-24 01:21 - 2012-11-10 10:13 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
    2015-01-24 01:17 - 2009-06-09 08:49 - 01267737 _____ () C:\WINDOWS\WindowsUpdate.log
    2015-01-24 01:17 - 2004-08-04 05:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
    2015-01-24 01:15 - 2009-06-09 08:59 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
    2015-01-24 01:15 - 2009-06-08 18:03 - 00000159 _____ () C:\WINDOWS\wiadebug.log
    2015-01-24 01:15 - 2009-06-08 18:03 - 00000049 _____ () C:\WINDOWS\wiaservc.log
    2015-01-23 17:26 - 2009-06-09 09:00 - 00000178 ___SH () C:\Documents and Settings\user\ntuser.ini
    2015-01-23 17:26 - 2009-06-09 08:59 - 00032580 _____ () C:\WINDOWS\SchedLgU.Txt
    2015-01-23 17:19 - 2010-11-01 08:16 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\MFAData
    2015-01-23 16:25 - 2004-08-04 05:00 - 00000227 _____ () C:\WINDOWS\system.ini
    2015-01-23 15:47 - 2009-06-09 08:48 - 00000000 ____D () C:\WINDOWS\system32\Restore
    2015-01-23 15:39 - 2009-06-09 08:55 - 00000000 __SHD () C:\Documents and Settings\NetworkService
    2015-01-23 15:33 - 2012-08-28 16:27 - 00000000 ____D () C:\Program Files\SnappleCalendar
    2015-01-23 14:06 - 2009-06-08 17:58 - 00000327 __RSH () C:\boot.ini
    2015-01-23 08:40 - 2012-12-22 02:48 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2753842-v2$
    2015-01-23 07:21 - 2012-11-10 10:13 - 00701616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
    2015-01-23 07:21 - 2011-11-03 12:50 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
    2015-01-17 08:23 - 2010-07-17 01:34 - 00000284 _____ () C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
    2015-01-14 23:54 - 2013-07-20 13:06 - 00000000 ____D () C:\WINDOWS\system32\MRT
    2015-01-14 23:34 - 2009-06-12 10:43 - 110348472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2015-01-14 22:21 - 2014-10-21 08:06 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVG2015
    2015-01-13 00:34 - 2014-12-07 23:15 - 00000664 _____ () C:\WINDOWS\system32\d3d9caps.dat
    Some content of TEMP:
    ====================
    C:\Documents and Settings\user\Local Settings\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpoqtqne.dll

    ==================== Bamital & volsnap Check =================
    (There is no automatic fix for files that do not pass verification.)
    C:\WINDOWS\explorer.exe => File is digitally signed
    C:\WINDOWS\system32\winlogon.exe => File is digitally signed
    C:\WINDOWS\system32\svchost.exe => File is digitally signed
    C:\WINDOWS\system32\services.exe => File is digitally signed
    C:\WINDOWS\system32\User32.dll => File is digitally signed
    C:\WINDOWS\system32\userinit.exe => File is digitally signed
    C:\WINDOWS\system32\rpcss.dll => File is digitally signed
    C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
    ==================== End Of Log ============================
     
  15. JSntgRvr

    JSntgRvr Retired Moderator and Malware Specialist

    Joined:
    Jul 1, 2003
    Messages:
    18,552
    First Name:
    José
    Download the enclosed file. (see below) Save it in the same location FRST is saved. Open FRST and click on the Fix button. The tool, once finished, will produce a log, fixlog.txt. Please post its contents in a reply.

    How is the computer doing after a restart?
     

    Attached Files:

  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1141244

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice