Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 30-10-2014 01
Ran by Rachael (administrator) on RACHAEL-PC on 01-11-2014 11:49:03
Running from E:\User Data\Rachael\Downloads
Loaded Profiles: UpdatusUser & Rachael (Available profiles: UpdatusUser & Rachael & Administrator)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 6
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Google Inc.) C:\Program Files\Google\Update\1.3.25.5\GoogleCrashHandler.exe
(VIA Technologies, Inc.) C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgui.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(OLYMPUS IMAGING CORP.) C:\Program Files\OLYMPUS\ODMS_R6\DM_TM\Notification.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Messenger\msmsgs.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(OLYMPUS IMAGING CORP.) C:\Program Files\OLYMPUS\DeviceDetector\DeviceDetector4.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Nero AG) C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
() C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
() C:\Program Files\HTC\HTC Sync Manager\HTC Sync\adb.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
(CANON INC.) C:\WINDOWS\system32\CNAB3RPK.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [HDAudDeck] => C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe [33673216 2009-08-28] (VIA Technologies, Inc.)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] => RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2586912 2013-06-21] ()
HKLM\...\Run: [Nvtmru] => C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1012000 2013-05-17] (NVIDIA Corporation)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-22] (Adobe Systems Incorporated)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2014\avgui.exe [5188112 2014-08-25] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [1821576 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [BluetoothAuthenticationAgent] => rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
HKLM\...\Run: [Olympus Notification] => C:\Program Files\OLYMPUS\ODMS_R6\DM_TM\Notification.exe [549888 2012-10-19] (OLYMPUS IMAGING CORP.)
HKLM\...\Run: [Olympus DSS UpdateManager] => C:\Program Files\OLYMPUS\ODMS_R6\DM_TM\UpdateManager.exe [493568 2012-10-19] (OLYMPUS IMAGING CORP.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\qttask.exe [421888 2014-01-17] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-05-15] (Apple Inc.)
HKLM\...\Winlogon: [UIHost] C:\WINDOWS\system32\logonui.exe [514560 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-21-1708537768-1364589140-839522115-1005\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-21-1708537768-1364589140-839522115-1005\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6692632 2014-10-08] (SUPERAntiSpyware)
HKU\S-1-5-21-1708537768-1364589140-839522115-1005\...\MountPoints2: {8bac601e-5a04-11e4-bc6a-00248c8cf187} - F:\HTC_Sync_Manager_PC.exe
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Device Detector 4.lnk
ShortcutTarget: Device Detector 4.lnk -> C:\Program Files\OLYMPUS\DeviceDetector\DeviceDetector4.exe (OLYMPUS IMAGING CORP.)
BootExecute: autocheck autochk * C:\PROGRA~1\AVG\AVG2014\avgrsx.exe /sync /restart
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [115440 2013-05-08] (SuperAdBlocker.com)
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Rachael\Application Data\Mozilla\Firefox\Profiles\w2bm706i.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-09-02]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
Chrome:
=======
CHR Profile: C:\Documents and Settings\Rachael\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (Photo Editor) - C:\Documents and Settings\Rachael\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aenihapfpbplnoodpaebohaknejoidaj [2014-04-04]
CHR Extension: (Google Docs) - C:\Documents and Settings\Rachael\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-22]
CHR Extension: (Google Drive) - C:\Documents and Settings\Rachael\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-22]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Documents and Settings\Rachael\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-07]
CHR Extension: (YouTube) - C:\Documents and Settings\Rachael\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-15]
CHR Extension: (Facebook) - C:\Documents and Settings\Rachael\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2014-04-08]
CHR Extension: (Wallpaper) - C:\Documents and Settings\Rachael\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cbipkhomahgllbfjlpkdlcgicdmffggb [2014-05-02]
CHR Extension: (Adblock Plus) - C:\Documents and Settings\Rachael\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-10-31]
CHR Extension: (Google Search) - C:\Documents and Settings\Rachael\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-22]
CHR Extension: (Gumtree AU) - C:\Documents and Settings\Rachael\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dkikcapmobbpchilifibnfndebjdeilg [2014-03-24]
CHR Extension: (Candy) - C:\Documents and Settings\Rachael\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fiejadjmcgacmocgeegodfhligbpecdg [2014-03-26]
CHR Extension: (Photo Editor) - C:\Documents and Settings\Rachael\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fljockdiglkojioiphfiombienapajhc [2014-04-04]
CHR Extension: (AdBlock) - C:\Documents and Settings\Rachael\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-10-31]
CHR Extension: (iPiccy Photo Editor) - C:\Documents and Settings\Rachael\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\imokeandodnlammaoenbgcnbhigjbpjh [2014-03-24]
CHR Extension: (Google Wallet) - C:\Documents and Settings\Rachael\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (piZap Photo Editor) - C:\Documents and Settings\Rachael\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\occpjibghkbopohbefbejkklnfdkdmok [2014-03-24]
CHR Extension: (Adblock Pro) - C:\Documents and Settings\Rachael\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch [2014-10-31]
CHR Extension: (Picky Wallpapers) - C:\Documents and Settings\Rachael\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\odklcfojpedohplkimfdpcamkjnhanaj [2014-05-02]
CHR Extension: (My Chrome Theme) - C:\Documents and Settings\Rachael\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic [2014-03-24]
CHR Extension: (Gmail) - C:\Documents and Settings\Rachael\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-22]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2014-08-13] (SUPERAntiSpyware.com)
S2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3242000 2014-08-25] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [289328 2014-08-25] (AVG Technologies CZ, s.r.o.)
R2 HTCMonitorService; C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-04-02] (Nero AG)
S3 Olympus DVR Service; C:\Program Files\Common Files\Olympus Shared\DeviceManager\olydvrsv.exe [174592 2012-10-19] (OLYMPUS IMAGING CORP.) [File not signed]
R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 Avgdiskx; C:\WINDOWS\System32\DRIVERS\avgdiskx.sys [121624 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriverl; C:\WINDOWS\System32\DRIVERS\avgidsdriverlx.sys [191256 2014-07-21] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [147736 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\WINDOWS\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [188696 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [241944 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [98584 2014-08-06] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [27416 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\WINDOWS\System32\DRIVERS\avgtdix.sys [197400 2014-06-17] (AVG Technologies CZ, s.r.o.)
R3 L1e; C:\WINDOWS\System32\DRIVERS\l1e51x86.sys [39424 2009-08-05] (Atheros Communications, Inc.)
R3 MTsensor; C:\WINDOWS\System32\DRIVERS\ASACPI.sys [5810 2013-08-01] ()
R3 NVHDA; C:\WINDOWS\System32\drivers\nvhda32.sys [128672 2013-02-25] (NVIDIA Corporation)
S3 qcserxp; C:\WINDOWS\System32\DRIVERS\qcserxp.sys [103424 2009-01-24] (QUALCOMM Incorporated)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-23] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-13] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 VIAHdAudAddService; C:\WINDOWS\System32\drivers\viahduaa.sys [1390976 2009-08-17] (VIA Technologies, Inc.)
S3 HTCAND32; System32\Drivers\ANDROIDUSB.sys [X]
S4 IntelIde; No ImagePath
S3 mcdbus; system32\DRIVERS\mcdbus.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-05] () [File not signed]
U1 WS2IFSL; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-01 11:48 - 2014-11-01 11:49 - 00000000 ____D () C:\FRST
2014-11-01 11:41 - 2014-11-01 11:41 - 00000591 _____ () C:\Documents and Settings\Rachael\Desktop\JRT.txt
2014-11-01 11:39 - 2014-11-01 11:39 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-11-01 11:37 - 2014-11-01 11:37 - 00003088 _____ () C:\Documents and Settings\Rachael\Desktop\AdwCleaner[S0].txt
2014-11-01 11:31 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\system32\sqlite3.dll
2014-11-01 11:29 - 2014-11-01 11:35 - 00000000 ____D () C:\AdwCleaner
2014-10-31 15:16 - 2014-10-31 15:16 - 00000000 ____D () C:\Documents and Settings\Rachael\Local Settings\Application Data\etax2014
2014-10-31 15:15 - 2014-10-31 15:15 - 00001710 _____ () C:\Documents and Settings\Rachael\Desktop\e-tax 2014.lnk
2014-10-31 15:15 - 2014-10-31 15:15 - 00000000 ____D () C:\Program Files\etax2014
2014-10-31 15:15 - 2014-10-31 15:15 - 00000000 ____D () C:\Documents and Settings\Rachael\Start Menu\Programs\e-tax 2014
2014-10-31 12:37 - 2014-10-31 12:37 - 00470698 _____ () C:\Documents and Settings\Rachael\Desktop\comp.txt
2014-10-31 12:17 - 2014-10-31 12:18 - 01368974 _____ () C:\Documents and Settings\Rachael\Desktop\xp Computer.nfo
2014-10-31 12:12 - 2014-10-31 12:12 - 00008986 _____ () C:\Documents and Settings\Rachael\Desktop\hijackthis.log
2014-10-30 18:53 - 2014-10-30 18:53 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-14 20:14 - 2012-10-28 00:00 - 00192512 _____ (CANON INC.) C:\WINDOWS\system32\CNAB3EMU.DLL
2014-10-14 20:14 - 2012-10-28 00:00 - 00163840 _____ (CANON INC.) C:\WINDOWS\system32\CNAB3SMK.DLL
2014-10-14 20:14 - 2012-10-28 00:00 - 00113856 _____ (CANON INC.) C:\WINDOWS\system32\CNAB3RPK.EXE
2014-10-14 20:14 - 2012-10-28 00:00 - 00106496 _____ (CANON INC.) C:\WINDOWS\system32\CNAB3LMK.DLL
2014-10-14 20:14 - 2012-10-28 00:00 - 00057344 _____ (CANON INC.) C:\WINDOWS\system32\CNAB3PTU.DLL
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-01 11:49 - 2013-08-01 19:16 - 00000000 ____D () C:\Documents and Settings\Rachael\Local Settings\Temp
2014-11-01 11:41 - 2013-08-02 02:49 - 00605272 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-11-01 11:37 - 2013-08-01 17:01 - 01536194 _____ () C:\WINDOWS\WindowsUpdate.log
2014-11-01 11:36 - 2014-08-10 13:14 - 00000000 ____D () C:\Documents and Settings\Rachael\Local Settings\Application Data\HTC MediaHub
2014-11-01 11:36 - 2014-03-31 08:02 - 00000226 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2014-11-01 11:36 - 2013-08-15 17:25 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-11-01 11:36 - 2013-08-15 13:48 - 00000882 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-01 11:36 - 2013-08-02 02:50 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-11-01 11:36 - 2013-08-02 02:50 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2014-11-01 11:36 - 2013-08-01 17:06 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-11-01 11:36 - 2004-08-04 22:00 - 00013646 _____ () C:\WINDOWS\system32\wpa.dbl
2014-11-01 11:35 - 2013-08-01 19:16 - 00000178 ___SH () C:\Documents and Settings\Rachael\ntuser.ini
2014-11-01 11:35 - 2013-08-01 17:06 - 00032586 _____ () C:\WINDOWS\SchedLgU.Txt
2014-11-01 11:31 - 2013-08-15 13:48 - 00000886 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-01 11:27 - 2014-06-30 20:58 - 00000000 ____D () C:\Documents and Settings\Rachael\Application Data\uTorrent
2014-11-01 11:21 - 2013-08-08 16:21 - 00000416 _____ () C:\WINDOWS\Tasks\At1.job
2014-11-01 11:10 - 2013-08-03 18:23 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-11-01 08:31 - 2013-08-15 14:02 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\MFAData
2014-10-31 22:59 - 2013-08-01 18:26 - 00000000 ____D () C:\Documents and Settings\UpdatusUser\Local Settings\Temp
2014-10-31 18:31 - 2013-08-01 18:32 - 00006380 _____ () C:\WINDOWS\system32\nvAppTimestamps
2014-10-31 09:49 - 2014-07-14 09:02 - 00114904 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-10-30 18:53 - 2014-07-14 09:01 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-10-30 18:53 - 2013-08-11 18:43 - 00000777 _____ () C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2014-10-29 23:56 - 2013-08-01 19:40 - 00000284 _____ () C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2014-10-29 11:28 - 2014-08-10 13:10 - 00000000 ____D () C:\Temp
2014-10-29 11:28 - 2013-08-02 02:46 - 01124674 _____ () C:\WINDOWS\setupapi.log
2014-10-29 11:28 - 2013-08-02 02:46 - 00189898 _____ () C:\WINDOWS\setupact.log
2014-10-29 00:42 - 2013-08-02 02:49 - 01328414 _____ () C:\WINDOWS\iis6.log
2014-10-29 00:42 - 2013-08-02 02:49 - 01224579 _____ () C:\WINDOWS\FaxSetup.log
2014-10-29 00:42 - 2013-08-02 02:49 - 00599737 _____ () C:\WINDOWS\ocgen.log
2014-10-29 00:42 - 2013-08-02 02:49 - 00565710 _____ () C:\WINDOWS\tsoc.log
2014-10-29 00:42 - 2013-08-02 02:49 - 00414126 _____ () C:\WINDOWS\comsetup.log
2014-10-29 00:42 - 2013-08-02 02:49 - 00372856 _____ () C:\WINDOWS\msmqinst.log
2014-10-29 00:42 - 2013-08-02 02:49 - 00249795 _____ () C:\WINDOWS\ntdtcsetup.log
2014-10-29 00:42 - 2013-08-02 02:49 - 00215750 _____ () C:\WINDOWS\netfxocm.log
2014-10-29 00:42 - 2013-08-02 02:49 - 00085905 _____ () C:\WINDOWS\MedCtrOC.log
2014-10-29 00:42 - 2013-08-02 02:49 - 00067990 _____ () C:\WINDOWS\ocmsn.log
2014-10-29 00:42 - 2013-08-02 02:49 - 00062406 _____ () C:\WINDOWS\tabletoc.log
2014-10-29 00:42 - 2013-08-02 02:49 - 00061619 _____ () C:\WINDOWS\msgsocm.log
2014-10-29 00:42 - 2013-08-02 02:49 - 00001943 _____ () C:\WINDOWS\imsins.log
2014-10-28 19:32 - 2014-03-22 14:04 - 00001813 _____ () C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
2014-10-27 00:35 - 2014-01-08 11:39 - 00000000 ____D () C:\Dictation
2014-10-17 03:05 - 2013-08-01 18:37 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Microsoft Help
2014-10-17 03:04 - 2013-08-15 03:02 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-10-17 03:00 - 2013-08-01 19:03 - 100290944 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-10-14 20:15 - 2014-08-27 08:37 - 00000000 ____D () C:\Program Files\Canon
2014-10-08 17:30 - 2014-03-31 08:02 - 00000220 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
Files to move or delete:
====================
C:\Windows\Tasks\At1.job
Some content of TEMP:
====================
C:\Documents and Settings\Administrator\Local Settings\Temp\ose00000.exe
C:\Documents and Settings\Rachael\Local Settings\Temp\24369uninstall.exe
C:\Documents and Settings\Rachael\Local Settings\Temp\fp_pl_pfs_installer.exe
C:\Documents and Settings\Rachael\Local Settings\Temp\lowproc.exe
C:\Documents and Settings\Rachael\Local Settings\Temp\mirc732.exe
C:\Documents and Settings\Rachael\Local Settings\Temp\Quarantine.exe
C:\Documents and Settings\Rachael\Local Settings\Temp\setup_wm.exe
C:\Documents and Settings\Rachael\Local Settings\Temp\Sqlite3.dll
C:\Documents and Settings\Rachael\Local Settings\Temp\stubhelper.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 30-10-2014 01
Ran by Rachael at 2014-11-01 11:49:28
Running from E:\User Data\Rachael\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: AVG AntiVirus Free Edition 2014 (Disabled - Up to date) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Apple Application Support (HKLM\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{18D47FA1-0440-48D3-A7E0-DA09537FF471}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
Atheros Communications Inc.® AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.40 - Atheros Communications Inc.)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4765 - AVG Technologies)
AVG 2014 (Version: 14.0.4189 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4765 - AVG Technologies) Hidden
Big Fish: Game Manager (HKLM\...\BFGC) (Version: 3.2.0.7 - )
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Canon LBP3000 (HKLM\...\Canon LBP3000) (Version: - )
Canon MX300 series (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX300_series) (Version: - )
Canon RAW Codec (HKLM\...\Canon RAW Codec) (Version: 1.11.0.75 - Canon Inc.)
Drawn®: The Painted Tower ™ (HKLM\...\BFG-Drawn - The Painted Tower) (Version: - )
e-tax 2014 (HKLM\...\{42D5C0B2-A309-4F84-9BD7-5DDDFE6C09E1}) (Version: 2.10.788 - Australian Taxation Office)
Found: A Hidden Object Adventure (HKLM\...\BFG-Found - A Hidden Object Adventure) (Version: - )
Google Chrome (HKLM\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.23.0 - DealPly Technologies Ltd) Hidden <==== ATTENTION
HTC Driver Installer (HKLM\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.13.0.003 - HTC Corporation)
HTC Sync Manager (HKLM\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.24.5 - HTC)
HxD Hex Editor version 1.7.7.0 (HKLM\...\HxD Hex Editor_is1) (Version: 1.7.7.0 - Maël Hörz)
IPTInstaller (HKLM\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
iTunes (HKLM\...\{A9B3F8D5-DF4F-462B-81B7-4B69EBEDBC5B}) (Version: 11.2.0.115 - Apple Inc.)
Jays Snipping Tool (HKCU\...\e891758400ca417b) (Version: 1.0.0.12 - Missoula Software)
JPEG Recovery Pro 5.0 (HKLM\...\JPEG Recovery Pro5.0) (Version: 5.0 - e.World Technology Limited)
K-Lite Codec Pack 10.0.0 Basic (HKLM\...\KLiteCodecPack_is1) (Version: 10.0.0 - )
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version: - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
mIRC (HKLM\...\mIRC) (Version: 7.32 - mIRC Co. Ltd.)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mystery Case Files®: Escape from Ravenhearst™ Collector's Edition (HKLM\...\BFG-Mystery Case Files - Escape from Ravenhearst Collector's Edition) (Version: - )
Mystery Case Files: Fate's Carnival Collector's Edition (HKLM\...\BFG-Mystery Case Files - Fates Carnival Collectors Edition) (Version: - )
NVIDIA GeForce Experience 1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.5 - NVIDIA Corporation)
NVIDIA Graphics Driver 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 320.49 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.24.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.24.2 - NVIDIA Corporation)
NVIDIA nView 140.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 140.62 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0604 - NVIDIA Corporation)
Olympus Dictation Management System R6 DM/TM (HKLM\...\{B1DF7A1C-B1D5-48C5-9380-966B2D5B82AA}) (Version: 6.1.1 - OLYMPUS IMAGING CORP.)
Platform (Version: 1.34 - VIA Technologies, Inc.) Hidden
QuickTime 7 (HKLM\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.6.1032 - SUPERAntiSpyware.com)
TeamViewer 8 (HKLM\...\TeamViewer 8) (Version: 8.0.22298 - TeamViewer)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VIA Platform Device Manager (HKLM\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.0.8 (HKLM\...\VLC media player) (Version: 2.0.8 - VideoLAN)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - )
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
03-08-2014 15:03:53 System Checkpoint
04-08-2014 16:02:36 System Checkpoint
05-08-2014 16:15:21 System Checkpoint
06-08-2014 16:56:59 System Checkpoint
07-08-2014 00:21:42 Installed AVG 2014
07-08-2014 00:23:33 Removed AVG 2014
08-08-2014 01:22:43 System Checkpoint
09-08-2014 01:30:26 System Checkpoint
10-08-2014 01:35:06 System Checkpoint
10-08-2014 03:13:53 Installed HTC Sync Manager.
10-08-2014 17:00:33 Software Distribution Service 3.0
11-08-2014 17:21:47 System Checkpoint
12-08-2014 17:33:48 System Checkpoint
13-08-2014 17:00:16 Software Distribution Service 3.0
14-08-2014 17:24:50 System Checkpoint
15-08-2014 18:00:35 System Checkpoint
17-08-2014 02:13:52 System Checkpoint
18-08-2014 03:47:00 System Checkpoint
19-08-2014 04:01:57 System Checkpoint
20-08-2014 04:10:05 System Checkpoint
21-08-2014 05:02:04 System Checkpoint
22-08-2014 06:15:39 System Checkpoint
23-08-2014 07:39:40 System Checkpoint
24-08-2014 08:02:36 System Checkpoint
25-08-2014 08:59:25 System Checkpoint
26-08-2014 09:09:39 System Checkpoint
27-08-2014 09:41:58 System Checkpoint
28-08-2014 09:42:04 System Checkpoint
29-08-2014 10:42:03 System Checkpoint
31-08-2014 11:19:20 System Checkpoint
01-09-2014 11:19:44 System Checkpoint
02-09-2014 12:15:28 System Checkpoint
03-09-2014 13:47:06 System Checkpoint
04-09-2014 14:41:38 System Checkpoint
05-09-2014 14:42:05 System Checkpoint
06-09-2014 15:33:11 System Checkpoint
07-09-2014 15:40:50 System Checkpoint
08-09-2014 16:24:47 System Checkpoint
09-09-2014 18:09:38 System Checkpoint
10-09-2014 18:31:17 System Checkpoint
11-09-2014 17:00:14 Software Distribution Service 3.0
12-09-2014 17:24:57 System Checkpoint
14-09-2014 13:42:22 System Checkpoint
15-09-2014 14:29:52 System Checkpoint
16-09-2014 15:38:35 System Checkpoint
17-09-2014 15:50:33 System Checkpoint
18-09-2014 16:27:19 System Checkpoint
19-09-2014 18:11:52 System Checkpoint
20-09-2014 18:28:36 System Checkpoint
21-09-2014 19:23:22 System Checkpoint
22-09-2014 20:21:12 System Checkpoint
23-09-2014 20:33:14 System Checkpoint
24-09-2014 21:21:13 System Checkpoint
25-09-2014 21:33:12 System Checkpoint
26-09-2014 21:46:13 System Checkpoint
27-09-2014 22:33:13 System Checkpoint
28-09-2014 23:26:03 System Checkpoint
29-09-2014 23:33:13 System Checkpoint
01-10-2014 00:21:13 System Checkpoint
02-10-2014 01:33:12 System Checkpoint
03-10-2014 01:35:51 System Checkpoint
04-10-2014 02:11:44 System Checkpoint
05-10-2014 02:22:39 System Checkpoint
06-10-2014 03:17:19 System Checkpoint
07-10-2014 04:28:13 System Checkpoint
08-10-2014 05:16:13 System Checkpoint
09-10-2014 06:07:52 System Checkpoint
10-10-2014 06:18:24 System Checkpoint
11-10-2014 07:28:12 System Checkpoint
12-10-2014 08:16:13 System Checkpoint
13-10-2014 08:52:11 System Checkpoint
14-10-2014 09:02:23 System Checkpoint
15-10-2014 09:20:42 System Checkpoint
16-10-2014 09:31:40 System Checkpoint
16-10-2014 17:00:16 Software Distribution Service 3.0
17-10-2014 17:26:27 System Checkpoint
18-10-2014 17:52:52 System Checkpoint
19-10-2014 18:00:38 System Checkpoint
20-10-2014 18:39:52 System Checkpoint
21-10-2014 19:32:54 System Checkpoint
22-10-2014 20:14:42 System Checkpoint
23-10-2014 21:14:42 System Checkpoint
24-10-2014 22:14:43 System Checkpoint
25-10-2014 23:14:42 System Checkpoint
27-10-2014 00:02:42 System Checkpoint
28-10-2014 01:21:17 System Checkpoint
29-10-2014 02:02:43 System Checkpoint
30-10-2014 02:11:19 System Checkpoint
31-10-2014 03:10:08 System Checkpoint
31-10-2014 05:15:54 Installed e-tax 2014
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2004-08-04 22:00 - 2004-08-04 22:00 - 00000734 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\At1.job => C:\DOCUME~1\Rachael\APPLIC~1\Dealply\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe
==================== Loaded Modules (whitelisted) =============
2004-08-04 22:00 - 2008-04-14 05:41 - 00059904 _____ () C:\WINDOWS\system32\devenum.dll
2004-08-04 22:00 - 2008-04-14 05:42 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 13:16 - 2014-01-20 13:16 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-05-27 12:32 - 2014-05-27 12:32 - 00031080 _____ () C:\Program Files\HTC\HTC Sync Manager\DbAccess.dll
2014-08-06 13:41 - 2014-08-06 13:41 - 00607376 _____ () C:\Program Files\HTC\HTC Sync Manager\sqlite3.dll
2014-05-27 12:33 - 2014-05-27 12:33 - 00059752 _____ () C:\Program Files\HTC\HTC Sync Manager\NAdvLog.dll
2014-05-27 12:32 - 2014-05-27 12:32 - 00036216 _____ () C:\Program Files\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
2014-05-27 12:33 - 2014-05-27 12:33 - 00080248 _____ () C:\Program Files\HTC\HTC Sync Manager\ninstallerhelper.dll
2014-05-27 12:34 - 2014-05-27 12:34 - 00129376 _____ () C:\Program Files\HTC\HTC Sync Manager\zlib1.dll
2014-05-27 12:35 - 2014-05-27 12:35 - 00223592 _____ () C:\Program Files\HTC\HTC Sync Manager\DevConnMon.dll
2013-10-17 15:27 - 2013-10-17 15:27 - 00166912 _____ () C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
2014-08-06 13:42 - 2014-08-06 13:42 - 00821600 _____ () C:\Program Files\HTC\HTC Sync Manager\HTC Sync\adb.exe
2014-10-28 19:32 - 2014-10-22 14:04 - 08910664 _____ () C:\Program Files\Google\Chrome\Application\38.0.2125.111\pdf.dll
2014-10-28 19:32 - 2014-10-22 14:04 - 01681224 _____ () C:\Program Files\Google\Chrome\Application\38.0.2125.111\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:1A15E356
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:2CB9631F
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:4B6A9FDA
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:AE34D87E
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:F84B8DB5
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrator (S-1-5-21-1708537768-1364589140-839522115-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
ASPNET (S-1-5-21-1708537768-1364589140-839522115-1003 - Limited - Enabled)
Guest (S-1-5-21-1708537768-1364589140-839522115-501 - Limited - Enabled)
HelpAssistant (S-1-5-21-1708537768-1364589140-839522115-1000 - Limited - Disabled)
Rachael (S-1-5-21-1708537768-1364589140-839522115-1005 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Rachael
SUPPORT_388945a0 (S-1-5-21-1708537768-1364589140-839522115-1002 - Limited - Disabled)
UpdatusUser (S-1-5-21-1708537768-1364589140-839522115-1004 - Limited - Enabled) => %SystemDrive%\Documents and Settings\UpdatusUser
==================== Faulty Device Manager Devices =============
Name: Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
Description: Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
Class Guid: {4D36E96B-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard keyboards)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Microsoft PS/2 Mouse
Description: Microsoft PS/2 Mouse
Class Guid: {4D36E96F-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (11/01/2014 11:36:36 AM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY)
Description: Windows cannot query DllName registry entry for {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} and it will not be loaded. This is most likely caused by a faulty registration.
Error: (11/01/2014 11:36:36 AM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY)
Description: Windows cannot query DllName registry entry for {7B849a69-220F-451E-B3FE-2CB811AF94AE} and it will not be loaded. This is most likely caused by a faulty registration.
Error: (11/01/2014 11:36:36 AM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY)
Description: Windows cannot query DllName registry entry for {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} and it will not be loaded. This is most likely caused by a faulty registration.
Error: (11/01/2014 11:36:36 AM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY)
Description: Windows cannot query DllName registry entry for {7B849a69-220F-451E-B3FE-2CB811AF94AE} and it will not be loaded. This is most likely caused by a faulty registration.
Error: (11/01/2014 11:31:01 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files\Google\Update\1.3.25.5\DealPlyLiveHelper.msi
Error: (11/01/2014 10:47:43 AM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY)
Description: Windows cannot query DllName registry entry for {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} and it will not be loaded. This is most likely caused by a faulty registration.
Error: (11/01/2014 10:47:43 AM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY)
Description: Windows cannot query DllName registry entry for {7B849a69-220F-451E-B3FE-2CB811AF94AE} and it will not be loaded. This is most likely caused by a faulty registration.
Error: (11/01/2014 10:38:42 AM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY)
Description: Windows cannot query DllName registry entry for {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} and it will not be loaded. This is most likely caused by a faulty registration.
Error: (11/01/2014 10:38:42 AM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY)
Description: Windows cannot query DllName registry entry for {7B849a69-220F-451E-B3FE-2CB811AF94AE} and it will not be loaded. This is most likely caused by a faulty registration.
Error: (11/01/2014 10:31:00 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files\Google\Update\1.3.25.5\DealPlyLiveHelper.msi
System errors:
=============
Error: (11/01/2014 11:36:50 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
i8042prt
Error: (11/01/2014 11:36:40 AM) (Source: 0) (EventID: 1) (User: )
Description: 0xC0000001HarddiskVolume1
Error: (11/01/2014 11:21:00 AM) (Source: Schedule) (EventID: 7901) (User: )
Description: The At1.job command failed to start due to the following error:
%%2147942403
Error: (11/01/2014 10:21:00 AM) (Source: Schedule) (EventID: 7901) (User: )
Description: The At1.job command failed to start due to the following error:
%%2147942403
Error: (11/01/2014 09:21:00 AM) (Source: Schedule) (EventID: 7901) (User: )
Description: The At1.job command failed to start due to the following error:
%%2147942403
Error: (11/01/2014 08:21:00 AM) (Source: Schedule) (EventID: 7901) (User: )
Description: The At1.job command failed to start due to the following error:
%%2147942403
Error: (11/01/2014 07:21:00 AM) (Source: Schedule) (EventID: 7901) (User: )
Description: The At1.job command failed to start due to the following error:
%%2147942403
Error: (11/01/2014 06:21:00 AM) (Source: Schedule) (EventID: 7901) (User: )
Description: The At1.job command failed to start due to the following error:
%%2147942403
Error: (11/01/2014 05:21:00 AM) (Source: Schedule) (EventID: 7901) (User: )
Description: The At1.job command failed to start due to the following error:
%%2147942403
Error: (11/01/2014 04:21:00 AM) (Source: Schedule) (EventID: 7901) (User: )
Description: The At1.job command failed to start due to the following error:
%%2147942403
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Processor: Pentium® Dual-Core CPU E5200 @ 2.50GHz
Percentage of memory in use: 23%
Total physical RAM: 3583.11 MB
Available physical RAM: 2751.16 MB
Total Pagefile: 5465.16 MB
Available Pagefile: 4651.37 MB
Total Virtual: 2047.88 MB
Available Virtual: 1949.82 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.78 GB) (Free:64.42 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive e: () (Fixed) (Total:465.75 GB) (Free:272.07 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 111.8 GB) (Disk ID: E997E997)
Partition 1: (Active) - (Size=111.8 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 465.8 GB) (Disk ID: 0C030C02)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)
==================== End Of Log ============================