Thank you OCD for your prompt response and help. The information you requested is below. Had difficulty attaching the dat file as an error kept coming up saying no file selected so not sure if you got that. I have updated the Adobe flash player and I only defragmented the C drive last week. Sue.
Results of screen317's Security Check version 0.99.87
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
Avira Free Antivirus
Avira
ESET Online Scanner v3
Avira successfully updated!
`````````Anti-malware/Other Utilities Check:`````````
Java 7 Update 67
Adobe Flash Player 11.9.900.170 Flash Player out of Date!
Adobe Reader XI
Mozilla Firefox (31.0)
````````Process Check: objlist.exe by Laurent````````
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:: 15% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````
aswMBR version 1.0.1.2041 Copyright© 2014 AVAST Software
Run date: 2014-09-13 11:35:51
-----------------------------
11:35:51.968 OS Version: Windows 5.1.2600 Service Pack 3
11:35:51.968 Number of processors: 1 586 0x102
11:35:51.984 ComputerName: YOUR-0XV8V0OEAP UserName: home
11:35:52.687 Initialize success
11:35:52.843 VM: initialized successfully
11:35:52.906 VM: Intel CPU virtualization not supported
11:38:30.203 AVAST engine defs: 14091300
11:38:45.765 The log file has been saved successfully to "C:\Documents and Settings\home\Desktop\aswMBR.txt"
aswMBR version 1.0.1.2041 Copyright© 2014 AVAST Software
Run date: 2014-09-13 11:56:05
-----------------------------
11:56:05.562 OS Version: Windows 5.1.2600 Service Pack 3
11:56:05.562 Number of processors: 1 586 0x102
11:56:05.562 ComputerName: YOUR-0XV8V0OEAP UserName: home
11:56:05.937 Initialize success
11:56:05.937 VM: initialized successfully
11:56:05.953 VM: Intel CPU virtualization not supported
11:57:21.984 AVAST engine defs: 14091300
11:58:05.062 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4
11:58:05.062 Disk 0 Vendor: ST340810A 5.38 Size: 38166MB BusType: 3
11:58:05.062 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP0T1L0-c
11:58:05.078 Disk 1 Vendor: Maxtor_6Y080P0 YAR41BW0 Size: 78167MB BusType: 3
11:58:05.078 Disk 2 \Device\Harddisk2\DR5 -> \Device\00000065
11:58:05.078 Disk 2 Vendor: Sony 0000 Size: 78167MB BusType: 0
11:58:05.234 Disk 0 MBR read successfully
11:58:05.234 Disk 0 MBR scan
11:58:05.250 Disk 0 Windows XP default MBR code
11:58:05.250 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 33439 MB offset 63
11:58:05.250 Disk 0 unknown boot code
11:58:05.265 Disk 0 Partition - 00 0F Extended LBA 4718 MB offset 68492701
11:58:05.312 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 4718 MB offset 68492764
11:58:05.328 Scan finished successfully
11:58:56.578 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\home\Desktop\MBR.dat"
11:58:56.593 The log file has been saved successfully to "C:\Documents and Settings\home\Desktop\aswMBR.txt"
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-09-2014
Ran by home (administrator) on YOUR-0XV8V0OEAP on 13-09-2014 11:41:08
Running from C:\Documents and Settings\home\Desktop
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(IBM Corp.) C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(IBM Corp.) C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(SlimWare Utilities, Inc.) C:\Program Files\DriverUpdate\DriverUpdate.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-12] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [UserFaultCheck] => %systemroot%\system32\dumprep 0 -u
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [nwiz] => nwiz.exe /install
HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM\...99B7938DA9E4}\LocalServer32: [Default-wmiprvse] <==== ATTENTION!
HKU\S-1-5-21-3244783744-2621537104-1815002781-1005\...\Run: [Google Update**.d<*>] => "C:\Documents and Settings\home\Local Settings\Application Data\Google\Desktop\Install\{ddf32af7-cb56-24de-0bab-feab1b5137ae}\d'x"Ù"\", &h#\. ùû[\{ddf32af7-cb56-24de-0bab-feab1b5137ae}\GoogleUpdate.e (the data entry has 5 more characters). <===== ATTENTION (Value Name with invalid characters)
HKU\S-1-5-21-3244783744-2621537104-1815002781-1005\...\Run: [DriverUpdate] => C:\Program Files\DriverUpdate\DriverUpdate.exe [25868608 2014-08-28] (SlimWare Utilities, Inc.)
ShellIconOverlayIdentifiers: SKIcoBackuped -> {7E5951A0-8683-432A-9483-5F43168D6A8C} => C:\Program Files\VirginMedia\V Stuff Backup\AGSIconOverlay.dll (F-Secure)
ShellIconOverlayIdentifiers: SKIcoSelected -> {15054241-49B4-4FA6-B4C7-A0071F118110} => C:\Program Files\VirginMedia\V Stuff Backup\AGSIconOverlay.dll (F-Secure)
BootExecute:
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x00FA86ABF555CC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages =
BHO: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\System32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File
Toolbar: HKCU - No Name - {724D43A0-0D85-11D4-9908-00400523E39A} - No File
DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} https://us.dl1.yimg....nst20040510.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1277842996358
DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} http://tools.ebayimg...l_v1-0-31-0.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab
Handler: lid - {5C135180-9973-46D9-ABF4-148267CBB8BF} - C:\WINDOWS\System32\msvidctl.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Tcpip\Parameters: [DhcpNameServer] 194.168.4.100 194.168.8.100
FireFox:
========
FF ProfilePath: C:\Documents and Settings\home\Application Data\Mozilla\Firefox\Profiles\7kmptneb.default-1408266975906
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @radialpoint.com/SPA,version=1 -> C:\Program Files\Virgin Media\Service Manager\nprpspa.dll No File
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\browser\plugins\npMozCouponPrinter.dll (Coupons, Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazon-en-GB.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\chambers-en-GB.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-en-GB.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-en-GB.xml
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2011-04-02]
Chrome:
=======
CHR CustomProfile: C:\Documents and Settings\home\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2010-09-27]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S4 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S4 Advent AIO Network Discovery Service; C:\Program Files\Advent\AIO\Center\ADAIOHostService.exe [361904 2011-10-14] (DSGi)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [430160 2014-08-12] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-12] (Avira Operations GmbH & Co. KG)
S2 Avira.OE.ServiceHost; C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe [141392 2014-07-14] (Avira Operations GmbH & Co. KG)
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-07-25] (Oracle Corporation)
S4 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 RapportMgmtService; C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe [1919256 2014-08-21] (IBM Corp.)
S4 SPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [65536 2001-09-28] (Sony Corporation) [File not signed]
S4 HsdService; "C:\Program Files\Virgin Media\Digital Home Support\HsdService.exe" [X]
S4 ServicepointService; "C:\Program Files\Virgin Media\Service Manager\ServicepointService.exe" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 AFS2K; C:\WINDOWS\system32\Drivers\AFS2K.sys [35840 2004-10-08] (Oak Technology Inc.)
S3 ampa; C:\WINDOWS\system32\ampa.sys [12656 2013-12-18] ()
R2 ASCTRM; C:\WINDOWS\system32\Drivers\ASCTRM.sys [8552 2002-03-30] (Windows ® 2000 DDK provider) [File not signed]
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [97648 2014-07-04] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\System32\DRIVERS\avipbb.sys [136216 2014-06-04] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\System32\DRIVERS\avkmgr.sys [37352 2013-10-01] (Avira Operations GmbH & Co. KG)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [51024 2003-03-09] (HP)
S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16080 2003-03-09] (HP)
S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21456 2003-03-09] (HP)
S3 Imx5123; C:\WINDOWS\System32\drivers\Imx5123.sys [79232 2004-10-28] (Inmax Technology Corp.)
S3 LucentSoftModem; C:\WINDOWS\System32\DRIVERS\LTSM.sys [807917 2002-03-29] (Lucent Technologies)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
S3 PAC207; C:\WINDOWS\System32\DRIVERS\PFC027.SYS [618112 2008-02-13] (PixArt Imaging Inc.)
R0 PxHelp20; C:\WINDOWS\System32\DRIVERS\PxHelp20.sys [16288 2002-02-27] (VERITAS Software, Inc.) [File not signed]
R1 RapportCerberus_80049; C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_80049.sys [433240 2014-09-02] () [File not signed]
R1 RapportEI; C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys [251928 2014-08-21] (IBM Corp.) [File not signed]
R0 RapportKELL; C:\WINDOWS\System32\Drivers\RapportKELL.sys [206520 2014-08-21] (IBM Corp.) [File not signed]
R1 RapportPG; C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys [332792 2014-08-21] (IBM Corp.) [File not signed]
R3 rtl8139; C:\WINDOWS\System32\DRIVERS\R8139n51.SYS [45312 2001-12-31] (Realtek Semiconductor Corporation)
R3 SiS7012; C:\WINDOWS\System32\drivers\sis7012.sys [175232 2002-03-28] (Silicon Integrated Systems Corporation)
R3 SONYWBMS; C:\WINDOWS\System32\DRIVERS\SonyWBMS.SYS [30650 2002-02-24] (Sony Corporation) [File not signed]
R1 ssmdrv; C:\WINDOWS\System32\DRIVERS\ssmdrv.sys [28520 2013-02-24] (Avira GmbH)
S3 SWDUMon; C:\WINDOWS\System32\DRIVERS\SWDUMon.sys [13464 2014-09-13] ()
S1 wceusbsh; C:\WINDOWS\System32\DRIVERS\wceusbsh.sys [31744 2008-04-13] (Microsoft Corporation)
S3 catchme; \??\C:\DOCUME~1\home\LOCALS~1\Temp\catchme.sys [X]
S4 hpt3xx; No ImagePath
S4 IntelIde; No ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U3 TlntSvr; No ImagePath
U3 aswMBR; \??\C:\DOCUME~1\home\LOCALS~1\Temp\aswMBR.sys [X]
U3 aswVmm; \??\C:\DOCUME~1\home\LOCALS~1\Temp\aswVmm.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-13 11:41 - 2014-09-13 11:42 - 00013618 _____ () C:\Documents and Settings\home\Desktop\FRST.txt
2014-09-13 11:40 - 2014-09-13 11:41 - 00000000 ___DC () C:\FRST
2014-09-13 11:38 - 2014-09-13 11:38 - 00000601 _____ () C:\Documents and Settings\home\Desktop\aswMBR.txt
2014-09-13 11:27 - 2014-09-13 11:27 - 00000000 ____D () C:\WINDOWS\LastGood
2014-09-13 10:58 - 2014-09-13 10:58 - 01097728 _____ (Farbar) C:\Documents and Settings\home\Desktop\FRST.exe
2014-09-13 10:56 - 2014-09-13 10:56 - 05185536 _____ (AVAST Software) C:\Documents and Settings\home\Desktop\aswMBR.exe
2014-09-13 10:56 - 2014-09-13 10:56 - 00854417 _____ () C:\Documents and Settings\home\Desktop\SecurityCheck.exe
2014-09-12 12:45 - 2014-09-12 12:45 - 00625664 _____ () C:\Documents and Settings\home\Desktop\dds.scr
2014-09-05 13:37 - 2014-09-05 13:37 - 00000000 ____D () C:\Documents and Settings\home\Application Data\Oracle
2014-09-05 13:34 - 2014-09-05 13:34 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-09-05 13:33 - 2014-09-05 13:33 - 00000000 ___DC () C:\Documents and Settings\All Users\Trusteer
2014-09-05 13:33 - 2014-09-05 13:33 - 00000000 ____D () C:\WINDOWS\system32\Trusteer
2014-09-05 13:33 - 2014-09-05 13:33 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Java
2014-09-05 13:33 - 2014-07-25 12:55 - 00096680 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-09-05 13:33 - 2014-07-25 12:49 - 00272808 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-09-05 13:33 - 2014-07-25 12:49 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-09-05 13:33 - 2014-07-25 12:49 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-09-05 13:33 - 2014-07-25 12:26 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2014-09-05 13:32 - 2014-09-05 13:33 - 00005606 _____ () C:\WINDOWS\system32\jupdate-1.7.0_67-b01.log
2014-09-05 12:57 - 2014-09-05 12:57 - 00000000 ____D () C:\Program Files\Microsoft.NET
2014-09-05 12:46 - 2014-09-12 12:46 - 00000446 _____ () C:\WINDOWS\Tasks\DriverUpdate Scan.job
2014-09-05 12:45 - 2014-09-05 12:45 - 00000000 ____D () C:\Program Files\DriverUpdate
2014-08-25 11:09 - 2014-08-25 11:09 - 00000000 ____D () C:\Program Files\V Stuff Backup
2014-08-25 11:08 - 2014-08-25 11:08 - 00000000 ____D () C:\Program Files\Advent
2014-08-25 11:08 - 2014-08-25 11:08 - 00000000 ____D () C:\Program Files\35168026c4df6cfcf2e06eb27cb7
2014-08-25 11:06 - 2014-08-25 11:06 - 00000000 ____D () C:\Program Files\Coupon Printer
2014-08-25 10:57 - 2014-08-25 10:58 - 00000000 ____D () C:\Program Files\Hewlett-Packard
2014-08-25 10:55 - 2014-08-25 10:56 - 00000000 ____D () C:\Program Files\epson
2014-08-25 10:53 - 2014-08-25 10:53 - 00000000 ____D () C:\Program Files\0c38697bf01e02505c191eed2e
2014-08-24 15:20 - 2014-08-24 15:47 - 00001024 ___HC () C:\AMTAG.BIN
2014-08-24 15:20 - 2014-08-24 15:44 - 00000000 ____D () C:\Program Files\AOMEI Partition Assistant Standard Edition 5.5
2014-08-24 15:20 - 2014-08-24 15:20 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\AOMEI Partition Assistant Standard Edition 5.5
2014-08-24 15:20 - 2014-08-07 10:26 - 01567856 _____ () C:\WINDOWS\ampa.exe
2014-08-24 15:20 - 2013-12-18 11:33 - 00012656 _____ () C:\WINDOWS\system32\ampa.sys
2014-08-23 12:00 - 2014-08-23 12:01 - 00000000 ____D () C:\Program Files\ACD Systems
2014-08-23 11:52 - 2014-08-23 11:52 - 00000000 ___DC () C:\ACD Systems
2014-08-21 16:03 - 2014-08-21 16:03 - 00206520 _____ (IBM Corp.) C:\WINDOWS\system32\Drivers\RapportKELL.sys
2014-08-19 11:15 - 2012-04-29 13:26 - 00011090 _____ () C:\Program Files\unins000.dat
2014-08-19 11:15 - 2012-04-29 13:25 - 00715038 _____ () C:\Program Files\unins000.exe
2014-08-19 11:15 - 2012-04-23 11:24 - 02395400 _____ (CPUID) C:\Program Files\cpuz.exe
2014-08-19 11:15 - 2012-04-23 11:09 - 00019588 _____ () C:\Program Files\cpuz_readme.txt
2014-08-19 11:15 - 2010-12-15 18:51 - 00007646 _____ () C:\Program Files\cpuz_eula.txt
2014-08-19 11:15 - 2010-06-24 17:37 - 00000197 _____ () C:\Program Files\cpuz.ini
2014-08-14 18:52 - 2014-08-14 18:52 - 00000279 ____C () C:\Shortcut to VAIO (D).lnk
2014-08-14 15:38 - 2014-08-14 15:38 - 00000000 ____D () C:\Documents and Settings\home\Local Settings\Application Data\PCHealth
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-13 11:42 - 2014-09-13 11:41 - 00013618 _____ () C:\Documents and Settings\home\Desktop\FRST.txt
2014-09-13 11:42 - 2013-09-20 16:16 - 00000000 ____D () C:\Documents and Settings\home\Local Settings\temp
2014-09-13 11:41 - 2014-09-13 11:40 - 00000000 ___DC () C:\FRST
2014-09-13 11:38 - 2014-09-13 11:38 - 00000601 _____ () C:\Documents and Settings\home\Desktop\aswMBR.txt
2014-09-13 11:27 - 2014-09-13 11:27 - 00000000 ____D () C:\WINDOWS\LastGood
2014-09-13 11:27 - 2013-08-08 13:16 - 00013464 _____ () C:\WINDOWS\system32\Drivers\SWDUMon.sys
2014-09-13 11:27 - 2011-03-09 14:16 - 00816223 _____ () C:\WINDOWS\setupapi.log
2014-09-13 11:27 - 2010-06-29 21:23 - 01857745 _____ () C:\WINDOWS\WindowsUpdate.log
2014-09-13 11:26 - 2004-10-29 16:50 - 00087970 ____C () C:\WINDOWS\system32\nvapps.xml
2014-09-13 11:26 - 2002-03-29 18:11 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-09-13 11:25 - 2014-04-19 19:31 - 00000220 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2014-09-13 11:25 - 2002-03-30 02:15 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-09-13 11:25 - 2002-03-29 18:11 - 00000050 _____ () C:\WINDOWS\wiaservc.log
2014-09-13 11:24 - 2010-06-20 16:21 - 00000178 ___SH () C:\Documents and Settings\home\ntuser.ini
2014-09-13 11:24 - 2010-06-20 16:21 - 00000000 ____D () C:\Documents and Settings\home
2014-09-13 11:24 - 2002-03-30 02:19 - 00032556 _____ () C:\WINDOWS\SchedLgU.Txt
2014-09-13 10:58 - 2014-09-13 10:58 - 01097728 _____ (Farbar) C:\Documents and Settings\home\Desktop\FRST.exe
2014-09-13 10:56 - 2014-09-13 10:56 - 05185536 _____ (AVAST Software) C:\Documents and Settings\home\Desktop\aswMBR.exe
2014-09-13 10:56 - 2014-09-13 10:56 - 00854417 _____ () C:\Documents and Settings\home\Desktop\SecurityCheck.exe
2014-09-13 10:53 - 2012-10-27 16:55 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-09-12 12:46 - 2014-09-05 12:46 - 00000446 _____ () C:\WINDOWS\Tasks\DriverUpdate Scan.job
2014-09-12 12:45 - 2014-09-12 12:45 - 00625664 _____ () C:\Documents and Settings\home\Desktop\dds.scr
2014-09-12 11:37 - 2010-07-23 14:43 - 00000420 ____H () C:\WINDOWS\Tasks\User_Feed_Synchronization-{05259640-3FC6-4058-8291-C66DFD0DC59C}.job
2014-09-11 13:36 - 2011-04-01 15:42 - 00000000 ____D () C:\WINDOWS\Microsoft.NET
2014-09-11 13:25 - 2014-07-26 12:44 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-09-11 13:17 - 2010-06-20 16:17 - 00007159 _____ () C:\WINDOWS\setupact.log
2014-09-11 12:53 - 2012-07-14 20:44 - 00701104 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-09-11 12:53 - 2011-06-09 15:08 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-09-11 10:34 - 2002-03-29 17:00 - 00001158 _____ () C:\WINDOWS\system32\wpa.dbl
2014-09-10 11:37 - 2013-08-15 12:33 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-09-10 11:31 - 2010-06-29 21:41 - 98758480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-09-09 12:18 - 2002-03-29 18:08 - 00566980 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-09-09 09:28 - 2014-04-19 19:31 - 00000214 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2014-09-06 07:42 - 2002-03-30 02:40 - 00000000 ____D () C:\WINDOWS\nview
2014-09-05 13:37 - 2014-09-05 13:37 - 00000000 ____D () C:\Documents and Settings\home\Application Data\Oracle
2014-09-05 13:34 - 2014-09-05 13:34 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-09-05 13:33 - 2014-09-05 13:33 - 00000000 ___DC () C:\Documents and Settings\All Users\Trusteer
2014-09-05 13:33 - 2014-09-05 13:33 - 00000000 ____D () C:\WINDOWS\system32\Trusteer
2014-09-05 13:33 - 2014-09-05 13:33 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Java
2014-09-05 13:33 - 2014-09-05 13:32 - 00005606 _____ () C:\WINDOWS\system32\jupdate-1.7.0_67-b01.log
2014-09-05 13:33 - 2011-03-21 19:40 - 00000000 ____D () C:\Program Files\Java
2014-09-05 12:57 - 2014-09-05 12:57 - 00000000 ____D () C:\Program Files\Microsoft.NET
2014-09-05 12:45 - 2014-09-05 12:45 - 00000000 ____D () C:\Program Files\DriverUpdate
2014-09-02 08:37 - 2013-09-18 18:56 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Trusteer Endpoint Protection
2014-08-25 11:09 - 2014-08-25 11:09 - 00000000 ____D () C:\Program Files\V Stuff Backup
2014-08-25 11:08 - 2014-08-25 11:08 - 00000000 ____D () C:\Program Files\Advent
2014-08-25 11:08 - 2014-08-25 11:08 - 00000000 ____D () C:\Program Files\35168026c4df6cfcf2e06eb27cb7
2014-08-25 11:06 - 2014-08-25 11:06 - 00000000 ____D () C:\Program Files\Coupon Printer
2014-08-25 10:58 - 2014-08-25 10:57 - 00000000 ____D () C:\Program Files\Hewlett-Packard
2014-08-25 10:56 - 2014-08-25 10:55 - 00000000 ____D () C:\Program Files\epson
2014-08-25 10:53 - 2014-08-25 10:53 - 00000000 ____D () C:\Program Files\0c38697bf01e02505c191eed2e
2014-08-24 15:47 - 2014-08-24 15:20 - 00001024 ___HC () C:\AMTAG.BIN
2014-08-24 15:44 - 2014-08-24 15:20 - 00000000 ____D () C:\Program Files\AOMEI Partition Assistant Standard Edition 5.5
2014-08-24 15:20 - 2014-08-24 15:20 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\AOMEI Partition Assistant Standard Edition 5.5
2014-08-23 12:02 - 2010-08-23 13:07 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\ACD Systems
2014-08-23 12:01 - 2014-08-23 12:00 - 00000000 ____D () C:\Program Files\ACD Systems
2014-08-23 11:52 - 2014-08-23 11:52 - 00000000 ___DC () C:\ACD Systems
2014-08-21 16:03 - 2014-08-21 16:03 - 00206520 _____ (IBM Corp.) C:\WINDOWS\system32\Drivers\RapportKELL.sys
2014-08-20 12:41 - 2014-08-12 15:01 - 00065648 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2014-08-20 11:08 - 2002-03-29 17:01 - 00000327 __SHC () C:\boot.ini
2014-08-20 11:08 - 2002-03-29 17:00 - 00000597 _____ () C:\WINDOWS\win.ini
2014-08-20 11:08 - 2002-03-29 17:00 - 00000227 ____C () C:\WINDOWS\system.ini
2014-08-14 18:52 - 2014-08-14 18:52 - 00000279 ____C () C:\Shortcut to VAIO (D).lnk
2014-08-14 16:44 - 2011-08-11 15:09 - 00131072 _____ () C:\WINDOWS\system32\config\WindowsPowerShell.evt
2014-08-14 15:38 - 2014-08-14 15:38 - 00000000 ____D () C:\Documents and Settings\home\Local Settings\Application Data\PCHealth
ZeroAccess:
C:\Program Files\Google\Desktop\Install
Files to move or delete:
====================
C:\Documents and Settings\All Users\USMT2IMG.DAT
Some content of TEMP:
====================
C:\Documents and Settings\home\Local Settings\temp\avgnt.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 12-09-2014
Ran by home at 2014-09-13 11:43:33
Running from C:\Documents and Settings\home\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Disabled - Up to date) {AD166499-45F9-482A-A743-FDD3350758C7}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ACDSee for PENTAX (HKLM\...\{EED5156C-4BA8-4105-A506-DB9D00F8B68D}) (Version: 5.1.0 - ACD Systems Ltd)
AdC4USelfUpdater (Version: 1.00.0000 - Advent) Hidden
Adobe Acrobat 5.0 (HKLM\...\Adobe Acrobat 5.0) (Version: 5.0 - Adobe Systems, Inc.)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.6.0.6090 - Adobe Systems Incorporated)
Adobe AIR (Version: 3.6.0.6090 - Adobe Systems Incorporated) Hidden
Adobe Download Assistant (HKLM\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.5 - Adobe Systems Incorporated)
Adobe Download Assistant (Version: 1.2.5 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM\...\Adobe Shockwave Player) (Version: 11.6.3.633 - Adobe Systems, Inc.)
ADVENT AIO Printer (HKLM\...\{27B5D9DE-D57D-48ee-A4F1-DC3D9DA0DF57}) (Version: 1.3.3.10 - Advent)
Advent AIO Printer (Version: 1.0.6.2 - DSGi) Hidden
Advent Essentials (Version: 1.0.0.0 - DSGi) Hidden
aioscnnr (Version: 1.0.6.0 - DSGi) Hidden
AOMEI Partition Assistant Standard Edition 5.5 (HKLM\...\{02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1) (Version: - AOMEI Technology Co., Ltd.)
ArcSoft WebCam Companion 3 (HKLM\...\{B3236C7B-455E-4CDB-B3E1-7A2190B054BC}) (Version: 3.0.33.183 - ArcSoft)
Avira (HKLM\...\{df495620-2ba9-412d-828d-b27f020d9fc8}) (Version: 1.1.18.28431 - Avira Operations GmbH & Co. KG)
Avira (Version: 1.1.18.28431 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.6.570 - Avira)
Backup & Storage v2.3.1.37683 (HKLM\...\{4C2E5A82-DA8B-4c72-91A6-EBB4E0463537}_is1) (Version: 2.3.1.37683 - VirginMedia)
Coupon Printer (HKLM\...\Coupon Printer2.2.0.1) (Version: 2.2.0.1 - Coupons.com Inc.)
CPUID CPU-Z 1.60.1 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
DigitalPrint 1.1 (HKLM\...\{E2069DE3-5924-4766-A385-CDA273885A31}) (Version: - )
DriverUpdate (HKLM\...\{F7FBA125-E6E5-4D4F-A165-D094C10B0523}) (Version: 2.2.40819 - SlimWare Utilities, Inc.)
DVgate (HKLM\...\{29F61465-428A-11D4-B646-00C04F790F76}) (Version: - )
EPSON Printer Software (HKLM\...\EPSON Printer and Utilities) (Version: - )
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - )
Free Window Registry Repair (HKLM\...\Free Window Registry Repair) (Version: - )
hp instant support (HKLM\...\hp instant support) (Version: 5.0.2.4.asst_classic.asst_install - Motive Communications, Inc.)
HP Memories Disc (HKLM\...\{B376402D-58EA-45EA-BD50-DD924EB67A70}) (Version: 1.0.4.805 - Hewlett-Packard Company)
HP Photo and Imaging 2.0 - All-in-One (Version: 1.10.0000 - Hewlett-Packard Company) Hidden
HP Photo and Imaging 2.0 - All-in-One Drivers (Version: 1.10.0000 - Hewlett-Packard Company) Hidden
Java 7 Update 67 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (Version: 2.1.67.1 - Oracle, Inc.) Hidden
Lucent Technologies Soft Modem AMR (HKLM\...\Lucent Technologies Soft Modem) (Version: - )
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Motion JPEG Software Decoder (HKLM\...\Motion JPEG Software Decoder) (Version: - )
MovieShaker 3.3 (HKLM\...\{D4A49B00-02F8-11D5-B64D-00C04F790F76}) (Version: - )
Mozilla Firefox 31.0 (x86 en-GB) (HKLM\...\Mozilla Firefox 31.0 (x86 en-GB)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 6.0 Parser (HKLM\...\{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}) (Version: 6.10.1129.0 - Microsoft Corporation)
Music Visualizer Library 1.2 (HKLM\...\{3B24B725-D81F-442D-8CE5-2AF05A4A4CC9}) (Version: - )
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: - )
Online Registration (Version: 4.1 - Sony Information Technology Europe) Hidden
OpenMG Limited Patch 3.0.01-02-01-18-01 (HKLM\...\OpenMG HotFix3.0.01-02-01-18-01) (Version: - )
OpenMG Secure Module 3.0.01 (HKLM\...\{A228A09C-4826-42E0-A3D8-95B2BAAB5049}) (Version: - )
PC Camer@ (HKLM\...\{C679F9B9-C65D-4C65-BD6C-BF90B859E281}) (Version: 1.0.4.15 - Aecotech)
PowerDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: - )
PreReq (Version: 6.0.5.2 - Eastman Kodak Company) Hidden
QuickTime Alternative 3.2.2 (HKLM\...\QuicktimeAlt_is1) (Version: 3.2.2 - )
Radialpoint Security Advisor 2.5.19 (Version: 2.5.19 - Radialpoint SafeCare Inc.) Hidden
Rapport (Version: 3.5.1403.78 - Trusteer) Hidden
RealPlayer Basic (HKLM\...\RealPlayer 6.0) (Version: - )
RealProducer Basic 8.5 (HKLM\...\RealProducer 8.5) (Version: - )
Skype™ 6.18 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.105 - Skype Technologies S.A.)
SonicStage 1.1.00 (HKLM\...\{E535DC62-56D6-11D5-8AE3-00105A7276CD}) (Version: - )
SonicStage CD-R Writing Module (HKLM\...\{F3CB4DC0-4FC0-11D5-9254-0000F460E7A9}) (Version: - )
Sony DV Shared Library (HKLM\...\{6990A2BF-D1D2-11D3-81BC-00609789C908}) (Version: - )
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Trusteer Endpoint Protection (HKLM\...\Rapport_msi) (Version: 3.5.1403.78 - Trusteer)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2836939v3) (Version: 3 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB2447568) (HKLM\...\KB2447568-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB976662) (HKLM\...\KB976662-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB982632) (HKLM\...\KB982632-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2141007) (HKLM\...\KB2141007) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2467659) (HKLM\...\KB2467659) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2541763) (HKLM\...\KB2541763) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2607712) (HKLM\...\KB2607712) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2616676) (HKLM\...\KB2616676) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2641690) (HKLM\...\KB2641690) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2661254-v2) (HKLM\...\KB2661254-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB2718704) (HKLM\...\KB2718704) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2736233) (HKLM\...\KB2736233) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2863058) (HKLM\...\KB2863058) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2934207) (HKLM\...\KB2934207) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB951978) (HKLM\...\KB951978) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB967715) (HKLM\...\KB967715) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971737) (HKLM\...\KB971737) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973687) (HKLM\...\KB973687) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
VAIO Action Setup (HKLM\...\{3C67D8C0-F0EC-11D3-99D3-00C04FCCB775}) (Version: - )
VAIO Brezza Wallpaper (HKLM\...\{ACEC9C3E-0100-4EBE-B298-35A2145828A0}) (Version: - )
VAIO Clock Screen Saver (HKLM\...\{2B9FBAE1-5016-4F14-B452-E6874A3C1284}) (Version: - )
VAIO Grid Wallpaper (HKLM\...\{21CF3E6E-1659-433E-B6CE-165D793560DA}) (Version: - )
VAIO Online Registration (HKLM\...\InstallShield_{C64AA545-4301-45C6-B6D0-ED831A19A3A4}) (Version: 4.1 - Sony Information Technology Europe)
VAIO Serenus Wallpaper (HKLM\...\{802EF464-4992-42B3-8434-45151AD3C933}) (Version: - )
VAIO System Information (HKLM\...\{2366D960-F00F-11D3-99D3-00C04FCCB775}) (Version: - )
VAIO Web Phone (HKLM\...\{764FBCE2-1593-11D4-A51F-0800460222F0}) (Version: - )
Virgin Media Digital Home Support 2.1.27 (HKLM\...\RadialpointHomeSecurityDashboard_is1) (Version: 2.1.27 - Virgin Media)
Virgin Media Service Manager 3.7.47 (HKLM\...\RadialpointClientGateway_is1) (Version: 3.7.47 - Virgin Media)
WebFldrs XP (Version: 9.50.5318 - Microsoft Corporation) Hidden
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version: - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows PowerShell 1.0 (HKLM\...\KB926139-v2) (Version: 2 - Microsoft Corporation)
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
09-09-2014 11:01:50 Software Distribution Service 3.0
10-09-2014 10:30:32 Software Distribution Service 3.0
11-09-2014 13:09:32 System Checkpoint
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2002-03-29 17:00 - 2013-09-18 11:52 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DriverUpdate Scan.job => C:\Program Files\DriverUpdate\DriverUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{05259640-3FC6-4058-8291-C66DFD0DC59C}.job => C:\WINDOWS\system32\msfeedssync.exe
==================== Loaded Modules (whitelisted) =============
2006-10-22 12:22 - 2006-10-22 12:22 - 00212992 _____ () C:\WINDOWS\system32\nvapi.dll
2002-03-29 07:42 - 2006-10-22 12:22 - 00466944 _____ () C:\WINDOWS\system32\nvshell.dll
2014-03-23 17:04 - 2014-03-23 17:04 - 00557056 _____ () C:\Program Files\Trusteer\Rapport\bin\js32.dll
2014-08-12 12:55 - 2014-07-14 16:49 - 00049744 _____ () C:\Documents and Settings\home\Local Settings\temp\avgnt.exe\Avira.OE.ExtApi.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Documents and Settings\All Users\USMT2IMG.DAT:SummaryInformation
AlternateDataStreams: C:\Documents and Settings\All Users\USMT2IMG.DAT:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HsdService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ServicepointService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HsdService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ServicepointService => ""="Service"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.exe.lnk => C:\WINDOWS\pss\Adobe Gamma Loader.exe.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^hpoddt01.exe.lnk => C:\WINDOWS\pss\hpoddt01.exe.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^VAIO Action Setup (Server).lnk => C:\WINDOWS\pss\VAIO Action Setup (Server).lnkCommon Startup
MSCONFIG\startupreg: ADAiO2StatusMonitor => C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\ADAiO2MUI.exe
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: ArcSoft Connection Service => C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
MSCONFIG\startupreg: avgnt => "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
MSCONFIG\startupreg: Avira Systray => C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
MSCONFIG\startupreg: Backup & Storage => "C:\Program Files\VirginMedia\V Stuff Backup\Backup & Storage.exe"
MSCONFIG\startupreg: BluetoothAuthenticationAgent => rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
MSCONFIG\startupreg: Camera Detector => C:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE -autorun
MSCONFIG\startupreg: Conime => %windir%\system32\conime.exe
MSCONFIG\startupreg: ctfmon.exe => C:\WINDOWS\system32\ctfmon.exe
MSCONFIG\startupreg: DHSClient.exe => "C:\Program Files\Virgin Media\Digital Home Support\DHSClient.exe" /AUTORUN
MSCONFIG\startupreg: DriverUpdate => "C:\Program Files\DriverUpdate\DriverUpdate.exe" -boot
MSCONFIG\startupreg: DWQueuedReporting => "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t
MSCONFIG\startupreg: EPSON Stylus C66 Series => C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2S1.EXE /P23 "EPSON Stylus C66 Series" /O6 "USB001" /M "Stylus C66"
MSCONFIG\startupreg: LTSMMSG => LTSMMSG.exe
MSCONFIG\startupreg: Monitor => C:\WINDOWS\PixArt\PAC207\Monitor.exe
MSCONFIG\startupreg: MSMSGS => "C:\Program Files\Messenger\msmsgs.exe" /background
MSCONFIG\startupreg: NvCplDaemon => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
MSCONFIG\startupreg: NvMediaCenter => RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
MSCONFIG\startupreg: nwiz => nwiz.exe /install
MSCONFIG\startupreg: PAC207_Monitor => C:\WINDOWS\PixArt\PAC207\Monitor.exe
MSCONFIG\startupreg: ServiceManager.exe => "C:\Program Files\Virgin Media\Service Manager\ServiceManager.exe" /AUTORUN
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
==================== Faulty Device Manager Devices =============
Name: Multiport Communications Port (COM4)
Description: Multiport Communications Port
Class Guid: {4D36E978-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard port types)
Service: Serial
Problem: : Windows cannot determine the settings for this device. Consult the documentation that came with this device and use the Resource tab to set the configuration. (Code 34)
Resolution: The device requires manual configuration. See the hardware documentation or contact the hardware vendor for instructions on manually configuring the device. After you configure the device itself, you can use the "Resources" tab in Device Manager to configure the resource settings in Windows.
==================== Event log errors: =========================
Application errors:
==================
Error: (09/08/2014 10:40:23 AM) (Source: LoadPerf) (EventID: 3001) (User: )
Description: The performance counter name string value in the registry is incorrectly
formatted. The bogus string is 21326, the bogus index value is the first
DWORD in Data section while the last valid index values are the second and
third DWORD in Data section.
Error: (09/08/2014 10:38:54 AM) (Source: LoadPerf) (EventID: 3011) (User: )
Description: Unloading the performance counter strings for service MSDTC Bridge 4.0.0.0 (MSDTC Bridge 4.0.0.0) failed. The
Error code is the first DWORD in Data section.
Error: (09/08/2014 10:38:54 AM) (Source: LoadPerf) (EventID: 3001) (User: )
Description: The performance counter name string value in the registry is incorrectly
formatted. The bogus string is 21326, the bogus index value is the first
DWORD in Data section while the last valid index values are the second and
third DWORD in Data section.
Error: (09/08/2014 10:38:53 AM) (Source: LoadPerf) (EventID: 3011) (User: )
Description: Unloading the performance counter strings for service SMSvcHost 4.0.0.0 (SMSvcHost 4.0.0.0) failed. The
Error code is the first DWORD in Data section.
Error: (09/08/2014 10:38:53 AM) (Source: LoadPerf) (EventID: 3001) (User: )
Description: The performance counter name string value in the registry is incorrectly
formatted. The bogus string is 21326, the bogus index value is the first
DWORD in Data section while the last valid index values are the second and
third DWORD in Data section.
Error: (09/08/2014 10:38:53 AM) (Source: LoadPerf) (EventID: 3011) (User: )
Description: Unloading the performance counter strings for service ServiceModelService 4.0.0.0 (ServiceModelService 4.0.0.0) failed. The
Error code is the first DWORD in Data section.
Error: (09/08/2014 10:38:53 AM) (Source: LoadPerf) (EventID: 3001) (User: )
Description: The performance counter name string value in the registry is incorrectly
formatted. The bogus string is 21326, the bogus index value is the first
DWORD in Data section while the last valid index values are the second and
third DWORD in Data section.
Error: (09/08/2014 10:38:53 AM) (Source: LoadPerf) (EventID: 3011) (User: )
Description: Unloading the performance counter strings for service ServiceModelOperation 4.0.0.0 (ServiceModelOperation 4.0.0.0) failed. The
Error code is the first DWORD in Data section.
Error: (09/08/2014 10:38:53 AM) (Source: LoadPerf) (EventID: 3001) (User: )
Description: The performance counter name string value in the registry is incorrectly
formatted. The bogus string is 21326, the bogus index value is the first
DWORD in Data section while the last valid index values are the second and
third DWORD in Data section.
Error: (09/08/2014 10:38:52 AM) (Source: LoadPerf) (EventID: 3011) (User: )
Description: Unloading the performance counter strings for service ServiceModelEndpoint 4.0.0.0 (ServiceModelEndpoint 4.0.0.0) failed. The
Error code is the first DWORD in Data section.
System errors:
=============
Error: (09/13/2014 11:28:15 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The SharedAccess service terminated with the following error:
%%1055
Error: (09/13/2014 11:28:13 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "%%1055" attempting to start the service netman with arguments ""
in order to run the server:
{BA126AD8-2166-11D1-B1D0-00805FC1270E}
Error: (09/13/2014 11:26:20 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Timeout (30000 milliseconds) waiting for the Avira Service Host service to connect.
Error: (09/13/2014 10:06:52 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Timeout (30000 milliseconds) waiting for the Avira Service Host service to connect.
Error: (09/12/2014 10:26:43 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Timeout (30000 milliseconds) waiting for the Avira Service Host service to connect.
Error: (09/11/2014 00:53:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The IMAPI CD-Burning COM Service service terminated unexpectedly. It has done this 1 time(s).
Error: (09/11/2014 00:50:19 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Timeout (30000 milliseconds) waiting for the Avira Service Host service to connect.
Error: (09/11/2014 10:38:21 AM) (Source: DCOM) (EventID: 10005) (User: YOUR-0XV8V0OEAP)
Description: DCOM got error "%%1055" attempting to start the service netman with arguments ""
in order to run the server:
{BA126AE5-2166-11D1-B1D0-00805FC1270E}
Error: (09/11/2014 10:38:21 AM) (Source: DCOM) (EventID: 10005) (User: YOUR-0XV8V0OEAP)
Description: DCOM got error "%%1055" attempting to start the service netman with arguments ""
in order to run the server:
{BA126AE5-2166-11D1-B1D0-00805FC1270E}
Error: (09/11/2014 10:35:24 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Timeout (30000 milliseconds) waiting for the Avira Service Host service to connect.
Microsoft Office Sessions:
=========================
Error: (09/08/2014 10:40:23 AM) (Source: LoadPerf) (EventID: 3001) (User: )
Description: 21326
Error: (09/08/2014 10:38:54 AM) (Source: LoadPerf) (EventID: 3011) (User: )
Description: MSDTC Bridge 4.0.0.0MSDTC Bridge 4.0.0.0
Error: (09/08/2014 10:38:54 AM) (Source: LoadPerf) (EventID: 3001) (User: )
Description: 21326
Error: (09/08/2014 10:38:53 AM) (Source: LoadPerf) (EventID: 3011) (User: )
Description: SMSvcHost 4.0.0.0SMSvcHost 4.0.0.0
Error: (09/08/2014 10:38:53 AM) (Source: LoadPerf) (EventID: 3001) (User: )
Description: 21326
Error: (09/08/2014 10:38:53 AM) (Source: LoadPerf) (EventID: 3011) (User: )
Description: ServiceModelService 4.0.0.0ServiceModelService 4.0.0.0
Error: (09/08/2014 10:38:53 AM) (Source: LoadPerf) (EventID: 3001) (User: )
Description: 21326
Error: (09/08/2014 10:38:53 AM) (Source: LoadPerf) (EventID: 3011) (User: )
Description: ServiceModelOperation 4.0.0.0ServiceModelOperation 4.0.0.0
Error: (09/08/2014 10:38:53 AM) (Source: LoadPerf) (EventID: 3001) (User: )
Description: 21326
Error: (09/08/2014 10:38:52 AM) (Source: LoadPerf) (EventID: 3011) (User: )
Description: ServiceModelEndpoint 4.0.0.0ServiceModelEndpoint 4.0.0.0
==================== Memory info ===========================
Processor: Intel® Pentium® 4 CPU 1.80GHz
Percentage of memory in use: 25%
Total physical RAM: 2047.53 MB
Available physical RAM: 1535.38 MB
Total Pagefile: 3897.99 MB
Available Pagefile: 3373.84 MB
Total Virtual: 2047.88 MB
Available Virtual: 1932.83 MB
==================== Drives ================================
Drive c: (VAIO) (Fixed) (Total:32.66 GB) (Free:11.33 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: (VAIO) (Fixed) (Total:4.61 GB) (Free:4.55 GB) NTFS
Drive h: (New Volume) (Fixed) (Total:76.32 GB) (Free:76.24 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 37.3 GB) (Disk ID: 1AAC1AAC)
Partition 1: (Active) - (Size=32.7 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=4.6 GB) - (Type=OF Extended)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 76.3 GB) (Disk ID: F4AEF4AE)
Partition 1: (Active) - (Size=76.3 GB) - (Type=07 NTFS)
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 3.
==================== End Of Log ============================
Edited by sooty4, 13 September 2014 - 05:35 AM.