Jump to content

ksu6500

Members
 View Profile  See their activity

  • Posts

    5

  • Joined

  • Last visited

Reputation

0 Neutral
  1. ksu6500
    Thanks for the help but I will be doing a clean removal and looking for another solution to supplement my Avast Free Antivirus 2015. There is obviously a bug in this version of MBAM.
  2. ksu6500
    Errors in the network card would have nothing to do with the problem I am having. Did you read my original post of the problem? I ran a scan using both Malwarebytes Anti-Malware and Avast Free Anti-virus 2015 and neither found any issues with malware. I have used this laptop for 10 years without ever needing to use system restore so I disabled it long ago. Can you please review this issue again. If you can't resolve please pass it to someone who can.
  3. ksu6500
    I pasted the 2 files and attached the other below. I had some problems with Avast not allowing the download of the Farbar Recovery Scan Tool. Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:09-08-2015Ran by Ray (administrator) on RAYMOND (10-08-2015 14:53:49)Running from C:\Documents and Settings\Ray\DesktopLoaded Profiles: Ray (Available Profiles: Ray & Ray Admin & Administrator)Platform: Microsoft Windows XP Professional Service Pack 3 (X86) Language: English (United States)Internet Explorer Version 8 (Default browser: FF)Boot Mode: NormalTutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe(Google Inc.) C:\Program Files\Google\Update\1.3.28.1\GoogleCrashHandler.exe(SigmaTel, Inc.) C:\WINDOWS\stsystra.exe(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe(InstallShield Software Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe(CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe(Dell Inc) C:\Program Files\Dell\QuickSet\quickset.exe(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe(Seagate LLC) C:\Program Files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe() C:\Program Files\Dell Photo AIO Printer 942\dlbubmgr.exe() C:\Program Files\Dell Photo AIO Printer 942\memcard.exe(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe() C:\Program Files\Dell Photo AIO Printer 942\dlbubmon.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Seagate Technology LLC) C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE(Dell Inc.) C:\Program Files\Dell\NicConfigSvc\NicConfigSvc.exe(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [sigmatelSysTrayApp] => C:\WINDOWS\stsystra.exe [397312 2005-11-16] (SigmaTel, Inc.)HKLM\...\Run: [showLOMControl] => HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [761947 2005-11-29] (Synaptics, Inc.)HKLM\...\Run: [iSUSScheduler] => C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-06-10] (InstallShield Software Corporation)HKLM\...\Run: [DVDLauncher] => C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe [49152 2006-04-06] (CyberLink Corp.)HKLM\...\Run: [Dell QuickSet] => C:\Program Files\Dell\QuickSet\Quickset.exe [1191936 2007-05-14] (Dell Inc)HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvastUI.exe [6109776 2015-07-27] (AVAST Software)HKLM\...\Run: [MaxMenuMgr] => C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe [185640 2009-05-01] (Seagate LLC)HKLM\...\Run: [Dell Photo AIO Printer 942] => C:\Program Files\Dell Photo AIO Printer 942\dlbubmgr.exe [294912 2005-02-03] ()HKLM\...\Run: [DellMCM] => C:\Program Files\Dell Photo AIO Printer 942\memcard.exe [262144 2004-07-27] ()HKLM\...\Run: [DLBUCATS] => rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLBUtime.dll,_RunDLLEntry@16HKU\S-1-5-21-3102310626-2103059737-1018387006-1006\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-13] (Microsoft Corporation)HKU\S-1-5-21-3102310626-2103059737-1018387006-1006\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6453528 2015-07-17] (Piriform Ltd)HKU\S-1-5-21-3102310626-2103059737-1018387006-1006\...\Run: [GoogleChromeAutoLaunch_5ECE9CA2ED2D9D18D797927D757A092B] => C:\Program Files\Google\Chrome\Application\chrome.exe [813896 2015-07-31] (Google Inc.)ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll [2015-07-27] (AVAST Software) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/dell?hl=en&client=dell-inc&channel=usHKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/dell?hl=en&client=dell-inc&channel=usHKU\S-1-5-21-3102310626-2103059737-1018387006-1006\Software\Microsoft\Internet Explorer\Main,Start Page = http://finance.yahoo.com/HKU\S-1-5-21-3102310626-2103059737-1018387006-1006\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com/hws/sb/dell-inc/en/side.html?channel=usHKU\S-1-5-21-3102310626-2103059737-1018387006-1006\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/hws/sb/dell-inc/en/side.html?channel=usHKU\S-1-5-21-3102310626-2103059737-1018387006-1006\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/dell?hl=en&client=dell-inc&channel=usURLSearchHook: HKU\S-1-5-21-3102310626-2103059737-1018387006-1006 - (No Name) - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No FileSearchScopes: HKU\S-1-5-21-3102310626-2103059737-1018387006-1006 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No FileBHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2015-07-27] (AVAST Software)BHO: No Name -> {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} -> No FileToolbar: HKU\S-1-5-21-3102310626-2103059737-1018387006-1006 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No FileDPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cabHandler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL [2000-04-19] (Microsoft Corporation)Tcpip\Parameters: [DhcpNameServer] 192.168.1.1Tcpip\..\Interfaces\{7CA9F936-5947-4B2E-B416-4242AE5306E5}: [DhcpNameServer] 192.168.1.1 FireFox:========FF ProfilePath: C:\Documents and Settings\Ray\Application Data\Mozilla\Firefox\Profiles\183vux4c.default-1420055076984FF DefaultSearchEngine.US: GoogleFF Homepage: hxxp://finance.yahoo.com/FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-15] ()FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)FF Plugin: @java.com/DTPlugin,version=10.11.2 -> C:\WINDOWS\system32\npDeployJava1.dll [2013-01-12] (Oracle Corporation)FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL [2007-03-22] (Microsoft Corporation)FF Extension: Make Address Bar Font Size Bigger - C:\Documents and Settings\Ray\Application Data\Mozilla\Firefox\Profiles\183vux4c.default-1420055076984\Extensions\addressBarFontSizeBigger@papafresh.com.xpi [2015-05-02]FF Extension: Webmail Ad Blocker - C:\Documents and Settings\Ray\Application Data\Mozilla\Firefox\Profiles\183vux4c.default-1420055076984\Extensions\gmailnoads@mywebber.com.xpi [2015-05-17]FF Extension: NoSquint - C:\Documents and Settings\Ray\Application Data\Mozilla\Firefox\Profiles\183vux4c.default-1420055076984\Extensions\nosquint@urandom.ca.xpi [2015-05-06]FF Extension: Adblock Plus - C:\Documents and Settings\Ray\Application Data\Mozilla\Firefox\Profiles\183vux4c.default-1420055076984\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-12-31]FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtensionFF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-05-18]FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FFFF Extension: Avast Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011-02-23] Chrome: =======CHR Profile: C:\Documents and Settings\Ray\Local Settings\Application Data\Google\Chrome\User Data\DefaultCHR Extension: (Google Docs) - C:\Documents and Settings\Ray\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-17]CHR Extension: (Google Drive) - C:\Documents and Settings\Ray\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-17]CHR Extension: (YouTube) - C:\Documents and Settings\Ray\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-17]CHR Extension: (Webmail Ad Blocker) - C:\Documents and Settings\Ray\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cbhfdchmklhpcngcgjmpdbjakdggkkjp [2015-05-17]CHR Extension: (Google Search) - C:\Documents and Settings\Ray\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-17]CHR Extension: (Google Sheets) - C:\Documents and Settings\Ray\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-17]CHR Extension: (AdBlock) - C:\Documents and Settings\Ray\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-05-17]CHR Extension: (Chrome Hotword Shared Module) - C:\Documents and Settings\Ray\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-17]CHR Extension: (Chrome Web Store Payments) - C:\Documents and Settings\Ray\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-17]CHR Extension: (Gmail) - C:\Documents and Settings\Ray\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-17]CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx [2015-03-17]StartMenuInternet: chrome.exe - C:\Documents and Settings\Ray Admin\Local Settings\Application Data\Google\Chrome\Application\chrome.exe ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [146600 2015-07-27] (AVAST Software)S4 Bluetooth Hid Switch Service; C:\Program Files\BlueTooth\HidSwitchService\HidSw.exe [188416 2005-08-30] (Cambridge Silicon Radio) [File not signed]S3 dlbu_device; C:\WINDOWS\system32\dlbucoms.exe [421888 2004-10-25] (Dell)R2 FreeAgentGoNext Service; C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe [181544 2009-05-01] (Seagate Technology LLC)S4 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)S4 McrdSvc; C:\WINDOWS\ehome\mcrdsvc.exe [99328 2005-08-05] (Microsoft Corporation)S3 MHN; C:\WINDOWS\System32\mhn.dll [85504 2004-08-10] (Microsoft Corporation) [File not signed]R2 NICCONFIGSVC; C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe [380928 2005-12-06] (Dell Inc.) [File not signed]S4 WLANKEEPER; C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe [X] ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S4 abp480n5; C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS [23552 2001-08-17] (Microsoft Corporation)R1 APPDRV; C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS [16128 2005-08-12] (Dell Inc) [File not signed]R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24016 2015-07-27] (AVAST Software)R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [76000 2015-07-27] (AVAST Software)R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55200 2015-07-27] (AVAST Software)R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49776 2015-07-27] (AVAST Software)R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [788784 2015-07-27] (AVAST Software)R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [433264 2015-07-27] (AVAST Software)R3 aswStmXP; C:\WINDOWS\system32\drivers\aswStmXP.sys [161472 2015-07-27] (AVAST Software)S3 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57888 2015-07-27] (AVAST Software)R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [208664 2015-07-27] (AVAST Software)S3 HSFHWAZL; C:\WINDOWS\System32\DRIVERS\HSFHWAZL.sys [201600 2005-07-22] (Conexant Systems, Inc.)S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2015-06-18] (Malwarebytes Corporation)S3 MHNDRV; C:\WINDOWS\System32\DRIVERS\mhndrv.sys [11008 2004-08-10] (Microsoft Corporation) [File not signed]R1 omci; C:\WINDOWS\System32\DRIVERS\omci.sys [17153 2004-02-13] (Dell Inc) [File not signed]R0 PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [20640 2005-04-25] (Sonic Solutions) [File not signed]R3 STHDA; C:\WINDOWS\System32\drivers\sthda.sys [1047816 2005-11-16] (SigmaTel, Inc.)S3 Tosrfbd; C:\WINDOWS\System32\Drivers\tosrfbd.sys [111232 2006-06-13] (TOSHIBA CORPORATION) [File not signed]S1 Tosrfcom; C:\WINDOWS\system32\Drivers\Tosrfcom.sys [64896 2006-02-10] (TOSHIBA Corporation) [File not signed]S3 Tosrfhid; C:\WINDOWS\System32\DRIVERS\Tosrfhid.sys [60672 2006-05-29] (TOSHIBA Corporation.) [File not signed]S3 Tosrfusb; C:\WINDOWS\System32\Drivers\tosrfusb.sys [40192 2006-06-09] (TOSHIBA CORPORATION) [File not signed]S3 w39n51; C:\WINDOWS\System32\DRIVERS\w39n51.sys [1428096 2005-12-04] (Intel® Corporation)S3 NETwLx32; system32\DRIVERS\NETwLx32.sys [X]U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)S3 UIUSys; system32\DRIVERS\UIUSYS.SYS [X]S3 wanatw; system32\DRIVERS\wanatw4.sys [X]U1 WS2IFSL; no ImagePath ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) NETSVC: MHN -> C:\Windows\System32\mhn.dll (Microsoft Corporation) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-08-10 14:53 - 2015-08-10 14:54 - 00017098 _____ C:\Documents and Settings\Ray\Desktop\FRST.txt2015-08-10 14:52 - 2015-08-10 14:53 - 00000000 ____D C:\FRST2015-08-10 14:50 - 2015-08-10 14:50 - 01674752 _____ (Farbar) C:\Documents and Settings\Ray\Desktop\FRST.exe2015-08-10 14:03 - 2015-08-10 14:03 - 00001515 _____ C:\Documents and Settings\Ray\Desktop\Paint.lnk2015-08-08 14:43 - 2015-08-10 14:42 - 00098520 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys2015-08-08 14:43 - 2015-08-08 14:43 - 00000777 _____ C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk2015-08-08 14:43 - 2015-08-08 14:43 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware2015-08-08 14:43 - 2015-08-08 14:43 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware2015-08-08 14:43 - 2015-08-08 14:43 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Malwarebytes2015-08-08 14:43 - 2015-06-18 08:41 - 00121560 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys2015-08-08 14:43 - 2015-06-18 08:41 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys2015-08-08 14:41 - 2015-08-08 14:41 - 24345872 _____ (Malwarebytes Corporation ) C:\Documents and Settings\Ray\Desktop\mbam-setup-2.1.8.1057.exe2015-08-08 14:33 - 2015-08-08 14:33 - 00321848 _____ (Malwarebytes Corporation) C:\Documents and Settings\Ray\Desktop\mbam-clean-2.1.1.1001.exe2015-08-06 16:04 - 2015-08-07 13:33 - 00000000 ____D C:\Program Files\Mozilla Firefox2015-07-27 13:01 - 2015-07-27 13:01 - 00000000 __HDC C:\WINDOWS\$NtUninstallWdf01009$2015-07-27 13:01 - 2015-07-27 13:00 - 00161472 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStmXP.sys2015-07-27 13:01 - 2008-11-07 18:55 - 00016928 ____N (Microsoft Corporation) C:\WINDOWS\system32\spmsgXP_2k3.dll2015-07-27 13:00 - 2015-07-27 13:00 - 00313472 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe2015-07-27 13:00 - 2015-07-27 13:00 - 00043112 _____ (AVAST Software) C:\WINDOWS\avastSS.scr ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-08-10 14:54 - 2010-05-05 15:34 - 00000000 ____D C:\Documents and Settings\Ray\Local Settings\Temp2015-08-10 14:53 - 2010-05-05 15:00 - 00000430 ____H C:\WINDOWS\Tasks\User_Feed_Synchronization-{425097F7-8630-4CAC-8069-0703166054AA}.job2015-08-10 14:31 - 2010-05-07 15:23 - 00000418 ____H C:\WINDOWS\Tasks\User_Feed_Synchronization-{9000B7A6-1BC8-426E-BC5C-CF12C685200B}.job2015-08-10 14:18 - 2012-12-07 17:11 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job2015-08-10 14:08 - 2015-05-17 20:53 - 00000886 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job2015-08-09 17:40 - 2010-05-07 14:09 - 00066048 _____ C:\Documents and Settings\Ray\My Documents\Telemarketing Calls.xls2015-08-09 16:08 - 2015-05-17 20:53 - 00000882 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job2015-08-08 15:43 - 2010-05-07 14:07 - 00000000 ____D C:\Documents and Settings\Ray\My Documents\My Finances2015-08-08 14:39 - 2005-08-16 05:40 - 02060566 _____ C:\WINDOWS\WindowsUpdate.log2015-08-08 14:38 - 2014-04-20 16:54 - 00000159 _____ C:\WINDOWS\wiadebug.log2015-08-08 14:38 - 2014-04-20 16:54 - 00000048 _____ C:\WINDOWS\wiaservc.log2015-08-08 14:38 - 2012-07-06 16:01 - 00000366 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job2015-08-08 14:37 - 2005-08-16 05:49 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT2015-08-08 14:36 - 2010-05-05 15:34 - 00000278 ___SH C:\Documents and Settings\Ray\ntuser.ini2015-08-08 14:36 - 2005-08-16 05:49 - 00032394 _____ C:\WINDOWS\SchedLgU.Txt2015-08-08 14:10 - 2015-05-17 20:55 - 00001813 _____ C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk2015-08-08 13:50 - 2012-07-13 21:14 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service2015-08-07 15:22 - 2010-05-05 15:34 - 00000000 ____D C:\Documents and Settings\Ray2015-08-03 14:49 - 2010-05-07 14:15 - 00000000 ____D C:\Documents and Settings\Ray\My Documents\My Acura2015-07-30 19:35 - 2010-07-18 17:09 - 00021504 _____ C:\Documents and Settings\Ray\My Documents\TV Shows.xls2015-07-27 20:25 - 2013-12-27 18:50 - 00000682 _____ C:\Documents and Settings\All Users\Desktop\CCleaner.lnk2015-07-27 20:25 - 2013-12-27 18:50 - 00000000 ____D C:\Program Files\CCleaner2015-07-27 13:00 - 2014-05-02 19:42 - 00024016 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys2015-07-27 13:00 - 2013-03-15 16:37 - 00208664 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys2015-07-27 13:00 - 2013-03-15 16:37 - 00076000 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys2015-07-27 13:00 - 2013-03-15 16:37 - 00049776 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys2015-07-27 13:00 - 2011-02-23 16:24 - 00788784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys2015-07-27 13:00 - 2010-05-05 01:44 - 00433264 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys2015-07-27 13:00 - 2010-05-05 01:44 - 00057888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys2015-07-27 13:00 - 2010-05-05 01:44 - 00055200 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys2015-07-27 12:55 - 2005-08-16 05:18 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl2015-07-17 17:25 - 2005-08-16 05:22 - 00000000 ____D C:\WINDOWS\Help2015-07-15 15:18 - 2012-07-18 16:14 - 00778416 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe2015-07-15 15:18 - 2012-07-18 16:14 - 00142512 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl ==================== Files in the root of some directories ======= 2011-01-09 20:11 - 2011-01-09 20:11 - 0000187 _____ () C:\Documents and Settings\Ray\Application Data\G-Force Prefs (WindowsMediaPlayer).txt2010-09-21 18:13 - 2010-12-01 01:43 - 0000664 _____ () C:\Documents and Settings\Ray\Local Settings\Application Data\d3d9caps.dat2011-08-27 16:42 - 2014-03-08 22:44 - 0005632 _____ () C:\Documents and Settings\Ray\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini2010-05-05 15:34 - 2011-01-31 14:23 - 0000126 _____ () C:\Documents and Settings\Ray\Local Settings\Application Data\fusioncache.dat ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\explorer.exe => File is digitally signedC:\WINDOWS\system32\winlogon.exe => File is digitally signedC:\WINDOWS\system32\svchost.exe => File is digitally signedC:\WINDOWS\system32\services.exe => File is digitally signedC:\WINDOWS\system32\User32.dll => File is digitally signedC:\WINDOWS\system32\userinit.exe => File is digitally signedC:\WINDOWS\system32\rpcss.dll => File is digitally signedC:\WINDOWS\system32\dnsapi.dll => File is digitally signedC:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== End of log ============================ Additional scan result of Farbar Recovery Scan Tool (x86) Version:09-08-2015Ran by Ray (2015-08-10 14:54:51)Running from C:\Documents and Settings\Ray\DesktopBoot Mode: Normal========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3102310626-2103059737-1018387006-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\AdministratorASPNET (S-1-5-21-3102310626-2103059737-1018387006-1036 - Limited - Enabled)Guest (S-1-5-21-3102310626-2103059737-1018387006-501 - Limited - Disabled)HelpAssistant (S-1-5-21-3102310626-2103059737-1018387006-1005 - Limited - Disabled)Ray (S-1-5-21-3102310626-2103059737-1018387006-1006 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\RayRay Admin (S-1-5-21-3102310626-2103059737-1018387006-1007 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Ray AdminSUPPORT_388945a0 (S-1-5-21-3102310626-2103059737-1018387006-1002 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Enabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)Avast Free Antivirus (HKLM\...\avast) (Version: 10.3.2223 - AVAST Software)Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v4.00.20(D) - )Broadcom 440x 10/100 Integrated Controller (HKLM\...\{612B9183-67A9-4B44-9877-2F059E35B86A}) (Version: 10.04.01 - Broadcom Corporation)Broadcom Management Programs (HKLM\...\{C99C0593-3B48-41D9-B42F-6E035B320449}) (Version: 10.15.03 - Broadcom Corporation)CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform)Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)Conexant HDA D110 MDC V.92 Modem (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3) (Version: - )Defraggler (HKLM\...\Defraggler) (Version: 2.19 - Piriform)Dell Photo AIO Printer 942 (HKLM\...\Dell Photo AIO Printer 942) (Version: - )Dell System Restore (HKLM\...\{74F7662C-B1DB-489E-A8AC-07A06B24978B}) (Version: 2.00.0000 - Dell Inc.)DGOControls (HKLM\...\{779A19AC-A302-425D-B295-F12116C2D731}) (Version: 1.00.0000 - William O'Neil + Co. Inc.)Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 7.1.5.425 - Foxit Software Inc.)Google Chrome (HKLM\...\Google Chrome) (Version: 44.0.2403.130 - Google Inc.)Google Update Helper (Version: 1.3.28.1 - Google Inc.) HiddenHigh Definition Audio Driver Package - KB835221 (HKLM\...\KB835221WXP) (Version: 20040219.000000 - Microsoft Corporation)Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - )K-State (HKLM\...\{F24C546B-6806-4B5A-9809-A3B5F12741BB}) (Version: 3.0.0 - Antech Systems, Inc.)Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)Microsoft .NET Framework 1.0 Hotfix (KB2572066) (HKLM\...\KB2572066) (Version: - Microsoft Corporation)Microsoft .NET Framework 1.0 Hotfix (KB2604042) (HKLM\...\KB2604042) (Version: - Microsoft Corporation)Microsoft .NET Framework 1.0 Hotfix (KB2656378) (HKLM\...\KB2656378) (Version: - Microsoft Corporation)Microsoft .NET Framework 1.0 Hotfix (KB979904) (HKLM\...\KB979904) (Version: - Microsoft Corporation)Microsoft .NET Framework 1.0 Security Update (KB2698035) (HKLM\...\KB2698035) (Version: - Microsoft Corporation)Microsoft .NET Framework 1.0 Security Update (KB2742607) (HKLM\...\KB2742607) (Version: - Microsoft Corporation)Microsoft .NET Framework 1.0 Security Update (KB2833951) (HKLM\...\KB2833951) (Version: - Microsoft Corporation)Microsoft .NET Framework 1.0 Security Update (KB2904878) (HKLM\...\KB2904878) (Version: - Microsoft Corporation)Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version: - )Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version: - )Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version: - )Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)Microsoft Office Basic Edition 2003 (HKLM\...\{91130409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version: - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)Mozilla Firefox 39.0.3 (x86 en-US) (HKLM\...\Mozilla Firefox 39.0.3 (x86 en-US)) (Version: 39.0.3 - Mozilla)Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)mProSafe (Version: 9.00.0000 - Intel) HiddenMSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)mWlsSafe (Version: 9.00.0000 - Intel) HiddenPowerDVD 5.9 (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: - )QuickSet (HKLM\...\{C5074CC4-0E26-4716-A307-960272A90040}) (Version: 8.1.12 - Dell Computer Corporation)Seagate Manager Installer (HKLM\...\InstallShield_{231A1A09-FDF2-45F2-B3D1-964CECE372BC}) (Version: 2.01.0109 - Seagate)Seagate Manager Installer (Version: 2.01.0109 - Seagate) HiddenSonic Encoders (HKLM\...\{9941F0AA-B903-4AF4-A055-83A9815CC011}) (Version: 1.00 - Sonic Solutions)Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 8.2.4.3 - Synaptics)Update Rollup 2 for Windows XP Media Center Edition 2005 (HKLM\...\KB900325) (Version: - Microsoft Corporation)VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) HiddenWindows Driver Package - Ricoh Company (rimsptsk) hdc (11/14/2006 6.00.01.04) (HKLM\...\4569969E1360D2854474C661EF9B4D54F143EB16) (Version: 11/14/2006 6.00.01.04 - Ricoh Company)Windows Installer 3.1 (KB893803) (HKLM\...\KB893803v2) (Version: - Microsoft Corporation)Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )Windows Media Player 10 Hotfix [see EmeraldQFE2 for more information] (HKLM\...\EmeraldQFE2) (Version: - Microsoft Corporation)Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - )Windows XP Media Center Edition 2005 KB2502898 (HKLM\...\KB2502898) (Version: - Microsoft Corporation)Windows XP Media Center Edition 2005 KB2619340 (HKLM\...\KB2619340) (Version: - Microsoft Corporation)Windows XP Media Center Edition 2005 KB2628259 (HKLM\...\KB2628259) (Version: - Microsoft Corporation)Windows XP Media Center Edition 2005 KB908246 (HKLM\...\KB908246) (Version: - Microsoft Corporation)Windows XP Media Center Edition 2005 KB925766 (HKLM\...\KB925766) (Version: - Microsoft Corporation)Windows XP Media Center Edition 2005 KB973768 (HKLM\...\KB973768) (Version: - Microsoft Corporation)Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)Xiph.Org Open Codecs 0.85.17777 (HKLM\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Restore Points ========================= ATTENTION: System Restore is disabled ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2005-08-16 05:18 - 2004-08-10 06:00 - 00000734 ____A C:\WINDOWS\system32\Drivers\etc\hosts127.0.0.1 localhost ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exeTask: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exeTask: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exeTask: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exeTask: C:\WINDOWS\Tasks\User_Feed_Synchronization-{425097F7-8630-4CAC-8069-0703166054AA}.job => C:\WINDOWS\system32\msfeedssync.exeTask: C:\WINDOWS\Tasks\User_Feed_Synchronization-{9000B7A6-1BC8-426E-BC5C-CF12C685200B}.job => C:\WINDOWS\system32\msfeedssync.exe ==================== Loaded Modules (Whitelisted) ============== 2015-03-17 20:33 - 2015-07-27 13:00 - 00102864 _____ () C:\Program Files\Alwil Software\Avast5\log.dll2015-03-17 20:33 - 2015-07-27 13:00 - 00123976 _____ () C:\Program Files\Alwil Software\Avast5\JsonRpcServer.dll2015-08-08 13:52 - 2015-08-08 13:52 - 02960384 _____ () C:\Program Files\Alwil Software\Avast5\defs\15080801\algo.dll2015-08-10 13:51 - 2015-08-10 13:51 - 02960384 _____ () C:\Program Files\Alwil Software\Avast5\defs\15081003\algo.dll2004-07-20 18:04 - 2004-07-20 18:04 - 00094208 _____ () C:\WINDOWS\system32\TosBtHcrpAPI.dll2014-05-02 12:21 - 2004-10-08 13:47 - 00075264 _____ () C:\WINDOWS\System32\spool\PRTPROCS\W32X86\DLBUPP5C.dll2006-03-17 11:19 - 2007-05-14 14:24 - 00098304 _____ () C:\Program Files\Dell\QuickSet\dadkeyb.dll2015-03-14 14:12 - 2015-03-17 20:33 - 40540672 _____ () C:\Program Files\Alwil Software\Avast5\libcef.dll2014-05-02 12:21 - 2005-02-03 03:08 - 00294912 _____ () C:\Program Files\Dell Photo AIO Printer 942\dlbubmgr.exe2014-05-02 12:21 - 2004-07-27 09:08 - 00262144 _____ () C:\Program Files\Dell Photo AIO Printer 942\memcard.exe2014-05-02 12:21 - 2005-02-03 10:34 - 00102400 _____ () C:\Program Files\Dell Photo AIO Printer 942\dlbubmon.exe2014-05-02 12:21 - 2005-02-03 03:06 - 00061440 _____ () C:\Program Files\Dell Photo AIO Printer 942\JetScan.dll2014-05-02 12:21 - 2005-02-03 03:05 - 00135168 _____ () C:\Program Files\Dell Photo AIO Printer 942\JetDecmp.dll2014-05-02 12:21 - 2005-02-03 03:07 - 00036864 _____ () C:\Program Files\Dell Photo AIO Printer 942\JetPrint.dll2014-05-02 12:21 - 2005-02-03 03:05 - 00036864 _____ () C:\Program Files\Dell Photo AIO Printer 942\JetFunc.dll2014-05-02 12:21 - 2005-02-03 03:05 - 00065536 _____ () C:\Program Files\Dell Photo AIO Printer 942\JetImage.dll2014-05-02 12:21 - 2005-02-03 03:05 - 00028672 _____ () C:\Program Files\Dell Photo AIO Printer 942\JetPDF.dll2014-05-02 12:21 - 2004-07-29 16:54 - 00061440 _____ () C:\Program Files\Dell Photo AIO Printer 942\ConvDIB.dll2005-08-16 05:18 - 2008-04-13 19:11 - 00059904 _____ () C:\WINDOWS\system32\devenum.dll2005-08-16 05:18 - 2008-04-13 19:11 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll2015-06-05 21:51 - 2014-02-10 13:44 - 04592128 _____ () C:\Documents and Settings\Ray\Local Settings\Application Data\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll2015-06-05 21:51 - 2014-02-10 13:44 - 00112128 _____ () C:\Documents and Settings\Ray\Local Settings\Application Data\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3102310626-2103059737-1018387006-1006\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\dell.bmpDNS Servers: 192.168.1.1Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Bluetooth Manager.lnk => C:\WINDOWS\pss\Bluetooth Manager.lnkCommon StartupMSCONFIG\startupreg: Messenger (Yahoo!) => "C:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.exe" -quietMSCONFIG\startupreg: MSMSGS => "C:\Program Files\Messenger\msmsgs.exe" /background ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) DomainProfile\AuthorizedApplications: [C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe] => Enabled:AOLDomainProfile\AuthorizedApplications: [C:\Program Files\Common Files\AOL\ACS\AOLDial.exe] => Enabled:AOLDomainProfile\AuthorizedApplications: [C:\Program Files\America Online 9.0\waol.exe] => Enabled:AOLStandardProfile\AuthorizedApplications: [C:\Program Files\Internet Explorer\IEXPLORE.EXE] => Enabled:Internet ExplorerStandardProfile\AuthorizedApplications: [C:\WINDOWS\system32\sessmgr.exe] => Disabled:@xpsp2res.dll,-22019StandardProfile\AuthorizedApplications: [C:\Program Files\Alwil Software\Avast5\AvastUI.exe] => Enabled:avast! Free AntivirusStandardProfile\AuthorizedApplications: [C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe] => Enabled:Malwarebytes' Anti-MalwareStandardProfile\AuthorizedApplications: [C:\WINDOWS\Network Diagnostic\xpnetdiag.exe] => Disabled:@xpsp3res.dll,-20000StandardProfile\AuthorizedApplications: [C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe] => Enabled:Yahoo! MessengerStandardProfile\AuthorizedApplications: [C:\WINDOWS\system32\mmc.exe] => Disabled:Microsoft Management ConsoleStandardProfile\AuthorizedApplications: [C:\Program Files\Messenger\msmsgs.exe] => Disabled:Windows MessengerStandardProfile\AuthorizedApplications: [C:\Program Files\Google\Chrome\Application\chrome.exe] => Enabled:Google ChromeStandardProfile\AuthorizedApplications: [C:\Program Files\Mozilla Firefox\firefox.exe] => Enabled:Firefox (C:\Program Files\Mozilla Firefox)StandardProfile\GloballyOpenPorts: [1900:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22007 ==================== Faulty Device Manager Devices ============= Name: Intel® PRO/Wireless 3945ABG Network ConnectionDescription: Intel® PRO/Wireless 3945ABG Network ConnectionClass Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}Manufacturer: Intel CorporationService: w39n51Problem: : This device is disabled. (Code 22)Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: 1394 Net AdapterDescription: 1394 Net AdapterClass Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}Manufacturer: MicrosoftService: NIC1394Problem: : This device is disabled. (Code 22)Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors:==================Error: (08/04/2015 08:33:56 PM) (Source: crypt32) (EventID: 8) (User: )Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>with error: The specified server cannot perform the requested operation. Error: (08/04/2015 08:33:55 PM) (Source: crypt32) (EventID: 8) (User: )Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>with error: The specified server cannot perform the requested operation. Error: (08/04/2015 08:33:54 PM) (Source: crypt32) (EventID: 8) (User: )Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>with error: This operation returned because the timeout period expired. Error: (08/04/2015 08:33:54 PM) (Source: crypt32) (EventID: 8) (User: )Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>with error: This operation returned because the timeout period expired. Error: (08/04/2015 08:33:54 PM) (Source: crypt32) (EventID: 8) (User: )Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>with error: This operation returned because the timeout period expired. Error: (08/04/2015 08:33:54 PM) (Source: crypt32) (EventID: 8) (User: )Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>with error: This operation returned because the timeout period expired. Error: (07/28/2015 07:28:06 PM) (Source: crypt32) (EventID: 5) (User: )Description: Failed auto update retrieval of third-party root certificate from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/132D0D45534B6997CDB2D5C339E25576609B5CC6.crt>with error: This operation returned because the timeout period expired. Error: (07/28/2015 07:28:06 PM) (Source: crypt32) (EventID: 5) (User: )Description: Failed auto update retrieval of third-party root certificate from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/132D0D45534B6997CDB2D5C339E25576609B5CC6.crt>with error: This operation returned because the timeout period expired. Error: (05/26/2015 02:44:25 PM) (Source: Application Error) (EventID: 1001) (User: )Description: Fault bucket 1208758338.The Wep key exchange did not result in a secure connection setup after 802.1x authentication. The current setting has been marked as failed and the Wireless connection will be disconnected. Error: (05/26/2015 02:44:18 PM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application plugin-container.exe, version 38.0.1.5611, faulting module mozalloc.dll, version 38.0.1.5611, fault address 0x00001aa1.Processing media-specific event for [plugin-container.exe!ws!] System errors:=============Error: (08/10/2015 01:50:02 PM) (Source: Dhcp) (EventID: 1000) (User: )Description: Your computer has lost the lease to its IP address 192.168.1.217 on theNetwork Card with network address 0015C50001E0. Error: (08/07/2015 07:05:35 PM) (Source: Service Control Manager) (EventID: 7011) (User: )Description: Timeout (30000 milliseconds) waiting for a transaction response from the stisvc service. Error: (08/06/2015 01:35:08 PM) (Source: Dhcp) (EventID: 1000) (User: )Description: Your computer has lost the lease to its IP address 192.168.1.217 on theNetwork Card with network address 0015C50001E0. Error: (08/03/2015 01:55:52 PM) (Source: Dhcp) (EventID: 1000) (User: )Description: Your computer has lost the lease to its IP address 192.168.1.217 on theNetwork Card with network address 0015C50001E0. Error: (08/02/2015 01:52:30 PM) (Source: Dhcp) (EventID: 1000) (User: )Description: Your computer has lost the lease to its IP address 192.168.1.217 on theNetwork Card with network address 0015C50001E0. Error: (07/30/2015 06:50:46 PM) (Source: Dhcp) (EventID: 1000) (User: )Description: Your computer has lost the lease to its IP address 192.168.1.217 on theNetwork Card with network address 0015C50001E0. Error: (07/28/2015 05:38:15 PM) (Source: Service Control Manager) (EventID: 7011) (User: )Description: Timeout (30000 milliseconds) waiting for a transaction response from the stisvc service. Error: (07/28/2015 05:37:35 PM) (Source: Dhcp) (EventID: 1000) (User: )Description: Your computer has lost the lease to its IP address 192.168.1.217 on theNetwork Card with network address 0015C50001E0. Error: (07/22/2015 07:13:05 PM) (Source: W32Time) (EventID: 29) (User: )Description: The time provider NtpClient is configured to acquire time from one or moretime sources, however none of the sources are currently accessible. No attempt to contact a source will be made for 14 minutes.NtpClient has no source of accurate time. Error: (07/22/2015 07:13:05 PM) (Source: W32Time) (EventID: 17) (User: )Description: Time Provider NtpClient: An error occurred during DNS lookup of the manuallyconfigured peer 'time.nist.gov,0x1'. NtpClient will try the DNS lookup again in 15minutes.The error was: A socket operation was attempted to an unreachable host. (0x80072751) Microsoft Office:=========================Error: (08/04/2015 08:33:56 PM) (Source: crypt32) (EventID: 8) (User: )Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThespecified server cannot perform the requested operation. Error: (08/04/2015 08:33:55 PM) (Source: crypt32) (EventID: 8) (User: )Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThespecified server cannot perform the requested operation. Error: (08/04/2015 08:33:54 PM) (Source: crypt32) (EventID: 8) (User: )Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThisoperation returned because the timeout period expired. Error: (08/04/2015 08:33:54 PM) (Source: crypt32) (EventID: 8) (User: )Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThisoperation returned because the timeout period expired. Error: (08/04/2015 08:33:54 PM) (Source: crypt32) (EventID: 8) (User: )Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThisoperation returned because the timeout period expired. Error: (08/04/2015 08:33:54 PM) (Source: crypt32) (EventID: 8) (User: )Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThisoperation returned because the timeout period expired. Error: (07/28/2015 07:28:06 PM) (Source: crypt32) (EventID: 5) (User: )Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/132D0D45534B6997CDB2D5C339E25576609B5CC6.crtThisoperation returned because the timeout period expired. Error: (07/28/2015 07:28:06 PM) (Source: crypt32) (EventID: 5) (User: )Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/132D0D45534B6997CDB2D5C339E25576609B5CC6.crtThisoperation returned because the timeout period expired. Error: (05/26/2015 02:44:25 PM) (Source: Application Error) (EventID: 1001) (User: )Description: 1208758338 Error: (05/26/2015 02:44:18 PM) (Source: Application Error) (EventID: 1000) (User: )Description: plugin-container.exe38.0.1.5611mozalloc.dll38.0.1.561100001aa1 ==================== Memory info =========================== Processor: Genuine Intel® CPU T2400 @ 1.83GHzPercentage of memory in use: 50%Total physical RAM: 2038.37 MBAvailable physical RAM: 1008.27 MBTotal Virtual: 3931.16 MBAvailable Virtual: 2652.61 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:87.06 GB) (Free:65.11 GB) NTFS ==>[drive with boot components (Windows XP)] ==================== MBR & Partition Table ================== ========================================================Disk: 0 (Size: 91.8 GB) (Disk ID: E686F016)Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)Partition 2: (Active) - (Size=87.1 GB) - (Type=07 NTFS)Partition 3: (Not Active) - (Size=4.6 GB) - (Type=DB) ==================== End of log ============================ CheckResults.txt
  4. ksu6500
    I am running Windows XP SP3 if this helps.
  5. ksu6500
    I am having problems with Anti-Malware 2.1.8.1057 switching from the Free to the Premium version. I have never paid for a license and use the software occasionally to supplement my free version of Avast Antivirus. I have deactivated the license that appears on the license details screen but the Premium version keeps coming back. It also tries to activate the real-time options of the Premium version which I don't want. I have run the mbam-clean-2.1.1.1001.exe program and done a clean install to no avail. Please advise how to stop the change to the premium version.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.