Additional scan result of Farbar Recovery Scan Tool (x86) Version: 29-09-2017
Ran by Teressa (29-09-2017 23:22:40)
Running from C:\Documents and Settings\Teressa\Desktop\New Folder (7)
Microsoft Windows XP Home Edition Service Pack 3 (X86) (2003-12-28 22:52:23)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2305011698-3870448665-3586125232-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator.PROSPERITY
ASPNET (S-1-5-21-2305011698-3870448665-3586125232-1008 - Limited - Enabled)
Guest (S-1-5-21-2305011698-3870448665-3586125232-501 - Limited - Enabled)
HelpAssistant (S-1-5-21-2305011698-3870448665-3586125232-1006 - Limited - Disabled)
SUPPORT_388945a0 (S-1-5-21-2305011698-3870448665-3586125232-1002 - Limited - Disabled)
SUPPORT_3f151ab9 (S-1-5-21-2305011698-3870448665-3586125232-1005 - Limited - Disabled)
Teressa (S-1-5-21-2305011698-3870448665-3586125232-1007 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Teressa
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Malwarebytes (Enabled - Up to date) {D4AC7077-9720-47B0-8B38-DFAF3AA21DB6}
AV: AVG Antivirus (Enabled - Up to date) {81C62321-3C2A-4A1A-BF2F-52ED23B22B8B}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
32 Bit HP CIO Components Installer (HKLM\...\{A80FA752-C491-4ED9-ABF0-4278563160B2}) (Version: 7.1.8 - Hewlett-Packard) Hidden
ABBYY FineReader 4.0 Sprint (HKLM\...\ABBYY FineReader 4.0 Sprint) (Version: - )
Active@ ISO Burner (HKLM\...\{7694E0B1-2332-448B-9235-929F84B41E3F}) (Version: 2.0.5 - LSoft Technologies)
Adobe Acrobat 4.0 (HKLM\...\Adobe Acrobat 4.0) (Version: 4.0 - Adobe Systems, Inc.)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe Atmosphere Player for Acrobat and Adobe Reader (HKLM\...\Adobe Atmosphere Player) (Version: - )
Adobe Download Manager (HKLM\...\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}) (Version: 1.6.2.91 - NOS Microsystems Ltd.)
Adobe Flash Player 27 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 27.0.0.130 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 27.0.0.130 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Advertising Center (HKLM\...\{b2ec4a38-b545-4a00-8214-13fe0e915e6d}) (Version: 0.0.0.1 - Nero AG) Hidden
Audacity 1.3.13 (Unicode) (HKLM\...\Audacity 1.3 Beta (Unicode)_is1) (Version: - Audacity Team)
AutoUpdate (HKLM\...\{18D10072035C4515918F7E37EAFAACFC}) (Version: 1.1 - )
AVG (HKLM\...\{1D382E7D-7E8B-4C85-9233-287017A66599}) (Version: 1.211.2 - AVG Technologies) Hidden
AVG AntiVirus FREE (HKLM\...\AVG Antivirus) (Version: 17.6.3029 - AVG Technologies)
Backuptrans Android SMS + MMS Transfer 3.2.16 (HKU\S-1-5-21-2305011698-3870448665-3586125232-1007\...\Backuptrans Android SMS + MMS Transfer) (Version: 3.2.16 - Backuptrans)
Banctec Service Agreement (HKLM\...\{4B9F45E8-E3CE-40B4-9463-80A9B3481DEF}) (Version: 1.00.0005 - Dell) Hidden
Banctec Service Agreement (HKLM\...\{FC4ED75D-916C-4A8C-BB67-3C6F6E06D62B}) (Version: 1.00.00 - Dell) Hidden
BCM V.92 56K Modem (HKLM\...\BCM V.92 56K Modem) (Version: - )
bitcontrolÂ
MPEG-2 Video Decoder v2.1 (HKLM\...\bcMPEG2dec) (Version: 2.1 - BitCtrl Systems GmbH)
Bonjour (HKLM\...\{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}) (Version: 1.0.105 - Apple Inc.)
BufferChm (HKLM\...\{687FEF8A-8597-40b4-832C-297EA3F35817}) (Version: 100.0.170.000 - Hewlett-Packard) Hidden
C6200_Help (HKLM\...\{B041ABD7-4A10-482a-A525-577A7AAD8EC7}) (Version: 90.0.189.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.04 - Piriform)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Corel Paint Shop Pro X (HKLM\...\{1A15507A-8551-4626-915D-3D5FA095CC1B}) (Version: 10.0 - Corel Inc)
Critical Update for Windows Media Player 11 (KB959772) (HKLM\...\KB959772_WM11) (Version: - Microsoft Corporation)
Cucusoft MPEG/MOV/RM/DivX/AVI to DVD/VCD/SVCD Creator Pro 7.07 (HKLM\...\Cucusoft MPEG/MOV/RM/DivX/AVI to DVD/VCD/SVCD Creator Pro_is1) (Version: - Cucusoft, Inc.)
Dell Digital Jukebox Driver (HKLM\...\Dell Digital Jukebox Driver) (Version: - )
Dell Media Experience (HKLM\...\{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: - )
Dell Networking Guide (HKLM\...\{68D60342-7686-45C9-B8EB-40EF843D0460}) (Version: 1.00.0001 - Dell) Hidden
Dell Solution Center (HKLM\...\{11F1920A-56A2-4642-B6E0-3B31A12C9288}) (Version: 1.00.0000 - Dell)
DivX (HKLM\...\{7B63B2922B174135AFC0E1377DD81EC2}) (Version: 6.0 - DivXNetworks, Inc.)
DolbyFiles (HKLM\...\{b1adf008-e898-4fe2-8a1f-690d9a06acaf}) (Version: 2.0 - Nero AG) Hidden
DrawPlus 3.0 (HKLM\...\DrawPlus 3.0) (Version: - )
DS21Patch (HKLM\...\{9B79DCB0-AAD7-456B-8D07-433C936FA24B}) (Version: 1.00.0000 - Dell) Hidden
DVD Decrypter (Remove Only) (HKLM\...\DVD Decrypter) (Version: - )
DVD Shrink 3.2 (HKLM\...\DVD Shrink_is1) (Version: - DVD Shrink)
DVD43 Plug-in v1.0.0.5 (HKLM\...\DVD43 Plug-in_is1) (Version: - )
DVD43 v4.6.0 (HKLM\...\DVD43_is1) (Version: - )
DVDSentry (HKLM\...\{98DF85D9-96C0-4F57-A92E-C3539477EF5E}) (Version: 1.00.0000 - Dell)
eM Client (HKLM\...\{224024F1-88C6-4E06-9AF6-39FF47347338}) (Version: 7.0.30068.0 - eM Client Inc.)
EPSON Artisan 1430 Series Printer Uninstall (HKLM\...\EPSON Artisan 1430 Series) (Version: - SEIKO EPSON Corporation)
Evernote v. 6.4.2 (HKLM\...\{E74F0DCA-9FC8-11E6-9D98-005056950253}) (Version: 6.4.2.3788 - Evernote Corp.)
Fax (HKLM\...\{EEEB604C-C1A7-4f8c-B03F-56F9C1C9C45F}) (Version: 120.0.194.000 - Hewlett-Packard) Hidden
FileZilla Client 3.6.0.2 (HKLM\...\FileZilla Client) (Version: 3.6.0.2 - FileZilla Project)
FMW 1 (HKLM\...\{E2258604-A4CB-4F29-BB9F-58081E193EAA}) (Version: 1.224.4 - AVG Technologies) Hidden
Google Chrome (HKU\S-1-5-21-2305011698-3870448665-3586125232-1007\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Drive (HKLM\...\{F9A2761E-C1E4-4384-92A3-5732C9738327}) (Version: 2.34.6717.9565 - Google, Inc.)
Google Talk Plugin (HKLM\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Toolbar for Internet Explorer (HKLM\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7210.1528 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Google Updater (HKLM\...\Google Updater) (Version: 2.4.2432.1652 - Google Inc.)
GPL Ghostscript 8.50 (HKLM\...\GPL Ghostscript 8.50) (Version: - )
GPL Ghostscript Fonts (HKLM\...\GPL Ghostscript Fonts) (Version: - )
Help and Support Customization (HKLM\...\{90D55A3F-1D99-4C94-A77E-46DC14F0BF08}) (Version: 1.00.0000 - Dell) Hidden
hp photosmart printer series (Remove only) (HKLM\...\hp photosmart printer series) (Version: - )
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (HKLM\...\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}) (Version: 1.00.0001 - Microsoft) Hidden
ImagXpress (HKLM\...\{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}) (Version: 7.0.74.0 - Nero AG) Hidden
Intel(R) PRO Network Adapters and Drivers (HKLM\...\PROSet) (Version: - )
Intel(R) PROSet (HKLM\...\{A790BEB1-BCCF-4EC6-807B-5708B36E8A79}) (Version: 6.05.2001 - Intel)
Internet Explorer Default Page (HKLM\...\{35BDEFF1-A610-4956-A00D-15453C116395}) (Version: 1.00.03 - Dell Inc.) Hidden
iPhone Data Recovery (HKLM\...\iPhone Data Recovery) (Version: - Tenorshare, Inc.)
LAME v3.98.3 for Audacity (HKLM\...\LAME for Audacity_is1) (Version: - )
LG United Mobile Driver (HKLM\...\{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}) (Version: 3.14.1 - LG Electronics)
LightScribe System Software (HKLM\...\{CC8E94A2-55C7-4460-953C-2A790180578C}) (Version: 1.18.8.1 - LightScribe)
magicJack (HKU\S-1-5-21-2305011698-3870448665-3586125232-1007\...\magicJack) (Version: 4.1.7574.5297 - magicJack L.P.)
Malwarebytes version 3.2.2.2029 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes)
Menu Templates - Pack 1 (HKLM\...\{56aba277-ee53-4478-a607-fa42208ff5a9}) (Version: 9.4.4.0 - Nero AG) Hidden
Menu Templates - Starter Kit (HKLM\...\{b78120a0-cf84-4366-a393-4d0a59bc546c}) (Version: 9.4.2.0 - Nero AG) Hidden
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version: - )
Microsoft .NET Framework 2.0 Client Profile Basic SP2 Version 1.0.1.22 (HKLM\...\{10E4121C-8181-4217-8DA9-6CD38DDC34F9}_is1) (Version: 1.0.1.22 - Wondershare, Inc.)
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Data Access Components KB870669 (HKLM\...\KB870669) (Version: - Microsoft Corporation)
Microsoft Office Excel Viewer 2003 (HKLM\...\{90840409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Picture It! Photo 7.0 (HKLM\...\{369B36BE-3D64-4641-9AEA-808D436FE132}) (Version: 7.0.0.0000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Web Publishing Wizard 1.52 (HKLM\...\WebPost) (Version: - )
Microsoft WinUsb 2.0 (HKLM\...\winusb0200) (Version: - Microsoft Corporation)
Microsoft Word 2002 (HKLM\...\{911B0409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Works 2003 Setup Launcher (HKLM\...\Works2003Setup) (Version: - )
Microsoft Works 7.0 (HKLM\...\{764D06D8-D8DE-411E-A1C8-D9E9380F8A84}) (Version: 07.02.0710.1 - Microsoft Corporation)
Microsoft Works Suite Add-in for Microsoft Word (HKLM\...\{7EE9DE0D-9228-4C33-B80E-FDD1773600DF}) (Version: 2.0.0.0000 - Microsoft Corporation)
Modem Helper (HKLM\...\{7F142D56-3326-11D5-B229-002078017FBF}) (Version: - )
Movie Templates - Starter Kit (HKLM\...\{e498385e-1c51-459a-b45f-1721e37aa1a0}) (Version: 9.4.2.0 - Nero AG) Hidden
Mozilla Firefox 52.3.0 ESR (x86 en-US) (HKLM\...\Mozilla Firefox 52.3.0 ESR (x86 en-US)) (Version: 52.3.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 52.3.0 - Mozilla)
MSN Music Assistant (HKLM\...\MSN Music Assistant) (Version: - )
MSXML 4.0 SP2 (KB925672) (HKLM\...\{A9CF9052-F4A0-475D-A00F-A8388C62DD63}) (Version: 4.20.9839.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Music DVD Creator 2.0 (HKLM\...\DVDCreator.exe_is1) (Version: - Copyright (C) 2003-2007 BlazeVideo,Inc.)
MusicIP Mixer 1.8.1 (HKLM\...\MusicIP Mixer_is1) (Version: - MusicIP)
MusicmatchÂ
Jukebox (HKLM\...\{8EF1122E-E90C-4EE9-AB0C-7FDE2BA42C26}) (Version: 9.00.5100 - )
Nero 9 Essentials (HKLM\...\{2102f84f-010e-4510-aa29-4f92f55eaeea}) (Version: - Nero AG)
NVIDIA Windows 2000/XP Display Drivers (HKLM\...\NVIDIA) (Version: - )
OLYMPUS CAMEDIA Master 2.01 (HKLM\...\OLYMPUS CAMEDIA Master 2.0) (Version: - )
OpenOffice 4.0.1 (HKLM\...\{47F460DA-D1BE-4D85-8DF2-AA1F31D3445F}) (Version: 4.01.9714 - Apache Software Foundation)
Orban/Coding Technologies AAC/aacPlus Player Pluginâ„¢ 1.0 (HKLM\...\{DB0A8A2A-4EA7-4FE3-802E-8A6DEE32696C}_is1) (Version: - Orban, Inc.)
OverDrive for Windows (HKLM\...\{FF27E73D-C30A-4F32-B2D7-22069F01DDB9}) (Version: 3.6.0 - OverDrive, Inc.)
PowerDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: - )
SBC Self Support Tool (HKLM\...\SBC.MCCInstall) (Version: - )
Shockwave (HKLM\...\Shockwave) (Version: - )
Sound Blaster Live! (HKLM\...\{96E16100-A77F-4B31-B9AD-FFBA040EE1BD}) (Version: - )
Spybot - Search & Destroy 1.2 (HKLM\...\Spybot - Search & Destroy_is1) (Version: 1.2 - PepiMK Software)
SUPERAntiSpyware Free Edition (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 4.15.0.1000 - SUPERAntiSpyware.com)
TeamViewer 12 (HKLM\...\TeamViewer) (Version: 12.0.78716 - TeamViewer)
The Print Shop (HKLM\...\The Print Shop 10.0) (Version: - )
UnloadSupport (HKLM\...\{8A85DEAD-7C1F-4368-881C-72AC74CB2E91}) (Version: 10.0.0 - Hewlett-Packard) Hidden
USBFast (HKLM\...\{AED142A8-96EA-42DE-B212-60BFC98D6CC7}) (Version: 1.3.0.19 - Plextor)
VideoLAN VLC media player 0.8.6c (HKLM\...\VLC media player) (Version: 0.8.6c - VideoLAN Team)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Web Page Creator (HKLM\...\Web Page Creator) (Version: - )
WebFldrs XP (HKLM\...\{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}) (Version: 9.50.6513 - Microsoft Corporation) Hidden
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.7.0017.0 - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version: - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - )
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
Wondershare Helper Compact 2.5.0 (HKLM\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.0 - Wondershare)
Wondershare MobileTrans ( Version 7.3.2 ) (HKLM\...\{18CDCEAA-A9E4-4A4C-AC0E-C15E87C30EA5}_is1) (Version: 7.3.2 - Wondershare)
Works Suite OS Pack (HKLM\...\{D64DCF1C-7A95-49A4-BAFA-C42B5CF6B8B6}) (Version: 3.0.0.0000 - Microsoft Corporation) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2305011698-3870448665-3586125232-1007_Classes\CLSID\{0000002F-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2305011698-3870448665-3586125232-1007_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2305011698-3870448665-3586125232-1007_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2305011698-3870448665-3586125232-1007_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2305011698-3870448665-3586125232-1007_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2305011698-3870448665-3586125232-1007_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2305011698-3870448665-3586125232-1007_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2305011698-3870448665-3586125232-1007_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Documents and Settings\Teressa\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2305011698-3870448665-3586125232-1007_Classes\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2305011698-3870448665-3586125232-1007_Classes\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2305011698-3870448665-3586125232-1007_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Documents and Settings\Teressa\Local Settings\Application Data\Google\Update\1.3.33.5\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2305011698-3870448665-3586125232-1007_Classes\CLSID\{20DD1B9E-87C4-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\WINDOWS\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2305011698-3870448665-3586125232-1007_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Documents and Settings\Teressa\Local Settings\Application Data\Google\Update\1.3.33.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2305011698-3870448665-3586125232-1007_Classes\CLSID\{232E456A-87C3-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\WINDOWS\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2305011698-3870448665-3586125232-1007_Classes\CLSID\{2B11E9B0-9F09-11D0-9484-00A0C91110ED}\InprocServer32 -> C:\WINDOWS\system32\msstdfmt.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2305011698-3870448665-3586125232-1007_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Documents and Settings\Teressa\Local Settings\Application Data\Google\Update\1.3.33.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2305011698-3870448665-3586125232-1007_Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}\InprocServer32 -> C:\Documents and Settings\Teressa\Local Settings\Application Data\Google\Google Talk Plugin\googletalkax.dll (Google)
CustomCLSID: HKU\S-1-5-21-2305011698-3870448665-3586125232-1007_Classes\CLSID\{46763EE0-CAB2-11CE-8C20-00AA0051E5D4}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2305011698-3870448665-3586125232-1007_Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}\InprocServer32 -> C:\WINDOWS\system32\msinet.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2305011698-3870448665-3586125232-1007_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Documents and Settings\Teressa\Local Settings\Application Data\Google\Update\1.3.33.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2305011698-3870448665-3586125232-1007_Classes\CLSID\{586A6352-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\WINDOWS\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2305011698-3870448665-3586125232-1007_Classes\CLSID\{586A6353-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\WINDOWS\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2305011698-3870448665-3586125232-1007_Classes\CLSID\{586A6354-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\WINDOWS\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2305011698-3870448665-3586125232-1007_Classes\CLSID\{586A6355-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\WINDOWS\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2305011698-3870448665-3586125232-1007_Classes\CLSID\{586A6356-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\WINDOWS\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2305011698-3870448665-3586125232-1007_Classes\CLSID\{586A6357-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\WINDOWS\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2305011698-3870448665-3586125232-1007_Classes\CLSID\{586A6359-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\WINDOWS\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2305011698-3870448665-3586125232-1007_Classes\CLSID\{603C7E80-87C2-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\WINDOWS\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2305011698-3870448665-3586125232-1007_Classes\CLSID\{699DDBCC-DC7E-11D0-BCF7-00C04FC2FB86}\InprocServer32 -> C:\WINDOWS\system32\msstdfmt.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2305011698-3870448665-3586125232-1007_Classes\CLSID\{6D835690-900B-11D0-9484-00A0C91110ED}\InprocServer32 -> C:\WINDOWS\system32\msstdfmt.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2305011698-3870448665-3586125232-1007_Classes\CLSID\{99FF4677-FFC3-11D0-BD02-00C04FC2FB86}\InprocServer32 -> C:\WINDOWS\system32\msstdfmt.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2305011698-3870448665-3586125232-1007_Classes\CLSID\{AB9F4455-E591-4132-A386-0B91EAEDB96C}\InprocServer32 -> C:\Documents and Settings\Teressa\Local Settings\Application Data\Google\Google Talk Plugin\o1dax.dll (Google)
CustomCLSID: HKU\S-1-5-21-2305011698-3870448665-3586125232-1007_Classes\CLSID\{B09DE715-87C1-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\WINDOWS\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2305011698-3870448665-3586125232-1007_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2305011698-3870448665-3586125232-1007_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Documents and Settings\Teressa\Local Settings\Application Data\Google\Update\1.3.33.5\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2305011698-3870448665-3586125232-1007_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Documents and Settings\Teressa\Local Settings\Application Data\Google\Update\1.3.33.5\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2305011698-3870448665-3586125232-1007_Classes\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\InprocServer32 -> C:\WINDOWS\system32\msvbvm60.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2305011698-3870448665-3586125232-1007_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Documents and Settings\Teressa\Local Settings\Application Data\Google\Update\1.3.33.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2305011698-3870448665-3586125232-1007_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Documents and Settings\Teressa\Local Settings\Application Data\Google\Update\1.3.33.5\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2305011698-3870448665-3586125232-1007_Classes\CLSID\{F9043C85-F6F2-101A-A3C9-08002B2F49FB}\InprocServer32 -> C:\WINDOWS\SYSTEM32\COMDLG32.OCX (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2305011698-3870448665-3586125232-1007_Classes\CLSID\{FE38753A-44A3-11D1-B5B7-0000C09000C4}\InprocServer32 -> C:\WINDOWS\system32\mscomct2.ocx (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2017-08-31] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2017-08-31] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2017-08-31] (Google)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2017-09-07] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => C:\Program Files\Nero\Nero 9\Nero CoverDesigner\CoverEdExtension.dll [2009-06-05] (Nero AG)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu32.dll [2017-08-31] (Google)
ContextMenuHandlers1: [LavasoftShellExt] -> {DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} => -> No File
ContextMenuHandlers2: [LavasoftShellExt] -> {DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} => -> No File
ContextMenuHandlers2: [RecordNow! ContextMenuExt] -> {E91B2703-013E-4A99-AD33-2B6FB00AA356} => C:\Program Files\Sonic\RecordNow!\shlext.dll [2003-08-13] (Sonic Solutions)
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu32.dll [2017-08-31] (Google)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2017-09-07] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [LavasoftShellExt] -> {DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} => -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers1_S-1-5-21-2305011698-3870448665-3586125232-1007: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => -> No File
ContextMenuHandlers4_S-1-5-21-2305011698-3870448665-3586125232-1007: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => -> No File
ContextMenuHandlers5_S-1-5-21-2305011698-3870448665-3586125232-1007: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => -> No File
==================== Scheduled Tasks=============================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\Antivirus Emergency Update.job => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe
Task: C:\WINDOWS\Tasks\AVG EUpdate Task.job => C:\Program Files\AVG\SetupAVG Technologies0909
Task: C:\WINDOWS\Tasks\Google Software Updater.job => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2305011698-3870448665-3586125232-1007Core.job => C:\Documents and Settings\Teressa\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2305011698-3870448665-3586125232-1007UA.job => C:\Documents and Settings\Teressa\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Documents and Settings\Teressa\NetHood\My Web Sites on MSN\target.lnk ->
hxxp://www.msnusers.coShortcutWithArgument: C:\Documents and Settings\Teressa\Desktop\Unused Desktop Shortcuts\Yahoo! Mail.lnk -> C:\WINDOWS\SYSTEM32\rundll32.exe (Microsoft Corporation) -> C:\PROGRA~1\Yahoo!\Common\ymmapi.dll,OpenURL
hxxp://mail.yahoo.com/?.redir=ymmapi9==================== Loaded Modules (Whitelisted) ==============
2012-11-29 16:59 - 2012-11-29 16:59 - 000093696 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll
2017-09-07 04:47 - 2017-09-07 04:47 - 000060160 _____ () C:\Program Files\AVG\Antivirus\module_lifetime.dll
2017-09-07 04:47 - 2017-09-07 04:47 - 000168216 _____ () C:\Program Files\AVG\Antivirus\JsonRpcServer.dll
2017-09-07 04:47 - 2017-09-07 04:47 - 000213024 _____ () C:\Program Files\AVG\Antivirus\event_routing_rpc.dll
2017-09-07 04:47 - 2017-09-07 04:47 - 000243080 _____ () C:\Program Files\AVG\Antivirus\tasks_core.dll
2017-09-07 04:47 - 2017-09-07 04:47 - 000150688 _____ () C:\Program Files\AVG\Antivirus\network_notifications.dll
2017-09-28 19:18 - 2017-09-28 19:18 - 005900424 _____ () C:\Program Files\AVG\Antivirus\defs\17092800\algo.dll
2017-09-07 04:47 - 2017-09-28 10:40 - 000693528 _____ () C:\Program Files\AVG\Antivirus\ffl2.dll
2017-09-07 04:47 - 2017-09-07 04:47 - 000242568 _____ () C:\Program Files\AVG\Antivirus\streamback.dll
2007-06-09 20:30 - 2007-06-09 20:30 - 000372736 _____ () C:\WINDOWS\system32\portmon.dll
2016-11-28 06:32 - 2016-11-28 06:28 - 048920064 _____ () C:\Program Files\AVG\UiDll\2623\libcef.dll
2016-10-31 18:45 - 2016-10-31 18:45 - 000321208 _____ () C:\Program Files\Evernote\Evernote\libtidy.dll
2017-06-18 16:03 - 2017-06-18 16:03 - 048936448 _____ () C:\Program Files\AVG\Antivirus\libcef.dll
2017-09-07 04:47 - 2017-09-07 04:47 - 000143912 _____ () c:\Program Files\AVG\Antivirus\vaarclient.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Documents and Settings\Teressa\Desktop\Moonlight Heat.odt:com.dropbox.attributes [168]
AlternateDataStreams: C:\Documents and Settings\Teressa\Desktop\Voice Test 1.wav:com.dropbox.attributes [168]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMChameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMChameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-2305011698-3870448665-3586125232-1007\...\avg.com ->
hxxps://www.update.avg.comIE trusted site: HKU\S-1-5-21-2305011698-3870448665-3586125232-1007\...\avg.cz ->
hxxps://backup.avg.czIE trusted site: HKU\S-1-5-21-2305011698-3870448665-3586125232-1007\...\magicjack.com ->
hxxps://my.magicjack.comIE trusted site: HKU\S-1-5-21-2305011698-3870448665-3586125232-1007\...\talk4free.com ->
hxxps://reg.talk4free.com==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2002-08-29 06:00 - 2017-06-22 23:41 - 000000027 _____ C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2305011698-3870448665-3586125232-1007\Control Panel\Desktop\\Wallpaper -> C:\Documents and Settings\Teressa\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
DNS Servers: 192.168.1.254
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk => C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^CallWave.lnk => C:\WINDOWS\pss\CallWave.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Google Updater.lnk => C:\WINDOWS\pss\Google Updater.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk => C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^SBC Self Support Tool.lnk => C:\WINDOWS\pss\SBC Self Support Tool.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Ulead Photo Express 3.0 SE Calendar Checker.lnk => C:\WINDOWS\pss\Ulead Photo Express 3.0 SE Calendar Checker.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^Teressa^Start Menu^Programs^Startup^Dropbox.lnk => C:\WINDOWS\pss\Dropbox.lnkStartup
MSCONFIG\startupfolder: C:^Documents and Settings^Teressa^Start Menu^Programs^Startup^Sonic INSTALLit! Setup.lnk => C:\WINDOWS\pss\Sonic INSTALLit! Setup.lnkStartup
MSCONFIG\startupfolder: C:^Documents and Settings^Teressa^Start Menu^Programs^Startup^WKCALREM.LNK => C:\WINDOWS\pss\WKCALREM.LNKStartup
MSCONFIG\startupfolder: C:^Documents and Settings^Teressa^Start Menu^Programs^Startup^WKSCAL.EXE => C:\WINDOWS\pss\WKSCAL.EXEStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: BCMSMMSG => BCMSMMSG.exe
MSCONFIG\startupreg: ctfmon.exe => C:\WINDOWS\system32\ctfmon.exe
MSCONFIG\startupreg: diagent => "C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe" startup
MSCONFIG\startupreg: dvd43 => C:\Program Files\dvd43\dvd43_tray.exe
MSCONFIG\startupreg: DVDSentry => C:\WINDOWS\System32\DSentry.exe
MSCONFIG\startupreg: Google Update => "C:\Documents and Settings\Teressa\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: HP Software Update => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: HPHmon03 => C:\WINDOWS\System32\hphmon03.exe
MSCONFIG\startupreg: ISUSPM Startup => c:\progra~1\common~1\instal~1\update~1\isuspm.exe -startup
MSCONFIG\startupreg: ISUSScheduler => "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
MSCONFIG\startupreg: KernelFaultCheck => %systemroot%\system32\dumprep 0 -k
MSCONFIG\startupreg: LightScribe Control Panel => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
MSCONFIG\startupreg: mmtask => C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
MSCONFIG\startupreg: Motive SmartBridge => C:\PROGRA~1\SBCLIG~1\SMARTB~1\MotiveSB.exe
MSCONFIG\startupreg: MSMSGS => "C:\Program Files\Messenger\msmsgs.exe" /background
MSCONFIG\startupreg: NvCplDaemon => RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
MSCONFIG\startupreg: PCMService => "C:\Program Files\Dell\Media Experience\PCMService.exe"
MSCONFIG\startupreg: swg => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
MSCONFIG\startupreg: UpdReg => C:\WINDOWS\UpdReg.EXE
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
DomainProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe] => Enabled:hpqste08.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe] => Enabled:hpofxm08.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe] => Enabled:hposfx08.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hposid01.exe] => Enabled:hposid01.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe] => Enabled:hpqscnvw.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe] => Enabled:hpqkygrp.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe] => Enabled:hpqcopy2.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe] => Enabled:hpzwiz01.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe] => Enabled:hpoews01.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe] => Enabled:hpqnrs08.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe] => Enabled:hpqphotocrm.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe] => Enabled:hpqpsapp.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpofxs08.exe] => Enabled:hpofxs08.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpqfxt08.exe] => Enabled:hpqfxt08.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe] => Enabled:hpqpse.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe] => Enabled:hpqusgm.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe] => Enabled:hpqusgh.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\HP\HP Software Update\hpwucli.exe] => Enabled:hpwucli.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe] => Enabled:smartwebprintexe.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\WinMX\WinMX.exe] => Enabled:WinMX Application
StandardProfile\AuthorizedApplications: [C:\Program Files\Messenger\msmsgs.exe] => Enabled:Windows Messenger
StandardProfile\AuthorizedApplications: [C:\WINDOWS\SYSTEM32\fxsclnt.exe] => Enabled:Microsoft Fax Console
StandardProfile\AuthorizedApplications: [C:\Program Files\Bonjour\mDNSResponder.exe] => Enabled:Bonjour
StandardProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpofxs08.exe] => Enabled:hpofxs08.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpqfxt08.exe] => Enabled:hpqfxt08.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\HP\HP Software Update\hpwucli.exe] => Enabled:hpwucli.exe
StandardProfile\AuthorizedApplications: [C:\WINDOWS\SYSTEM32\dpvsetup.exe] => Enabled:Microsoft DirectPlay Voice Test
StandardProfile\AuthorizedApplications: [C:\Documents and Settings\Teressa\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe] => Enabled:Google Talk Plugin
StandardProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe] => Enabled:hpofxm08.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe] => Enabled:hposfx08.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe] => Enabled:hpzwiz01.exe
StandardProfile\AuthorizedApplications: [C:\Documents and Settings\Teressa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe] => Enabled:Google Chrome
StandardProfile\AuthorizedApplications: [C:\Program Files\TeamViewer\TeamViewer.exe] => Enabled:Teamviewer Remote Control Application
StandardProfile\AuthorizedApplications: [C:\Program Files\TeamViewer\TeamViewer_Service.exe] => Enabled:Teamviewer Remote Control Service
StandardProfile\AuthorizedApplications: [C:\Program Files\Mozilla Firefox\firefox.exe] => Enabled:Firefox (C:\Program Files\Mozilla Firefox)
StandardProfile\AuthorizedApplications: [C:\Documents and Settings\Teressa\Application Data\mjusbsp\magicJack.exe] => Enabled:magicJack
DomainProfile\GloballyOpenPorts: [139:TCP] => Enabled:@xpsp2res.dll,-22004
DomainProfile\GloballyOpenPorts: [445:TCP] => Enabled:@xpsp2res.dll,-22005
DomainProfile\GloballyOpenPorts: [137:UDP] => Enabled:@xpsp2res.dll,-22001
DomainProfile\GloballyOpenPorts: [138:UDP] => Enabled:@xpsp2res.dll,-22002
DomainProfile\GloballyOpenPorts: [1900:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22007
DomainProfile\GloballyOpenPorts: [2869:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22008
StandardProfile\GloballyOpenPorts: [1900:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22007
StandardProfile\GloballyOpenPorts: [2869:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22008
StandardProfile\GloballyOpenPorts: [139:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22004
StandardProfile\GloballyOpenPorts: [445:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22005
StandardProfile\GloballyOpenPorts: [137:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22001
StandardProfile\GloballyOpenPorts: [138:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22002
StandardProfile\GloballyOpenPorts: [5070:UDP] => Enabled:UDP
==================== Restore Points =========================
24-08-2017 23:08:19 System Checkpoint
26-08-2017 04:33:02 System Checkpoint
28-08-2017 16:12:36 System Checkpoint
30-08-2017 02:19:13 System Checkpoint
31-08-2017 02:50:51 System Checkpoint
01-09-2017 05:18:50 System Checkpoint
02-09-2017 05:40:07 System Checkpoint
03-09-2017 17:08:36 System Checkpoint
05-09-2017 02:13:14 System Checkpoint
06-09-2017 05:33:31 System Checkpoint
07-09-2017 04:53:54 Installed Windows XP Wdf01009.
08-09-2017 19:40:49 System Checkpoint
09-09-2017 02:20:42 Restore Operation
09-09-2017 02:27:08 Restore Operation
10-09-2017 03:30:09 System Checkpoint
11-09-2017 04:27:34 System Checkpoint
12-09-2017 07:57:03 System Checkpoint
13-09-2017 03:00:39 Software Distribution Service 3.0
14-09-2017 04:27:59 System Checkpoint
15-09-2017 04:58:00 System Checkpoint
16-09-2017 06:40:16 System Checkpoint
17-09-2017 22:38:39 System Checkpoint
19-09-2017 03:33:15 System Checkpoint
20-09-2017 05:52:41 System Checkpoint
21-09-2017 05:55:01 System Checkpoint
22-09-2017 07:13:00 System Checkpoint
23-09-2017 18:08:13 System Checkpoint
24-09-2017 19:02:38 System Checkpoint
24-09-2017 23:14:22 Restore Operation
25-09-2017 02:56:41 Restore Operation
26-09-2017 15:27:20 System Checkpoint
27-09-2017 00:39:10 Checkpoint by HitmanPro
27-09-2017 06:39:28 Restore Operation
27-09-2017 06:48:42 Restore Operation
28-09-2017 10:41:48 Installed Windows XP Wdf01009.
28-09-2017 22:44:20 JRT Pre-Junkware Removal
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (09/29/2017 07:06:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application mbam.exe, version 3.0.0.1068, faulting module qt5core.dll, version 5.6.2.0, fault address 0x001a497b.
Processing media-specific event for [mbam.exe!ws!]
Error: (09/29/2017 02:01:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application mbam.exe, version 3.0.0.1068, faulting module qt5core.dll, version 5.6.2.0, fault address 0x001a497b.
Processing media-specific event for [mbam.exe!ws!]
Error: (09/28/2017 06:39:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application mbam.exe, version 3.0.0.1068, faulting module qt5core.dll, version 5.6.2.0, fault address 0x001a497b.
Processing media-specific event for [mbam.exe!ws!]
Error: (09/28/2017 10:52:36 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application mbam.exe, version 3.0.0.1068, faulting module qt5core.dll, version 5.6.2.0, fault address 0x001a497b.
Processing media-specific event for [mbam.exe!ws!]
Error: (09/28/2017 10:48:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application mbam.exe, version 3.0.0.1068, faulting module qt5core.dll, version 5.6.2.0, fault address 0x001a497b.
Processing media-specific event for [mbam.exe!ws!]
Error: (09/28/2017 10:47:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application mbam.exe, version 3.0.0.1068, faulting module qt5core.dll, version 5.6.2.0, fault address 0x001a497b.
Processing media-specific event for [mbam.exe!ws!]
Error: (09/28/2017 10:38:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application mbam.exe, version 3.0.0.1068, faulting module qt5core.dll, version 5.6.2.0, fault address 0x001a497b.
Processing media-specific event for [mbam.exe!ws!]
Error: (09/28/2017 10:35:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application mbam.exe, version 3.0.0.1068, faulting module qt5core.dll, version 5.6.2.0, fault address 0x001a497b.
Processing media-specific event for [mbam.exe!ws!]
Error: (09/27/2017 07:31:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application mbam.exe, version 3.0.0.1068, faulting module qt5core.dll, version 5.6.2.0, fault address 0x001a497b.
Processing media-specific event for [mbam.exe!ws!]
Error: (09/27/2017 07:20:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application mbam.exe, version 3.0.0.1068, faulting module qt5core.dll, version 5.6.2.0, fault address 0x001a497b.
Processing media-specific event for [mbam.exe!ws!]
System errors:
=============
Error: (09/29/2017 11:06:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The TeamViewer 12 service failed to start due to the following error:
The system cannot find the path specified.
Error: (09/29/2017 11:06:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The StarOpen service failed to start due to the following error:
The system cannot find the file specified.
Error: (09/29/2017 09:44:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The TeamViewer 12 service failed to start due to the following error:
The system cannot find the path specified.
Error: (09/29/2017 09:44:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The StarOpen service failed to start due to the following error:
The system cannot find the file specified.
Error: (09/29/2017 09:37:47 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "%%1084 = This service cannot be started in Safe Mode" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}
Error: (09/29/2017 05:49:51 PM) (Source: DCOM) (EventID: 10005) (User: PROSPERITY)
Description: DCOM got error "%%1084 = This service cannot be started in Safe Mode" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}
Error: (09/29/2017 05:49:28 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
avgbdisk
avgbidsdriver
avgbidsh
avgblog
avgbuniv
avgRvrt
avgSnx
avgSP
avgVmm
Fips
intelppm
SASDIFSV
SASKUTIL
Error: (09/29/2017 05:48:44 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "%%1084 = This service cannot be started in Safe Mode" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}
Error: (09/29/2017 05:34:08 PM) (Source: DCOM) (EventID: 10005) (User: PROSPERITY)
Description: DCOM got error "%%1084 = This service cannot be started in Safe Mode" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}
Error: (09/29/2017 09:12:23 AM) (Source: DCOM) (EventID: 10005) (User: PROSPERITY)
Description: DCOM got error "%%1084 = This service cannot be started in Safe Mode" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) 4 CPU 2.60GHz
Percentage of memory in use: 34%
Total physical RAM: 2558.98 MB
Available physical RAM: 1673.8 MB
Total Virtual: 3173.41 MB
Available Virtual: 2480.13 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:74.46 GB) (Free:22.15 GB) NTFS ==>[drive with boot components (Windows XP)]
Drive h: (Sep 26 2017) (CDROM) (Total:0.69 GB) (Free:0 GB) UDF
Drive l: (My Book) (Fixed) (Total:930.86 GB) (Free:428.56 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 74.5 GB) (Disk ID: 9DC96E9E)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=74.5 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 930.9 GB) (Disk ID: 0036DF21)
Partition 1: (Not Active) - (Size=930.9 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================