Okay, here's the FRST file in parts. Part 1:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-09-2017
Ran by Administrator (administrator) on JWH (23-09-2017 23:31:04)
Running from C:\Documents and Settings\Administrator.JWH\My Documents\Downloads
Loaded Profiles: Administrator (Available Profiles: Administrator)
Platform: Microsoft Windows XP Service Pack 3 (X86) Language: English (United States)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan
-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be
moved.)
(Microsoft Corporation) C:\WINDOWS.1\system32\smss.exe
(Microsoft Corporation) C:\WINDOWS.1\system32\csrss.exe
(Microsoft Corporation) C:\WINDOWS.1\system32\winlogon.exe
(Microsoft Corporation) C:\WINDOWS.1\system32\services.exe
(Microsoft Corporation) C:\WINDOWS.1\system32\lsass.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare\ASCService.exe
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
(IObit) C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
(NVIDIA Corporation) C:\WINDOWS.1\system32\nvsvc32.exe
(IObit) C:\Program Files\IObit\IObit Malware Fighter\IMFSrvWsc.exe
(Microsoft Corporation) C:\WINDOWS.1\system32\svchost.exe
(Microsoft Corporation) C:\WINDOWS.1\system32\svchost.exe
(Microsoft Corporation) C:\WINDOWS.1\system32\svchost.exe
(Microsoft Corporation) C:\WINDOWS.1\system32\svchost.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL
Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
() C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Windscribe Limited) C:\Program Files\Windscribe\WindscribeService.exe
(Microsoft Corporation) C:\WINDOWS.1\explorer.exe
(IObit) C:\Program Files\IObit\IObit Uninstaller\UninstallMonitor.exe
(Microsoft Corporation) C:\WINDOWS.1\system32\rundll32.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\SoundMAX\SMax4.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Epson Software\Event Manager\EEventManager.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
(Microsoft Corporation) C:\WINDOWS.1\system32\ctfmon.exe
(f.lux Software LLC) C:\Documents and Settings\Administrator.JWH\Local
Settings\Application Data\FluxSoftware\Flux\flux.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare\ASCTray.exe
(Wargaming.net) G:\Games\World_of_Tanks\WargamingGameUpdater.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or
removed. The file will not be moved.)
HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE
C:\WINDOWS.1\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS.1\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java
Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKLM\...\Run: [SoundMAX] => C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [839680
2007-04-03] (Analog Devices, Inc.)
HKLM\...\Run: [EEventManager] => C:\Program Files\Epson Software\Event
Manager\EEventManager.exe [976832 2009-12-17] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [868352
2007-03-16] (Analog Devices, Inc.)
HKLM\...\Run: [RTHDCPL] => C:\WINDOWS.1\RTHDCPL.EXE [18791456 2010-02-25] (Realtek
Semiconductor Corp.)
HKLM\...\Run: [SkyTel] => C:\WINDOWS.1\SkyTel.EXE [1833504 2010-02-25] (Realtek
Semiconductor Corp.)
HKLM\...\Winlogon: [Userinit] C:\WINDOWS.1\system32\userinit.exe,
HKLM\...\Winlogon: [UIHost] C:\WINDOWS.1\system32\logonui.exe [514560 2008-04-14]
(Microsoft Corporation)
Winlogon\Notify\crypt32chain: C:\WINDOWS.1\system32\crypt32.dll [2013-10-07] (Microsoft
Corporation)
Winlogon\Notify\cryptnet: C:\WINDOWS.1\system32\cryptnet.dll [2008-04-14] (Microsoft
Corporation)
Winlogon\Notify\cscdll: C:\WINDOWS.1\system32\cscdll.dll [2008-04-14] (Microsoft
Corporation)
Winlogon\Notify\dimsntfy: C:\WINDOWS.1\System32\dimsntfy.dll [2008-04-14] (Microsoft
Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS.1\system32\igfxdev.dll [2007-01-13] (Intel
Corporation)
Winlogon\Notify\ScCertProp: C:\WINDOWS.1\system32\wlnotify.dll [2008-04-14] (Microsoft
Corporation)
Winlogon\Notify\Schedule: C:\WINDOWS.1\system32\wlnotify.dll [2008-04-14] (Microsoft
Corporation)
Winlogon\Notify\sclgntfy: C:\WINDOWS.1\system32\sclgntfy.dll [2008-04-14] (Microsoft
Corporation)
Winlogon\Notify\SensLogn: C:\WINDOWS.1\system32\WlNotify.dll [2008-04-14] (Microsoft
Corporation)
Winlogon\Notify\termsrv: C:\WINDOWS.1\system32\wlnotify.dll [2008-04-14] (Microsoft
Corporation)
Winlogon\Notify\WgaLogon: C:\WINDOWS.1\system32\WgaLogon.dll [2009-03-10] (Microsoft
Corporation)
Winlogon\Notify\wlballoon: C:\WINDOWS.1\system32\wlnotify.dll [2008-04-14] (Microsoft
Corporation)
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS.1\System32\logon.scr
[220672 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS.1\System32\logon.scr
[220672 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-21-583907252-115176313-1801674531-500\...\Run: [ctfmon.exe] =>
C:\WINDOWS.1\system32\ctfmon.exe [15360 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-21-583907252-115176313-1801674531-500\...\Run: [f.lux] => C:\Documents and
Settings\Administrator.JWH\Local Settings\Application Data\FluxSoftware\Flux\flux.exe
[1663480 2017-09-09] (f.lux Software LLC)
HKU\S-1-5-21-583907252-115176313-1801674531-500\...\Run: [World of Tanks] =>
"F:\Games\World_of_Tanks\WargamingGameUpdater.exe"
HKU\S-1-5-21-583907252-115176313-1801674531-500\...\Run: [Windscribe] => C:\Program
Files\Windscribe\Windscribe.exe [10601064 2017-05-09] (Windscribe Limited)
HKU\S-1-5-21-583907252-115176313-1801674531-500\...\Run: [Advanced SystemCare 10] =>
C:\Program Files\IObit\Advanced SystemCare\ASCTray.exe [3924256 2017-05-17] (IObit)
HKU\S-1-5-21-583907252-115176313-1801674531-500\...\Run: [World of Tanks (1)] =>
G:\Games\World_of_Tanks\WargamingGameUpdater.exe [3135752 2017-02-28] (Wargaming.net)
HKU\S-1-5-21-583907252-115176313-1801674531-500\...\Policies\Explorer:
[NolowDiskSpaceChecks] 1
HKU\S-1-5-21-583907252-115176313-1801674531-500\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-21-583907252-115176313-1801674531-500\...\MountPoints2: E - E:\setup.exe
HKU\S-1-5-21-583907252-115176313-1801674531-500\...\MountPoints2:
{553a9b70-d184-11e4-9b8e-001a6b65a679} - F:\Run.exe
HKU\S-1-5-21-583907252-115176313-1801674531-500\...\MountPoints2:
{63730ecb-e960-11e4-9984-022623047075} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-583907252-115176313-1801674531-500\Control Panel\Desktop\\SCRNSAVE.EXE ->
C:\WINDOWS.1\system32\ssmypics.scr [47104 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS.1\system32\logon.scr
[220672 2008-04-14] (Microsoft Corporation)
HKLM\...\Providers\Internet Print Provider: C:\WINDOWS.1\system32\inetpp.dll [75264
2008-04-14] (Microsoft Corporation)
HKLM\...\Providers\LanMan Print Services: C:\WINDOWS.1\system32\win32spl.dll [102400
2008-04-14] (Microsoft Corporation)
ShellExecuteHooks: URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} -
C:\WINDOWS.1\system32\shell32.dll [8462848 2012-06-08] (Microsoft Corporation)
Startup: C:\Documents and Settings\Administrator.JACK-9B5A923336\Start
Menu\Programs\Startup\MagicDisc.lnk [2014-04-17]
ShortcutTarget: MagicDisc.lnk -> C:\Program Files\MagicDisc\MagicDisc.exe (MagicISO,
Inc.)
Startup: C:\Documents and Settings\J\Start Menu\Programs\Startup\OpenOffice.org 2.0.lnk
[2007-01-21]
ShortcutTarget: OpenOffice.org 2.0.lnk -> C:\Program Files\OpenOffice.org
2.0\program\quickstart.exe (No File)