flywelder

Not sure if this is the correct location for my posting, Admin, please relocate my posting to the correct area if needed, I will appreciate this. Don't know if this is a false positive or not? All I want is a open office program that works. I attached the report from malwarebytes. Also know that I am no comp. expert. I don't know code. I am just a web surfer, home owner. My new computer is a DELL and using windows 7 and located in my home not an office. I have been using windows XP. I have recently downloaded open office to my computer. In my search of the internet to discover why I am having great trouble opening and using Open office, the internet and the web site "How to Geek" educated me that open office forked in the past and now there are two open office programs using the same basic code, or something like that, but that one is something called Libre office. I unknowingly downloaded the open office Libre version/ type. ( for me, it was what came up when I made my search for a open office download. ) days later I made attempts to locate an "open office download" that does not have or is not the Libre version, but I was unsuccessful. I did find several web sites with open office related material but did not find one that appeared to be a download link that would work, instead all appeared to be facts about open office. Any way, my trouble with malwarebytes is this: when I click to open Apache open office, Exploits blocks and stops open office from startling so I can use the program. I do not know how to correct this. or if I should. I can use the Libre version, as " the web site How to Geek says I will probably be happy with it, and not notice a difference and it actually gets more frequent updates. I state again, All I want is a open office program that works, so if you can tell me: should I be afraid to use this version of open office? Can you share with me a link to the normal, old / regular open office program? or how to get malwarebytres to allow it to open and function, will be great. I greatly appreciate your help. exploits report.txt

After recently installing updates for Malwarebytes I now have a window that appears on my screen every time I boot up asking me to choose which user account I want : "to run" I can choose current user or admin. Trouble is, it doesn't matter which I choose, this issue is never resolved. Help I don;t know what to do to correct this and stop the windows from appearing. Please see the attached screen prints which show what i am seeing on my monitor. Skip this, I can't attach them. A screen print image must be too large for the site to upload. Sorry. Using Windows XP V 2003 Pro with service pack 3 Pentium 4 Gig of RAM

Ron, something interesting has haoppened that I want to share. SO I went to the links you provided. I choase every microsoft fix it down load I could and downloadd it to a folder in "my documents". so far so good. Now when I go to my documents, I find the folder I creted and when I open that folder to use the downloded 'fix it' progrmas, NOT one, is listed!!!!!!??????? the folder looks empty! I did this several times with same results.!! However, when I down load each one, and I am asked where to save it to, that very same empty folder is shown to me, and in it i see each one of the 'fix it' programs !!! ????? all 12 are there.?????? how can this be? Im not drunk! could there be a hidden infection that is some how hiding the fix it programs when I want to activate them? but lets me download them. ? Or what am I not doing correctly? So until we solve this mystery I can't run the fix it programs. help.

oh? and what about the errors listed inthe MBAM check results? what do they mean and point to? What do I do with the aswMBR report? for i have it still onthe desk top and the buttons for "fix MBR" and a button for "save log" are still waiting to be activated. (and I did save the log as you instructed ealrlier. ) Shall I press the " fix mbr" button or not? Shall I do nothing except close the aswMBR ? today Comodo reported finding two infections both are : Packed Win32. MU Both were successfully quarentined. and earlier it found one called " swearware" .. but i think it is still active?? and while I wait on your reply, I will try the links you provided and report back.

aswMBR report: aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software Run date: 2014-11-04 16:00:58 ----------------------------- 16:00:58.091 OS Version: Windows 5.1.2600 Service Pack 3 16:00:58.091 Number of processors: 1 586 0x401 16:00:58.091 ComputerName: MSAIMH002 UserName: Biomed 16:00:58.825 Initialize success 16:06:01.857 AVAST engine defs: 14110401 16:07:57.591 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-e 16:07:57.591 Disk 0 Vendor: SAMSUNG_SP1614C SW100-30 Size: 152627MB BusType: 3 16:07:57.779 Disk 0 MBR read successfully 16:07:57.794 Disk 0 MBR scan 16:07:57.825 Disk 0 unknown MBR code 16:07:57.825 Disk 0 Partition 1 00 0C FAT32 LBA RECOVERY 7139 MB offset 63 16:07:57.841 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 145478 MB offset 14621040 16:07:57.872 Disk 0 scanning sectors +312560640 16:07:58.091 Disk 0 scanning C:\WINDOWS\system32\drivers 16:08:08.794 Service scanning 16:08:26.747 Modules scanning 16:08:31.482 Disk 0 trace - called modules: 16:08:31.497 ntkrnlpa.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll pciide.sys PCIIDEX.SYS 16:08:31.888 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8afeeab8] 16:08:31.904 3 CLASSPNP.SYS[ba108fd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-e[0x8aff2d98] 16:08:32.482 AVAST engine scan C:\WINDOWS 16:08:39.404 AVAST engine scan C:\WINDOWS\system32 16:11:33.872 AVAST engine scan C:\WINDOWS\system32\drivers 16:11:50.779 AVAST engine scan C:\Documents and Settings\Biomed 16:16:57.544 AVAST engine scan C:\Documents and Settings\All Users 16:17:58.529 Scan finished successfully 17:11:39.263 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Biomed\Desktop\MBR.dat" 17:11:39.263 The log file has been saved successfully to "C:\Documents and Settings\Biomed\Desktop\aswMBR.txt"

12:49:18.0247 0x06ac TDSS rootkit removing tool 3.0.0.41 Oct 28 2014 17:58:34 12:50:11.0888 0x06ac ============================================================ 12:50:11.0888 0x06ac Current date / time: 2014/11/04 12:50:11.0888 12:50:11.0888 0x06ac SystemInfo: 12:50:11.0888 0x06ac 12:50:11.0888 0x06ac OS Version: 5.1.2600 ServicePack: 3.0 12:50:11.0888 0x06ac Product type: Workstation 12:50:11.0888 0x06ac ComputerName: MSAIMH002 12:50:11.0888 0x06ac UserName: Biomed 12:50:11.0888 0x06ac Windows directory: C:\WINDOWS 12:50:11.0888 0x06ac System windows directory: C:\WINDOWS 12:50:11.0888 0x06ac Processor architecture: Intel x86 12:50:11.0888 0x06ac Number of processors: 1 12:50:11.0888 0x06ac Page size: 0x1000 12:50:11.0888 0x06ac Boot type: Normal boot 12:50:11.0888 0x06ac ============================================================ 12:50:14.0138 0x06ac KLMD registered as C:\WINDOWS\system32\drivers\57293916.sys 12:50:14.0841 0x06ac System UUID: {2ABF175F-A49B-9AB0-F07E-DF43704EC96B} 12:50:16.0622 0x06ac Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 ( 149.05 Gb ), SectorSize: 0x200, Cylinders: 0x50C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000054 12:50:22.0638 0x06ac Drive \Device\Harddisk1\DR3 - Size: 0x1E4000000 ( 7.56 Gb ), SectorSize: 0x200, Cylinders: 0x3DB, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W' 12:50:57.0341 0x06ac ============================================================ 12:50:57.0341 0x06ac \Device\Harddisk0\DR0: 12:50:57.0372 0x06ac MBR partitions: 12:50:57.0372 0x06ac \Device\Harddisk0\DR0\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0xDF1931 12:50:57.0372 0x06ac \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xDF1970, BlocksNum 0x11C23290 12:50:57.0372 0x06ac \Device\Harddisk1\DR3: 12:50:57.0372 0x06ac MBR partitions: 12:50:57.0372 0x06ac \Device\Harddisk1\DR3\Partition1: MBR, Type 0xB, StartLBA 0x1, BlocksNum 0xF1E000 12:50:57.0372 0x06ac ============================================================ 12:50:57.0685 0x06ac C: <-> \Device\Harddisk0\DR0\Partition2 12:50:57.0904 0x06ac D: <-> \Device\Harddisk0\DR0\Partition1 12:50:57.0904 0x06ac ============================================================ 12:50:57.0919 0x06ac Initialize success 12:50:57.0919 0x06ac ============================================================ 12:53:06.0904 0x107c ============================================================ 12:53:06.0904 0x107c Scan started 12:53:06.0904 0x107c Mode: Manual; SigCheck; TDLFS; 12:53:06.0904 0x107c ============================================================ 12:53:06.0904 0x107c KSN ping started 12:53:09.0450 0x107c KSN ping finished: true 12:53:10.0607 0x107c ================ Scan system memory ======================== 12:53:10.0654 0x107c System memory - ok 12:53:10.0669 0x107c ================ Scan services ============================= 12:53:10.0825 0x107c Abiosdsk - ok 12:53:10.0825 0x107c abp480n5 - ok 12:53:10.0888 0x107c [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE803914C572B1DCC43C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys 12:53:11.0419 0x107c ACPI - ok 12:53:11.0513 0x107c [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys 12:53:11.0685 0x107c ACPIEC - ok 12:53:11.0779 0x107c [ 2637233632CCD1837A1A57A43CAF00A4, 848026C6C9B38FD9F70BC7B2306BF4F5DD395726D4FDD6A18B29354921191DC5 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe 12:53:11.0825 0x107c AdobeFlashPlayerUpdateSvc - ok 12:53:11.0825 0x107c adpu160m - ok 12:53:11.0857 0x107c [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec C:\WINDOWS\system32\drivers\aec.sys 12:53:12.0044 0x107c aec - ok 12:53:12.0091 0x107c [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD C:\WINDOWS\System32\drivers\afd.sys 12:53:12.0185 0x107c AFD - ok 12:53:12.0310 0x107c [ 7E077309910CE334C3B2B7B8665A55C4, 3DA0ABF8A6303F362DF08E39C23092192526F207F40DDCDEB6A0DB8EA576E03B ] AffinegyService C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe 12:53:12.0388 0x107c AffinegyService - ok 12:53:12.0404 0x107c AFGMp50 - ok 12:53:12.0419 0x107c [ 1961590AA191B6B7DCF18A6A693AF7B8, 69DB6D42DB4EB8C77DC927FA946D115C19A936ADBD2F5677CBB5039401D6EFD0 ] AFGSp50 C:\WINDOWS\system32\Drivers\AFGSp50.sys 12:53:12.0497 0x107c AFGSp50 - ok 12:53:12.0575 0x107c [ 593AEFC67283D409F34CC1245D00A509, 0845C09D8B76C20C2C43CC9FC42A07C23F006A0A4619D68445316BBC0CC28344 ] AgereSoftModem C:\WINDOWS\system32\DRIVERS\AGRSM.sys 12:53:12.0732 0x107c AgereSoftModem - ok 12:53:12.0747 0x107c Aha154x - ok 12:53:12.0763 0x107c aic78u2 - ok 12:53:12.0763 0x107c aic78xx - ok 12:53:12.0810 0x107c [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] Alerter C:\WINDOWS\system32\alrsvc.dll 12:53:12.0982 0x107c Alerter - ok 12:53:13.0013 0x107c [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] ALG C:\WINDOWS\System32\alg.exe 12:53:13.0122 0x107c ALG - ok 12:53:13.0122 0x107c AliIde - ok 12:53:13.0138 0x107c amsint - ok 12:53:13.0185 0x107c [ B5B8A80875C1DEDEDA8B02765642C32F, AD0C71D73B1B8225351FBF4FFB43001A32B4DAE69504C59970CD2428BB33D4EF ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys 12:53:13.0341 0x107c Arp1394 - ok 12:53:13.0341 0x107c asc - ok 12:53:13.0357 0x107c asc3350p - ok 12:53:13.0372 0x107c asc3550 - ok 12:53:13.0419 0x107c [ ED8CEE58C1E4C5893F5B2FD686A272BF, D52C214F7AD27F14FC66B3D6049D4781006D77992D276D9E986AFD2E2A459B63 ] Aspi32 C:\WINDOWS\system32\drivers\Aspi32.sys 12:53:13.0435 0x107c Aspi32 - detected UnsignedFile.Multi.Generic ( 1 ) 12:53:16.0341 0x107c Detect skipped due to KSN trusted 12:53:16.0341 0x107c Aspi32 - ok 12:53:16.0466 0x107c [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe 12:53:16.0497 0x107c aspnet_state - ok 12:53:16.0497 0x107c [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys 12:53:16.0669 0x107c AsyncMac - ok 12:53:16.0716 0x107c [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys 12:53:16.0904 0x107c atapi - ok 12:53:16.0919 0x107c Atdisk - ok 12:53:16.0966 0x107c [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys 12:53:17.0138 0x107c Atmarpc - ok 12:53:17.0185 0x107c [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll 12:53:17.0357 0x107c AudioSrv - ok 12:53:17.0388 0x107c [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys 12:53:17.0560 0x107c audstub - ok 12:53:17.0591 0x107c [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys 12:53:17.0747 0x107c Beep - ok 12:53:17.0794 0x107c [ DEFCE42FE9EED1A0DC4A28FDDFF603C9, DAB072CDBE098B7693A51299314094D66D91344BCD57BD3846054654A5F2B863 ] Belkin Local Backup Service C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe 12:53:17.0825 0x107c Belkin Local Backup Service - detected UnsignedFile.Multi.Generic ( 1 ) 12:53:20.0294 0x107c Detect skipped due to KSN trusted 12:53:20.0294 0x107c Belkin Local Backup Service - ok 12:53:20.0310 0x107c [ E23AF2900A4E3CA7FF22F1C80A013305, F87A24B3AC8984991EB2315DEA2C64C7F547F05AA9E917B450D6A659C88A338F ] Belkin Network USB Helper C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe 12:53:20.0341 0x107c Belkin Network USB Helper - detected UnsignedFile.Multi.Generic ( 1 ) 12:53:22.0794 0x107c Detect skipped due to KSN trusted 12:53:22.0794 0x107c Belkin Network USB Helper - ok 12:53:22.0872 0x107c [ 574738F61FCA2935F5265DC4E5691314, 3C7CCF064397186C3A3863DD2370AB6414A61B330097DCA4F299CA7BBAA3D1B4 ] BITS C:\WINDOWS\system32\qmgr.dll 12:53:23.0122 0x107c BITS - ok 12:53:23.0169 0x107c [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] Browser C:\WINDOWS\System32\browser.dll 12:53:23.0279 0x107c Browser - ok 12:53:24.0044 0x107c catchme - ok 12:53:24.0200 0x107c [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys 12:53:24.0357 0x107c cbidf2k - ok 12:53:24.0388 0x107c [ 0BE5AEF125BE881C4F854C554F2B025C, 1770DD70B3F115A0EF460907DEDC1E4B7241C08615A98F194D61A49C3E2BAA54 ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys 12:53:24.0575 0x107c CCDECODE - ok 12:53:24.0591 0x107c cd20xrnt - ok 12:53:24.0622 0x107c [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys 12:53:24.0779 0x107c Cdaudio - ok 12:53:24.0825 0x107c [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys 12:53:25.0013 0x107c Cdfs - ok 12:53:25.0044 0x107c [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys 12:53:25.0216 0x107c Cdrom - ok 12:53:25.0263 0x107c [ 61305C679E5766A03A09C0E966939206, E85EC9D23C81A2F8C08B439FA34F43C475A26C38DF4B4B40758CFC0D64C50C17 ] CFRMD C:\WINDOWS\system32\DRIVERS\CFRMD.sys 12:53:25.0294 0x107c CFRMD - ok 12:53:25.0294 0x107c Changer - ok 12:53:25.0341 0x107c [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7AC9D07319F1726 ] CiSvc C:\WINDOWS\system32\cisvc.exe 12:53:25.0497 0x107c CiSvc - ok 12:53:25.0513 0x107c [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA8628CD4572CC9A43 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe 12:53:25.0700 0x107c ClipSrv - ok 12:53:25.0779 0x107c [ E7FEED85EBA61455717A421E55217428, 26B1129601A49BB40B8A01BB8B3F1002F05C6189DDBD44DA889CA7C5B76CDCB3 ] CLPSLauncher C:\Program Files\Common Files\COMODO\launcher_service.exe 12:53:25.0825 0x107c CLPSLauncher - ok 12:53:25.0935 0x107c [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 12:53:25.0966 0x107c clr_optimization_v2.0.50727_32 - ok 12:53:26.0325 0x107c [ DFACF6F69457E3EE2CE81EDCB4693674, E04CA54BCF6C75C6382423A5BC965744E76EB67E6448C1094AD4C4DBE02670DB ] cmdAgent C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe 12:53:26.0685 0x107c cmdAgent - ok 12:53:26.0732 0x107c [ 5C634AABDD28F349C6457BEEE84D4D7B, 2227EC6C47CCD7B82744AB4976D065887967710E7E37CB5567916702BF7FA008 ] cmderd C:\WINDOWS\system32\DRIVERS\cmderd.sys 12:53:26.0747 0x107c cmderd - ok 12:53:26.0810 0x107c [ 16F731584ECBA307EB4AD9C4D8507B27, D309691DDE199137367FAD32F730CFD21A498E7498E91BCAAB772F5472A06F14 ] cmdGuard C:\WINDOWS\system32\DRIVERS\cmdguard.sys 12:53:26.0904 0x107c cmdGuard - ok 12:53:26.0919 0x107c [ 1FAAF13D85A36D448238F53C42FE7A67, 09B23F591291C53616EF28E8D4842707AB9E445BA3D2D74BEAC98C7C2AF2D430 ] cmdHlp C:\WINDOWS\system32\DRIVERS\cmdhlp.sys 12:53:26.0950 0x107c cmdHlp - ok 12:53:26.0950 0x107c CmdIde - ok 12:53:27.0075 0x107c [ A665EF912EEFD99EA557C6AB35CA1021, D8B53E70DF25E036F02D3707CF18ED2980F42A99D655230A9F7804E5F5D4BAB4 ] cmdvirth C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe 12:53:27.0216 0x107c cmdvirth - ok 12:53:27.0232 0x107c COMSysApp - ok 12:53:27.0247 0x107c Cpqarray - ok 12:53:27.0294 0x107c [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll 12:53:27.0466 0x107c CryptSvc - ok 12:53:27.0482 0x107c dac2w2k - ok 12:53:27.0482 0x107c dac960nt - ok 12:53:27.0544 0x107c [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] DcomLaunch C:\WINDOWS\system32\rpcss.dll 12:53:27.0622 0x107c DcomLaunch - ok 12:53:27.0669 0x107c [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll 12:53:27.0857 0x107c Dhcp - ok 12:53:27.0872 0x107c [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys 12:53:28.0029 0x107c Disk - ok 12:53:28.0044 0x107c dmadmin - ok 12:53:28.0107 0x107c [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B5714AA045545C9B99 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys 12:53:28.0357 0x107c dmboot - ok 12:53:28.0372 0x107c [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C57AB73DAED8CCDE ] dmio C:\WINDOWS\system32\drivers\dmio.sys 12:53:28.0560 0x107c dmio - ok 12:53:28.0575 0x107c [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys 12:53:28.0747 0x107c dmload - ok 12:53:28.0779 0x107c [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] dmserver C:\WINDOWS\System32\dmserver.dll 12:53:28.0950 0x107c dmserver - ok 12:53:28.0982 0x107c [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys 12:53:29.0154 0x107c DMusic - ok 12:53:29.0200 0x107c [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll 12:53:29.0310 0x107c Dnscache - ok 12:53:29.0357 0x107c [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D4928DA710F8BFBA3 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll 12:53:29.0544 0x107c Dot3svc - ok 12:53:29.0560 0x107c dpti2o - ok 12:53:29.0716 0x107c [ 803569711F5976AD4A1469A091617946, 9FCFAE663992126B43EF9C729172A27D0B10CA758251D687430361D3A08BB4E2 ] DragonUpdater C:\Program Files\Comodo\Dragon\dragon_updater.exe 12:53:29.0888 0x107c DragonUpdater - ok 12:53:29.0935 0x107c [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys 12:53:30.0091 0x107c drmkaud - ok 12:53:30.0107 0x107c [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B143A253CF2508CFD ] EapHost C:\WINDOWS\System32\eapsvc.dll 12:53:30.0263 0x107c EapHost - ok 12:53:30.0294 0x107c [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] ERSvc C:\WINDOWS\System32\ersvc.dll 12:53:30.0482 0x107c ERSvc - ok 12:53:30.0529 0x107c [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] Eventlog C:\WINDOWS\system32\services.exe 12:53:30.0575 0x107c Eventlog - ok 12:53:30.0622 0x107c [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] EventSystem C:\WINDOWS\system32\es.dll 12:53:30.0700 0x107c EventSystem - ok 12:53:30.0732 0x107c [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys 12:53:30.0904 0x107c Fastfat - ok 12:53:30.0950 0x107c [ 1E580770BDECE924494B368AC980749E, 023997B2B113FB5B9900F7AF8E528D157C779067234601C9246F72CEEBADE8B1 ] fasttx2k C:\WINDOWS\system32\DRIVERS\fasttx2k.sys 12:53:31.0029 0x107c fasttx2k - ok 12:53:31.0075 0x107c [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll 12:53:31.0169 0x107c FastUserSwitchingCompatibility - ok 12:53:31.0216 0x107c [ E97D6A8684466DF94FF3BC24FB787A07, 89E5A6889E3C5AB9AD3E80FFC16DD608278F3ADC282048B40B60196336A5CBEB ] Fax C:\WINDOWS\system32\fxssvc.exe 12:53:31.0404 0x107c Fax - ok 12:53:31.0450 0x107c [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys 12:53:31.0622 0x107c Fdc - ok 12:53:31.0638 0x107c FilterService - ok 12:53:31.0669 0x107c [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] Fips C:\WINDOWS\system32\drivers\Fips.sys 12:53:31.0825 0x107c Fips - ok 12:53:31.0841 0x107c [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys 12:53:32.0013 0x107c Flpydisk - ok 12:53:32.0060 0x107c [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys 12:53:32.0232 0x107c FltMgr - ok 12:53:32.0294 0x107c [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe 12:53:32.0325 0x107c FontCache3.0.0.0 - ok 12:53:32.0357 0x107c [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys 12:53:32.0513 0x107c Fs_Rec - ok 12:53:32.0529 0x107c [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys 12:53:32.0700 0x107c Ftdisk - ok 12:53:32.0732 0x107c [ 2FB04DB459C71F416EE8B05448CA4AC3, 30606475AEB4FECA7D6C5ACAF2A89F8A5DE15027056EF4A2AF0884BE578CBFD6 ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys 12:53:32.0763 0x107c GEARAspiWDM - ok 12:53:32.0997 0x107c [ 39B47A50DC3D5E898298468307765710, 06268FF65CF69E2B0822477C2D1DA44721B1ADBE4F06C0D3AC0B70C2A18D8DC6 ] GeekBuddyRSP C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe 12:53:33.0216 0x107c GeekBuddyRSP - ok 12:53:33.0263 0x107c [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys 12:53:33.0419 0x107c Gpc - ok 12:53:33.0513 0x107c [ 751C1D2CA2ABF4A9F5A6B8D7D45B907C, 8F62DF65DB30770448E297D000B570683DEA454A5D84B5BCB1478D91030212DB ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe 12:53:33.0544 0x107c gusvc - ok 12:53:33.0591 0x107c [ 160B24FD894E79E71C983EA403A6E6E7, 2D1A557BA9E1293A44BA00AB746A484A69B8DA1F95A1B6CEDA9D4352845E77C6 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys 12:53:33.0669 0x107c HdAudAddService - ok 12:53:33.0716 0x107c [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 12:53:33.0888 0x107c HDAudBus - ok 12:53:33.0966 0x107c [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll 12:53:34.0107 0x107c helpsvc - ok 12:53:34.0138 0x107c [ DEB04DA35CC871B6D309B77E1443C796, F66A15C9528D661940F1F4CA453B3E95036D68C74C3B8AB53644211DBD3D2F32 ] HidServ C:\WINDOWS\System32\hidserv.dll 12:53:34.0294 0x107c HidServ - ok 12:53:34.0325 0x107c [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys 12:53:34.0482 0x107c HidUsb - ok 12:53:34.0513 0x107c [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B7922AD946597E2 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll 12:53:34.0669 0x107c hkmsvc - ok 12:53:34.0700 0x107c [ 0E69D8294A78C7AB4A7CEE1F5F9D2546, E121E60DD8A3C2C0FD696F02490E4E09DDBB285521BCA79A74FD94FEE743808C ] HMD C:\WINDOWS\system32\DRIVERS\hmd.sys 12:53:34.0732 0x107c HMD - ok 12:53:34.0747 0x107c hpn - ok 12:53:34.0794 0x107c [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys 12:53:34.0857 0x107c HTTP - ok 12:53:34.0888 0x107c [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll 12:53:35.0060 0x107c HTTPFilter - ok 12:53:35.0060 0x107c i2omgmt - ok 12:53:35.0075 0x107c i2omp - ok 12:53:35.0122 0x107c [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys 12:53:35.0279 0x107c i8042prt - ok 12:53:35.0357 0x107c [ 737DA0BE27652C4482AC5CDE099BFCE9, CAF6463D851C18D2BCB3BEC3DCF9E906B95AD2E053BD48C25421FAD1DBC42585 ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys 12:53:35.0497 0x107c ialm - ok 12:53:35.0591 0x107c [ 6F95324909B502E2651442C1548AB12F, FF1B104990FE186C6100ED229A45345FF695323AC778688EC11AA8F5A87B141E ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe 12:53:35.0622 0x107c IDriverT - detected UnsignedFile.Multi.Generic ( 1 ) 12:53:38.0732 0x107c Detect skipped due to KSN trusted 12:53:38.0732 0x107c IDriverT - ok 12:53:38.0810 0x107c [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 12:53:38.0919 0x107c idsvc - ok 12:53:38.0935 0x107c [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys 12:53:39.0075 0x107c Imapi - ok 12:53:39.0122 0x107c [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] ImapiService C:\WINDOWS\system32\imapi.exe 12:53:39.0263 0x107c ImapiService - ok 12:53:39.0294 0x107c ini910u - ok 12:53:39.0341 0x107c [ F84E7F907434450B00E753D44AEC8EAA, A4C0C5230471B3D3FF4AA4B76A8E5F3986DD8FB8C2A2E180CDF216216FC8B10A ] Inspect C:\WINDOWS\system32\DRIVERS\inspect.sys 12:53:39.0372 0x107c Inspect - ok 12:53:39.0529 0x107c [ 44792CCBC7B41B42EC068C6416D17DE1, 73BE3274305B73AB7B189DAD20C46172B6CA61B1F21B18331EEAA466DABA5D6A ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys 12:53:39.0841 0x107c IntcAzAudAddService - ok 12:53:39.0888 0x107c [ B5466A9250342A7AA0CD1FBA13420678, 87E735C4E8924A883AB692D387A83BCBFAE6E165688336AE7AB488F7CA8D339E ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys 12:53:40.0044 0x107c IntelIde - ok 12:53:40.0091 0x107c [ 8C953733D8F36EB2133F5BB58808B66B, 555868F246D73652E998B0B1296476E42FCEDED30D646CC000F31ECE4EBC25E6 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys 12:53:40.0247 0x107c intelppm - ok 12:53:40.0263 0x107c [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys 12:53:40.0435 0x107c Ip6Fw - ok 12:53:40.0450 0x107c [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys 12:53:40.0591 0x107c IpInIp - ok 12:53:40.0638 0x107c [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys 12:53:40.0794 0x107c IpNat - ok 12:53:40.0810 0x107c [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys 12:53:40.0997 0x107c IPSec - ok 12:53:41.0013 0x107c [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys 12:53:41.0091 0x107c IRENUM - ok 12:53:41.0122 0x107c [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B3586917166C2DC ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys 12:53:41.0279 0x107c isapnp - ok 12:53:41.0294 0x107c [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys 12:53:41.0435 0x107c Kbdclass - ok 12:53:41.0466 0x107c [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys 12:53:41.0622 0x107c kmixer - ok 12:53:41.0669 0x107c [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys 12:53:41.0732 0x107c KSecDD - ok 12:53:41.0779 0x107c [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll 12:53:41.0841 0x107c lanmanserver - ok 12:53:41.0904 0x107c [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll 12:53:41.0966 0x107c lanmanworkstation - ok 12:53:41.0982 0x107c lbrtfdc - ok 12:53:42.0044 0x107c [ 9BD7ADD61B031307DD075E5E6A917C4D, 0023186FEA45E8DA7FB1A288AB931725C9AEC8B6B43D81747C739A8F31B9118C ] LightScribeService c:\Program Files\Common Files\LightScribe\LSSrvc.exe 12:53:42.0060 0x107c LightScribeService - detected UnsignedFile.Multi.Generic ( 1 ) 12:53:44.0935 0x107c Detect skipped due to KSN trusted 12:53:44.0935 0x107c LightScribeService - ok 12:53:44.0982 0x107c [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] LmHosts C:\WINDOWS\System32\lmhsvc.dll 12:53:45.0138 0x107c LmHosts - ok 12:53:45.0154 0x107c LVRS - ok 12:53:45.0169 0x107c LVUSBSta - ok 12:53:45.0185 0x107c LVUVC - ok 12:53:45.0232 0x107c [ D2DED3C333A5D9CB3F4C244B0F0DD877, 5C1D6C2520C24B12AC99B4B1AB8A0C41052B78CEC2E8B52807057B09A03AD81F ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys 12:53:45.0263 0x107c MBAMProtector - ok 12:53:45.0404 0x107c [ 6D8A2EE4244630B290A837E79C0F37A1, 6783BBC0BDC93E4D6D43531A1AD0DF5CD26C3BBFA6384927C5CF65AD97FB04AD ] MBAMScheduler C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe 12:53:45.0560 0x107c MBAMScheduler - ok 12:53:45.0654 0x107c [ 09D4503CBB6ADB3A54E7C7A75090B728, 6139EA3338FD64205481EDEC813A44F8D395FDA7B67AA431DA61F3631C3EDAE6 ] MBAMService C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe 12:53:45.0747 0x107c MBAMService - ok 12:53:45.0810 0x107c [ 8E2E9CCD873ABF180F48BCAEEEBE347D, 35DBBB8E63B480151EA5701D9DB7C90642FA2391D044DB400D3644F3E21BB0C1 ] MBAMSwissArmy C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys 12:53:45.0825 0x107c MBAMSwissArmy - ok 12:53:45.0919 0x107c [ 11F714F85530A2BD134074DC30E99FCA, BDB5FD3B2DF4ADD19B31965B3E789768B59E872B3EA85912B1FFB32B2AF9D5D8 ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE 12:53:45.0966 0x107c MDM - ok 12:53:46.0013 0x107c [ 780D96F551833E0DCFE0A33B02B774E8, 856F4E361A5956FE30CFF73112C3E2E59B4034C47F1B051A39DD9787FCABC9A2 ] MemeoBackgroundService C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe 12:53:46.0044 0x107c MemeoBackgroundService - ok 12:53:46.0075 0x107c [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] Messenger C:\WINDOWS\System32\msgsvc.dll 12:53:46.0247 0x107c Messenger - ok 12:53:46.0279 0x107c [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys 12:53:46.0450 0x107c mnmdd - ok 12:53:46.0482 0x107c [ D18F1F0C101D06A1C1ADF26EED16FCDD, BA0837C7780BD8262E143E2935AFA63BE59C3C39EF56CB8608EED0F50AF070D4 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe 12:53:46.0622 0x107c mnmsrvc - ok 12:53:46.0669 0x107c [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] Modem C:\WINDOWS\system32\drivers\Modem.sys 12:53:46.0810 0x107c Modem - ok 12:53:46.0825 0x107c [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys 12:53:46.0997 0x107c Mouclass - ok 12:53:47.0060 0x107c [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys 12:53:47.0216 0x107c mouhid - ok 12:53:47.0247 0x107c [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys 12:53:47.0404 0x107c MountMgr - ok 12:53:47.0466 0x107c [ 707E98CC15C2224C078C9E71FF1889BC, 958416FE081436FDBF7F2BEBBB2795C54CC4F3F349D6DF463296A7BBA3404F13 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe 12:53:47.0497 0x107c MozillaMaintenance - ok 12:53:47.0560 0x107c [ E77DC03DD3C8E5A388BF9EED2A28F3D1, ED0DAA975D1EC35CE036F02596218E15CC6A054167628D12A0A5AD91B841F422 ] MpFilter C:\WINDOWS\system32\DRIVERS\MpFilter.sys 12:53:47.0607 0x107c MpFilter - ok 12:53:47.0622 0x107c mraid35x - ok 12:53:47.0638 0x107c [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys 12:53:47.0794 0x107c MRxDAV - ok 12:53:47.0857 0x107c [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 12:53:47.0997 0x107c MRxSmb - ok 12:53:48.0013 0x107c [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F616301B30B858C724E8 ] MSDTC C:\WINDOWS\system32\msdtc.exe 12:53:48.0154 0x107c MSDTC - ok 12:53:48.0169 0x107c [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys 12:53:48.0341 0x107c Msfs - ok 12:53:48.0357 0x107c MSIServer - ok 12:53:48.0372 0x107c [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys 12:53:48.0544 0x107c MSKSSRV - ok 12:53:48.0622 0x107c [ B0F49DA36F30922F5DDC3B623B778FCE, EE025AEFA4A2095AFEABFB3A49639DA77D78068A3F5EEDA6C15D34853AFD5609 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe 12:53:48.0654 0x107c MsMpSvc - ok 12:53:48.0685 0x107c [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys 12:53:48.0857 0x107c MSPCLOCK - ok 12:53:48.0857 0x107c [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys 12:53:49.0029 0x107c MSPQM - ok 12:53:49.0075 0x107c [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys 12:53:49.0216 0x107c mssmbios - ok 12:53:49.0247 0x107c [ E53736A9E30C45FA9E7B5EAC55056D1D, 38602F280BF69EBA3706AD175AFC1AEB561A8302B4B61E3FECB3C27D7A9BDB41 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys 12:53:49.0388 0x107c MSTEE - ok 12:53:49.0435 0x107c [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup C:\WINDOWS\system32\drivers\Mup.sys 12:53:49.0513 0x107c Mup - ok 12:53:49.0544 0x107c [ 5B50F1B2A2ED47D560577B221DA734DB, C16A554B6E1A7F5F98C94DFA88163E0F7426506BF2F51FD351B1A05FC0DB3BC5 ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys 12:53:49.0716 0x107c NABTSFEC - ok 12:53:49.0763 0x107c [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F6785DFAABF339B09 ] napagent C:\WINDOWS\System32\qagentrt.dll 12:53:49.0950 0x107c napagent - ok 12:53:49.0982 0x107c [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys 12:53:50.0138 0x107c NDIS - ok 12:53:50.0154 0x107c [ 7FF1F1FD8609C149AA432F95A8163D97, 18CD1FF5AC1EF8A38D1EC53014F2BADD28D9CDF4ECE2EBC2313D08903776F323 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys 12:53:50.0279 0x107c NdisIP - ok 12:53:50.0325 0x107c [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys 12:53:50.0404 0x107c NdisTapi - ok 12:53:50.0435 0x107c [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys 12:53:50.0575 0x107c Ndisuio - ok 12:53:50.0591 0x107c [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys 12:53:50.0747 0x107c NdisWan - ok 12:53:50.0779 0x107c [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys 12:53:50.0841 0x107c NDProxy - ok 12:53:50.0841 0x107c [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys 12:53:51.0013 0x107c NetBIOS - ok 12:53:51.0044 0x107c [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys 12:53:51.0200 0x107c NetBT - ok 12:53:51.0247 0x107c [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDE C:\WINDOWS\system32\netdde.exe 12:53:51.0419 0x107c NetDDE - ok 12:53:51.0435 0x107c [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe 12:53:51.0622 0x107c NetDDEdsdm - ok 12:53:51.0669 0x107c [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] Netlogon C:\WINDOWS\system32\lsass.exe 12:53:51.0825 0x107c Netlogon - ok 12:53:51.0872 0x107c [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] Netman C:\WINDOWS\System32\netman.dll 12:53:52.0060 0x107c Netman - ok 12:53:52.0091 0x107c [ D34612C5D02D026535B3095D620626AE, 1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 12:53:52.0122 0x107c NetTcpPortSharing - ok 12:53:52.0154 0x107c [ E9E47CFB2D461FA0FC75B7A74C6383EA, 544136F5BFD4DC23D45E90F12FA48B82FD9EAEA9EAF3E0F5F0BD27E23D672C3E ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys 12:53:52.0310 0x107c NIC1394 - ok 12:53:52.0372 0x107c [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] Nla C:\WINDOWS\System32\mswsock.dll 12:53:52.0419 0x107c Nla - ok 12:53:52.0435 0x107c [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys 12:53:52.0575 0x107c Npfs - ok 12:53:52.0638 0x107c [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys 12:53:52.0825 0x107c Ntfs - ok 12:53:52.0825 0x107c [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] NtLmSsp C:\WINDOWS\system32\lsass.exe 12:53:52.0997 0x107c NtLmSsp - ok 12:53:53.0044 0x107c [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84F83FC3043FA9CD ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll 12:53:53.0232 0x107c NtmsSvc - ok 12:53:53.0279 0x107c [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys 12:53:53.0419 0x107c Null - ok 12:53:53.0435 0x107c [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 12:53:53.0575 0x107c NwlnkFlt - ok 12:53:53.0575 0x107c [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 12:53:53.0732 0x107c NwlnkFwd - ok 12:53:53.0747 0x107c [ CA33832DF41AFB202EE7AEB05145922F, 9DD0089C2E13C7F81214C3B5A4A61276292052F9BBFEA7FCD0F6AA27815D5F95 ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys 12:53:53.0919 0x107c ohci1394 - ok 12:53:53.0982 0x107c [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC918BF6BE94A5C2 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 12:53:54.0013 0x107c ose - ok 12:53:54.0044 0x107c [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys 12:53:54.0200 0x107c Parport - ok 12:53:54.0216 0x107c [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys 12:53:54.0372 0x107c PartMgr - ok 12:53:54.0404 0x107c [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys 12:53:54.0544 0x107c ParVdm - ok 12:53:54.0560 0x107c [ 505CBA425DF3BB230F244E1C23221058, EF46E06FA198EDCDAE1AADD6657045F9EA5597B7B0B0C078F119D10FD9F78022 ] PcdrNdisuio C:\WINDOWS\system32\DRIVERS\pcdrndisuio.sys 12:53:54.0575 0x107c PcdrNdisuio - detected UnsignedFile.Multi.Generic ( 1 ) 12:53:57.0029 0x107c Detect skipped due to KSN trusted 12:53:57.0029 0x107c PcdrNdisuio - ok 12:53:57.0060 0x107c [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B22984804CEC269 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys 12:53:57.0232 0x107c PCI - ok 12:53:57.0247 0x107c PCIDump - ok 12:53:57.0263 0x107c [ CCF5F451BB1A5A2A522A76E670000FF0, D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020198724042C9257 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys 12:53:57.0419 0x107c PCIIde - ok 12:53:57.0466 0x107c [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FCFEC1C8C987F617 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys 12:53:57.0607 0x107c Pcmcia - ok 12:53:57.0622 0x107c PDCOMP - ok 12:53:57.0638 0x107c PDFRAME - ok 12:53:57.0654 0x107c PDRELI - ok 12:53:57.0669 0x107c PDRFRAME - ok 12:53:57.0669 0x107c perc2 - ok 12:53:57.0685 0x107c perc2hib - ok 12:53:57.0732 0x107c [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] PlugPlay C:\WINDOWS\system32\services.exe 12:53:57.0779 0x107c PlugPlay - ok 12:53:57.0810 0x107c [ 2D091A99624FB9E7EEF0A86D872EC0C3, 465C0772E23F7959EC71DCCFA3304E2E46FD31548AE37D7BA3DAAA59E6B561FD ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.exe 12:53:57.0841 0x107c Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 ) 12:54:00.0310 0x107c Detect skipped due to KSN trusted 12:54:00.0310 0x107c Pml Driver HPZ12 - ok 12:54:00.0310 0x107c [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] PolicyAgent C:\WINDOWS\system32\lsass.exe 12:54:00.0450 0x107c PolicyAgent - ok 12:54:00.0497 0x107c [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys 12:54:00.0654 0x107c PptpMiniport - ok 12:54:00.0669 0x107c [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe 12:54:00.0810 0x107c ProtectedStorage - ok 12:54:00.0825 0x107c [ 390C204CED3785609AB24E9C52054A84, D997A9EAAE4A7FED9C2FEBD1AA7D1171431B9C9D56F8BFB587DCAE26203FF4D2 ] Ps2 C:\WINDOWS\system32\DRIVERS\PS2.sys 12:54:00.0904 0x107c Ps2 - ok 12:54:00.0935 0x107c [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys 12:54:01.0075 0x107c PSched - ok 12:54:01.0107 0x107c [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys 12:54:01.0247 0x107c Ptilink - ok 12:54:01.0263 0x107c [ 7C81AE3C9B82BA2DA437ED4D31BC56CF, 42407981358C3D27851442441C9A9692A747390469F03C3E89483F85BFCB797B ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys 12:54:01.0263 0x107c PxHelp20 - detected UnsignedFile.Multi.Generic ( 1 ) 12:54:03.0716 0x107c Detect skipped due to KSN trusted 12:54:03.0716 0x107c PxHelp20 - ok 12:54:03.0716 0x107c ql1080 - ok 12:54:03.0732 0x107c Ql10wnt - ok 12:54:03.0747 0x107c ql12160 - ok 12:54:03.0763 0x107c ql1240 - ok 12:54:03.0779 0x107c ql1280 - ok 12:54:03.0810 0x107c [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys 12:54:03.0966 0x107c RasAcd - ok 12:54:03.0997 0x107c [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F31862656E96E2B20C ] RasAuto C:\WINDOWS\System32\rasauto.dll 12:54:04.0138 0x107c RasAuto - ok 12:54:04.0169 0x107c [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 12:54:04.0341 0x107c Rasl2tp - ok 12:54:04.0388 0x107c [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] RasMan C:\WINDOWS\System32\rasmans.dll 12:54:04.0544 0x107c RasMan - ok 12:54:04.0560 0x107c [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys 12:54:04.0732 0x107c RasPppoe - ok 12:54:04.0763 0x107c [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys 12:54:04.0919 0x107c Raspti - ok 12:54:04.0966 0x107c [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys 12:54:05.0138 0x107c Rdbss - ok 12:54:05.0154 0x107c [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 12:54:05.0294 0x107c RDPCDD - ok 12:54:05.0357 0x107c [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys 12:54:05.0435 0x107c RDPWD - ok 12:54:05.0466 0x107c [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944333039375AC08C ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe 12:54:05.0622 0x107c RDSessMgr - ok 12:54:05.0700 0x107c [ 96EFEC24346A8EB1157E80523079ADDC, 7F8FC284029856C754E400B6C954369FFE27763C81D8F4AF4E58BFDD44CBC24A ] RealNetworks Downloader Resolver Service C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe 12:54:05.0732 0x107c RealNetworks Downloader Resolver Service - ok 12:54:05.0763 0x107c [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys 12:54:05.0935 0x107c redbook - ok 12:54:05.0966 0x107c [ 7E699FF5F59B5D9DE5390E3C34C67CF5, 3FCF0442D80AB181FED4303E570378736AA1F8718C0B8B70F689A1E45200FFE4 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll 12:54:06.0122 0x107c RemoteAccess - ok 12:54:06.0154 0x107c [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC343561DC5EF9A360 ] RpcLocator C:\WINDOWS\system32\locator.exe 12:54:06.0294 0x107c RpcLocator - ok 12:54:06.0341 0x107c [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] RpcSs C:\WINDOWS\System32\rpcss.dll 12:54:06.0404 0x107c RpcSs - ok 12:54:06.0435 0x107c [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP C:\WINDOWS\system32\rsvp.exe 12:54:06.0575 0x107c RSVP - ok 12:54:06.0622 0x107c [ 1A2A445E8968B2019E75E08F3A1344FC, 321DD411E2B7B4BB958E9823E0F41E04A1D2C3E426DCFD0AC286FF5B0617B614 ] RTL8023xp C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys 12:54:06.0700 0x107c RTL8023xp - ok 12:54:06.0732 0x107c [ D507C1400284176573224903819FFDA3, DD0BDB2AB39A8A0A300B6D60FB6A7F5BA08C4DB8F59E0A784FB763EA8AD72AB2 ] rtl8139 C:\WINDOWS\system32\DRIVERS\RTL8139.SYS 12:54:06.0857 0x107c rtl8139 - ok 12:54:06.0904 0x107c [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] SamSs C:\WINDOWS\system32\lsass.exe 12:54:07.0044 0x107c SamSs - ok 12:54:07.0060 0x107c [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F45DD054EEA04C7 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe 12:54:07.0232 0x107c SCardSvr - ok 12:54:07.0279 0x107c [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] Schedule C:\WINDOWS\system32\schedsvc.dll 12:54:07.0466 0x107c Schedule - ok 12:54:07.0560 0x107c [ 16B44D246835EAC156F8DAF0AA4F530C, F882BE1B27C0500AEE34BB9D9B69EBD258A19418475DB5552345DC844CDA1ECB ] SeagateDashboardService C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe 12:54:07.0575 0x107c SeagateDashboardService - ok 12:54:07.0607 0x107c [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys 12:54:07.0700 0x107c Secdrv - ok 12:54:07.0716 0x107c [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] seclogon C:\WINDOWS\System32\seclogon.dll 12:54:07.0888 0x107c seclogon - ok 12:54:07.0919 0x107c [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] SENS C:\WINDOWS\system32\sens.dll 12:54:08.0075 0x107c SENS - ok 12:54:08.0138 0x107c [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] Serial C:\WINDOWS\system32\drivers\Serial.sys 12:54:08.0279 0x107c Serial - ok 12:54:08.0325 0x107c [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys 12:54:08.0466 0x107c Sfloppy - ok 12:54:08.0513 0x107c [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll 12:54:08.0685 0x107c SharedAccess - ok 12:54:08.0716 0x107c [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll 12:54:08.0763 0x107c ShellHWDetection - ok 12:54:08.0779 0x107c Simbad - ok 12:54:08.0794 0x107c [ 866D538EBE33709A5C9F5C62B73B7D14, BC94BEB7C17B4FCAC8B5D0D5006A203BC209E0504EECE149651D8691935696CD ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys 12:54:08.0950 0x107c SLIP - ok 12:54:08.0966 0x107c Sparrow - ok 12:54:09.0013 0x107c [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter C:\WINDOWS\system32\drivers\splitter.sys 12:54:09.0169 0x107c splitter - ok 12:54:09.0216 0x107c [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler C:\WINDOWS\system32\spoolsv.exe 12:54:09.0263 0x107c Spooler - ok 12:54:09.0294 0x107c [ 76BB022C2FB6902FD5BDD4F78FC13A5D, 6031CB2344D7277FC703480EB43CF856A0F8F818EA98FF26A2CA532336CD2DFA ] sr C:\WINDOWS\system32\DRIVERS\sr.sys 12:54:09.0372 0x107c sr - ok 12:54:09.0404 0x107c [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] srservice C:\WINDOWS\system32\srsvc.dll 12:54:09.0497 0x107c srservice - ok 12:54:09.0560 0x107c [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys 12:54:09.0638 0x107c Srv - ok 12:54:09.0669 0x107c [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll 12:54:09.0763 0x107c SSDPSRV - ok 12:54:09.0825 0x107c [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] stisvc C:\WINDOWS\system32\wiaservc.dll 12:54:10.0029 0x107c stisvc - ok 12:54:10.0060 0x107c [ 77813007BA6265C4B6098187E6ED79D2, 93939120E803C46FBFD577C8FC2E6C7E71C0460E01D25CB29579490640AB50C7 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys 12:54:10.0200 0x107c streamip - ok 12:54:10.0247 0x107c [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys 12:54:10.0388 0x107c swenum - ok 12:54:10.0435 0x107c [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys 12:54:10.0591 0x107c swmidi - ok 12:54:10.0607 0x107c SwPrv - ok 12:54:10.0669 0x107c [ C8A43978DADCF12B7E40A0577227DFBC, 72C753CB8CE9F2770C8E1B28B9DAAD0CDA3473FAE751A9009AC7FADAA79AAE96 ] sxuptp C:\WINDOWS\system32\DRIVERS\sxuptp.sys 12:54:10.0716 0x107c sxuptp - ok 12:54:10.0732 0x107c symc810 - ok 12:54:10.0732 0x107c symc8xx - ok 12:54:10.0747 0x107c sym_hi - ok 12:54:10.0763 0x107c sym_u3 - ok 12:54:10.0779 0x107c [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys 12:54:10.0950 0x107c sysaudio - ok 12:54:10.0997 0x107c [ C7ABBC59B43274B1109DF6B24D617051, 4384CA0AA6CE9B603CF7DB775A3C721E46715D5B120B94FB57DEADAADE18535B ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe 12:54:11.0154 0x107c SysmonLog - ok 12:54:11.0200 0x107c [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll 12:54:11.0388 0x107c TapiSrv - ok 12:54:11.0435 0x107c [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys 12:54:11.0497 0x107c Tcpip - ok 12:54:11.0544 0x107c [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys 12:54:11.0685 0x107c TDPIPE - ok 12:54:11.0716 0x107c [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys 12:54:11.0857 0x107c TDTCP - ok 12:54:11.0872 0x107c [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys 12:54:12.0029 0x107c TermDD - ok 12:54:12.0075 0x107c [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] TermService C:\WINDOWS\System32\termsrv.dll 12:54:12.0232 0x107c TermService - ok 12:54:12.0263 0x107c [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] Themes C:\WINDOWS\System32\shsvcs.dll 12:54:12.0294 0x107c Themes - ok 12:54:12.0325 0x107c TosIde - ok 12:54:12.0341 0x107c [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] TrkWks C:\WINDOWS\system32\trkwks.dll 12:54:12.0513 0x107c TrkWks - ok 12:54:12.0544 0x107c [ 446118FFFF5576434393AE4551A5CA74, 6E72F429EBF7EF5351735E12E153F39DDCAD3E0341106D3384C9EACFC105FDA6 ] TrueSight C:\WINDOWS\system32\drivers\TrueSight.sys 12:54:12.0575 0x107c TrueSight - ok 12:54:12.0607 0x107c [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys 12:54:12.0763 0x107c Udfs - ok 12:54:12.0779 0x107c ultra - ok 12:54:12.0841 0x107c [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update C:\WINDOWS\system32\DRIVERS\update.sys 12:54:13.0029 0x107c Update - ok 12:54:13.0075 0x107c [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91, 7746916DB48E3F5B243B63C066596AD9037A494BF1AD935946DD04AC85D983DF ] upnphost C:\WINDOWS\System32\upnphost.dll 12:54:13.0169 0x107c upnphost - ok 12:54:13.0185 0x107c [ 05365FB38FCA1E98F7A566AAAF5D1815, 16843048CEEC3DAA3B953A12FF1EE339E86783A08F2A56DA7F94AD9F9717D77D ] UPS C:\WINDOWS\System32\ups.exe 12:54:13.0341 0x107c UPS - ok 12:54:13.0388 0x107c [ 65898A183FBF1D1F7759D5CCB364DCD4, 85E823123FDB4CA5F8255064E22A444627999055EC3419DFD001371893F36AB9 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys 12:54:13.0497 0x107c usbaudio - ok 12:54:13.0529 0x107c [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys 12:54:13.0607 0x107c usbccgp - ok 12:54:13.0654 0x107c [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys 12:54:13.0685 0x107c usbehci - ok 12:54:13.0732 0x107c [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys 12:54:13.0888 0x107c usbhub - ok 12:54:13.0919 0x107c [ F8EDE2B6928970DCE3D5614C27D9E7F6, 6E5EBBC8B70C1D593634DAF0C190DEADFDA18C3CBC8F552A76F156F3869EF05B ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys 12:54:13.0950 0x107c usbscan - ok 12:54:14.0013 0x107c [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 12:54:14.0154 0x107c USBSTOR - ok 12:54:14.0200 0x107c [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys 12:54:14.0341 0x107c usbuhci - ok 12:54:14.0388 0x107c [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave C:\WINDOWS\System32\drivers\vga.sys 12:54:14.0529 0x107c VgaSave - ok 12:54:14.0544 0x107c [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E, FC7FFD53FCC0F81587EFF26A43C141D25C43DBC68311520CE2BCDD739CA58CA9 ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys 12:54:14.0700 0x107c ViaIde - ok 12:54:14.0732 0x107c [ 4C8FCB5CC53AAB716D810740FE59D025, 010EAC43DBED700B73E4FC908FAAF9F6A0168EBBD5D86751E49BC33AAA18BFA4 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys 12:54:14.0872 0x107c VolSnap - ok 12:54:14.0935 0x107c [ 7A9DB3A67C333BF0BD42E42B8596854B, D31A9A3B1AAAB373EDD73B674102395212FCB616F829E938B7B2B7BE7D4752C5 ] VSS C:\WINDOWS\System32\vssvc.exe 12:54:15.0060 0x107c VSS - ok 12:54:15.0107 0x107c [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] W32Time C:\WINDOWS\system32\w32time.dll 12:54:15.0263 0x107c W32Time - ok 12:54:15.0310 0x107c [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys 12:54:15.0450 0x107c Wanarp - ok 12:54:15.0482 0x107c [ 4C0B8EF721783F52F8E531FBDC4B1F74, FA603ADA2FCA64E03D3642B335AD4454CEE3AE9FDEA21FCF9BA2D16DACBB1BDD ] wceusbsh C:\WINDOWS\system32\DRIVERS\wceusbsh.sys 12:54:15.0622 0x107c wceusbsh - ok 12:54:15.0638 0x107c WDICA - ok 12:54:15.0669 0x107c [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys 12:54:15.0825 0x107c wdmaud - ok 12:54:15.0857 0x107c [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] WebClient C:\WINDOWS\System32\webclnt.dll 12:54:16.0044 0x107c WebClient - ok 12:54:16.0122 0x107c [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll 12:54:16.0279 0x107c winmgmt - ok 12:54:16.0341 0x107c [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll 12:54:16.0419 0x107c WmdmPmSN - ok 12:54:16.0466 0x107c [ E0673F1106E62A68D2257E376079F821, 12992F18C9653050B10DC61D12988067933FCFDF02123D3A7EF5DE607A785DDC ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe 12:54:16.0607 0x107c WmiApSrv - ok 12:54:16.0716 0x107c [ F74E3D9A7FA9556C3BBB14D4E5E63D3B, C71FAAC752F6D58BF8556661252DBF8C5DDD090CAE002A2C7E09C9A014526066 ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe 12:54:16.0825 0x107c WMPNetworkSvc - ok 12:54:16.0872 0x107c [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys 12:54:17.0029 0x107c WS2IFSL - ok 12:54:17.0075 0x107c [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D4476F57867FCC12A ] wscsvc C:\WINDOWS\system32\wscsvc.dll 12:54:17.0232 0x107c wscsvc - ok 12:54:17.0247 0x107c [ C98B39829C2BBD34E454150633C62C78, 71B60EA3AD0E2637917D528C6A9E7ECF2949E3E5E91036AA5BBADA95BD725511 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS 12:54:17.0404 0x107c WSTCODEC - ok 12:54:17.0419 0x107c [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E27B161F9FFD4CD ] wuauserv C:\WINDOWS\system32\wuauserv.dll 12:54:17.0560 0x107c wuauserv - ok 12:54:17.0575 0x107c [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys 12:54:17.0638 0x107c WudfPf - ok 12:54:17.0669 0x107c [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys 12:54:17.0716 0x107c WudfRd - ok 12:54:17.0747 0x107c [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll 12:54:17.0794 0x107c WudfSvc - ok 12:54:17.0857 0x107c [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll 12:54:18.0075 0x107c WZCSVC - ok 12:54:18.0122 0x107c [ 295D21F14C335B53CB8154E5B1F892B9, 9418477C2E3EA93E93D931A4EDD4500DA568FAD6040204B5201D1080203B0BBC ] xmlprov C:\WINDOWS\System32\xmlprov.dll 12:54:18.0263 0x107c xmlprov - ok 12:54:18.0294 0x107c ================ Scan global =============================== 12:54:18.0341 0x107c [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll 12:54:18.0404 0x107c [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll 12:54:18.0450 0x107c [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll 12:54:18.0482 0x107c [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe 12:54:18.0482 0x107c [ Global ] - ok 12:54:18.0482 0x107c ================ Scan MBR ================================== 12:54:18.0513 0x107c [ 671B81004FDD1588FA9ED1331C9CECA9 ] \Device\Harddisk0\DR0 12:54:18.0732 0x107c \Device\Harddisk0\DR0 - ok 12:54:18.0732 0x107c [ 66D0B28C8B44E531D0C19F436252ABAA ] \Device\Harddisk1\DR3 12:54:18.0825 0x107c \Device\Harddisk1\DR3 - ok 12:54:18.0841 0x107c ================ Scan VBR ================================== 12:54:18.0841 0x107c [ D17D79E71CFAF7B747F3DB26D17DB4D5 ] \Device\Harddisk0\DR0\Partition1 12:54:18.0841 0x107c \Device\Harddisk0\DR0\Partition1 - ok 12:54:18.0857 0x107c [ A156533FFA0348EADB56BA557CCAA2FE ] \Device\Harddisk0\DR0\Partition2 12:54:18.0888 0x107c \Device\Harddisk0\DR0\Partition2 - ok 12:54:18.0888 0x107c [ B1477374868051A5F668D32CBEDB5CF2 ] \Device\Harddisk1\DR3\Partition1 12:54:18.0888 0x107c \Device\Harddisk1\DR3\Partition1 - ok 12:54:18.0888 0x107c ================ Scan generic autorun ====================== 12:54:18.0997 0x107c [ 6380625DD0480ED60960A149A087C848, 50D920A3184B431246B38066FB6D6452C90294FCCEB8E2F1F1B7A2743E6C1106 ] c:\hp\bin\cloaker.exe 12:54:19.0029 0x107c thirdintel - detected UnsignedFile.Multi.Generic ( 1 ) 12:54:21.0482 0x107c Detect skipped due to KSN trusted 12:54:21.0482 0x107c thirdintel - ok 12:54:21.0513 0x107c [ C81BE1B951C36E97D3DA90DA745DA5F7, DCE7E9127BC9C02B124CA201561A99DE29243CA0353A65B5C794D8C050D98CFF ] C:\HP\KBD\KBD.EXE 12:54:21.0544 0x107c KBD - detected UnsignedFile.Multi.Generic ( 1 ) 12:54:23.0997 0x107c Detect skipped due to KSN trusted 12:54:23.0997 0x107c KBD - ok 12:54:24.0404 0x107c [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe 12:54:24.0497 0x107c Adobe ARM - ok 12:54:24.0575 0x107c [ F6158734F1E24C6C510155CF0D363911, 320900BA90AF14E254CFAFA70FB15A0E77506217E47A406FA1ED821D0206FE29 ] C:\program files\real\realplayer\update\realsched.exe 12:54:24.0622 0x107c TkBellExe - ok 12:54:24.0654 0x107c [ 76A3A30B58405C2C6D833895253A51A9, 9EC13191F3938E0E63A5594687A7D93E0C5A77FB54BCFEBD3855719EA62262F8 ] C:\Program Files\QuickTime\qttask.exe 12:54:24.0669 0x107c QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 ) 12:54:27.0107 0x107c Detect skipped due to KSN trusted 12:54:27.0107 0x107c QuickTime Task - ok 12:54:27.0216 0x107c [ 376FB589890E90BAA3D05867E44116E9, 287F0B0555E0A025C6F7F6C18B6FA79B849172AAB4ACC9406D726570DC6ABE87 ] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe 12:54:27.0294 0x107c COMODO Internet Security - ok 12:54:27.0325 0x107c [ 850B548DFCC9794A69092A3CF4946556, EDAE70289FDE4363BCD81216C7684D8F7D93E5CFEDA3319B105D3C8088928054 ] C:\Program Files\Memeo\AutoBackup\MemeoLauncher2.exe 12:54:27.0357 0x107c Memeo Instant Backup - ok 12:54:27.0404 0x107c [ A853FB4774AAA16D7D57E26F46196ABF, 71791A0EB922CD554E58120F5E884B1E08EEDEA4B1BFFA19C8975CFEE38297FD ] C:\Program Files\Seagate\Seagate Dashboard\MemeoLauncher.exe 12:54:27.0435 0x107c Seagate Dashboard - ok 12:54:27.0654 0x107c [ 39B47A50DC3D5E898298468307765710, 06268FF65CF69E2B0822477C2D1DA44721B1ADBE4F06C0D3AC0B70C2A18D8DC6 ] C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe 12:54:27.0763 0x107c tvncontrol - ok 12:54:27.0810 0x107c [ 5F1D5F88303D4A4DBC8E5F97BA967CC3, 5FB24FC7916A6E6B3BE7D84CB1684215B266CD1495575C2E5672B8447932E5B1 ] C:\WINDOWS\system32\ctfmon.exe 12:54:27.0997 0x107c ctfmon.exe - ok 12:54:28.0169 0x107c [ 3E930C641079443D4DE036167A69CAA2, DEBA83978850F17B33A3C4C06C5E707B9A3FACA30FE0DFC5A9425EF2CA592473 ] C:\Program Files\Messenger\msmsgs.exe 12:54:28.0419 0x107c MSMSGS - ok 12:54:28.0435 0x107c [ 5F1D5F88303D4A4DBC8E5F97BA967CC3, 5FB24FC7916A6E6B3BE7D84CB1684215B266CD1495575C2E5672B8447932E5B1 ] C:\WINDOWS\system32\ctfmon.exe 12:54:28.0575 0x107c ctfmon.exe - ok 12:54:28.0857 0x107c [ 947835240308F523C9D980C89D35E76D, AC170D4185B7083E0433F21427C4D6EC4951958DCBE07CEC82515783E69B2646 ] C:\Program Files\CCleaner\CCleaner.exe 12:54:29.0075 0x107c CCleaner Monitoring - ok 12:54:29.0122 0x107c [ 5F1D5F88303D4A4DBC8E5F97BA967CC3, 5FB24FC7916A6E6B3BE7D84CB1684215B266CD1495575C2E5672B8447932E5B1 ] C:\WINDOWS\system32\ctfmon.exe 12:54:29.0263 0x107c ctfmon.exe - ok 12:54:29.0497 0x107c [ 947835240308F523C9D980C89D35E76D, AC170D4185B7083E0433F21427C4D6EC4951958DCBE07CEC82515783E69B2646 ] C:\Program Files\CCleaner\CCleaner.exe 12:54:29.0700 0x107c CCleaner Monitoring - ok 12:54:29.0810 0x107c [ 5F1D5F88303D4A4DBC8E5F97BA967CC3, 5FB24FC7916A6E6B3BE7D84CB1684215B266CD1495575C2E5672B8447932E5B1 ] C:\WINDOWS\system32\ctfmon.exe 12:54:29.0966 0x107c ctfmon.exe - ok 12:54:29.0982 0x107c [ 5F1D5F88303D4A4DBC8E5F97BA967CC3, 5FB24FC7916A6E6B3BE7D84CB1684215B266CD1495575C2E5672B8447932E5B1 ] C:\WINDOWS\system32\ctfmon.exe 12:54:30.0122 0x107c ctfmon.exe - ok 12:54:30.0122 0x107c Waiting for KSN requests completion. In queue: 13 12:54:31.0122 0x107c Waiting for KSN requests completion. In queue: 13 12:54:32.0122 0x107c Waiting for KSN requests completion. In queue: 13 12:54:33.0216 0x107c AV detected via SS1: COMODO Antivirus, 6.0, disabled, updated 12:54:33.0232 0x107c FW detected via SS1: COMODO Firewall, 6.0, disabled 12:54:33.0232 0x107c Win FW state via NFM: disabled 12:54:35.0747 0x107c ============================================================ 12:54:35.0747 0x107c Scan finished 12:54:35.0747 0x107c ============================================================ 12:54:35.0763 0x17c4 Detected object count: 0 12:54:35.0763 0x17c4 Actual detected object count: 0 13:07:18.0935 0x06d8 Deinitialize success 2014/11/04 12:48:04.0325 6108 TDSS rootkit removing tool 2.5.6.0 Jun 27 2011 15:22:52 2014/11/04 12:48:06.0154 6108 Perform update action was selected 2014/11/04 12:48:06.0169 5780 Deinitialize success 2014/11/04 12:46:56.0872 5840 TDSS rootkit removing tool 2.5.6.0 Jun 27 2011 15:22:52 2014/11/04 12:46:59.0732 5840 Perform update action was selected 2014/11/04 12:46:59.0732 1976 Deinitialize success

Here is some of the results from the scans. TDSSKiller and mini tool box ran just fine, with no issues or problems. The awsMBR results will come next. Also, I am not able to attach any logs to this post, because this web site says there is a (error I0) with each one of my attempts to attache. What is (error I0) mean/ refer to? PS: You will delete / remove any sensitive info I paste to my postings that wouldn't be of help to any one else who would read these postings, so that it is not available to others who might utilize that info for wrong means? Can I depend on you to do that? ....please. thank you Ron. MiniToolBox by Farbar Version: 16-06-2013 Ran by Biomed (administrator) on 04-11-2014 at 15:41:40 Running from "C:\Documents and Settings\Biomed\My Documents\malware scanning tools and programs" Microsoft Windows XP Service Pack 3 (X86) Boot Mode: Normal *************************************************************************** ========================= Flush DNS: =================================== Windows IP Configuration Successfully flushed the DNS Resolver Cache. ========================= IE Proxy Settings: ============================== Proxy is not enabled. No Proxy Server is set. "Reset IE Proxy Settings": IE Proxy Settings were reset. ========================= FF Proxy Settings: ============================== ========================= Hosts content: ================================= 127.0.0.1 localhost ========================= IP Configuration: ================================ 1394 Net Adapter = 1394 Connection (Disconnected) Realtek RTL8139/810x Family Fast Ethernet NIC = Local Area Connection (Connected) # ---------------------------------- # Interface IP Configuration # ---------------------------------- pushd interface ip # Interface IP Configuration for "Local Area Connection" set address name="Local Area Connection" source=dhcp set dns name="Local Area Connection" source=static addr=156.154.70.22 register=PRIMARY add dns name="Local Area Connection" addr=156.154.71.22 index=2 set wins name="Local Area Connection" source=dhcp popd # End of interface IP configuration Windows IP Configuration Host Name . . . . . . . . . . . . : MSAIMH002 Primary Dns Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Hybrid IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No DNS Suffix Search List. . . . . . : Belkin Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : Belkin Description . . . . . . . . . . . : Realtek RTL8139/810x Family Fast Ethernet NIC Physical Address. . . . . . . . . : 00-13-D4-24-70-88 Dhcp Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes IP Address. . . . . . . . . . . . : 192.168.2.2 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.2.1 DHCP Server . . . . . . . . . . . : 192.168.2.1 DNS Servers . . . . . . . . . . . : 156.154.70.22 156.154.71.22 Lease Obtained. . . . . . . . . . : Tuesday, November 04, 2014 3:30:18 AM Lease Expires . . . . . . . . . . : Monday, January 18, 2038 10:14:07 PM Server: UnKnown Address: 156.154.70.22 Name: google.com Addresses: 173.194.115.128, 173.194.115.136, 173.194.115.134, 173.194.115.129 173.194.115.135, 173.194.115.137, 173.194.115.133, 173.194.115.131, 173.194.115.130 173.194.115.132, 173.194.115.142 Pinging google.com [173.194.115.0] with 32 bytes of data: Reply from 173.194.115.0: bytes=32 time=60ms TTL=51 Reply from 173.194.115.0: bytes=32 time=38ms TTL=51 Ping statistics for 173.194.115.0: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 38ms, Maximum = 60ms, Average = 49ms Server: UnKnown Address: 156.154.70.22 Name: yahoo.com Addresses: 98.138.253.109, 98.139.183.24, 206.190.36.45 Pinging yahoo.com [98.138.253.109] with 32 bytes of data: Reply from 98.138.253.109: bytes=32 time=70ms TTL=47 Reply from 98.138.253.109: bytes=32 time=68ms TTL=47 Ping statistics for 98.138.253.109: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 68ms, Maximum = 70ms, Average = 69ms Pinging 127.0.0.1 with 32 bytes of data: Reply from 127.0.0.1: bytes=32 time<1ms TTL=128 Reply from 127.0.0.1: bytes=32 time<1ms TTL=128 Ping statistics for 127.0.0.1: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms =========================================================================== Interface List 0x1 ........................... MS TCP Loopback interface 0x10003 ...00 13 d4 24 70 88 ...... Realtek RTL8139/810x Family Fast Ethernet NIC =========================================================================== =========================================================================== Active Routes: Network Destination Netmask Gateway Interface Metric 0.0.0.0 0.0.0.0 192.168.2.1 192.168.2.2 20 127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1 192.168.2.0 255.255.255.0 192.168.2.2 192.168.2.2 20 192.168.2.2 255.255.255.255 127.0.0.1 127.0.0.1 20 192.168.2.255 255.255.255.255 192.168.2.2 192.168.2.2 20 224.0.0.0 240.0.0.0 192.168.2.2 192.168.2.2 20 255.255.255.255 255.255.255.255 192.168.2.2 192.168.2.2 1 Default Gateway: 192.168.2.1 =========================================================================== Persistent Routes: None ========================= Winsock entries ===================================== Catalog5 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation) Catalog5 02 C:\WINDOWS\system32\winrnr.dll [16896] (Microsoft Corporation) Catalog5 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation) Catalog9 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation) Catalog9 02 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation) Catalog9 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation) Catalog9 04 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation) Catalog9 05 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation) Catalog9 06 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation) Catalog9 07 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation) Catalog9 08 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation) Catalog9 09 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation) Catalog9 10 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation) Catalog9 11 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation) Catalog9 12 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation) Catalog9 13 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation) Catalog9 14 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation) Catalog9 15 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation) ========================= Event log errors: =============================== Application errors: ================== Error: (10/31/2014 06:06:01 AM) (Source: ESENT) (User: ) Description: wuaueng.dll (5404) SUS20ClientDataStore: Error -1032 (0xfffffbf8) occurred while opening logfile C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log. Error: (10/31/2014 06:06:01 AM) (Source: ESENT) (User: ) Description: wuauclt (5404) An attempt to open the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log" for read only access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8). Error: (10/31/2014 06:05:51 AM) (Source: ESENT) (User: ) Description: wuaueng.dll (5404) SUS20ClientDataStore: Error -1032 (0xfffffbf8) occurred while opening logfile C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log. Error: (10/31/2014 06:05:51 AM) (Source: ESENT) (User: ) Description: wuauclt (5404) An attempt to open the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log" for read only access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8). Error: (10/31/2014 05:54:32 AM) (Source: ESENT) (User: ) Description: wuaueng.dll (5292) SUS20ClientDataStore: Error -1032 (0xfffffbf8) occurred while opening logfile C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log. Error: (10/31/2014 05:54:32 AM) (Source: ESENT) (User: ) Description: wuauclt (5292) An attempt to open the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log" for read only access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8). Error: (10/31/2014 05:54:22 AM) (Source: ESENT) (User: ) Description: wuaueng.dll (5292) SUS20ClientDataStore: Error -1032 (0xfffffbf8) occurred while opening logfile C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log. Error: (10/31/2014 05:54:22 AM) (Source: ESENT) (User: ) Description: wuauclt (5292) An attempt to open the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log" for read only access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8). Error: (10/31/2014 05:44:36 AM) (Source: ESENT) (User: ) Description: wuaueng.dll (2468) SUS20ClientDataStore: Error -1032 (0xfffffbf8) occurred while opening logfile C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log. Error: (10/31/2014 05:44:36 AM) (Source: ESENT) (User: ) Description: wuauclt (2468) An attempt to open the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8). System errors: ============= Error: (11/04/2014 03:30:13 AM) (Source: Dhcp) (User: ) Description: The IP address lease 192.168.2.2 for the Network Card with network address 0013D4247088 has been denied by the DHCP server 192.168.2.1 (The DHCP Server sent a DHCPNACK message). Error: (11/03/2014 07:13:44 PM) (Source: Service Control Manager) (User: ) Description: Timeout (120000 milliseconds) waiting for a transaction response from the MBAMService service. Error: (11/03/2014 07:11:36 PM) (Source: Service Control Manager) (User: ) Description: The Microsoft Antimalware Service service failed to start due to the following error: %%1053 Error: (11/03/2014 07:11:36 PM) (Source: Service Control Manager) (User: ) Description: Timeout (120000 milliseconds) waiting for the Microsoft Antimalware Service service to connect. Error: (11/03/2014 10:00:53 AM) (Source: Service Control Manager) (User: ) Description: The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. Error: (11/03/2014 10:00:46 AM) (Source: Service Control Manager) (User: ) Description: The Belkin Local Backup Service service terminated unexpectedly. It has done this 1 time(s). Error: (11/03/2014 10:00:46 AM) (Source: Service Control Manager) (User: ) Description: The Belkin Network USB Helper service terminated unexpectedly. It has done this 1 time(s). Error: (11/03/2014 09:57:59 AM) (Source: Service Control Manager) (User: ) Description: The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. Error: (11/03/2014 09:56:52 AM) (Source: Service Control Manager) (User: ) Description: The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. Error: (11/03/2014 09:40:22 AM) (Source: Service Control Manager) (User: ) Description: The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. Microsoft Office Sessions: ========================= Error: (10/31/2014 06:06:01 AM) (Source: ESENT)(User: ) Description: wuaueng.dll5404SUS20ClientDataStore: C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log-1032 (0xfffffbf8) Error: (10/31/2014 06:06:01 AM) (Source: ESENT)(User: ) Description: wuauclt5404C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log-1032 (0xfffffbf8)32 (0x00000020)The process cannot access the file because it is being used by another process. Error: (10/31/2014 06:05:51 AM) (Source: ESENT)(User: ) Description: wuaueng.dll5404SUS20ClientDataStore: C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log-1032 (0xfffffbf8) Error: (10/31/2014 06:05:51 AM) (Source: ESENT)(User: ) Description: wuauclt5404C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log-1032 (0xfffffbf8)32 (0x00000020)The process cannot access the file because it is being used by another process. Error: (10/31/2014 05:54:32 AM) (Source: ESENT)(User: ) Description: wuaueng.dll5292SUS20ClientDataStore: C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log-1032 (0xfffffbf8) Error: (10/31/2014 05:54:32 AM) (Source: ESENT)(User: ) Description: wuauclt5292C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log-1032 (0xfffffbf8)32 (0x00000020)The process cannot access the file because it is being used by another process. Error: (10/31/2014 05:54:22 AM) (Source: ESENT)(User: ) Description: wuaueng.dll5292SUS20ClientDataStore: C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log-1032 (0xfffffbf8) Error: (10/31/2014 05:54:22 AM) (Source: ESENT)(User: ) Description: wuauclt5292C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log-1032 (0xfffffbf8)32 (0x00000020)The process cannot access the file because it is being used by another process. Error: (10/31/2014 05:44:36 AM) (Source: ESENT)(User: ) Description: wuaueng.dll2468SUS20ClientDataStore: C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log-1032 (0xfffffbf8) Error: (10/31/2014 05:44:36 AM) (Source: ESENT)(User: ) Description: wuauclt2468C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log-1032 (0xfffffbf8)32 (0x00000020)The process cannot access the file because it is being used by another process. =========================== Installed Programs ============================ Acrobat.com (Version: 0.0.0) Acrobat.com (Version: 1.1.377) Adobe AIR (Version: 2.7.1.19610) Adobe Flash Player 15 ActiveX (Version: 15.0.0.152) Adobe Flash Player 15 Plugin (Version: 15.0.0.189) Adobe Reader XI (11.0.08) (Version: 11.0.08) Agere Systems PCI Soft Modem AiO_Scan (Version: 47.0.1.000) AiOSoftware (Version: 47.0.1.000) Amazon Kindle BackupManager (Version: 1.00.0000) Belkin Setup and Router Monitor Belkin USB Print and Storage Center (Version: 1.0.0) Blackhawk Striker 2 from Hewlett-Packard Desktops (remove only) Blasterball 2 from Hewlett-Packard Desktops (remove only) Blasterball 2 Holidays from Hewlett-Packard Desktops (remove only) Blasterball 2 Remix from Hewlett-Packard Desktops (remove only) Bounce Symphony from Hewlett-Packard Desktops (remove only) BufferChm (Version: 45.4.157.000) CameraDrivers (Version: 4.5.0.211) CCleaner (Version: 4.19) Chinese Simplified Fonts Support For Adobe Reader 9 (Version: 9.0.0) Comodo Dragon (Version: 33.1.0.0) COMODO Internet Security (Version: 6.1.14723.2813) Copy (Version: 45.4.157.000) CP_AtenaShokunin1Config (Version: 45.4.131.000) cp_dwSharkTaleAlbums1 (Version: 45.4.157.000) cp_dwSharkTaleCards1 (Version: 45.4.157.000) cp_dwShrek2Albums1 (Version: 45.4.157.000) cp_dwShrek2Cards1 (Version: 45.4.157.000) CP_PLSBusinessFlyers (Version: 45.4.157.000) CreativeProjects (Version: 45.4.157.000) CreativeProjectsTemplates (Version: 45.4.157.000) Crystal Maze from Hewlett-Packard Desktops (remove only) CueTour (Version: 45.4.157.000) Destinations (Version: 45.4.157.000) Director (Version: 45.4.157.000) Disk SpeedUp 1.4.0.888 (Version: 1.4.0.888) DocProc (Version: 4.5.0.0) DocumentViewer (Version: 45.4.157.000) Easy Internet Sign-up (Version: FE UI-3.2.0.1491) Enhanced Multimedia Keyboard Solution ERUNT 1.1j ESET Online Scanner v3 Family Tree For Dummies Fax (Version: 47.0.1.000) Final Drive Nitro from Hewlett-Packard Desktops (remove only) GeekBuddy (Version: 4.18.121) Google Toolbar for Internet Explorer GoToMeeting 4.5.0.457 Help and Support Additions (Version: 3.0.5) High Definition Audio Driver Package - KB835221 (Version: 20040219.000000) HP Boot Optimizer (Version: 1.0.2) HP Deskjet Printer Preload (Version: 10.1.0) HP Image Zone 4.8.6 (Version: 4.8.6) HP Image Zone Plus 4.8.6 (Version: 4.8.6) HP Organize HP Photosmart Cameras 4.5 (Version: 4.5) HP Product Assistant (Version: 2.0.0.0) HP Product Detection (Version: 10.7.8.0) HP PSC & OfficeJet 4.7 HP Update (Version: 4.000.012.001) HPIZplus450 (Version: 48.2.6.0) HpSdpAppCoreApp (Version: 3.00.0000) HPSystemDiagnostics (Version: 1.6.0.0) IBM iSeries Access for Windows IBM iSeries Access for Windows SI29771 InstantShare (Version: 45.4.157.000) Intel® Graphics Media Accelerator Driver IntelliMover Data Transfer Demo InterVideo WinDVD Player (Version: 5.0-B11.767) iTunes (Version: 4.7.0.42) Lexibox Deluxe from Hewlett-Packard Desktops (remove only) LS_HSI (Version: 1.4.27.1) Malwarebytes Anti-Malware version 2.0.3.1025 (Version: 2.0.3.1025) Memeo Instant Backup (Version: 4.60.0.7923) Microsoft .NET Framework 1.1 (Version: 1.1.4322) Microsoft .NET Framework 1.1 Security Update (KB2698023) Microsoft .NET Framework 1.1 Security Update (KB2742597) Microsoft .NET Framework 1.1 Security Update (KB979906) Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729) Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729) Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729) Microsoft Access 2000 SR-1 Runtime (Version: 9.00.3821) Microsoft Application Error Reporting (Version: 12.0.6012.5000) Microsoft Automated Troubleshooting Services Shim Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1) Microsoft Download Manager (Version: 1.2.1) Microsoft Internationalized Domain Names Mitigation APIs Microsoft National Language Support Downlevel APIs Microsoft Office File Validation Add-In (Version: 14.0.5130.5003) Microsoft Office Standard Edition 2003 (Version: 11.0.8173.0) Microsoft Plus! Dancer LE (Version: 1.1.0.3522) Microsoft Plus! Digital Media Edition Installer (Version: 1.1.0.3500) Microsoft Plus! Photo Story 2 LE (Version: 1.1.0.3463) Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Works (Version: 08.04.0623) Mozilla Firefox 32.0.3 (x86 en-US) (Version: 32.0.3) Mozilla Maintenance Service (Version: 29.0.1) mp (Version: 05.04.0000) mpmri (Version: 05.04.0000) MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0) MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0) MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0) muvee autoProducer 4.0 (Version: 4.00.050) OpenOffice.org 3.3 (Version: 3.3.9567) Overball from Hewlett-Packard Desktops (remove only) PanoStandAlone (Version: 45.4.157.000) PC-Doctor for Windows (Version: 1.06.005) Phoenix Assault from Hewlett-Packard Desktops (remove only) PhotoGallery (Version: 45.4.157.000) Polar Bowler from Hewlett-Packard Desktops (remove only) Polar Golfer from Hewlett-Packard Desktops (remove only) PrintScreen (Version: 43.1.5.000) PS2 PSPrinters06 (Version: 1.00.0000) Python 2.2 pywin32 extensions (build 203) Python 2.2.3 (Version: 2.2.3) QFolder (Version: 1.00.0000) QuickProjects (Version: 43.1.5.000) QuickTime Readme (Version: 47.0.1.000) RealDownloader (Version: 1.3.3) RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0) RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0) RealPlayer (Version: 16.0.3) RealUpgrade 1.1 (Version: 1.1.0) Remove Microsoft Money 2005 installer Remove Quicken New User Edition installer Remove WeatherBug installer Scan (Version: 4.5.0.0) ScannerCopy (Version: 4.5.0.0) Seagate Dashboard (Version: 1.1.0.1421) Shooting Stars Pool from Hewlett-Packard Desktops (remove only) SkinsHP1 (Version: 45.4.157.000) Slyder from Hewlett-Packard Desktops (remove only) Smart Defrag 2 (Version: 2.0.1) Sonic Express Labeler (Version: 2.0.0) Sonic MyDVD Plus (Version: 6.1.0) Sonic RecordNow Audio (Version: 2.0.0) Sonic RecordNow Copy (Version: 2.0.0) Sonic RecordNow Data (Version: 2.0.0) Super Granny from Hewlett-Packard Desktops (remove only) Tradewinds from Hewlett-Packard Desktops (remove only) TrayApp (Version: 45.4.157.000) Tweaking.com - Windows Repair (All in One) (Version: 1.9.14) Unload (Version: 4.5.0) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1) Update for Windows Internet Explorer 8 (KB976662) (Version: 1) Update for Windows XP (KB2141007) (Version: 1) Update for Windows XP (KB2345886) (Version: 1) Update for Windows XP (KB2467659) (Version: 1) Update for Windows XP (KB2541763) (Version: 1) Update for Windows XP (KB2607712) (Version: 1) Update for Windows XP (KB2616676) (Version: 1) Update for Windows XP (KB2641690) (Version: 1) Update for Windows XP (KB2661254-v2) (Version: 2) Update for Windows XP (KB2718704) (Version: 1) Update for Windows XP (KB2736233) (Version: 1) Update for Windows XP (KB2749655) (Version: 1) Update for Windows XP (KB2863058) (Version: 1) Update for Windows XP (KB2904266) (Version: 1) Update for Windows XP (KB2934207) (Version: 1) Update for Windows XP (KB951072-v2) (Version: 2) Update for Windows XP (KB951978) (Version: 1) Update for Windows XP (KB955759) (Version: 1) Update for Windows XP (KB955839) (Version: 1) Update for Windows XP (KB967715) (Version: 1) Update for Windows XP (KB968389) (Version: 1) Update for Windows XP (KB971029) (Version: 1) Update for Windows XP (KB971737) (Version: 1) Update for Windows XP (KB973687) (Version: 1) Update for Windows XP (KB973815) (Version: 1) Updates from HP Video Mover VS10RuntimeWin32 (Version: 1.0.0) WebFldrs XP (Version: 9.50.7523) WebReg (Version: 45.4.157.000) WildTangent Web Driver Windows Genuine Advantage Validation Tool (KB892130) Windows Internet Explorer 7 (Version: 20070813.185237) Windows Internet Explorer 8 (Version: 20090308.140743) Windows Media Format 11 runtime Windows Media Player 11 Windows PowerShell 1.0 (Version: 2) Windows XP Service Pack 3 (Version: 20080414.031525) ========================= Devices: ================================ Name: 1394 Net Adapter Description: 1394 Net Adapter Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318} Manufacturer: Microsoft Service: NIC1394 Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ========================= Memory info: =================================== Percentage of memory in use: 34% Total physical RAM: 3063.29 MB Available physical RAM: 2010.61 MB Total Pagefile: 3658.9 MB Available Pagefile: 2591.54 MB Total Virtual: 2047.88 MB Available Virtual: 1968.96 MB ========================= Partitions: ===================================== 1 Drive c: (HP_PAVILION) (Fixed) (Total:142.07 GB) (Free:100.43 GB) NTFS 2 Drive d: (HP_RECOVERY) (Fixed) (Total:6.96 GB) (Free:1.27 GB) FAT32 4 Drive f: (USB20FD) (Removable) (Total:7.55 GB) (Free:6.64 GB) FAT32 ========================= Users: ======================================== User accounts for \\MSAIMH002 Administrator Administrator Pam Biomed Guest HelpAssistant HP_Owner SUPPORT_388945a0 SUPPORT_fddfa904 ========================= Minidump Files ================================== No minidump file found ========================= Restore Points ================================== 26-09-2014 16:27:23 Configured Seagate Manager Installer 27-09-2014 16:08:05 System Checkpoint 28-09-2014 18:40:20 System Checkpoint 29-09-2014 19:43:06 System Checkpoint 30-09-2014 22:43:42 System Checkpoint 01-10-2014 23:19:13 Software Distribution Service 3.0 03-10-2014 00:12:29 System Checkpoint 04-10-2014 00:28:46 System Checkpoint 05-10-2014 03:29:15 System Checkpoint 06-10-2014 10:23:10 System Checkpoint 06-10-2014 13:17:35 Logitech Webcam Software v12.10.1110 08-10-2014 10:39:06 System Checkpoint 08-10-2014 17:00:20 Software Distribution Service 3.0 10-10-2014 10:47:36 System Checkpoint 10-10-2014 18:38:43 Installed Microsoft Visual C++ 2005 Redistributable 12-10-2014 10:48:37 System Checkpoint 13-10-2014 11:01:13 System Checkpoint 14-10-2014 11:29:41 System Checkpoint 15-10-2014 12:58:41 System Checkpoint 15-10-2014 17:00:20 Software Distribution Service 3.0 16-10-2014 18:28:20 System Checkpoint 18-10-2014 01:05:20 System Checkpoint 19-10-2014 08:53:40 System Checkpoint 20-10-2014 10:36:44 System Checkpoint 21-10-2014 11:24:15 System Checkpoint 22-10-2014 12:09:58 System Checkpoint 22-10-2014 17:00:22 Software Distribution Service 3.0 23-10-2014 17:09:49 System Checkpoint 24-10-2014 18:09:47 System Checkpoint 25-10-2014 19:09:48 System Checkpoint 26-10-2014 20:09:49 System Checkpoint 27-10-2014 21:09:48 System Checkpoint 28-10-2014 21:16:15 System Checkpoint 29-10-2014 17:01:17 Software Distribution Service 3.0 31-10-2014 23:16:25 System Checkpoint 01-11-2014 23:27:37 System Checkpoint 02-11-2014 23:35:50 System Checkpoint 04-11-2014 00:27:26 System Checkpoint **** End of log ****

Ron what does this mean: How do I inturpret "closed" from "open?" Does "closed" mean that I wouldn't be " on line surfing the web" using firefox?

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 29-10-2014 01 Ran by Biomed at 2014-10-29 11:12:53 Running from C:\Documents and Settings\Biomed\desktop\FRST-OlderVersion Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: COMODO Antivirus (Disabled - Up to date) {043803A5-4F86-4ef7-AFC5-F6E02A79969B} FW: COMODO Firewall (Disabled) {043803A3-4F86-4ef6-AFC5-F6E02A79969B} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated) Acrobat.com (Version: 0.0.0 - Adobe Systems Incorporated) Hidden Adobe AIR (HKLM\...\Adobe AIR) (Version: 2.7.1.19610 - Adobe Systems Incorporated) Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.152 - Adobe Systems Incorporated) Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.189 - Adobe Systems Incorporated) Adobe Reader XI (11.0.08) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated) Agere Systems PCI Soft Modem (HKLM\...\Agere Systems Soft Modem) (Version: - ) AiO_Scan (Version: 47.0.1.000 - Hewlett-Packard) Hidden AiOSoftware (Version: 47.0.1.000 - Hewlett-Packard) Hidden Amazon Kindle (HKLM\...\Amazon Kindle) (Version: - Amazon) BackupManager (HKLM\...\{0B0FABBA-6F8D-4087-B0FB-BF8AB57A0FEF}) (Version: 1.00.0000 - GLi) Belkin Setup and Router Monitor (HKLM\...\Belkin Setup and Router Monitor_is1) (Version: - ) Belkin USB Print and Storage Center (HKLM\...\Belkin USB Print and Storage Center) (Version: 1.0.0 - Belkin International, Inc.) Blackhawk Striker 2 from Hewlett-Packard Desktops (remove only) (HKLM\...\58D1A004-6D3C-480A-9E0D-FAA58F3C2A62) (Version: - ) Blasterball 2 from Hewlett-Packard Desktops (remove only) (HKLM\...\8C4E79CC-03E1-43AA-9910-9A5113F24603) (Version: - ) Blasterball 2 Holidays from Hewlett-Packard Desktops (remove only) (HKLM\...\B41503CB-5FE0-47E0-87C1-47BA8E660BCC) (Version: - ) Blasterball 2 Remix from Hewlett-Packard Desktops (remove only) (HKLM\...\B151D9AC-5E4E-4AD0-96C9-5A6C9EC23502) (Version: - ) Bounce Symphony from Hewlett-Packard Desktops (remove only) (HKLM\...\D11F7128-8CBD-408B-8BF8-034604DEDD42) (Version: - ) BufferChm (Version: 45.4.157.000 - Hewlett-Packard) Hidden CameraDrivers (Version: 4.5.0.211 - Hewlett-Packard) Hidden CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform) Chinese Simplified Fonts Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-2447-0000-900000000003}) (Version: 9.0.0 - Adobe Systems Incorporated) Comodo Dragon (HKLM\...\Comodo Dragon) (Version: 33.1.0.0 - COMODO) COMODO Internet Security (HKLM\...\{F1EC4151-805B-4097-B9BB-7D71A417AAF1}) (Version: 6.1.14723.2813 - COMODO Security Solutions Inc.) Copy (Version: 45.4.157.000 - Hewlett-Packard) Hidden CP_AtenaShokunin1Config (Version: 45.4.131.000 - Hewlett-Packard) Hidden cp_dwSharkTaleAlbums1 (Version: 45.4.157.000 - Hewlett-Packard) Hidden cp_dwSharkTaleCards1 (Version: 45.4.157.000 - Hewlett-Packard) Hidden cp_dwShrek2Albums1 (Version: 45.4.157.000 - Hewlett-Packard) Hidden cp_dwShrek2Cards1 (Version: 45.4.157.000 - Hewlett-Packard) Hidden CP_PLSBusinessFlyers (Version: 45.4.157.000 - Hewlett-Packard) Hidden CreativeProjects (Version: 45.4.157.000 - Hewlett-Packard) Hidden CreativeProjectsTemplates (Version: 45.4.157.000 - Hewlett-Packard) Hidden Crystal Maze from Hewlett-Packard Desktops (remove only) (HKLM\...\DAE7A92A-BAC7-42FA-AC62-53DEF1DC4292) (Version: - ) CueTour (Version: 45.4.157.000 - Hewlett-Packard) Hidden Destinations (Version: 45.4.157.000 - Hewlett-Packard) Hidden Director (Version: 45.4.157.000 - Hewlett-Packard) Hidden Disk SpeedUp 1.4.0.888 (HKLM\...\Disk SpeedUp) (Version: 1.4.0.888 - Glarysoft Ltd) DocProc (Version: 4.5.0.0 - Hewlett-Packard) Hidden DocumentViewer (Version: 45.4.157.000 - Hewlett-Packard) Hidden Easy Internet Sign-up (HKLM\...\InstallShield_{8105684D-8CA6-440D-8F58-7E5FD67A499D}) (Version: FE UI-3.2.0.1491 - Hewlett-Packard) Easy Internet Sign-up (Version: FE UI-3.2.0.1491 - Hewlett-Packard) Hidden Enhanced Multimedia Keyboard Solution (HKLM\...\KBD) (Version: - ) ERUNT 1.1j (HKLM\...\ERUNT_is1) (Version: - Lars Hederer) ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - ) Family Tree For Dummies (HKLM\...\Family Tree For Dummies_is1) (Version: - Anuman Interactive) Fax (Version: 47.0.1.000 - Hewlett-Packard) Hidden Final Drive Nitro from Hewlett-Packard Desktops (remove only) (HKLM\...\741C4983-B139-407A-AD4E-3D6C7B29704B) (Version: - ) GeekBuddy (HKLM\...\{B7A6A044-B9C1-4420-B3F8-5200B523FC84}) (Version: 4.16.114 - Comodo Security Solutions Inc) Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: - ) GoToMeeting 4.5.0.457 (HKCU\...\GoToMeeting) (Version: - ) Help and Support Additions (HKLM\...\Help and Support Additions) (Version: 3.0.5 - Hewlett Packard) High Definition Audio Driver Package - KB835221 (HKLM\...\KB835221WXP) (Version: 20040219.000000 - Microsoft Corporation) HP Boot Optimizer (HKLM\...\{3BA95526-6AE0-4B87-A62D-17187EF565FC}) (Version: 1.0.2 - Hewlett-Packard) HP Deskjet Printer Preload (HKLM\...\{2C5D07FB-31A2-4F2D-9FDA-0B24ACD42BD0}) (Version: 10.1.0 - Hewlett-Packard Company) HP Image Zone 4.8.6 (HKLM\...\HP Photo & Imaging) (Version: 4.8.6 - HP) HP Image Zone Plus 4.8.6 (HKLM\...\{32498B7B-E1F3-4ad5-A23B-F26414E94BE0}) (Version: 4.8.6 - HP) HP Organize (HKLM\...\{D0122362-6333-4DE4-93F6-A5A2F3CC101A}) (Version: - ) HP Photosmart Cameras 4.5 (HKLM\...\{ABA2B37F-AB88-486e-870A-52454A23FEE0}) (Version: 4.5 - HP) HP Product Assistant (Version: 2.0.0.0 - Hewlett-Packard) Hidden HP Product Detection (HKLM\...\{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}) (Version: 10.7.8.0 - Hewlett-Packard Company) HP PSC & OfficeJet 4.7 (HKLM\...\{342C7C88-D335-4bc2-8CF1-281857629CE2}) (Version: - HP) HP Update (HKLM\...\{FE57DE70-95DE-4B64-9266-84DA811053DB}) (Version: 4.000.012.001 - Hewlett-Packard) HPIZplus450 (Version: 48.2.6.0 - Hewlett-Packard) Hidden HpSdpAppCoreApp (Version: 3.00.0000 - Hewlett-Packard) Hidden HPSystemDiagnostics (Version: 1.6.0.0 - Your Company Name) Hidden IBM iSeries Access for Windows (HKLM\...\ClientAccessExpress) (Version: - ) IBM iSeries Access for Windows SI29771 (HKLM\...\ClientAccessExpressSP) (Version: - ) InstantShare (Version: 45.4.157.000 - Hewlett-Packard) Hidden Intel® Graphics Media Accelerator Driver (HKLM\...\{8A708DD8-A5E6-11D4-A706-000629E95E20}) (Version: - ) IntelliMover Data Transfer Demo (HKLM\...\{14589F05-C658-4594-9429-D437BA688686}) (Version: - ) InterVideo WinDVD Player (HKLM\...\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}) (Version: 5.0-B11.767 - InterVideo Inc.) iTunes (HKLM\...\InstallShield_{BE20E2F5-1903-4AAE-B1AF-2046E586C925}) (Version: 4.7.0.42 - Apple Computer, Inc.) iTunes (Version: 4.7.0.42 - Apple Computer, Inc.) Hidden Lexibox Deluxe from Hewlett-Packard Desktops (remove only) (HKLM\...\E2A4EA31-80A1-4460-9510-631AF4D6A636) (Version: - ) LS_HSI (Version: 1.4.27.1 - Integrator) Hidden Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation) Memeo Instant Backup (HKLM\...\{8E666407-AC41-46a2-9692-6C7BFCBFDD37}) (Version: 4.60.0.7923 - Memeo Inc.) Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - ) Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version: - ) Microsoft .NET Framework 1.1 Security Update (KB2742597) (HKLM\...\M2742597) (Version: - ) Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version: - ) Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation) Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation) Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation) Microsoft Access 2000 SR-1 Runtime (HKLM\...\{004F0409-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.3821 - Microsoft Corporation) Microsoft Automated Troubleshooting Services Shim (HKLM\...\{c9920352-04e6-469d-bab8-e2b9c7c75415}.sdb) (Version: - ) Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation) Microsoft Download Manager (HKLM\...\{654977DB-0001-0002-0001-EABD228DDE8B}) (Version: 1.2.1 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Standard Edition 2003 (HKLM\...\{91120409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation) Microsoft Plus! Dancer LE (HKLM\...\{1A103D70-5C9B-4E1A-B306-5106C68F9914}) (Version: 1.1.0.3522 - Microsoft Corporation) Microsoft Plus! Digital Media Edition Installer (HKLM\...\{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}) (Version: 1.1.0.3500 - Microsoft Corporation) Microsoft Plus! Photo Story 2 LE (HKLM\...\{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}) (Version: 1.1.0.3463 - Microsoft Corporation) Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version: - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Works (HKLM\...\{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}) (Version: 08.04.0623 - Microsoft Corporation) Mozilla Firefox 32.0.3 (x86 en-US) (HKLM\...\Mozilla Firefox 32.0.3 (x86 en-US)) (Version: 32.0.3 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) mp (Version: 05.04.0000 - IBM) Hidden mpmri (Version: 05.04.0000 - IBM) Hidden MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) muvee autoProducer 4.0 (HKLM\...\{FC10C922-52E9-4739-ACD0-EB0FF035EE7E}) (Version: 4.00.050 - muvee Technologies) OpenOffice.org 3.3 (HKLM\...\{3E171899-0175-47CC-84C4-562ACDD4C021}) (Version: 3.3.9567 - OpenOffice.org) Overball from Hewlett-Packard Desktops (remove only) (HKLM\...\6723E59E-322A-417A-8E03-27A61E18253C) (Version: - ) PanoStandAlone (Version: 45.4.157.000 - Hewlett-Packard) Hidden PC-Doctor for Windows (HKLM\...\InstallShield_{19C989C4-50AE-43A4-B06E-8C70FFFF852F}) (Version: 1.06.005 - PC-Doctor, Inc.) PC-Doctor for Windows (Version: 1.06.005 - PC-Doctor, Inc.) Hidden Phoenix Assault from Hewlett-Packard Desktops (remove only) (HKLM\...\7CEF0F00-BA1B-4861-A102-38CC86CA622B) (Version: - ) PhotoGallery (Version: 45.4.157.000 - Hewlett-Packard) Hidden Polar Bowler from Hewlett-Packard Desktops (remove only) (HKLM\...\36317AE4-57EC-4F3E-B828-009A3DD96BE8) (Version: - ) Polar Golfer from Hewlett-Packard Desktops (remove only) (HKLM\...\B2D3332F-EA2D-42B3-8E4A-F74D052BCBC1) (Version: - ) PrintScreen (Version: 43.1.5.000 - Hewlett-Packard) Hidden PS2 (HKLM\...\PS2) (Version: - ) PSPrinters06 (Version: 1.00.0000 - HP) Hidden Python 2.2 pywin32 extensions (build 203) (HKLM\...\pywin32-py2.2) (Version: - ) Python 2.2.3 (HKLM\...\Python 2.2.3) (Version: 2.2.3 - PythonLabs at Zope Corporation) QFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden QuickProjects (Version: 43.1.5.000 - Hewlett-Packard) Hidden QuickTime (HKLM\...\QuickTime) (Version: - ) Readme (Version: 47.0.1.000 - Hewlett-Packard) Hidden RealDownloader (Version: 1.3.3 - RealNetworks, Inc.) Hidden RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden RealPlayer (HKLM\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks) RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden Remove Microsoft Money 2005 installer (HKLM\...\Money) (Version: - ) Remove Quicken New User Edition installer (HKLM\...\Quicken_NUE) (Version: - ) Remove WeatherBug installer (HKLM\...\WeatherBug) (Version: - ) Scan (Version: 4.5.0.0 - Hewlett-Packard) Hidden ScannerCopy (Version: 4.5.0.0 - Hewlett-Packard) Hidden Seagate Dashboard (HKLM\...\{C3A11907-930D-41AC-A135-CC3B12F92011}) (Version: 1.1.0.1421 - Memeo Inc.) Shooting Stars Pool from Hewlett-Packard Desktops (remove only) (HKLM\...\14DD9322-0AAE-4DA4-90A9-EB42CF296127) (Version: - ) SkinsHP1 (Version: 45.4.157.000 - Hewlett-Packard) Hidden Slyder from Hewlett-Packard Desktops (remove only) (HKLM\...\C2C3C2DB-7D8A-4E20-B527-E3149FAECC3A) (Version: - ) Smart Defrag 2 (HKLM\...\Smart Defrag 2_is1) (Version: 2.0.1 - IObit) Sonic Express Labeler (HKLM\...\{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}) (Version: 2.0.0 - Sonic Solutions) Sonic MyDVD Plus (HKLM\...\{21657574-BD54-48A2-9450-EB03B2C7FC29}) (Version: 6.1.0 - Sonic Solutions) Sonic RecordNow Audio (HKLM\...\{AB708C9B-97C8-4AC9-899B-DBF226AC9382}) (Version: 2.0.0 - Sonic Solutions) Sonic RecordNow Copy (HKLM\...\{B12665F4-4E93-4AB4-B7FC-37053B524629}) (Version: 2.0.0 - Sonic Solutions) Sonic RecordNow Data (HKLM\...\{075473F5-846A-448B-BCB3-104AA1760205}) (Version: 2.0.0 - Sonic Solutions) Super Granny from Hewlett-Packard Desktops (remove only) (HKLM\...\3F34F72F-9BB0-4B73-8312-558953ACF56F) (Version: - ) Tradewinds from Hewlett-Packard Desktops (remove only) (HKLM\...\F5215F01-DFC0-475D-A910-6F1AF94E807E) (Version: - ) TrayApp (Version: 45.4.157.000 - Hewlett-Packard) Hidden Tweaking.com - Windows Repair (All in One) (HKLM\...\Tweaking.com - Windows Repair (All in One)) (Version: 1.9.14 - Tweaking.com) Unload (Version: 4.5.0 - Hewlett-Packard) Hidden Updates from HP (HKLM\...\BackWeb-309731 Uninstaller) (Version: - ) Video Mover (HKLM\...\Video Mover_is1) (Version: - ) VS10RuntimeWin32 (Version: 1.0.0 - immunet) Hidden WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden WebReg (Version: 45.4.157.000 - Hewlett-Packard) Hidden WildTangent Web Driver (HKLM\...\WildTangent CDA) (Version: - ) Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version: - Microsoft Corporation) Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation) Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - ) Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - ) Windows PowerShell 1.0 (HKLM\...\KB926139-v2) (Version: 2 - Microsoft Corporation) Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-605865402-4069305935-1106247723-1011_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files\Citrix\GoToMeeting\457\G2MOutlookAddin.dll (Citrix Online, a division of Citrix Systems, Inc.) ==================== Restore Points ========================= 26-09-2014 16:27:23 Configured Seagate Manager Installer 27-09-2014 16:08:05 System Checkpoint 28-09-2014 18:40:20 System Checkpoint 29-09-2014 19:43:06 System Checkpoint 30-09-2014 22:43:42 System Checkpoint 01-10-2014 23:19:13 Software Distribution Service 3.0 03-10-2014 00:12:29 System Checkpoint 04-10-2014 00:28:46 System Checkpoint 05-10-2014 03:29:15 System Checkpoint 06-10-2014 10:23:10 System Checkpoint 06-10-2014 13:17:35 Logitech Webcam Software v12.10.1110 08-10-2014 10:39:06 System Checkpoint 08-10-2014 17:00:20 Software Distribution Service 3.0 10-10-2014 10:47:36 System Checkpoint 10-10-2014 18:38:43 Installed Microsoft Visual C++ 2005 Redistributable 12-10-2014 10:48:37 System Checkpoint 13-10-2014 11:01:13 System Checkpoint 14-10-2014 11:29:41 System Checkpoint 15-10-2014 12:58:41 System Checkpoint 15-10-2014 17:00:20 Software Distribution Service 3.0 16-10-2014 18:28:20 System Checkpoint 18-10-2014 01:05:20 System Checkpoint 19-10-2014 08:53:40 System Checkpoint 20-10-2014 10:36:44 System Checkpoint 21-10-2014 11:24:15 System Checkpoint 22-10-2014 12:09:58 System Checkpoint 22-10-2014 17:00:22 Software Distribution Service 3.0 23-10-2014 17:09:49 System Checkpoint 24-10-2014 18:09:47 System Checkpoint 25-10-2014 19:09:48 System Checkpoint 26-10-2014 20:09:49 System Checkpoint 27-10-2014 21:09:48 System Checkpoint 28-10-2014 21:16:15 System Checkpoint ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2004-08-04 07:00 - 2014-05-11 17:59 - 00000741 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9}.job => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe Task: C:\WINDOWS\Tasks\COMODO Scan {141AECDD-A802-44D4-AD26-9AC193B9807D}.job => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe Task: C:\WINDOWS\Tasks\COMODO Scan {4439D323-FD55-4375-BAD7-6EE4D256E847}.job => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe Task: C:\WINDOWS\Tasks\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22}.job => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe Task: C:\WINDOWS\Tasks\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}.job => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe Task: C:\WINDOWS\Tasks\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}.job => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe Task: C:\WINDOWS\Tasks\Defrag.job => C:\Program Files\Glarysoft\Disk SpeedUp\Defrag.exe Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe Task: C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-605865402-4069305935-1106247723-1011.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe Task: C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-605865402-4069305935-1106247723-1011.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe Task: C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-605865402-4069305935-1106247723-1011.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe Task: C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-605865402-4069305935-1106247723-1011.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe Task: C:\WINDOWS\Tasks\ReclaimerUpdateFiles_Biomed.job => C:\Documents and Settings\Biomed\Application Data\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe Task: C:\WINDOWS\Tasks\ReclaimerUpdateXML_Biomed.job => C:\Documents and Settings\Biomed\Application Data\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe Task: C:\WINDOWS\Tasks\RNUpgradeHelperLogonPrompt_Biomed.job => C:\Documents and Settings\Biomed\Application Data\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe ==================== Loaded Modules (whitelisted) ============= 2011-03-06 21:35 - 2010-07-28 18:34 - 00022424 _____ () C:\Program Files\Belkin\Router Setup and Monitor\BelkinServicePS.dll 2011-03-06 21:35 - 2010-02-17 19:25 - 00152064 _____ () C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe 2011-03-06 21:35 - 2010-02-09 16:55 - 00049152 _____ () C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe 2014-05-21 06:22 - 2014-05-21 06:22 - 02135232 _____ () C:\Program Files\Comodo\Dragon\dragon_updater.exe 2013-08-14 15:19 - 2013-08-14 15:19 - 00039056 _____ () C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe 2011-06-01 12:42 - 2011-06-01 12:42 - 00108296 _____ () C:\Program Files\Seagate\Seagate Dashboard\Memeo.Progress.dll 2011-06-01 12:46 - 2011-06-01 12:46 - 00030984 _____ () C:\Program Files\Seagate\Seagate Dashboard\Plugins\Memeo.Dashboard.SeagateSharePlusPlugin.dll 2011-05-04 17:10 - 2011-05-04 17:10 - 00325344 _____ () C:\Program Files\Memeo\AutoBackup\InstantBackup.exe 2011-05-04 17:10 - 2011-05-04 17:10 - 02896608 _____ () C:\Program Files\Memeo\AutoBackup\Memeo.Client.UI.dll 2011-05-04 17:10 - 2011-05-04 17:10 - 00027360 _____ () C:\Program Files\Memeo\AutoBackup\Memeo.Client.DriveDetection.dll 2010-03-22 18:59 - 2010-03-22 18:59 - 00504293 _____ () C:\Program Files\Memeo\AutoBackup\sqlite3.dll 2011-06-01 12:16 - 2011-06-01 12:16 - 00241664 _____ () C:\Program Files\Seagate\Seagate Dashboard\HipServAgent\libupnp.dll 2011-06-01 12:16 - 2011-06-01 12:16 - 00971776 _____ () C:\Program Files\Seagate\Seagate Dashboard\HipServAgent\libxml2.dll 2011-03-06 21:35 - 2010-06-23 19:11 - 00325632 _____ () C:\Program Files\Belkin\Router Setup and Monitor\QtXml4.dll 2011-03-06 21:35 - 2010-06-23 19:11 - 01954304 _____ () C:\Program Files\Belkin\Router Setup and Monitor\QtCore4.dll 2011-03-06 21:35 - 2010-06-23 19:12 - 07187456 _____ () C:\Program Files\Belkin\Router Setup and Monitor\QtGui4.dll 2011-03-06 21:35 - 2010-06-23 19:11 - 00847360 _____ () C:\Program Files\Belkin\Router Setup and Monitor\QtNetwork4.dll 2011-03-06 21:35 - 2010-06-23 18:38 - 00119808 _____ () C:\Program Files\Belkin\Router Setup and Monitor\imageformats\qjpeg4.dll 2011-03-06 21:35 - 2010-02-17 19:25 - 00132096 _____ () C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkLocalBackup.dll 2011-03-06 21:35 - 2010-07-28 18:02 - 00658432 _____ () C:\Program Files\Belkin\Router Setup and Monitor\gateways\GenericBelkinGatewayLOC.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Start GeekBuddy.lnk => C:\WINDOWS\pss\Start GeekBuddy.lnkCommon Startup ========================= Accounts: ========================== Administrator (S-1-5-21-605865402-4069305935-1106247723-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator Administrator Pam (S-1-5-21-605865402-4069305935-1106247723-1013 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator Pam Biomed (S-1-5-21-605865402-4069305935-1106247723-1011 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Biomed Guest (S-1-5-21-605865402-4069305935-1106247723-501 - Limited - Enabled) => %SystemDrive%\Documents and Settings\Guest HelpAssistant (S-1-5-21-605865402-4069305935-1106247723-1008 - Limited - Disabled) HP_Owner (S-1-5-21-605865402-4069305935-1106247723-1009 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\HP_Owner SUPPORT_388945a0 (S-1-5-21-605865402-4069305935-1106247723-1002 - Limited - Disabled) SUPPORT_fddfa904 (S-1-5-21-605865402-4069305935-1106247723-1007 - Limited - Disabled) ==================== Faulty Device Manager Devices ============= Name: 1394 Net Adapter Description: 1394 Net Adapter Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318} Manufacturer: Microsoft Service: NIC1394 Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (10/27/2014 11:41:21 AM) (Source: crypt32) (EventID: 8) (User: ) Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist. Error: (10/27/2014 11:41:20 AM) (Source: crypt32) (EventID: 8) (User: ) Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist. Error: (10/27/2014 11:41:12 AM) (Source: crypt32) (EventID: 8) (User: ) Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist. Error: (10/27/2014 11:41:12 AM) (Source: crypt32) (EventID: 8) (User: ) Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist. Error: (10/27/2014 11:41:10 AM) (Source: crypt32) (EventID: 8) (User: ) Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist. Error: (10/27/2014 11:41:06 AM) (Source: crypt32) (EventID: 8) (User: ) Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist. Error: (10/27/2014 11:41:06 AM) (Source: crypt32) (EventID: 8) (User: ) Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist. Error: (10/27/2014 11:41:04 AM) (Source: crypt32) (EventID: 8) (User: ) Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: A connection with the server could not be established Error: (10/27/2014 11:30:11 AM) (Source: crypt32) (EventID: 8) (User: ) Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist. Error: (10/27/2014 11:30:09 AM) (Source: crypt32) (EventID: 8) (User: ) Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: A connection with the server could not be established System errors: ============= Error: (10/29/2014 10:57:13 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The GeekBuddyRSP Server service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service. Error: (10/27/2014 10:48:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Microsoft Antimalware Service service failed to start due to the following error: %%1053 Error: (10/27/2014 10:48:12 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Timeout (120000 milliseconds) waiting for the Microsoft Antimalware Service service to connect. Error: (10/22/2014 01:02:43 PM) (Source: Windows Update Agent) (EventID: 20) (User: ) Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 1.1 SP1 on Windows XP, Windows Vista, and Windows Server 2008 x86 (KB2833941). Error: (10/21/2014 03:30:19 AM) (Source: Dhcp) (EventID: 1002) (User: ) Description: The IP address lease 192.168.2.2 for the Network Card with network address 0013D4247088 has been denied by the DHCP server 192.168.2.1 (The DHCP Server sent a DHCPNACK message). Error: (10/18/2014 08:08:43 AM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Timeout (120000 milliseconds) waiting for a transaction response from the MBAMService service. Error: (10/18/2014 08:06:34 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Microsoft Antimalware Service service failed to start due to the following error: %%1053 Error: (10/18/2014 08:06:34 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Timeout (120000 milliseconds) waiting for the Microsoft Antimalware Service service to connect. Error: (10/18/2014 07:51:41 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: The server {25637086-A0B4-4181-8307-191B62A805E2} did not register with DCOM within the required timeout. Error: (10/17/2014 07:40:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Microsoft Antimalware Service service failed to start due to the following error: %%1053 Microsoft Office Sessions: ========================= Error: (10/27/2014 11:41:21 AM) (Source: crypt32) (EventID: 8) (User: ) Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis network connection does not exist. Error: (10/27/2014 11:41:20 AM) (Source: crypt32) (EventID: 8) (User: ) Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis network connection does not exist. Error: (10/27/2014 11:41:12 AM) (Source: crypt32) (EventID: 8) (User: ) Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis network connection does not exist. Error: (10/27/2014 11:41:12 AM) (Source: crypt32) (EventID: 8) (User: ) Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis network connection does not exist. Error: (10/27/2014 11:41:10 AM) (Source: crypt32) (EventID: 8) (User: ) Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis network connection does not exist. Error: (10/27/2014 11:41:06 AM) (Source: crypt32) (EventID: 8) (User: ) Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis network connection does not exist. Error: (10/27/2014 11:41:06 AM) (Source: crypt32) (EventID: 8) (User: ) Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis network connection does not exist. Error: (10/27/2014 11:41:04 AM) (Source: crypt32) (EventID: 8) (User: ) Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtA connection with the server could not be established Error: (10/27/2014 11:30:11 AM) (Source: crypt32) (EventID: 8) (User: ) Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis network connection does not exist. Error: (10/27/2014 11:30:09 AM) (Source: crypt32) (EventID: 8) (User: ) Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtA connection with the server could not be established ==================== Memory info =========================== Processor: Intel® Pentium® 4 CPU 2.93GHz Percentage of memory in use: 31% Total physical RAM: 3063.29 MB Available physical RAM: 2105.38 MB Total Pagefile: 3658.9 MB Available Pagefile: 2546.11 MB Total Virtual: 2047.88 MB Available Virtual: 1922.86 MB ================ ==================== End Of Log ============================

Users shortcut scan result (x86) Version: 29-10-2014 01 Ran by Biomed at 2014-10-29 11:14:10 Running from C:\Documents and Settings\Biomed\desktop\FRST-OlderVersion Boot Mode: Normal ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) Shortcut: C:\Documents and Settings\Administrator\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) Shortcut: C:\Documents and Settings\Administrator\Start Menu\Programs\Outlook Express.lnk -> C:\Program Files\Outlook Express\msimn.exe (Microsoft Corporation) Shortcut: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\WKCALREM.LNK -> C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe (Microsoft® Corporation) Shortcut: C:\Documents and Settings\Administrator\Start Menu\Programs\Online Services\Easy Internet Sign-up.lnk -> C:\Program Files\Easy Internet signup\HPSdpApp.exe (Hewlett-Packard) Shortcut: C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories\Address Book.lnk -> C:\Program Files\Outlook Express\wab.exe (Microsoft Corporation) Shortcut: C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\WINDOWS\system32\cmd.exe (Microsoft Corporation) Shortcut: C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories\Notepad.lnk -> C:\WINDOWS\system32\notepad.exe (Microsoft Corporation) Shortcut: C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories\Synchronize.lnk -> C:\WINDOWS\system32\mobsync.exe (Microsoft Corporation) Shortcut: C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories\Tour Windows XP.lnk -> C:\WINDOWS\system32\tourstart.exe (Microsoft Corporation) Shortcut: C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\WINDOWS\explorer.exe (Microsoft Corporation) Shortcut: C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories\Entertainment\RealPlayer.lnk -> C:\Program Files\real\RealPlayer\realplay.exe (RealNetworks, Inc.) Shortcut: C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories\Accessibility\Magnifier.lnk -> C:\WINDOWS\system32\magnify.exe (Microsoft Corporation) Shortcut: C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\WINDOWS\system32\narrator.exe (Microsoft Corporation) Shortcut: C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\WINDOWS\system32\osk.exe (Microsoft Corporation) Shortcut: C:\Documents and Settings\Administrator\My Documents\My Videos\Samples.lnk -> C:\Program Files\muvee Technologies\muvee autoProducer 4.0\Samples () Shortcut: C:\Documents and Settings\Administrator\My Documents\My Pictures\Sample Pictures.lnk -> C:\Documents and Settings\All Users\Documents\My Pictures\Sample Pictures () Shortcut: C:\Documents and Settings\Administrator\My Documents\My Pictures\Samples.lnk -> C:\Program Files\muvee Technologies\muvee autoProducer 4.0\Samples () Shortcut: C:\Documents and Settings\Administrator\My Documents\My Music\Sample Music.lnk -> C:\Documents and Settings\All Users\Documents\My Music\Sample Music () Shortcut: C:\Documents and Settings\Administrator\My Documents\My Music\Samples.lnk -> C:\Program Files\muvee Technologies\muvee autoProducer 4.0\Samples () Shortcut: C:\Documents and Settings\Administrator\Desktop\Microsoft Works.LNK -> C:\Program Files\Microsoft Works\MSWorks.exe (Microsoft® Corporation) Shortcut: C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\iTunes.lnk -> C:\Program Files\iTunes\iTunes.exe (Apple Computer, Inc.) Shortcut: C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) Shortcut: C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\QuickTime Player.lnk -> C:\Program Files\QuickTime\QuickTimePlayer.exe (Apple Computer, Inc.) Shortcut: C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\RealPlayer.lnk -> C:\Program Files\real\RealPlayer\realplay.exe (RealNetworks, Inc.) Shortcut: C:\Documents and Settings\Administrator Pam\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) Shortcut: C:\Documents and Settings\Administrator Pam\Start Menu\Programs\Outlook Express.lnk -> C:\Program Files\Outlook Express\msimn.exe (Microsoft Corporation) Shortcut: C:\Documents and Settings\Administrator Pam\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe () Shortcut: C:\Documents and Settings\Administrator Pam\Start Menu\Programs\Online Services\Easy Internet Sign-up.lnk -> C:\Program Files\Easy Internet signup\HPSdpApp.exe (Hewlett-Packard) Shortcut: C:\Documents and Settings\Administrator Pam\Start Menu\Programs\Accessories\Address Book.lnk -> C:\Program Files\Outlook Express\wab.exe (Microsoft Corporation) Shortcut: C:\Documents and Settings\Administrator Pam\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\WINDOWS\system32\cmd.exe (Microsoft Corporation) Shortcut: C:\Documents and Settings\Administrator Pam\Start Menu\Programs\Accessories\Notepad.lnk -> C:\WINDOWS\system32\notepad.exe (Microsoft Corporation) Shortcut: C:\Documents and Settings\Administrator Pam\Start Menu\Programs\Accessories\Synchronize.lnk -> C:\WINDOWS\system32\mobsync.exe (Microsoft Corporation) Shortcut: C:\Documents and Settings\Administrator Pam\Start Menu\Programs\Accessories\Tour Windows XP.lnk -> C:\WINDOWS\system32\tourstart.exe (Microsoft Corporation) Shortcut: C:\Documents and Settings\Administrator Pam\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\WINDOWS\explorer.exe (Microsoft Corporation) Shortcut: C:\Documents and Settings\Administrator Pam\Start Menu\Programs\Accessories\Entertainment\RealPlayer.lnk -> C:\Program Files\real\RealPlayer\realplay.exe (RealNetworks, Inc.) Shortcut: C:\Documents and Settings\Administrator Pam\Start Menu\Programs\Accessories\Accessibility\Magnifier.lnk -> C:\WINDOWS\system32\magnify.exe (Microsoft Corporation) Shortcut: C:\Documents and Settings\Administrator Pam\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\WINDOWS\system32\narrator.exe (Microsoft Corporation) Shortcut: C:\Documents and Settings\Administrator Pam\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\WINDOWS\system32\osk.exe (Microsoft Corporation) Shortcut: C:\Documents and Settings\Administrator Pam\My Documents\My Videos\Samples.lnk -> C:\Program Files\muvee Technologies\muvee autoProducer 4.0\Samples () Shortcut: C:\Documents and Settings\Administrator Pam\My Documents\My Pictures\Sample Pictures.lnk -> C:\Documents and Settings\All Users\Documents\My Pictures\Sample Pictures () Shortcut: C:\Documents and Settings\Administrator Pam\My Documents\My Pictures\Samples.lnk -> C:\Program Files\muvee Technologies\muvee autoProducer 4.0\Samples () Shortcut: C:\Documents and Settings\Administrator Pam\My Documents\My Music\Sample Music.lnk -> C:\Documents and Settings\All Users\Documents\My Music\Sample Music () Shortcut: C:\Documents and Settings\Administrator Pam\My Documents\My Music\Samples.lnk -> C:\Program Files\muvee Technologies\muvee autoProducer 4.0\Samples () Shortcut: C:\Documents and Settings\Administrator Pam\Desktop\Shortcut to mspaint.exe.lnk -> C:\WINDOWS\system32\mspaint.exe (Microsoft Corporation) Shortcut: C:\Documents and Settings\Administrator Pam\Application Data\Microsoft\Internet Explorer\Quick Launch\iTunes.lnk -> C:\Program Files\iTunes\iTunes.exe (Apple Computer, Inc.) Shortcut: C:\Documents and Settings\Administrator Pam\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) Shortcut: C:\Documents and Settings\Administrator Pam\Application Data\Microsoft\Internet Explorer\Quick Launch\QuickTime Player.lnk -> C:\Program Files\QuickTime\QuickTimePlayer.exe (Apple Computer, Inc.) Shortcut: C:\Documents and Settings\Administrator Pam\Application Data\Microsoft\Internet Explorer\Quick Launch\RealPlayer.lnk -> C:\Program Files\real\RealPlayer\realplay.exe (RealNetworks, Inc.) Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk -> C:\WINDOWS\Installer\{AC76BA86-7AD7-1033-7B44-AB0000000001}\SC_Reader.ico () Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Windows PowerShell 1.0\Getting Started.lnk -> C:\WINDOWS\system32\windowspowershell\v1.0\gettingstarted.rtf () Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Windows PowerShell 1.0\Quick Reference.lnk -> C:\WINDOWS\system32\windowspowershell\v1.0\quadfold.rtf () Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Windows PowerShell 1.0\Release Notes.lnk -> C:\WINDOWS\system32\windowspowershell\v1.0\releasenotes.rtf () Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Windows PowerShell 1.0\User Guide.lnk -> C:\WINDOWS\system32\windowspowershell\v1.0\userguide.rtf () Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Windows PowerShell 1.0\Windows PowerShell.lnk -> C:\WINDOWS\system32\windowspowershell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Tweaking.com\Windows Repair (All in One)\Tweaking.com - Registry Backup.lnk -> C:\Program Files\Tweaking.com\Windows Repair (All in One)\files\registry_backup_tool\TweakingRegistryBackup.exe (Tweaking.com) Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Tweaking.com\Windows Repair (All in One)\Tweaking.com - Windows Repair (All in One).lnk -> C:\Program Files\Tweaking.com\Windows Repair (All in One)\Repair_Windows.exe (Tweaking.com) Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Seagate Dashboard\Seagate Dashboard.lnk -> C:\Program Files\Seagate\Seagate Dashboard\MemeoLauncher.exe () Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\RealNetworks\RealDownloader.lnk -> C:\WINDOWS\Installer\{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}\recordingmanager.exe (RealNetworks, Inc.) Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\OpenOffice.org 3.3\OpenOffice.org Base.lnk -> C:\Program Files\OpenOffice.org 3\program\sbase.exe (OpenOffice.org) Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\OpenOffice.org 3.3\OpenOffice.org Calc.lnk -> C:\Program Files\OpenOffice.org 3\program\scalc.exe (OpenOffice.org) Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\OpenOffice.org 3.3\OpenOffice.org Draw.lnk -> C:\Program Files\OpenOffice.org 3\program\sdraw.exe (OpenOffice.org) Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\OpenOffice.org 3.3\OpenOffice.org Impress.lnk -> C:\Program Files\OpenOffice.org 3\program\simpress.exe (OpenOffice.org) Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\OpenOffice.org 3.3\OpenOffice.org Math.lnk -> C:\Program Files\OpenOffice.org 3\program\smath.exe (OpenOffice.org) Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\OpenOffice.org 3.3\OpenOffice.org Writer.lnk -> C:\Program Files\OpenOffice.org 3\program\swriter.exe (OpenOffice.org) Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\OpenOffice.org 3.3\OpenOffice.org.lnk -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org) Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Download Manager\Microsoft Download Manager.lnk -> C:\WINDOWS\Installer\{654977DB-0001-0002-0001-EABD228DDE8B}\DMClient.ico () Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Memeo\Memeo Instant Backup.lnk -> C:\Program Files\Memeo\AutoBackup\MemeoLauncher2.exe (Memeo Inc.) Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk -> C:\Program Files\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation) Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware\Uninstall Malwarebytes Anti-Malware.lnk -> C:\Program Files\Malwarebytes Anti-Malware\unins000.exe () Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk -> C:\Program Files\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm () Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\ERUNT\Documentation.lnk -> C:\Program Files\ERUNT\README.TXT () Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\ERUNT\ERUNT Homepage.lnk -> C:\Program Files\ERUNT\ERUNT.URL () Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\ERUNT\ERUNT.lnk -> C:\Program Files\ERUNT\ERUNT.EXE () Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\ERUNT\NTREGOPT.lnk -> C:\Program Files\ERUNT\NTREGOPT.EXE () Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\ERUNT\Uninstall ERUNT.lnk -> C:\Program Files\ERUNT\unins000.exe () Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Comodo\Dragon\Comodo Dragon.lnk -> C:\Program Files\Comodo\Dragon\dragon.exe (Comodo) Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Comodo\Dragon\Uninstall Comodo Dragon.lnk -> C:\Program Files\Comodo\Dragon\uninstall.exe (COMODO) Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\CCleaner\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd) Shortcut: C:\Documents and Settings\All Users\Desktop\Adobe Reader XI.lnk -> C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe (Adobe Systems Incorporated) Shortcut: C:\Documents and Settings\All Users\Desktop\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd) Shortcut: C:\Documents and Settings\All Users\Desktop\Comodo Dragon.lnk -> C:\Program Files\Comodo\Dragon\dragon.exe (Comodo) Shortcut: C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk -> C:\Program Files\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation) Shortcut: C:\Documents and Settings\All Users\Desktop\Microsoft Download Manager.lnk -> C:\WINDOWS\Installer\{654977DB-0001-0002-0001-EABD228DDE8B}\DMClient.ico () Shortcut: C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) Shortcut: C:\Documents and Settings\All Users\Desktop\OpenOffice.org 3.3.lnk -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org) Shortcut: C:\Documents and Settings\All Users\Desktop\Seagate Dashboard.lnk -> C:\Program Files\Seagate\Seagate Dashboard\MemeoLauncher.exe () Shortcut: C:\Documents and Settings\All Users\Desktop\Shared Space.lnk -> C:\Documents and Settings\All Users\Application Data\Shared Space () Shortcut: C:\Documents and Settings\All Users\Desktop\Virtual Comodo Dragon.lnk -> C:\Program Files\Comodo\Dragon\virtual_mode_helper.exe () Shortcut: C:\Documents and Settings\Biomed\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) Shortcut: C:\Documents and Settings\Biomed\Start Menu\Programs\Outlook Express.lnk -> C:\Program Files\Outlook Express\msimn.exe (Microsoft Corporation) Shortcut: C:\Documents and Settings\Biomed\Start Menu\Programs\Online Services\Easy Internet Sign-up.lnk -> C:\Program Files\Easy Internet signup\HPSdpApp.exe (Hewlett-Packard) Shortcut: C:\Documents and Settings\Biomed\Start Menu\Programs\Glarysoft\Disk SpeedUp\Disk SpeedUp.lnk -> C:\Program Files\Glarysoft\Disk SpeedUp\Defrag.exe (Glarysoft Ltd) Shortcut: C:\Documents and Settings\Biomed\Start Menu\Programs\Glarysoft\Disk SpeedUp\Uninstall.lnk -> C:\Program Files\Glarysoft\Disk SpeedUp\uninst.exe () Shortcut: C:\Documents and Settings\Biomed\Start Menu\Programs\Glarysoft\Disk SpeedUp\Website.lnk -> C:\Program Files\Glarysoft\Disk SpeedUp\Disk SpeedUp.url () Shortcut: C:\Documents and Settings\Biomed\Start Menu\Programs\CCleaner\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd) Shortcut: C:\Documents and Settings\Biomed\Start Menu\Programs\Anuman Interactive\Genealogie\Wizard.lnk -> C:\Anuman Interactive\Family Tree For Dummies\Wizard.vig () Shortcut: C:\Documents and Settings\Biomed\Start Menu\Programs\Amazon\Amazon Kindle\Kindle.lnk -> C:\Program Files\Amazon\Kindle\Kindle.exe (Amazon.com) Shortcut: C:\Documents and Settings\Biomed\Start Menu\Programs\Amazon\Amazon Kindle\Uninstall Kindle.lnk -> C:\Program Files\Amazon\Kindle\uninstall.exe (Amazon.com) Shortcut: C:\Documents and Settings\Biomed\Start Menu\Programs\Accessories\Address Book.lnk -> C:\Program Files\Outlook Express\wab.exe (Microsoft Corporation) Shortcut: C:\Documents and Settings\Biomed\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\WINDOWS\system32\cmd.exe (Microsoft Corporation) Shortcut: C:\Documents and Settings\Biomed\Start Menu\Programs\Accessories\Notepad.lnk -> C:\WINDOWS\system32\notepad.exe (Microsoft Corporation) Shortcut: C:\Documents and Settings\Biomed\Start Menu\Programs\Accessories\Synchronize.lnk -> C:\WINDOWS\system32\mobsync.exe (Microsoft Corporation) Shortcut: C:\Documents and Settings\Biomed\Start Menu\Programs\Accessories\Tour Windows XP.lnk -> C:\WINDOWS\system32\tourstart.exe (Microsoft Corporation) Shortcut: C:\Documents and Settings\Biomed\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\WINDOWS\explorer.exe (Microsoft Corporation) Shortcut: C:\Documents and Settings\Biomed\Start Menu\Programs\Accessories\Accessibility\Magnifier.lnk -> C:\WINDOWS\system32\magnify.exe (Microsoft Corporation) Shortcut: C:\Documents and Settings\Biomed\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\WINDOWS\system32\narrator.exe (Microsoft Corporation) Shortcut: C:\Documents and Settings\Biomed\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\WINDOWS\system32\osk.exe (Microsoft Corporation) Shortcut: C:\Documents and Settings\Biomed\NetHood\SharedDocs on Pam (Msaimh002)\target.lnk -> \\MSAIMH002\SharedDocs () Shortcut: C:\Documents and Settings\Biomed\NetHood\MBAM info on Msaimh002\target.lnk -> \\MSAIMH002\MBAM info () Shortcut: C:\Documents and Settings\Biomed\My Documents\My Videos\Samples.lnk -> C:\Program Files\muvee Technologies\muvee autoProducer 4.0\Samples () Shortcut: C:\Documents and Settings\Biomed\My Documents\My Pictures\Sample Pictures.lnk -> C:\Documents and Settings\All Users\Documents\My Pictures\Sample Pictures () Shortcut: C:\Documents and Settings\Biomed\My Documents\My Pictures\Samples.lnk -> C:\Program Files\muvee Technologies\muvee autoProducer 4.0\Samples () Shortcut: C:\Documents and Settings\Biomed\My Documents\My Music\Sample Music.lnk -> C:\Documents and Settings\All Users\Documents\My Music\Sample Music () Shortcut: C:\Documents and Settings\Biomed\My Documents\My Music\Samples.lnk -> C:\Program Files\muvee Technologies\muvee autoProducer 4.0\Samples () Shortcut: C:\Documents and Settings\Biomed\My Documents\Downloads\Shortcut to mbam-setup-1.51.0.1200.exe.lnk -> C:\Documents and Settings\Biomed\My Documents\Downloads\mbam-setup-1.51.0.1200.exe (No File) Shortcut: C:\Documents and Settings\Biomed\desktop\Calculator.lnk -> C:\WINDOWS\system32\calc.exe (Microsoft Corporation) Shortcut: C:\Documents and Settings\Biomed\desktop\Disk SpeedUp.lnk -> C:\Program Files\Glarysoft\Disk SpeedUp\Defrag.exe (Glarysoft Ltd) Shortcut: C:\Documents and Settings\Biomed\desktop\ERUNT.lnk -> C:\Program Files\ERUNT\ERUNT.EXE () Shortcut: C:\Documents and Settings\Biomed\desktop\Family Tree For Dummies.lnk -> C:\Program Files\Anuman Interactive\Family Tree For Dummies\genealogy.exe () Shortcut: C:\Documents and Settings\Biomed\desktop\Kindle.lnk -> C:\Program Files\Amazon\Kindle\Kindle.exe (Amazon.com) Shortcut: C:\Documents and Settings\Biomed\desktop\Microsoft Works.LNK -> C:\Program Files\Microsoft Works\MSWorks.exe (Microsoft® Corporation) Shortcut: C:\Documents and Settings\Biomed\desktop\Shortcut (2) to Downloads.lnk -> C:\Documents and Settings\Biomed\My Documents\Downloads () Shortcut: C:\Documents and Settings\Biomed\desktop\Shortcut to Belkin Help.pdf.lnk -> C:\Program Files\Belkin\Router Setup and Monitor\help\Belkin Help.pdf () Shortcut: C:\Documents and Settings\Biomed\desktop\Shortcut to ComodoLogsFolder.lnk -> C:\Documents and Settings\Biomed\Local Settings\temp\ComodoLogsFolder (No File) Shortcut: C:\Documents and Settings\Biomed\desktop\Shortcut to Downloads.lnk -> C:\Documents and Settings\Biomed\My Documents\Downloads () Shortcut: C:\Documents and Settings\Biomed\desktop\Tweaking.com - Windows Repair (All in One).lnk -> C:\Program Files\Tweaking.com\Windows Repair (All in One)\Repair_Windows.exe (Tweaking.com) Shortcut: C:\Documents and Settings\Biomed\desktop\Pam\Shortcut to Skybird.jpg.lnk -> C:\Documents and Settings\Biomed\desktop\Pam\Screen Savers\Skybird.jpg () Shortcut: C:\Documents and Settings\Biomed\desktop\for malwarebytes\Shortcut (3) to ErrorLogs.lnk -> C:\Documents and Settings\Default User\Application Data\Real\RealPlayer\ErrorLogs () Shortcut: C:\Documents and Settings\Biomed\desktop\for malwarebytes\Shortcut to CCE_20140509_103036.txt.lnk -> C:\Documents and Settings\Biomed\Application Data\Comodo\CCE\Logs\CCE_20140509_103036.txt (No File) Shortcut: C:\Documents and Settings\Biomed\desktop\David's\Shortcut to Mrs. Wilson photo.JPG.lnk -> C:\Documents and Settings\Biomed\My Documents\Downloads\Mrs. Wilson photo.JPG () Shortcut: C:\Documents and Settings\Biomed\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) Shortcut: C:\Documents and Settings\Default User\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) Shortcut: C:\Documents and Settings\Default User\Start Menu\Programs\Outlook Express.lnk -> C:\Program Files\Outlook Express\msimn.exe (Microsoft Corporation) Shortcut: C:\Documents and Settings\Default User\Start Menu\Programs\Online Services\Easy Internet Sign-up.lnk -> C:\Program Files\Easy Internet signup\HPSdpApp.exe (Hewlett-Packard) Shortcut: C:\Documents and Settings\Default User\Start Menu\Programs\Accessories\Address Book.lnk -> C:\Program Files\Outlook Express\wab.exe (Microsoft Corporation) Shortcut: C:\Documents and Settings\Default User\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\WINDOWS\system32\cmd.exe (Microsoft Corporation) Shortcut: C:\Documents and Settings\Default User\Start Menu\Programs\Accessories\Notepad.lnk -> C:\WINDOWS\system32\notepad.exe (Microsoft Corporation) Shortcut: C:\Documents and Settings\Default User\Start Menu\Programs\Accessories\Synchronize.lnk -> C:\WINDOWS\system32\mobsync.exe (Microsoft Corporation) Shortcut: C:\Documents and Settings\Default User\Start Menu\Programs\Accessories\Tour Windows XP.lnk -> C:\WINDOWS\system32\tourstart.exe (Microsoft Corporation) Shortcut: C:\Documents and Settings\Default User\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\WINDOWS\explorer.exe (Microsoft Corporation) Shortcut: C:\Documents and Settings\Default User\Start Menu\Programs\Accessories\Entertainment\RealPlayer.lnk -> C:\Program Files\real\RealPlayer\realplay.exe (RealNetworks, Inc.) Shortcut: C:\Documents and Settings\Default User\Start Menu\Programs\Accessories\Accessibility\Magnifier.lnk -> C:\WINDOWS\system32\magnify.exe (Microsoft Corporation) Shortcut: C:\Documents and Settings\Default User\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\WINDOWS\system32\narrator.exe (Microsoft Corporation) Shortcut: C:\Documents and Settings\Default User\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\WINDOWS\system32\osk.exe (Microsoft Corporation) Shortcut: C:\Documents and Settings\Default User\My Documents\My Videos\Samples.lnk -> C:\Program Files\muvee Technologies\muvee autoProducer 4.0\Samples () Shortcut: C:\Documents and Settings\Default User\My Documents\My Pictures\Sample Pictures.lnk -> C:\Documents and Settings\All Users\Documents\My Pictures\Sample Pictures () Shortcut: C:\Documents and Settings\Default User\My Documents\My Pictures\Samples.lnk -> C:\Program Files\muvee Technologies\muvee autoProducer 4.0\Samples () Shortcut: C:\Documents and Settings\Default User\My Documents\My Music\Sample Music.lnk -> C:\Documents and Settings\All Users\Documents\My Music\Sample Music () Shortcut: C:\Documents and Settings\Default User\My Documents\My Music\Samples.lnk -> C:\Program Files\muvee Technologies\muvee autoProducer 4.0\Samples () Shortcut: C:\Documents and Settings\Default User\Application Data\Microsoft\Internet Explorer\Quick Launch\iTunes.lnk -> C:\Program Files\iTunes\iTunes.exe (Apple Computer, Inc.) Shortcut: C:\Documents and Settings\Default User\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) Shortcut: C:\Documents and Settings\Default User\Application Data\Microsoft\Internet Explorer\Quick Launch\QuickTime Player.lnk -> C:\Program Files\QuickTime\QuickTimePlayer.exe (Apple Computer, Inc.) Shortcut: C:\Documents and Settings\Default User\Application Data\Microsoft\Internet Explorer\Quick Launch\RealPlayer.lnk -> C:\Program Files\real\RealPlayer\realplay.exe (RealNetworks, Inc.) Shortcut: C:\Documents and Settings\Guest\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) Shortcut: C:\Documents and Settings\Guest\Start Menu\Programs\Outlook Express.lnk -> C:\Program Files\Outlook Express\msimn.exe (Microsoft Corporation) Shortcut: C:\Documents and Settings\Guest\Start Menu\Programs\Online Services\Easy Internet Sign-up.lnk -> C:\Program Files\Easy Internet signup\HPSdpApp.exe (Hewlett-Packard) Shortcut: C:\Documents and Settings\Guest\Start Menu\Programs\Accessories\Address Book.lnk -> C:\Program Files\Outlook Express\wab.exe (Microsoft Corporation) Shortcut: C:\Documents and Settings\Guest\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\WINDOWS\system32\cmd.exe (Microsoft Corporation) Shortcut: C:\Documents and Settings\Guest\Start Menu\Programs\Accessories\Notepad.lnk -> C:\WINDOWS\system32\notepad.exe (Microsoft Corporation) Shortcut: C:\Documents and Settings\Guest\Start Menu\Programs\Accessories\Synchronize.lnk -> C:\WINDOWS\system32\mobsync.exe (Microsoft Corporation) Shortcut: C:\Documents and Settings\Guest\Start Menu\Programs\Accessories\Tour Windows XP.lnk -> C:\WINDOWS\system32\tourstart.exe (Microsoft Corporation) Shortcut: C:\Documents and Settings\Guest\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\WINDOWS\explorer.exe (Microsoft Corporation) Shortcut: C:\Documents and Settings\Guest\Start Menu\Programs\Accessories\Entertainment\RealPlayer.lnk -> C:\Program Files\real\RealPlayer\realplay.exe (RealNetworks, Inc.) Shortcut: C:\Documents and Settings\Guest\Start Menu\Programs\Accessories\Accessibility\Magnifier.lnk -> C:\WINDOWS\system32\magnify.exe (Microsoft Corporation) Shortcut: C:\Documents and Settings\Guest\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\WINDOWS\system32\narrator.exe (Microsoft Corporation) Shortcut: C:\Documents and Settings\Guest\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\WINDOWS\system32\osk.exe (Microsoft Corporation) Shortcut: C:\Documents and Settings\Guest\My Documents\My Videos\Samples.lnk -> C:\Program Files\muvee Technologies\muvee autoProducer 4.0\Samples () Shortcut: C:\Documents and Settings\Guest\My Documents\My Pictures\Sample Pictures.lnk -> C:\Documents and Settings\All Users\Documents\My Pictures\Sample Pictures () Shortcut: C:\Documents and Settings\Guest\My Documents\My Pictures\Samples.lnk -> C:\Program Files\muvee Technologies\muvee autoProducer 4.0\Samples () Shortcut: C:\Documents and Settings\Guest\My Documents\My Music\Sample Music.lnk -> C:\Documents and Settings\All Users\Documents\My Music\Sample Music () Shortcut: C:\Documents and Settings\Guest\My Documents\My Music\Samples.lnk -> C:\Program Files\muvee Technologies\muvee autoProducer 4.0\Samples () Shortcut: C:\Documents and Settings\Guest\Application Data\Microsoft\Internet Explorer\Quick Launch\iTunes.lnk -> C:\Program Files\iTunes\iTunes.exe (Apple Computer, Inc.) Shortcut: C:\Documents and Settings\Guest\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) Shortcut: C:\Documents and Settings\Guest\Application Data\Microsoft\Internet Explorer\Quick Launch\QuickTime Player.lnk -> C:\Program Files\QuickTime\QuickTimePlayer.exe (Apple Computer, Inc.) Shortcut: C:\Documents and Settings\Guest\Application Data\Microsoft\Internet Explorer\Quick Launch\RealPlayer.lnk -> C:\Program Files\real\RealPlayer\realplay.exe (RealNetworks, Inc.) Shortcut: C:\Documents and Settings\LocalService\Start Menu\Programs\Accessories\Synchronize.lnk -> C:\WINDOWS\system32\mobsync.exe (Microsoft Corporation) ShortcutWithArgument: C:\Documents and Settings\Administrator\Start Menu\Programs\Install Microsoft Money 2005.lnk -> C:\hp\bin\cloaker.exe (Hewlett-Packard Co.) -> c:\hp\bin\commands /ww /lw:c:\hp\bin\IFC\Money\lg.ini cmd /c c:\hp\bin\IFC\ifc.cmd c:\hp\recovery\links\apprec.lnk ShortcutWithArgument: C:\Documents and Settings\Administrator\Start Menu\Programs\Install WeatherBug.lnk -> C:\hp\bin\cloaker.exe (Hewlett-Packard Co.) -> c:\hp\bin\commands /ww /lw:c:\hp\bin\IFC\WeatherBug\lg.ini cmd /c c:\hp\bin\IFC\ifc.cmd c:\hp\recovery\links\apprec.lnk ShortcutWithArgument: C:\Documents and Settings\Administrator\Start Menu\Programs\Remote Assistance.lnk -> C:\WINDOWS\system32\rcimlby.exe (Microsoft Corporation) -> -LaunchRA ShortcutWithArgument: C:\Documents and Settings\Administrator\Start Menu\Programs\Quicken\Install Quicken New User Edition.lnk -> C:\hp\bin\cloaker.exe (Hewlett-Packard Co.) -> c:\hp\bin\commands /ww /lw:c:\hp\bin\IFC\Quicken_NUE\lg.ini cmd /c c:\hp\bin\IFC\ifc.cmd c:\hp\recovery\links\apprec.lnk ShortcutWithArgument: C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories\Accessibility\Utility Manager.lnk -> C:\WINDOWS\system32\utilman.exe (Microsoft Corporation) -> /start ShortcutWithArgument: C:\Documents and Settings\Administrator\Desktop\Help and Support.lnk -> C:\WINDOWS\pchealth\helpctr\binaries\helpctr.exe (Microsoft Corporation) -> /mode hcp://system/panels/HSCFullScreen.xml /url hcp://services/centers/homepage ShortcutWithArgument: C:\Documents and Settings\Administrator Pam\Start Menu\Programs\Install Microsoft Money 2005.lnk -> C:\hp\bin\cloaker.exe (Hewlett-Packard Co.) -> c:\hp\bin\commands /ww /lw:c:\hp\bin\IFC\Money\lg.ini cmd /c c:\hp\bin\IFC\ifc.cmd c:\hp\recovery\links\apprec.lnk ShortcutWithArgument: C:\Documents and Settings\Administrator Pam\Start Menu\Programs\Install WeatherBug.lnk -> C:\hp\bin\cloaker.exe (Hewlett-Packard Co.) -> c:\hp\bin\commands /ww /lw:c:\hp\bin\IFC\WeatherBug\lg.ini cmd /c c:\hp\bin\IFC\ifc.cmd c:\hp\recovery\links\apprec.lnk ShortcutWithArgument: C:\Documents and Settings\Administrator Pam\Start Menu\Programs\Remote Assistance.lnk -> C:\WINDOWS\system32\rcimlby.exe (Microsoft Corporation) -> -LaunchRA ShortcutWithArgument: C:\Documents and Settings\Administrator Pam\Start Menu\Programs\Windows Media Player.lnk -> C:\Program Files\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1 ShortcutWithArgument: C:\Documents and Settings\Administrator Pam\Start Menu\Programs\Quicken\Install Quicken New User Edition.lnk -> C:\hp\bin\cloaker.exe (Hewlett-Packard Co.) -> c:\hp\bin\commands /ww /lw:c:\hp\bin\IFC\Quicken_NUE\lg.ini cmd /c c:\hp\bin\IFC\ifc.cmd c:\hp\recovery\links\apprec.lnk ShortcutWithArgument: C:\Documents and Settings\Administrator Pam\Start Menu\Programs\Accessories\Accessibility\Utility Manager.lnk -> C:\WINDOWS\system32\utilman.exe (Microsoft Corporation) -> /start ShortcutWithArgument: C:\Documents and Settings\Administrator Pam\Desktop\Help and Support.lnk -> C:\WINDOWS\pchealth\helpctr\binaries\helpctr.exe (Microsoft Corporation) -> /mode hcp://system/panels/HSCFullScreen.xml /url hcp://services/centers/homepage ShortcutWithArgument: C:\Documents and Settings\All Users\Start Menu\Programs\Tweaking.com\Windows Repair (All in One)\Uninstall Tweaking.com - Windows Repair (All in One).lnk -> C:\Program Files\Tweaking.com\Windows Repair (All in One)\uninstall.exe (Indigo Rose Corporation) -> "/U:C:\Program Files\Tweaking.com\Windows Repair (All in One)\Uninstall\uninstall.xml" ShortcutWithArgument: C:\Documents and Settings\All Users\Start Menu\Programs\RealNetworks\RealPlayer Converter.lnk -> C:\Program Files\real\realplayer\realconverter.exe (RealNetworks, Inc.) -> /launch:start_menu ShortcutWithArgument: C:\Documents and Settings\All Users\Start Menu\Programs\RealNetworks\RealPlayer Trimmer.lnk -> C:\Program Files\real\realplayer\realtrimmer.exe (RealNetworks, Inc.) -> /launch:start_menu ShortcutWithArgument: C:\Documents and Settings\All Users\Start Menu\Programs\RealNetworks\RealPlayer.lnk -> C:\Program Files\real\realplayer\realplay.exe (RealNetworks, Inc.) -> /launch:start_menu ShortcutWithArgument: C:\Documents and Settings\All Users\Start Menu\Programs\Comodo\GeekBuddy\GeekBuddy.lnk -> C:\Program Files\Comodo\GeekBuddy\launcher.exe (Comodo Security Solutions, Inc.) -> "unit_manager.exe" "lps-ca" ShortcutWithArgument: C:\Documents and Settings\All Users\Start Menu\Programs\Comodo\COMODO Internet Security\Add and Remove components.lnk -> C:\WINDOWS\system32\msiexec.exe (Microsoft Corporation) -> /I{F1EC4151-805B-4097-B9BB-7D71A417AAF1} ShortcutWithArgument: C:\Documents and Settings\All Users\Start Menu\Programs\Comodo\COMODO Internet Security\COMODO Internet Security.lnk -> C:\Program Files\Comodo\COMODO Internet Security\cistray.exe (COMODO) -> --shortcut ShortcutWithArgument: C:\Documents and Settings\All Users\Start Menu\Programs\Accessories\Scanner and Camera Wizard.lnk -> C:\WINDOWS\system32\wiaacmgr.exe (Microsoft Corporation) -> -SelectDevice ShortcutWithArgument: C:\Documents and Settings\All Users\Desktop\COMODO Internet Security.lnk -> C:\Program Files\Comodo\COMODO Internet Security\cistray.exe (COMODO) -> --shortcut ShortcutWithArgument: C:\Documents and Settings\All Users\Desktop\GeekBuddy.lnk -> C:\Program Files\Comodo\GeekBuddy\launcher.exe (Comodo Security Solutions, Inc.) -> "unit_manager.exe" "lps-ca" ShortcutWithArgument: C:\Documents and Settings\All Users\Desktop\RealPlayer.lnk -> C:\Program Files\real\realplayer\realplay.exe (RealNetworks, Inc.) -> /launch:desktop ShortcutWithArgument: C:\Documents and Settings\Biomed\Start Menu\Programs\Install Microsoft Money 2005.lnk -> C:\hp\bin\cloaker.exe (Hewlett-Packard Co.) -> c:\hp\bin\commands /ww /lw:c:\hp\bin\IFC\Money\lg.ini cmd /c c:\hp\bin\IFC\ifc.cmd c:\hp\recovery\links\apprec.lnk ShortcutWithArgument: C:\Documents and Settings\Biomed\Start Menu\Programs\Install WeatherBug.lnk -> C:\hp\bin\cloaker.exe (Hewlett-Packard Co.) -> c:\hp\bin\commands /ww /lw:c:\hp\bin\IFC\WeatherBug\lg.ini cmd /c c:\hp\bin\IFC\ifc.cmd c:\hp\recovery\links\apprec.lnk ShortcutWithArgument: C:\Documents and Settings\Biomed\Start Menu\Programs\Remote Assistance.lnk -> C:\WINDOWS\system32\rcimlby.exe (Microsoft Corporation) -> -LaunchRA ShortcutWithArgument: C:\Documents and Settings\Biomed\Start Menu\Programs\Windows Media Player.lnk -> C:\Program Files\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1 ShortcutWithArgument: C:\Documents and Settings\Biomed\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk -> C:\Program Files\ERUNT\AUTOBACK.EXE () -> %SystemRoot%\ERDNT\AutoBackup\#Date# /noconfirmdelete /noprogresswindow ShortcutWithArgument: C:\Documents and Settings\Biomed\Start Menu\Programs\Startup\Seagate NA0L6FDC Product Registration.lnk -> C:\Documents and Settings\Biomed\Application Data\Leadertech\PowerRegister\Seagate NA0L6FDC Product Registration.exe (Leader Technologies/Seagate) -> /remind /language=ENU /SRNM="NA0L6FDC" /BRND="Seagate" /BDSR="Seagate NA0L6FDC" /loadsrnm="NA0L6FDC" ShortcutWithArgument: C:\Documents and Settings\Biomed\Start Menu\Programs\Startup\Seagate Product Registration.lnk -> C:\Documents and Settings\Biomed\Application Data\Leadertech\PowerRegister\Seagate Product Registration.exe (Leader Technologies/Seagate) -> /remind /language=ENU /BRND="Seagate" /BDSR="Seagate" ShortcutWithArgument: C:\Documents and Settings\Biomed\Start Menu\Programs\Quicken\Install Quicken New User Edition.lnk -> C:\hp\bin\cloaker.exe (Hewlett-Packard Co.) -> c:\hp\bin\commands /ww /lw:c:\hp\bin\IFC\Quicken_NUE\lg.ini cmd /c c:\hp\bin\IFC\ifc.cmd c:\hp\recovery\links\apprec.lnk ShortcutWithArgument: C:\Documents and Settings\Biomed\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -extoff ShortcutWithArgument: C:\Documents and Settings\Biomed\Start Menu\Programs\Accessories\Accessibility\Utility Manager.lnk -> C:\WINDOWS\system32\utilman.exe (Microsoft Corporation) -> /start ShortcutWithArgument: C:\Documents and Settings\Biomed\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk -> C:\Program Files\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1 ShortcutWithArgument: C:\Documents and Settings\Default User\Start Menu\Programs\Install Microsoft Money 2005.lnk -> C:\hp\bin\cloaker.exe (Hewlett-Packard Co.) -> c:\hp\bin\commands /ww /lw:c:\hp\bin\IFC\Money\lg.ini cmd /c c:\hp\bin\IFC\ifc.cmd c:\hp\recovery\links\apprec.lnk ShortcutWithArgument: C:\Documents and Settings\Default User\Start Menu\Programs\Install WeatherBug.lnk -> C:\hp\bin\cloaker.exe (Hewlett-Packard Co.) -> c:\hp\bin\commands /ww /lw:c:\hp\bin\IFC\WeatherBug\lg.ini cmd /c c:\hp\bin\IFC\ifc.cmd c:\hp\recovery\links\apprec.lnk ShortcutWithArgument: C:\Documents and Settings\Default User\Start Menu\Programs\Remote Assistance.lnk -> C:\WINDOWS\system32\rcimlby.exe (Microsoft Corporation) -> -LaunchRA ShortcutWithArgument: C:\Documents and Settings\Default User\Start Menu\Programs\Quicken\Install Quicken New User Edition.lnk -> C:\hp\bin\cloaker.exe (Hewlett-Packard Co.) -> c:\hp\bin\commands /ww /lw:c:\hp\bin\IFC\Quicken_NUE\lg.ini cmd /c c:\hp\bin\IFC\ifc.cmd c:\hp\recovery\links\apprec.lnk ShortcutWithArgument: C:\Documents and Settings\Default User\Start Menu\Programs\Accessories\Accessibility\Utility Manager.lnk -> C:\WINDOWS\system32\utilman.exe (Microsoft Corporation) -> /start ShortcutWithArgument: C:\Documents and Settings\Default User\Desktop\Help and Support.lnk -> C:\WINDOWS\pchealth\helpctr\binaries\helpctr.exe (Microsoft Corporation) -> /mode hcp://system/panels/HSCFullScreen.xml /url hcp://services/centers/homepage ShortcutWithArgument: C:\Documents and Settings\Guest\Start Menu\Programs\Install Microsoft Money 2005.lnk -> C:\hp\bin\cloaker.exe (Hewlett-Packard Co.) -> c:\hp\bin\commands /ww /lw:c:\hp\bin\IFC\Money\lg.ini cmd /c c:\hp\bin\IFC\ifc.cmd c:\hp\recovery\links\apprec.lnk ShortcutWithArgument: C:\Documents and Settings\Guest\Start Menu\Programs\Install WeatherBug.lnk -> C:\hp\bin\cloaker.exe (Hewlett-Packard Co.) -> c:\hp\bin\commands /ww /lw:c:\hp\bin\IFC\WeatherBug\lg.ini cmd /c c:\hp\bin\IFC\ifc.cmd c:\hp\recovery\links\apprec.lnk ShortcutWithArgument: C:\Documents and Settings\Guest\Start Menu\Programs\Remote Assistance.lnk -> C:\WINDOWS\system32\rcimlby.exe (Microsoft Corporation) -> -LaunchRA ShortcutWithArgument: C:\Documents and Settings\Guest\Start Menu\Programs\Windows Media Player.lnk -> C:\Program Files\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1 ShortcutWithArgument: C:\Documents and Settings\Guest\Start Menu\Programs\Quicken\Install Quicken New User Edition.lnk -> C:\hp\bin\cloaker.exe (Hewlett-Packard Co.) -> c:\hp\bin\commands /ww /lw:c:\hp\bin\IFC\Quicken_NUE\lg.ini cmd /c c:\hp\bin\IFC\ifc.cmd c:\hp\recovery\links\apprec.lnk ShortcutWithArgument: C:\Documents and Settings\Guest\Start Menu\Programs\Accessories\Accessibility\Utility Manager.lnk -> C:\WINDOWS\system32\utilman.exe (Microsoft Corporation) -> /start ShortcutWithArgument: C:\Documents and Settings\Guest\Desktop\Help and Support.lnk -> C:\WINDOWS\pchealth\helpctr\binaries\helpctr.exe (Microsoft Corporation) -> /mode hcp://system/panels/HSCFullScreen.xml /url hcp://services/centers/homepage InternetURL: C:\Documents and Settings\Administrator\Favorites\MSN.com.url -> hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=IStart InternetURL: C:\Documents and Settings\Administrator\Favorites\Radio Station Guide.url -> hxxp://www.microsoft.com/isapi/redir.dll?prd=windows&sbp=mediaplayer&plcid=&pver=6.1&os=&over=&olcid=&clcid=&ar=Media&sba=RadioBar&o1=&o2=&o3= InternetURL: C:\Documents and Settings\Administrator\Favorites\Links\Free Hotmail.url -> hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=hotmail InternetURL: C:\Documents and Settings\Administrator\Favorites\Links\Suggested Sites.url -> https://ieonline.microsoft.com/#ieslice InternetURL: C:\Documents and Settings\Administrator Pam\Favorites\MSN.com.url -> hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=IStart InternetURL: C:\Documents and Settings\Administrator Pam\Favorites\Radio Station Guide.url -> hxxp://www.microsoft.com/isapi/redir.dll?prd=windows&sbp=mediaplayer&plcid=&pver=6.1&os=&over=&olcid=&clcid=&ar=Media&sba=RadioBar&o1=&o2=&o3= InternetURL: C:\Documents and Settings\Administrator Pam\Favorites\Microsoft Websites\IE Add-on site.url -> hxxp://go.microsoft.com/fwlink/?LinkId=50893 InternetURL: C:\Documents and Settings\Administrator Pam\Favorites\Microsoft Websites\IE site on Microsoft.com.url -> hxxp://go.microsoft.com/fwlink/?linkid=44661 InternetURL: C:\Documents and Settings\Administrator Pam\Favorites\Microsoft Websites\Microsoft At Home.url -> hxxp://go.microsoft.com/fwlink/?linkid=55424 InternetURL: C:\Documents and Settings\Administrator Pam\Favorites\Microsoft Websites\Microsoft At Work.url -> hxxp://go.microsoft.com/fwlink/?linkid=68920 InternetURL: C:\Documents and Settings\Administrator Pam\Favorites\Microsoft Websites\Microsoft Store.url -> hxxp://go.microsoft.com/fwlink/?linkid=140813 InternetURL: C:\Documents and Settings\Administrator Pam\Favorites\Links\Free Hotmail.url -> hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=hotmail InternetURL: C:\Documents and Settings\Administrator Pam\Favorites\Links\Suggested Sites.url -> https://ieonline.microsoft.com/#ieslice InternetURL: C:\Documents and Settings\Administrator Pam\Favorites\Links\Web Slice Gallery.url -> hxxp://go.microsoft.com/fwlink/?LinkId=121315 InternetURL: C:\Documents and Settings\All Users\Start Menu\Programs\CCleaner\CCleaner Homepage.url -> hxxp://www.piriform.com/ccleaner InternetURL: C:\Documents and Settings\Biomed\Start Menu\Programs\CCleaner\CCleaner Homepage.url -> hxxp://www.ccleaner.com/ InternetURL: C:\Documents and Settings\Biomed\Favorites\Microsoft Exchange - Outlook Web Access.url -> https://webmail.iredellmemorial.org/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fwebmail.iredellmemorial.org%2fowa%2f InternetURL: C:\Documents and Settings\Biomed\Favorites\Microsoft Store Online - Windows 7.url -> hxxp://www.microsoftstore.com/store/msstore/en_US/list/categoryID.50726100 InternetURL: C:\Documents and Settings\Biomed\Favorites\RCA TV cable Hook up diagram.url -> hxxp://dl.owneriq.net/5/562ac210-72f8-dc94-850e-bb440ca53415.pdf InternetURL: C:\Documents and Settings\Biomed\Favorites\super antispyware forum, help\Help!! I have a broken file association in registry and alot more!! - SUPERAntiSpyware.com.url -> hxxp://forums.superantispyware.com/index.php?/topic/4758-help-i-have-a-broken-file-association-in-registry-and-alot-more/ InternetURL: C:\Documents and Settings\Biomed\Favorites\Road Runner\Benefits.url -> hxxp://www.rr.com/home/benefits InternetURL: C:\Documents and Settings\Biomed\Favorites\Road Runner\Help.url -> hxxp://help.rr.com InternetURL: C:\Documents and Settings\Biomed\Favorites\Road Runner\Home Page.url -> hxxp://www.rr.com/ InternetURL: C:\Documents and Settings\Biomed\Favorites\Road Runner\Password Help.url -> hxxp://help.rr.com/password/ InternetURL: C:\Documents and Settings\Biomed\Favorites\Pam's\ADP ezLabor.url -> hxxp://workforceportal.elabor.com/ InternetURL: C:\Documents and Settings\Biomed\Favorites\Pam's\Amazon Books.url -> hxxp://www.amazon.com/books-used-books-textbooks/b/ref=sa_menu_bo0?ie=UTF8&node=283155 InternetURL: C:\Documents and Settings\Biomed\Favorites\Pam's\Barn Quilting.url -> hxxp://barnquilting.ning.com/ InternetURL: C:\Documents and Settings\Biomed\Favorites\Pam's\Fidelity Investments.url -> https://www.fidelity.com/ InternetURL: C:\Documents and Settings\Biomed\Favorites\Pam's\HSA-OptumHealth Bank.url -> https://secure.optumhealthbank.com/PBI_PBI1961/Pbi1961.asp?Rt=124384877&LogonBy=connect3&PrmAccess=Account&AFC=00001 InternetURL: C:\Documents and Settings\Biomed\Favorites\Pam's\Huntington Bank.url -> https://www.huntington.com/ InternetURL: C:\Documents and Settings\Biomed\Favorites\Pam's\Iredell Memorial Hospital.url -> hxxp://www.iredellmemorial.org/staffonly.aspx InternetURL: C:\Documents and Settings\Biomed\Favorites\Pam's\LunchPrepay.url -> https://www.lunchprepay.com/Redirection.aspx InternetURL: C:\Documents and Settings\Biomed\Favorites\Pam's\Nutrition facts and calories .url -> hxxp://nutritiondata.self.com/ InternetURL: C:\Documents and Settings\Biomed\Favorites\Pam's\Paystubs.url -> https://portal.adp.com/public/index.htm InternetURL: C:\Documents and Settings\Biomed\Favorites\Pam's\Piedmont Bank.url -> hxxp://www.yadkinvalleybank.com/ InternetURL: C:\Documents and Settings\Biomed\Favorites\Pam's\The World's Healthiest Foods.url -> hxxp://whfoods.org/ InternetURL: C:\Documents and Settings\Biomed\Favorites\Pam's\TV Episodes Online.url -> hxxp://video.tvguide.com/episodes.aspx InternetURL: C:\Documents and Settings\Biomed\Favorites\Pam's\United Credit Union.url -> https://www.unitedfcu.com/ InternetURL: C:\Documents and Settings\Biomed\Favorites\Pam's\Wachovia Bank.url -> hxxp://www.wachovia.com/ InternetURL: C:\Documents and Settings\Biomed\Favorites\Pam\amazon book reviews.url -> hxxp://www.amazon.com/ InternetURL: C:\Documents and Settings\Biomed\Favorites\Pam\LunchPrepay.url -> https://www.lunchprepay.com/Redirection.aspx InternetURL: C:\Documents and Settings\Biomed\Favorites\Pam\PaperBackSwap Member Login.url -> https://secure.paperbackswap.com/members/login.php InternetURL: C:\Documents and Settings\Biomed\Favorites\Pam\Wachovia.url -> https://onlineservices.wachovia.com/auth/AuthService?action=presentLogin&url=https%3a//onlineservices.wachovia.com/NASApp/NavApp/Titanium%3faction%3dreturnHome InternetURL: C:\Documents and Settings\Biomed\Favorites\Microsoft Websites\IE Add-on site.url -> hxxp://go.microsoft.com/fwlink/?LinkId=50893 InternetURL: C:\Documents and Settings\Biomed\Favorites\Microsoft Websites\IE site on Microsoft.com.url -> hxxp://go.microsoft.com/fwlink/?linkid=44661 InternetURL: C:\Documents and Settings\Biomed\Favorites\Microsoft Websites\Microsoft At Home.url -> hxxp://go.microsoft.com/fwlink/?linkid=55424 InternetURL: C:\Documents and Settings\Biomed\Favorites\Microsoft Websites\Microsoft At Work.url -> hxxp://go.microsoft.com/fwlink/?linkid=68920 InternetURL: C:\Documents and Settings\Biomed\Favorites\Microsoft Websites\Microsoft Store.url -> hxxp://go.microsoft.com/fwlink/?linkid=140813 InternetURL: C:\Documents and Settings\Biomed\Favorites\Microsoft Websites\Welcome to IE7.url -> hxxp://go.microsoft.com/fwlink/?linkid=68919 InternetURL: C:\Documents and Settings\Biomed\Favorites\Links\Suggested Sites.url -> https://ieonline.microsoft.com/#ieslice InternetURL: C:\Documents and Settings\Biomed\Favorites\Librarys\ECAC Library.url -> hxxp://www.ecac-parentcenter.org/resources/libraries.htm InternetURL: C:\Documents and Settings\Biomed\Favorites\Librarys\Iredell Library.url -> hxxp://hip.iredell.lib.nc.us/ipac20/ipac.jsp?&profile=web&menu=account InternetURL: C:\Documents and Settings\Biomed\Favorites\Librarys\Mooresville Library.url -> hxxp://68.71.163.2:81/ipac20/ipac.jsp?profile=mpl--1&menu=account InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Best-1 Hummingbird Feeder 32 Ounce.url -> hxxp://www.northwestnatureshop.com/Birds_and_Backyards/Bird_and_Wildlife_Feeders/Hummingbird_and_Oriole_Feeders/220.html InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Bottles - Glass and Plasticware - Equipment & Supplies - Carolina Biological Supply Company.url -> hxxp://www.carolina.com/category/equipment+and+supplies/glass+and+plasticware/bottles.do?s_cid=ppc_gl_bottles&gclid=CMCh3_f1iqQCFYdh2godtnOxqQ InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Browsing SPECIAL APPLICATION plastic bottles.url -> hxxp://shop.tps-online.com/browse.cfm/2,262.html InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Browsing Store - SQUEEZE JET W-CAP 60ML.url -> hxxp://shop.tps-online.com/browse.cfm/4,1869.html InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Citizen science People power Nature News.url -> hxxp://www.nature.com/news/2010/100804/full/466685a.html InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Dispenser Bottles & Leak-Proof Oilers.url -> hxxp://www.tecratools.com/pages/assorted/bottles.html InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Free Circular Saw Cutting Guide Plan - Free Panel Saw Plans.url -> hxxp://wayneofthewoods.com/circular-saw-cutting-guide.html InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Free Gun Rack Plans - How to Build a Gun Rack.url -> hxxp://wayneofthewoods.com/gunrack.html InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Free Step Stool Plans - How to Build A Step Stool.url -> hxxp://wayneofthewoods.com/stool.html InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Free Table Saw Extension Plans - Free Panel Saw Plans.url -> hxxp://wayneofthewoods.com/table-saw-extension.html InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Free Wood Building Plans - Free Woodworking Plans.url -> hxxp://wayneofthewoods.com/freeplans.htm InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\G.E. Christmas Bulbs and light sets.url -> hxxp://fp.enter.net/~jpill612/page2/jsp_pg2.htm InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\How to Build a Custom Doghouse, from Ron Hazelton.url -> hxxp://www.ronhazelton.com/archives/howto/doghouse_construction.shtm InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\http--www.diamondbackironworks.com-GOOGLE9e64d9483d5b3dca.html.url -> hxxp://www.diamondbackironworks.com/GOOGLE9e64d9483d5b3dca.html InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Jensen Global Inc - Dispensing Systems -- Bottles.url -> hxxp://jensenglobal.com/cgi-bin/jgd1/bottles.html InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Journey North Hummingbird Migration.url -> hxxp://www.learner.org/jnorth/tm/humm/AboutSpring.html InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Lake Norman Covekeepers — Catawba Riverkeeper Foundation.url -> hxxp://www.catawbariverkeeper.org/our-work/covekeepers/lake-norman-covekeepers InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Micro-Tools.url -> hxxp://www.micro-tools.com/store/ InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\NC Whisper Momma Atmospheric Forge-Centaur Forge.url -> hxxp://www.centaurforge.com/NC-Whisper-Momma-Atmospheric-Forge/productinfo/NCMOMMA/ InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Needle Tip Dispensing Plastic Bottles – HDPE - Freund Container & Supply.url -> hxxp://www.freundcontainer.com/product.asp_Q_pn_E_3112B03_A_cn_E_401 InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Patrick McKenna, Comedian, on His ADHD ADDitude - Attention Deficit Information and Resources.url -> hxxp://www.additudemag.com/adhd/article/7657.html InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Plastic Bottles.url -> hxxp://www.containerandpackaging.com/subtype.asp?itemtype=Plastic_Bottles&gad=plastic_bottle&gclid=CKLz56n1iqQCFctW2godYRwzIw InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Plastic Dispensing Caps.url -> hxxp://www.sks-bottle.com/340c/C2.html InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Specialty Bottle - Glass & Plastic Bottles Jars Vials Tins Other Containers.url -> hxxp://www.specialtybottle.com/?gclid=CJer1rf3iqQCFbBe7AodmWxwGw InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Squeeze bottle dispenser - Shop sales, stores & prices at TheFind.com.url -> hxxp://www.thefind.com/kitchen/info-squeeze-bottle-dispenser InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Squeeze bottle dispenser at TheFind - Search, discover and compare prices.url -> hxxp://www.thefind.com/search?query=squeeze+bottle+dispenser&filter%5Bquery%5D=squeeze+bottle+dispenser&filter%5Bcategoryorder%5D=EwMDCwUMDwkQDQYOFgoRGAIZAQgHCAAOAAwA&filter%5Bqpcookie%5D=%24%24K87ILy9ITE8tqSxItTXUAQA%3D&filter[category]=craft_supplies InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Steals and Deals Thermal shirt, beauty kit, jewelry - Holiday Guide - TODAYshow.com.url -> hxxp://today.msnbc.msn.com/id/40421556/ns/today-holiday_guide/ InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\The Network for Citizen Science Projects & Resources Science for Citizens.url -> hxxp://scienceforcitizens.net/ InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Tooltron Industries - Squeeze Bottle with needle tips.url -> hxxp://www.tooltron.com/products_jewelry_beading/2_oz_squeeze_bottle.html InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\World War II Historical Preservation Federation Rules of Authenticity.url -> hxxp://www.wwiifederation.org/command.html InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\World War II Veterans of the Battle of the Bulge Association The Ardennes Offensive.url -> hxxp://www.battleofthebulge.org/index.html InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Wood working library,free books\Masters' Library - Woodworking Tools - Design, Production and Use - Historical Books - wkFineTools.com.url -> hxxp://www.wkfinetools.com/mLibrary/mLibrary_index.asp InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Wineries to visit\Welcome to the website for Starrlight Mead! Starrlight Mead.url -> hxxp://starrlightmead.com/ InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Watch forum\Can anyone give me some information on this Bucherer Pocket Watch.url -> hxxp://forums.watchuseek.com/f11/can-anyone-give-me-some-information-bucherer-pocket-watch-508505.html InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Stainless steel needle oiler bottles\Needle applicator - Shop sales, stores & prices at TheFind.com.url -> hxxp://www.thefind.com/office/info-needle-applicator InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Recipes\Breast milk ice cream + Poppy Seed Baby Fig & Cherry.url -> hxxp://www.figandcherry.com/food-news/breast-milk-ice-cream-poppy-seed-baby/ InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Recipes\Gluten-free recipes, from The Dr. Oz Show.url -> hxxp://www.doctoroz.com/videos?page=2&tid=All&tid_1=147 InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Recipes\The Saturday Evening Pot Star Recipes.url -> hxxp://www.thesaturdayeveningpot.com/p/star-recipes.html InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Pocket watch information, ..reallly good info!\Antique Pocket Watch...your source for everything pocket watch!.url -> hxxp://www.antique-pocket-watch.com/ InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Pocket watch information, ..reallly good info!\Barry S. Goldberg's Pocket Watch Collection - Helpful Information.url -> hxxp://barrygoldberg.net/watchinfo2.htm InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Pocket watch information, ..reallly good info!\Hamilton Watch Co. - National Association of Watch and Clock Collectors Message Board.url -> hxxp://mb.nawcc.org/showwiki.php?title=Hamilton+Watch+Co InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Pocket watch information, ..reallly good info!\Hampden Watch Co. - National Association of Watch and Clock Collectors Message Board.url -> hxxp://mb.nawcc.org/showwiki.php?title=Hampden+Watch+Co InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Pocket watch information, ..reallly good info!\Welcome to the NAWCC School of Horology Watchmakers and Clockmakers General.url -> hxxp://www.horology.edu/ InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Pocket watch information, ..reallly good info!\[ELGIN] Documents and Pictures.url -> hxxp://elginwatches.org/scans/sales_catalogs/1917_Oskamp-Nolting/m_pg_DH02.html InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Pocket watch chain and Fobs\Cowboy Emporium Watch Chains and Fobs.url -> hxxp://www.cemp.com/chains.htm InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\N.C. Railroad Station Photos\http--www.pwrr.org-nstation-index.html.url -> hxxp://www.pwrr.org/nstation/index.html InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Model railroading info\CSD Home.url -> hxxp://www.carolinasouthern.org/ InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Model railroading info\Visit and volunteer at Train Town in Hickory, NC.url -> hxxp://www.carolinasouthern.org/TrainTown.htm InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Humming bird info\Building Your Own Hummingbird Feeder.url -> hxxp://howtoenjoyhummingbirds.com/building_your_own_hummingbird_feeder.htm InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Humming bird info\Erva 14 Inch Weather Guard With Ant Moat.url -> hxxp://www.northwestnatureshop.com/Birds_and_Backyards/Birds_and_Backyards_by_Brand/Erva_Tool_and_Manufacturing/203.html InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\heating and cooling help\http--www.toolbase.org-pdf-designguides-doe_airdistributionsysteminstallation.pdf.url -> hxxp://www.toolbase.org/pdf/designguides/doe_airdistributionsysteminstallation.pdf InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Free card games, play online\Julianne Giffin's 500 Club. 500 Card Game. Five Hundred Card Game. Play the card game Five Hundred (500) online.url -> hxxp://www.juliannegiffin.com/500/500_intro.jsp InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Free card games, play online\The Deck of Cards.url -> hxxp://www.thedeckofcards.com/ InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Farming Info and tips\Agriculture equipment, farm magazines, farm equipment, farm inventions, farm machinery, agriculture machinery.url -> hxxp://www.farmshow.com/default.asp InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Elgin watch info, the 315 grade watch\Cleaning watch dials.url -> hxxp://www.cwrnh.com/techpages/cleaning_watch_dials.htm InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Elgin watch info, the 315 grade watch\HOW TO CLEAN AND OIL A VINTAGE MECHANICAL WRIST WATCH OR POCKET WATCH REPAIR.url -> hxxp://thewatchguy.homestead.com/pages/repair.html InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Elgin watch info, the 315 grade watch\Making the Elgin Grade 315.url -> hxxp://www.rdrop.com/~jsexton/watches/museum/elgin28563994.html InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Computer help\Foner Books - Publishing Books and eBooks For Do-It-Yourself.url -> hxxp://www.fonerbooks.com/ InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Computer help\HowStuffWorks Videos Episode 6 - Home Network Primer.url -> hxxp://videos.howstuffworks.com/labrats-tv/829-episode-6-home-network-primer-video.htm InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Computer help\Speed test sites\Speedtest.net - The Global Broadband Speed Test.url -> hxxp://speedtest.net/ InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Computer help\Speed test sites\Time Warner Bandwidth Speed Test.url -> hxxp://speedtest.twcnc.com/ InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Bird plans for houses and more, and not only birds\Meisel Hardware Specialties.url -> hxxp://www.meiselwoodhobby.com/Products/ViewCategory.aspx?ID=2912&Path=50 InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\ADHD help\ADHD documentary starts airing on PBS today – November 26, 2010 - Toronto adhd Examiner.com.url -> hxxp://www.examiner.com/adhd-in-toronto/adhd-documentary-starts-airing-on-pbs-today-november-26-2010?render=print InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\ADHD help\Career Advice Finding Right Job for ADHD Adults ADDitude - Attention Deficit Information & Resources.url -> hxxp://www.additudemag.com/adhd/article/1497.html InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\ADHD help\Celebrities With ADHD.url -> hxxp://www.healthcentral.com/adhd/understanding-adhd-161681-5_3.html InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\ADHD help\Dr Hallowell.url -> hxxp://www.drhallowell.com/ InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\ADHD help\http--totallyadd.com-about-the-team-.url -> hxxp://totallyadd.com/about/the-team/ InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\ADHD help\http--totallyadd.com-links-.url -> hxxp://totallyadd.com/links/ InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\ADHD help\http--www.zoominfo.com-people-Kurtz_Steven_3934022.aspx.url -> hxxp://www.zoominfo.com/people/Kurtz_Steven_3934022.aspx InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\ADHD help\Keyword Search ADDitude Information on Attention Deficit Symptoms, Diagnosis, Treatment, Parenting and More.url -> hxxp://www.additudemag.com/search/keyword/Career%20Paths%20for%20ADHD%20Adults.html InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\ADHD help\TotallyADD.com Forums.url -> hxxp://totallyadd.com/forum/ InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\ADHD help\Understanding ADHD Where to find help - Toronto adhd Examiner.com.url -> hxxp://www.examiner.com/adhd-in-toronto/understanding-adhd-where-to-find-help InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\ADHD help\Wrightslaw - Subscribe to The Special Ed Advocate Newsletter.url -> hxxp://www.wrightslaw.com/subscribe.htm InternetURL: C:\Documents and Settings\Biomed\Favorites\Beach rentals\http--www.vrbo.com-21797, @ holden beach.url -> hxxp://www.vrbo.com/21797 InternetURL: C:\Documents and Settings\Biomed\Favorites\Beach rentals\http--www.vrbo.com-vacation-rentals-usa-north-carolina-coastal-southern-coast.url -> hxxp://www.vrbo.com/vacation-rentals/usa/north-carolina/coastal/southern-coast InternetURL: C:\Documents and Settings\Biomed\Favorites\Beach rentals\North Carolina Beach House Rentals, NC Beach House Rentals, GreatRentals.url -> hxxp://www.greatrentals.com/nc/nccoastal.html InternetURL: C:\Documents and Settings\Biomed\desktop\Microsoft Fix it.url -> hxxp://go.microsoft.com/fwlink/?LinkId=152693 InternetURL: C:\Documents and Settings\Biomed\desktop\Pam\Pay Stubs.url -> https://portal.adp.com/public/index.htm InternetURL: C:\Documents and Settings\Default User\Favorites\MSN.com.url -> hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=IStart InternetURL: C:\Documents and Settings\Default User\Favorites\Radio Station Guide.url -> hxxp://www.microsoft.com/isapi/redir.dll?prd=windows&sbp=mediaplayer&plcid=&pver=6.1&os=&over=&olcid=&clcid=&ar=Media&sba=RadioBar&o1=&o2=&o3= InternetURL: C:\Documents and Settings\Default User\Favorites\Links\Customize Links.url -> hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=CLinks InternetURL: C:\Documents and Settings\Default User\Favorites\Links\Free Hotmail.url -> hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=hotmail InternetURL: C:\Documents and Settings\Default User\Favorites\Links\Windows Marketplace.url -> hxxp://go.microsoft.com/fwlink/?LinkId=30857&clcid=0x409 InternetURL: C:\Documents and Settings\Default User\Favorites\Links\Windows Media.url -> hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=windowsmedia InternetURL: C:\Documents and Settings\Default User\Favorites\Links\Windows.url -> hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=windows InternetURL: C:\Documents and Settings\Guest\Favorites\MSN.com.url -> hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=IStart InternetURL: C:\Documents and Settings\Guest\Favorites\Radio Station Guide.url -> hxxp://www.microsoft.com/isapi/redir.dll?prd=windows&sbp=mediaplayer&plcid=&pver=6.1&os=&over=&olcid=&clcid=&ar=Media&sba=RadioBar&o1=&o2=&o3= InternetURL: C:\Documents and Settings\Guest\Favorites\Microsoft Websites\IE Add-on site.url -> hxxp://go.microsoft.com/fwlink/?LinkId=50893 InternetURL: C:\Documents and Settings\Guest\Favorites\Microsoft Websites\IE site on Microsoft.com.url -> hxxp://go.microsoft.com/fwlink/?linkid=44661 InternetURL: C:\Documents and Settings\Guest\Favorites\Microsoft Websites\Microsoft At Home.url -> hxxp://go.microsoft.com/fwlink/?linkid=55424 InternetURL: C:\Documents and Settings\Guest\Favorites\Microsoft Websites\Microsoft At Work.url -> hxxp://go.microsoft.com/fwlink/?linkid=68920 InternetURL: C:\Documents and Settings\Guest\Favorites\Microsoft Websites\Microsoft Store.url -> hxxp://go.microsoft.com/fwlink/?linkid=140813 InternetURL: C:\Documents and Settings\Guest\Favorites\Links\Customize Links.url -> hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=CLinks InternetURL: C:\Documents and Settings\Guest\Favorites\Links\Free Hotmail.url -> hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=hotmail InternetURL: C:\Documents and Settings\Guest\Favorites\Links\Web Slice Gallery.url -> hxxp://go.microsoft.com/fwlink/?LinkId=121315 InternetURL: C:\Documents and Settings\Guest\Favorites\Links\Windows Marketplace.url -> hxxp://go.microsoft.com/fwlink/?LinkId=30857&clcid=0x409 InternetURL: C:\Documents and Settings\Guest\Favorites\Links\Windows Media.url -> hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=windowsmedia InternetURL: C:\Documents and Settings\Guest\Favorites\Links\Windows.url -> hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=windows ==================== End of log =============================

Turned off viris protection, and malwarebytes and opened combofix. Been having a hell of a time with the computer since running Combo fix! since then I have been chasing one fire after another! ( I mean new issues) . Plus The computer has become extremely slow at executing any comand from the mouse or key pad. Ran Ccleaner, and still very slow. Ran defrag, aND STILL NO IMPROVEMENT. Rebooted computer three times, still no improvement. what can of carnege have we opened up now? There is an issue / window titled "selective start up? that appears all the time now, and Ive been eduacting myself on the internet about that, and dealing with that! ..as i write this, it is not corrected yet. Combo fix never finishes. I leave it to run for 2 hrs. and still it never advances from some window with a green progress bar, and the bar is only ever 3/4 of the way filled. ! Tried running combofix 3 times, every time the same as I described above. SO there is no logs fromCombo fix. I did notice that with Comodo ANTI VIRUS TURNED OFF and Malwarebytes still activated, that malawarebytes was still not able to activate the maliciouse website protection part of itself. I think that is important to know. I'll continue to start and run combo fix, attempting to get those logs you want. It is up in the air if I ever will achieve this objective. Attached is perhaps some new logs. .. I think. from what? Sorry, I don't know any more. I can't attahe them for some reason, so they are pasted below. Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 29-10-2014 01 Ran by Biomed (administrator) on MSAIMH002 on 29-10-2014 11:11:13 Running from C:\Documents and Settings\Biomed\desktop\FRST-OlderVersion Loaded Profile: Biomed (Available profiles: HP_Owner & Biomed & Administrator Pam & Administrator & Guest) Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: English (United States) Internet Explorer Version 8 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Comodo Security Solutions, Inc.) C:\Program Files\Common Files\COMODO\launcher_service.exe (COMODO) C:\Program Files\Comodo\COMODO Internet Security\cmdagent.exe (Affinegy, Inc.) C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe () C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe () C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe () C:\Program Files\Comodo\Dragon\dragon_updater.exe (Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (Memeo) C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe () C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe (Memeo) C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe (Hewlett-Packard Company) C:\hp\KBD\kbd.exe (Apple Computer, Inc.) C:\Program Files\QuickTime\qttask.exe (COMODO) C:\Program Files\Comodo\COMODO Internet Security\cistray.exe (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe (COMODO) C:\Program Files\Comodo\COMODO Internet Security\cis.exe (Memeo) C:\Program Files\Seagate\Seagate Dashboard\MemeoDashboard.exe () C:\Program Files\Memeo\AutoBackup\InstantBackup.exe (Axentra Corporation) C:\Program Files\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe (Affinegy, Inc.) C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe (Belkin International, Inc.) C:\Program Files\Belkin\Belkin USB Print and Storage Center\Connect.exe (Affinegy, Inc.) C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe (Affinegy, Inc.) C:\Program Files\Belkin\Router Setup and Monitor\dlnaPlugin.exe (COMODO) C:\Program Files\Comodo\COMODO Internet Security\cmdvirth.exe (RealNetworks, Inc.) C:\Program Files\real\realplayer\Update\realsched.exe (Comodo Security Solutions, Inc.) C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe (Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [thirdintel] => c:\hp\bin\cloaker.exe [27136 1999-11-06] (Hewlett-Packard Co.) HKLM\...\Run: [KBD] => C:\HP\KBD\KBD.EXE [61440 2005-02-02] (Hewlett-Packard Company) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM\...\Run: [TkBellExe] => C:\program files\real\realplayer\update\realsched.exe [295512 2013-09-12] (RealNetworks, Inc.) HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\qttask.exe [98304 2005-05-26] (Apple Computer, Inc.) HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1225944 2014-03-25] (COMODO) HKLM\...\Run: [tvncontrol] => C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2014-07-25] (Comodo Security Solutions, Inc.) HKLM\...\Run: [Memeo Instant Backup] => C:\Program Files\Memeo\AutoBackup\MemeoLauncher2.exe [136416 2011-05-04] (Memeo Inc.) HKLM\...\Run: [seagate Dashboard] => C:\Program Files\Seagate\Seagate Dashboard\MemeoLauncher.exe [79112 2011-06-01] () HKLM\...\Winlogon: [uIHost] C:\WINDOWS\system32\logonui.exe [514560 2008-04-13] (Microsoft Corporation) Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxsrvc.dll (Intel Corporation) HKLM\...\Policies\Explorer: [NoCDBurning] 0 HKU\S-1-5-21-605865402-4069305935-1106247723-1011\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [4825880 2014-10-23] (Piriform Ltd) Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\WKCALREM.LNK ShortcutTarget: WKCALREM.LNK -> C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe (Microsoft® Corporation) Startup: C:\Documents and Settings\Administrator Pam\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe () Startup: C:\Documents and Settings\Biomed\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk ShortcutTarget: ERUNT AutoBackup.lnk -> C:\Program Files\ERUNT\AUTOBACK.EXE () Startup: C:\Documents and Settings\Biomed\Start Menu\Programs\Startup\Seagate NA0L6FDC Product Registration.lnk ShortcutTarget: Seagate NA0L6FDC Product Registration.lnk -> C:\Documents and Settings\Biomed\Application Data\Leadertech\PowerRegister\Seagate NA0L6FDC Product Registration.exe (Leader Technologies/Seagate) Startup: C:\Documents and Settings\Biomed\Start Menu\Programs\Startup\Seagate Product Registration.lnk ShortcutTarget: Seagate Product Registration.lnk -> C:\Documents and Settings\Biomed\Application Data\Leadertech\PowerRegister\Seagate Product Registration.exe (Leader Technologies/Seagate) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1295721296&rver=6.1.6206.0&wp=MBI&wreply=http:%2F%2Fmail.live.com%2Fdefault.aspx&lc=1033&id=64855&mkt=en-us&cbcxt=mai&snsc=1 HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 SearchScopes: HKLM - DefaultScope value is missing. BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader) Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation) Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab DPF: {B479199A-1242-4E3C-AD81-7F0DF801B4AE} http://download.microsoft.com/download/C/9/C/C9C3D86D-84AC-4AF0-8584-842756A66467/MicrosoftDownloadManager.cab Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation) Hosts: 127.0.0.1 localhost Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{A7859C65-4D00-4730-B8E4-BD16EE5AEDB2}: [NameServer] 156.154.70.22,156.154.71.22 Tcpip\..\Interfaces\{EA2B3D36-0516-44A7-A67D-382B9AB09456}: [NameServer] 156.154.70.22,156.154.71.22 FireFox: ======== FF ProfilePath: C:\Documents and Settings\Biomed\Application Data\Mozilla\Firefox\Profiles\jx8g7tim.default-1398891734062 FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_15_0_0_189.dll () FF Plugin: @Microsoft.com/DownloadManager,version=1.1 -> C:\WINDOWS\ () FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @real.com/nppl3260;version=16.0.3.51 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 -> C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 -> C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 -> C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprpplugin;version=16.0.3.51 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer) FF Plugin: @realnetworks.com/npdlplugin;version=1 -> C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpplugin.dll (RealPlayer) FF Extension: Adblock Plus - C:\Documents and Settings\Biomed\Application Data\Mozilla\Firefox\Profiles\jx8g7tim.default-1398891734062\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-10-19] FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext FF Extension: RealDownloader - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-09-12] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2014-07-13] FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext Chrome: ======= CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AffinegyService; C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe [569752 2010-07-28] (Affinegy, Inc.) R2 Belkin Local Backup Service; C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe [152064 2010-02-17] () [File not signed] R2 Belkin Network USB Helper; C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe [49152 2010-02-09] () [File not signed] R2 CLPSLauncher; C:\Program Files\Common Files\COMODO\launcher_service.exe [70864 2014-07-25] (Comodo Security Solutions, Inc.) R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5306504 2014-04-16] (COMODO) R3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [1663192 2014-03-25] (COMODO) R2 DragonUpdater; C:\Program Files\Comodo\Dragon\dragon_updater.exe [2135232 2014-05-21] () R2 GeekBuddyRSP; C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2014-07-25] (Comodo Security Solutions, Inc.) S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed] R2 LightScribeService; c:\Program Files\Common Files\LightScribe\LSSrvc.exe [53248 2005-05-08] (Hewlett-Packard Company) [File not signed] R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation) R2 MemeoBackgroundService; C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe [25824 2011-05-04] (Memeo) S2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-10-23] (Microsoft Corporation) S2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [73728 2007-08-09] (HP) [File not signed] R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] () R2 SeagateDashboardService; C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe [14088 2011-06-01] (Memeo) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 AFGSp50; C:\WINDOWS\System32\Drivers\AFGSp50.sys [27072 2010-06-23] (Printing Communications Assoc., Inc. (PCAUSA)) R2 Aspi32; C:\WINDOWS\system32\Drivers\Aspi32.sys [17005 2002-08-14] (Adaptec) [File not signed] S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation) R1 CFRMD; C:\WINDOWS\System32\DRIVERS\CFRMD.sys [36112 2014-06-26] (Windows ® Win 7 DDK provider) R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [15704 2014-04-16] (COMODO) R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [607448 2014-04-16] (COMODO) R1 cmdHlp; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [29912 2014-04-16] (COMODO) R0 fasttx2k; C:\WINDOWS\System32\DRIVERS\fasttx2k.sys [142336 2003-12-02] (Promise Technology, Inc.) S3 HdAudAddService; C:\WINDOWS\System32\drivers\HdAudio.sys [113664 2004-03-17] (Windows ® Server 2003 DDK provider) R1 HMD; C:\WINDOWS\System32\DRIVERS\hmd.sys [14272 2014-06-26] () R0 Inspect; C:\WINDOWS\System32\DRIVERS\inspect.sys [104920 2014-04-16] (COMODO) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2014-10-01] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [114904 2014-10-29] (Malwarebytes Corporation) R0 MpFilter; C:\WINDOWS\System32\DRIVERS\MpFilter.sys [214696 2013-09-27] (Microsoft Corporation) S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation) S3 PcdrNdisuio; C:\WINDOWS\System32\DRIVERS\pcdrndisuio.sys [12416 2005-01-19] (Windows ® 2000 DDK provider) [File not signed] R0 PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [20576 2005-01-26] (Sonic Solutions) [File not signed] R3 RTL8023xp; C:\WINDOWS\System32\DRIVERS\Rtlnicxp.sys [71168 2004-10-15] (Realtek Semiconductor Corporation ) S3 rtl8139; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [20992 2004-08-03] (Realtek Semiconductor Corporation) R2 sxuptp; C:\WINDOWS\System32\DRIVERS\sxuptp.sys [246936 2009-06-22] (silex technology, Inc.) U3 TrueSight; C:\WINDOWS\system32\drivers\TrueSight.sys [33512 2014-08-15] () S1 wceusbsh; C:\WINDOWS\System32\DRIVERS\wceusbsh.sys [31744 2008-04-13] (Microsoft Corporation) S3 AFGMp50; System32\Drivers\AFGMp50.sys [X] U5 AppMgmt; C:\WINDOWS\system32\svchost.exe [14336 2008-04-13] (Microsoft Corporation) S3 catchme; \??\C:\DOCUME~1\Biomed\LOCALS~1\Temp\catchme.sys [X] S3 FilterService; system32\DRIVERS\lvuvcflt.sys [X] S3 LVRS; system32\DRIVERS\lvrs.sys [X] S3 LVUSBSta; system32\drivers\LVUSBSta.sys [X] S3 LVUVC; system32\DRIVERS\lvuvc.sys [X] U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation) U3 TlntSvr; No ImagePath ========================== Drivers MD5 ======================= C:\WINDOWS\System32\DRIVERS\ACPI.sys 8FD99680A539792A30E97944FDAECF17 C:\WINDOWS\system32\Drivers\ACPIEC.sys 9859C0F6936E723E4892D7141B1327D5 C:\WINDOWS\System32\drivers\aec.sys 8BED39E3C35D6A489438B8141717A557 C:\WINDOWS\System32\drivers\afd.sys 1E44BC1E83D8FD2305F8D452DB109CF9 C:\WINDOWS\System32\Drivers\AFGSp50.sys 1961590AA191B6B7DCF18A6A693AF7B8 C:\WINDOWS\System32\DRIVERS\AGRSM.sys 593AEFC67283D409F34CC1245D00A509 C:\WINDOWS\System32\DRIVERS\arp1394.sys B5B8A80875C1DEDEDA8B02765642C32F C:\WINDOWS\system32\Drivers\Aspi32.sys ED8CEE58C1E4C5893F5B2FD686A272BF C:\WINDOWS\System32\DRIVERS\asyncmac.sys B153AFFAC761E7F5FCFA822B9C4E97BC C:\WINDOWS\System32\DRIVERS\atapi.sys 9F3A2F5AA6875C72BF062C712CFA2674 C:\WINDOWS\System32\DRIVERS\atmarpc.sys 9916C1225104BA14794209CFA8012159 C:\WINDOWS\System32\DRIVERS\audstub.sys D9F724AA26C010A217C97606B160ED68 C:\WINDOWS\system32\Drivers\Beep.sys DA1F27D85E0D1525F6621372E7B685E9 C:\WINDOWS\system32\Drivers\cbidf2k.sys 90A673FC8E12A79AFBED2576F6A7AAF9 C:\WINDOWS\System32\DRIVERS\CCDECODE.sys 0BE5AEF125BE881C4F854C554F2B025C C:\WINDOWS\system32\Drivers\Cdaudio.sys C1B486A7658353D33A10CC15211A873B C:\WINDOWS\system32\Drivers\Cdfs.sys C885B02847F5D2FD45A24E219ED93B32 C:\WINDOWS\System32\DRIVERS\cdrom.sys 1F4260CC5B42272D71F79E570A27A4FE C:\WINDOWS\System32\DRIVERS\CFRMD.sys 61305C679E5766A03A09C0E966939206 C:\WINDOWS\System32\DRIVERS\cmderd.sys 5C634AABDD28F349C6457BEEE84D4D7B C:\WINDOWS\System32\DRIVERS\cmdguard.sys 16F731584ECBA307EB4AD9C4D8507B27 C:\WINDOWS\System32\DRIVERS\cmdhlp.sys 1FAAF13D85A36D448238F53C42FE7A67 C:\WINDOWS\System32\DRIVERS\disk.sys 044452051F3E02E7963599FC8F4F3E25 C:\WINDOWS\System32\drivers\dmboot.sys D992FE1274BDE0F84AD826ACAE022A41 C:\WINDOWS\System32\drivers\dmio.sys 7C824CF7BBDE77D95C08005717A95F6F C:\WINDOWS\System32\drivers\dmload.sys E9317282A63CA4D188C0DF5E09C6AC5F C:\WINDOWS\System32\drivers\DMusic.sys 8A208DFCF89792A484E76C40E5F50B45 C:\WINDOWS\System32\drivers\drmkaud.sys 8F5FCFF8E8848AFAC920905FBD9D33C8 C:\WINDOWS\system32\Drivers\Fastfat.sys 38D332A6D56AF32635675F132548343E C:\WINDOWS\System32\DRIVERS\fasttx2k.sys 1E580770BDECE924494B368AC980749E C:\WINDOWS\System32\DRIVERS\fdc.sys 92CDD60B6730B9F50F6A1A0C1F8CDC81 C:\WINDOWS\system32\Drivers\Fips.sys D45926117EB9FA946A6AF572FBE1CAA3 C:\WINDOWS\System32\DRIVERS\flpydisk.sys 9D27E7B80BFCDF1CDD9B555862D5E7F0 C:\WINDOWS\System32\drivers\fltmgr.sys B2CF4B0786F8212CB92ED2B50C6DB6B0 C:\WINDOWS\system32\Drivers\Fs_Rec.sys 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A C:\WINDOWS\System32\DRIVERS\ftdisk.sys 6AC26732762483366C3969C9E4D2259D C:\WINDOWS\System32\DRIVERS\GEARAspiWDM.sys 2FB04DB459C71F416EE8B05448CA4AC3 C:\WINDOWS\System32\DRIVERS\msgpc.sys 0A02C63C8B144BD8C86B103DEE7C86A2 C:\WINDOWS\System32\drivers\HdAudio.sys 160B24FD894E79E71C983EA403A6E6E7 C:\WINDOWS\System32\DRIVERS\HDAudBus.sys 573C7D0A32852B48F3058CFD8026F511 C:\WINDOWS\System32\DRIVERS\hidusb.sys CCF82C5EC8A7326C3066DE870C06DAF1 C:\WINDOWS\System32\DRIVERS\hmd.sys 0E69D8294A78C7AB4A7CEE1F5F9D2546 C:\WINDOWS\System32\Drivers\HTTP.sys F80A415EF82CD06FFAF0D971528EAD38 C:\WINDOWS\System32\DRIVERS\i8042prt.sys 4A0B06AA8943C1E332520F7440C0AA30 C:\WINDOWS\System32\DRIVERS\ialmnt5.sys 737DA0BE27652C4482AC5CDE099BFCE9 C:\WINDOWS\System32\DRIVERS\imapi.sys 083A052659F5310DD8B6A6CB05EDCF8E C:\WINDOWS\System32\DRIVERS\inspect.sys F84E7F907434450B00E753D44AEC8EAA C:\WINDOWS\System32\drivers\RtkHDAud.sys 44792CCBC7B41B42EC068C6416D17DE1 C:\WINDOWS\System32\DRIVERS\intelide.sys B5466A9250342A7AA0CD1FBA13420678 C:\WINDOWS\System32\DRIVERS\intelppm.sys 8C953733D8F36EB2133F5BB58808B66B C:\WINDOWS\System32\drivers\ip6fw.sys 3BB22519A194418D5FEC05D800A19AD0 C:\WINDOWS\System32\DRIVERS\ipinip.sys B87AB476DCF76E72010632B5550955F5 C:\WINDOWS\System32\DRIVERS\ipnat.sys CC748EA12C6EFFDE940EE98098BF96BB C:\WINDOWS\System32\DRIVERS\ipsec.sys 23C74D75E36E7158768DD63D92789A91 C:\WINDOWS\System32\DRIVERS\irenum.sys C93C9FF7B04D772627A3646D89F7BF89 C:\WINDOWS\System32\DRIVERS\isapnp.sys 05A299EC56E52649B1CF2FC52D20F2D7 C:\WINDOWS\System32\DRIVERS\kbdclass.sys 463C1EC80CD17420A542B7F36A36F128 C:\WINDOWS\System32\drivers\kmixer.sys 692BCF44383D056AED41B045A323D378 C:\WINDOWS\system32\Drivers\KSecDD.sys B467646C54CC746128904E1654C750C1 C:\WINDOWS\system32\drivers\mbam.sys D2DED3C333A5D9CB3F4C244B0F0DD877 C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys 8E2E9CCD873ABF180F48BCAEEEBE347D C:\WINDOWS\system32\Drivers\mnmdd.sys 4AE068242760A1FB6E1A44BF4E16AFA6 C:\WINDOWS\system32\Drivers\Modem.sys DFCBAD3CEC1C5F964962AE10E0BCC8E1 C:\WINDOWS\System32\DRIVERS\mouclass.sys 35C9E97194C8CFB8430125F8DBC34D04 C:\WINDOWS\System32\DRIVERS\mouhid.sys B1C303E17FB9D46E87A98E4BA6769685 C:\WINDOWS\system32\Drivers\MountMgr.sys A80B9A0BAD1B73637DBCBBA7DF72D3FD C:\WINDOWS\System32\DRIVERS\MpFilter.sys E77DC03DD3C8E5A388BF9EED2A28F3D1 C:\WINDOWS\System32\DRIVERS\mrxdav.sys 11D42BB6206F33FBB3BA0288D3EF81BD C:\WINDOWS\System32\DRIVERS\mrxsmb.sys 7D304A5EB4344EBEEAB53A2FE3FFB9F0 C:\WINDOWS\system32\Drivers\Msfs.sys C941EA2454BA8350021D774DAF0F1027 C:\WINDOWS\System32\drivers\MSKSSRV.sys D1575E71568F4D9E14CA56B7B0453BF1 C:\WINDOWS\System32\drivers\MSPCLOCK.sys 325BB26842FC7CCC1FCCE2C457317F3E C:\WINDOWS\System32\drivers\MSPQM.sys BAD59648BA099DA4A17680B39730CB3D C:\WINDOWS\System32\DRIVERS\mssmbios.sys AF5F4F3F14A8EA2C26DE30F7A1E17136 C:\WINDOWS\System32\drivers\MSTEE.sys E53736A9E30C45FA9E7B5EAC55056D1D C:\WINDOWS\system32\Drivers\Mup.sys DE6A75F5C270E756C5508D94B6CF68F5 C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys 5B50F1B2A2ED47D560577B221DA734DB C:\WINDOWS\system32\Drivers\NDIS.sys 1DF7F42665C94B825322FAE71721130D C:\WINDOWS\System32\DRIVERS\NdisIP.sys 7FF1F1FD8609C149AA432F95A8163D97 C:\WINDOWS\System32\DRIVERS\ndistapi.sys 0109C4F3850DFBAB279542515386AE22 C:\WINDOWS\System32\DRIVERS\ndisuio.sys F927A4434C5028758A842943EF1A3849 C:\WINDOWS\System32\DRIVERS\ndiswan.sys EDC1531A49C80614B2CFDA43CA8659AB C:\WINDOWS\system32\Drivers\NDProxy.sys 2F597BB467E05B1FE3830EABD821B8E0 C:\WINDOWS\System32\DRIVERS\netbios.sys 5D81CF9A2F1A3A756B66CF684911CDF0 C:\WINDOWS\System32\DRIVERS\netbt.sys 74B2B2F5BEA5E9A3DC021D685551BD3D C:\WINDOWS\System32\DRIVERS\nic1394.sys E9E47CFB2D461FA0FC75B7A74C6383EA C:\WINDOWS\system32\Drivers\Npfs.sys 3182D64AE053D6FB034F44B6DEF8034A C:\WINDOWS\system32\Drivers\Ntfs.sys 78A08DD6A8D65E697C18E1DB01C5CDCA C:\WINDOWS\system32\Drivers\Null.sys 73C1E1F395918BC2C6DD67AF7591A3AD C:\WINDOWS\System32\DRIVERS\nwlnkflt.sys B305F3FAD35083837EF46A0BBCE2FC57 C:\WINDOWS\System32\DRIVERS\nwlnkfwd.sys C99B3415198D1AAB7227F2C88FD664B9 C:\WINDOWS\System32\DRIVERS\ohci1394.sys CA33832DF41AFB202EE7AEB05145922F C:\WINDOWS\System32\DRIVERS\parport.sys 5575FAF8F97CE5E713D108C2A58D7C7C C:\WINDOWS\system32\Drivers\PartMgr.sys BEB3BA25197665D82EC7065B724171C6 C:\WINDOWS\system32\Drivers\ParVdm.sys 70E98B3FD8E963A6A46A2E6247E0BEA1 C:\WINDOWS\System32\DRIVERS\pcdrndisuio.sys 505CBA425DF3BB230F244E1C23221058 C:\WINDOWS\System32\DRIVERS\pci.sys A219903CCF74233761D92BEF471A07B1 C:\WINDOWS\System32\DRIVERS\pciide.sys CCF5F451BB1A5A2A522A76E670000FF0 C:\WINDOWS\system32\Drivers\Pcmcia.sys 9E89EF60E9EE05E3F2EEF2DA7397F1C1 C:\WINDOWS\System32\DRIVERS\raspptp.sys EFEEC01B1D3CF84F16DDD24D9D9D8F99 C:\WINDOWS\System32\DRIVERS\PS2.sys 390C204CED3785609AB24E9C52054A84 C:\WINDOWS\System32\DRIVERS\psched.sys 09298EC810B07E5D582CB3A3F9255424 C:\WINDOWS\System32\DRIVERS\ptilink.sys 80D317BD1C3DBC5D4FE7B1678C60CADD C:\WINDOWS\System32\Drivers\PxHelp20.sys 7C81AE3C9B82BA2DA437ED4D31BC56CF C:\WINDOWS\System32\DRIVERS\rasacd.sys FE0D99D6F31E4FAD8159F690D68DED9C C:\WINDOWS\System32\DRIVERS\rasl2tp.sys 11B4A627BC9614B885C4969BFA5FF8A6 C:\WINDOWS\System32\DRIVERS\raspppoe.sys 5BC962F2654137C9909C3D4603587DEE C:\WINDOWS\System32\DRIVERS\raspti.sys FDBB1D60066FCFBB7452FD8F9829B242 C:\WINDOWS\System32\DRIVERS\rdbss.sys 7AD224AD1A1437FE28D89CF22B17780A C:\WINDOWS\System32\DRIVERS\RDPCDD.sys 4912D5B403614CE99C28420F75353332 C:\WINDOWS\system32\Drivers\RDPWD.sys 43AF5212BD8FB5BA6EED9754358BD8F7 C:\WINDOWS\System32\DRIVERS\redbook.sys F828DD7E1419B6653894A8F97A0094C5 C:\WINDOWS\System32\DRIVERS\Rtlnicxp.sys 1A2A445E8968B2019E75E08F3A1344FC C:\WINDOWS\System32\DRIVERS\RTL8139.SYS D507C1400284176573224903819FFDA3 C:\WINDOWS\System32\DRIVERS\secdrv.sys ==> MD5 is legit C:\WINDOWS\system32\Drivers\Serial.sys CCA207A8896D4C6A0C9CE29A4AE411A7 C:\WINDOWS\system32\Drivers\Sfloppy.sys 8E6B8C671615D126FDC553D1E2DE5562 C:\WINDOWS\System32\DRIVERS\SLIP.sys 866D538EBE33709A5C9F5C62B73B7D14 C:\WINDOWS\System32\drivers\splitter.sys AB8B92451ECB048A4D1DE7C3FFCB4A9F C:\WINDOWS\System32\DRIVERS\sr.sys 76BB022C2FB6902FD5BDD4F78FC13A5D C:\WINDOWS\System32\DRIVERS\srv.sys 47DDFC2F003F7F9F0592C6874962A2E7 C:\WINDOWS\System32\DRIVERS\StreamIP.sys 77813007BA6265C4B6098187E6ED79D2 C:\WINDOWS\System32\DRIVERS\swenum.sys 3941D127AEF12E93ADDF6FE6EE027E0F C:\WINDOWS\System32\drivers\swmidi.sys 8CE882BCC6CF8A62F2B2323D95CB3D01 C:\WINDOWS\System32\DRIVERS\sxuptp.sys C8A43978DADCF12B7E40A0577227DFBC C:\WINDOWS\System32\drivers\sysaudio.sys 8B83F3ED0F1688B4958F77CD6D2BF290 C:\WINDOWS\System32\DRIVERS\tcpip.sys 9AEFA14BD6B182D61E3119FA5F436D3D C:\WINDOWS\system32\Drivers\TDPIPE.sys 6471A66807F5E104E4885F5B67349397 C:\WINDOWS\system32\Drivers\TDTCP.sys C56B6D0402371CF3700EB322EF3AAF61 C:\WINDOWS\System32\DRIVERS\termdd.sys 88155247177638048422893737429D9E C:\WINDOWS\system32\drivers\TrueSight.sys 446118FFFF5576434393AE4551A5CA74 C:\WINDOWS\system32\Drivers\Udfs.sys 5787B80C2E3C5E2F56C2A233D91FA2C9 C:\WINDOWS\System32\DRIVERS\update.sys 402DDC88356B1BAC0EE3DD1580C76A31 C:\WINDOWS\System32\drivers\usbaudio.sys 65898A183FBF1D1F7759D5CCB364DCD4 C:\WINDOWS\System32\DRIVERS\usbccgp.sys 1B611611C28D2DF25BC057D79C6F13FC C:\WINDOWS\System32\DRIVERS\usbehci.sys 4BAC8DF07F1D8434FC640E677A62204E C:\WINDOWS\System32\DRIVERS\usbhub.sys 1AB3CDDE553B6E064D2E754EFE20285C C:\WINDOWS\System32\DRIVERS\usbscan.sys F8EDE2B6928970DCE3D5614C27D9E7F6 C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS A32426D9B14A089EAA1D922E0C5801A9 C:\WINDOWS\System32\DRIVERS\usbuhci.sys 26496F9DEE2D787FC3E61AD54821FFE6 C:\WINDOWS\System32\drivers\vga.sys 0D3A8FAFCEACD8B7625CD549757A7DF1 C:\WINDOWS\system32\DRIVERS\viaide.sys 3B3EFCDA263B8AC14FDF9CBDD0791B2E C:\WINDOWS\system32\Drivers\VolSnap.sys 4C8FCB5CC53AAB716D810740FE59D025 C:\WINDOWS\System32\DRIVERS\wanarp.sys E20B95BAEDB550F32DD489265C1DA1F6 C:\WINDOWS\System32\DRIVERS\wceusbsh.sys 4C0B8EF721783F52F8E531FBDC4B1F74 C:\WINDOWS\System32\drivers\wdmaud.sys 6768ACF64B18196494413695F0C3A00F C:\WINDOWS\System32\drivers\ws2ifsl.sys 6ABE6E225ADB5A751622A9CC3BC19CE8 C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS C98B39829C2BBD34E454150633C62C78 C:\WINDOWS\System32\DRIVERS\WudfPf.sys F15FEAFFFBB3644CCC80C5DA584E6311 C:\WINDOWS\System32\DRIVERS\wudfrd.sys 28B524262BCE6DE1F7EF9F510BA3985B ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-27 14:29 - 2014-10-27 14:29 - 00000000 ____D () C:\Documents and Settings\All Users\desktop\MBAM check log in works 2014-10-27 14:26 - 2014-10-27 14:26 - 00028708 _____ () C:\Documents and Settings\Biomed\desktop\MBAM check results in open office.odt 2014-10-27 14:24 - 2014-10-27 14:24 - 00000000 ____D () C:\Documents and Settings\Biomed\desktop\MBAM logs 10-27-2014 2014-10-23 20:22 - 2014-10-23 20:42 - 00022547 _____ () C:\Documents and Settings\Biomed\desktop\UNC Greensboro.odt 2014-10-20 21:15 - 2014-10-20 21:15 - 00063600 _____ () C:\Documents and Settings\Biomed\desktop\MBAMCheckResults.txt10-20-2014.txt 2014-10-19 21:20 - 2014-10-19 21:20 - 00043008 _____ () C:\Documents and Settings\Biomed\desktop\Candy recipes.wps 2014-10-19 10:48 - 2014-10-25 20:10 - 00033747 _____ () C:\Documents and Settings\Biomed\desktop\PSY Homework.odt 2014-10-17 19:47 - 2014-10-17 19:47 - 00000000 ____D () C:\Documents and Settings\Administrator Pam\Application Data\Memeo 2014-10-17 19:46 - 2014-10-17 19:46 - 00000000 ____D () C:\Documents and Settings\Administrator Pam\Application Data\Seagate 2014-10-15 13:03 - 2014-10-15 15:44 - 00000000 ____D () C:\WINDOWS\SxsCaPendDel 2014-10-12 13:38 - 2014-10-12 13:38 - 00000000 ____D () C:\Documents and Settings\Biomed\Application Data\Unity 2014-10-12 13:30 - 2014-10-20 21:12 - 00000000 ____D () C:\Documents and Settings\Biomed\Local Settings\Application Data\Unity 2014-10-10 16:00 - 2014-10-10 16:00 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\MemeoCommon 2014-10-10 15:56 - 2014-10-10 15:56 - 00000000 ____D () C:\Documents and Settings\Biomed\Application Data\Memeo 2014-10-10 15:52 - 2014-10-10 15:52 - 00000000 ____D () C:\Documents and Settings\LocalService\Application Data\Seagate 2014-10-10 15:52 - 2014-10-10 15:52 - 00000000 ____D () C:\Documents and Settings\Biomed\Application Data\Seagate 2014-10-10 14:40 - 2014-10-10 14:40 - 00000945 _____ () C:\Documents and Settings\All Users\desktop\Seagate Dashboard.lnk 2014-10-10 14:40 - 2014-10-10 14:40 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Seagate Dashboard 2014-10-10 14:39 - 2014-10-10 14:39 - 00000000 ____D () C:\Program Files\Memeo 2014-10-10 14:39 - 2014-10-10 14:39 - 00000000 ____D () C:\Program Files\Common Files\Memeo 2014-10-10 14:39 - 2014-10-10 14:39 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\Application Data\ServiceTest 2014-10-10 14:39 - 2014-10-10 14:39 - 00000000 ____D () C:\Documents and Settings\Biomed\Local Settings\Application Data\temp 2014-10-10 14:39 - 2014-10-10 14:39 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Memeo 2014-10-06 13:48 - 2014-10-06 13:50 - 00000000 ____D () C:\Documents and Settings\Administrator Pam\My Documents\INSTRUCTIONS TO POSSIBLY FIX THE UP DATE ISSUE WITH FIRE FOX 2014-10-06 10:19 - 2014-10-06 10:20 - 00000000 ____D () C:\Documents and Settings\Administrator Pam\Local Settings\Application Data\Adobe 2014-10-05 14:39 - 2014-10-19 15:13 - 00035588 _____ () C:\Documents and Settings\Biomed\desktop\History Documents.odt 2014-10-03 10:03 - 2014-10-03 10:03 - 00056529 _____ () C:\Documents and Settings\Biomed\desktop\MBAMCheckResults.txt10-3-2014.txt 2014-10-03 10:01 - 2014-10-27 11:36 - 00063600 _____ () C:\Documents and Settings\Biomed\desktop\CheckResults.txt 2014-09-29 20:34 - 2014-09-29 20:34 - 00015478 _____ () C:\Documents and Settings\Biomed\My Documents\My letter to Timex about my watches.odt ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-29 11:12 - 2014-04-25 17:37 - 00000000 ____D () C:\Documents and Settings\Biomed\Local Settings\temp 2014-10-29 11:11 - 2014-04-23 16:01 - 00000000 ____D () C:\Documents and Settings\Biomed\desktop\FRST-OlderVersion 2014-10-29 11:11 - 2013-07-11 13:11 - 00000000 ____D () C:\FRST 2014-10-29 11:10 - 2014-08-27 10:33 - 00000440 _____ () C:\WINDOWS\Tasks\COMODO Scan {141AECDD-A802-44D4-AD26-9AC193B9807D}.job 2014-10-29 11:10 - 2014-05-13 14:03 - 00000440 _____ () C:\WINDOWS\Tasks\COMODO Scan {4439D323-FD55-4375-BAD7-6EE4D256E847}.job 2014-10-29 11:10 - 2014-05-02 14:42 - 00000440 _____ () C:\WINDOWS\Tasks\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}.job 2014-10-29 11:10 - 2014-05-02 14:42 - 00000440 _____ () C:\WINDOWS\Tasks\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}.job 2014-10-29 11:10 - 2014-05-02 14:42 - 00000440 _____ () C:\WINDOWS\Tasks\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22}.job 2014-10-29 11:10 - 2014-05-02 14:42 - 00000440 _____ () C:\WINDOWS\Tasks\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9}.job 2014-10-29 11:02 - 2014-05-02 14:41 - 01474832 _____ () C:\WINDOWS\system32\Drivers\sfi.dat 2014-10-29 10:07 - 2014-09-18 09:33 - 00000406 _____ () C:\WINDOWS\Tasks\ReclaimerUpdateXML_Biomed.job 2014-10-29 06:32 - 2014-05-02 15:46 - 02832258 _____ () C:\WINDOWS\system32\Drivers\fvstore.dat 2014-10-29 02:24 - 2014-07-17 12:02 - 00114904 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2014-10-28 18:48 - 2014-09-18 09:33 - 00000410 _____ () C:\WINDOWS\Tasks\ReclaimerUpdateFiles_Biomed.job 2014-10-28 17:42 - 2014-05-09 23:05 - 01791146 _____ () C:\WINDOWS\WindowsUpdate.log 2014-10-28 07:00 - 2014-05-10 07:36 - 00032506 ____N () C:\WINDOWS\SchedLgU.Txt 2014-10-28 06:14 - 2014-09-18 09:33 - 00000416 _____ () C:\WINDOWS\Tasks\RNUpgradeHelperLogonPrompt_Biomed.job 2014-10-28 06:13 - 2014-04-30 14:58 - 00000224 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job 2014-10-28 06:13 - 2013-09-12 10:55 - 00000288 _____ () C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-605865402-4069305935-1106247723-1011.job 2014-10-28 06:13 - 2013-09-12 10:55 - 00000280 _____ () C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-605865402-4069305935-1106247723-1011.job 2014-10-28 06:13 - 2013-08-02 22:17 - 00000280 _____ () C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-605865402-4069305935-1106247723-1011.job 2014-10-27 22:48 - 2014-05-10 07:37 - 00000159 ____N () C:\WINDOWS\wiadebug.log 2014-10-27 22:47 - 2014-05-10 07:37 - 00000050 ____N () C:\WINDOWS\wiaservc.log 2014-10-27 22:46 - 2005-01-27 22:12 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2014-10-27 21:18 - 2014-05-02 15:44 - 00131072 _____ () C:\WINDOWS\system32\config\COMODO I.evt 2014-10-27 21:18 - 2005-08-01 08:44 - 00000178 ___SH () C:\Documents and Settings\Biomed\ntuser.ini 2014-10-27 14:29 - 2005-09-27 08:54 - 00041274 _____ () C:\Documents and Settings\Biomed\Application Data\wklnhst.dat 2014-10-27 14:27 - 2005-05-26 12:16 - 00000000 ____D () C:\WINDOWS\system32\FxsTmp 2014-10-27 11:53 - 2011-05-09 16:05 - 00000693 _____ () C:\Documents and Settings\All Users\desktop\CCleaner.lnk 2014-10-27 11:53 - 2010-09-19 22:34 - 00000000 ____D () C:\Program Files\CCleaner 2014-10-27 11:28 - 2014-09-09 21:10 - 00000000 ____D () C:\Documents and Settings\Biomed\Local Settings\Application Data\Adobe 2014-10-27 11:14 - 2013-11-19 13:59 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2014-10-27 11:14 - 2012-04-03 22:59 - 00701104 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2014-10-27 11:14 - 2011-05-13 13:12 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2014-10-27 11:10 - 2014-04-25 22:14 - 00000000 ____D () C:\Documents and Settings\Biomed\desktop\for malwarebytes 2014-10-27 11:07 - 2005-08-01 08:44 - 00000000 ____D () C:\Documents and Settings\Biomed 2014-10-25 09:07 - 2010-10-25 19:27 - 00000000 ____D () C:\Documents and Settings\Biomed\desktop\Pam 2014-10-25 07:20 - 2014-04-06 18:08 - 00066337 _____ () C:\Documents and Settings\Biomed\desktop\To print.odt 2014-10-23 10:46 - 2013-08-02 22:17 - 00000288 _____ () C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-605865402-4069305935-1106247723-1011.job 2014-10-23 03:13 - 2013-10-20 21:25 - 00000458 _____ () C:\WINDOWS\Tasks\Defrag.job 2014-10-20 20:59 - 2014-07-17 12:01 - 00000788 _____ () C:\Documents and Settings\All Users\desktop\Malwarebytes Anti-Malware.lnk 2014-10-20 20:59 - 2014-07-17 12:01 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware 2014-10-20 20:59 - 2014-07-17 12:00 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware 2014-10-17 19:48 - 2014-04-25 17:37 - 00000000 ____D () C:\Documents and Settings\Administrator Pam\Local Settings\temp 2014-10-15 15:49 - 2005-01-26 17:58 - 00524812 _____ () C:\WINDOWS\system32\PerfStringBackup.INI 2014-10-15 15:41 - 2013-09-13 21:46 - 00000000 ____D () C:\WINDOWS\system32\MRT 2014-10-15 13:05 - 2008-04-08 11:23 - 100290944 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2014-10-10 14:39 - 2014-09-24 06:52 - 00000000 ____D () C:\Program Files\Seagate 2014-10-09 05:43 - 2014-04-30 14:58 - 00000218 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job 2014-10-08 06:09 - 2013-03-10 20:34 - 00000178 ___SH () C:\Documents and Settings\Administrator Pam\ntuser.ini 2014-10-06 09:31 - 2012-04-26 18:55 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2014-10-06 09:18 - 2012-04-13 16:21 - 00008600 _____ () C:\WINDOWS\system32\lvcoinst.log 2014-10-06 09:14 - 2014-09-24 08:58 - 00000000 ____D () C:\Program Files\Mozilla Firefox.bak 2014-10-03 12:12 - 2014-09-03 13:01 - 00000000 ____D () C:\Documents and Settings\Biomed\desktop\College home work papers and stuff for Brent 9-2-2014 2014-10-01 11:11 - 2014-07-17 12:00 - 00054360 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2014-10-01 11:11 - 2014-06-09 13:50 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys 2014-09-29 20:43 - 2013-06-22 09:49 - 00033296 _____ () C:\Documents and Settings\Biomed\desktop\Carburetor troubleshooting & tips ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== End Of Log ============================

That is all I have. !

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 23-04-2014 Ran by Biomed at 2014-04-25 21:57:27 Running from C:\Documents and Settings\Biomed\desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: Immunet 3 (Disabled - Up to date) {F1220F1F-7E2E-48CD-846D-B98C6F85CD37} ==================== Installed Programs ====================== Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated) Acrobat.com (Version: 0.0.0 - Adobe Systems Incorporated) Hidden Adobe AIR (HKLM\...\Adobe AIR) (Version: 2.7.1.19610 - Adobe Systems Incorporated) Adobe AIR (Version: 2.7.1.19610 - Adobe Systems Incorporated) Hidden Adobe Flash Player 12 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated) Adobe Flash Player 13 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 13.0.0.182 - Adobe Systems Incorporated) Adobe Reader XI (11.0.06) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated) Agere Systems PCI Soft Modem (HKLM\...\Agere Systems Soft Modem) (Version: - ) AiO_Scan (Version: 47.0.1.000 - Hewlett-Packard) Hidden AiOSoftware (Version: 47.0.1.000 - Hewlett-Packard) Hidden Amazon Kindle (HKLM\...\Amazon Kindle) (Version: - Amazon) BackupManager (HKLM\...\{0B0FABBA-6F8D-4087-B0FB-BF8AB57A0FEF}) (Version: 1.00.0000 - GLi) Belkin Setup and Router Monitor (HKLM\...\Belkin Setup and Router Monitor_is1) (Version: - ) Belkin USB Print and Storage Center (HKLM\...\Belkin USB Print and Storage Center) (Version: 1.0.0 - Belkin International, Inc.) Blackhawk Striker 2 from Hewlett-Packard Desktops (remove only) (HKLM\...\58D1A004-6D3C-480A-9E0D-FAA58F3C2A62) (Version: - ) Blasterball 2 from Hewlett-Packard Desktops (remove only) (HKLM\...\8C4E79CC-03E1-43AA-9910-9A5113F24603) (Version: - ) Blasterball 2 Holidays from Hewlett-Packard Desktops (remove only) (HKLM\...\B41503CB-5FE0-47E0-87C1-47BA8E660BCC) (Version: - ) Blasterball 2 Remix from Hewlett-Packard Desktops (remove only) (HKLM\...\B151D9AC-5E4E-4AD0-96C9-5A6C9EC23502) (Version: - ) Bounce Symphony from Hewlett-Packard Desktops (remove only) (HKLM\...\D11F7128-8CBD-408B-8BF8-034604DEDD42) (Version: - ) BufferChm (Version: 45.4.157.000 - Hewlett-Packard) Hidden CameraDrivers (Version: 4.5.0.211 - Hewlett-Packard) Hidden CCleaner (HKLM\...\CCleaner) (Version: 4.12 - Piriform) Chinese Simplified Fonts Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-2447-0000-900000000003}) (Version: 9.0.0 - Adobe Systems Incorporated) Copy (Version: 45.4.157.000 - Hewlett-Packard) Hidden CP_AtenaShokunin1Config (Version: 45.4.131.000 - Hewlett-Packard) Hidden cp_dwSharkTaleAlbums1 (Version: 45.4.157.000 - Hewlett-Packard) Hidden cp_dwSharkTaleCards1 (Version: 45.4.157.000 - Hewlett-Packard) Hidden cp_dwShrek2Albums1 (Version: 45.4.157.000 - Hewlett-Packard) Hidden cp_dwShrek2Cards1 (Version: 45.4.157.000 - Hewlett-Packard) Hidden CP_PLSBusinessFlyers (Version: 45.4.157.000 - Hewlett-Packard) Hidden CreativeProjects (Version: 45.4.157.000 - Hewlett-Packard) Hidden CreativeProjectsTemplates (Version: 45.4.157.000 - Hewlett-Packard) Hidden Crystal Maze from Hewlett-Packard Desktops (remove only) (HKLM\...\DAE7A92A-BAC7-42FA-AC62-53DEF1DC4292) (Version: - ) CueTour (Version: 45.4.157.000 - Hewlett-Packard) Hidden Destinations (Version: 45.4.157.000 - Hewlett-Packard) Hidden Director (Version: 45.4.157.000 - Hewlett-Packard) Hidden Disk SpeedUp 1.4.0.888 (HKLM\...\Disk SpeedUp) (Version: 1.4.0.888 - Glarysoft Ltd) DocProc (Version: 4.5.0.0 - Hewlett-Packard) Hidden DocumentViewer (Version: 45.4.157.000 - Hewlett-Packard) Hidden Easy Internet Sign-up (HKLM\...\InstallShield_{8105684D-8CA6-440D-8F58-7E5FD67A499D}) (Version: FE UI-3.2.0.1491 - Hewlett-Packard) Easy Internet Sign-up (Version: FE UI-3.2.0.1491 - Hewlett-Packard) Hidden Enhanced Multimedia Keyboard Solution (HKLM\...\KBD) (Version: - ) ERUNT 1.1j (HKLM\...\ERUNT_is1) (Version: - Lars Hederer) ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - ) Family Tree For Dummies (HKLM\...\Family Tree For Dummies_is1) (Version: - Anuman Interactive) Fax (Version: 47.0.1.000 - Hewlett-Packard) Hidden Final Drive Nitro from Hewlett-Packard Desktops (remove only) (HKLM\...\741C4983-B139-407A-AD4E-3D6C7B29704B) (Version: - ) Glary Utilities 4.9 (HKLM\...\Glary Utilities 4) (Version: 4.9.0.99 - Glarysoft Ltd) Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: - ) GoToMeeting 4.5.0.457 (HKCU\...\GoToMeeting) (Version: - ) Help and Support Additions (HKLM\...\Help and Support Additions) (Version: 3.0.5 - Hewlett Packard) High Definition Audio Driver Package - KB835221 (HKLM\...\KB835221WXP) (Version: 20040219.000000 - Microsoft Corporation) HP Boot Optimizer (HKLM\...\{3BA95526-6AE0-4B87-A62D-17187EF565FC}) (Version: 1.0.2 - Hewlett-Packard) HP Deskjet Printer Preload (HKLM\...\{2C5D07FB-31A2-4F2D-9FDA-0B24ACD42BD0}) (Version: 10.1.0 - Hewlett-Packard Company) HP Image Zone 4.8.6 (HKLM\...\HP Photo & Imaging) (Version: 4.8.6 - HP) HP Image Zone Plus 4.8.6 (HKLM\...\{32498B7B-E1F3-4ad5-A23B-F26414E94BE0}) (Version: 4.8.6 - HP) HP Organize (HKLM\...\{D0122362-6333-4DE4-93F6-A5A2F3CC101A}) (Version: - ) HP Photosmart Cameras 4.5 (HKLM\...\{ABA2B37F-AB88-486e-870A-52454A23FEE0}) (Version: 4.5 - HP) HP Product Assistant (Version: 2.0.0.0 - Hewlett-Packard) Hidden HP Product Detection (HKLM\...\{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}) (Version: 10.7.8.0 - Hewlett-Packard Company) HP PSC & OfficeJet 4.7 (HKLM\...\{342C7C88-D335-4bc2-8CF1-281857629CE2}) (Version: - HP) HP Update (HKLM\...\{FE57DE70-95DE-4B64-9266-84DA811053DB}) (Version: 4.000.012.001 - Hewlett-Packard) HPIZplus450 (Version: 48.2.6.0 - Hewlett-Packard) Hidden HpSdpAppCoreApp (Version: 3.00.0000 - Hewlett-Packard) Hidden HPSystemDiagnostics (Version: 1.6.0.0 - Your Company Name) Hidden IBM iSeries Access for Windows (HKLM\...\ClientAccessExpress) (Version: - ) IBM iSeries Access for Windows SI29771 (HKLM\...\ClientAccessExpressSP) (Version: - ) Immunet 3 (HKLM\...\Immunet Protect) (Version: 3.1.8.9583 - Sourcefire, Inc.) InstantShare (Version: 45.4.157.000 - Hewlett-Packard) Hidden Intel® Graphics Media Accelerator Driver (HKLM\...\{8A708DD8-A5E6-11D4-A706-000629E95E20}) (Version: - ) IntelliMover Data Transfer Demo (HKLM\...\{14589F05-C658-4594-9429-D437BA688686}) (Version: - ) InterVideo WinDVD Player (HKLM\...\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}) (Version: 5.0-B11.767 - InterVideo Inc.) iTunes (HKLM\...\InstallShield_{BE20E2F5-1903-4AAE-B1AF-2046E586C925}) (Version: 4.7.0.42 - Apple Computer, Inc.) iTunes (Version: 4.7.0.42 - Apple Computer, Inc.) Hidden Lexibox Deluxe from Hewlett-Packard Desktops (remove only) (HKLM\...\E2A4EA31-80A1-4460-9510-631AF4D6A636) (Version: - ) Logitech Webcam Software (HKLM\...\{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}) (Version: 12.10.1113 - Logitech Inc.) Logitech Webcam Software Driver Package (HKLM\...\lvdrivers_12.10) (Version: 12.10.1110 - Logitech Inc.) LS_HSI (Version: 1.4.27.1 - Integrator) Hidden Malwarebytes Anti-Malware version 2.0.1.1004 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation) Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - ) Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version: - ) Microsoft .NET Framework 1.1 Security Update (KB2742597) (HKLM\...\M2742597) (Version: - ) Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version: - ) Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation) Microsoft Access 2000 SR-1 Runtime (HKLM\...\{004F0409-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.3821 - Microsoft Corporation) Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden Microsoft Automated Troubleshooting Services Shim (HKLM\...\{c9920352-04e6-469d-bab8-e2b9c7c75415}.sdb) (Version: - ) Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation) Microsoft Download Manager (HKLM\...\{654977DB-0001-0002-0001-EABD228DDE8B}) (Version: 1.2.1 - Microsoft Corporation) Microsoft Internationalized Domain Names Mitigation APIs (Version: - Microsoft Corporation) Hidden Microsoft National Language Support Downlevel APIs (Version: - Microsoft Corporation) Hidden Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Standard Edition 2003 (HKLM\...\{91120409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation) Microsoft Plus! Dancer LE (HKLM\...\{1A103D70-5C9B-4E1A-B306-5106C68F9914}) (Version: 1.1.0.3522 - Microsoft Corporation) Microsoft Plus! Digital Media Edition Installer (HKLM\...\{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}) (Version: 1.1.0.3500 - Microsoft Corporation) Microsoft Plus! Photo Story 2 LE (HKLM\...\{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}) (Version: 1.1.0.3463 - Microsoft Corporation) Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version: - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Works (HKLM\...\{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}) (Version: 08.04.0623 - Microsoft Corporation) Mozilla Firefox 28.0 (x86 en-US) (HKLM\...\Mozilla Firefox 28.0 (x86 en-US)) (Version: 28.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla) mp (Version: 05.04.0000 - IBM) Hidden mpmri (Version: 05.04.0000 - IBM) Hidden MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) muvee autoProducer 4.0 (HKLM\...\{FC10C922-52E9-4739-ACD0-EB0FF035EE7E}) (Version: 4.00.050 - muvee Technologies) OpenOffice.org 3.3 (HKLM\...\{3E171899-0175-47CC-84C4-562ACDD4C021}) (Version: 3.3.9567 - OpenOffice.org) Overball from Hewlett-Packard Desktops (remove only) (HKLM\...\6723E59E-322A-417A-8E03-27A61E18253C) (Version: - ) PanoStandAlone (Version: 45.4.157.000 - Hewlett-Packard) Hidden PC-Doctor for Windows (HKLM\...\InstallShield_{19C989C4-50AE-43A4-B06E-8C70FFFF852F}) (Version: 1.06.005 - PC-Doctor, Inc.) PC-Doctor for Windows (Version: 1.06.005 - PC-Doctor, Inc.) Hidden Phoenix Assault from Hewlett-Packard Desktops (remove only) (HKLM\...\7CEF0F00-BA1B-4861-A102-38CC86CA622B) (Version: - ) PhotoGallery (Version: 45.4.157.000 - Hewlett-Packard) Hidden Polar Bowler from Hewlett-Packard Desktops (remove only) (HKLM\...\36317AE4-57EC-4F3E-B828-009A3DD96BE8) (Version: - ) Polar Golfer from Hewlett-Packard Desktops (remove only) (HKLM\...\B2D3332F-EA2D-42B3-8E4A-F74D052BCBC1) (Version: - ) PrintScreen (Version: 43.1.5.000 - Hewlett-Packard) Hidden PS2 (HKLM\...\PS2) (Version: - ) PSPrinters06 (Version: 1.00.0000 - HP) Hidden Python 2.2 pywin32 extensions (build 203) (HKLM\...\pywin32-py2.2) (Version: - ) Python 2.2.3 (HKLM\...\Python 2.2.3) (Version: 2.2.3 - PythonLabs at Zope Corporation) QFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden QuickProjects (Version: 43.1.5.000 - Hewlett-Packard) Hidden QuickTime (HKLM\...\QuickTime) (Version: - ) Readme (Version: 47.0.1.000 - Hewlett-Packard) Hidden RealDownloader (Version: 1.3.3 - RealNetworks, Inc.) Hidden RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden RealPlayer (HKLM\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks) RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden Remove Microsoft Money 2005 installer (HKLM\...\Money) (Version: - ) Remove Quicken New User Edition installer (HKLM\...\Quicken_NUE) (Version: - ) Remove WeatherBug installer (HKLM\...\WeatherBug) (Version: - ) Scan (Version: 4.5.0.0 - Hewlett-Packard) Hidden ScannerCopy (Version: 4.5.0.0 - Hewlett-Packard) Hidden Shooting Stars Pool from Hewlett-Packard Desktops (remove only) (HKLM\...\14DD9322-0AAE-4DA4-90A9-EB42CF296127) (Version: - ) SkinsHP1 (Version: 45.4.157.000 - Hewlett-Packard) Hidden Slyder from Hewlett-Packard Desktops (remove only) (HKLM\...\C2C3C2DB-7D8A-4E20-B527-E3149FAECC3A) (Version: - ) Smart Defrag 2 (HKLM\...\Smart Defrag 2_is1) (Version: 2.0.1 - IObit) Sonic Express Labeler (HKLM\...\{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}) (Version: 2.0.0 - Sonic Solutions) Sonic MyDVD Plus (HKLM\...\{21657574-BD54-48A2-9450-EB03B2C7FC29}) (Version: 6.1.0 - Sonic Solutions) Sonic RecordNow Audio (HKLM\...\{AB708C9B-97C8-4AC9-899B-DBF226AC9382}) (Version: 2.0.0 - Sonic Solutions) Sonic RecordNow Copy (HKLM\...\{B12665F4-4E93-4AB4-B7FC-37053B524629}) (Version: 2.0.0 - Sonic Solutions) Sonic RecordNow Data (HKLM\...\{075473F5-846A-448B-BCB3-104AA1760205}) (Version: 2.0.0 - Sonic Solutions) Super Granny from Hewlett-Packard Desktops (remove only) (HKLM\...\3F34F72F-9BB0-4B73-8312-558953ACF56F) (Version: - ) Tradewinds from Hewlett-Packard Desktops (remove only) (HKLM\...\F5215F01-DFC0-475D-A910-6F1AF94E807E) (Version: - ) TrayApp (Version: 45.4.157.000 - Hewlett-Packard) Hidden Tweaking.com - Windows Repair (All in One) (HKLM\...\Tweaking.com - Windows Repair (All in One)) (Version: 1.9.14 - Tweaking.com) Unload (Version: 4.5.0 - Hewlett-Packard) Hidden Update for Windows Internet Explorer 8 (KB976662) (HKLM\...\KB976662-IE8) (Version: 1 - Microsoft Corporation) Update for Windows XP (KB2141007) (HKLM\...\KB2141007) (Version: 1 - Microsoft Corporation) Update for Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation) Update for Windows XP (KB2467659) (HKLM\...\KB2467659) (Version: 1 - Microsoft Corporation) Update for Windows XP (KB2541763) (HKLM\...\KB2541763) (Version: 1 - Microsoft Corporation) Update for Windows XP (KB2607712) (HKLM\...\KB2607712) (Version: 1 - Microsoft Corporation) Update for Windows XP (KB2616676) (HKLM\...\KB2616676) (Version: 1 - Microsoft Corporation) Update for Windows XP (KB2641690) (HKLM\...\KB2641690) (Version: 1 - Microsoft Corporation) Update for Windows XP (KB2661254-v2) (HKLM\...\KB2661254-v2) (Version: 2 - Microsoft Corporation) Update for Windows XP (KB2718704) (HKLM\...\KB2718704) (Version: 1 - Microsoft Corporation) Update for Windows XP (KB2736233) (HKLM\...\KB2736233) (Version: 1 - Microsoft Corporation) Update for Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation) Update for Windows XP (KB2863058) (HKLM\...\KB2863058) (Version: 1 - Microsoft Corporation) Update for Windows XP (KB951072-v2) (HKLM\...\KB951072-v2) (Version: 2 - Microsoft Corporation) Update for Windows XP (KB951978) (HKLM\...\KB951978) (Version: 1 - Microsoft Corporation) Update for Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation) Update for Windows XP (KB955839) (HKLM\...\KB955839) (Version: 1 - Microsoft Corporation) Update for Windows XP (KB967715) (HKLM\...\KB967715) (Version: 1 - Microsoft Corporation) Update for Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation) Update for Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation) Update for Windows XP (KB971737) (HKLM\...\KB971737) (Version: 1 - Microsoft Corporation) Update for Windows XP (KB973687) (HKLM\...\KB973687) (Version: 1 - Microsoft Corporation) Update for Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation) Updates from HP (HKLM\...\BackWeb-309731 Uninstaller) (Version: - ) Video Mover (HKLM\...\Video Mover_is1) (Version: - ) VS10RuntimeWin32 (Version: 1.0.0 - immunet) Hidden WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden WebReg (Version: 45.4.157.000 - Hewlett-Packard) Hidden WildTangent Web Driver (HKLM\...\WildTangent CDA) (Version: - ) Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version: - Microsoft Corporation) Windows Internet Explorer 7 (Version: 20070813.185237 - Microsoft Corporation) Hidden Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation) Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - ) Windows Media Format 11 runtime (Version: - Microsoft Corporation) Hidden Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - ) Windows Media Player 11 (Version: - Microsoft Corporation) Hidden Windows PowerShell 1.0 (HKLM\...\KB926139-v2) (Version: 2 - Microsoft Corporation) Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation) ==================== Restore Points ========================= 25-01-2014 12:26:22 System Checkpoint 27-01-2014 23:17:33 System Checkpoint 29-01-2014 00:29:07 System Checkpoint 31-01-2014 20:55:32 System Checkpoint 02-02-2014 18:09:07 System Checkpoint 03-02-2014 22:16:51 System Checkpoint 05-02-2014 11:24:58 System Checkpoint 08-02-2014 02:15:54 System Checkpoint 09-02-2014 03:15:49 System Checkpoint 10-02-2014 03:55:45 System Checkpoint 12-02-2014 01:49:41 System Checkpoint 13-02-2014 23:44:31 System Checkpoint 15-02-2014 16:23:23 System Checkpoint 16-02-2014 17:36:28 System Checkpoint 17-02-2014 21:54:13 System Checkpoint 18-02-2014 22:29:01 System Checkpoint 20-02-2014 17:56:34 System Checkpoint 22-02-2014 02:55:53 System Checkpoint 23-02-2014 20:32:27 System Checkpoint 24-02-2014 22:27:28 System Checkpoint 27-02-2014 15:41:34 System Checkpoint 02-03-2014 01:28:35 System Checkpoint 03-03-2014 10:53:49 System Checkpoint 04-03-2014 23:33:00 System Checkpoint 06-03-2014 02:53:04 System Checkpoint 07-03-2014 11:43:39 System Checkpoint 08-03-2014 15:24:45 System Checkpoint 10-03-2014 01:24:53 System Checkpoint 11-03-2014 14:58:29 System Checkpoint 13-03-2014 15:29:00 System Checkpoint 15-03-2014 12:04:22 System Checkpoint 19-03-2014 04:05:59 System Checkpoint 20-03-2014 09:51:48 System Checkpoint 22-03-2014 15:28:47 System Checkpoint 23-03-2014 16:54:46 System Checkpoint 26-03-2014 10:35:20 System Checkpoint 28-03-2014 10:24:49 System Checkpoint 29-03-2014 13:10:52 System Checkpoint 31-03-2014 15:30:10 System Checkpoint 05-04-2014 01:26:01 System Checkpoint 06-04-2014 19:20:45 System Checkpoint 09-04-2014 00:14:45 System Checkpoint 10-04-2014 10:38:11 System Checkpoint 11-04-2014 11:04:55 System Checkpoint 12-04-2014 21:08:40 System Checkpoint 13-04-2014 21:24:21 System Checkpoint 01-01-2002 04:28:40 System Checkpoint 14-04-2014 22:24:10 System Checkpoint 16-04-2014 00:37:27 System Checkpoint 17-04-2014 00:59:26 System Checkpoint 18-04-2014 10:40:17 System Checkpoint 19-04-2014 13:50:57 System Checkpoint 20-04-2014 14:00:30 System Checkpoint 21-04-2014 15:00:43 System Checkpoint 22-04-2014 16:09:45 System Checkpoint 23-04-2014 17:15:57 System Checkpoint 25-04-2014 01:33:45 System Checkpoint ==================== Hosts content: ========================== 2004-08-04 07:00 - 2013-08-02 10:35 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\Defrag.job => C:\Program Files\Glarysoft\Disk SpeedUp\Defrag.exe Task: C:\WINDOWS\Tasks\GlaryInitialize 4.job => C:\Program Files\Glary Utilities 4\Initialize.exe Task: C:\WINDOWS\Tasks\Immunet Scan 70247031.job => C:\Program Files\Immunet\ips.exe Task: C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-605865402-4069305935-1106247723-1011.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe Task: C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-605865402-4069305935-1106247723-1011.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe Task: C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-605865402-4069305935-1106247723-1011.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe Task: C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-605865402-4069305935-1106247723-1011.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe ==================== Loaded Modules (whitelisted) ============= 2014-04-15 12:04 - 2014-04-15 12:04 - 00369920 _____ () C:\Program Files\Immunet\3.1.8\dhr.dll ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver" ==================== Disabled items from MSCONFIG ============== ==================== Faulty Device Manager Devices ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: SXUPTP Driver Description: SXUPTP Driver Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318} Manufacturer: Belkin International, Inc. Service: sxuptp Problem: : Windows cannot initialize the device driver for this hardware. (Code 37) Resolution: The driver returned failure from its DriverEntry routine. Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver. ==================== Event log errors: ========================= Application errors: ================== Error: (04/24/2014 00:00:55 AM) (Source: Application Error) (User: ) Description: Faulting application mbamscheduler.exe, version 2.0.23.0, faulting module msvcr100.dll, version 10.0.40219.325, fault address 0x0008d6fd. Processing media-specific event for [mbamscheduler.exe!ws!] Error: (04/23/2014 07:21:33 PM) (Source: ESENT) (User: ) Description: wuauclt (9544) Unable to write a shadowed header for file C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb. Error -1032. Error: (04/23/2014 07:21:33 PM) (Source: ESENT) (User: ) Description: wuauclt (9544) An attempt to open the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb" for read / write access failed with system error 5 (0x00000005): "Access is denied. ". The open file operation will fail with error -1032 (0xfffffbf8). Error: (04/23/2014 07:21:23 PM) (Source: ESENT) (User: ) Description: wuauclt (9544) An attempt to delete the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb" failed with system error 5 (0x00000005): "Access is denied. ". The delete file operation will fail with error -1032 (0xfffffbf8). Error: (04/23/2014 07:21:19 PM) (Source: ESENT) (User: ) Description: wuauclt (9544) An attempt to delete the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb" failed with system error 5 (0x00000005): "Access is denied. ". The delete file operation will fail with error -1032 (0xfffffbf8). Error: (04/23/2014 07:21:14 PM) (Source: ESENT) (User: ) Description: wuauclt (9544) An attempt to delete the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb" failed with system error 5 (0x00000005): "Access is denied. ". The delete file operation will fail with error -1032 (0xfffffbf8). Error: (04/23/2014 07:21:14 PM) (Source: ESENT) (User: ) Description: wuauclt (9544) An attempt to delete the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb" failed with system error 5 (0x00000005): "Access is denied. ". The delete file operation will fail with error -1032 (0xfffffbf8). Error: (04/23/2014 07:21:14 PM) (Source: ESENT) (User: ) Description: wuauclt (9544) An attempt to delete the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb" failed with system error 5 (0x00000005): "Access is denied. ". The delete file operation will fail with error -1032 (0xfffffbf8). Error: (04/23/2014 07:21:14 PM) (Source: ESENT) (User: ) Description: wuauclt (9544) An attempt to delete the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb" failed with system error 5 (0x00000005): "Access is denied. ". The delete file operation will fail with error -1032 (0xfffffbf8). Error: (04/23/2014 07:21:14 PM) (Source: ESENT) (User: ) Description: wuauclt (9544) An attempt to delete the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb" failed with system error 5 (0x00000005): "Access is denied. ". The delete file operation will fail with error -1032 (0xfffffbf8). System errors: ============= Error: (04/25/2014 09:46:52 PM) (Source: DCOM) (User: MSAIMH002) Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811} Error: (04/25/2014 09:23:18 PM) (Source: DCOM) (User: MSAIMH002) Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811} Error: (04/25/2014 09:22:07 PM) (Source: DCOM) (User: MSAIMH002) Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811} Error: (04/25/2014 09:21:56 PM) (Source: DCOM) (User: MSAIMH002) Description: DCOM got error "%%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E} Error: (04/25/2014 05:22:44 PM) (Source: DCOM) (User: MSAIMH002) Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811} Error: (04/25/2014 05:21:29 PM) (Source: DCOM) (User: MSAIMH002) Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811} Error: (04/25/2014 05:20:09 PM) (Source: DCOM) (User: MSAIMH002) Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811} Error: (04/25/2014 05:15:27 PM) (Source: DCOM) (User: MSAIMH002) Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811} Error: (04/25/2014 05:14:51 PM) (Source: DCOM) (User: MSAIMH002) Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811} Error: (04/25/2014 05:13:55 PM) (Source: DCOM) (User: MSAIMH002) Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811} Microsoft Office Sessions: ========================= Error: (04/24/2014 00:00:55 AM) (Source: Application Error)(User: ) Description: mbamscheduler.exe2.0.23.0msvcr100.dll10.0.40219.3250008d6fd Error: (04/23/2014 07:21:33 PM) (Source: ESENT)(User: ) Description: wuauclt9544C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb-1032 Error: (04/23/2014 07:21:33 PM) (Source: ESENT)(User: ) Description: wuauclt9544C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb-1032 (0xfffffbf8)5 (0x00000005)Access is denied. Error: (04/23/2014 07:21:23 PM) (Source: ESENT)(User: ) Description: wuauclt9544C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb-1032 (0xfffffbf8)5 (0x00000005)Access is denied. Error: (04/23/2014 07:21:19 PM) (Source: ESENT)(User: ) Description: wuauclt9544C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb-1032 (0xfffffbf8)5 (0x00000005)Access is denied. Error: (04/23/2014 07:21:14 PM) (Source: ESENT)(User: ) Description: wuauclt9544C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb-1032 (0xfffffbf8)5 (0x00000005)Access is denied. Error: (04/23/2014 07:21:14 PM) (Source: ESENT)(User: ) Description: wuauclt9544C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb-1032 (0xfffffbf8)5 (0x00000005)Access is denied. Error: (04/23/2014 07:21:14 PM) (Source: ESENT)(User: ) Description: wuauclt9544C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb-1032 (0xfffffbf8)5 (0x00000005)Access is denied. Error: (04/23/2014 07:21:14 PM) (Source: ESENT)(User: ) Description: wuauclt9544C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb-1032 (0xfffffbf8)5 (0x00000005)Access is denied. Error: (04/23/2014 07:21:14 PM) (Source: ESENT)(User: ) Description: wuauclt9544C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb-1032 (0xfffffbf8)5 (0x00000005)Access is denied.

FRST runs, and I did so 3 times. but the logs it creates are blank. not a single text is in them. ????? and I cannot attach them or find them and using Microsoft search can not find any logs from FRST except those I ran in Sept and the first of this month???? So I'll try and give you those. and they are good because this issue were working with has been effecting this computer since April of 2014 ! Additional scan result of Farbar Recovery Scan Tool (x86) Version: 23-04-2014 Ran by Biomed at 2014-05-09 23:00:09 Running from C:\Documents and Settings\Biomed\desktop Boot Mode: Safe Mode (minimal) ========================================================== ==================== Security Center ======================== AV: COMODO Antivirus (Disabled - Up to date) {043803A5-4F86-4ef7-AFC5-F6E02A79969B} ==================== Installed Programs ====================== Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated) Acrobat.com (Version: 0.0.0 - Adobe Systems Incorporated) Hidden Adobe AIR (HKLM\...\Adobe AIR) (Version: 2.7.1.19610 - Adobe Systems Incorporated) Adobe AIR (Version: 2.7.1.19610 - Adobe Systems Incorporated) Hidden Adobe Flash Player 12 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated) Adobe Flash Player 13 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 13.0.0.182 - Adobe Systems Incorporated) Adobe Reader XI (11.0.06) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated) Agere Systems PCI Soft Modem (HKLM\...\Agere Systems Soft Modem) (Version: - ) AiO_Scan (Version: 47.0.1.000 - Hewlett-Packard) Hidden AiOSoftware (Version: 47.0.1.000 - Hewlett-Packard) Hidden Amazon Kindle (HKLM\...\Amazon Kindle) (Version: - Amazon) BackupManager (HKLM\...\{0B0FABBA-6F8D-4087-B0FB-BF8AB57A0FEF}) (Version: 1.00.0000 - GLi) Belkin Setup and Router Monitor (HKLM\...\Belkin Setup and Router Monitor_is1) (Version: - ) Belkin USB Print and Storage Center (HKLM\...\Belkin USB Print and Storage Center) (Version: 1.0.0 - Belkin International, Inc.) Blackhawk Striker 2 from Hewlett-Packard Desktops (remove only) (HKLM\...\58D1A004-6D3C-480A-9E0D-FAA58F3C2A62) (Version: - ) Blasterball 2 from Hewlett-Packard Desktops (remove only) (HKLM\...\8C4E79CC-03E1-43AA-9910-9A5113F24603) (Version: - ) Blasterball 2 Holidays from Hewlett-Packard Desktops (remove only) (HKLM\...\B41503CB-5FE0-47E0-87C1-47BA8E660BCC) (Version: - ) Blasterball 2 Remix from Hewlett-Packard Desktops (remove only) (HKLM\...\B151D9AC-5E4E-4AD0-96C9-5A6C9EC23502) (Version: - ) Bounce Symphony from Hewlett-Packard Desktops (remove only) (HKLM\...\D11F7128-8CBD-408B-8BF8-034604DEDD42) (Version: - ) BufferChm (Version: 45.4.157.000 - Hewlett-Packard) Hidden CameraDrivers (Version: 4.5.0.211 - Hewlett-Packard) Hidden CCleaner (HKLM\...\CCleaner) (Version: 4.12 - Piriform) Chinese Simplified Fonts Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-2447-0000-900000000003}) (Version: 9.0.0 - Adobe Systems Incorporated) COMODO Antivirus (HKLM\...\{F1EC4151-805B-4097-B9BB-7D71A417AAF1}) (Version: 6.1.14723.2813 - COMODO Security Solutions Inc.) Comodo Dragon (HKLM\...\Comodo Dragon) (Version: 33.0.0.0 - COMODO) Copy (Version: 45.4.157.000 - Hewlett-Packard) Hidden CP_AtenaShokunin1Config (Version: 45.4.131.000 - Hewlett-Packard) Hidden cp_dwSharkTaleAlbums1 (Version: 45.4.157.000 - Hewlett-Packard) Hidden cp_dwSharkTaleCards1 (Version: 45.4.157.000 - Hewlett-Packard) Hidden cp_dwShrek2Albums1 (Version: 45.4.157.000 - Hewlett-Packard) Hidden cp_dwShrek2Cards1 (Version: 45.4.157.000 - Hewlett-Packard) Hidden CP_PLSBusinessFlyers (Version: 45.4.157.000 - Hewlett-Packard) Hidden CreativeProjects (Version: 45.4.157.000 - Hewlett-Packard) Hidden CreativeProjectsTemplates (Version: 45.4.157.000 - Hewlett-Packard) Hidden Crystal Maze from Hewlett-Packard Desktops (remove only) (HKLM\...\DAE7A92A-BAC7-42FA-AC62-53DEF1DC4292) (Version: - ) CueTour (Version: 45.4.157.000 - Hewlett-Packard) Hidden Destinations (Version: 45.4.157.000 - Hewlett-Packard) Hidden Director (Version: 45.4.157.000 - Hewlett-Packard) Hidden Disk SpeedUp 1.4.0.888 (HKLM\...\Disk SpeedUp) (Version: 1.4.0.888 - Glarysoft Ltd) DocProc (Version: 4.5.0.0 - Hewlett-Packard) Hidden DocumentViewer (Version: 45.4.157.000 - Hewlett-Packard) Hidden Easy Internet Sign-up (HKLM\...\InstallShield_{8105684D-8CA6-440D-8F58-7E5FD67A499D}) (Version: FE UI-3.2.0.1491 - Hewlett-Packard) Easy Internet Sign-up (Version: FE UI-3.2.0.1491 - Hewlett-Packard) Hidden Enhanced Multimedia Keyboard Solution (HKLM\...\KBD) (Version: - ) ERUNT 1.1j (HKLM\...\ERUNT_is1) (Version: - Lars Hederer) ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - ) Family Tree For Dummies (HKLM\...\Family Tree For Dummies_is1) (Version: - Anuman Interactive) Fax (Version: 47.0.1.000 - Hewlett-Packard) Hidden Final Drive Nitro from Hewlett-Packard Desktops (remove only) (HKLM\...\741C4983-B139-407A-AD4E-3D6C7B29704B) (Version: - ) GeekBuddy (HKLM\...\{B11635F3-55E6-4E40-B0A0-E026AAA4F9E1}) (Version: 4.11.94 - Comodo Security Solutions Inc) Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: - ) GoToMeeting 4.5.0.457 (HKCU\...\GoToMeeting) (Version: - ) Help and Support Additions (HKLM\...\Help and Support Additions) (Version: 3.0.5 - Hewlett Packard) High Definition Audio Driver Package - KB835221 (HKLM\...\KB835221WXP) (Version: 20040219.000000 - Microsoft Corporation) HP Boot Optimizer (HKLM\...\{3BA95526-6AE0-4B87-A62D-17187EF565FC}) (Version: 1.0.2 - Hewlett-Packard) HP Deskjet Printer Preload (HKLM\...\{2C5D07FB-31A2-4F2D-9FDA-0B24ACD42BD0}) (Version: 10.1.0 - Hewlett-Packard Company) HP Image Zone 4.8.6 (HKLM\...\HP Photo & Imaging) (Version: 4.8.6 - HP) HP Image Zone Plus 4.8.6 (HKLM\...\{32498B7B-E1F3-4ad5-A23B-F26414E94BE0}) (Version: 4.8.6 - HP) HP Organize (HKLM\...\{D0122362-6333-4DE4-93F6-A5A2F3CC101A}) (Version: - ) HP Photosmart Cameras 4.5 (HKLM\...\{ABA2B37F-AB88-486e-870A-52454A23FEE0}) (Version: 4.5 - HP) HP Product Assistant (Version: 2.0.0.0 - Hewlett-Packard) Hidden HP Product Detection (HKLM\...\{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}) (Version: 10.7.8.0 - Hewlett-Packard Company) HP PSC & OfficeJet 4.7 (HKLM\...\{342C7C88-D335-4bc2-8CF1-281857629CE2}) (Version: - HP) HP Update (HKLM\...\{FE57DE70-95DE-4B64-9266-84DA811053DB}) (Version: 4.000.012.001 - Hewlett-Packard) HPIZplus450 (Version: 48.2.6.0 - Hewlett-Packard) Hidden HpSdpAppCoreApp (Version: 3.00.0000 - Hewlett-Packard) Hidden HPSystemDiagnostics (Version: 1.6.0.0 - Your Company Name) Hidden IBM iSeries Access for Windows (HKLM\...\ClientAccessExpress) (Version: - ) IBM iSeries Access for Windows SI29771 (HKLM\...\ClientAccessExpressSP) (Version: - ) InstantShare (Version: 45.4.157.000 - Hewlett-Packard) Hidden Intel® Graphics Media Accelerator Driver (HKLM\...\{8A708DD8-A5E6-11D4-A706-000629E95E20}) (Version: - ) IntelliMover Data Transfer Demo (HKLM\...\{14589F05-C658-4594-9429-D437BA688686}) (Version: - ) InterVideo WinDVD Player (HKLM\...\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}) (Version: 5.0-B11.767 - InterVideo Inc.) iTunes (HKLM\...\InstallShield_{BE20E2F5-1903-4AAE-B1AF-2046E586C925}) (Version: 4.7.0.42 - Apple Computer, Inc.) iTunes (Version: 4.7.0.42 - Apple Computer, Inc.) Hidden Lexibox Deluxe from Hewlett-Packard Desktops (remove only) (HKLM\...\E2A4EA31-80A1-4460-9510-631AF4D6A636) (Version: - ) Logitech Webcam Software (HKLM\...\{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}) (Version: 12.10.1113 - Logitech Inc.) Logitech Webcam Software Driver Package (HKLM\...\lvdrivers_12.10) (Version: 12.10.1110 - Logitech Inc.) LS_HSI (Version: 1.4.27.1 - Integrator) Hidden Malwarebytes Anti-Malware version 2.0.1.1004 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation) Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - ) Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version: - ) Microsoft .NET Framework 1.1 Security Update (KB2742597) (HKLM\...\M2742597) (Version: - ) Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version: - ) Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation) Microsoft Access 2000 SR-1 Runtime (HKLM\...\{004F0409-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.3821 - Microsoft Corporation) Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden Microsoft Automated Troubleshooting Services Shim (HKLM\...\{c9920352-04e6-469d-bab8-e2b9c7c75415}.sdb) (Version: - ) Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation) Microsoft Download Manager (HKLM\...\{654977DB-0001-0002-0001-EABD228DDE8B}) (Version: 1.2.1 - Microsoft Corporation) Microsoft Internationalized Domain Names Mitigation APIs (Version: - Microsoft Corporation) Hidden Microsoft National Language Support Downlevel APIs (Version: - Microsoft Corporation) Hidden Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Standard Edition 2003 (HKLM\...\{91120409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation) Microsoft Plus! Dancer LE (HKLM\...\{1A103D70-5C9B-4E1A-B306-5106C68F9914}) (Version: 1.1.0.3522 - Microsoft Corporation) Microsoft Plus! Digital Media Edition Installer (HKLM\...\{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}) (Version: 1.1.0.3500 - Microsoft Corporation) Microsoft Plus! Photo Story 2 LE (HKLM\...\{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}) (Version: 1.1.0.3463 - Microsoft Corporation) Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version: - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Works (HKLM\...\{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}) (Version: 08.04.0623 - Microsoft Corporation) Mozilla Firefox 28.0 (x86 en-US) (HKLM\...\Mozilla Firefox 28.0 (x86 en-US)) (Version: 28.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla) mp (Version: 05.04.0000 - IBM) Hidden mpmri (Version: 05.04.0000 - IBM) Hidden MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) muvee autoProducer 4.0 (HKLM\...\{FC10C922-52E9-4739-ACD0-EB0FF035EE7E}) (Version: 4.00.050 - muvee Technologies) OpenOffice.org 3.3 (HKLM\...\{3E171899-0175-47CC-84C4-562ACDD4C021}) (Version: 3.3.9567 - OpenOffice.org) Overball from Hewlett-Packard Desktops (remove only) (HKLM\...\6723E59E-322A-417A-8E03-27A61E18253C) (Version: - ) PanoStandAlone (Version: 45.4.157.000 - Hewlett-Packard) Hidden PC-Doctor for Windows (HKLM\...\InstallShield_{19C989C4-50AE-43A4-B06E-8C70FFFF852F}) (Version: 1.06.005 - PC-Doctor, Inc.) PC-Doctor for Windows (Version: 1.06.005 - PC-Doctor, Inc.) Hidden Phoenix Assault from Hewlett-Packard Desktops (remove only) (HKLM\...\7CEF0F00-BA1B-4861-A102-38CC86CA622B) (Version: - ) PhotoGallery (Version: 45.4.157.000 - Hewlett-Packard) Hidden Polar Bowler from Hewlett-Packard Desktops (remove only) (HKLM\...\36317AE4-57EC-4F3E-B828-009A3DD96BE8) (Version: - ) Polar Golfer from Hewlett-Packard Desktops (remove only) (HKLM\...\B2D3332F-EA2D-42B3-8E4A-F74D052BCBC1) (Version: - ) PrintScreen (Version: 43.1.5.000 - Hewlett-Packard) Hidden PS2 (HKLM\...\PS2) (Version: - ) PSPrinters06 (Version: 1.00.0000 - HP) Hidden Python 2.2 pywin32 extensions (build 203) (HKLM\...\pywin32-py2.2) (Version: - ) Python 2.2.3 (HKLM\...\Python 2.2.3) (Version: 2.2.3 - PythonLabs at Zope Corporation) QFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden QuickProjects (Version: 43.1.5.000 - Hewlett-Packard) Hidden QuickTime (HKLM\...\QuickTime) (Version: - ) Readme (Version: 47.0.1.000 - Hewlett-Packard) Hidden RealDownloader (Version: 1.3.3 - RealNetworks, Inc.) Hidden RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden RealPlayer (HKLM\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks) RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden Remove Microsoft Money 2005 installer (HKLM\...\Money) (Version: - ) Remove Quicken New User Edition installer (HKLM\...\Quicken_NUE) (Version: - ) Remove WeatherBug installer (HKLM\...\WeatherBug) (Version: - ) Scan (Version: 4.5.0.0 - Hewlett-Packard) Hidden ScannerCopy (Version: 4.5.0.0 - Hewlett-Packard) Hidden Shooting Stars Pool from Hewlett-Packard Desktops (remove only) (HKLM\...\14DD9322-0AAE-4DA4-90A9-EB42CF296127) (Version: - ) SkinsHP1 (Version: 45.4.157.000 - Hewlett-Packard) Hidden Slyder from Hewlett-Packard Desktops (remove only) (HKLM\...\C2C3C2DB-7D8A-4E20-B527-E3149FAECC3A) (Version: - ) Smart Defrag 2 (HKLM\...\Smart Defrag 2_is1) (Version: 2.0.1 - IObit) Sonic Express Labeler (HKLM\...\{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}) (Version: 2.0.0 - Sonic Solutions) Sonic MyDVD Plus (HKLM\...\{21657574-BD54-48A2-9450-EB03B2C7FC29}) (Version: 6.1.0 - Sonic Solutions) Sonic RecordNow Audio (HKLM\...\{AB708C9B-97C8-4AC9-899B-DBF226AC9382}) (Version: 2.0.0 - Sonic Solutions) Sonic RecordNow Copy (HKLM\...\{B12665F4-4E93-4AB4-B7FC-37053B524629}) (Version: 2.0.0 - Sonic Solutions) Sonic RecordNow Data (HKLM\...\{075473F5-846A-448B-BCB3-104AA1760205}) (Version: 2.0.0 - Sonic Solutions) Super Granny from Hewlett-Packard Desktops (remove only) (HKLM\...\3F34F72F-9BB0-4B73-8312-558953ACF56F) (Version: - ) Tradewinds from Hewlett-Packard Desktops (remove only) (HKLM\...\F5215F01-DFC0-475D-A910-6F1AF94E807E) (Version: - ) TrayApp (Version: 45.4.157.000 - Hewlett-Packard) Hidden Tweaking.com - Windows Repair (All in One) (HKLM\...\Tweaking.com - Windows Repair (All in One)) (Version: 1.9.14 - Tweaking.com) Unload (Version: 4.5.0 - Hewlett-Packard) Hidden Update for Windows Internet Explorer 8 (KB976662) (HKLM\...\KB976662-IE8) (Version: 1 - Microsoft Corporation) Update for Windows XP (KB2141007) (HKLM\...\KB2141007) (Version: 1 - Microsoft Corporation) Update for Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation) Update for Windows XP (KB2467659) (HKLM\...\KB2467659) (Version: 1 - Microsoft Corporation) Update for Windows XP (KB2541763) (HKLM\...\KB2541763) (Version: 1 - Microsoft Corporation) Update for Windows XP (KB2607712) (HKLM\...\KB2607712) (Version: 1 - Microsoft Corporation) Update for Windows XP (KB2616676) (HKLM\...\KB2616676) (Version: 1 - Microsoft Corporation) Update for Windows XP (KB2641690) (HKLM\...\KB2641690) (Version: 1 - Microsoft Corporation) Update for Windows XP (KB2661254-v2) (HKLM\...\KB2661254-v2) (Version: 2 - Microsoft Corporation) Update for Windows XP (KB2718704) (HKLM\...\KB2718704) (Version: 1 - Microsoft Corporation) Update for Windows XP (KB2736233) (HKLM\...\KB2736233) (Version: 1 - Microsoft Corporation) Update for Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation) Update for Windows XP (KB2863058) (HKLM\...\KB2863058) (Version: 1 - Microsoft Corporation) Update for Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation) Update for Windows XP (KB2934207) (HKLM\...\KB2934207) (Version: 1 - Microsoft Corporation) Update for Windows XP (KB951072-v2) (HKLM\...\KB951072-v2) (Version: 2 - Microsoft Corporation) Update for Windows XP (KB951978) (HKLM\...\KB951978) (Version: 1 - Microsoft Corporation) Update for Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation) Update for Windows XP (KB955839) (HKLM\...\KB955839) (Version: 1 - Microsoft Corporation) Update for Windows XP (KB967715) (HKLM\...\KB967715) (Version: 1 - Microsoft Corporation) Update for Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation) Update for Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation) Update for Windows XP (KB971737) (HKLM\...\KB971737) (Version: 1 - Microsoft Corporation) Update for Windows XP (KB973687) (HKLM\...\KB973687) (Version: 1 - Microsoft Corporation) Update for Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation) Updates from HP (HKLM\...\BackWeb-309731 Uninstaller) (Version: - ) Video Mover (HKLM\...\Video Mover_is1) (Version: - ) VS10RuntimeWin32 (Version: 1.0.0 - immunet) Hidden WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden WebReg (Version: 45.4.157.000 - Hewlett-Packard) Hidden WildTangent Web Driver (HKLM\...\WildTangent CDA) (Version: - ) Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version: - Microsoft Corporation) Windows Internet Explorer 7 (Version: 20070813.185237 - Microsoft Corporation) Hidden Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation) Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - ) Windows Media Format 11 runtime (Version: - Microsoft Corporation) Hidden Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - ) Windows Media Player 11 (Version: - Microsoft Corporation) Hidden Windows PowerShell 1.0 (HKLM\...\KB926139-v2) (Version: 2 - Microsoft Corporation) Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation) ==================== Restore Points ========================= 09-02-2014 03:15:49 System Checkpoint 10-02-2014 03:55:45 System Checkpoint 12-02-2014 01:49:41 System Checkpoint 13-02-2014 23:44:31 System Checkpoint 15-02-2014 16:23:23 System Checkpoint 16-02-2014 17:36:28 System Checkpoint 17-02-2014 21:54:13 System Checkpoint 18-02-2014 22:29:01 System Checkpoint 20-02-2014 17:56:34 System Checkpoint 22-02-2014 02:55:53 System Checkpoint 23-02-2014 20:32:27 System Checkpoint 24-02-2014 22:27:28 System Checkpoint 27-02-2014 15:41:34 System Checkpoint 02-03-2014 01:28:35 System Checkpoint 03-03-2014 10:53:49 System Checkpoint 04-03-2014 23:33:00 System Checkpoint 06-03-2014 02:53:04 System Checkpoint 07-03-2014 11:43:39 System Checkpoint 08-03-2014 15:24:45 System Checkpoint 10-03-2014 01:24:53 System Checkpoint 11-03-2014 14:58:29 System Checkpoint 13-03-2014 15:29:00 System Checkpoint 15-03-2014 12:04:22 System Checkpoint 19-03-2014 04:05:59 System Checkpoint 20-03-2014 09:51:48 System Checkpoint 22-03-2014 15:28:47 System Checkpoint 23-03-2014 16:54:46 System Checkpoint 26-03-2014 10:35:20 System Checkpoint 28-03-2014 10:24:49 System Checkpoint 29-03-2014 13:10:52 System Checkpoint 31-03-2014 15:30:10 System Checkpoint 05-04-2014 01:26:01 System Checkpoint 06-04-2014 19:20:45 System Checkpoint 09-04-2014 00:14:45 System Checkpoint 10-04-2014 10:38:11 System Checkpoint 11-04-2014 11:04:55 System Checkpoint 12-04-2014 21:08:40 System Checkpoint 13-04-2014 21:24:21 System Checkpoint 01-01-2002 04:28:40 System Checkpoint 14-04-2014 22:24:10 System Checkpoint 16-04-2014 00:37:27 System Checkpoint 17-04-2014 00:59:26 System Checkpoint 18-04-2014 10:40:17 System Checkpoint 19-04-2014 13:50:57 System Checkpoint 20-04-2014 14:00:30 System Checkpoint 21-04-2014 15:00:43 System Checkpoint 22-04-2014 16:09:45 System Checkpoint 23-04-2014 17:15:57 System Checkpoint 25-04-2014 01:33:45 System Checkpoint 26-04-2014 04:04:28 System Checkpoint 27-04-2014 15:21:41 System Checkpoint 28-04-2014 21:37:55 System Checkpoint 30-04-2014 10:46:08 System Checkpoint 30-04-2014 17:25:13 Software Distribution Service 3.0 02-05-2014 16:02:17 System Checkpoint 03-05-2014 16:40:53 System Checkpoint 04-05-2014 17:41:23 System Checkpoint 06-05-2014 00:09:47 System Checkpoint 07-05-2014 00:28:51 System Checkpoint 07-05-2014 17:03:06 Software Distribution Service 3.0 08-05-2014 17:43:20 System Checkpoint 09-05-2014 17:58:13 System Checkpoint ==================== Hosts content: ========================== 2004-08-04 07:00 - 2014-04-29 09:12 - 00000741 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9}.job => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe Task: C:\WINDOWS\Tasks\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22}.job => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe Task: C:\WINDOWS\Tasks\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}.job => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe Task: C:\WINDOWS\Tasks\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}.job => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe Task: C:\WINDOWS\Tasks\Defrag.job => C:\Program Files\Glarysoft\Disk SpeedUp\Defrag.exe Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe Task: C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-605865402-4069305935-1106247723-1011.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe Task: C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-605865402-4069305935-1106247723-1011.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe Task: C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-605865402-4069305935-1106247723-1011.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe Task: C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-605865402-4069305935-1106247723-1011.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe ==================== Loaded Modules (whitelisted) ============= 2014-05-09 11:58 - 2014-05-09 11:58 - 03972608 _____ () C:\Documents and Settings\Biomed\My Documents\Downloads\RogueKiller.exe 2011-03-06 21:35 - 2010-02-17 19:25 - 00132096 _____ () C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkLocalBackup.dll 2013-04-15 18:39 - 2013-04-15 18:39 - 00070352 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="1" ==================== Disabled items from MSCONFIG ============== ==================== Faulty Device Manager Devices ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: SXUPTP Driver Description: SXUPTP Driver Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318} Manufacturer: Belkin International, Inc. Service: sxuptp Problem: : Windows cannot initialize the device driver for this hardware. (Code 37) Resolution: The driver returned failure from its DriverEntry routine. Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver. ==================== Event log errors: ========================= Application errors: ================== Error: (05/09/2014 06:12:49 AM) (Source: ESENT) (User: ) Description: wuaueng.dll (4380) SUS20ClientDataStore: Error -1032 (0xfffffbf8) occurred while opening logfile C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log. Error: (05/09/2014 06:12:49 AM) (Source: ESENT) (User: ) Description: wuauclt (4380) An attempt to open the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8). Error: (05/09/2014 06:10:47 AM) (Source: ESENT) (User: ) Description: wuauclt (3368) An attempt to open the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8). Error: (05/09/2014 06:08:33 AM) (Source: ESENT) (User: ) Description: wuaueng.dll (3368) SUS20ClientDataStore: Error -1032 (0xfffffbf8) occurred while opening logfile C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log. Error: (05/09/2014 06:08:33 AM) (Source: ESENT) (User: ) Description: wuauclt (3368) An attempt to open the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log" for read only access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8). Error: (05/07/2014 03:03:23 PM) (Source: Application Error) (User: ) Description: Faulting application unit.exe, version 4.0.0.0, faulting module msvcr90.dll, version 9.0.30729.6161, fault address 0x0003ae7a. Processing media-specific event for [unit.exe!ws!] Error: (05/07/2014 02:33:44 PM) (Source: NativeWrapper) (User: ) Description: visualstudio7x80updatemsiexec.exe1.0.1722.5085kb28339411033643finstallx865.1.2600.2.3.0.7680 Error: (05/07/2014 02:32:45 PM) (Source: MsiInstaller) (User: NT AUTHORITY) Description: Product: Microsoft .NET Framework 1.1 - Update '{C0F0DCDC-99EA-4405-BDAE-CACABD3D2DF0}' could not be installed. Error code 1603. Additional information is available in the log file C:\WINDOWS\TEMP\NDP1.1sp1-KB2833941-X86\NDP1.1sp1-KB2833941-X86-msi.0.log. Error: (05/07/2014 02:29:41 PM) (Source: MsiInstaller) (User: NT AUTHORITY) Description: Product: Microsoft .NET Framework 1.1 -- Error 1706.No valid source could be found for product Microsoft .NET Framework 1.1. The Windows installer cannot continue. Error: (05/04/2014 08:43:31 AM) (Source: ESENT) (User: ) Description: wuauclt (6112) An attempt to open the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8). System errors: ============= Error: (05/09/2014 10:55:11 PM) (Source: DCOM) (User: MSAIMH002) Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811} Error: (05/09/2014 06:55:44 PM) (Source: DCOM) (User: MSAIMH002) Description: DCOM got error "%%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E} Error: (05/09/2014 06:30:53 PM) (Source: DCOM) (User: MSAIMH002) Description: DCOM got error "%%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E} Error: (05/09/2014 06:27:50 PM) (Source: DCOM) (User: MSAIMH002) Description: DCOM got error "%%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E} Error: (05/09/2014 06:27:09 PM) (Source: DCOM) (User: MSAIMH002) Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811} Error: (05/09/2014 06:23:36 PM) (Source: DCOM) (User: MSAIMH002) Description: DCOM got error "%%1084" attempting to start the service cmdAgent with arguments "" in order to run the server: {C288AC5A-D846-4696-8028-2DF6F508D0D9} Error: (05/09/2014 06:23:36 PM) (Source: DCOM) (User: MSAIMH002) Description: DCOM got error "%%1084" attempting to start the service cmdAgent with arguments "" in order to run the server: {C288AC5A-D846-4696-8028-2DF6F508D0D9} Error: (05/09/2014 06:23:35 PM) (Source: DCOM) (User: MSAIMH002) Description: DCOM got error "%%1084" attempting to start the service cmdAgent with arguments "" in order to run the server: {C288AC5A-D846-4696-8028-2DF6F508D0D9} Error: (05/09/2014 06:23:35 PM) (Source: DCOM) (User: MSAIMH002) Description: DCOM got error "%%1084" attempting to start the service cmdAgent with arguments "" in order to run the server: {C288AC5A-D846-4696-8028-2DF6F508D0D9} Error: (05/09/2014 06:23:35 PM) (Source: DCOM) (User: MSAIMH002) Description: DCOM got error "%%1084" attempting to start the service cmdAgent with arguments "" in order to run the server: {C288AC5A-D846-4696-8028-2DF6F508D0D9} Microsoft Office Sessions: ========================= Error: (05/09/2014 06:12:49 AM) (Source: ESENT)(User: ) Description: wuaueng.dll4380SUS20ClientDataStore: C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log-1032 (0xfffffbf8) Error: (05/09/2014 06:12:49 AM) (Source: ESENT)(User: ) Description: wuauclt4380C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log-1032 (0xfffffbf8)32 (0x00000020)The process cannot access the file because it is being used by another process. Error: (05/09/2014 06:10:47 AM) (Source: ESENT)(User: ) Description: wuauclt3368C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log-1032 (0xfffffbf8)32 (0x00000020)The process cannot access the file because it is being used by another process. Error: (05/09/2014 06:08:33 AM) (Source: ESENT)(User: ) Description: wuaueng.dll3368SUS20ClientDataStore: C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log-1032 (0xfffffbf8) Error: (05/09/2014 06:08:33 AM) (Source: ESENT)(User: ) Description: wuauclt3368C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log-1032 (0xfffffbf8)32 (0x00000020)The process cannot access the file because it is being used by another process. Error: (05/07/2014 03:03:23 PM) (Source: Application Error)(User: ) Description: unit.exe4.0.0.0msvcr90.dll9.0.30729.61610003ae7a Error: (05/07/2014 02:33:44 PM) (Source: NativeWrapper)(User: ) Description: visualstudio7x80updatemsiexec.exe1.0.1722.5085kb28339411033643finstallx865.1.2600.2.3.0.7680 Error: (05/07/2014 02:32:45 PM) (Source: MsiInstaller)(User: NT AUTHORITY) Description: Microsoft .NET Framework 1.1{C0F0DCDC-99EA-4405-BDAE-CACABD3D2DF0}1603C:\WINDOWS\TEMP\NDP1.1sp1-KB2833941-X86\NDP1.1sp1-KB2833941-X86-msi.0.log Error: (05/07/2014 02:29:41 PM) (Source: MsiInstaller)(User: NT AUTHORITY) Description: Product: Microsoft .NET Framework 1.1 -- Error 1706.No valid source could be found for product Microsoft .NET Framework 1.1. The Windows installer cannot continue.(NULL)(NULL)(NULL) Error: (05/04/2014 08:43:31 AM) (Source: ESENT)(User: ) Description: wuauclt6112C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log-1032 (0xfffffbf8)32 (0x00000020)The process cannot access the file because it is being used by another process.

In this one I see the word : error listed. maybe it means some thing to you. Malwarebytes Anti-Malware www.malwarebytes.org Update, 10/27/2014 2:14:03 AM, SYSTEM, MSAIMH002, Scheduler, Malware Database, 2014.10.26.4, 2014.10.26.8, Protection, 10/27/2014 2:14:08 AM, SYSTEM, MSAIMH002, Protection, Refresh, Starting, Protection, 10/27/2014 2:15:16 AM, SYSTEM, MSAIMH002, Protection, Refresh, Success, Scan, 10/27/2014 2:58:11 AM, SYSTEM, MSAIMH002, Manual, Start:10/27/2014 2:14:59 AM, Duration:43 min 2 sec, Threat Scan, Completed, 0 Malware Detections, 0 Non-Malware Detections, Protection, 10/27/2014 12:26:31 PM, SYSTEM, MSAIMH002, Protection, Malicious Website Protection, Starting, Protection, 10/27/2014 12:26:31 PM, SYSTEM, MSAIMH002, Protection, Malicious Website Protection, Failed, Error, 10/27/2014 12:26:31 PM, SYSTEM, MSAIMH002, Protection, PfMakeLog, 21, Update, 10/27/2014 1:05:33 PM, SYSTEM, MSAIMH002, Scheduler, Malware Database, 2014.10.26.8, 2014.10.27.3, Protection, 10/27/2014 1:05:34 PM, SYSTEM, MSAIMH002, Protection, Refresh, Starting, Protection, 10/27/2014 1:07:21 PM, SYSTEM, MSAIMH002, Protection, Refresh, Success, Protection, 10/27/2014 2:14:48 PM, SYSTEM, MSAIMH002, Protection, Malicious Website Protection, Starting, Protection, 10/27/2014 2:14:49 PM, SYSTEM, MSAIMH002, Protection, Malicious Website Protection, Failed, Error, 10/27/2014 2:14:49 PM, SYSTEM, MSAIMH002, Protection, PfMakeLog, 21, (end)