Anti root kit will not start, something to do with DLL driver....

gringo_pr · January 26, 2014

we will get to all of that just do what I have asked and let me know when you are done

gringo

flywelder · January 26, 2014

Ok then. Thanks for replying though. so here is info from MBAM , so you know, MBAM took 4.5 mins. to load, just to where i could click on get updates. also once the program loaded, I noticed that protection was completely disabled!...... and there were no check marks in the top two boxes! and I did not do this. I clicked to once again place the check marks in the boxes but that took 5 mins to happen, I just sat and waited to see if it would happen. I ran cCleaner. Later today or tomorrow I will post the results from a complete scan from both MBAM and HiJack this.

Also I forgot to mention that a couple days ago, when the computer rebooted, there was a error report that a update for office 2003 SP3 did not install properly.

Also with CCleaner, there are a great many boxes that are not checked, so I am wondering what ones u wanted me to check?.. I guess as it sits the program is set at default level. ..hope that makes sense.

I hope i attached the mbam log correctly, for i was not able to find it and I thought i copied it to paste it.. but apparently now I failed . So i searched and found a log with today's date and attached it.

Now on to the other scans and any others u add.

mbam-log-2014-01-26 (15-19-41).txt

flywelder · January 26, 2014

Oh, and there is a error that occurred some where with windows explorer and a pop up appeared / a window that suggested I send an error report to microsoft, so I did, it seemed to be the correct thing to do.

and MBAM is still holding in quarantine, two pups, that I have seen before, SO I am afraid to delete them because when I have done so in the past they seem to be found once again in later scans. Just thought you might want to know all this.

flywelder · January 26, 2014

SO here is an update also, appears Java can not check itself to be certain it is the correct one for my system ( so it says)

flywelder · January 26, 2014

Here is the report from MBAM. HiJack will be next.

Malwarebytes Anti-Malware (PRO) 1.75.0.1300
www.malwarebytes.org

Database version: v2014.01.26.06

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
User :: OWNER [administrator]

Protection: Enabled

1/26/2014 5:11:52 PM
mbam-log-2014-01-26 (17-11-52).txt

Scan type: Full scan (C:\|H:\|J:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 361636
Time elapsed: 1 hour(s), 22 minute(s), 50 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

flywelder · January 27, 2014

Hi jack this log.... I am surprised it ran so quickly, where malwarebytes takes well over an hr!

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 6:59:41 PM, on 1/26/2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Common Files\Nuance\dgnsvc.exe
C:\Program Files\Comodo\Dragon\dragon_updater.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe
C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe
C:\Program Files\Secunia\PSI\PSIA.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Secunia\PSI\sua.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Secunia\PSI\psi_tray.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cis.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\OpenOffice 4\program\swriter.exe
C:\Program Files\OpenOffice 4\program\soffice.exe
C:\Program Files\OpenOffice 4\program\soffice.bin
C:\Program Files\Glary Utilities 3\Integrator.exe
C:\Program Files\Glary Utilities 3\MemfilesService.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Documents and Settings\User\My Documents\Downloads\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: MSN Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1125.0\msneshellx.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: MSN Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1125.0\msneshellx.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Secunia PSI Tray.lnk = ?

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Plugin Control) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab

O16 - DPF: {3DCEC959-378A-4922-AD7E-FD5C925D927F} - http://disney.go.com/pirates/online/testActiveX/built/signed/DisneyOnlineGames.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1361121719812
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - http://aolsvc.aol.com/onlinegames/free-trial-yahtzee/zylomplayer.cab

O16 - DPF: {D27CDB6E-AE6D-0000-0000-000000000000} - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - http://3dlifeplayer.dl.3dvia.com/player/install/installer.exe
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://aolsvc.aol.com/onlinegames/bejeweled2/popcaploader_v10.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{EDAE720E-10F3-491F-8C93-AB0803E16410}: NameServer = 156.154.70.22,156.154.71.22
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: Dragon Service (DragonSvc) - Nuance Communications, Inc. - C:\Program Files\Common Files\Nuance\dgnsvc.exe
O23 - Service: COMODO Dragon Update Service (DragonUpdater) - Unknown owner - C:\Program Files\Comodo\Dragon\dragon_updater.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HOSTS Anti-PUPs - Unknown owner - C:\Program Files\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware.exe (file missing)
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: MemeoBackgroundService - Memeo - C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Seagate Dashboard Service (SeagateDashboardService) - Memeo - C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files\Secunia\PSI\PSIA.exe
O23 - Service: Secunia Update Agent - Secunia - C:\Program Files\Secunia\PSI\sua.exe

--
End of file - 9733 bytes

flywelder · January 27, 2014

I would like us to one day look at properly setting up my internet options , that I found in control panel.

gringo_pr · January 27, 2014

Greetings

These logs are looking very good, we are almost done!!! Just one more scan to go.

:Remove unneeded start-up entries:

This part of the fix is purely optional

These are programs that start up when you turn on your computer but don't need to be, any of these programs you can click on their icons (or start from the control panel) and start the program when you need it. By stopping these programs you will boot up faster and your computer will work faster.

Run HijackThis (rightclick and run as admin)
Click on the Scan button
Put a check beside all of the items listed below (if present):
- O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
  O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
  O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
  O4 - Global Startup: Secunia PSI Tray.lnk = ?
Close all open windows and browsers/email, etc...
Click on the "Fix Checked" button
When completed, close the application.
- NOTE**You can research each of those lines >here< and see if you want to keep them or not
  just copy the name between the brackets and paste into the search space
  O4 - HKLM\..\Run: [IntelliPoint]

Eset Online Scanner

**Note** You will need to use Internet explorer for this scan - Vista and win 7 right click on IE shortcut and run as admin

Go Eset web page to run an online scanner from ESET.

Turn off the real time scanner of any existing antivirus program while performing the online scan
click on the Run ESET Online Scanner button
Tick the box next to YES, I accept the Terms of Use.
- Click Start
When asked, allow the add/on to be installed
- Click Start
Make sure that the option Remove found threats is unticked
Click on Advanced Settings, ensure the options
- Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
Click Scan
wait for the virus definitions to be downloaded
Wait for the scan to finish

When the scan is complete

If no threats were found
- put a checkmark in "Uninstall application on close"
- close program
- report to me that nothing was found

If threats were found
- click on "list of threats found"
- click on "export to text file" and save it as ESET SCAN and save to the desktop
- Click on back
- put a checkmark in "Uninstall application on close"
- click on finish
- close program
- copy and paste the report here

Gringo

flywelder · January 29, 2014

Tried to attache the hijackthis logs as attachments and was stopped. So I tried copying and pasting them here, and I was not allowed to do that. Both times this site said I was not permitted to upload this kind of file. I don't understand. have you an explanation and suggestions?

I'll be running the Eset scan next and will report back with that .

gringo_pr · January 29, 2014

Let me have the eset scan when it is done and we do not need the hijackthis report

gringo

flywelder · January 31, 2014

eset scan.txtSO Internet exploere took 4 mins to load. and each page I typed in or used the mouse to click on took 3 to 4 mins to load... honest, no kidding. .. internet explorer is a very slow browser, I was not impressed by internet explorer. is it normal for internet explorer to be this slow?

I would like to share with malwarebytes and comodo the threats eset found, as I think both programs should have found these threats during their scans. So by my sharing these with them, they can find cures for these and include those in future updates and there by I can feel I am doing my part of giving back to help others. ...So Gringo, how do I share these findings with them?

Eset found 8 infections. For unknown reasons I am unable to paste the report here ? So I attached it. I hope that is suitable for you?.

I believe Hijack this found infections also, as it wanted me to correct or fix something. I can't remember what or to be certain though. I wish i could have been able to post it here! the results are probably here on this computer some where, if you want them and tell me how to get them to you , I will.

Thanks Gringo!

gringo_pr · February 1, 2014

Hello flywelder

What eset found wee PUP type programs bundled in with installers

first I would like you to go here and click on the fixit button - http://support.microsoft.com/kb/923737

Then I want you to do the following

Start Internet Explorer.
click on "safety"
click on "Delete Browsing History"
make sure all boxes are checked
click on "Delete"
click on "Tools",
click "Internet Options".
On the "Advanced" tab, click "Reset"
put a check mark next to "Delete Personal Settings"
click "Reset" to confirm
when complete click the "Close" button
restart IE

Gringo

flywelder · February 1, 2014

ok but when i do I am taken to a page that says how to reset internet explorer.. and I do NOT see any fix it button to click on. am I being redirected when I copy and paste that web address? what shall I do?

Also, so you know, I used to be able to , but I am now unable to simply click on hyperlinks in your replies now.........and just so you know, I'm using www.live.com for my email.

flywelder · February 2, 2014

i thought you would like to know that now the computer is regularly bringing up small windows that say, 'Error, Flash player plug in, is not responding'. what is this about?

flywelder · February 2, 2014

OK. I still see no so called " fix it button" so I didn't get anythoing from that web page. I did do what you asked with internet explorer. however, on my computer under tools and internet options , advanced tab, I saw no listing for 'Delete personal settings' i did see where I could delete internet history, and to clear temp files when exiting the internet. so I put a check mark at both, because doing so sounded like a good thing to have happen. I also clicked on the reset button. I clicked on the apply button and then close. perhaps the reason i didn't find exactly what you described is because I amusing Windows, XP Pro version 2002 with service pack 3. ?

Also. should it be important, you should know that as i type this reply, I am using internet explorer, and the spell check for this page is not working for me, SO i am proof reading this myself hoping I catch all my mistakes, there have beeen 8 so far.

gringo_pr · February 2, 2014

Hello

Spell check does not come with IE 8 for XP and will need to use a third party add/on

you had replied several times and I am not sure if they were before or after the reset so after the reset how are things working

gringo

flywelder · February 3, 2014

Well, I have not seen the flash player error for 24 hrs. now.

I know nothing about third party spell checkers for internet explorer. So what do you recommend?

When I use fire fox, which I do 98% of the time, I can not click on hyperlinks. I once was before we started these corrections. What can be done about that?

There is a error report that an update for windows office 2003 could not be installed. I would like you to look into this also. attached is a zipped screen print I made of the error.

Updates can't be installed 2-03-2014.zip

gringo_pr · February 3, 2014

Hello flywelder

I want you to reset firefox back to defaults, this will remove everything from Firefox

I will let you keep your bookmarks so to do that you can go here - Export BookMarks

Now to reset firefox do the following.

At the top of the Firefox window, click the "Firefox" button,
go over to the "Help" sub-menu
- (on Windows XP, click the Help menu at the top of the Firefox window) and select "Troubleshooting Information".
Click the "Reset Firefox" button in the upper-right corner of the Troubleshooting Information page.
click "Reset Firefox" in the confirmation window that opens.
Firefox will close and be reset. When it's done. Click "Finish" and Firefox will open.

restart the computer and check firefox for me now

Gringo

flywelder · February 5, 2014

letting you know I have followed your instructions, and I am curently testing my computer, road test... will inform you what I find soon. stand by.

gringo_pr · February 5, 2014

OK I will be waiting to hear from you

Gringo

gringo_pr · February 11, 2014

Hello

48 Hour bump

It has been more than 48 hours since my last post.

do you still need help with this?
do you need more time?
are you having problems following my instructions?
if after 48hrs you have not replied to this thread then it will have to be closed!

Gringo

flywelder · February 12, 2014

Hi again! and thanks for waiting on me. I tried to test run everything I could think of, and put it threw the paces! and yet Im sure I missed something. Yet, The test run results are back and indicate that systems seem to be running well hurah! ....all but one issue. That issue being, that hyper links doesnt work in my yahoo mail now. Allow me to elaborate. if anemail sent to my yahoo mail account, has a hyperlink text that I am to click on,.. I am not able to simply click on it any more like I once could. Now I must copy and paste it. which is bad for me, because if I happen to have something else already copied into my clip board, I can't copy and paste the web address....so I must go threw extra steps....which slow me down.

Oh and I still have my saved book marks on my desk top.

But you have done well so far! I am pleased! and I send to to you my congratulations and hand shake!

So what is our next steps?

flywelder · February 12, 2014

Today we have issues. allow me to elaborate.

When I booted up the computer today, The hard drive is clicking away which I have now learned means it is 'busy writing' and getting to the internet is taking 3 -4 minutes.! using firefox or internet explorer.

signing into yahoo is taking another 3-4 minutes! right now as I type the hard drive is clicking away ! when Im off line the hard drive is clicking away. " writing like mad"!

Spell check is not working here at this site today and I am using firefox.

also When I clciked the firefox icon to go online, a "notice window appeared " about a script not working, and I couldn't get on line. I have attached a screen print of that notice.

I also attached a scren print showing task manager. .. I did so becasue I am thinking too much "stuff" or "software" MUST be running and perhaps casuing these issues? Or could it stil be a virus? could I be experiencing one of those so called key loggers? or something that is sending info to a hacker, that I am online?

I would like you to look over everything that task manager says is running and loaded to this computer. surely there is some programs or software, ( or whatever they are called) that is maliciuose and causing me problems and to be slow. ??? :unsure: also it took 30 sec. just to place this smiley face icon here!

Also, my hard drive is low on space suddenly. and defrag is un able to defrag several squares ( sectors, or what ever they are called) !???

Please tel me what I can do to allow you to see task manager, and all unnessessary programs etc. and all the issues Ihave talked about. I want to be as much help as I can and thus give you the info you need for us to succeed.

Thanks so much. oops so I can't attache the screen print says it is too large, jh how do I make it smaller? so anyway the error said:

Script:https://s.yimg.com/lq/lib/reg/js/yahoo_container_min_json_min_connection_main-min-new.js:21

gringo_pr · February 13, 2014

Hello flywelder

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

Gringo

flywelder · February 16, 2014

Hi!....Here are the Farbar reports....wow there is a lot of items listed here!...i wonder if I need all these to have the compouter function correctly? Also, the computer is struggling to carry out two commands simutaniusly instigated by me using the mouse and clicking. it can take upwards to a minute or more just to open a doc. or move a doc. to the recycle bin or simply to close it. I don't dare open a open office doc. work with it, and then minimize it, and open the internet, then attempt to bring up the open office doc. again to add some text....wow!... I could eat a sandwich before these are commands are completed.!

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-02-2014 01
Ran by User (administrator) on OWNER on 16-02-2014 11:51:53
Running from C:\Documents and Settings\User\My Documents\Downloads
Microsoft Windows XP Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(ATI Technologies Inc.) C:\WINDOWS\system32\Ati2evxx.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\Ati2evxx.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
(Nuance Communications, Inc.) C:\Program Files\Common Files\Nuance\dgnsvc.exe
() C:\Program Files\Comodo\Dragon\dragon_updater.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(Memeo) C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(Memeo) C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe
(Secunia) C:\Program Files\Secunia\PSI\PSIA.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Secunia) C:\Program Files\Secunia\PSI\sua.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDCPL] - C:\WINDOWS\RTHDCPL.EXE [14854144 2005-09-22] (Realtek Semiconductor Corp.)
HKLM\...\Run: [COMODO Internet Security] - C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1576152 2013-11-11] (COMODO)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)
HKU\S-1-5-21-583907252-1123561945-839522115-1003\...\Run: [sUPERAntiSpyware] - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [5625624 2014-01-15] (SUPERAntiSpyware)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xFC124DCC011ECF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {4511BF98-B15D-45AE-A8EF-6C6787A86924} URL = http://www.flickr.com/search/?q={searchTerms}
SearchScopes: HKCU - {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = http://us.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo
SearchScopes: HKCU - {FC796E03-5790-48B0-9099-AD020E78AB48} URL = http://delicious.com/search?p={searchTerms}
BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: MSN Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1125.0\msneshellx.dll (Microsoft Corp.)
BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - MSN Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1125.0\msneshellx.dll (Microsoft Corp.)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab

DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/5/b/0/5b0d4654-aa20-495c-b89f-c1c34c691085/LegitCheckControl.cab
DPF: {3DCEC959-378A-4922-AD7E-FD5C925D927F} http://disney.go.com/pirates/online/testActiveX/built/signed/DisneyOnlineGames.cab
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1361121719812
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} http://aolsvc.aol.com/onlinegames/free-trial-yahtzee/zylomplayer.cab
DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab

DPF: {D27CDB6E-AE6D-0000-0000-000000000000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} http://3dlifeplayer.dl.3dvia.com/player/install/installer.exe
DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} http://aolsvc.aol.com/onlinegames/bejeweled2/popcaploader_v10.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [113024 2011-07-18] (SuperAdBlocker.com)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{EDAE720E-10F3-491F-8C93-AB0803E16410}: [NameServer]156.154.70.22,156.154.71.22

FireFox:
========
FF ProfilePath: C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\s07pzpgk.default-1391577194825
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.6 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin - C:\Documents and Settings\User\Local Settings\Application Data\Citrix\Plugins\97\npappdetector.dll (Citrix Online)
FF Plugin HKCU: @nsroblox.roblox.com/launcher - C:\Documents and Settings\User\Local Settings\Application Data\RobloxVersions\version-5acc042b77fe4879\\NPRobloxProxy.dll ( Roblox Corporation)
FF Plugin HKCU: @tnt2toolbar.com/Plugin - C:\Documents and Settings\User\Local Settings\Application Data\TNT2\2.0.0.1267\npTNT2.dll No File
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []

Chrome:
=======
CHR Extension: (Docs) - C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-04]
CHR Extension: (Google Search) - C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-04]
CHR HKLM\...\Chrome\Extension: [cmaiofennmphjldldcpphcechfnnohja] - C:\Program Files\AdTrustMedia\PrivDog\PrivDog_chrome.crx [2014-02-04]

========================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [116608 2012-07-11] (SUPERAntiSpyware.com)
S2 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [593920 2010-02-10] ()
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [4832192 2013-10-20] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [131288 2013-09-24] (COMODO)
R2 DragonSvc; C:\Program Files\Common Files\Nuance\dgnsvc.exe [296808 2010-07-23] (Nuance Communications, Inc.)
R2 DragonUpdater; C:\Program Files\Comodo\Dragon\dragon_updater.exe [2135232 2014-01-28] ()
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-01-26] (Oracle Corporation)
R2 LVCOMSer; C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe [186904 2008-02-05] (Logitech Inc.)
S2 LVSrvLauncher; C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe [141848 2008-02-05] (Logitech Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MemeoBackgroundService; C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe [25824 2011-05-04] (Memeo)
R2 SeagateDashboardService; C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe [14088 2011-06-01] (Memeo)
R2 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [1326176 2012-07-25] (Secunia)
R2 Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [681056 2012-07-25] (Secunia)
S2 HOSTS Anti-PUPs; C:\Program Files\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware.exe -update [X]
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]

==================== Drivers (Whitelisted) ====================

S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [15704 2013-09-24] (COMODO)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [587864 2013-11-14] (COMODO)
R1 cmdHlp; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [30552 2013-09-24] (COMODO)
S3 FilterService; C:\WINDOWS\System32\DRIVERS\lvuvcflt.sys [23832 2008-02-05] (Logitech Inc.)
R0 Inspect; C:\WINDOWS\System32\DRIVERS\inspect.sys [96216 2013-09-24] (COMODO)
S3 LVcKap; C:\WINDOWS\System32\DRIVERS\LVcKap.sys [689176 2008-02-05] (Logitech Inc.)
R3 LVPr2Mon; C:\WINDOWS\System32\DRIVERS\LVPr2Mon.sys [25624 2008-02-05] ()
R3 LVUSBSta; C:\WINDOWS\System32\drivers\LVUSBSta.sys [41752 2008-02-05] (Logitech Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
S3 NPF; C:\WINDOWS\System32\drivers\npf.sys [35088 2010-06-25] (CACE Technologies, Inc.)
R3 PSI; C:\WINDOWS\System32\DRIVERS\psi_mf.sys [15544 2010-09-01] (Secunia)
R3 rtl8139; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [20992 2004-08-03] (Realtek Semiconductor Corporation)
S3 s3m; C:\WINDOWS\System32\DRIVERS\s3m.sys [166720 2001-08-17] (S3 Incorporated)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R2 StarOpen; C:\WINDOWS\system32\Drivers\StarOpen.sys [5504 2012-06-03] ()
S4 IntelIde; No ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)

========================== Drivers MD5 =======================

C:\WINDOWS\System32\DRIVERS\ACPI.sys 8FD99680A539792A30E97944FDAECF17
C:\WINDOWS\system32\Drivers\ACPIEC.sys 9859C0F6936E723E4892D7141B1327D5
C:\WINDOWS\System32\drivers\aec.sys 8BED39E3C35D6A489438B8141717A557
C:\WINDOWS\System32\drivers\afd.sys 1E44BC1E83D8FD2305F8D452DB109CF9
C:\WINDOWS\System32\DRIVERS\asyncmac.sys B153AFFAC761E7F5FCFA822B9C4E97BC
C:\WINDOWS\System32\DRIVERS\atapi.sys 9F3A2F5AA6875C72BF062C712CFA2674
C:\WINDOWS\System32\DRIVERS\ati2mtag.sys C0B86ECB324E50F6BBD529F9D5C6B24B
C:\WINDOWS\System32\DRIVERS\atmarpc.sys 9916C1225104BA14794209CFA8012159
C:\WINDOWS\System32\DRIVERS\audstub.sys D9F724AA26C010A217C97606B160ED68
C:\WINDOWS\system32\Drivers\Beep.sys DA1F27D85E0D1525F6621372E7B685E9
C:\WINDOWS\system32\Drivers\cbidf2k.sys 90A673FC8E12A79AFBED2576F6A7AAF9
C:\WINDOWS\System32\DRIVERS\CCDECODE.sys 0BE5AEF125BE881C4F854C554F2B025C
C:\WINDOWS\system32\Drivers\Cdaudio.sys C1B486A7658353D33A10CC15211A873B
C:\WINDOWS\system32\Drivers\Cdfs.sys C885B02847F5D2FD45A24E219ED93B32
C:\WINDOWS\System32\DRIVERS\cdrom.sys 1F4260CC5B42272D71F79E570A27A4FE
C:\WINDOWS\System32\DRIVERS\cmderd.sys 7E7C723B64DF1E264F3909D6263E0FF9
C:\WINDOWS\System32\DRIVERS\cmdguard.sys ADE6F053C0767B0DAED0C4FEBF8B62B5
C:\WINDOWS\System32\DRIVERS\cmdhlp.sys CA93B11EDA062B5D4BAB6A97FE9FECCD
C:\WINDOWS\System32\DRIVERS\disk.sys 044452051F3E02E7963599FC8F4F3E25
C:\WINDOWS\System32\drivers\dmboot.sys D992FE1274BDE0F84AD826ACAE022A41
C:\WINDOWS\System32\drivers\dmio.sys 7C824CF7BBDE77D95C08005717A95F6F
C:\WINDOWS\System32\drivers\dmload.sys E9317282A63CA4D188C0DF5E09C6AC5F
C:\WINDOWS\System32\drivers\DMusic.sys 8A208DFCF89792A484E76C40E5F50B45
C:\WINDOWS\System32\drivers\drmkaud.sys 8F5FCFF8E8848AFAC920905FBD9D33C8
C:\WINDOWS\system32\Drivers\Fastfat.sys 38D332A6D56AF32635675F132548343E
C:\WINDOWS\system32\Drivers\Fdc.sys 92CDD60B6730B9F50F6A1A0C1F8CDC81
C:\WINDOWS\System32\DRIVERS\lvuvcflt.sys F83C0FD028DD37BE4A337B138EBA6B7B
C:\WINDOWS\system32\Drivers\Fips.sys D45926117EB9FA946A6AF572FBE1CAA3
C:\WINDOWS\system32\Drivers\Flpydisk.sys 9D27E7B80BFCDF1CDD9B555862D5E7F0
C:\WINDOWS\System32\drivers\fltmgr.sys B2CF4B0786F8212CB92ED2B50C6DB6B0
C:\WINDOWS\system32\Drivers\Fs_Rec.sys 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A
C:\WINDOWS\System32\DRIVERS\ftdisk.sys 6AC26732762483366C3969C9E4D2259D
C:\WINDOWS\System32\DRIVERS\msgpc.sys 0A02C63C8B144BD8C86B103DEE7C86A2
C:\WINDOWS\System32\DRIVERS\HDAudBus.sys 573C7D0A32852B48F3058CFD8026F511
C:\WINDOWS\System32\Drivers\HTTP.sys F80A415EF82CD06FFAF0D971528EAD38
C:\WINDOWS\System32\DRIVERS\i8042prt.sys 4A0B06AA8943C1E332520F7440C0AA30
C:\WINDOWS\System32\DRIVERS\imapi.sys 083A052659F5310DD8B6A6CB05EDCF8E
C:\WINDOWS\System32\DRIVERS\inspect.sys 4E9612379CF48934356B2A843677FED2
C:\WINDOWS\System32\drivers\RtkHDAud.sys A30685283F90AE02F1CD50972C6065E3
C:\WINDOWS\System32\DRIVERS\intelppm.sys 8C953733D8F36EB2133F5BB58808B66B
C:\WINDOWS\System32\drivers\ip6fw.sys 3BB22519A194418D5FEC05D800A19AD0
C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys 731F22BA402EE4B62748ADAF6363C182
C:\WINDOWS\System32\DRIVERS\ipinip.sys B87AB476DCF76E72010632B5550955F5
C:\WINDOWS\System32\DRIVERS\ipnat.sys CC748EA12C6EFFDE940EE98098BF96BB
C:\WINDOWS\System32\DRIVERS\ipsec.sys 23C74D75E36E7158768DD63D92789A91
C:\WINDOWS\System32\DRIVERS\irenum.sys C93C9FF7B04D772627A3646D89F7BF89
C:\WINDOWS\System32\DRIVERS\isapnp.sys 05A299EC56E52649B1CF2FC52D20F2D7
C:\WINDOWS\System32\DRIVERS\kbdclass.sys 463C1EC80CD17420A542B7F36A36F128
C:\WINDOWS\System32\drivers\kmixer.sys 692BCF44383D056AED41B045A323D378
C:\WINDOWS\system32\Drivers\KSecDD.sys B467646C54CC746128904E1654C750C1
C:\WINDOWS\System32\DRIVERS\LVcKap.sys 9CE361764C5DD5FA5506510FE5D2297B
C:\WINDOWS\System32\DRIVERS\LVPr2Mon.sys 94D03B31F36BB362FA5713470FCF1C79
C:\WINDOWS\System32\DRIVERS\lvrs.sys A198CD8A1C813D9CEBA29A29D45FC94C
C:\WINDOWS\System32\drivers\LVUSBSta.sys 8B79A50360FC31DF6B7B979B686B4AA2
C:\WINDOWS\System32\DRIVERS\lvuvc.sys 5C20C4BE679842CBEE729B0CFF5928BD
C:\WINDOWS\system32\drivers\mbam.sys 4470E3C1E0C3378E4CAB137893C12C3A
C:\WINDOWS\system32\Drivers\mnmdd.sys 4AE068242760A1FB6E1A44BF4E16AFA6
C:\WINDOWS\system32\Drivers\Modem.sys DFCBAD3CEC1C5F964962AE10E0BCC8E1
C:\WINDOWS\System32\DRIVERS\mouclass.sys 35C9E97194C8CFB8430125F8DBC34D04
C:\WINDOWS\system32\Drivers\MountMgr.sys A80B9A0BAD1B73637DBCBBA7DF72D3FD
C:\WINDOWS\System32\DRIVERS\mrxdav.sys 11D42BB6206F33FBB3BA0288D3EF81BD
C:\WINDOWS\System32\DRIVERS\mrxsmb.sys 7D304A5EB4344EBEEAB53A2FE3FFB9F0
C:\WINDOWS\system32\Drivers\Msfs.sys C941EA2454BA8350021D774DAF0F1027
C:\WINDOWS\System32\drivers\MSKSSRV.sys D1575E71568F4D9E14CA56B7B0453BF1
C:\WINDOWS\System32\drivers\MSPCLOCK.sys 325BB26842FC7CCC1FCCE2C457317F3E
C:\WINDOWS\System32\drivers\MSPQM.sys BAD59648BA099DA4A17680B39730CB3D
C:\WINDOWS\System32\DRIVERS\mssmbios.sys AF5F4F3F14A8EA2C26DE30F7A1E17136
C:\WINDOWS\System32\drivers\MSTEE.sys E53736A9E30C45FA9E7B5EAC55056D1D
C:\WINDOWS\system32\Drivers\Mup.sys DE6A75F5C270E756C5508D94B6CF68F5
C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys 5B50F1B2A2ED47D560577B221DA734DB
C:\WINDOWS\system32\Drivers\NDIS.sys 1DF7F42665C94B825322FAE71721130D
C:\WINDOWS\System32\DRIVERS\NdisIP.sys 7FF1F1FD8609C149AA432F95A8163D97
C:\WINDOWS\System32\DRIVERS\ndistapi.sys 0109C4F3850DFBAB279542515386AE22
C:\WINDOWS\System32\DRIVERS\ndisuio.sys F927A4434C5028758A842943EF1A3849
C:\WINDOWS\System32\DRIVERS\ndiswan.sys EDC1531A49C80614B2CFDA43CA8659AB
C:\WINDOWS\system32\Drivers\NDProxy.sys 2F597BB467E05B1FE3830EABD821B8E0
C:\WINDOWS\System32\DRIVERS\netbios.sys 5D81CF9A2F1A3A756B66CF684911CDF0
C:\WINDOWS\System32\DRIVERS\netbt.sys 74B2B2F5BEA5E9A3DC021D685551BD3D
C:\WINDOWS\System32\drivers\npf.sys B48DC6ABCD3AEFF8618350CCBDC6B09A
C:\WINDOWS\system32\Drivers\Npfs.sys 3182D64AE053D6FB034F44B6DEF8034A
C:\WINDOWS\system32\Drivers\Ntfs.sys 78A08DD6A8D65E697C18E1DB01C5CDCA
C:\WINDOWS\system32\Drivers\Null.sys 73C1E1F395918BC2C6DD67AF7591A3AD
C:\WINDOWS\System32\DRIVERS\nwlnkflt.sys B305F3FAD35083837EF46A0BBCE2FC57
C:\WINDOWS\System32\DRIVERS\nwlnkfwd.sys C99B3415198D1AAB7227F2C88FD664B9
C:\WINDOWS\System32\DRIVERS\parport.sys 5575FAF8F97CE5E713D108C2A58D7C7C
C:\WINDOWS\system32\Drivers\PartMgr.sys BEB3BA25197665D82EC7065B724171C6
C:\WINDOWS\system32\Drivers\ParVdm.sys 70E98B3FD8E963A6A46A2E6247E0BEA1
C:\WINDOWS\System32\DRIVERS\pci.sys A219903CCF74233761D92BEF471A07B1
C:\WINDOWS\System32\DRIVERS\pciide.sys CCF5F451BB1A5A2A522A76E670000FF0
C:\WINDOWS\system32\Drivers\Pcmcia.sys 9E89EF60E9EE05E3F2EEF2DA7397F1C1
C:\WINDOWS\System32\DRIVERS\raspptp.sys EFEEC01B1D3CF84F16DDD24D9D9D8F99
C:\WINDOWS\System32\DRIVERS\psched.sys 09298EC810B07E5D582CB3A3F9255424
C:\WINDOWS\System32\DRIVERS\psi_mf.sys D24DFD16A1E2A76034DF5AA18125C35D
C:\WINDOWS\System32\DRIVERS\ptilink.sys 80D317BD1C3DBC5D4FE7B1678C60CADD
C:\WINDOWS\System32\DRIVERS\rasacd.sys FE0D99D6F31E4FAD8159F690D68DED9C
C:\WINDOWS\System32\DRIVERS\rasl2tp.sys 11B4A627BC9614B885C4969BFA5FF8A6
C:\WINDOWS\System32\DRIVERS\raspppoe.sys 5BC962F2654137C9909C3D4603587DEE
C:\WINDOWS\System32\DRIVERS\raspti.sys FDBB1D60066FCFBB7452FD8F9829B242
C:\WINDOWS\System32\DRIVERS\rdbss.sys 7AD224AD1A1437FE28D89CF22B17780A
C:\WINDOWS\System32\DRIVERS\RDPCDD.sys 4912D5B403614CE99C28420F75353332
C:\WINDOWS\System32\DRIVERS\rdpdr.sys 15CABD0F7C00C47C70124907916AF3F1
C:\WINDOWS\system32\Drivers\RDPWD.sys 43AF5212BD8FB5BA6EED9754358BD8F7
C:\WINDOWS\System32\DRIVERS\redbook.sys F828DD7E1419B6653894A8F97A0094C5
C:\WINDOWS\System32\DRIVERS\RTL8139.SYS D507C1400284176573224903819FFDA3
C:\WINDOWS\System32\DRIVERS\s3m.sys 22098A69BDDF00B6A88264BF0996CCAA
C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS 39763504067962108505BFF25F024345
C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS 77B9FC20084B48408AD3E87570EB4A85
C:\WINDOWS\System32\DRIVERS\secdrv.sys ==> MD5 is legit
C:\WINDOWS\System32\DRIVERS\serenum.sys 0F29512CCD6BEAD730039FB4BD2C85CE
C:\WINDOWS\System32\DRIVERS\serial.sys CCA207A8896D4C6A0C9CE29A4AE411A7
C:\WINDOWS\system32\Drivers\Sfloppy.sys 8E6B8C671615D126FDC553D1E2DE5562
C:\WINDOWS\System32\DRIVERS\SLIP.sys 866D538EBE33709A5C9F5C62B73B7D14
C:\WINDOWS\System32\drivers\splitter.sys AB8B92451ECB048A4D1DE7C3FFCB4A9F
C:\WINDOWS\System32\DRIVERS\sr.sys 76BB022C2FB6902FD5BDD4F78FC13A5D
C:\WINDOWS\System32\DRIVERS\srv.sys 47DDFC2F003F7F9F0592C6874962A2E7
C:\WINDOWS\system32\Drivers\StarOpen.sys E57B778208C783D8DEBAB320C16A1B82
C:\WINDOWS\System32\DRIVERS\StreamIP.sys 77813007BA6265C4B6098187E6ED79D2
C:\WINDOWS\System32\DRIVERS\swenum.sys 3941D127AEF12E93ADDF6FE6EE027E0F
C:\WINDOWS\System32\drivers\swmidi.sys 8CE882BCC6CF8A62F2B2323D95CB3D01
C:\WINDOWS\System32\drivers\sysaudio.sys 8B83F3ED0F1688B4958F77CD6D2BF290
C:\WINDOWS\System32\DRIVERS\tcpip.sys 9AEFA14BD6B182D61E3119FA5F436D3D
C:\WINDOWS\system32\Drivers\TDPIPE.sys 6471A66807F5E104E4885F5B67349397
C:\WINDOWS\system32\Drivers\TDTCP.sys C56B6D0402371CF3700EB322EF3AAF61
C:\WINDOWS\System32\DRIVERS\termdd.sys 88155247177638048422893737429D9E
C:\WINDOWS\system32\Drivers\Udfs.sys 5787B80C2E3C5E2F56C2A233D91FA2C9
C:\WINDOWS\System32\DRIVERS\update.sys 402DDC88356B1BAC0EE3DD1580C76A31
C:\WINDOWS\System32\drivers\usbaudio.sys 65898A183FBF1D1F7759D5CCB364DCD4
C:\WINDOWS\System32\DRIVERS\usbccgp.sys 1B611611C28D2DF25BC057D79C6F13FC
C:\WINDOWS\System32\DRIVERS\usbehci.sys 4BAC8DF07F1D8434FC640E677A62204E
C:\WINDOWS\System32\DRIVERS\usbhub.sys 1AB3CDDE553B6E064D2E754EFE20285C
C:\WINDOWS\System32\DRIVERS\usbohci.sys 0DAECCE65366EA32B162F85F07C6753B
C:\WINDOWS\System32\DRIVERS\usbscan.sys F8EDE2B6928970DCE3D5614C27D9E7F6
C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS A32426D9B14A089EAA1D922E0C5801A9
C:\WINDOWS\System32\Drivers\usbvideo.sys 813236B1183CFCF289E367BD5DE6E29E
C:\WINDOWS\System32\drivers\vga.sys 0D3A8FAFCEACD8B7625CD549757A7DF1
C:\WINDOWS\system32\Drivers\VolSnap.sys 4C8FCB5CC53AAB716D810740FE59D025
C:\WINDOWS\System32\DRIVERS\wanarp.sys E20B95BAEDB550F32DD489265C1DA1F6
C:\WINDOWS\System32\drivers\wdmaud.sys 6768ACF64B18196494413695F0C3A00F
C:\WINDOWS\System32\drivers\ws2ifsl.sys 6ABE6E225ADB5A751622A9CC3BC19CE8
C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS C98B39829C2BBD34E454150633C62C78
C:\WINDOWS\System32\DRIVERS\WudfPf.sys F15FEAFFFBB3644CCC80C5DA584E6311
C:\WINDOWS\System32\DRIVERS\wudfrd.sys 28B524262BCE6DE1F7EF9F510BA3985B

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-02-16 11:50 - 2014-02-16 11:51 - 00000000 ___DC () C:\FRST
2014-02-15 14:06 - 2014-02-15 14:07 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-02-13 19:42 - 2014-02-13 19:45 - 00000000 ____D () C:\Documents and Settings\User\desktop\Davids snow pics
2014-02-13 19:41 - 2014-02-13 20:06 - 00000000 ____D () C:\Documents and Settings\User\desktop\Pams SNow pics
2014-02-12 13:59 - 2014-02-12 13:59 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2916036$
2014-02-12 03:52 - 2014-02-12 13:59 - 00003096 _____ () C:\WINDOWS\updspapi.log
2014-02-12 03:51 - 2014-02-12 03:54 - 00013048 _____ () C:\WINDOWS\KB2909921-IE8.log
2014-02-12 03:50 - 2014-02-12 14:01 - 00019930 _____ () C:\WINDOWS\iis6.log
2014-02-12 03:50 - 2014-02-12 14:01 - 00018546 _____ () C:\WINDOWS\FaxSetup.log
2014-02-12 03:50 - 2014-02-12 14:01 - 00008868 _____ () C:\WINDOWS\ocgen.log
2014-02-12 03:50 - 2014-02-12 14:01 - 00008463 _____ () C:\WINDOWS\tsoc.log
2014-02-12 03:50 - 2014-02-12 14:01 - 00006167 _____ () C:\WINDOWS\comsetup.log
2014-02-12 03:50 - 2014-02-12 14:01 - 00005620 _____ () C:\WINDOWS\msmqinst.log
2014-02-12 03:50 - 2014-02-12 14:01 - 00003716 _____ () C:\WINDOWS\ntdtcsetup.log
2014-02-12 03:50 - 2014-02-12 14:01 - 00003249 _____ () C:\WINDOWS\netfxocm.log
2014-02-12 03:50 - 2014-02-12 14:01 - 00001374 _____ () C:\WINDOWS\imsins.log
2014-02-12 03:50 - 2014-02-12 14:01 - 00001275 _____ () C:\WINDOWS\MedCtrOC.log
2014-02-12 03:50 - 2014-02-12 14:01 - 00001026 _____ () C:\WINDOWS\ocmsn.log
2014-02-12 03:50 - 2014-02-12 14:01 - 00000933 _____ () C:\WINDOWS\tabletoc.log
2014-02-12 03:50 - 2014-02-12 14:01 - 00000927 _____ () C:\WINDOWS\msgsocm.log
2014-02-12 03:50 - 2014-02-12 03:54 - 00001374 _____ () C:\WINDOWS\imsins.BAK
2014-02-12 03:50 - 2014-02-12 03:50 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-02-12 03:50 - 2014-02-12 03:50 - 00000000 _____ () C:\WINDOWS\setupact.log
2014-02-12 03:44 - 2014-02-12 03:50 - 00006249 _____ () C:\WINDOWS\KB2909210-IE8.log
2014-02-11 17:29 - 2014-02-12 14:01 - 00016695 _____ () C:\WINDOWS\KB2916036.log
2014-02-04 16:06 - 2014-02-04 16:06 - 00001813 _____ () C:\Documents and Settings\All Users\desktop\Google Chrome.lnk
2014-02-04 16:06 - 2014-02-04 16:06 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Google Chrome
2014-02-03 23:29 - 2014-02-03 23:29 - 00023528 _____ () C:\Documents and Settings\User\My Documents\Railroad wheel history..interesting stuff!.odt
2014-02-02 00:36 - 2014-02-14 20:09 - 00000318 _____ () C:\WINDOWS\Tasks\GlaryInitialize 4.job
2014-02-02 00:36 - 2014-02-02 00:36 - 00000761 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Glary Utilities 4.lnk
2014-02-02 00:36 - 2014-02-02 00:36 - 00000755 _____ () C:\Documents and Settings\All Users\desktop\Glary Utilities 4.lnk
2014-02-02 00:36 - 2014-02-02 00:36 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Glary Utilities 4
2014-02-02 00:35 - 2014-02-05 22:36 - 00000000 ____D () C:\Program Files\Glary Utilities 4
2014-02-01 11:43 - 2014-02-01 11:43 - 00017619 _____ () C:\Documents and Settings\User\My Documents\Solutions for open office issues.odt
2014-01-31 11:51 - 2014-01-31 11:51 - 00000000 ____D () C:\Documents and Settings\User\Local Settings\Application Data\Skype
2014-01-31 11:50 - 2014-02-01 15:50 - 00000000 ____D () C:\Documents and Settings\User\Application Data\Skype
2014-01-31 11:49 - 2014-01-31 11:49 - 00001878 _____ () C:\Documents and Settings\All Users\desktop\Skype.lnk
2014-01-31 11:49 - 2014-01-31 11:49 - 00000000 ___RD () C:\Program Files\Skype
2014-01-31 11:49 - 2014-01-31 11:49 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-01-31 11:49 - 2014-01-31 11:49 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Skype
2014-01-31 11:48 - 2014-01-31 11:50 - 00000000 ___DC () C:\Documents and Settings\All Users\Application Data\Skype
2014-01-31 00:55 - 2014-01-31 00:55 - 00000000 ____D () C:\Documents and Settings\NetworkService\Local Settings\Application Data\COMODO
2014-01-30 21:07 - 2014-01-30 21:07 - 00000938 _____ () C:\Documents and Settings\User\desktop\eset scan.txt
2014-01-30 16:40 - 2014-01-30 16:40 - 00048392 _____ (COMODO CA Limited) C:\WINDOWS\system32\certsentry.dll
2014-01-28 22:33 - 2014-01-28 22:33 - 00017866 _____ () C:\Documents and Settings\User\My Documents\1st.scan log from Hijackthis 1-27-2014.odt
2014-01-28 22:32 - 2014-01-28 22:32 - 00018103 _____ () C:\Documents and Settings\User\My Documents\HiJackthis log file 1-27-2014.odt
2014-01-26 16:58 - 2014-01-26 16:58 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-01-26 16:58 - 2014-01-26 16:55 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-01-26 16:58 - 2014-01-26 16:55 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2014-01-26 16:57 - 2014-01-26 16:57 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Java
2014-01-26 16:57 - 2014-01-26 16:55 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-01-26 16:57 - 2014-01-26 16:55 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-01-26 16:57 - 2014-01-26 16:55 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-01-26 16:55 - 2014-01-26 16:55 - 00000000 ____D () C:\Program Files\Java
2014-01-23 21:28 - 2014-01-23 21:28 - 00000000 ____D () C:\Documents and Settings\User\Application Data\OpenOffice
2014-01-23 00:35 - 2014-01-23 00:39 - 00000000 ___SD () C:\Documents and Settings\All Users\Start Menu\Programs\OpenOffice 4.0.1
2014-01-23 00:35 - 2014-01-23 00:35 - 00000877 _____ () C:\Documents and Settings\All Users\desktop\OpenOffice 4.0.1.lnk
2014-01-23 00:28 - 2014-01-23 00:30 - 00000000 ____D () C:\Program Files\OpenOffice 4
2014-01-22 23:30 - 2014-01-22 23:31 - 00000000 ____D () C:\Documents and Settings\User\desktop\OpenOffice 4.0.1 (en-US) Installation Files

==================== One Month Modified Files and Folders =======

2014-02-16 11:51 - 2014-02-16 11:50 - 00000000 ___DC () C:\FRST
2014-02-16 11:49 - 2013-11-05 10:18 - 00000440 _____ () C:\WINDOWS\Tasks\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}.job
2014-02-16 11:49 - 2013-11-05 10:18 - 00000440 _____ () C:\WINDOWS\Tasks\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}.job
2014-02-16 11:49 - 2013-11-05 10:18 - 00000440 _____ () C:\WINDOWS\Tasks\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22}.job
2014-02-16 11:49 - 2013-11-05 10:18 - 00000440 _____ () C:\WINDOWS\Tasks\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9}.job
2014-02-16 11:45 - 2013-07-31 14:00 - 00000000 ____D () C:\Documents and Settings\User\My Documents\About David
2014-02-16 11:45 - 2009-04-06 14:46 - 00000420 ____H () C:\WINDOWS\Tasks\User_Feed_Synchronization-{CFDB052C-AF21-4A2C-9F1B-FC9C87FFA4C5}.job
2014-02-16 11:43 - 2012-09-16 23:24 - 01474832 _____ () C:\WINDOWS\system32\Drivers\sfi.dat
2014-02-16 11:36 - 2011-08-18 21:25 - 00000886 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-16 11:25 - 2007-04-12 14:08 - 01385499 _____ () C:\WINDOWS\WindowsUpdate.log
2014-02-16 11:23 - 2012-09-16 13:45 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-02-16 11:13 - 2013-07-18 00:59 - 00000000 _____ () C:\WINDOWS\system32\Drivers\lvuvc.hs
2014-02-16 03:38 - 2012-12-31 23:39 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-02-16 03:22 - 2007-04-12 14:13 - 00032346 _____ () C:\WINDOWS\SchedLgU.Txt
2014-02-16 03:21 - 2012-09-24 01:54 - 00000454 _____ () C:\WINDOWS\Tasks\Defrag.job
2014-02-15 23:04 - 2007-04-12 09:35 - 00000301 _____ () C:\WINDOWS\wiadebug.log
2014-02-15 14:07 - 2014-02-15 14:06 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-02-14 20:11 - 2012-09-16 23:25 - 00000000 ____D () C:\WINDOWS\system32\Lang
2014-02-14 20:11 - 2001-08-23 06:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2014-02-14 20:09 - 2014-02-02 00:36 - 00000318 _____ () C:\WINDOWS\Tasks\GlaryInitialize 4.job
2014-02-14 20:08 - 2007-04-12 09:35 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2014-02-14 20:07 - 2013-07-18 00:59 - 00000000 _____ () C:\WINDOWS\system32\Drivers\logiflt.iad
2014-02-14 20:07 - 2011-08-18 21:25 - 00000882 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-14 20:07 - 2011-08-18 20:43 - 00000310 _____ () C:\WINDOWS\Tasks\GlaryInitialize.job
2014-02-14 20:07 - 2007-04-12 14:13 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-02-14 20:05 - 2007-04-12 14:15 - 00000278 ___SH () C:\Documents and Settings\User\ntuser.ini
2014-02-14 15:15 - 2012-09-16 13:01 - 00000258 _____ () C:\WINDOWS\Tasks\Disk Cleanup.job
2014-02-13 20:06 - 2014-02-13 19:41 - 00000000 ____D () C:\Documents and Settings\User\desktop\Pams SNow pics
2014-02-13 19:45 - 2014-02-13 19:42 - 00000000 ____D () C:\Documents and Settings\User\desktop\Davids snow pics
2014-02-12 14:49 - 2012-11-27 12:20 - 00000000 ____D () C:\WINDOWS\Microsoft.NET
2014-02-12 14:01 - 2014-02-12 03:50 - 00019930 _____ () C:\WINDOWS\iis6.log
2014-02-12 14:01 - 2014-02-12 03:50 - 00018546 _____ () C:\WINDOWS\FaxSetup.log
2014-02-12 14:01 - 2014-02-12 03:50 - 00008868 _____ () C:\WINDOWS\ocgen.log
2014-02-12 14:01 - 2014-02-12 03:50 - 00008463 _____ () C:\WINDOWS\tsoc.log
2014-02-12 14:01 - 2014-02-12 03:50 - 00006167 _____ () C:\WINDOWS\comsetup.log
2014-02-12 14:01 - 2014-02-12 03:50 - 00005620 _____ () C:\WINDOWS\msmqinst.log
2014-02-12 14:01 - 2014-02-12 03:50 - 00003716 _____ () C:\WINDOWS\ntdtcsetup.log
2014-02-12 14:01 - 2014-02-12 03:50 - 00003249 _____ () C:\WINDOWS\netfxocm.log
2014-02-12 14:01 - 2014-02-12 03:50 - 00001374 _____ () C:\WINDOWS\imsins.log
2014-02-12 14:01 - 2014-02-12 03:50 - 00001275 _____ () C:\WINDOWS\MedCtrOC.log
2014-02-12 14:01 - 2014-02-12 03:50 - 00001026 _____ () C:\WINDOWS\ocmsn.log
2014-02-12 14:01 - 2014-02-12 03:50 - 00000933 _____ () C:\WINDOWS\tabletoc.log
2014-02-12 14:01 - 2014-02-12 03:50 - 00000927 _____ () C:\WINDOWS\msgsocm.log
2014-02-12 14:01 - 2014-02-11 17:29 - 00016695 _____ () C:\WINDOWS\KB2916036.log
2014-02-12 13:59 - 2014-02-12 13:59 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2916036$
2014-02-12 13:59 - 2014-02-12 03:52 - 00003096 _____ () C:\WINDOWS\updspapi.log
2014-02-12 13:35 - 2007-04-12 09:31 - 00493286 ____C () C:\WINDOWS\system32\PerfStringBackup.INI
2014-02-12 12:55 - 2013-09-08 12:34 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-02-12 12:34 - 2007-04-12 15:21 - 85946576 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-02-12 03:54 - 2014-02-12 03:51 - 00013048 _____ () C:\WINDOWS\KB2909921-IE8.log
2014-02-12 03:54 - 2014-02-12 03:50 - 00001374 _____ () C:\WINDOWS\imsins.BAK
2014-02-12 03:50 - 2014-02-12 03:50 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-02-12 03:50 - 2014-02-12 03:50 - 00000000 _____ () C:\WINDOWS\setupact.log
2014-02-12 03:50 - 2014-02-12 03:44 - 00006249 _____ () C:\WINDOWS\KB2909210-IE8.log
2014-02-11 11:37 - 2013-03-03 23:06 - 00000000 ____D () C:\Documents and Settings\User\My Documents\thoughts to share with my sons
2014-02-10 17:57 - 2013-03-30 06:18 - 00000000 ____D () C:\Documents and Settings\User\My Documents\Recipes With Oatmeal
2014-02-07 01:18 - 2013-12-12 11:17 - 00524288 _____ () C:\WINDOWS\system32\config\ACEEvent.evt
2014-02-06 03:54 - 2004-08-03 17:56 - 00174592 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ie4uinit.exe
2014-02-06 03:54 - 2004-08-03 17:56 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-02-05 23:23 - 2012-09-16 13:45 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-02-05 23:23 - 2011-08-18 21:21 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-02-05 22:36 - 2014-02-02 00:35 - 00000000 ____D () C:\Program Files\Glary Utilities 4
2014-02-05 18:26 - 2012-09-16 01:52 - 00522240 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jsdbgui.dll
2014-02-05 18:26 - 2011-08-18 19:57 - 00743424 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iedvtool.dll
2014-02-05 18:26 - 2009-06-11 17:01 - 00247808 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieproxy.dll
2014-02-05 18:26 - 2009-06-11 17:01 - 00012800 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xpshims.dll
2014-02-05 18:26 - 2009-03-08 03:33 - 00018944 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\corpol.dll
2014-02-05 18:26 - 2007-05-10 17:34 - 11113472 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieframe.dll
2014-02-05 18:26 - 2007-05-10 17:34 - 02006016 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iertutil.dll
2014-02-05 18:26 - 2007-05-10 17:34 - 00630272 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msfeeds.dll
2014-02-05 18:26 - 2007-05-10 17:34 - 00055296 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2014-02-05 18:26 - 2007-04-12 14:07 - 00759296 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\vgx.dll
2014-02-05 18:26 - 2006-11-07 20:03 - 11113472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-02-05 18:26 - 2006-11-07 20:03 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-02-05 18:26 - 2006-11-07 20:03 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll
2014-02-05 18:26 - 2006-10-17 10:57 - 02006016 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-02-05 18:26 - 2004-08-03 17:56 - 06021120 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mshtml.dll
2014-02-05 18:26 - 2004-08-03 17:56 - 06021120 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-02-05 18:26 - 2004-08-03 17:56 - 01469440 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\inetcpl.cpl
2014-02-05 18:26 - 2004-08-03 17:56 - 01469440 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-02-05 18:26 - 2004-08-03 17:56 - 01216000 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\urlmon.dll
2014-02-05 18:26 - 2004-08-03 17:56 - 01216000 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-02-05 18:26 - 2004-08-03 17:56 - 00920064 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wininet.dll
2014-02-05 18:26 - 2004-08-03 17:56 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-02-05 18:26 - 2004-08-03 17:56 - 00611840 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mstime.dll
2014-02-05 18:26 - 2004-08-03 17:56 - 00611840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstime.dll
2014-02-05 18:26 - 2004-08-03 17:56 - 00387584 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iedkcs32.dll
2014-02-05 18:26 - 2004-08-03 17:56 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-02-05 18:26 - 2004-08-03 17:56 - 00206848 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\occache.dll
2014-02-05 18:26 - 2004-08-03 17:56 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll
2014-02-05 18:26 - 2004-08-03 17:56 - 00184320 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iepeers.dll
2014-02-05 18:26 - 2004-08-03 17:56 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-02-05 18:26 - 2004-08-03 17:56 - 00105984 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\url.dll
2014-02-05 18:26 - 2004-08-03 17:56 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\url.dll
2014-02-05 18:26 - 2004-08-03 17:56 - 00067072 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mshtmled.dll
2014-02-05 18:26 - 2004-08-03 17:56 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-02-05 18:26 - 2004-08-03 17:56 - 00043520 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\licmgr10.dll
2014-02-05 18:26 - 2004-08-03 17:56 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\licmgr10.dll
2014-02-05 18:26 - 2004-08-03 17:56 - 00025600 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jsproxy.dll
2014-02-05 18:26 - 2004-08-03 17:56 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-02-05 18:26 - 2004-08-03 17:56 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\corpol.dll
2014-02-05 17:24 - 2004-08-03 15:59 - 00385024 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2014-02-05 00:13 - 2013-02-17 11:01 - 00000000 ____D () C:\Documents and Settings\User\desktop\Old Firefox Data
2014-02-04 16:06 - 2014-02-04 16:06 - 00001813 _____ () C:\Documents and Settings\All Users\desktop\Google Chrome.lnk
2014-02-04 16:06 - 2014-02-04 16:06 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Google Chrome
2014-02-04 16:06 - 2007-05-10 17:33 - 00000000 ____D () C:\Documents and Settings\User\Local Settings\Application Data\Google
2014-02-04 16:04 - 2007-05-10 17:33 - 00000000 ____D () C:\Program Files\Google
2014-02-03 23:29 - 2014-02-03 23:29 - 00023528 _____ () C:\Documents and Settings\User\My Documents\Railroad wheel history..interesting stuff!.odt
2014-02-03 14:49 - 2013-01-18 15:18 - 00000000 ____D () C:\Documents and Settings\User\My Documents\Computer help from Bleeping Computer
2014-02-03 09:24 - 2013-06-26 09:13 - 00000000 ___DC () C:\Documents and Settings\All Users\Application Data\GlarySoft
2014-02-02 11:46 - 2013-03-09 00:20 - 00000000 ____D () C:\Documents and Settings\User\My Documents\Safe Desk Top Images
2014-02-02 11:10 - 2008-05-13 16:55 - 00000000 ____D () C:\Documents and Settings\User\Local Settings\Application Data\Adobe
2014-02-02 01:32 - 2007-04-12 14:41 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB923694$
2014-02-02 00:38 - 2011-08-18 21:03 - 00000000 ____D () C:\Documents and Settings\User\Application Data\GlarySoft
2014-02-02 00:36 - 2014-02-02 00:36 - 00000761 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Glary Utilities 4.lnk
2014-02-02 00:36 - 2014-02-02 00:36 - 00000755 _____ () C:\Documents and Settings\All Users\desktop\Glary Utilities 4.lnk
2014-02-02 00:36 - 2014-02-02 00:36 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Glary Utilities 4
2014-02-01 15:50 - 2014-01-31 11:50 - 00000000 ____D () C:\Documents and Settings\User\Application Data\Skype
2014-02-01 11:43 - 2014-02-01 11:43 - 00017619 _____ () C:\Documents and Settings\User\My Documents\Solutions for open office issues.odt
2014-01-31 23:57 - 2012-10-08 22:21 - 00000000 ____D () C:\Documents and Settings\User\My Documents\about brent
2014-01-31 11:51 - 2014-01-31 11:51 - 00000000 ____D () C:\Documents and Settings\User\Local Settings\Application Data\Skype
2014-01-31 11:50 - 2014-01-31 11:48 - 00000000 ___DC () C:\Documents and Settings\All Users\Application Data\Skype
2014-01-31 11:49 - 2014-01-31 11:49 - 00001878 _____ () C:\Documents and Settings\All Users\desktop\Skype.lnk
2014-01-31 11:49 - 2014-01-31 11:49 - 00000000 ___RD () C:\Program Files\Skype
2014-01-31 11:49 - 2014-01-31 11:49 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-01-31 11:49 - 2014-01-31 11:49 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Skype
2014-01-31 00:55 - 2014-01-31 00:55 - 00000000 ____D () C:\Documents and Settings\NetworkService\Local Settings\Application Data\COMODO
2014-01-30 21:07 - 2014-01-30 21:07 - 00000938 _____ () C:\Documents and Settings\User\desktop\eset scan.txt
2014-01-30 16:41 - 2012-09-20 21:00 - 00000000 ____D () C:\Documents and Settings\User\Local Settings\Application Data\COMODO
2014-01-30 16:40 - 2014-01-30 16:40 - 00048392 _____ (COMODO CA Limited) C:\WINDOWS\system32\certsentry.dll
2014-01-30 16:40 - 2013-11-05 09:12 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\Application Data\COMODO
2014-01-30 16:37 - 2012-09-16 23:19 - 00000000 ____D () C:\Program Files\COMODO
2014-01-28 22:33 - 2014-01-28 22:33 - 00017866 _____ () C:\Documents and Settings\User\My Documents\1st.scan log from Hijackthis 1-27-2014.odt
2014-01-28 22:32 - 2014-01-28 22:32 - 00018103 _____ () C:\Documents and Settings\User\My Documents\HiJackthis log file 1-27-2014.odt
2014-01-26 16:58 - 2014-01-26 16:58 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-01-26 16:57 - 2014-01-26 16:57 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Java
2014-01-26 16:55 - 2014-01-26 16:58 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-01-26 16:55 - 2014-01-26 16:58 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2014-01-26 16:55 - 2014-01-26 16:57 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-01-26 16:55 - 2014-01-26 16:57 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-01-26 16:55 - 2014-01-26 16:57 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-01-26 16:55 - 2014-01-26 16:55 - 00000000 ____D () C:\Program Files\Java
2014-01-26 13:27 - 2012-09-16 23:19 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\COMODO
2014-01-24 09:41 - 2014-01-10 00:31 - 00000000 ___DC () C:\AdwCleaner
2014-01-24 09:25 - 2007-04-25 17:21 - 00048952 ____C () C:\Documents and Settings\User\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2014-01-24 09:21 - 2007-04-12 09:30 - 00220040 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-01-23 21:28 - 2014-01-23 21:28 - 00000000 ____D () C:\Documents and Settings\User\Application Data\OpenOffice
2014-01-23 00:39 - 2014-01-23 00:35 - 00000000 ___SD () C:\Documents and Settings\All Users\Start Menu\Programs\OpenOffice 4.0.1
2014-01-23 00:35 - 2014-01-23 00:35 - 00000877 _____ () C:\Documents and Settings\All Users\desktop\OpenOffice 4.0.1.lnk
2014-01-23 00:30 - 2014-01-23 00:28 - 00000000 ____D () C:\Program Files\OpenOffice 4
2014-01-23 00:22 - 2013-02-04 00:03 - 00000000 ____D () C:\Program Files\OpenOffice.org 3
2014-01-22 23:31 - 2014-01-22 23:30 - 00000000 ____D () C:\Documents and Settings\User\desktop\OpenOffice 4.0.1 (en-US) Installation Files
2014-01-21 11:59 - 2013-01-05 23:48 - 00000000 ____D () C:\Documents and Settings\User\Application Data\ImgBurn
2014-01-21 00:57 - 2012-10-09 23:20 - 00014848 _____ () C:\Documents and Settings\User\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-20 20:30 - 2013-09-01 23:59 - 00000000 ____D () C:\Documents and Settings\User\Application Data\DiskDefrag
2014-01-20 11:12 - 2013-06-10 01:00 - 00000000 ____D () C:\Documents and Settings\User\My Documents\Cleaning a computer inst. from Ron
2014-01-20 11:06 - 2013-11-11 01:17 - 00000000 ____D () C:\Documents and Settings\User\My Documents\Stories for PAm
2014-01-18 17:03 - 2013-01-05 23:53 - 00000000 ____D () C:\Documents and Settings\All Users\Documents\FreeBurner
2014-01-18 15:39 - 2013-02-04 00:01 - 00000000 ____D () C:\Documents and Settings\User\desktop\OpenOffice.org 3.4.1 (en-US) Installation Files
2014-01-17 23:47 - 2012-11-26 20:33 - 00002347 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk

Files to move or delete:
====================
C:\Documents and Settings\User\jagex_runescape_preferences.dat

==================== Bamital & volsnap Check =================

C:\WINDOWS\explorer.exe
[2004-08-03 17:56] - [2008-04-13 19:12] - 1033728 ____A (Microsoft Corporation)

C:\WINDOWS\system32\winlogon.exe
[2004-08-03 17:56] - [2008-04-13 19:12] - 0507904 ____A (Microsoft Corporation)

C:\WINDOWS\system32\svchost.exe
[2004-08-03 17:56] - [2008-04-13 19:12] - 0014336 ____A (Microsoft Corporation)

C:\WINDOWS\system32\services.exe
[2004-08-03 17:56] - [2009-02-06 06:11] - 0110592 ____A (Microsoft Corporation)

C:\WINDOWS\system32\User32.dll
[2004-08-03 17:56] - [2008-04-13 19:12] - 0578560 ____A (Microsoft Corporation)

C:\WINDOWS\system32\userinit.exe
[2004-08-03 17:56] - [2008-04-13 19:12] - 0026112 ____A (Microsoft Corporation)

C:\WINDOWS\system32\rpcss.dll
[2004-08-03 17:56] - [2009-02-09 07:10] - 0401408 ____A (Microsoft Corporation)

ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected.
C:\WINDOWS\system32\Drivers\volsnap.sys
[2004-08-03 16:00] - [2008-04-13 13:41] - 0052352 ____A (Microsoft Corporation)

Here is the Addition txt..... I see there are many system errors, and application errors and microsoft office session errors reported!...should I be very concerned? could these be connected to the microsoft office 3 update that never installs ? and I saw that there are no sysytem restore points!!!??? is this odd and incorrect? And do I have all the scheduled tasks scheduled properly and running correctly , that I should have, or that you would like to see? { Im assuming these would be tasks that run automaticlly to protect my computer?, and I right or wrong?}

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 12-02-2014 01
Ran by User at 2014-02-16 11:53:07
Running from C:\Documents and Settings\User\My Documents\Downloads
Boot Mode: Normal
==========================================================

==================== Security Center ========================

==================== Installed Programs ======================

Adobe Flash Player 12 ActiveX (Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) (Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (Version: 12.0.0.112 - Adobe Systems, Inc.)
ATI - Software Uninstall Utility (Version: 6.14.10.1022 - )
ATI Catalyst Control Center (Version: 2.010.0210.2338 - )
ATI Display Driver (Version: 8.593.100-100210a-095952E-ATI - )
Catalyst Control Center - Branding (Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (Version: 2010.0210.2339.42455 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (Version: 2010.0210.2339.42455 - ATI) Hidden
Catalyst Control Center Graphics Full New (Version: 2010.0210.2339.42455 - ATI) Hidden
Catalyst Control Center Graphics Light (Version: 2010.0210.2339.42455 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (Version: 2010.0210.2339.42455 - ATI) Hidden
Catalyst Control Center HydraVision Full (Version: 2010.0210.2339.42455 - ATI) Hidden
Catalyst Control Center Localization All (Version: 2010.0210.2339.42455 - ATI) Hidden
CCC Help Chinese Standard (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Chinese Traditional (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Czech (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Danish (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Dutch (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help English (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Finnish (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help French (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help German (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Greek (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Hungarian (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Italian (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Japanese (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Korean (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Norwegian (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Polish (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Portuguese (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Russian (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Spanish (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Swedish (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Thai (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Turkish (Version: 2010.0210.2338.42455 - ATI) Hidden
ccc-core-preinstall (Version: 2010.0210.2339.42455 - ATI) Hidden
ccc-core-static (Version: 2010.0210.2339.42455 - ATI) Hidden
ccc-utility (Version: 2010.0210.2339.42455 - ATI) Hidden
CCleaner (Version: 4.09 - Piriform)
CDBurnerXP (Version: 4.5.0.3717 - CDBurnerXP)
Comodo Dragon (Version: 31.1.0.0 - COMODO)
COMODO Internet Security Premium (Version: 6.3.35694.2953 - COMODO Security Solutions Inc.)
Disk SpeedUp 1.4.0.888 (Version: 1.4.0.888 - Glarysoft Ltd)
Dragon NaturallySpeaking 11 (Version: 11.0.200 - Nuance Communications Inc.)
DVD Flick 1.3.0.7 (Version: 1.3.0.7 - Dennis Meuwissen)
Evernote v. 4.5.8 (Version: 4.5.8.7356 - Evernote Corp.)
FileASSASSIN (Version: 1.06 - Malwarebytes)
Free Easy Burner V 5.1 (Version: 5.1.0.0 - Koyote soft)
Glary Utilities 2.55.0.1790 (Version: 2.55.0.1790 - Glarysoft Ltd)
Glary Utilities 4.5 (Version: 4.5.0.89 - Glarysoft Ltd)
Google Chrome (Version: 32.0.1700.107 - Google Inc.)
Google Earth (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.22.5 - Google Inc.) Hidden
GoToMeeting 5.5.0.1133 (HKCU Version: 5.5.0.1133 - CitrixOnline)
ImgBurn (Version: 2.5.5.0 - LIGHTNING UK!)
InstallMgr (Version: 1.0.39.0 - Microsoft Corporation) Hidden
Java 7 Update 51 (Version: 7.0.510 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Logitech QuickCam (Version: 11.70.1200 - Logitech Inc.)
Logitech QuickCam Driver Package (Version: - )
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300 - Malwarebytes Corporation)
Memeo Instant Backup (Version: 4.60.0.7923 - Memeo Inc.)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1 - Microsoft Corporation)
Microsoft Default Manager (Version: 1.1.53.0 - Microsoft Corporation) Hidden
Microsoft Internationalized Domain Names Mitigation APIs (Version: - Microsoft Corporation) Hidden
Microsoft National Language Support Downlevel APIs (Version: - Microsoft Corporation) Hidden
Microsoft Office Professional Edition 2003 (Version: 11.0.5614.0 - Microsoft Corporation)
Microsoft Search Enhancement Pack (Version: 1.2.123.0 - Microsoft Corporation) Hidden
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (Version: - Microsoft Corporation)
Microsoft VC9 runtime libraries (Version: 1.0.0 - AOL LLC) Hidden
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 27.0.1 (x86 en-US) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (Version: 27.0.1 - Mozilla)
MSN (Version: - )
MSN Toolbar (Version: 1.0.39.0 - Microsoft Corporation)
MSN Toolbar (Version: 3.0.1125.0 - Microsoft Corporation) Hidden
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0 - Microsoft Corporation)
Nikon Message Center (Version: 0.91.000 - )
OpenOffice 4.0.1 (Version: 4.01.9714 - Apache Software Foundation)
PictureProject (Version: 1.0 - )
PictureProject In Touch Downloader 1.0 (Version: 1.0 - Fotonation Inc.)
QuickTime (Version: - )
Realtek High Definition Audio Driver (Version: - )
ROBLOX Player for User (HKCU Version: - ROBLOX Corporation)
Seagate Dashboard (Version: 1.1.0.1421 - Memeo Inc.)
Secunia PSI (3.0.0.3001) (Version: 3.0.0.3001 - Secunia)
Skins (Version: 2010.0210.2339.42455 - ATI) Hidden
Skype™ 6.13 (Version: 6.13.104 - Skype Technologies S.A.)
SUPERAntiSpyware (Version: 5.6.1014 - SUPERAntiSpyware.com)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB968220) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2345886) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2541763) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2616676) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2616676-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB2661254-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB2718704) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2736233) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2749655) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2863058) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2904266) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB951072-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB951978) (Version: 1 - Microsoft Corporation) Hidden
Update for Windows XP (KB955759) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB955839) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB967715) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB968389) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971029) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971737) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973687) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973815) (Version: 1 - Microsoft Corporation)
Visual C++ 9.0 Runtime for Dragon NaturallySpeaking (Version: 11.0.0 - Nuance Communications Inc.)
VLC media player 2.1.2 (Version: 2.1.2 - VideoLAN)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Genuine Advantage Notifications (KB905474) (Version: 1.9.0040.0 - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (Version: - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Internet Explorer 7 (Version: 20061107.210142 - Microsoft Corporation) Hidden
Windows Internet Explorer 8 (Version: 20090308.140743 - Microsoft Corporation)
Windows Media Format 11 runtime (Version: - )
Windows Media Format 11 runtime (Version: - Microsoft Corporation) Hidden
Windows Media Player 11 (Version: - )
Windows Media Player 11 (Version: - Microsoft Corporation) Hidden
Windows XP Service Pack 3 (Version: 20080414.031525 - Microsoft Corporation)
WinPcap 4.1.2 (Version: 4.1.0.2001 - CACE Technologies)

==================== Restore Points =========================

Could not list Restore Points. Check "winmgmt" service or repair WMI.

==================== Hosts content: ==========================

2001-08-23 06:00 - 2014-01-16 01:41 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9}.job => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: C:\WINDOWS\Tasks\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22}.job => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: C:\WINDOWS\Tasks\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}.job => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: C:\WINDOWS\Tasks\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}.job => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: C:\WINDOWS\Tasks\Defrag.job => C:\Program Files\Glarysoft\Disk SpeedUp\Defrag.exe
Task: C:\WINDOWS\Tasks\Disk Cleanup.job => C:\WINDOWS\system32\cleanmgr.exe
Task: C:\WINDOWS\Tasks\GlaryInitialize 4.job => C:\Program Files\Glary Utilities 4\Initialize.exe
Task: C:\WINDOWS\Tasks\GlaryInitialize.job => C:\Program Files\Glary Utilities\initialize.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{CFDB052C-AF21-4A2C-9F1B-FC9C87FFA4C5}.job => C:\WINDOWS\system32\msfeedssync.exe

==================== Loaded Modules (whitelisted) =============

2014-01-28 09:35 - 2014-01-28 09:35 - 02135232 _____ () C:\Program Files\Comodo\Dragon\dragon_updater.exe
2008-02-05 17:18 - 2008-02-05 17:18 - 00068120 _____ () C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVCSPS.dll
2014-02-15 14:06 - 2014-02-15 14:06 - 03578992 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:0FF263E8

==================== Safe Mode (whitelisted) ===================

==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupfolder: C:^Documents and Settings^User^Start Menu^Programs^Startup^EvernoteClipper.lnk => C:\WINDOWS\pss\EvernoteClipper.lnkStartup

==================== Faulty Device Manager Devices =============

Could not list Devices. Check "winmgmt" service or repair WMI.

==================== Event log errors: =========================

Application errors:
==================
Error: (02/16/2014 03:11:58 AM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Microsoft Office Professional Edition 2003 - Update 'Office 2003 Service Pack 3 (SP3): MAINSP3' could not be installed. Error code 1603. Additional information is available in the log file C:\WINDOWS\TEMP\MSI153bf.LOG.

Error: (02/16/2014 03:11:47 AM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Microsoft Office Professional Edition 2003 -- Error 1311. Source file not found(cabinet): C:\MSOCache\All Users\90000409-6000-11D3-8CFE-0150048383C9\PA561401.CAB. Verify that the file exists and that you can access it.

Error: (02/14/2014 04:51:38 PM) (Source: Application Hang) (User: )
Description: Fault bucket -256360697.

Error: (02/14/2014 04:44:56 PM) (Source: Application Hang) (User: )
Description: Hanging application shredder.exe, version 4.0.0.3, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (02/12/2014 04:09:22 AM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Microsoft Office Professional Edition 2003 - Update 'Office 2003 Service Pack 3 (SP3): MAINSP3' could not be installed. Error code 1603. Additional information is available in the log file C:\WINDOWS\TEMP\MSIe97a8.LOG.

Error: (02/12/2014 04:09:18 AM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Microsoft Office Professional Edition 2003 -- Error 1311. Source file not found(cabinet): C:\MSOCache\All Users\90000409-6000-11D3-8CFE-0150048383C9\PA561401.CAB. Verify that the file exists and that you can access it.

Error: (02/11/2014 03:07:07 AM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Microsoft Office Professional Edition 2003 - Update 'Office 2003 Service Pack 3 (SP3): MAINSP3' could not be installed. Error code 1603. Additional information is available in the log file C:\WINDOWS\TEMP\MSI68026.LOG.

Error: (02/11/2014 03:06:56 AM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Microsoft Office Professional Edition 2003 -- Error 1311. Source file not found(cabinet): C:\MSOCache\All Users\90000409-6000-11D3-8CFE-0150048383C9\PA561401.CAB. Verify that the file exists and that you can access it.

Error: (02/10/2014 03:13:27 AM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Microsoft Office Professional Edition 2003 - Update 'Office 2003 Service Pack 3 (SP3): MAINSP3' could not be installed. Error code 1603. Additional information is available in the log file C:\WINDOWS\TEMP\MSI767c.LOG.

Error: (02/10/2014 03:13:25 AM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Microsoft Office Professional Edition 2003 -- Error 1311. Source file not found(cabinet): C:\MSOCache\All Users\90000409-6000-11D3-8CFE-0150048383C9\PA561401.CAB. Verify that the file exists and that you can access it.

System errors:
=============
Error: (02/16/2014 03:17:25 AM) (Source: Windows Update Agent) (User: )
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Office 2003 Service Pack 3 (SP3).

Error: (02/14/2014 08:11:38 PM) (Source: Service Control Manager) (User: )
Description: The Windows Image Acquisition (WIA) service hung on starting.

Error: (02/14/2014 08:09:05 PM) (Source: Service Control Manager) (User: )
Description: The HOSTS Anti-PUPs service failed to start due to the following error:
%%2

Error: (02/14/2014 05:38:48 AM) (Source: Service Control Manager) (User: )
Description: The Windows Installer service failed to start due to the following error:
%%1053

Error: (02/14/2014 05:38:46 AM) (Source: Service Control Manager) (User: )
Description: Timeout (120000 milliseconds) waiting for the Windows Installer service to connect.

Error: (02/14/2014 05:38:33 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1053" attempting to start the service MSIServer with arguments ""
in order to run the server:
{000C101C-0000-0000-C000-000000000046}

Error: (02/12/2014 02:25:20 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: The server {E0E9D49D-65D1-4AB1-8235-DF90B6ED8483} did not register with DCOM within the required timeout.

Error: (02/12/2014 02:19:44 PM) (Source: Service Control Manager) (User: )
Description: The HOSTS Anti-PUPs service failed to start due to the following error:
%%2

Error: (02/12/2014 00:47:12 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: The server {E0E9D49D-65D1-4AB1-8235-DF90B6ED8483} did not register with DCOM within the required timeout.

Error: (02/12/2014 00:45:06 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: The server {E0E9D49D-65D1-4AB1-8235-DF90B6ED8483} did not register with DCOM within the required timeout.

Microsoft Office Sessions:
=========================
Error: (02/16/2014 03:11:58 AM) (Source: MsiInstaller)(User: NT AUTHORITY)
Description: Microsoft Office Professional Edition 2003Office 2003 Service Pack 3 (SP3): MAINSP31603C:\WINDOWS\TEMP\MSI153bf.LOG

Error: (02/16/2014 03:11:47 AM) (Source: MsiInstaller)(User: NT AUTHORITY)
Description: Product: Microsoft Office Professional Edition 2003 -- Error 1311. Source file not found(cabinet): C:\MSOCache\All Users\90000409-6000-11D3-8CFE-0150048383C9\PA561401.CAB. Verify that the file exists and that you can access it.(NULL)(NULL)(NULL)

Error: (02/14/2014 04:51:38 PM) (Source: Application Hang)(User: )
Description: -256360697

Error: (02/14/2014 04:44:56 PM) (Source: Application Hang)(User: )
Description: shredder.exe4.0.0.3hungapp0.0.0.000000000

Error: (02/12/2014 04:09:22 AM) (Source: MsiInstaller)(User: NT AUTHORITY)
Description: Microsoft Office Professional Edition 2003Office 2003 Service Pack 3 (SP3): MAINSP31603C:\WINDOWS\TEMP\MSIe97a8.LOG

Error: (02/12/2014 04:09:18 AM) (Source: MsiInstaller)(User: NT AUTHORITY)
Description: Product: Microsoft Office Professional Edition 2003 -- Error 1311. Source file not found(cabinet): C:\MSOCache\All Users\90000409-6000-11D3-8CFE-0150048383C9\PA561401.CAB. Verify that the file exists and that you can access it.(NULL)(NULL)(NULL)

Error: (02/11/2014 03:07:07 AM) (Source: MsiInstaller)(User: NT AUTHORITY)
Description: Microsoft Office Professional Edition 2003Office 2003 Service Pack 3 (SP3): MAINSP31603C:\WINDOWS\TEMP\MSI68026.LOG

Error: (02/11/2014 03:06:56 AM) (Source: MsiInstaller)(User: NT AUTHORITY)
Description: Product: Microsoft Office Professional Edition 2003 -- Error 1311. Source file not found(cabinet): C:\MSOCache\All Users\90000409-6000-11D3-8CFE-0150048383C9\PA561401.CAB. Verify that the file exists and that you can access it.(NULL)(NULL)(NULL)

Error: (02/10/2014 03:13:27 AM) (Source: MsiInstaller)(User: NT AUTHORITY)
Description: Microsoft Office Professional Edition 2003Office 2003 Service Pack 3 (SP3): MAINSP31603C:\WINDOWS\TEMP\MSI767c.LOG

Error: (02/10/2014 03:13:25 AM) (Source: MsiInstaller)(User: NT AUTHORITY)
Description: Product: Microsoft Office Professional Edition 2003 -- Error 1311. Source file not found(cabinet): C:\MSOCache\All Users\90000409-6000-11D3-8CFE-0150048383C9\PA561401.CAB. Verify that the file exists and that you can access it.(NULL)(NULL)(NULL)

==================== Memory info ===========================

Percentage of memory in use: 43%
Total physical RAM: 2045.55 MB
Available physical RAM: 1164.87 MB
Total Pagefile: 4962.46 MB
Available Pagefile: 3993.73 MB
Total Virtual: 2047.88 MB
Available Virtual: 1960.6 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:148.08 GB) (Free:79.59 GB) NTFS
Drive h: (RECOVERY) (Fixed) (Total:5.28 GB) (Free:3.34 GB) FAT32 ==>[Drive with boot components (Windows XP)]
Drive j: (SECURE II) (Removable) (Total:0.94 GB) (Free:0.63 GB) FAT

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 153 GB) (Disk ID: 22C1220C)
Partition 1: (Active) - (Size=5 GB) - (Type=0B)
Partition 2: (Not Active) - (Size=148 GB) - (Type=OF Extended)

========================================================
Disk: 5 (MBR Code: Windows XP) (Size: 968 MB) (Disk ID: C3072E18)
Partition 1: (Not Active) - (Size=967 MB) - (Type=06)

==================== End Of Log ============================

Anti root kit will not start, something to do with DLL driver....

Recommended Posts

Link to post

Share on other sites

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Recently Browsing 0 members

Important Information