Mlawarebytes's malicious website protection not activating for some reason

flywelder · October 1, 2014

Using Malwarebytes V 2.0.2.1012 data base is listed as : V2014.09.27.02

Was working just fine for months. But one and half weeks ago it stopped being able to update the data base. now I always get notices from malwarebytes that the data base needs updated.

Malwarebytes tries but with in seconds, posts that it cannot connect to the update server.

I can run scans each scan starts by updating the data base, and each scan finishes and finds no infections, ever.

Computer is a desk top emachine. using Windows XP Pro V 2002 with SP3

Computer also uses Comodo CIS

I have placed every MBAM file and folder I can find into "excluded" inside Comodo CIS

However I had not done this until just yesterday. and malwarebytes and Comodo worked wonderfully well together. so why would I have to put MBAM files into excluded now?

But, although I did, it has not corrected the problem of updating.

For what ever reason I cannot attach the scan results? each one is being reported as an error IO...even zipped attachments? I'll try and attach them to the next posting. one frustration after another.

flywelder · October 1, 2014

the reports are in the KB range, like 119KB and even zipped they are 24.8 KB

So that I guess is the reason they will not attach when the max. size is 128MB . Now what to do?

So here it is copied and pasted. MBAM check and the reports from FRST

i s there any other you need?.. just ask for them please.

is it OK to leave this here on the web for all to see?

So when I attempted to post this info to your site, however I cannot because when I tried your web site told me it was too long and I should shorten it. So all I know to do is remove some scan results and past them to another post. Wow i hope I don't catch hell for this, but I don't know what else to do, and I want to get this info to you folks real soon.

However your web site says it is still TOO long.

and it turns out I can't past or attach any of the scan reports! SO i put them all onto a word doc. and saved it to my documents. and need to ask you where or how, do I get these reports to you experts to look at, So you can help me with my malfunctioning MBAM ?

Frustrated, MBAM user.

AdvancedSetup · October 11, 2014

Hello flywelder

It may be due to the use of Internet Explorer. Please try maybe Firefox or Chrome and and then click on the MORE REPLY OPTIONS button and there you'll find a button to browse and find the file you wish to upload. Please note though that many file types cannot be uploaded. Normally we do not want any Word documents when possible just plain .TXT files that can be opened with notepad. You can also attach .ZIP files if needed.

I would mainly just like to get some new current FRST scan logs. Please run FRST and then make sure you place a check mark in the ADDITIONS.TXT check box and either copy/paste or attach back both log files on your next reply please.

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system.

You can check here if you're not sure if your computer is 32-bit or 64-bit

Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it also makes another log (Addition.txt). Please copy and paste it to your reply as well.

flywelder · October 13, 2014

Ok, but I am using firefox and not IE. and still I have the uploading issue.

I have the results from FRST for you but I can't attach them, apparently they are too large for this website to accept. ..and I think that is very peculiar. Not even if they are zipped can I attach them ( which I tried).

Plus I want to post the results from the "MBAM check" . it is in a notebook format, however it is 123 KB and as Im sure you know this forum will not allow that size to be attached. You can upload up to 427.85MB of files (Max. single file size: 128MB)

and zipping it does not shrink the not book doc. down enough, I have tried. ....So what to do? MBAM check is a great program! yet, I ask you, what good is the MBAM check .exe if I or any one can not get the results to those at this MBAM forum to evaluate because it is a file too large for this forum ?

is there not a general email adress for the MBAM office that I could send this info to?

Hell I can't attach a screen print or a 3mb file to this posting! becasue every one of the attachements is highlighted in red below ????? and of course you can't see that like i can right now. so frustrating this is!!!! ...what the $%#@$&^ is going on?

AdvancedSetup · October 14, 2014

Sorry but we do not want any .DOC files. Please just run the scanner I requested and post back the text files.

Thank you

AdvancedSetup · October 16, 2014

Are you still with us Flywelder?

AdvancedSetup · October 20, 2014

Well not sure where you went but since there is no reply I will go ahead and close this topic now.

flywelder · October 27, 2014

please stand by, as I am experiencing major trouble with the computer with uploading the requested files. and downloading FRST and ADWcleaner; and Junk ware removal tool, I am unable to download from the links provided. and I don't know why.

every scan result from "MBAM check scan" is returning a log that is 1KB in size. and the postings from the experts at this site say that is too large and MBM scan does not create a log that big.

so something is seriously wrong that I do not understand. and is apparently far beyond my capabilities.

I'll attempt to run scans with malwarebytes and Comodo. and CCleaner maybe something will turn up in the results? ( i doubt it, because it has not happened yet in all the other scans I have run. )

I'm Open to all suggestions.

I'm unable to "attache" any logs, so I will attempt to past them here. and if successful it may take several different postings to finish.

The computer is a 32 bit system.

Malwarebytes Anti-Malware
www.malwarebytes.org

Update, 10/27/2014 2:14:03 AM, SYSTEM, MSAIMH002, Scheduler, Malware Database, 2014.10.26.4, 2014.10.26.8,
Protection, 10/27/2014 2:14:08 AM, SYSTEM, MSAIMH002, Protection, Refresh, Starting,
Protection, 10/27/2014 2:15:16 AM, SYSTEM, MSAIMH002, Protection, Refresh, Success,
Scan, 10/27/2014 2:58:11 AM, SYSTEM, MSAIMH002, Manual, Start:10/27/2014 2:14:59 AM, Duration:43 min 2 sec, Threat Scan, Completed, 0 Malware Detections, 0 Non-Malware Detections,
Protection, 10/27/2014 12:26:31 PM, SYSTEM, MSAIMH002, Protection, Malicious Website Protection, Starting,
Protection, 10/27/2014 12:26:31 PM, SYSTEM, MSAIMH002, Protection, Malicious Website Protection, Failed,
Error, 10/27/2014 12:26:31 PM, SYSTEM, MSAIMH002, Protection, PfMakeLog, 21,
Update, 10/27/2014 1:05:33 PM, SYSTEM, MSAIMH002, Scheduler, Malware Database, 2014.10.26.8, 2014.10.27.3,
Protection, 10/27/2014 1:05:34 PM, SYSTEM, MSAIMH002, Protection, Refresh, Starting,
Protection, 10/27/2014 1:07:21 PM, SYSTEM, MSAIMH002, Protection, Refresh, Success,
Protection, 10/27/2014 2:14:48 PM, SYSTEM, MSAIMH002, Protection, Malicious Website Protection, Starting,
Protection, 10/27/2014 2:14:49 PM, SYSTEM, MSAIMH002, Protection, Malicious Website Protection, Failed,
Error, 10/27/2014 2:14:49 PM, SYSTEM, MSAIMH002, Protection, PfMakeLog, 21,

(end)

flywelder · October 28, 2014

here is another log:

mbam-check result log version:     2.1.0.0002
========================================

User Account type:                 Administrator
OS:                                Windows XP Service Pack 3 Service Pack 3 32 bit Operating System
Current Build Number:              2600
Current Version Number:            5.1
Current CSDVersion:                Service Pack 3
OS Product Info: Home Edition

Malwarebytes Anti-Malware:         2.0.3.1025
Installed On:                      2014/10/20
Malware Database:                  2014.10.20.07
Rootkit Database:                  2014.10.17.01
Remediation Database:              2013.10.16.01
IP Database:                       0000.00.00.00
Domain Database:                   0000.00.00.00
License:                           Premium
Malware Protection:                4 (The service is running.)
Malicious Website Protection:      0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMWebAccessControl
Chameleon:                         0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMChameleon
Log Created:                       2014/10/20 21:15:05
Compatibility Flag Settings:
=================================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\appCompatFlags\Layers
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\appCompatFlags\Layers

Malwarebytes Anti-Malware Shell Extension Block Check:
======================================================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Blocked:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Blocked

MBAM Startup Entries:
=====================
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce

Malwarebytes Anti-Malware Service and Driver Status:
=======================================================

--------------Driver File Info:--------------
C:\WINDOWS\system32\drivers\mbam.sys
File Size:     23256 BYTES   FileVersion: 0.1.15.0   MD5: [d2ded3c333a5d9cb3f4c244b0f0dd877]
C:\WINDOWS\system32\drivers\mbamswissarmy.sys
File Size:    114904 BYTES   FileVersion: 0.2.13.0   MD5: [8e2e9ccd873abf180f48bcaeeebe347d]
C:\WINDOWS\system32\drivers\mbamchameleon.sys
File Size:     54360 BYTES   FileVersion: 1.1.4.0   MD5: [7263d95dc327a7911874293d509ad79e]

--------------MBAMProtector:--------------
Type:                   2
State:                  4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE:        0
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0

--------------MBAMService:--------------
Type:                   16
State:                  4 (The service is running.)
WIN32_EXIT_CODE:        0
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0

--------------MBAMScheduler:--------------
Type:                   16
State:                  4 (The service is running.)
WIN32_EXIT_CODE:        0
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0

--------------MBAMChameleon:--------------
Type:                   N/A
State:                  0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMChameleon
WIN32_EXIT_CODE:        N/A
SERVICE_EXIT_CODE:      N/A
CHECKPOINT:             N/A
WAIT_HINT:              N/A

--------------MBAMWebAccessControl:--------------
Type:                   N/A
State:                  0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MbamWebAccessControl
WIN32_EXIT_CODE:        N/A
SERVICE_EXIT_CODE:      N/A
CHECKPOINT:             N/A
WAIT_HINT:              N/A

Required Dependencies:
======================

--------------fltmgr:--------------
Type:                   2
State:                  4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE:        0
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr
   Type                          REG_DWORD       2
   Start                         REG_DWORD       0
   ErrorControl                  REG_DWORD       1
   Tag                           REG_DWORD       1
   ImagePath                     REG_EXPAND_SZ   system32\drivers\fltmgr.sys
   DisplayName                   REG_SZ       FltMgr
   Group                         REG_SZ       FSFilter Infrastructure
   Description                   REG_SZ       File System Filter Manager Driver
   AttachWhenLoaded              REG_DWORD       1
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr\Security
   Security                      REG_BINARY   Binary Data

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr\Enum
   0                             REG_SZ       Root\LEGACY_FLTMGR\0000
   Count                         REG_DWORD       1
   NextInstance                  REG_DWORD       1

C:\WINDOWS\system32\drivers\fltmgr.sys
File Size: 129792    BYTES   FileVersion: 5.1.2600.5512   MD5: [b2cf4b0786f8212cb92ed2b50c6db6b0]
C:\WINDOWS\system32\comctl32.ocx
File Size: 608448    BYTES   FileVersion: 6.0.81.5   MD5: [eb5f811c1f78005b3c147599a0cccf51]
C:\WINDOWS\system32\mscomctl.ocx
File Size: 1070152   BYTES   FileVersion: 6.1.98.34   MD5: [e52859fcb7a827cacfce7963184c7d24]
C:\WINDOWS\system32\olepro32.dll
File Size: 84992     BYTES   FileVersion: 5.1.2600.5512   MD5: [5652f6ce1d9e9d8068b9d29bc21b5409]

MBAM Registry Settings and License Info:
========================================
--------------Settings:--------------
Advanced:
    AutomaticQuarantine:                                       true
    AutostartProtection:                                       true
    EarlyStartSelfProtection:                                  false
    LimitedMode:                                               false
    SelfProtection:                                            false
    StartSilentMode:                                           false
    StartupDelay:                                              0
ApplicationState:
    First-Run-After-Installation:                              false
General:
    DaysUntilNotifyExpiration:                                 5
    Language:                                                  en
    RightClickAccess:                                          true
    SilentErrors:                                              false
Logging:
    ExportLog:                                                 true
Notification:
ProtectionTray:
    DisplayMilliseconds:                                       15000
ScanHistory:
    Duration_Complete:                                         642000
    Duration_Driver:                                           49000
    Duration_Filesystem:                                       5000
    Duration_Heuristics:                                       1561000
    Duration_Loading:                                          0
    Duration_MasterBootRecord:                                 29000
    Duration_Memory:                                           40000
    Duration_PreScan:                                          140000
    Duration_Registry:                                         27000
    Duration_Sector:                                           0
    Duration_SectorMemory:                                     7000
    Duration_Startup:                                          84000
    ItemCount_Complete:                                        407116
    ItemCount_Driver:                                          314
    ItemCount_Filesystem:                                      35291
    ItemCount_Heuristics:                                      9503
    ItemCount_Loading:                                         0
    ItemCount_MasterBootRecord:                                2
    ItemCount_Memory:                                          2797
    ItemCount_PreScan:                                         0
    ItemCount_Registry:                                        353
    ItemCount_Sector:                                          0
    ItemCount_SectorMemory:                                    202
    ItemCount_Startup:                                         2432
    LastScanDateEpoch:                                         1413850266093
    LastScanType:                                              1 (Threat Scan)
Update:
    LastUpdate:                                                2014-10-21T01:00:16
    NotifyInstallReady:                                        true
    NotifyOutdatedDatabase:                                    7
    ProxyPassword:
    ProxyPort:                                                 0
    ProxyServer:
    ProxyUsername:
    UseProxy:                                                  false
    UseProxyAuthentication:                                    false
--------------Account:--------------
Account Status:                                              Premium
Expiration Time:                                             2034/07/17 12:04:39
Activation Time:                                             2014/07/17 12:04:39
Trial Used:                                                  false
--------------Access Policies:--------------

Scheduler Queue:
================

tasks:
    5cbc5f99-39ce-4ae6-8b58-9d26460ef214:
      parameters:
        NotifyWhenUpdateCompletes:                             true
        ProcessLaunchedFromScheduler:                          true
        TaskType:                                              3
      triggers:
        ddee083c-24da-40da-ac28-87845684feb5:
          dateinterval:                                        1:0:0
          lastscheduled:                                       Mon, 20 Oct 2014 06:47:52.796875 -0400
          lasttriggered:                                       Mon, 20 Oct 2014 06:47:52.796875 -0400
          nextscheduled:                                       Tue, 21 Oct 2014 07:00:03.796875 -0400
          recovery:                                            01:00:00
          start:                                               Thu, 17 Jul 2014 16:57:02 +0000
          timeinterval:                                        00:00:00
          type:                                                4
          uuid:                                                ddee083c-24da-40da-ac28-87845684feb5
      type:                                                    update
      uuid:                                                    5cbc5f99-39ce-4ae6-8b58-9d26460ef214
    90ef2c3d-649c-4068-a0a0-7929eacade71:
      parameters:
        CheckForUpdatesBeforeScanStart:                        false
        ProcessLaunchedFromScheduler:                          true
        ScanConfig:
          ExitWhenNoMalwareDetected:                           false
          FileSystemOption:                                    false
          RebootSystemWhenMalwareDetected:                     true
          RemoveMalwareAutomaticallyWhenScanEnds:              true
          ScanArchives:                                        true
          ScanHeuristic:                                       true
          ScanMemoryObjects:                                   true
          ScanPUM:                                             2
          ScanPUP:                                             2
          ScanRegistry:                                        false
          ScanRootkits:                                        true
          ScanStartup:                                         true
          ScanTargets:
          ScanType:                                            3 (Hyper Scan)
          Silent:                                              true
        StartTaskFromSystemAccount:                            false
        TaskType:                                              2
      triggers:
        f0858e2a-e34f-4920-a07d-5ac89057c4e6:
          dateinterval:                                        1:0:0
          lastscheduled:                                       Mon, 20 Oct 2014 06:30:04.828125 -0400
          lasttriggered:                                       Mon, 20 Oct 2014 06:30:04.828125 -0400
          nextscheduled:                                       Tue, 21 Oct 2014 06:30:04.828125 -0400
          recovery:                                            00:00:00
          start:                                               Fri, 15 Aug 2014 02:00:00 +0000
          timeinterval:                                        00:00:00
          type:                                                4
          uuid:                                                f0858e2a-e34f-4920-a07d-5ac89057c4e6
      type:                                                    scan
      uuid:                                                    90ef2c3d-649c-4068-a0a0-7929eacade71
    ef3cb846-c33d-429e-95d1-da4f30df16c0:
      parameters:
        CheckForUpdatesBeforeScanStart:                        true
        ProcessLaunchedFromScheduler:                          true
        ScanConfig:
          ExitWhenNoMalwareDetected:                           false
          ExportLog:                                           true
          FileSystemOption:                                    true
          RebootSystemWhenMalwareDetected:                     true
          RemoveMalwareAutomaticallyWhenScanEnds:              true
          ScanArchives:                                        true
          ScanExtra:                                           true
          ScanHeuristic:                                       true
          ScanMemoryObjects:                                   true
          ScanPUM:                                             2
          ScanPUP:                                             1
          ScanRegistry:                                        true
          ScanRootkits:                                        true
          ScanStartup:                                         true
          ScanTargets:
          ScanType:                                            1 (Threat Scan)
          Silent:                                              true
          TerminateExplorerWhenMalwareIsRemoved:               false
        StartTaskFromSystemAccount:                            false
        TaskType:                                              0
      triggers:
        7f46e3e7-c111-48c5-8d02-45b4d344c55a:
          dateinterval:                                        1:0:0
          lastscheduled:                                       Mon, 20 Oct 2014 19:47:54.562500 -0400
          lasttriggered:                                       Mon, 20 Oct 2014 19:47:54.562500 -0400
          nextscheduled:                                       Tue, 21 Oct 2014 20:00:00.562500 -0400
          recovery:                                            23:00:00
          start:                                               Fri, 18 Jul 2014 06:18:50 +0000
          timeinterval:                                        00:00:00
          type:                                                4
          uuid:                                                7f46e3e7-c111-48c5-8d02-45b4d344c55a
      type:                                                    scan
      uuid:                                                    ef3cb846-c33d-429e-95d1-da4f30df16c0

Pending File Rename Operations:
================================
If any Malwarebytes Anti-Malware items are listed below, the user must reboot to complete a Malwarebytes Anti-Malware upgrade installation.
Pending File Rename Operations:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\
   PendingFileRenameOperations   REG_MULTI_SZ   \??\C:\DOCUME~1\Biomed\LOCALS~1\Temp\~nsu.tmp\Au_.exe

MBAMProtector Registry Values:
==============================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector
   Type                          REG_DWORD       2
   Start                         REG_DWORD       3
   ErrorControl                  REG_DWORD       1
   ImagePath                     REG_EXPAND_SZ   \??\C:\WINDOWS\system32\drivers\mbam.sys
   Group                         REG_SZ       FSFilter Anti-Virus
   DependOnService               REG_MULTI_SZ   FltMgr

   DependOnGroup                 REG_DWORD       0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Instances
   DefaultInstance               REG_SZ       MBAMProtector Instance
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Instances\MBAMProtector Instance
   Altitude                      REG_SZ       328800
   Flags                         REG_DWORD       0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Parameters
   PassThruFile                  REG_SZ       mbampt.exe
   ProductPath                   REG_SZ       C:\Program Files\Malwarebytes Anti-Malware
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Security
   Security                      REG_BINARY   Binary Data

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Enum
   0                             REG_SZ       Root\LEGACY_MBAMPROTECTOR\0000
   Count                         REG_DWORD       1
   NextInstance                  REG_DWORD       1

MBAMService Registry Values:
============================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMService
   Type                          REG_DWORD       16
   Start                         REG_DWORD       2
   ErrorControl                  REG_DWORD       1
   ImagePath                     REG_EXPAND_SZ   "C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe"
   DependOnService               REG_MULTI_SZ   MBAMProtector

   DependOnGroup                 REG_DWORD       0
   ObjectName                    REG_SZ       LocalSystem
   Description                   REG_SZ       Malwarebytes Anti-Malware service
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMService\Security
   Security                      REG_BINARY   Binary Data

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMService\Enum
   0                             REG_SZ       Root\LEGACY_MBAMSERVICE\0000
   Count                         REG_DWORD       1
   NextInstance                  REG_DWORD       1

MBAMScheduler Registry Values:
==============================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMScheduler
   Type                          REG_DWORD       16
   Start                         REG_DWORD       2
   ErrorControl                  REG_DWORD       1
   ImagePath                     REG_EXPAND_SZ   "C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe"
   ObjectName                    REG_SZ       LocalSystem
   Description                   REG_SZ       Malwarebytes Anti-Malware scheduler
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMScheduler\Security
   Security                      REG_BINARY   Binary Data

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMScheduler\Enum
   0                             REG_SZ       Root\LEGACY_MBAMSCHEDULER\0000
   Count                         REG_DWORD       1
   NextInstance                  REG_DWORD       1

Terminal Services Status for (null) entries in PM logs and GetUserToken errors:
===============================================================================

--------------TERMService:--------------
Type:                   32
State:                  4 (The service is running.) (State is stopped)
WIN32_EXIT_CODE:        0
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0

TermService Start is set to: 3 (Manual Startup)

Proxy Status: No proxy is Set

LAN Settings:
=============

No Settings are Set       <--NOT DETECTING SETTING AUTOMATICALLY

SystemPartition:
================

HKEY_LOCAL_MACHINE\SYSTEM\Setup\
   SystemPartition   REG_SZ       \Device\HarddiskVolume2

Balloon Tips Status:
====================

Enabled

Time Format Settings:
=====================

Should be:
       h:mm:ss tt
       AM
       PM
       :

Currently:
REG_SZ       h:mm:ss tt
REG_SZ       AM
REG_SZ       PM
REG_SZ       :

Language and Regional Settings:
===============================

ACP:    Language is English (United States)
MACCP:    Language is English (United States)
OEMCP:    Language is English (United States)

Startup Folders for Error_Expanding_Variables Check:
====================================================

All Users Startup Folder Exists.
Current User's startup Folder Exists.

Context Menu Entries:
=====================

HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt
   (Default):                    REG_SZ       MBAMShlExt Class
HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt\CLSID
   (Default):                    REG_SZ       {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt\CurVer
   (Default):                    REG_SZ       MBAMExt.MBAMShlExt.1
HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt.1
   (Default):                    REG_SZ       MBAMShlExt Class
HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt.1\CLSID
   (Default):                    REG_SZ       {57CE581A-0CB6-4266-9CA0-19364C90A0B3}

HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE}
   (Default):                    REG_SZ       IMBAMShlExt
HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE}\ProxyStubClsid
   (Default):                    REG_SZ       {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE}\ProxyStubClsid32
   (Default):                    REG_SZ       {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE}\TypeLib
   (Default):                    REG_SZ       {AFF1A83B-6C83-4342-8E68-1648DE06CB65}
   Version                       REG_SZ       1.0
HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}
   (Default):                    REG_SZ       MBAMShlExt Class
HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\InprocServer32
   (Default):                    REG_SZ       C:\Program Files\Malwarebytes Anti-Malware\mbamext.dll
   ThreadingModel                REG_SZ       Apartment
HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\ProgID
   (Default):                    REG_SZ       MBAMExt.MBAMShlExt.1
HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\TypeLib
   (Default):                    REG_SZ       {AFF1A83B-6C83-4342-8E68-1648DE06CB65}
HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\VersionIndependentProgID
   (Default):                    REG_SZ       MBAMExt.MBAMShlExt

HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}
HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0
   (Default):                    REG_SZ       MBAMExt 1.0 Type Library
HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\0
HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\0\win32
   (Default):                    REG_SZ       C:\Program Files\Malwarebytes Anti-Malware\mbamext.dll
HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\FLAGS
   (Default):                    REG_SZ       0
HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\HELPDIR
   (Default):                    REG_SZ       C:\Program Files\Malwarebytes Anti-Malware

flywelder · October 28, 2014

the 2nd half of the log from above. B/c it would not all fit at one time.

List of MBAM Related Directories:
=================================

C:\Program Files\Malwarebytes Anti-Malware\
7z.dll                                     File Size: 920888    BYTES   FileVersion: 9.20.0.0       MD5: [ce5bab535bfa98530ddac4661a751dfe]
atl100.dll                                 File Size: 138552    BYTES   FileVersion: 10.0.40219.325 MD5: [df077284408f1ebe031c0579735140f0]
changes.txt                                File Size: 3104      BYTES   FileVersion: N/A            MD5: [3ac874d1e1bfd50e4ceb220f5dd73f67]
license.rtf                                File Size: 39478     BYTES   FileVersion: N/A            MD5: [8627b31943a534aad30d154c2b2c1aaf]
master.conf                                File Size: 1258      BYTES   FileVersion: N/A            MD5: [9702ca5e82d3756c6d8af34a2ababaea]
mbam.dll                                   File Size: 579896    BYTES   FileVersion: 1.0.16.0       MD5: [59569d4be0d79a2b8c3241c6dcea0034]
mbam.exe                                   File Size: 7229752   BYTES   FileVersion: 1.0.1.711      MD5: [f89773dfa9b8c95a3ac2af1e7d99e483]
mbamcore.dll                               File Size: 1829176   BYTES   FileVersion: 1.1.20.0       MD5: [a8d4b1d04a5fcd862321ce106da7ce4e]
mbamdor.exe                                File Size: 54072     BYTES   FileVersion: 1.0.1.0        MD5: [842c198bb5fb3a051c34d493f3a7dff4]
mbamext.dll                                File Size: 261432    BYTES   FileVersion: 3.0.6.0        MD5: [cd55601f51e1c698164590a7c7b4d3c0]
mbampt.exe                                 File Size: 39736     BYTES   FileVersion: 1.0.0.0        MD5: [03cfd2a07ddf755aafac6e459d2d855a]
mbamscheduler.exe                          File Size: 1871160   BYTES   FileVersion: 3.1.1.0        MD5: [6d8a2ee4244630b290a837e79c0f37a1]
mbamservice.exe                            File Size: 968504    BYTES   FileVersion: 3.0.8.0        MD5: [09d4503cbb6adb3a54e7c7a75090b728]
mbamsrv.dll                                File Size: 4463928   BYTES   FileVersion: 1.2.0.0        MD5: [a422816a15cfac50567fd0f6582fd2cf]
msvcp100.dll                               File Size: 421688    BYTES   FileVersion: 10.0.40219.325 MD5: [ca55500e2e0515fcc888c4a5e01e64b7]
msvcr100.dll                               File Size: 774456    BYTES   FileVersion: 10.0.40219.325 MD5: [4c539e592e50633b21ab1e1fda40a32a]
QtCore4.dll                                File Size: 2732856   BYTES   FileVersion: 4.8.4.0        MD5: [61af7614418ba5b9e8b4eb82e459be53]
QtGui4.dll                                 File Size: 8575288   BYTES   FileVersion: 4.8.4.0        MD5: [2954dc080087cf73818f959cb3ed9c13]
QtNetwork4.dll                             File Size: 909112    BYTES   FileVersion: 4.8.4.0        MD5: [d36b759179ddd214743dcfb8ed791fa2]
unins000.dat                               File Size: 68364     BYTES   FileVersion: N/A            MD5: [0cad19af7049518438bff0533e730891]
unins000.exe                               File Size: 718037    BYTES   FileVersion: 51.52.0.0      MD5: [d2796ecf50731e696f0c065d24c0827a]

C:\Program Files\Malwarebytes Anti-Malware\\accessible
qtaccessiblewidgets4.dll                   File Size: 198968    BYTES   FileVersion: 4.8.4.0        MD5: [ac1481e30e75034928f50923c42a530d]

C:\Program Files\Malwarebytes Anti-Malware\\Chameleon

C:\Program Files\Malwarebytes Anti-Malware\\Chameleon\Windows
chameleon.chm                              File Size: 235882    BYTES   FileVersion: N/A            MD5: [c4190b71f037714aa77aba294434ba5b]
firefox.com                                File Size: 761656    BYTES   FileVersion: 3.1.7.0        MD5: [c0afb3c7e6c7ca3f6e42ff242bbbcb1f]
firefox.exe                                File Size: 761656    BYTES   FileVersion: 3.1.7.0        MD5: [c0afb3c7e6c7ca3f6e42ff242bbbcb1f]
firefox.pif                                File Size: 761656    BYTES   FileVersion: 3.1.7.0        MD5: [c0afb3c7e6c7ca3f6e42ff242bbbcb1f]
firefox.scr                                File Size: 761656    BYTES   FileVersion: 3.1.7.0        MD5: [c0afb3c7e6c7ca3f6e42ff242bbbcb1f]
iexplore.exe                               File Size: 761656    BYTES   FileVersion: 3.1.7.0        MD5: [c0afb3c7e6c7ca3f6e42ff242bbbcb1f]
mbam-chameleon.com                         File Size: 761656    BYTES   FileVersion: 3.1.7.0        MD5: [c0afb3c7e6c7ca3f6e42ff242bbbcb1f]
mbam-chameleon.exe                         File Size: 761656    BYTES   FileVersion: 3.1.7.0        MD5: [c0afb3c7e6c7ca3f6e42ff242bbbcb1f]
mbam-chameleon.pif                         File Size: 761656    BYTES   FileVersion: 3.1.7.0        MD5: [c0afb3c7e6c7ca3f6e42ff242bbbcb1f]
mbam-chameleon.scr                         File Size: 761656    BYTES   FileVersion: 3.1.7.0        MD5: [c0afb3c7e6c7ca3f6e42ff242bbbcb1f]
mbam-killer.exe                            File Size: 1188664   BYTES   FileVersion: 3.0.2.0        MD5: [311251e69b0db0562be1a2d6b556e552]
rundll32.exe                               File Size: 761656    BYTES   FileVersion: 3.1.7.0        MD5: [c0afb3c7e6c7ca3f6e42ff242bbbcb1f]
svchost.exe                                File Size: 761656    BYTES   FileVersion: 3.1.7.0        MD5: [c0afb3c7e6c7ca3f6e42ff242bbbcb1f]
windows.exe                                File Size: 761656    BYTES   FileVersion: 3.1.7.0        MD5: [c0afb3c7e6c7ca3f6e42ff242bbbcb1f]
winlogon.exe                               File Size: 761656    BYTES   FileVersion: 3.1.7.0        MD5: [c0afb3c7e6c7ca3f6e42ff242bbbcb1f]

C:\Program Files\Malwarebytes Anti-Malware\\imageformats
qgif4.dll                                  File Size: 32568     BYTES   FileVersion: 4.8.4.0        MD5: [ff014ac49ac32e5f1c7d6e271b320893]

C:\Program Files\Malwarebytes Anti-Malware\\Languages
lang_ar.qm                                 File Size: 139423    BYTES   FileVersion: N/A            MD5: [9771d098e918204a99fa0068f431e6ba]
lang_bg.qm                                 File Size: 147865    BYTES   FileVersion: N/A            MD5: [d250b37179f313e58267f7946e0522d4]
lang_bs.qm                                 File Size: 145523    BYTES   FileVersion: N/A            MD5: [6ab7a6274d4f9f7553c944f5c66201ba]
lang_ca.qm                                 File Size: 149256    BYTES   FileVersion: N/A            MD5: [0cc2735ee2f231ea5d964c323ca73e08]
lang_cs.qm                                 File Size: 142601    BYTES   FileVersion: N/A            MD5: [8426f7126d2851a1e6ca1f1f7e45d2ec]
lang_da.qm                                 File Size: 143131    BYTES   FileVersion: N/A            MD5: [6fe13d4a5a44a3390bf9940404eeb6c7]
lang_de.qm                                 File Size: 151959    BYTES   FileVersion: N/A            MD5: [9517c7c9865b5641c5c250c84b51a6d1]
lang_el.qm                                 File Size: 152327    BYTES   FileVersion: N/A            MD5: [4cd483236d99cf40e9d8cf534bac05e7]
lang_en.qm                                 File Size: 137689    BYTES   FileVersion: N/A            MD5: [d34a8afc30bb472c443f7f088513ff04]
lang_es.qm                                 File Size: 149211    BYTES   FileVersion: N/A            MD5: [1ee5f6535d02c94812e54e3ed65de6ac]
lang_et.qm                                 File Size: 141939    BYTES   FileVersion: N/A            MD5: [f6faee4a33654bb27dcf2f9d4cf955ef]
lang_fi.qm                                 File Size: 145730    BYTES   FileVersion: N/A            MD5: [9f4ff431ec70747591ef0e0eaf3ed2cb]
lang_fr.qm                                 File Size: 153965    BYTES   FileVersion: N/A            MD5: [8dd69dd62ee617dc3ca4f25ab2c70af8]
lang_he.qm                                 File Size: 134117    BYTES   FileVersion: N/A            MD5: [3ad149f1778e6e8f8f89ecfe67a1e62e]
lang_hr.qm                                 File Size: 139841    BYTES   FileVersion: N/A            MD5: [3e3737fe86eb595c5f6817eebf731aa7]
lang_hu.qm                                 File Size: 147806    BYTES   FileVersion: N/A            MD5: [7c3ae4dde80fa8759968b218a03a7a73]
lang_id.qm                                 File Size: 145710    BYTES   FileVersion: N/A            MD5: [c2a0325d9dfb5c5fce7a4832837896e7]
lang_it.qm                                 File Size: 148249    BYTES   FileVersion: N/A            MD5: [4766a519a653d8e6f6ad32094a2a059b]
lang_ja.qm                                 File Size: 122782    BYTES   FileVersion: N/A            MD5: [339134f906b770b833653682264bdc23]
lang_ko.qm                                 File Size: 119240    BYTES   FileVersion: N/A            MD5: [5042df441910dfe9f6a55d3c005b00c7]
lang_lt.qm                                 File Size: 146950    BYTES   FileVersion: N/A            MD5: [5c0fca31ff0a6d2b3f6d1722940a2dc6]
lang_lv.qm                                 File Size: 146072    BYTES   FileVersion: N/A            MD5: [8623ed6977cd81c0d520f5fd84788d93]
lang_nl.qm                                 File Size: 147725    BYTES   FileVersion: N/A            MD5: [1b391d5599be4724018624a27014eb75]
lang_no.qm                                 File Size: 144153    BYTES   FileVersion: N/A            MD5: [2d53348f8e74f26f065e0c83e8fff7fe]
lang_pl.qm                                 File Size: 147483    BYTES   FileVersion: N/A            MD5: [ce39bae20f8a2b42f93f2f5a5c6dd63e]
lang_pt_BR.qm                              File Size: 146906    BYTES   FileVersion: N/A            MD5: [b337c75fa23ba36176719d54c0269560]
lang_pt_PT.qm                              File Size: 144956    BYTES   FileVersion: N/A            MD5: [b41016907930a96a11aadb348fd9a1b6]
lang_ro.qm                                 File Size: 146821    BYTES   FileVersion: N/A            MD5: [69c447559268a873808d5ae48b425ad9]
lang_ru.qm                                 File Size: 148179    BYTES   FileVersion: N/A            MD5: [51d4d0c155de54f24b09be7040a7ff15]
lang_sk.qm                                 File Size: 144330    BYTES   FileVersion: N/A            MD5: [3a00a97315c24e6820f8939920ef14b4]
lang_sl.qm                                 File Size: 144582    BYTES   FileVersion: N/A            MD5: [47db99ccdd98936e6a38957321c71317]
lang_sr.qm                                 File Size: 143261    BYTES   FileVersion: N/A            MD5: [377d15c0da0249f4a7a58978b6307d81]
lang_sv.qm                                 File Size: 145435    BYTES   FileVersion: N/A            MD5: [a2b33c0364aad3e9d7daafdd4f286ee1]
lang_th.qm                                 File Size: 137957    BYTES   FileVersion: N/A            MD5: [6a24ece552172d805cd428853255d294]
lang_tr.qm                                 File Size: 144262    BYTES   FileVersion: N/A            MD5: [18b7fec7611c038780ee77044e523f70]
lang_vi.qm                                 File Size: 144480    BYTES   FileVersion: N/A            MD5: [708062759498e791186bbe64b7246d0c]
lang_zh_tr.qm                              File Size: 110870    BYTES   FileVersion: N/A            MD5: [f223d83580b1ee35edea13293cb2c80d]

C:\Program Files\Malwarebytes Anti-Malware\\Plugins
fixdamage.exe                              File Size: 821560    BYTES   FileVersion: 1.1.0.1010     MD5: [0d7dd0e7f98a4f414fed44af0b50128b]

C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes Anti-Malware
actions.ref                                File Size: 314       BYTES   FileVersion: N/A            MD5: [b26a36c0696e299fdfebe180c09c2737]
exclusions.dat                             File Size: 0         BYTES   FileVersion: N/A            MD5: [d41d8cd98f00b204e9800998ecf8427e]
mbam-setup.exe                             File Size: 19828376 BYTES   FileVersion: 2.0.3.1025     MD5: [33398d340008a0577507fca7fd443622]
rules.ref                                  File Size: 9890134   BYTES   FileVersion: N/A            MD5: [ccaa3aa39c008f0b3dbacd442031326e]
swissarmy.ref                              File Size: 22886     BYTES   FileVersion: N/A            MD5: [c11dabf046555b41cca3c64d1f1cbc89]

C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes Anti-Malware\Configuration
build.conf                                 File Size: 4622      BYTES   FileVersion: N/A            MD5: [0ef1adcb13044f2d0d8612a09f5aa4f4]
database.conf                              File Size: 4         BYTES   FileVersion: N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
gatekeeper.conf                            File Size: 4         BYTES   FileVersion: N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
license.conf                               File Size: 572       BYTES   FileVersion: N/A            MD5: [0501b6cffac12e3e4ab3b9a27129ea83]
manifest.conf                              File Size: 1783      BYTES   FileVersion: N/A            MD5: [660f33b2c47724bae22067cfc2d070d9]
marketing.conf                             File Size: 1434      BYTES   FileVersion: N/A            MD5: [19533c40d9c9778b2ab423dbcf063d80]
net.conf                                   File Size: 6157      BYTES   FileVersion: N/A            MD5: [ae61492481c18c3eca358aa8ee9491a8]
notifications.conf                         File Size: 4         BYTES   FileVersion: N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
scheduler.conf                             File Size: 3587      BYTES   FileVersion: N/A            MD5: [5cabc8dceb0a8bd58d3e5f4149496890]
settings.conf                              File Size: 2166      BYTES   FileVersion: N/A            MD5: [84a4c3a5caade8d0f14fe7ae98926a68]
statistics.conf                            File Size: 597       BYTES   FileVersion: N/A            MD5: [5f7eabf29971c8bc168cdb7f72b6a1c6]

C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes Anti-Malware\Configuration\Restore
build.conf                                 File Size: 4155      BYTES   FileVersion: N/A            MD5: [287475cbeda24d01fe8d34660bc35e1c]
database.conf                              File Size: 4         BYTES   FileVersion: N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
gatekeeper.conf                            File Size: 4         BYTES   FileVersion: N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
license.conf                               File Size: 23        BYTES   FileVersion: N/A            MD5: [0ec01df616b565180556881d8042255b]
manifest.conf                              File Size: 1566      BYTES   FileVersion: N/A            MD5: [29b928c33aec22293649d003ea4ef224]
marketing.conf                             File Size: 1434      BYTES   FileVersion: N/A            MD5: [19533c40d9c9778b2ab423dbcf063d80]
net.conf                                   File Size: 5344      BYTES   FileVersion: N/A            MD5: [973e9c5714cc0c56a7b9c83d876754dd]
notifications.conf                         File Size: 4         BYTES   FileVersion: N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
scheduler.conf                             File Size: 4         BYTES   FileVersion: N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
settings.conf                              File Size: 1725      BYTES   FileVersion: N/A            MD5: [06c52d7137dac16e1661f7cf004f2e4d]
statistics.conf                            File Size: 4         BYTES   FileVersion: N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]

C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes Anti-Malware\Logs
mbam-log-2014-07-18 (06-16-33).xml         File Size: 2478      BYTES   FileVersion: N/A            MD5: [b895354a6e61cf78c3ba4c552156e0bb]
mbam-log-2014-07-19 (07-23-38).xml         File Size: 2478      BYTES   FileVersion: N/A            MD5: [9a1b42d997552bbd1af51d3e2dc6b609]
mbam-log-2014-07-20 (08-09-45).xml         File Size: 2478      BYTES   FileVersion: N/A            MD5: [e37d0db58c84a69630f0911848dc8a36]
mbam-log-2014-07-21 (12-09-35).xml         File Size: 2478      BYTES   FileVersion: N/A            MD5: [c64a8108c306bfc19f828a2e1a9971c1]
mbam-log-2014-07-22 (12-20-24).xml         File Size: 2478      BYTES   FileVersion: N/A            MD5: [98cad06b4af52bddaa6b5f0aeb739343]
mbam-log-2014-07-23 (12-21-55).xml         File Size: 2478      BYTES   FileVersion: N/A            MD5: [e8f12a764aa0d138691c53c60cf6d99f]
mbam-log-2014-07-30 (15-25-47).xml         File Size: 2522      BYTES   FileVersion: N/A            MD5: [49085eedc4653312ffe07b92e9cd9d29]
mbam-log-2014-07-30 (20-39-58).xml         File Size: 2526      BYTES   FileVersion: N/A            MD5: [df640c12537dafaedbdb9b6a9fefd303]
mbam-log-2014-07-31 (02-25-52).xml         File Size: 2520      BYTES   FileVersion: N/A            MD5: [ba0fa81a78a133f41e05d1412b05a217]
mbam-log-2014-07-31 (13-19-41).xml         File Size: 2526      BYTES   FileVersion: N/A            MD5: [558f6a3a8e36c32052a060e01775c9cc]
mbam-log-2014-08-18 (22-00-00).xml         File Size: 2524      BYTES   FileVersion: N/A            MD5: [256b9dddfb5c0546507df4aad59cdf1f]
mbam-log-2014-08-19 (07-18-29).xml         File Size: 2520      BYTES   FileVersion: N/A            MD5: [0ecce63bf25f44bf1e832c763b51396b]
mbam-log-2014-08-19 (22-00-00).xml         File Size: 2502      BYTES   FileVersion: N/A            MD5: [8d4e590e3c383c748d1492473ea61f64]
mbam-log-2014-08-20 (07-20-58).xml         File Size: 2500      BYTES   FileVersion: N/A            MD5: [8c0b2a36cbc58d20b48c489dadf61295]
mbam-log-2014-08-21 (06-17-14).xml         File Size: 2504      BYTES   FileVersion: N/A            MD5: [aa47239babf47e29a5830889b5453c8c]
mbam-log-2014-08-21 (11-28-45).xml         File Size: 2500      BYTES   FileVersion: N/A            MD5: [1df5a3b47ca09e5803d6f5972b19c075]
mbam-log-2014-08-22 (06-17-04).xml         File Size: 2504      BYTES   FileVersion: N/A            MD5: [a224d2ea34cf3cb5623eef254a607e39]
mbam-log-2014-08-22 (11-14-41).xml         File Size: 2500      BYTES   FileVersion: N/A            MD5: [802b4a34db2521c6a5108571c52adf30]
mbam-log-2014-08-23 (07-41-36).xml         File Size: 2504      BYTES   FileVersion: N/A            MD5: [11413a0762988e36b5485f7d79f62459]
mbam-log-2014-08-23 (11-24-13).xml         File Size: 2500      BYTES   FileVersion: N/A            MD5: [baad07cadd4a9fbb26eabb2b3d655d98]
mbam-log-2014-08-24 (08-54-45).xml         File Size: 2504      BYTES   FileVersion: N/A            MD5: [b7d893c4e687565f9adef872303f8cc6]
mbam-log-2014-08-24 (13-38-43).xml         File Size: 2500      BYTES   FileVersion: N/A            MD5: [dede6fafac9a57f2b2f25cb3adfd8353]
mbam-log-2014-08-25 (08-54-42).xml         File Size: 2504      BYTES   FileVersion: N/A            MD5: [24d263b90f6a7455c7d0d581ff867a6f]
mbam-log-2014-08-25 (13-27-20).xml         File Size: 2500      BYTES   FileVersion: N/A            MD5: [5341f8c0fd39dc28053ff510028320d4]
mbam-log-2014-08-27 (06-09-39).xml         File Size: 2504      BYTES   FileVersion: N/A            MD5: [9006b010cc92a0a5d15a4a90252269bf]
mbam-log-2014-08-28 (06-09-28).xml         File Size: 2504      BYTES   FileVersion: N/A            MD5: [684c8a2dabe5a0d5383e6b666df9ef05]
mbam-log-2014-08-29 (06-08-43).xml         File Size: 2500      BYTES   FileVersion: N/A            MD5: [a10b02eb5d1d4d0c1308cd2a74a58a0c]
mbam-log-2014-08-30 (09-03-48).xml         File Size: 2500      BYTES   FileVersion: N/A            MD5: [7c252f4eddc0cb1bdbe72a734fe6308f]
mbam-log-2014-08-31 (08-52-45).xml         File Size: 2498      BYTES   FileVersion: N/A            MD5: [39570efa47be8504d923c2cf0af8100c]
mbam-log-2014-09-01 (08-53-06).xml         File Size: 2498      BYTES   FileVersion: N/A            MD5: [fa05f4b782d2e8e1a098962716f3a698]
mbam-log-2014-09-02 (08-41-28).xml         File Size: 2498      BYTES   FileVersion: N/A            MD5: [a36a26830634b96e07be3990e8c49dfc]
mbam-log-2014-09-03 (09-22-16).xml         File Size: 2504      BYTES   FileVersion: N/A            MD5: [e6d766e2456cd5a8c9cc92bb392092be]
mbam-log-2014-09-04 (09-22-06).xml         File Size: 2504      BYTES   FileVersion: N/A            MD5: [19e515b68f36bdfbef148e269d720e69]
mbam-log-2014-09-04 (09-33-14).xml         File Size: 2500      BYTES   FileVersion: N/A            MD5: [c002fdc4c9a3c65dafc28a38f162348d]
mbam-log-2014-09-05 (09-22-06).xml         File Size: 2504      BYTES   FileVersion: N/A            MD5: [0556780b90df84438c17f8decd96cc8f]
mbam-log-2014-09-05 (09-34-12).xml         File Size: 2500      BYTES   FileVersion: N/A            MD5: [c085a794ccefd87c7d1f4a8e8d8149c4]
mbam-log-2014-09-06 (09-22-07).xml         File Size: 2504      BYTES   FileVersion: N/A            MD5: [284572d6d9f551587dafd0f451b40e2d]
mbam-log-2014-09-06 (09-45-04).xml         File Size: 2500      BYTES   FileVersion: N/A            MD5: [89b81e32db3634db8d9a764a0a30f44d]
mbam-log-2014-09-07 (09-22-07).xml         File Size: 2504      BYTES   FileVersion: N/A            MD5: [5ff89b27f185e1ad8d6e1ba50c0da4d2]
mbam-log-2014-09-07 (09-53-47).xml         File Size: 2500      BYTES   FileVersion: N/A            MD5: [fb5cf0016a38617d895d999207a105f9]
mbam-log-2014-09-08 (10-51-51).xml         File Size: 2506      BYTES   FileVersion: N/A            MD5: [90a988956aff29ff0cba244bff75d0fa]
mbam-log-2014-09-09 (13-14-44).xml         File Size: 2504      BYTES   FileVersion: N/A            MD5: [fccba6fb493a293b8ab6ffddae55e5c4]
mbam-log-2014-09-10 (19-08-22).xml         File Size: 2504      BYTES   FileVersion: N/A            MD5: [cb017a6586ac773cb8d69769927c66f1]
mbam-log-2014-09-11 (18-59-22).xml         File Size: 2500      BYTES   FileVersion: N/A            MD5: [5b7a47d37c3a4c509bd65f0edfb784dd]
mbam-log-2014-09-13 (07-22-13).xml         File Size: 2506      BYTES   FileVersion: N/A            MD5: [866746220c8e14d869c793742a3722ed]
mbam-log-2014-09-14 (07-20-01).xml         File Size: 2500      BYTES   FileVersion: N/A            MD5: [855f13c1a78f35744b9069f079a6fc5e]
mbam-log-2014-09-15 (18-14-18).xml         File Size: 2504      BYTES   FileVersion: N/A            MD5: [f0c7a7641b356c7b392fda0100ca3930]
mbam-log-2014-09-16 (20-20-40).xml         File Size: 2504      BYTES   FileVersion: N/A            MD5: [96c0bc32cfafc2d0173881bdbd1cf2e9]
mbam-log-2014-09-18 (05-58-42).xml         File Size: 2506      BYTES   FileVersion: N/A            MD5: [91e20d02158f68a9b338fd4a6a44b08e]
mbam-log-2014-09-19 (07-30-04).xml         File Size: 2506      BYTES   FileVersion: N/A            MD5: [c17b770ec752e972c47696febec20c0c]
mbam-log-2014-09-20 (07-29-55).xml         File Size: 2504      BYTES   FileVersion: N/A            MD5: [5962d0b61d84540e2fb23f4a0c2aa021]
mbam-log-2014-09-21 (07-25-59).xml         File Size: 2500      BYTES   FileVersion: N/A            MD5: [71f54a7f6bc7dc662f119a4e0d6456cd]
mbam-log-2014-09-22 (07-29-55).xml         File Size: 2504      BYTES   FileVersion: N/A            MD5: [1c350fbad0a32b0d25af89fd5babdcb9]
mbam-log-2014-09-23 (07-28-43).xml         File Size: 2500      BYTES   FileVersion: N/A            MD5: [7f0d4ab9de00b3c4b59f948c4ea9c1cf]
mbam-log-2014-09-24 (07-29-58).xml         File Size: 2506      BYTES   FileVersion: N/A            MD5: [b700bc124000742ac8d434ebbc913d47]
mbam-log-2014-09-25 (08-52-24).xml         File Size: 2506      BYTES   FileVersion: N/A            MD5: [e499ed2e723f5418c8166dccb11b11e6]
mbam-log-2014-09-26 (08-48-30).xml         File Size: 2500      BYTES   FileVersion: N/A            MD5: [edb5d9470bdd7507f78638973250a6f8]
mbam-log-2014-09-27 (08-40-54).xml         File Size: 2500      BYTES   FileVersion: N/A            MD5: [8d2eccb33b2bc070624a3adfb94f3490]
mbam-log-2014-09-28 (08-26-06).xml         File Size: 2500      BYTES   FileVersion: N/A            MD5: [3e6f23906c3f9c0ebfda98fb0596050f]
mbam-log-2014-09-29 (08-20-00).xml         File Size: 2500      BYTES   FileVersion: N/A            MD5: [b0694c4549fd51a5e47acd03a7130ad5]
mbam-log-2014-09-29 (12-58-05).xml         File Size: 2504      BYTES   FileVersion: N/A            MD5: [f178fcbbc28f6f19aaf3c5fb47507a5a]
mbam-log-2014-09-30 (08-12-24).xml         File Size: 2500      BYTES   FileVersion: N/A            MD5: [83e85ef6b33a494ca14e5543ecd8c4aa]
mbam-log-2014-10-01 (08-00-08).xml         File Size: 2500      BYTES   FileVersion: N/A            MD5: [496603b3afc72ca823f6d8f86fb873dd]
mbam-log-2014-10-01 (08-52-24).xml         File Size: 2504      BYTES   FileVersion: N/A            MD5: [b3827ef2e0b74683d3151db17df95430]
mbam-log-2014-10-02 (08-09-45).xml         File Size: 2500      BYTES   FileVersion: N/A            MD5: [95acd2a4776f3469063861fde8c5837c]
mbam-log-2014-10-02 (08-52-22).xml         File Size: 2504      BYTES   FileVersion: N/A            MD5: [7c00bc024cc4e8e77e02034cc587a0be]
mbam-log-2014-10-03 (08-03-36).xml         File Size: 2500      BYTES   FileVersion: N/A            MD5: [6e77b30e1001936c521cc17549a71ba4]
mbam-log-2014-10-03 (08-52-21).xml         File Size: 2506      BYTES   FileVersion: N/A            MD5: [699d93639627c07f77d7871546fdbf30]
mbam-log-2014-10-03 (10-06-08).xml         File Size: 2506      BYTES   FileVersion: N/A            MD5: [7db0b61a80d2ad442e42bed19a4a33ae]
mbam-log-2014-10-04 (08-12-42).xml         File Size: 2500      BYTES   FileVersion: N/A            MD5: [3888f68537dac6dc482213341ad9fd7f]
mbam-log-2014-10-05 (09-46-00).xml         File Size: 2504      BYTES   FileVersion: N/A            MD5: [1ad94bbe9cfe1644b493f7a12833c363]
mbam-log-2014-10-06 (09-45-48).xml         File Size: 2526      BYTES   FileVersion: N/A            MD5: [f1d51e3061f4f3f6a2db53dc9baa729a]
mbam-log-2014-10-08 (06-13-48).xml         File Size: 2506      BYTES   FileVersion: N/A            MD5: [d6dc4ec5ce55e8263d5e0894fe5b6867]
mbam-log-2014-10-09 (06-06-54).xml         File Size: 2504      BYTES   FileVersion: N/A            MD5: [75a553945e2212da88bf81b927654102]
mbam-log-2014-10-10 (06-06-55).xml         File Size: 2506      BYTES   FileVersion: N/A            MD5: [265519f2a8ea83a683c5233e8ae6bf13]
mbam-log-2014-10-11 (06-06-54).xml         File Size: 2504      BYTES   FileVersion: N/A            MD5: [9c3e1c31d68adecc1c3626101c93d75c]
mbam-log-2014-10-13 (06-29-16).xml         File Size: 2500      BYTES   FileVersion: N/A            MD5: [d18fb835df68d250a19fbe151801f804]
mbam-log-2014-10-14 (06-20-06).xml         File Size: 548       BYTES   FileVersion: N/A            MD5: [f4f646cac70c221e0f79d040a15bc077]
mbam-log-2014-10-14 (06-30-04).xml         File Size: 2504      BYTES   FileVersion: N/A            MD5: [f74a02905c449d85eb94ab0447921090]
mbam-log-2014-10-15 (06-28-18).xml         File Size: 2500      BYTES   FileVersion: N/A            MD5: [bd6b39a750752057e78f0eb648e0d041]
mbam-log-2014-10-16 (06-30-05).xml         File Size: 2504      BYTES   FileVersion: N/A            MD5: [5f45e4343a7b81a73fd48ad5cb9f6c18]
mbam-log-2014-10-18 (06-30-04).xml         File Size: 2526      BYTES   FileVersion: N/A            MD5: [40ca072cb6f429bab4af42d630e15a4d]
mbam-log-2014-10-18 (19-41-05).xml         File Size: 2500      BYTES   FileVersion: N/A            MD5: [39918915bc1251f2319b5771a1c03b9b]
mbam-log-2014-10-19 (06-30-04).xml         File Size: 2504      BYTES   FileVersion: N/A            MD5: [68b9c1c41096f99d476aa3e1f9041847]
mbam-log-2014-10-19 (19-38-47).xml         File Size: 2500      BYTES   FileVersion: N/A            MD5: [b52de05f0181623449d1a283ef30182e]
mbam-log-2014-10-20 (06-30-04).xml         File Size: 2504      BYTES   FileVersion: N/A            MD5: [5ecbee7fcd15ce04e81af8365ba36dc3]
protection-log-2001-12-31.xml              File Size: 1488      BYTES   FileVersion: N/A            MD5: [7cc44031f79af85042f399ee9d6437b1]
protection-log-2014-07-17.xml              File Size: 13376     BYTES   FileVersion: N/A            MD5: [ae45b8f2959dfcc7f542be5d4fcbc408]
protection-log-2014-07-18.xml              File Size: 2375      BYTES   FileVersion: N/A            MD5: [b095b48894d199af31ac57a045b7dd58]
protection-log-2014-07-19.xml              File Size: 6444      BYTES   FileVersion: N/A            MD5: [d0ac5bf496bb56350bae18b4cce3713f]
protection-log-2014-07-20.xml              File Size: 2970      BYTES   FileVersion: N/A            MD5: [65d6caceb034b990e147c21869f3b882]
protection-log-2014-07-21.xml              File Size: 2672      BYTES   FileVersion: N/A            MD5: [d0d44385ed1639f1ab9bebef4fae287e]
protection-log-2014-07-22.xml              File Size: 2971      BYTES   FileVersion: N/A            MD5: [64e8490fbb4aa89eead73ec86699bc79]
protection-log-2014-07-23.xml              File Size: 4427      BYTES   FileVersion: N/A            MD5: [ba5066977bfbd92b16f0c2f9e9e2501f]
protection-log-2014-07-24.xml              File Size: 3245      BYTES   FileVersion: N/A            MD5: [ea721696e76c2515b7ccfb0063ce86d3]
protection-log-2014-07-30.xml              File Size: 18413     BYTES   FileVersion: N/A            MD5: [37f608b640f5f223d6fecaeb0de39707]
protection-log-2014-07-31.xml              File Size: 19186     BYTES   FileVersion: N/A            MD5: [67dfd1cef6e23ab26abb30a5b0f7b5b8]
protection-log-2014-08-01.xml              File Size: 1775      BYTES   FileVersion: N/A            MD5: [5c5dcbe927b587f80914dabbf01033e8]
protection-log-2014-08-02.xml              File Size: 2075      BYTES   FileVersion: N/A            MD5: [a15be416dc1de505c90b047403b0fbcd]
protection-log-2014-08-03.xml              File Size: 1774      BYTES   FileVersion: N/A            MD5: [eec08bda186bbe7b0e3e19b56048bc8d]
protection-log-2014-08-04.xml              File Size: 1774      BYTES   FileVersion: N/A            MD5: [38e0412aa795b79bed720da95b2a5c41]
protection-log-2014-08-05.xml              File Size: 2081      BYTES   FileVersion: N/A            MD5: [4bdfc4b0005efe06512d60d3bf0cc947]
protection-log-2014-08-06.xml              File Size: 1774      BYTES   FileVersion: N/A            MD5: [8d531777c70e450ee1e6b6133b849c52]
protection-log-2014-08-07.xml              File Size: 1774      BYTES   FileVersion: N/A            MD5: [a2023b1e384e6c5b375969df918a3452]
protection-log-2014-08-08.xml              File Size: 1774      BYTES   FileVersion: N/A            MD5: [54f69bf0cdbcb7d893892aa892f88209]
protection-log-2014-08-09.xml              File Size: 1774      BYTES   FileVersion: N/A            MD5: [e1641cae9846538b0f61f4e4f4aaaebf]
protection-log-2014-08-10.xml              File Size: 1777      BYTES   FileVersion: N/A            MD5: [6697de46ada82c6c0dec695452155207]
protection-log-2014-08-11.xml              File Size: 1778      BYTES   FileVersion: N/A            MD5: [695cca5f11a6cfb972bcf388a0c671c0]
protection-log-2014-08-12.xml              File Size: 1778      BYTES   FileVersion: N/A            MD5: [23af88ee60be8dade2295a816fb07867]
protection-log-2014-08-13.xml              File Size: 1778      BYTES   FileVersion: N/A            MD5: [e283c33dbf0a292498d052bc082dda58]
protection-log-2014-08-14.xml              File Size: 6925      BYTES   FileVersion: N/A            MD5: [f99a262dd3b6b966ab1866fac559ae92]
protection-log-2014-08-15.xml              File Size: 2946      BYTES   FileVersion: N/A            MD5: [4a03d48af57db0ffa657e39d57d5735a]
protection-log-2014-08-16.xml              File Size: 1778      BYTES   FileVersion: N/A            MD5: [e72ea85f1867c1224a448c5e44592162]
protection-log-2014-08-17.xml              File Size: 2087      BYTES   FileVersion: N/A            MD5: [a7a0ce14ed5d75325109d52b1a1f573b]
protection-log-2014-08-18.xml              File Size: 19456     BYTES   FileVersion: N/A            MD5: [a2503bda06a239dee9f0889c5f97bf93]
protection-log-2014-08-19.xml              File Size: 3492      BYTES   FileVersion: N/A            MD5: [c96084a350fc92ca61ab13125e932bd8]
protection-log-2014-08-20.xml              File Size: 3205      BYTES   FileVersion: N/A            MD5: [89d404d0d38e78f9d646a3b8feef8811]
protection-log-2014-08-21.xml              File Size: 3781      BYTES   FileVersion: N/A            MD5: [e89ddcb6226c423df6e6d103dad2bfdd]
protection-log-2014-08-22.xml              File Size: 11513     BYTES   FileVersion: N/A            MD5: [09fdeb80713a79f56fb4a24d171361b9]
protection-log-2014-08-23.xml              File Size: 919       BYTES   FileVersion: N/A            MD5: [6c4b6dbbcfda49f715673cd35d432899]
protection-log-2014-08-24.xml              File Size: 918       BYTES   FileVersion: N/A            MD5: [697f7134362978334ac10c8bc4237216]
protection-log-2014-08-25.xml              File Size: 8343      BYTES   FileVersion: N/A            MD5: [c03c30cd929a94384dce8b417c3ef745]
protection-log-2014-08-27.xml              File Size: 1765      BYTES   FileVersion: N/A            MD5: [0dd7438de3c1885eb78016aff034ab79]
protection-log-2014-08-28.xml              File Size: 918       BYTES   FileVersion: N/A            MD5: [6006c41748bd4b3e7bfae5e563fba48e]
protection-log-2014-08-29.xml              File Size: 5203      BYTES   FileVersion: N/A            MD5: [e0a5ede678d4ab5a9484f672d939e349]
protection-log-2014-08-30.xml              File Size: 8631      BYTES   FileVersion: N/A            MD5: [bf879b03a4a011767916398f2554dfef]
protection-log-2014-08-31.xml              File Size: 918       BYTES   FileVersion: N/A            MD5: [3fd555de1c915270e9cbc85d067e781f]
protection-log-2014-09-01.xml              File Size: 917       BYTES   FileVersion: N/A            MD5: [f86467b7c8267e0340cfbed8057e3cbb]
protection-log-2014-09-02.xml              File Size: 4059      BYTES   FileVersion: N/A            MD5: [220a11f69c4439e4197a98173a0a6aac]
protection-log-2014-09-03.xml              File Size: 3776      BYTES   FileVersion: N/A            MD5: [0f745b1eaae0d271a98f3e619ac7f7da]
protection-log-2014-09-04.xml              File Size: 3203      BYTES   FileVersion: N/A            MD5: [f845d3ed9bbb04c4382ad731f1fea2e7]
protection-log-2014-09-05.xml              File Size: 916       BYTES   FileVersion: N/A            MD5: [08f90247b3d59f58c030333d55596218]
protection-log-2014-09-06.xml              File Size: 916       BYTES   FileVersion: N/A            MD5: [6d6469be5fd4a0079550d70a38163c0e]
protection-log-2014-09-07.xml              File Size: 1767      BYTES   FileVersion: N/A            MD5: [6be6949e3cf8b6aa2c4c105675439e7c]
protection-log-2014-09-08.xml              File Size: 2631      BYTES   FileVersion: N/A            MD5: [d8f6c89f05e85619276a48e2050510d7]
protection-log-2014-09-09.xml              File Size: 916       BYTES   FileVersion: N/A            MD5: [b7d6336c069de53cc42f79f7fc7e35bf]
protection-log-2014-09-10.xml              File Size: 1227      BYTES   FileVersion: N/A            MD5: [2a1d2285a36755e5c5221be9132dd2a3]
protection-log-2014-09-11.xml              File Size: 919       BYTES   FileVersion: N/A            MD5: [e775a128eb885e95effcbd29c9adb453]
protection-log-2014-09-13.xml              File Size: 1227      BYTES   FileVersion: N/A            MD5: [58ad6552ab3fc1bc4cc984472e220080]
protection-log-2014-09-14.xml              File Size: 1227      BYTES   FileVersion: N/A            MD5: [0108db956fa9973709413c31e3d0b7b3]
protection-log-2014-09-15.xml              File Size: 1228      BYTES   FileVersion: N/A            MD5: [d53bf47be3f6372f404d08d8f46005ef]
protection-log-2014-09-16.xml              File Size: 919       BYTES   FileVersion: N/A            MD5: [197f66d215971da08823acbbc1528e7d]
protection-log-2014-09-18.xml              File Size: 918       BYTES   FileVersion: N/A            MD5: [72f081cedd7079380a5b7dd47ce3b5fd]
protection-log-2014-09-19.xml              File Size: 1220      BYTES   FileVersion: N/A            MD5: [7a9a6d7461540f25a5c97cc7eb776c18]
protection-log-2014-09-20.xml              File Size: 1227      BYTES   FileVersion: N/A            MD5: [faded892dbc064088dbeea2e24d21a5b]
protection-log-2014-09-21.xml              File Size: 918       BYTES   FileVersion: N/A            MD5: [2f6eecdcaec8e360c3b6f1fb9c737503]
protection-log-2014-09-22.xml              File Size: 911       BYTES   FileVersion: N/A            MD5: [adbe92e292ba8043362f8e85b1834c9b]
protection-log-2014-09-23.xml              File Size: 1775      BYTES   FileVersion: N/A            MD5: [91ed13bb2d9b81781c8c29509bbea6ee]
protection-log-2014-09-24.xml              File Size: 918       BYTES   FileVersion: N/A            MD5: [556f3446b1ea2444e2c4663a4827d248]
protection-log-2014-09-25.xml              File Size: 918       BYTES   FileVersion: N/A            MD5: [76cbc04a4e4e751f7347fc3b1594c068]
protection-log-2014-09-26.xml              File Size: 918       BYTES   FileVersion: N/A            MD5: [44a657872cccc276494976fa789b1a66]
protection-log-2014-09-27.xml              File Size: 918       BYTES   FileVersion: N/A            MD5: [9736a80a25fedb74c8aac712e26f0acc]
protection-log-2014-09-28.xml              File Size: 1778      BYTES   FileVersion: N/A            MD5: [76df061c49f668ac18c39a83abd65fec]
protection-log-2014-09-29.xml              File Size: 7777      BYTES   FileVersion: N/A            MD5: [93222fc7529b6806b2cba8d18f66abd6]
protection-log-2014-09-30.xml              File Size: 918       BYTES   FileVersion: N/A            MD5: [14027bd75cba0694f3b264f91f910583]
protection-log-2014-10-01.xml              File Size: 918       BYTES   FileVersion: N/A            MD5: [edd55937bbfb9fb41562a0028067edef]
protection-log-2014-10-02.xml              File Size: 918       BYTES   FileVersion: N/A            MD5: [01c8016447c7719a0da87edacc58a030]
protection-log-2014-10-03.xml              File Size: 3489      BYTES   FileVersion: N/A            MD5: [0a0aa996ee6ee9ce40feb5840fc24bea]
protection-log-2014-10-04.xml              File Size: 918       BYTES   FileVersion: N/A            MD5: [8a59db38299dc0585b55ea1f770e755e]
protection-log-2014-10-05.xml              File Size: 918       BYTES   FileVersion: N/A            MD5: [9c1f9865f623f8edf6774afad9644faf]
protection-log-2014-10-06.xml              File Size: 4919      BYTES   FileVersion: N/A            MD5: [f7a3904ce609e1b269b9b1b4dcb3bf73]
protection-log-2014-10-08.xml              File Size: 2073      BYTES   FileVersion: N/A            MD5: [a0b2944c74723bd3d17cc0968ffd0c07]
protection-log-2014-10-09.xml              File Size: 2650      BYTES   FileVersion: N/A            MD5: [f99b368cfbccb3e35cae63382f9c3308]
protection-log-2014-10-10.xml              File Size: 919       BYTES   FileVersion: N/A            MD5: [d913233a565dc90cbab76bdba5f22d43]
protection-log-2014-10-11.xml              File Size: 3212      BYTES   FileVersion: N/A            MD5: [1de1ea8353ae985852025e4a779ff230]
protection-log-2014-10-13.xml              File Size: 1230      BYTES   FileVersion: N/A            MD5: [ff4873a1cd887d7abe1690cb26168ca9]
protection-log-2014-10-14.xml              File Size: 4100      BYTES   FileVersion: N/A            MD5: [563eb84b9d0cb46b85c1be70923e205c]
protection-log-2014-10-15.xml              File Size: 9517      BYTES   FileVersion: N/A            MD5: [db6ec2f3f4084e1f2f3d73eda64cca10]
protection-log-2014-10-16.xml              File Size: 920       BYTES   FileVersion: N/A            MD5: [65886b706bed49f602287ee4088b68e3]
protection-log-2014-10-17.xml              File Size: 2345      BYTES   FileVersion: N/A            MD5: [b1bdc20aff3b6526dd70f4900d967db3]
protection-log-2014-10-18.xml              File Size: 3523      BYTES   FileVersion: N/A            MD5: [2d03a29a807e4fa4fa9ab5d8c59eadc1]
protection-log-2014-10-19.xml              File Size: 2639      BYTES   FileVersion: N/A            MD5: [7a5183af1dbca6635ab0d864bdb63396]
protection-log-2014-10-20.xml              File Size: 8983      BYTES   FileVersion: N/A            MD5: [7e62b3be0af05f4b7373cc702e729290]

C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes Anti-Malware\Quarantine

END OF FILE

flywelder · October 28, 2014

In this one I see the word : error listed. maybe it means some thing to you.

Malwarebytes Anti-Malware
www.malwarebytes.org

Update, 10/27/2014 2:14:03 AM, SYSTEM, MSAIMH002, Scheduler, Malware Database, 2014.10.26.4, 2014.10.26.8,
Protection, 10/27/2014 2:14:08 AM, SYSTEM, MSAIMH002, Protection, Refresh, Starting,
Protection, 10/27/2014 2:15:16 AM, SYSTEM, MSAIMH002, Protection, Refresh, Success,
Scan, 10/27/2014 2:58:11 AM, SYSTEM, MSAIMH002, Manual, Start:10/27/2014 2:14:59 AM, Duration:43 min 2 sec, Threat Scan, Completed, 0 Malware Detections, 0 Non-Malware Detections,
Protection, 10/27/2014 12:26:31 PM, SYSTEM, MSAIMH002, Protection, Malicious Website Protection, Starting,
Protection, 10/27/2014 12:26:31 PM, SYSTEM, MSAIMH002, Protection, Malicious Website Protection, Failed,
Error, 10/27/2014 12:26:31 PM, SYSTEM, MSAIMH002, Protection, PfMakeLog, 21,
Update, 10/27/2014 1:05:33 PM, SYSTEM, MSAIMH002, Scheduler, Malware Database, 2014.10.26.8, 2014.10.27.3,
Protection, 10/27/2014 1:05:34 PM, SYSTEM, MSAIMH002, Protection, Refresh, Starting,
Protection, 10/27/2014 1:07:21 PM, SYSTEM, MSAIMH002, Protection, Refresh, Success,
Protection, 10/27/2014 2:14:48 PM, SYSTEM, MSAIMH002, Protection, Malicious Website Protection, Starting,
Protection, 10/27/2014 2:14:49 PM, SYSTEM, MSAIMH002, Protection, Malicious Website Protection, Failed,
Error, 10/27/2014 2:14:49 PM, SYSTEM, MSAIMH002, Protection, PfMakeLog, 21,

(end)

flywelder · October 28, 2014

FRST runs, and I did so 3 times. but the logs it creates are blank. not a single text is in them. ?????

and I cannot attach them or find them and using Microsoft search can not find any logs from FRST except those I ran in Sept and the first of this month???? So I'll try and give you those. and they are good because this issue were working with has been effecting this computer since April of 2014 !

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 23-04-2014
Ran by Biomed at 2014-05-09 23:00:09
Running from C:\Documents and Settings\Biomed\desktop
Boot Mode: Safe Mode (minimal)
==========================================================

==================== Security Center ========================

AV: COMODO Antivirus (Disabled - Up to date) {043803A5-4F86-4ef7-AFC5-F6E02A79969B}

==================== Installed Programs ======================

Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Acrobat.com (Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 2.7.1.19610 - Adobe Systems Incorporated)
Adobe AIR (Version: 2.7.1.19610 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 13.0.0.182 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Agere Systems PCI Soft Modem (HKLM\...\Agere Systems Soft Modem) (Version: - )
AiO_Scan (Version: 47.0.1.000 - Hewlett-Packard) Hidden
AiOSoftware (Version: 47.0.1.000 - Hewlett-Packard) Hidden
Amazon Kindle (HKLM\...\Amazon Kindle) (Version: - Amazon)
BackupManager (HKLM\...\{0B0FABBA-6F8D-4087-B0FB-BF8AB57A0FEF}) (Version: 1.00.0000 - GLi)
Belkin Setup and Router Monitor (HKLM\...\Belkin Setup and Router Monitor_is1) (Version: - )
Belkin USB Print and Storage Center (HKLM\...\Belkin USB Print and Storage Center) (Version: 1.0.0 - Belkin International, Inc.)
Blackhawk Striker 2 from Hewlett-Packard Desktops (remove only) (HKLM\...\58D1A004-6D3C-480A-9E0D-FAA58F3C2A62) (Version: - )
Blasterball 2 from Hewlett-Packard Desktops (remove only) (HKLM\...\8C4E79CC-03E1-43AA-9910-9A5113F24603) (Version: - )
Blasterball 2 Holidays from Hewlett-Packard Desktops (remove only) (HKLM\...\B41503CB-5FE0-47E0-87C1-47BA8E660BCC) (Version: - )
Blasterball 2 Remix from Hewlett-Packard Desktops (remove only) (HKLM\...\B151D9AC-5E4E-4AD0-96C9-5A6C9EC23502) (Version: - )
Bounce Symphony from Hewlett-Packard Desktops (remove only) (HKLM\...\D11F7128-8CBD-408B-8BF8-034604DEDD42) (Version: - )
BufferChm (Version: 45.4.157.000 - Hewlett-Packard) Hidden
CameraDrivers (Version: 4.5.0.211 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.12 - Piriform)
Chinese Simplified Fonts Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-2447-0000-900000000003}) (Version: 9.0.0 - Adobe Systems Incorporated)
COMODO Antivirus (HKLM\...\{F1EC4151-805B-4097-B9BB-7D71A417AAF1}) (Version: 6.1.14723.2813 - COMODO Security Solutions Inc.)
Comodo Dragon (HKLM\...\Comodo Dragon) (Version: 33.0.0.0 - COMODO)
Copy (Version: 45.4.157.000 - Hewlett-Packard) Hidden
CP_AtenaShokunin1Config (Version: 45.4.131.000 - Hewlett-Packard) Hidden
cp_dwSharkTaleAlbums1 (Version: 45.4.157.000 - Hewlett-Packard) Hidden
cp_dwSharkTaleCards1 (Version: 45.4.157.000 - Hewlett-Packard) Hidden
cp_dwShrek2Albums1 (Version: 45.4.157.000 - Hewlett-Packard) Hidden
cp_dwShrek2Cards1 (Version: 45.4.157.000 - Hewlett-Packard) Hidden
CP_PLSBusinessFlyers (Version: 45.4.157.000 - Hewlett-Packard) Hidden
CreativeProjects (Version: 45.4.157.000 - Hewlett-Packard) Hidden
CreativeProjectsTemplates (Version: 45.4.157.000 - Hewlett-Packard) Hidden
Crystal Maze from Hewlett-Packard Desktops (remove only) (HKLM\...\DAE7A92A-BAC7-42FA-AC62-53DEF1DC4292) (Version: - )
CueTour (Version: 45.4.157.000 - Hewlett-Packard) Hidden
Destinations (Version: 45.4.157.000 - Hewlett-Packard) Hidden
Director (Version: 45.4.157.000 - Hewlett-Packard) Hidden
Disk SpeedUp 1.4.0.888 (HKLM\...\Disk SpeedUp) (Version: 1.4.0.888 - Glarysoft Ltd)
DocProc (Version: 4.5.0.0 - Hewlett-Packard) Hidden
DocumentViewer (Version: 45.4.157.000 - Hewlett-Packard) Hidden
Easy Internet Sign-up (HKLM\...\InstallShield_{8105684D-8CA6-440D-8F58-7E5FD67A499D}) (Version: FE UI-3.2.0.1491 - Hewlett-Packard)
Easy Internet Sign-up (Version: FE UI-3.2.0.1491 - Hewlett-Packard) Hidden
Enhanced Multimedia Keyboard Solution (HKLM\...\KBD) (Version: - )
ERUNT 1.1j (HKLM\...\ERUNT_is1) (Version: - Lars Hederer)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - )
Family Tree For Dummies (HKLM\...\Family Tree For Dummies_is1) (Version: - Anuman Interactive)
Fax (Version: 47.0.1.000 - Hewlett-Packard) Hidden
Final Drive Nitro from Hewlett-Packard Desktops (remove only) (HKLM\...\741C4983-B139-407A-AD4E-3D6C7B29704B) (Version: - )
GeekBuddy (HKLM\...\{B11635F3-55E6-4E40-B0A0-E026AAA4F9E1}) (Version: 4.11.94 - Comodo Security Solutions Inc)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: - )
GoToMeeting 4.5.0.457 (HKCU\...\GoToMeeting) (Version: - )
Help and Support Additions (HKLM\...\Help and Support Additions) (Version: 3.0.5 - Hewlett Packard)
High Definition Audio Driver Package - KB835221 (HKLM\...\KB835221WXP) (Version: 20040219.000000 - Microsoft Corporation)
HP Boot Optimizer (HKLM\...\{3BA95526-6AE0-4B87-A62D-17187EF565FC}) (Version: 1.0.2 - Hewlett-Packard)
HP Deskjet Printer Preload (HKLM\...\{2C5D07FB-31A2-4F2D-9FDA-0B24ACD42BD0}) (Version: 10.1.0 - Hewlett-Packard Company)
HP Image Zone 4.8.6 (HKLM\...\HP Photo & Imaging) (Version: 4.8.6 - HP)
HP Image Zone Plus 4.8.6 (HKLM\...\{32498B7B-E1F3-4ad5-A23B-F26414E94BE0}) (Version: 4.8.6 - HP)
HP Organize (HKLM\...\{D0122362-6333-4DE4-93F6-A5A2F3CC101A}) (Version: - )
HP Photosmart Cameras 4.5 (HKLM\...\{ABA2B37F-AB88-486e-870A-52454A23FEE0}) (Version: 4.5 - HP)
HP Product Assistant (Version: 2.0.0.0 - Hewlett-Packard) Hidden
HP Product Detection (HKLM\...\{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}) (Version: 10.7.8.0 - Hewlett-Packard Company)
HP PSC & OfficeJet 4.7 (HKLM\...\{342C7C88-D335-4bc2-8CF1-281857629CE2}) (Version: - HP)
HP Update (HKLM\...\{FE57DE70-95DE-4B64-9266-84DA811053DB}) (Version: 4.000.012.001 - Hewlett-Packard)
HPIZplus450 (Version: 48.2.6.0 - Hewlett-Packard) Hidden
HpSdpAppCoreApp (Version: 3.00.0000 - Hewlett-Packard) Hidden
HPSystemDiagnostics (Version: 1.6.0.0 - Your Company Name) Hidden
IBM iSeries Access for Windows (HKLM\...\ClientAccessExpress) (Version: - )
IBM iSeries Access for Windows SI29771 (HKLM\...\ClientAccessExpressSP) (Version: - )
InstantShare (Version: 45.4.157.000 - Hewlett-Packard) Hidden
Intel® Graphics Media Accelerator Driver (HKLM\...\{8A708DD8-A5E6-11D4-A706-000629E95E20}) (Version: - )
IntelliMover Data Transfer Demo (HKLM\...\{14589F05-C658-4594-9429-D437BA688686}) (Version: - )
InterVideo WinDVD Player (HKLM\...\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}) (Version: 5.0-B11.767 - InterVideo Inc.)
iTunes (HKLM\...\InstallShield_{BE20E2F5-1903-4AAE-B1AF-2046E586C925}) (Version: 4.7.0.42 - Apple Computer, Inc.)
iTunes (Version: 4.7.0.42 - Apple Computer, Inc.) Hidden
Lexibox Deluxe from Hewlett-Packard Desktops (remove only) (HKLM\...\E2A4EA31-80A1-4460-9510-631AF4D6A636) (Version: - )
Logitech Webcam Software (HKLM\...\{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}) (Version: 12.10.1113 - Logitech Inc.)
Logitech Webcam Software Driver Package (HKLM\...\lvdrivers_12.10) (Version: 12.10.1110 - Logitech Inc.)
LS_HSI (Version: 1.4.27.1 - Integrator) Hidden
Malwarebytes Anti-Malware version 2.0.1.1004 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2742597) (HKLM\...\M2742597) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version: - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft Access 2000 SR-1 Runtime (HKLM\...\{004F0409-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.3821 - Microsoft Corporation)
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Automated Troubleshooting Services Shim (HKLM\...\{c9920352-04e6-469d-bab8-e2b9c7c75415}.sdb) (Version: - )
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Download Manager (HKLM\...\{654977DB-0001-0002-0001-EABD228DDE8B}) (Version: 1.2.1 - Microsoft Corporation)
Microsoft Internationalized Domain Names Mitigation APIs (Version: - Microsoft Corporation) Hidden
Microsoft National Language Support Downlevel APIs (Version: - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Standard Edition 2003 (HKLM\...\{91120409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Plus! Dancer LE (HKLM\...\{1A103D70-5C9B-4E1A-B306-5106C68F9914}) (Version: 1.1.0.3522 - Microsoft Corporation)
Microsoft Plus! Digital Media Edition Installer (HKLM\...\{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}) (Version: 1.1.0.3500 - Microsoft Corporation)
Microsoft Plus! Photo Story 2 LE (HKLM\...\{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}) (Version: 1.1.0.3463 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Works (HKLM\...\{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}) (Version: 08.04.0623 - Microsoft Corporation)
Mozilla Firefox 28.0 (x86 en-US) (HKLM\...\Mozilla Firefox 28.0 (x86 en-US)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
mp (Version: 05.04.0000 - IBM) Hidden
mpmri (Version: 05.04.0000 - IBM) Hidden
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
muvee autoProducer 4.0 (HKLM\...\{FC10C922-52E9-4739-ACD0-EB0FF035EE7E}) (Version: 4.00.050 - muvee Technologies)
OpenOffice.org 3.3 (HKLM\...\{3E171899-0175-47CC-84C4-562ACDD4C021}) (Version: 3.3.9567 - OpenOffice.org)
Overball from Hewlett-Packard Desktops (remove only) (HKLM\...\6723E59E-322A-417A-8E03-27A61E18253C) (Version: - )
PanoStandAlone (Version: 45.4.157.000 - Hewlett-Packard) Hidden
PC-Doctor for Windows (HKLM\...\InstallShield_{19C989C4-50AE-43A4-B06E-8C70FFFF852F}) (Version: 1.06.005 - PC-Doctor, Inc.)
PC-Doctor for Windows (Version: 1.06.005 - PC-Doctor, Inc.) Hidden
Phoenix Assault from Hewlett-Packard Desktops (remove only) (HKLM\...\7CEF0F00-BA1B-4861-A102-38CC86CA622B) (Version: - )
PhotoGallery (Version: 45.4.157.000 - Hewlett-Packard) Hidden
Polar Bowler from Hewlett-Packard Desktops (remove only) (HKLM\...\36317AE4-57EC-4F3E-B828-009A3DD96BE8) (Version: - )
Polar Golfer from Hewlett-Packard Desktops (remove only) (HKLM\...\B2D3332F-EA2D-42B3-8E4A-F74D052BCBC1) (Version: - )
PrintScreen (Version: 43.1.5.000 - Hewlett-Packard) Hidden
PS2 (HKLM\...\PS2) (Version: - )
PSPrinters06 (Version: 1.00.0000 - HP) Hidden
Python 2.2 pywin32 extensions (build 203) (HKLM\...\pywin32-py2.2) (Version: - )
Python 2.2.3 (HKLM\...\Python 2.2.3) (Version: 2.2.3 - PythonLabs at Zope Corporation)
QFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
QuickProjects (Version: 43.1.5.000 - Hewlett-Packard) Hidden
QuickTime (HKLM\...\QuickTime) (Version: - )
Readme (Version: 47.0.1.000 - Hewlett-Packard) Hidden
RealDownloader (Version: 1.3.3 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Remove Microsoft Money 2005 installer (HKLM\...\Money) (Version: - )
Remove Quicken New User Edition installer (HKLM\...\Quicken_NUE) (Version: - )
Remove WeatherBug installer (HKLM\...\WeatherBug) (Version: - )
Scan (Version: 4.5.0.0 - Hewlett-Packard) Hidden
ScannerCopy (Version: 4.5.0.0 - Hewlett-Packard) Hidden
Shooting Stars Pool from Hewlett-Packard Desktops (remove only) (HKLM\...\14DD9322-0AAE-4DA4-90A9-EB42CF296127) (Version: - )
SkinsHP1 (Version: 45.4.157.000 - Hewlett-Packard) Hidden
Slyder from Hewlett-Packard Desktops (remove only) (HKLM\...\C2C3C2DB-7D8A-4E20-B527-E3149FAECC3A) (Version: - )
Smart Defrag 2 (HKLM\...\Smart Defrag 2_is1) (Version: 2.0.1 - IObit)
Sonic Express Labeler (HKLM\...\{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}) (Version: 2.0.0 - Sonic Solutions)
Sonic MyDVD Plus (HKLM\...\{21657574-BD54-48A2-9450-EB03B2C7FC29}) (Version: 6.1.0 - Sonic Solutions)
Sonic RecordNow Audio (HKLM\...\{AB708C9B-97C8-4AC9-899B-DBF226AC9382}) (Version: 2.0.0 - Sonic Solutions)
Sonic RecordNow Copy (HKLM\...\{B12665F4-4E93-4AB4-B7FC-37053B524629}) (Version: 2.0.0 - Sonic Solutions)
Sonic RecordNow Data (HKLM\...\{075473F5-846A-448B-BCB3-104AA1760205}) (Version: 2.0.0 - Sonic Solutions)
Super Granny from Hewlett-Packard Desktops (remove only) (HKLM\...\3F34F72F-9BB0-4B73-8312-558953ACF56F) (Version: - )
Tradewinds from Hewlett-Packard Desktops (remove only) (HKLM\...\F5215F01-DFC0-475D-A910-6F1AF94E807E) (Version: - )
TrayApp (Version: 45.4.157.000 - Hewlett-Packard) Hidden
Tweaking.com - Windows Repair (All in One) (HKLM\...\Tweaking.com - Windows Repair (All in One)) (Version: 1.9.14 - Tweaking.com)
Unload (Version: 4.5.0 - Hewlett-Packard) Hidden
Update for Windows Internet Explorer 8 (KB976662) (HKLM\...\KB976662-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2141007) (HKLM\...\KB2141007) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2467659) (HKLM\...\KB2467659) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2541763) (HKLM\...\KB2541763) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2607712) (HKLM\...\KB2607712) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2616676) (HKLM\...\KB2616676) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2641690) (HKLM\...\KB2641690) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2661254-v2) (HKLM\...\KB2661254-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB2718704) (HKLM\...\KB2718704) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2736233) (HKLM\...\KB2736233) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2863058) (HKLM\...\KB2863058) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2934207) (HKLM\...\KB2934207) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB951072-v2) (HKLM\...\KB951072-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB951978) (HKLM\...\KB951978) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB955839) (HKLM\...\KB955839) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB967715) (HKLM\...\KB967715) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971737) (HKLM\...\KB971737) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973687) (HKLM\...\KB973687) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
Updates from HP (HKLM\...\BackWeb-309731 Uninstaller) (Version: - )
Video Mover (HKLM\...\Video Mover_is1) (Version: - )
VS10RuntimeWin32 (Version: 1.0.0 - immunet) Hidden
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
WebReg (Version: 45.4.157.000 - Hewlett-Packard) Hidden
WildTangent Web Driver (HKLM\...\WildTangent CDA) (Version: - )
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version: - Microsoft Corporation)
Windows Internet Explorer 7 (Version: 20070813.185237 - Microsoft Corporation) Hidden
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows Media Format 11 runtime (Version: - Microsoft Corporation) Hidden
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - )
Windows Media Player 11 (Version: - Microsoft Corporation) Hidden
Windows PowerShell 1.0 (HKLM\...\KB926139-v2) (Version: 2 - Microsoft Corporation)
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)

==================== Restore Points =========================

09-02-2014 03:15:49 System Checkpoint
10-02-2014 03:55:45 System Checkpoint
12-02-2014 01:49:41 System Checkpoint
13-02-2014 23:44:31 System Checkpoint
15-02-2014 16:23:23 System Checkpoint
16-02-2014 17:36:28 System Checkpoint
17-02-2014 21:54:13 System Checkpoint
18-02-2014 22:29:01 System Checkpoint
20-02-2014 17:56:34 System Checkpoint
22-02-2014 02:55:53 System Checkpoint
23-02-2014 20:32:27 System Checkpoint
24-02-2014 22:27:28 System Checkpoint
27-02-2014 15:41:34 System Checkpoint
02-03-2014 01:28:35 System Checkpoint
03-03-2014 10:53:49 System Checkpoint
04-03-2014 23:33:00 System Checkpoint
06-03-2014 02:53:04 System Checkpoint
07-03-2014 11:43:39 System Checkpoint
08-03-2014 15:24:45 System Checkpoint
10-03-2014 01:24:53 System Checkpoint
11-03-2014 14:58:29 System Checkpoint
13-03-2014 15:29:00 System Checkpoint
15-03-2014 12:04:22 System Checkpoint
19-03-2014 04:05:59 System Checkpoint
20-03-2014 09:51:48 System Checkpoint
22-03-2014 15:28:47 System Checkpoint
23-03-2014 16:54:46 System Checkpoint
26-03-2014 10:35:20 System Checkpoint
28-03-2014 10:24:49 System Checkpoint
29-03-2014 13:10:52 System Checkpoint
31-03-2014 15:30:10 System Checkpoint
05-04-2014 01:26:01 System Checkpoint
06-04-2014 19:20:45 System Checkpoint
09-04-2014 00:14:45 System Checkpoint
10-04-2014 10:38:11 System Checkpoint
11-04-2014 11:04:55 System Checkpoint
12-04-2014 21:08:40 System Checkpoint
13-04-2014 21:24:21 System Checkpoint
01-01-2002 04:28:40 System Checkpoint
14-04-2014 22:24:10 System Checkpoint
16-04-2014 00:37:27 System Checkpoint
17-04-2014 00:59:26 System Checkpoint
18-04-2014 10:40:17 System Checkpoint
19-04-2014 13:50:57 System Checkpoint
20-04-2014 14:00:30 System Checkpoint
21-04-2014 15:00:43 System Checkpoint
22-04-2014 16:09:45 System Checkpoint
23-04-2014 17:15:57 System Checkpoint
25-04-2014 01:33:45 System Checkpoint
26-04-2014 04:04:28 System Checkpoint
27-04-2014 15:21:41 System Checkpoint
28-04-2014 21:37:55 System Checkpoint
30-04-2014 10:46:08 System Checkpoint
30-04-2014 17:25:13 Software Distribution Service 3.0
02-05-2014 16:02:17 System Checkpoint
03-05-2014 16:40:53 System Checkpoint
04-05-2014 17:41:23 System Checkpoint
06-05-2014 00:09:47 System Checkpoint
07-05-2014 00:28:51 System Checkpoint
07-05-2014 17:03:06 Software Distribution Service 3.0
08-05-2014 17:43:20 System Checkpoint
09-05-2014 17:58:13 System Checkpoint

==================== Hosts content: ==========================

2004-08-04 07:00 - 2014-04-29 09:12 - 00000741 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9}.job => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: C:\WINDOWS\Tasks\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22}.job => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: C:\WINDOWS\Tasks\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}.job => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: C:\WINDOWS\Tasks\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}.job => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: C:\WINDOWS\Tasks\Defrag.job => C:\Program Files\Glarysoft\Disk SpeedUp\Defrag.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-605865402-4069305935-1106247723-1011.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-605865402-4069305935-1106247723-1011.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-605865402-4069305935-1106247723-1011.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-605865402-4069305935-1106247723-1011.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe

==================== Loaded Modules (whitelisted) =============

2014-05-09 11:58 - 2014-05-09 11:58 - 03972608 _____ () C:\Documents and Settings\Biomed\My Documents\Downloads\RogueKiller.exe
2011-03-06 21:35 - 2010-02-17 19:25 - 00132096 _____ () C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkLocalBackup.dll
2013-04-15 18:39 - 2013-04-15 18:39 - 00070352 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav

==================== Alternate Data Streams (whitelisted) =========

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="1"

==================== Disabled items from MSCONFIG ==============

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: SXUPTP Driver
Description: SXUPTP Driver
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Belkin International, Inc.
Service: sxuptp
Problem: : Windows cannot initialize the device driver for this hardware. (Code 37)
Resolution: The driver returned failure from its DriverEntry routine. Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.

==================== Event log errors: =========================

Application errors:
==================
Error: (05/09/2014 06:12:49 AM) (Source: ESENT) (User: )
Description: wuaueng.dll (4380) SUS20ClientDataStore: Error -1032 (0xfffffbf8) occurred while opening logfile C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log.

Error: (05/09/2014 06:12:49 AM) (Source: ESENT) (User: )
Description: wuauclt (4380) An attempt to open the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8).

Error: (05/09/2014 06:10:47 AM) (Source: ESENT) (User: )
Description: wuauclt (3368) An attempt to open the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8).

Error: (05/09/2014 06:08:33 AM) (Source: ESENT) (User: )
Description: wuaueng.dll (3368) SUS20ClientDataStore: Error -1032 (0xfffffbf8) occurred while opening logfile C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log.

Error: (05/09/2014 06:08:33 AM) (Source: ESENT) (User: )
Description: wuauclt (3368) An attempt to open the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log" for read only access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8).

Error: (05/07/2014 03:03:23 PM) (Source: Application Error) (User: )
Description: Faulting application unit.exe, version 4.0.0.0, faulting module msvcr90.dll, version 9.0.30729.6161, fault address 0x0003ae7a.
Processing media-specific event for [unit.exe!ws!]

Error: (05/07/2014 02:33:44 PM) (Source: NativeWrapper) (User: )
Description: visualstudio7x80updatemsiexec.exe1.0.1722.5085kb28339411033643finstallx865.1.2600.2.3.0.7680

Error: (05/07/2014 02:32:45 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Microsoft .NET Framework 1.1 - Update '{C0F0DCDC-99EA-4405-BDAE-CACABD3D2DF0}' could not be installed. Error code 1603. Additional information is available in the log file C:\WINDOWS\TEMP\NDP1.1sp1-KB2833941-X86\NDP1.1sp1-KB2833941-X86-msi.0.log.

Error: (05/07/2014 02:29:41 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Microsoft .NET Framework 1.1 -- Error 1706.No valid source could be found for product Microsoft .NET Framework 1.1. The Windows installer cannot continue.

Error: (05/04/2014 08:43:31 AM) (Source: ESENT) (User: )
Description: wuauclt (6112) An attempt to open the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8).

System errors:
=============
Error: (05/09/2014 10:55:11 PM) (Source: DCOM) (User: MSAIMH002)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (05/09/2014 06:55:44 PM) (Source: DCOM) (User: MSAIMH002)
Description: DCOM got error "%%1084" attempting to start the service netman with arguments ""
in order to run the server:
{BA126AD1-2166-11D1-B1D0-00805FC1270E}

Error: (05/09/2014 06:30:53 PM) (Source: DCOM) (User: MSAIMH002)
Description: DCOM got error "%%1084" attempting to start the service netman with arguments ""
in order to run the server:
{BA126AD1-2166-11D1-B1D0-00805FC1270E}

Error: (05/09/2014 06:27:50 PM) (Source: DCOM) (User: MSAIMH002)
Description: DCOM got error "%%1084" attempting to start the service netman with arguments ""
in order to run the server:
{BA126AD1-2166-11D1-B1D0-00805FC1270E}

Error: (05/09/2014 06:27:09 PM) (Source: DCOM) (User: MSAIMH002)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (05/09/2014 06:23:36 PM) (Source: DCOM) (User: MSAIMH002)
Description: DCOM got error "%%1084" attempting to start the service cmdAgent with arguments ""
in order to run the server:
{C288AC5A-D846-4696-8028-2DF6F508D0D9}

Error: (05/09/2014 06:23:36 PM) (Source: DCOM) (User: MSAIMH002)
Description: DCOM got error "%%1084" attempting to start the service cmdAgent with arguments ""
in order to run the server:
{C288AC5A-D846-4696-8028-2DF6F508D0D9}

Error: (05/09/2014 06:23:35 PM) (Source: DCOM) (User: MSAIMH002)
Description: DCOM got error "%%1084" attempting to start the service cmdAgent with arguments ""
in order to run the server:
{C288AC5A-D846-4696-8028-2DF6F508D0D9}

Error: (05/09/2014 06:23:35 PM) (Source: DCOM) (User: MSAIMH002)
Description: DCOM got error "%%1084" attempting to start the service cmdAgent with arguments ""
in order to run the server:
{C288AC5A-D846-4696-8028-2DF6F508D0D9}

Error: (05/09/2014 06:23:35 PM) (Source: DCOM) (User: MSAIMH002)
Description: DCOM got error "%%1084" attempting to start the service cmdAgent with arguments ""
in order to run the server:
{C288AC5A-D846-4696-8028-2DF6F508D0D9}

Microsoft Office Sessions:
=========================
Error: (05/09/2014 06:12:49 AM) (Source: ESENT)(User: )
Description: wuaueng.dll4380SUS20ClientDataStore: C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log-1032 (0xfffffbf8)

Error: (05/09/2014 06:12:49 AM) (Source: ESENT)(User: )
Description: wuauclt4380C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log-1032 (0xfffffbf8)32 (0x00000020)The process cannot access the file because it is being used by another process.

Error: (05/09/2014 06:10:47 AM) (Source: ESENT)(User: )
Description: wuauclt3368C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log-1032 (0xfffffbf8)32 (0x00000020)The process cannot access the file because it is being used by another process.

Error: (05/09/2014 06:08:33 AM) (Source: ESENT)(User: )
Description: wuaueng.dll3368SUS20ClientDataStore: C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log-1032 (0xfffffbf8)

Error: (05/09/2014 06:08:33 AM) (Source: ESENT)(User: )
Description: wuauclt3368C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log-1032 (0xfffffbf8)32 (0x00000020)The process cannot access the file because it is being used by another process.

Error: (05/07/2014 03:03:23 PM) (Source: Application Error)(User: )
Description: unit.exe4.0.0.0msvcr90.dll9.0.30729.61610003ae7a

Error: (05/07/2014 02:33:44 PM) (Source: NativeWrapper)(User: )
Description: visualstudio7x80updatemsiexec.exe1.0.1722.5085kb28339411033643finstallx865.1.2600.2.3.0.7680

Error: (05/07/2014 02:32:45 PM) (Source: MsiInstaller)(User: NT AUTHORITY)
Description: Microsoft .NET Framework 1.1{C0F0DCDC-99EA-4405-BDAE-CACABD3D2DF0}1603C:\WINDOWS\TEMP\NDP1.1sp1-KB2833941-X86\NDP1.1sp1-KB2833941-X86-msi.0.log

Error: (05/07/2014 02:29:41 PM) (Source: MsiInstaller)(User: NT AUTHORITY)
Description: Product: Microsoft .NET Framework 1.1 -- Error 1706.No valid source could be found for product Microsoft .NET Framework 1.1. The Windows installer cannot continue.(NULL)(NULL)(NULL)

Error: (05/04/2014 08:43:31 AM) (Source: ESENT)(User: )
Description: wuauclt6112C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log-1032 (0xfffffbf8)32 (0x00000020)The process cannot access the file because it is being used by another process.

flywelder · October 28, 2014

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 23-04-2014
Ran by Biomed at 2014-04-25 21:57:27
Running from C:\Documents and Settings\Biomed\desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: Immunet 3 (Disabled - Up to date) {F1220F1F-7E2E-48CD-846D-B98C6F85CD37}

==================== Installed Programs ======================

Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Acrobat.com (Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 2.7.1.19610 - Adobe Systems Incorporated)
Adobe AIR (Version: 2.7.1.19610 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 13.0.0.182 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Agere Systems PCI Soft Modem (HKLM\...\Agere Systems Soft Modem) (Version: - )
AiO_Scan (Version: 47.0.1.000 - Hewlett-Packard) Hidden
AiOSoftware (Version: 47.0.1.000 - Hewlett-Packard) Hidden
Amazon Kindle (HKLM\...\Amazon Kindle) (Version: - Amazon)
BackupManager (HKLM\...\{0B0FABBA-6F8D-4087-B0FB-BF8AB57A0FEF}) (Version: 1.00.0000 - GLi)
Belkin Setup and Router Monitor (HKLM\...\Belkin Setup and Router Monitor_is1) (Version: - )
Belkin USB Print and Storage Center (HKLM\...\Belkin USB Print and Storage Center) (Version: 1.0.0 - Belkin International, Inc.)
Blackhawk Striker 2 from Hewlett-Packard Desktops (remove only) (HKLM\...\58D1A004-6D3C-480A-9E0D-FAA58F3C2A62) (Version: - )
Blasterball 2 from Hewlett-Packard Desktops (remove only) (HKLM\...\8C4E79CC-03E1-43AA-9910-9A5113F24603) (Version: - )
Blasterball 2 Holidays from Hewlett-Packard Desktops (remove only) (HKLM\...\B41503CB-5FE0-47E0-87C1-47BA8E660BCC) (Version: - )
Blasterball 2 Remix from Hewlett-Packard Desktops (remove only) (HKLM\...\B151D9AC-5E4E-4AD0-96C9-5A6C9EC23502) (Version: - )
Bounce Symphony from Hewlett-Packard Desktops (remove only) (HKLM\...\D11F7128-8CBD-408B-8BF8-034604DEDD42) (Version: - )
BufferChm (Version: 45.4.157.000 - Hewlett-Packard) Hidden
CameraDrivers (Version: 4.5.0.211 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.12 - Piriform)
Chinese Simplified Fonts Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-2447-0000-900000000003}) (Version: 9.0.0 - Adobe Systems Incorporated)
Copy (Version: 45.4.157.000 - Hewlett-Packard) Hidden
CP_AtenaShokunin1Config (Version: 45.4.131.000 - Hewlett-Packard) Hidden
cp_dwSharkTaleAlbums1 (Version: 45.4.157.000 - Hewlett-Packard) Hidden
cp_dwSharkTaleCards1 (Version: 45.4.157.000 - Hewlett-Packard) Hidden
cp_dwShrek2Albums1 (Version: 45.4.157.000 - Hewlett-Packard) Hidden
cp_dwShrek2Cards1 (Version: 45.4.157.000 - Hewlett-Packard) Hidden
CP_PLSBusinessFlyers (Version: 45.4.157.000 - Hewlett-Packard) Hidden
CreativeProjects (Version: 45.4.157.000 - Hewlett-Packard) Hidden
CreativeProjectsTemplates (Version: 45.4.157.000 - Hewlett-Packard) Hidden
Crystal Maze from Hewlett-Packard Desktops (remove only) (HKLM\...\DAE7A92A-BAC7-42FA-AC62-53DEF1DC4292) (Version: - )
CueTour (Version: 45.4.157.000 - Hewlett-Packard) Hidden
Destinations (Version: 45.4.157.000 - Hewlett-Packard) Hidden
Director (Version: 45.4.157.000 - Hewlett-Packard) Hidden
Disk SpeedUp 1.4.0.888 (HKLM\...\Disk SpeedUp) (Version: 1.4.0.888 - Glarysoft Ltd)
DocProc (Version: 4.5.0.0 - Hewlett-Packard) Hidden
DocumentViewer (Version: 45.4.157.000 - Hewlett-Packard) Hidden
Easy Internet Sign-up (HKLM\...\InstallShield_{8105684D-8CA6-440D-8F58-7E5FD67A499D}) (Version: FE UI-3.2.0.1491 - Hewlett-Packard)
Easy Internet Sign-up (Version: FE UI-3.2.0.1491 - Hewlett-Packard) Hidden
Enhanced Multimedia Keyboard Solution (HKLM\...\KBD) (Version: - )
ERUNT 1.1j (HKLM\...\ERUNT_is1) (Version: - Lars Hederer)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - )
Family Tree For Dummies (HKLM\...\Family Tree For Dummies_is1) (Version: - Anuman Interactive)
Fax (Version: 47.0.1.000 - Hewlett-Packard) Hidden
Final Drive Nitro from Hewlett-Packard Desktops (remove only) (HKLM\...\741C4983-B139-407A-AD4E-3D6C7B29704B) (Version: - )
Glary Utilities 4.9 (HKLM\...\Glary Utilities 4) (Version: 4.9.0.99 - Glarysoft Ltd)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: - )
GoToMeeting 4.5.0.457 (HKCU\...\GoToMeeting) (Version: - )
Help and Support Additions (HKLM\...\Help and Support Additions) (Version: 3.0.5 - Hewlett Packard)
High Definition Audio Driver Package - KB835221 (HKLM\...\KB835221WXP) (Version: 20040219.000000 - Microsoft Corporation)
HP Boot Optimizer (HKLM\...\{3BA95526-6AE0-4B87-A62D-17187EF565FC}) (Version: 1.0.2 - Hewlett-Packard)
HP Deskjet Printer Preload (HKLM\...\{2C5D07FB-31A2-4F2D-9FDA-0B24ACD42BD0}) (Version: 10.1.0 - Hewlett-Packard Company)
HP Image Zone 4.8.6 (HKLM\...\HP Photo & Imaging) (Version: 4.8.6 - HP)
HP Image Zone Plus 4.8.6 (HKLM\...\{32498B7B-E1F3-4ad5-A23B-F26414E94BE0}) (Version: 4.8.6 - HP)
HP Organize (HKLM\...\{D0122362-6333-4DE4-93F6-A5A2F3CC101A}) (Version: - )
HP Photosmart Cameras 4.5 (HKLM\...\{ABA2B37F-AB88-486e-870A-52454A23FEE0}) (Version: 4.5 - HP)
HP Product Assistant (Version: 2.0.0.0 - Hewlett-Packard) Hidden
HP Product Detection (HKLM\...\{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}) (Version: 10.7.8.0 - Hewlett-Packard Company)
HP PSC & OfficeJet 4.7 (HKLM\...\{342C7C88-D335-4bc2-8CF1-281857629CE2}) (Version: - HP)
HP Update (HKLM\...\{FE57DE70-95DE-4B64-9266-84DA811053DB}) (Version: 4.000.012.001 - Hewlett-Packard)
HPIZplus450 (Version: 48.2.6.0 - Hewlett-Packard) Hidden
HpSdpAppCoreApp (Version: 3.00.0000 - Hewlett-Packard) Hidden
HPSystemDiagnostics (Version: 1.6.0.0 - Your Company Name) Hidden
IBM iSeries Access for Windows (HKLM\...\ClientAccessExpress) (Version: - )
IBM iSeries Access for Windows SI29771 (HKLM\...\ClientAccessExpressSP) (Version: - )
Immunet 3 (HKLM\...\Immunet Protect) (Version: 3.1.8.9583 - Sourcefire, Inc.)
InstantShare (Version: 45.4.157.000 - Hewlett-Packard) Hidden
Intel® Graphics Media Accelerator Driver (HKLM\...\{8A708DD8-A5E6-11D4-A706-000629E95E20}) (Version: - )
IntelliMover Data Transfer Demo (HKLM\...\{14589F05-C658-4594-9429-D437BA688686}) (Version: - )
InterVideo WinDVD Player (HKLM\...\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}) (Version: 5.0-B11.767 - InterVideo Inc.)
iTunes (HKLM\...\InstallShield_{BE20E2F5-1903-4AAE-B1AF-2046E586C925}) (Version: 4.7.0.42 - Apple Computer, Inc.)
iTunes (Version: 4.7.0.42 - Apple Computer, Inc.) Hidden
Lexibox Deluxe from Hewlett-Packard Desktops (remove only) (HKLM\...\E2A4EA31-80A1-4460-9510-631AF4D6A636) (Version: - )
Logitech Webcam Software (HKLM\...\{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}) (Version: 12.10.1113 - Logitech Inc.)
Logitech Webcam Software Driver Package (HKLM\...\lvdrivers_12.10) (Version: 12.10.1110 - Logitech Inc.)
LS_HSI (Version: 1.4.27.1 - Integrator) Hidden
Malwarebytes Anti-Malware version 2.0.1.1004 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2742597) (HKLM\...\M2742597) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version: - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft Access 2000 SR-1 Runtime (HKLM\...\{004F0409-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.3821 - Microsoft Corporation)
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Automated Troubleshooting Services Shim (HKLM\...\{c9920352-04e6-469d-bab8-e2b9c7c75415}.sdb) (Version: - )
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Download Manager (HKLM\...\{654977DB-0001-0002-0001-EABD228DDE8B}) (Version: 1.2.1 - Microsoft Corporation)
Microsoft Internationalized Domain Names Mitigation APIs (Version: - Microsoft Corporation) Hidden
Microsoft National Language Support Downlevel APIs (Version: - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Standard Edition 2003 (HKLM\...\{91120409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Plus! Dancer LE (HKLM\...\{1A103D70-5C9B-4E1A-B306-5106C68F9914}) (Version: 1.1.0.3522 - Microsoft Corporation)
Microsoft Plus! Digital Media Edition Installer (HKLM\...\{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}) (Version: 1.1.0.3500 - Microsoft Corporation)
Microsoft Plus! Photo Story 2 LE (HKLM\...\{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}) (Version: 1.1.0.3463 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Works (HKLM\...\{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}) (Version: 08.04.0623 - Microsoft Corporation)
Mozilla Firefox 28.0 (x86 en-US) (HKLM\...\Mozilla Firefox 28.0 (x86 en-US)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
mp (Version: 05.04.0000 - IBM) Hidden
mpmri (Version: 05.04.0000 - IBM) Hidden
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
muvee autoProducer 4.0 (HKLM\...\{FC10C922-52E9-4739-ACD0-EB0FF035EE7E}) (Version: 4.00.050 - muvee Technologies)
OpenOffice.org 3.3 (HKLM\...\{3E171899-0175-47CC-84C4-562ACDD4C021}) (Version: 3.3.9567 - OpenOffice.org)
Overball from Hewlett-Packard Desktops (remove only) (HKLM\...\6723E59E-322A-417A-8E03-27A61E18253C) (Version: - )
PanoStandAlone (Version: 45.4.157.000 - Hewlett-Packard) Hidden
PC-Doctor for Windows (HKLM\...\InstallShield_{19C989C4-50AE-43A4-B06E-8C70FFFF852F}) (Version: 1.06.005 - PC-Doctor, Inc.)
PC-Doctor for Windows (Version: 1.06.005 - PC-Doctor, Inc.) Hidden
Phoenix Assault from Hewlett-Packard Desktops (remove only) (HKLM\...\7CEF0F00-BA1B-4861-A102-38CC86CA622B) (Version: - )
PhotoGallery (Version: 45.4.157.000 - Hewlett-Packard) Hidden
Polar Bowler from Hewlett-Packard Desktops (remove only) (HKLM\...\36317AE4-57EC-4F3E-B828-009A3DD96BE8) (Version: - )
Polar Golfer from Hewlett-Packard Desktops (remove only) (HKLM\...\B2D3332F-EA2D-42B3-8E4A-F74D052BCBC1) (Version: - )
PrintScreen (Version: 43.1.5.000 - Hewlett-Packard) Hidden
PS2 (HKLM\...\PS2) (Version: - )
PSPrinters06 (Version: 1.00.0000 - HP) Hidden
Python 2.2 pywin32 extensions (build 203) (HKLM\...\pywin32-py2.2) (Version: - )
Python 2.2.3 (HKLM\...\Python 2.2.3) (Version: 2.2.3 - PythonLabs at Zope Corporation)
QFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
QuickProjects (Version: 43.1.5.000 - Hewlett-Packard) Hidden
QuickTime (HKLM\...\QuickTime) (Version: - )
Readme (Version: 47.0.1.000 - Hewlett-Packard) Hidden
RealDownloader (Version: 1.3.3 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Remove Microsoft Money 2005 installer (HKLM\...\Money) (Version: - )
Remove Quicken New User Edition installer (HKLM\...\Quicken_NUE) (Version: - )
Remove WeatherBug installer (HKLM\...\WeatherBug) (Version: - )
Scan (Version: 4.5.0.0 - Hewlett-Packard) Hidden
ScannerCopy (Version: 4.5.0.0 - Hewlett-Packard) Hidden
Shooting Stars Pool from Hewlett-Packard Desktops (remove only) (HKLM\...\14DD9322-0AAE-4DA4-90A9-EB42CF296127) (Version: - )
SkinsHP1 (Version: 45.4.157.000 - Hewlett-Packard) Hidden
Slyder from Hewlett-Packard Desktops (remove only) (HKLM\...\C2C3C2DB-7D8A-4E20-B527-E3149FAECC3A) (Version: - )
Smart Defrag 2 (HKLM\...\Smart Defrag 2_is1) (Version: 2.0.1 - IObit)
Sonic Express Labeler (HKLM\...\{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}) (Version: 2.0.0 - Sonic Solutions)
Sonic MyDVD Plus (HKLM\...\{21657574-BD54-48A2-9450-EB03B2C7FC29}) (Version: 6.1.0 - Sonic Solutions)
Sonic RecordNow Audio (HKLM\...\{AB708C9B-97C8-4AC9-899B-DBF226AC9382}) (Version: 2.0.0 - Sonic Solutions)
Sonic RecordNow Copy (HKLM\...\{B12665F4-4E93-4AB4-B7FC-37053B524629}) (Version: 2.0.0 - Sonic Solutions)
Sonic RecordNow Data (HKLM\...\{075473F5-846A-448B-BCB3-104AA1760205}) (Version: 2.0.0 - Sonic Solutions)
Super Granny from Hewlett-Packard Desktops (remove only) (HKLM\...\3F34F72F-9BB0-4B73-8312-558953ACF56F) (Version: - )
Tradewinds from Hewlett-Packard Desktops (remove only) (HKLM\...\F5215F01-DFC0-475D-A910-6F1AF94E807E) (Version: - )
TrayApp (Version: 45.4.157.000 - Hewlett-Packard) Hidden
Tweaking.com - Windows Repair (All in One) (HKLM\...\Tweaking.com - Windows Repair (All in One)) (Version: 1.9.14 - Tweaking.com)
Unload (Version: 4.5.0 - Hewlett-Packard) Hidden
Update for Windows Internet Explorer 8 (KB976662) (HKLM\...\KB976662-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2141007) (HKLM\...\KB2141007) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2467659) (HKLM\...\KB2467659) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2541763) (HKLM\...\KB2541763) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2607712) (HKLM\...\KB2607712) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2616676) (HKLM\...\KB2616676) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2641690) (HKLM\...\KB2641690) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2661254-v2) (HKLM\...\KB2661254-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB2718704) (HKLM\...\KB2718704) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2736233) (HKLM\...\KB2736233) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2863058) (HKLM\...\KB2863058) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB951072-v2) (HKLM\...\KB951072-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB951978) (HKLM\...\KB951978) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB955839) (HKLM\...\KB955839) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB967715) (HKLM\...\KB967715) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971737) (HKLM\...\KB971737) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973687) (HKLM\...\KB973687) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
Updates from HP (HKLM\...\BackWeb-309731 Uninstaller) (Version: - )
Video Mover (HKLM\...\Video Mover_is1) (Version: - )
VS10RuntimeWin32 (Version: 1.0.0 - immunet) Hidden
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
WebReg (Version: 45.4.157.000 - Hewlett-Packard) Hidden
WildTangent Web Driver (HKLM\...\WildTangent CDA) (Version: - )
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version: - Microsoft Corporation)
Windows Internet Explorer 7 (Version: 20070813.185237 - Microsoft Corporation) Hidden
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows Media Format 11 runtime (Version: - Microsoft Corporation) Hidden
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - )
Windows Media Player 11 (Version: - Microsoft Corporation) Hidden
Windows PowerShell 1.0 (HKLM\...\KB926139-v2) (Version: 2 - Microsoft Corporation)
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)

==================== Restore Points =========================

25-01-2014 12:26:22 System Checkpoint
27-01-2014 23:17:33 System Checkpoint
29-01-2014 00:29:07 System Checkpoint
31-01-2014 20:55:32 System Checkpoint
02-02-2014 18:09:07 System Checkpoint
03-02-2014 22:16:51 System Checkpoint
05-02-2014 11:24:58 System Checkpoint
08-02-2014 02:15:54 System Checkpoint
09-02-2014 03:15:49 System Checkpoint
10-02-2014 03:55:45 System Checkpoint
12-02-2014 01:49:41 System Checkpoint
13-02-2014 23:44:31 System Checkpoint
15-02-2014 16:23:23 System Checkpoint
16-02-2014 17:36:28 System Checkpoint
17-02-2014 21:54:13 System Checkpoint
18-02-2014 22:29:01 System Checkpoint
20-02-2014 17:56:34 System Checkpoint
22-02-2014 02:55:53 System Checkpoint
23-02-2014 20:32:27 System Checkpoint
24-02-2014 22:27:28 System Checkpoint
27-02-2014 15:41:34 System Checkpoint
02-03-2014 01:28:35 System Checkpoint
03-03-2014 10:53:49 System Checkpoint
04-03-2014 23:33:00 System Checkpoint
06-03-2014 02:53:04 System Checkpoint
07-03-2014 11:43:39 System Checkpoint
08-03-2014 15:24:45 System Checkpoint
10-03-2014 01:24:53 System Checkpoint
11-03-2014 14:58:29 System Checkpoint
13-03-2014 15:29:00 System Checkpoint
15-03-2014 12:04:22 System Checkpoint
19-03-2014 04:05:59 System Checkpoint
20-03-2014 09:51:48 System Checkpoint
22-03-2014 15:28:47 System Checkpoint
23-03-2014 16:54:46 System Checkpoint
26-03-2014 10:35:20 System Checkpoint
28-03-2014 10:24:49 System Checkpoint
29-03-2014 13:10:52 System Checkpoint
31-03-2014 15:30:10 System Checkpoint
05-04-2014 01:26:01 System Checkpoint
06-04-2014 19:20:45 System Checkpoint
09-04-2014 00:14:45 System Checkpoint
10-04-2014 10:38:11 System Checkpoint
11-04-2014 11:04:55 System Checkpoint
12-04-2014 21:08:40 System Checkpoint
13-04-2014 21:24:21 System Checkpoint
01-01-2002 04:28:40 System Checkpoint
14-04-2014 22:24:10 System Checkpoint
16-04-2014 00:37:27 System Checkpoint
17-04-2014 00:59:26 System Checkpoint
18-04-2014 10:40:17 System Checkpoint
19-04-2014 13:50:57 System Checkpoint
20-04-2014 14:00:30 System Checkpoint
21-04-2014 15:00:43 System Checkpoint
22-04-2014 16:09:45 System Checkpoint
23-04-2014 17:15:57 System Checkpoint
25-04-2014 01:33:45 System Checkpoint

==================== Hosts content: ==========================

2004-08-04 07:00 - 2013-08-02 10:35 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\Defrag.job => C:\Program Files\Glarysoft\Disk SpeedUp\Defrag.exe
Task: C:\WINDOWS\Tasks\GlaryInitialize 4.job => C:\Program Files\Glary Utilities 4\Initialize.exe
Task: C:\WINDOWS\Tasks\Immunet Scan 70247031.job => C:\Program Files\Immunet\ips.exe
Task: C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-605865402-4069305935-1106247723-1011.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-605865402-4069305935-1106247723-1011.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-605865402-4069305935-1106247723-1011.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-605865402-4069305935-1106247723-1011.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe

==================== Loaded Modules (whitelisted) =============

2014-04-15 12:04 - 2014-04-15 12:04 - 00369920 _____ () C:\Program Files\Immunet\3.1.8\dhr.dll

==================== Alternate Data Streams (whitelisted) =========

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"

==================== Disabled items from MSCONFIG ==============

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: SXUPTP Driver
Description: SXUPTP Driver
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Belkin International, Inc.
Service: sxuptp
Problem: : Windows cannot initialize the device driver for this hardware. (Code 37)
Resolution: The driver returned failure from its DriverEntry routine. Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.

==================== Event log errors: =========================

Application errors:
==================
Error: (04/24/2014 00:00:55 AM) (Source: Application Error) (User: )
Description: Faulting application mbamscheduler.exe, version 2.0.23.0, faulting module msvcr100.dll, version 10.0.40219.325, fault address 0x0008d6fd.
Processing media-specific event for [mbamscheduler.exe!ws!]

Error: (04/23/2014 07:21:33 PM) (Source: ESENT) (User: )
Description: wuauclt (9544) Unable to write a shadowed header for file C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb. Error -1032.

Error: (04/23/2014 07:21:33 PM) (Source: ESENT) (User: )
Description: wuauclt (9544) An attempt to open the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb" for read / write access failed with system error 5 (0x00000005): "Access is denied. ". The open file operation will fail with error -1032 (0xfffffbf8).

Error: (04/23/2014 07:21:23 PM) (Source: ESENT) (User: )
Description: wuauclt (9544) An attempt to delete the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb" failed with system error 5 (0x00000005): "Access is denied. ". The delete file operation will fail with error -1032 (0xfffffbf8).

Error: (04/23/2014 07:21:19 PM) (Source: ESENT) (User: )
Description: wuauclt (9544) An attempt to delete the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb" failed with system error 5 (0x00000005): "Access is denied. ". The delete file operation will fail with error -1032 (0xfffffbf8).

Error: (04/23/2014 07:21:14 PM) (Source: ESENT) (User: )
Description: wuauclt (9544) An attempt to delete the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb" failed with system error 5 (0x00000005): "Access is denied. ". The delete file operation will fail with error -1032 (0xfffffbf8).

Error: (04/23/2014 07:21:14 PM) (Source: ESENT) (User: )
Description: wuauclt (9544) An attempt to delete the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb" failed with system error 5 (0x00000005): "Access is denied. ". The delete file operation will fail with error -1032 (0xfffffbf8).

Error: (04/23/2014 07:21:14 PM) (Source: ESENT) (User: )
Description: wuauclt (9544) An attempt to delete the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb" failed with system error 5 (0x00000005): "Access is denied. ". The delete file operation will fail with error -1032 (0xfffffbf8).

Error: (04/23/2014 07:21:14 PM) (Source: ESENT) (User: )
Description: wuauclt (9544) An attempt to delete the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb" failed with system error 5 (0x00000005): "Access is denied. ". The delete file operation will fail with error -1032 (0xfffffbf8).

Error: (04/23/2014 07:21:14 PM) (Source: ESENT) (User: )
Description: wuauclt (9544) An attempt to delete the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb" failed with system error 5 (0x00000005): "Access is denied. ". The delete file operation will fail with error -1032 (0xfffffbf8).

System errors:
=============
Error: (04/25/2014 09:46:52 PM) (Source: DCOM) (User: MSAIMH002)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (04/25/2014 09:23:18 PM) (Source: DCOM) (User: MSAIMH002)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (04/25/2014 09:22:07 PM) (Source: DCOM) (User: MSAIMH002)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (04/25/2014 09:21:56 PM) (Source: DCOM) (User: MSAIMH002)
Description: DCOM got error "%%1084" attempting to start the service netman with arguments ""
in order to run the server:
{BA126AE5-2166-11D1-B1D0-00805FC1270E}

Error: (04/25/2014 05:22:44 PM) (Source: DCOM) (User: MSAIMH002)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (04/25/2014 05:21:29 PM) (Source: DCOM) (User: MSAIMH002)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (04/25/2014 05:20:09 PM) (Source: DCOM) (User: MSAIMH002)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (04/25/2014 05:15:27 PM) (Source: DCOM) (User: MSAIMH002)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (04/25/2014 05:14:51 PM) (Source: DCOM) (User: MSAIMH002)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (04/25/2014 05:13:55 PM) (Source: DCOM) (User: MSAIMH002)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Microsoft Office Sessions:
=========================
Error: (04/24/2014 00:00:55 AM) (Source: Application Error)(User: )
Description: mbamscheduler.exe2.0.23.0msvcr100.dll10.0.40219.3250008d6fd

Error: (04/23/2014 07:21:33 PM) (Source: ESENT)(User: )
Description: wuauclt9544C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb-1032

Error: (04/23/2014 07:21:33 PM) (Source: ESENT)(User: )
Description: wuauclt9544C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb-1032 (0xfffffbf8)5 (0x00000005)Access is denied.

Error: (04/23/2014 07:21:23 PM) (Source: ESENT)(User: )
Description: wuauclt9544C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb-1032 (0xfffffbf8)5 (0x00000005)Access is denied.

Error: (04/23/2014 07:21:19 PM) (Source: ESENT)(User: )
Description: wuauclt9544C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb-1032 (0xfffffbf8)5 (0x00000005)Access is denied.

Error: (04/23/2014 07:21:14 PM) (Source: ESENT)(User: )
Description: wuauclt9544C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb-1032 (0xfffffbf8)5 (0x00000005)Access is denied.

Error: (04/23/2014 07:21:14 PM) (Source: ESENT)(User: )
Description: wuauclt9544C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb-1032 (0xfffffbf8)5 (0x00000005)Access is denied.

Error: (04/23/2014 07:21:14 PM) (Source: ESENT)(User: )
Description: wuauclt9544C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb-1032 (0xfffffbf8)5 (0x00000005)Access is denied.

Error: (04/23/2014 07:21:14 PM) (Source: ESENT)(User: )
Description: wuauclt9544C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb-1032 (0xfffffbf8)5 (0x00000005)Access is denied.

Error: (04/23/2014 07:21:14 PM) (Source: ESENT)(User: )
Description: wuauclt9544C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb-1032 (0xfffffbf8)5 (0x00000005)Access is denied.

flywelder · October 28, 2014

That is all I have. !

AdvancedSetup · October 28, 2014

Please fully disable your COMODO Internet Security and then run the following scanner again.

Please visit this webpage and read the ComboFix User's Guide:

Once you've read the article and are ready to use the program you can download it directly from the link below.
Important! - Please make sure you save combofix to your desktop and do not run it from your browser
Direct download link for: ComboFix.exe
Please make sure you disable your security applications before running ComboFix.
Once Combofix has completed it will produce and open a log file. Please be patient as it can take some time to load.
Please attach that log file to your next reply.
If needed the file can be located here: C:\combofix.txt
NOTE: If you receive the message "illegal operation has been attempted on a registry key that has been marked for deletion", just reboot the computer.

flywelder · November 2, 2014

Turned off viris protection, and malwarebytes and opened combofix. Been having a hell of a time with the computer since running Combo fix! since then I have been chasing one fire after another! ( I mean new issues) .

Plus The computer has become extremely slow at executing any comand from the mouse or key pad.

Ran Ccleaner, and still very slow. Ran defrag, aND STILL NO IMPROVEMENT.

Rebooted computer three times, still no improvement. what can of carnege have we opened up now?

There is an issue / window titled "selective start up? that appears all the time now, and Ive been eduacting myself on the internet about that, and dealing with that! ..as i write this, it is not corrected yet.

Combo fix never finishes. I leave it to run for 2 hrs. and still it never advances from some window with a green progress bar, and the bar is only ever 3/4 of the way filled. !

Tried running combofix 3 times, every time the same as I described above.

SO there is no logs fromCombo fix.

I did notice that with Comodo ANTI VIRUS TURNED OFF and Malwarebytes still activated, that malawarebytes was still not able to activate the maliciouse website protection part of itself. I think that is important to know.

I'll continue to start and run combo fix, attempting to get those logs you want. It is up in the air if I ever will achieve this objective.

Attached is perhaps some new logs. .. I think. from what? Sorry, I don't know any more.

I can't attahe them for some reason, so they are pasted below.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 29-10-2014 01
Ran by Biomed (administrator) on MSAIMH002 on 29-10-2014 11:11:13
Running from C:\Documents and Settings\Biomed\desktop\FRST-OlderVersion
Loaded Profile: Biomed (Available profiles: HP_Owner & Biomed & Administrator Pam & Administrator & Guest)
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Comodo Security Solutions, Inc.) C:\Program Files\Common Files\COMODO\launcher_service.exe
(COMODO) C:\Program Files\Comodo\COMODO Internet Security\cmdagent.exe
(Affinegy, Inc.) C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe
() C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe
() C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe
() C:\Program Files\Comodo\Dragon\dragon_updater.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(Memeo) C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(Memeo) C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Hewlett-Packard Company) C:\hp\KBD\kbd.exe
(Apple Computer, Inc.) C:\Program Files\QuickTime\qttask.exe
(COMODO) C:\Program Files\Comodo\COMODO Internet Security\cistray.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(COMODO) C:\Program Files\Comodo\COMODO Internet Security\cis.exe
(Memeo) C:\Program Files\Seagate\Seagate Dashboard\MemeoDashboard.exe
() C:\Program Files\Memeo\AutoBackup\InstantBackup.exe
(Axentra Corporation) C:\Program Files\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe
(Affinegy, Inc.) C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
(Belkin International, Inc.) C:\Program Files\Belkin\Belkin USB Print and Storage Center\Connect.exe
(Affinegy, Inc.) C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe
(Affinegy, Inc.) C:\Program Files\Belkin\Router Setup and Monitor\dlnaPlugin.exe
(COMODO) C:\Program Files\Comodo\COMODO Internet Security\cmdvirth.exe
(RealNetworks, Inc.) C:\Program Files\real\realplayer\Update\realsched.exe
(Comodo Security Solutions, Inc.) C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [thirdintel] => c:\hp\bin\cloaker.exe [27136 1999-11-06] (Hewlett-Packard Co.)
HKLM\...\Run: [KBD] => C:\HP\KBD\KBD.EXE [61440 2005-02-02] (Hewlett-Packard Company)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [TkBellExe] => C:\program files\real\realplayer\update\realsched.exe [295512 2013-09-12] (RealNetworks, Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\qttask.exe [98304 2005-05-26] (Apple Computer, Inc.)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1225944 2014-03-25] (COMODO)
HKLM\...\Run: [tvncontrol] => C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2014-07-25] (Comodo Security Solutions, Inc.)
HKLM\...\Run: [Memeo Instant Backup] => C:\Program Files\Memeo\AutoBackup\MemeoLauncher2.exe [136416 2011-05-04] (Memeo Inc.)
HKLM\...\Run: [seagate Dashboard] => C:\Program Files\Seagate\Seagate Dashboard\MemeoLauncher.exe [79112 2011-06-01] ()
HKLM\...\Winlogon: [uIHost] C:\WINDOWS\system32\logonui.exe [514560 2008-04-13] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxsrvc.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKU\S-1-5-21-605865402-4069305935-1106247723-1011\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [4825880 2014-10-23] (Piriform Ltd)
Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\WKCALREM.LNK
ShortcutTarget: WKCALREM.LNK -> C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe (Microsoft® Corporation)
Startup: C:\Documents and Settings\Administrator Pam\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Documents and Settings\Biomed\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
ShortcutTarget: ERUNT AutoBackup.lnk -> C:\Program Files\ERUNT\AUTOBACK.EXE ()
Startup: C:\Documents and Settings\Biomed\Start Menu\Programs\Startup\Seagate NA0L6FDC Product Registration.lnk
ShortcutTarget: Seagate NA0L6FDC Product Registration.lnk -> C:\Documents and Settings\Biomed\Application Data\Leadertech\PowerRegister\Seagate NA0L6FDC Product Registration.exe (Leader Technologies/Seagate)
Startup: C:\Documents and Settings\Biomed\Start Menu\Programs\Startup\Seagate Product Registration.lnk
ShortcutTarget: Seagate Product Registration.lnk -> C:\Documents and Settings\Biomed\Application Data\Leadertech\PowerRegister\Seagate Product Registration.exe (Leader Technologies/Seagate)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1295721296&rver=6.1.6206.0&wp=MBI&wreply=http:%2F%2Fmail.live.com%2Fdefault.aspx&lc=1033&id=64855&mkt=en-us&cbcxt=mai&snsc=1
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
SearchScopes: HKLM - DefaultScope value is missing.
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: {B479199A-1242-4E3C-AD81-7F0DF801B4AE} http://download.microsoft.com/download/C/9/C/C9C3D86D-84AC-4AF0-8584-842756A66467/MicrosoftDownloadManager.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Hosts: 127.0.0.1 localhost
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{A7859C65-4D00-4730-B8E4-BD16EE5AEDB2}: [NameServer] 156.154.70.22,156.154.71.22
Tcpip\..\Interfaces\{EA2B3D36-0516-44A7-A67D-382B9AB09456}: [NameServer] 156.154.70.22,156.154.71.22

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Biomed\Application Data\Mozilla\Firefox\Profiles\jx8g7tim.default-1398891734062
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF Plugin: @Microsoft.com/DownloadManager,version=1.1 -> C:\WINDOWS\ ()
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=16.0.3.51 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 -> C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 -> C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 -> C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.3.51 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 -> C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpplugin.dll (RealPlayer)
FF Extension: Adblock Plus - C:\Documents and Settings\Biomed\Application Data\Mozilla\Firefox\Profiles\jx8g7tim.default-1398891734062\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-10-19]
FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-09-12]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2014-07-13]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AffinegyService; C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe [569752 2010-07-28] (Affinegy, Inc.)
R2 Belkin Local Backup Service; C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe [152064 2010-02-17] () [File not signed]
R2 Belkin Network USB Helper; C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe [49152 2010-02-09] () [File not signed]
R2 CLPSLauncher; C:\Program Files\Common Files\COMODO\launcher_service.exe [70864 2014-07-25] (Comodo Security Solutions, Inc.)
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5306504 2014-04-16] (COMODO)
R3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [1663192 2014-03-25] (COMODO)
R2 DragonUpdater; C:\Program Files\Comodo\Dragon\dragon_updater.exe [2135232 2014-05-21] ()
R2 GeekBuddyRSP; C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2014-07-25] (Comodo Security Solutions, Inc.)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 LightScribeService; c:\Program Files\Common Files\LightScribe\LSSrvc.exe [53248 2005-05-08] (Hewlett-Packard Company) [File not signed]
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation)
R2 MemeoBackgroundService; C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe [25824 2011-05-04] (Memeo)
S2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-10-23] (Microsoft Corporation)
S2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [73728 2007-08-09] (HP) [File not signed]
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 SeagateDashboardService; C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe [14088 2011-06-01] (Memeo)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AFGSp50; C:\WINDOWS\System32\Drivers\AFGSp50.sys [27072 2010-06-23] (Printing Communications Assoc., Inc. (PCAUSA))
R2 Aspi32; C:\WINDOWS\system32\Drivers\Aspi32.sys [17005 2002-08-14] (Adaptec) [File not signed]
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R1 CFRMD; C:\WINDOWS\System32\DRIVERS\CFRMD.sys [36112 2014-06-26] (Windows ® Win 7 DDK provider)
R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [15704 2014-04-16] (COMODO)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [607448 2014-04-16] (COMODO)
R1 cmdHlp; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [29912 2014-04-16] (COMODO)
R0 fasttx2k; C:\WINDOWS\System32\DRIVERS\fasttx2k.sys [142336 2003-12-02] (Promise Technology, Inc.)
S3 HdAudAddService; C:\WINDOWS\System32\drivers\HdAudio.sys [113664 2004-03-17] (Windows ® Server 2003 DDK provider)
R1 HMD; C:\WINDOWS\System32\DRIVERS\hmd.sys [14272 2014-06-26] ()
R0 Inspect; C:\WINDOWS\System32\DRIVERS\inspect.sys [104920 2014-04-16] (COMODO)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2014-10-01] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [114904 2014-10-29] (Malwarebytes Corporation)
R0 MpFilter; C:\WINDOWS\System32\DRIVERS\MpFilter.sys [214696 2013-09-27] (Microsoft Corporation)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
S3 PcdrNdisuio; C:\WINDOWS\System32\DRIVERS\pcdrndisuio.sys [12416 2005-01-19] (Windows ® 2000 DDK provider) [File not signed]
R0 PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [20576 2005-01-26] (Sonic Solutions) [File not signed]
R3 RTL8023xp; C:\WINDOWS\System32\DRIVERS\Rtlnicxp.sys [71168 2004-10-15] (Realtek Semiconductor Corporation )
S3 rtl8139; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [20992 2004-08-03] (Realtek Semiconductor Corporation)
R2 sxuptp; C:\WINDOWS\System32\DRIVERS\sxuptp.sys [246936 2009-06-22] (silex technology, Inc.)
U3 TrueSight; C:\WINDOWS\system32\drivers\TrueSight.sys [33512 2014-08-15] ()
S1 wceusbsh; C:\WINDOWS\System32\DRIVERS\wceusbsh.sys [31744 2008-04-13] (Microsoft Corporation)
S3 AFGMp50; System32\Drivers\AFGMp50.sys [X]
U5 AppMgmt; C:\WINDOWS\system32\svchost.exe [14336 2008-04-13] (Microsoft Corporation)
S3 catchme; \??\C:\DOCUME~1\Biomed\LOCALS~1\Temp\catchme.sys [X]
S3 FilterService; system32\DRIVERS\lvuvcflt.sys [X]
S3 LVRS; system32\DRIVERS\lvrs.sys [X]
S3 LVUSBSta; system32\drivers\LVUSBSta.sys [X]
S3 LVUVC; system32\DRIVERS\lvuvc.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U3 TlntSvr; No ImagePath

========================== Drivers MD5 =======================

C:\WINDOWS\System32\DRIVERS\ACPI.sys 8FD99680A539792A30E97944FDAECF17
C:\WINDOWS\system32\Drivers\ACPIEC.sys 9859C0F6936E723E4892D7141B1327D5
C:\WINDOWS\System32\drivers\aec.sys 8BED39E3C35D6A489438B8141717A557
C:\WINDOWS\System32\drivers\afd.sys 1E44BC1E83D8FD2305F8D452DB109CF9
C:\WINDOWS\System32\Drivers\AFGSp50.sys 1961590AA191B6B7DCF18A6A693AF7B8
C:\WINDOWS\System32\DRIVERS\AGRSM.sys 593AEFC67283D409F34CC1245D00A509
C:\WINDOWS\System32\DRIVERS\arp1394.sys B5B8A80875C1DEDEDA8B02765642C32F
C:\WINDOWS\system32\Drivers\Aspi32.sys ED8CEE58C1E4C5893F5B2FD686A272BF
C:\WINDOWS\System32\DRIVERS\asyncmac.sys B153AFFAC761E7F5FCFA822B9C4E97BC
C:\WINDOWS\System32\DRIVERS\atapi.sys 9F3A2F5AA6875C72BF062C712CFA2674
C:\WINDOWS\System32\DRIVERS\atmarpc.sys 9916C1225104BA14794209CFA8012159
C:\WINDOWS\System32\DRIVERS\audstub.sys D9F724AA26C010A217C97606B160ED68
C:\WINDOWS\system32\Drivers\Beep.sys DA1F27D85E0D1525F6621372E7B685E9
C:\WINDOWS\system32\Drivers\cbidf2k.sys 90A673FC8E12A79AFBED2576F6A7AAF9
C:\WINDOWS\System32\DRIVERS\CCDECODE.sys 0BE5AEF125BE881C4F854C554F2B025C
C:\WINDOWS\system32\Drivers\Cdaudio.sys C1B486A7658353D33A10CC15211A873B
C:\WINDOWS\system32\Drivers\Cdfs.sys C885B02847F5D2FD45A24E219ED93B32
C:\WINDOWS\System32\DRIVERS\cdrom.sys 1F4260CC5B42272D71F79E570A27A4FE
C:\WINDOWS\System32\DRIVERS\CFRMD.sys 61305C679E5766A03A09C0E966939206
C:\WINDOWS\System32\DRIVERS\cmderd.sys 5C634AABDD28F349C6457BEEE84D4D7B
C:\WINDOWS\System32\DRIVERS\cmdguard.sys 16F731584ECBA307EB4AD9C4D8507B27
C:\WINDOWS\System32\DRIVERS\cmdhlp.sys 1FAAF13D85A36D448238F53C42FE7A67
C:\WINDOWS\System32\DRIVERS\disk.sys 044452051F3E02E7963599FC8F4F3E25
C:\WINDOWS\System32\drivers\dmboot.sys D992FE1274BDE0F84AD826ACAE022A41
C:\WINDOWS\System32\drivers\dmio.sys 7C824CF7BBDE77D95C08005717A95F6F
C:\WINDOWS\System32\drivers\dmload.sys E9317282A63CA4D188C0DF5E09C6AC5F
C:\WINDOWS\System32\drivers\DMusic.sys 8A208DFCF89792A484E76C40E5F50B45
C:\WINDOWS\System32\drivers\drmkaud.sys 8F5FCFF8E8848AFAC920905FBD9D33C8
C:\WINDOWS\system32\Drivers\Fastfat.sys 38D332A6D56AF32635675F132548343E
C:\WINDOWS\System32\DRIVERS\fasttx2k.sys 1E580770BDECE924494B368AC980749E
C:\WINDOWS\System32\DRIVERS\fdc.sys 92CDD60B6730B9F50F6A1A0C1F8CDC81
C:\WINDOWS\system32\Drivers\Fips.sys D45926117EB9FA946A6AF572FBE1CAA3
C:\WINDOWS\System32\DRIVERS\flpydisk.sys 9D27E7B80BFCDF1CDD9B555862D5E7F0
C:\WINDOWS\System32\drivers\fltmgr.sys B2CF4B0786F8212CB92ED2B50C6DB6B0
C:\WINDOWS\system32\Drivers\Fs_Rec.sys 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A
C:\WINDOWS\System32\DRIVERS\ftdisk.sys 6AC26732762483366C3969C9E4D2259D
C:\WINDOWS\System32\DRIVERS\GEARAspiWDM.sys 2FB04DB459C71F416EE8B05448CA4AC3
C:\WINDOWS\System32\DRIVERS\msgpc.sys 0A02C63C8B144BD8C86B103DEE7C86A2
C:\WINDOWS\System32\drivers\HdAudio.sys 160B24FD894E79E71C983EA403A6E6E7
C:\WINDOWS\System32\DRIVERS\HDAudBus.sys 573C7D0A32852B48F3058CFD8026F511
C:\WINDOWS\System32\DRIVERS\hidusb.sys CCF82C5EC8A7326C3066DE870C06DAF1
C:\WINDOWS\System32\DRIVERS\hmd.sys 0E69D8294A78C7AB4A7CEE1F5F9D2546
C:\WINDOWS\System32\Drivers\HTTP.sys F80A415EF82CD06FFAF0D971528EAD38
C:\WINDOWS\System32\DRIVERS\i8042prt.sys 4A0B06AA8943C1E332520F7440C0AA30
C:\WINDOWS\System32\DRIVERS\ialmnt5.sys 737DA0BE27652C4482AC5CDE099BFCE9
C:\WINDOWS\System32\DRIVERS\imapi.sys 083A052659F5310DD8B6A6CB05EDCF8E
C:\WINDOWS\System32\DRIVERS\inspect.sys F84E7F907434450B00E753D44AEC8EAA
C:\WINDOWS\System32\drivers\RtkHDAud.sys 44792CCBC7B41B42EC068C6416D17DE1
C:\WINDOWS\System32\DRIVERS\intelide.sys B5466A9250342A7AA0CD1FBA13420678
C:\WINDOWS\System32\DRIVERS\intelppm.sys 8C953733D8F36EB2133F5BB58808B66B
C:\WINDOWS\System32\drivers\ip6fw.sys 3BB22519A194418D5FEC05D800A19AD0
C:\WINDOWS\System32\DRIVERS\ipinip.sys B87AB476DCF76E72010632B5550955F5
C:\WINDOWS\System32\DRIVERS\ipnat.sys CC748EA12C6EFFDE940EE98098BF96BB
C:\WINDOWS\System32\DRIVERS\ipsec.sys 23C74D75E36E7158768DD63D92789A91
C:\WINDOWS\System32\DRIVERS\irenum.sys C93C9FF7B04D772627A3646D89F7BF89
C:\WINDOWS\System32\DRIVERS\isapnp.sys 05A299EC56E52649B1CF2FC52D20F2D7
C:\WINDOWS\System32\DRIVERS\kbdclass.sys 463C1EC80CD17420A542B7F36A36F128
C:\WINDOWS\System32\drivers\kmixer.sys 692BCF44383D056AED41B045A323D378
C:\WINDOWS\system32\Drivers\KSecDD.sys B467646C54CC746128904E1654C750C1
C:\WINDOWS\system32\drivers\mbam.sys D2DED3C333A5D9CB3F4C244B0F0DD877
C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys 8E2E9CCD873ABF180F48BCAEEEBE347D
C:\WINDOWS\system32\Drivers\mnmdd.sys 4AE068242760A1FB6E1A44BF4E16AFA6
C:\WINDOWS\system32\Drivers\Modem.sys DFCBAD3CEC1C5F964962AE10E0BCC8E1
C:\WINDOWS\System32\DRIVERS\mouclass.sys 35C9E97194C8CFB8430125F8DBC34D04
C:\WINDOWS\System32\DRIVERS\mouhid.sys B1C303E17FB9D46E87A98E4BA6769685
C:\WINDOWS\system32\Drivers\MountMgr.sys A80B9A0BAD1B73637DBCBBA7DF72D3FD
C:\WINDOWS\System32\DRIVERS\MpFilter.sys E77DC03DD3C8E5A388BF9EED2A28F3D1
C:\WINDOWS\System32\DRIVERS\mrxdav.sys 11D42BB6206F33FBB3BA0288D3EF81BD
C:\WINDOWS\System32\DRIVERS\mrxsmb.sys 7D304A5EB4344EBEEAB53A2FE3FFB9F0
C:\WINDOWS\system32\Drivers\Msfs.sys C941EA2454BA8350021D774DAF0F1027
C:\WINDOWS\System32\drivers\MSKSSRV.sys D1575E71568F4D9E14CA56B7B0453BF1
C:\WINDOWS\System32\drivers\MSPCLOCK.sys 325BB26842FC7CCC1FCCE2C457317F3E
C:\WINDOWS\System32\drivers\MSPQM.sys BAD59648BA099DA4A17680B39730CB3D
C:\WINDOWS\System32\DRIVERS\mssmbios.sys AF5F4F3F14A8EA2C26DE30F7A1E17136
C:\WINDOWS\System32\drivers\MSTEE.sys E53736A9E30C45FA9E7B5EAC55056D1D
C:\WINDOWS\system32\Drivers\Mup.sys DE6A75F5C270E756C5508D94B6CF68F5
C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys 5B50F1B2A2ED47D560577B221DA734DB
C:\WINDOWS\system32\Drivers\NDIS.sys 1DF7F42665C94B825322FAE71721130D
C:\WINDOWS\System32\DRIVERS\NdisIP.sys 7FF1F1FD8609C149AA432F95A8163D97
C:\WINDOWS\System32\DRIVERS\ndistapi.sys 0109C4F3850DFBAB279542515386AE22
C:\WINDOWS\System32\DRIVERS\ndisuio.sys F927A4434C5028758A842943EF1A3849
C:\WINDOWS\System32\DRIVERS\ndiswan.sys EDC1531A49C80614B2CFDA43CA8659AB
C:\WINDOWS\system32\Drivers\NDProxy.sys 2F597BB467E05B1FE3830EABD821B8E0
C:\WINDOWS\System32\DRIVERS\netbios.sys 5D81CF9A2F1A3A756B66CF684911CDF0
C:\WINDOWS\System32\DRIVERS\netbt.sys 74B2B2F5BEA5E9A3DC021D685551BD3D
C:\WINDOWS\System32\DRIVERS\nic1394.sys E9E47CFB2D461FA0FC75B7A74C6383EA
C:\WINDOWS\system32\Drivers\Npfs.sys 3182D64AE053D6FB034F44B6DEF8034A
C:\WINDOWS\system32\Drivers\Ntfs.sys 78A08DD6A8D65E697C18E1DB01C5CDCA
C:\WINDOWS\system32\Drivers\Null.sys 73C1E1F395918BC2C6DD67AF7591A3AD
C:\WINDOWS\System32\DRIVERS\nwlnkflt.sys B305F3FAD35083837EF46A0BBCE2FC57
C:\WINDOWS\System32\DRIVERS\nwlnkfwd.sys C99B3415198D1AAB7227F2C88FD664B9
C:\WINDOWS\System32\DRIVERS\ohci1394.sys CA33832DF41AFB202EE7AEB05145922F
C:\WINDOWS\System32\DRIVERS\parport.sys 5575FAF8F97CE5E713D108C2A58D7C7C
C:\WINDOWS\system32\Drivers\PartMgr.sys BEB3BA25197665D82EC7065B724171C6
C:\WINDOWS\system32\Drivers\ParVdm.sys 70E98B3FD8E963A6A46A2E6247E0BEA1
C:\WINDOWS\System32\DRIVERS\pcdrndisuio.sys 505CBA425DF3BB230F244E1C23221058
C:\WINDOWS\System32\DRIVERS\pci.sys A219903CCF74233761D92BEF471A07B1
C:\WINDOWS\System32\DRIVERS\pciide.sys CCF5F451BB1A5A2A522A76E670000FF0
C:\WINDOWS\system32\Drivers\Pcmcia.sys 9E89EF60E9EE05E3F2EEF2DA7397F1C1
C:\WINDOWS\System32\DRIVERS\raspptp.sys EFEEC01B1D3CF84F16DDD24D9D9D8F99
C:\WINDOWS\System32\DRIVERS\PS2.sys 390C204CED3785609AB24E9C52054A84
C:\WINDOWS\System32\DRIVERS\psched.sys 09298EC810B07E5D582CB3A3F9255424
C:\WINDOWS\System32\DRIVERS\ptilink.sys 80D317BD1C3DBC5D4FE7B1678C60CADD
C:\WINDOWS\System32\Drivers\PxHelp20.sys 7C81AE3C9B82BA2DA437ED4D31BC56CF
C:\WINDOWS\System32\DRIVERS\rasacd.sys FE0D99D6F31E4FAD8159F690D68DED9C
C:\WINDOWS\System32\DRIVERS\rasl2tp.sys 11B4A627BC9614B885C4969BFA5FF8A6
C:\WINDOWS\System32\DRIVERS\raspppoe.sys 5BC962F2654137C9909C3D4603587DEE
C:\WINDOWS\System32\DRIVERS\raspti.sys FDBB1D60066FCFBB7452FD8F9829B242
C:\WINDOWS\System32\DRIVERS\rdbss.sys 7AD224AD1A1437FE28D89CF22B17780A
C:\WINDOWS\System32\DRIVERS\RDPCDD.sys 4912D5B403614CE99C28420F75353332
C:\WINDOWS\system32\Drivers\RDPWD.sys 43AF5212BD8FB5BA6EED9754358BD8F7
C:\WINDOWS\System32\DRIVERS\redbook.sys F828DD7E1419B6653894A8F97A0094C5
C:\WINDOWS\System32\DRIVERS\Rtlnicxp.sys 1A2A445E8968B2019E75E08F3A1344FC
C:\WINDOWS\System32\DRIVERS\RTL8139.SYS D507C1400284176573224903819FFDA3
C:\WINDOWS\System32\DRIVERS\secdrv.sys ==> MD5 is legit
C:\WINDOWS\system32\Drivers\Serial.sys CCA207A8896D4C6A0C9CE29A4AE411A7
C:\WINDOWS\system32\Drivers\Sfloppy.sys 8E6B8C671615D126FDC553D1E2DE5562
C:\WINDOWS\System32\DRIVERS\SLIP.sys 866D538EBE33709A5C9F5C62B73B7D14
C:\WINDOWS\System32\drivers\splitter.sys AB8B92451ECB048A4D1DE7C3FFCB4A9F
C:\WINDOWS\System32\DRIVERS\sr.sys 76BB022C2FB6902FD5BDD4F78FC13A5D
C:\WINDOWS\System32\DRIVERS\srv.sys 47DDFC2F003F7F9F0592C6874962A2E7
C:\WINDOWS\System32\DRIVERS\StreamIP.sys 77813007BA6265C4B6098187E6ED79D2
C:\WINDOWS\System32\DRIVERS\swenum.sys 3941D127AEF12E93ADDF6FE6EE027E0F
C:\WINDOWS\System32\drivers\swmidi.sys 8CE882BCC6CF8A62F2B2323D95CB3D01
C:\WINDOWS\System32\DRIVERS\sxuptp.sys C8A43978DADCF12B7E40A0577227DFBC
C:\WINDOWS\System32\drivers\sysaudio.sys 8B83F3ED0F1688B4958F77CD6D2BF290
C:\WINDOWS\System32\DRIVERS\tcpip.sys 9AEFA14BD6B182D61E3119FA5F436D3D
C:\WINDOWS\system32\Drivers\TDPIPE.sys 6471A66807F5E104E4885F5B67349397
C:\WINDOWS\system32\Drivers\TDTCP.sys C56B6D0402371CF3700EB322EF3AAF61
C:\WINDOWS\System32\DRIVERS\termdd.sys 88155247177638048422893737429D9E
C:\WINDOWS\system32\drivers\TrueSight.sys 446118FFFF5576434393AE4551A5CA74
C:\WINDOWS\system32\Drivers\Udfs.sys 5787B80C2E3C5E2F56C2A233D91FA2C9
C:\WINDOWS\System32\DRIVERS\update.sys 402DDC88356B1BAC0EE3DD1580C76A31
C:\WINDOWS\System32\drivers\usbaudio.sys 65898A183FBF1D1F7759D5CCB364DCD4
C:\WINDOWS\System32\DRIVERS\usbccgp.sys 1B611611C28D2DF25BC057D79C6F13FC
C:\WINDOWS\System32\DRIVERS\usbehci.sys 4BAC8DF07F1D8434FC640E677A62204E
C:\WINDOWS\System32\DRIVERS\usbhub.sys 1AB3CDDE553B6E064D2E754EFE20285C
C:\WINDOWS\System32\DRIVERS\usbscan.sys F8EDE2B6928970DCE3D5614C27D9E7F6
C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS A32426D9B14A089EAA1D922E0C5801A9
C:\WINDOWS\System32\DRIVERS\usbuhci.sys 26496F9DEE2D787FC3E61AD54821FFE6
C:\WINDOWS\System32\drivers\vga.sys 0D3A8FAFCEACD8B7625CD549757A7DF1
C:\WINDOWS\system32\DRIVERS\viaide.sys 3B3EFCDA263B8AC14FDF9CBDD0791B2E
C:\WINDOWS\system32\Drivers\VolSnap.sys 4C8FCB5CC53AAB716D810740FE59D025
C:\WINDOWS\System32\DRIVERS\wanarp.sys E20B95BAEDB550F32DD489265C1DA1F6
C:\WINDOWS\System32\DRIVERS\wceusbsh.sys 4C0B8EF721783F52F8E531FBDC4B1F74
C:\WINDOWS\System32\drivers\wdmaud.sys 6768ACF64B18196494413695F0C3A00F
C:\WINDOWS\System32\drivers\ws2ifsl.sys 6ABE6E225ADB5A751622A9CC3BC19CE8
C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS C98B39829C2BBD34E454150633C62C78
C:\WINDOWS\System32\DRIVERS\WudfPf.sys F15FEAFFFBB3644CCC80C5DA584E6311
C:\WINDOWS\System32\DRIVERS\wudfrd.sys 28B524262BCE6DE1F7EF9F510BA3985B

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-27 14:29 - 2014-10-27 14:29 - 00000000 ____D () C:\Documents and Settings\All Users\desktop\MBAM check log in works
2014-10-27 14:26 - 2014-10-27 14:26 - 00028708 _____ () C:\Documents and Settings\Biomed\desktop\MBAM check results in open office.odt
2014-10-27 14:24 - 2014-10-27 14:24 - 00000000 ____D () C:\Documents and Settings\Biomed\desktop\MBAM logs 10-27-2014
2014-10-23 20:22 - 2014-10-23 20:42 - 00022547 _____ () C:\Documents and Settings\Biomed\desktop\UNC Greensboro.odt
2014-10-20 21:15 - 2014-10-20 21:15 - 00063600 _____ () C:\Documents and Settings\Biomed\desktop\MBAMCheckResults.txt10-20-2014.txt
2014-10-19 21:20 - 2014-10-19 21:20 - 00043008 _____ () C:\Documents and Settings\Biomed\desktop\Candy recipes.wps
2014-10-19 10:48 - 2014-10-25 20:10 - 00033747 _____ () C:\Documents and Settings\Biomed\desktop\PSY Homework.odt
2014-10-17 19:47 - 2014-10-17 19:47 - 00000000 ____D () C:\Documents and Settings\Administrator Pam\Application Data\Memeo
2014-10-17 19:46 - 2014-10-17 19:46 - 00000000 ____D () C:\Documents and Settings\Administrator Pam\Application Data\Seagate
2014-10-15 13:03 - 2014-10-15 15:44 - 00000000 ____D () C:\WINDOWS\SxsCaPendDel
2014-10-12 13:38 - 2014-10-12 13:38 - 00000000 ____D () C:\Documents and Settings\Biomed\Application Data\Unity
2014-10-12 13:30 - 2014-10-20 21:12 - 00000000 ____D () C:\Documents and Settings\Biomed\Local Settings\Application Data\Unity
2014-10-10 16:00 - 2014-10-10 16:00 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\MemeoCommon
2014-10-10 15:56 - 2014-10-10 15:56 - 00000000 ____D () C:\Documents and Settings\Biomed\Application Data\Memeo
2014-10-10 15:52 - 2014-10-10 15:52 - 00000000 ____D () C:\Documents and Settings\LocalService\Application Data\Seagate
2014-10-10 15:52 - 2014-10-10 15:52 - 00000000 ____D () C:\Documents and Settings\Biomed\Application Data\Seagate
2014-10-10 14:40 - 2014-10-10 14:40 - 00000945 _____ () C:\Documents and Settings\All Users\desktop\Seagate Dashboard.lnk
2014-10-10 14:40 - 2014-10-10 14:40 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Seagate Dashboard
2014-10-10 14:39 - 2014-10-10 14:39 - 00000000 ____D () C:\Program Files\Memeo
2014-10-10 14:39 - 2014-10-10 14:39 - 00000000 ____D () C:\Program Files\Common Files\Memeo
2014-10-10 14:39 - 2014-10-10 14:39 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\Application Data\ServiceTest
2014-10-10 14:39 - 2014-10-10 14:39 - 00000000 ____D () C:\Documents and Settings\Biomed\Local Settings\Application Data\temp
2014-10-10 14:39 - 2014-10-10 14:39 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Memeo
2014-10-06 13:48 - 2014-10-06 13:50 - 00000000 ____D () C:\Documents and Settings\Administrator Pam\My Documents\INSTRUCTIONS TO POSSIBLY FIX THE UP DATE ISSUE WITH FIRE FOX
2014-10-06 10:19 - 2014-10-06 10:20 - 00000000 ____D () C:\Documents and Settings\Administrator Pam\Local Settings\Application Data\Adobe
2014-10-05 14:39 - 2014-10-19 15:13 - 00035588 _____ () C:\Documents and Settings\Biomed\desktop\History Documents.odt
2014-10-03 10:03 - 2014-10-03 10:03 - 00056529 _____ () C:\Documents and Settings\Biomed\desktop\MBAMCheckResults.txt10-3-2014.txt
2014-10-03 10:01 - 2014-10-27 11:36 - 00063600 _____ () C:\Documents and Settings\Biomed\desktop\CheckResults.txt
2014-09-29 20:34 - 2014-09-29 20:34 - 00015478 _____ () C:\Documents and Settings\Biomed\My Documents\My letter to Timex about my watches.odt

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-29 11:12 - 2014-04-25 17:37 - 00000000 ____D () C:\Documents and Settings\Biomed\Local Settings\temp
2014-10-29 11:11 - 2014-04-23 16:01 - 00000000 ____D () C:\Documents and Settings\Biomed\desktop\FRST-OlderVersion
2014-10-29 11:11 - 2013-07-11 13:11 - 00000000 ____D () C:\FRST
2014-10-29 11:10 - 2014-08-27 10:33 - 00000440 _____ () C:\WINDOWS\Tasks\COMODO Scan {141AECDD-A802-44D4-AD26-9AC193B9807D}.job
2014-10-29 11:10 - 2014-05-13 14:03 - 00000440 _____ () C:\WINDOWS\Tasks\COMODO Scan {4439D323-FD55-4375-BAD7-6EE4D256E847}.job
2014-10-29 11:10 - 2014-05-02 14:42 - 00000440 _____ () C:\WINDOWS\Tasks\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}.job
2014-10-29 11:10 - 2014-05-02 14:42 - 00000440 _____ () C:\WINDOWS\Tasks\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}.job
2014-10-29 11:10 - 2014-05-02 14:42 - 00000440 _____ () C:\WINDOWS\Tasks\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22}.job
2014-10-29 11:10 - 2014-05-02 14:42 - 00000440 _____ () C:\WINDOWS\Tasks\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9}.job
2014-10-29 11:02 - 2014-05-02 14:41 - 01474832 _____ () C:\WINDOWS\system32\Drivers\sfi.dat
2014-10-29 10:07 - 2014-09-18 09:33 - 00000406 _____ () C:\WINDOWS\Tasks\ReclaimerUpdateXML_Biomed.job
2014-10-29 06:32 - 2014-05-02 15:46 - 02832258 _____ () C:\WINDOWS\system32\Drivers\fvstore.dat
2014-10-29 02:24 - 2014-07-17 12:02 - 00114904 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-10-28 18:48 - 2014-09-18 09:33 - 00000410 _____ () C:\WINDOWS\Tasks\ReclaimerUpdateFiles_Biomed.job
2014-10-28 17:42 - 2014-05-09 23:05 - 01791146 _____ () C:\WINDOWS\WindowsUpdate.log
2014-10-28 07:00 - 2014-05-10 07:36 - 00032506 ____N () C:\WINDOWS\SchedLgU.Txt
2014-10-28 06:14 - 2014-09-18 09:33 - 00000416 _____ () C:\WINDOWS\Tasks\RNUpgradeHelperLogonPrompt_Biomed.job
2014-10-28 06:13 - 2014-04-30 14:58 - 00000224 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2014-10-28 06:13 - 2013-09-12 10:55 - 00000288 _____ () C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-605865402-4069305935-1106247723-1011.job
2014-10-28 06:13 - 2013-09-12 10:55 - 00000280 _____ () C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-605865402-4069305935-1106247723-1011.job
2014-10-28 06:13 - 2013-08-02 22:17 - 00000280 _____ () C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-605865402-4069305935-1106247723-1011.job
2014-10-27 22:48 - 2014-05-10 07:37 - 00000159 ____N () C:\WINDOWS\wiadebug.log
2014-10-27 22:47 - 2014-05-10 07:37 - 00000050 ____N () C:\WINDOWS\wiaservc.log
2014-10-27 22:46 - 2005-01-27 22:12 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-10-27 21:18 - 2014-05-02 15:44 - 00131072 _____ () C:\WINDOWS\system32\config\COMODO I.evt
2014-10-27 21:18 - 2005-08-01 08:44 - 00000178 ___SH () C:\Documents and Settings\Biomed\ntuser.ini
2014-10-27 14:29 - 2005-09-27 08:54 - 00041274 _____ () C:\Documents and Settings\Biomed\Application Data\wklnhst.dat
2014-10-27 14:27 - 2005-05-26 12:16 - 00000000 ____D () C:\WINDOWS\system32\FxsTmp
2014-10-27 11:53 - 2011-05-09 16:05 - 00000693 _____ () C:\Documents and Settings\All Users\desktop\CCleaner.lnk
2014-10-27 11:53 - 2010-09-19 22:34 - 00000000 ____D () C:\Program Files\CCleaner
2014-10-27 11:28 - 2014-09-09 21:10 - 00000000 ____D () C:\Documents and Settings\Biomed\Local Settings\Application Data\Adobe
2014-10-27 11:14 - 2013-11-19 13:59 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-10-27 11:14 - 2012-04-03 22:59 - 00701104 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-10-27 11:14 - 2011-05-13 13:12 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-10-27 11:10 - 2014-04-25 22:14 - 00000000 ____D () C:\Documents and Settings\Biomed\desktop\for malwarebytes
2014-10-27 11:07 - 2005-08-01 08:44 - 00000000 ____D () C:\Documents and Settings\Biomed
2014-10-25 09:07 - 2010-10-25 19:27 - 00000000 ____D () C:\Documents and Settings\Biomed\desktop\Pam
2014-10-25 07:20 - 2014-04-06 18:08 - 00066337 _____ () C:\Documents and Settings\Biomed\desktop\To print.odt
2014-10-23 10:46 - 2013-08-02 22:17 - 00000288 _____ () C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-605865402-4069305935-1106247723-1011.job
2014-10-23 03:13 - 2013-10-20 21:25 - 00000458 _____ () C:\WINDOWS\Tasks\Defrag.job
2014-10-20 20:59 - 2014-07-17 12:01 - 00000788 _____ () C:\Documents and Settings\All Users\desktop\Malwarebytes Anti-Malware.lnk
2014-10-20 20:59 - 2014-07-17 12:01 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-20 20:59 - 2014-07-17 12:00 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-10-17 19:48 - 2014-04-25 17:37 - 00000000 ____D () C:\Documents and Settings\Administrator Pam\Local Settings\temp
2014-10-15 15:49 - 2005-01-26 17:58 - 00524812 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-10-15 15:41 - 2013-09-13 21:46 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-10-15 13:05 - 2008-04-08 11:23 - 100290944 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-10-10 14:39 - 2014-09-24 06:52 - 00000000 ____D () C:\Program Files\Seagate
2014-10-09 05:43 - 2014-04-30 14:58 - 00000218 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2014-10-08 06:09 - 2013-03-10 20:34 - 00000178 ___SH () C:\Documents and Settings\Administrator Pam\ntuser.ini
2014-10-06 09:31 - 2012-04-26 18:55 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-10-06 09:18 - 2012-04-13 16:21 - 00008600 _____ () C:\WINDOWS\system32\lvcoinst.log
2014-10-06 09:14 - 2014-09-24 08:58 - 00000000 ____D () C:\Program Files\Mozilla Firefox.bak
2014-10-03 12:12 - 2014-09-03 13:01 - 00000000 ____D () C:\Documents and Settings\Biomed\desktop\College home work papers and stuff for Brent 9-2-2014
2014-10-01 11:11 - 2014-07-17 12:00 - 00054360 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-10-01 11:11 - 2014-06-09 13:50 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-09-29 20:43 - 2013-06-22 09:49 - 00033296 _____ () C:\Documents and Settings\Biomed\desktop\Carburetor troubleshooting & tips

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================

flywelder · November 2, 2014

Users shortcut scan result (x86) Version: 29-10-2014 01
Ran by Biomed at 2014-10-29 11:14:10
Running from C:\Documents and Settings\Biomed\desktop\FRST-OlderVersion
Boot Mode: Normal
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)

Shortcut: C:\Documents and Settings\Administrator\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Documents and Settings\Administrator\Start Menu\Programs\Outlook Express.lnk -> C:\Program Files\Outlook Express\msimn.exe (Microsoft Corporation)
Shortcut: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\WKCALREM.LNK -> C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe (Microsoft® Corporation)
Shortcut: C:\Documents and Settings\Administrator\Start Menu\Programs\Online Services\Easy Internet Sign-up.lnk -> C:\Program Files\Easy Internet signup\HPSdpApp.exe (Hewlett-Packard)
Shortcut: C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories\Address Book.lnk -> C:\Program Files\Outlook Express\wab.exe (Microsoft Corporation)
Shortcut: C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\WINDOWS\system32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories\Notepad.lnk -> C:\WINDOWS\system32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories\Synchronize.lnk -> C:\WINDOWS\system32\mobsync.exe (Microsoft Corporation)
Shortcut: C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories\Tour Windows XP.lnk -> C:\WINDOWS\system32\tourstart.exe (Microsoft Corporation)
Shortcut: C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\WINDOWS\explorer.exe (Microsoft Corporation)
Shortcut: C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories\Entertainment\RealPlayer.lnk -> C:\Program Files\real\RealPlayer\realplay.exe (RealNetworks, Inc.)
Shortcut: C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories\Accessibility\Magnifier.lnk -> C:\WINDOWS\system32\magnify.exe (Microsoft Corporation)
Shortcut: C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\WINDOWS\system32\narrator.exe (Microsoft Corporation)
Shortcut: C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\WINDOWS\system32\osk.exe (Microsoft Corporation)
Shortcut: C:\Documents and Settings\Administrator\My Documents\My Videos\Samples.lnk -> C:\Program Files\muvee Technologies\muvee autoProducer 4.0\Samples ()
Shortcut: C:\Documents and Settings\Administrator\My Documents\My Pictures\Sample Pictures.lnk -> C:\Documents and Settings\All Users\Documents\My Pictures\Sample Pictures ()
Shortcut: C:\Documents and Settings\Administrator\My Documents\My Pictures\Samples.lnk -> C:\Program Files\muvee Technologies\muvee autoProducer 4.0\Samples ()
Shortcut: C:\Documents and Settings\Administrator\My Documents\My Music\Sample Music.lnk -> C:\Documents and Settings\All Users\Documents\My Music\Sample Music ()
Shortcut: C:\Documents and Settings\Administrator\My Documents\My Music\Samples.lnk -> C:\Program Files\muvee Technologies\muvee autoProducer 4.0\Samples ()
Shortcut: C:\Documents and Settings\Administrator\Desktop\Microsoft Works.LNK -> C:\Program Files\Microsoft Works\MSWorks.exe (Microsoft® Corporation)
Shortcut: C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\iTunes.lnk -> C:\Program Files\iTunes\iTunes.exe (Apple Computer, Inc.)
Shortcut: C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\QuickTime Player.lnk -> C:\Program Files\QuickTime\QuickTimePlayer.exe (Apple Computer, Inc.)
Shortcut: C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\RealPlayer.lnk -> C:\Program Files\real\RealPlayer\realplay.exe (RealNetworks, Inc.)
Shortcut: C:\Documents and Settings\Administrator Pam\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Documents and Settings\Administrator Pam\Start Menu\Programs\Outlook Express.lnk -> C:\Program Files\Outlook Express\msimn.exe (Microsoft Corporation)
Shortcut: C:\Documents and Settings\Administrator Pam\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
Shortcut: C:\Documents and Settings\Administrator Pam\Start Menu\Programs\Online Services\Easy Internet Sign-up.lnk -> C:\Program Files\Easy Internet signup\HPSdpApp.exe (Hewlett-Packard)
Shortcut: C:\Documents and Settings\Administrator Pam\Start Menu\Programs\Accessories\Address Book.lnk -> C:\Program Files\Outlook Express\wab.exe (Microsoft Corporation)
Shortcut: C:\Documents and Settings\Administrator Pam\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\WINDOWS\system32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Documents and Settings\Administrator Pam\Start Menu\Programs\Accessories\Notepad.lnk -> C:\WINDOWS\system32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Documents and Settings\Administrator Pam\Start Menu\Programs\Accessories\Synchronize.lnk -> C:\WINDOWS\system32\mobsync.exe (Microsoft Corporation)
Shortcut: C:\Documents and Settings\Administrator Pam\Start Menu\Programs\Accessories\Tour Windows XP.lnk -> C:\WINDOWS\system32\tourstart.exe (Microsoft Corporation)
Shortcut: C:\Documents and Settings\Administrator Pam\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\WINDOWS\explorer.exe (Microsoft Corporation)
Shortcut: C:\Documents and Settings\Administrator Pam\Start Menu\Programs\Accessories\Entertainment\RealPlayer.lnk -> C:\Program Files\real\RealPlayer\realplay.exe (RealNetworks, Inc.)
Shortcut: C:\Documents and Settings\Administrator Pam\Start Menu\Programs\Accessories\Accessibility\Magnifier.lnk -> C:\WINDOWS\system32\magnify.exe (Microsoft Corporation)
Shortcut: C:\Documents and Settings\Administrator Pam\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\WINDOWS\system32\narrator.exe (Microsoft Corporation)
Shortcut: C:\Documents and Settings\Administrator Pam\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\WINDOWS\system32\osk.exe (Microsoft Corporation)
Shortcut: C:\Documents and Settings\Administrator Pam\My Documents\My Videos\Samples.lnk -> C:\Program Files\muvee Technologies\muvee autoProducer 4.0\Samples ()
Shortcut: C:\Documents and Settings\Administrator Pam\My Documents\My Pictures\Sample Pictures.lnk -> C:\Documents and Settings\All Users\Documents\My Pictures\Sample Pictures ()
Shortcut: C:\Documents and Settings\Administrator Pam\My Documents\My Pictures\Samples.lnk -> C:\Program Files\muvee Technologies\muvee autoProducer 4.0\Samples ()
Shortcut: C:\Documents and Settings\Administrator Pam\My Documents\My Music\Sample Music.lnk -> C:\Documents and Settings\All Users\Documents\My Music\Sample Music ()
Shortcut: C:\Documents and Settings\Administrator Pam\My Documents\My Music\Samples.lnk -> C:\Program Files\muvee Technologies\muvee autoProducer 4.0\Samples ()
Shortcut: C:\Documents and Settings\Administrator Pam\Desktop\Shortcut to mspaint.exe.lnk -> C:\WINDOWS\system32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\Documents and Settings\Administrator Pam\Application Data\Microsoft\Internet Explorer\Quick Launch\iTunes.lnk -> C:\Program Files\iTunes\iTunes.exe (Apple Computer, Inc.)
Shortcut: C:\Documents and Settings\Administrator Pam\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Documents and Settings\Administrator Pam\Application Data\Microsoft\Internet Explorer\Quick Launch\QuickTime Player.lnk -> C:\Program Files\QuickTime\QuickTimePlayer.exe (Apple Computer, Inc.)
Shortcut: C:\Documents and Settings\Administrator Pam\Application Data\Microsoft\Internet Explorer\Quick Launch\RealPlayer.lnk -> C:\Program Files\real\RealPlayer\realplay.exe (RealNetworks, Inc.)
Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk -> C:\WINDOWS\Installer\{AC76BA86-7AD7-1033-7B44-AB0000000001}\SC_Reader.ico ()
Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Windows PowerShell 1.0\Getting Started.lnk -> C:\WINDOWS\system32\windowspowershell\v1.0\gettingstarted.rtf ()
Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Windows PowerShell 1.0\Quick Reference.lnk -> C:\WINDOWS\system32\windowspowershell\v1.0\quadfold.rtf ()
Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Windows PowerShell 1.0\Release Notes.lnk -> C:\WINDOWS\system32\windowspowershell\v1.0\releasenotes.rtf ()
Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Windows PowerShell 1.0\User Guide.lnk -> C:\WINDOWS\system32\windowspowershell\v1.0\userguide.rtf ()
Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Windows PowerShell 1.0\Windows PowerShell.lnk -> C:\WINDOWS\system32\windowspowershell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Tweaking.com\Windows Repair (All in One)\Tweaking.com - Registry Backup.lnk -> C:\Program Files\Tweaking.com\Windows Repair (All in One)\files\registry_backup_tool\TweakingRegistryBackup.exe (Tweaking.com)
Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Tweaking.com\Windows Repair (All in One)\Tweaking.com - Windows Repair (All in One).lnk -> C:\Program Files\Tweaking.com\Windows Repair (All in One)\Repair_Windows.exe (Tweaking.com)
Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Seagate Dashboard\Seagate Dashboard.lnk -> C:\Program Files\Seagate\Seagate Dashboard\MemeoLauncher.exe ()
Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\RealNetworks\RealDownloader.lnk -> C:\WINDOWS\Installer\{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}\recordingmanager.exe (RealNetworks, Inc.)
Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\OpenOffice.org 3.3\OpenOffice.org Base.lnk -> C:\Program Files\OpenOffice.org 3\program\sbase.exe (OpenOffice.org)
Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\OpenOffice.org 3.3\OpenOffice.org Calc.lnk -> C:\Program Files\OpenOffice.org 3\program\scalc.exe (OpenOffice.org)
Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\OpenOffice.org 3.3\OpenOffice.org Draw.lnk -> C:\Program Files\OpenOffice.org 3\program\sdraw.exe (OpenOffice.org)
Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\OpenOffice.org 3.3\OpenOffice.org Impress.lnk -> C:\Program Files\OpenOffice.org 3\program\simpress.exe (OpenOffice.org)
Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\OpenOffice.org 3.3\OpenOffice.org Math.lnk -> C:\Program Files\OpenOffice.org 3\program\smath.exe (OpenOffice.org)
Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\OpenOffice.org 3.3\OpenOffice.org Writer.lnk -> C:\Program Files\OpenOffice.org 3\program\swriter.exe (OpenOffice.org)
Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\OpenOffice.org 3.3\OpenOffice.org.lnk -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Download Manager\Microsoft Download Manager.lnk -> C:\WINDOWS\Installer\{654977DB-0001-0002-0001-EABD228DDE8B}\DMClient.ico ()
Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Memeo\Memeo Instant Backup.lnk -> C:\Program Files\Memeo\AutoBackup\MemeoLauncher2.exe (Memeo Inc.)
Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk -> C:\Program Files\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware\Uninstall Malwarebytes Anti-Malware.lnk -> C:\Program Files\Malwarebytes Anti-Malware\unins000.exe ()
Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk -> C:\Program Files\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm ()
Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\ERUNT\Documentation.lnk -> C:\Program Files\ERUNT\README.TXT ()
Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\ERUNT\ERUNT Homepage.lnk -> C:\Program Files\ERUNT\ERUNT.URL ()
Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\ERUNT\ERUNT.lnk -> C:\Program Files\ERUNT\ERUNT.EXE ()
Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\ERUNT\NTREGOPT.lnk -> C:\Program Files\ERUNT\NTREGOPT.EXE ()
Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\ERUNT\Uninstall ERUNT.lnk -> C:\Program Files\ERUNT\unins000.exe ()
Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Comodo\Dragon\Comodo Dragon.lnk -> C:\Program Files\Comodo\Dragon\dragon.exe (Comodo)
Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Comodo\Dragon\Uninstall Comodo Dragon.lnk -> C:\Program Files\Comodo\Dragon\uninstall.exe (COMODO)
Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\CCleaner\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)
Shortcut: C:\Documents and Settings\All Users\Desktop\Adobe Reader XI.lnk -> C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe (Adobe Systems Incorporated)
Shortcut: C:\Documents and Settings\All Users\Desktop\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)
Shortcut: C:\Documents and Settings\All Users\Desktop\Comodo Dragon.lnk -> C:\Program Files\Comodo\Dragon\dragon.exe (Comodo)
Shortcut: C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk -> C:\Program Files\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
Shortcut: C:\Documents and Settings\All Users\Desktop\Microsoft Download Manager.lnk -> C:\WINDOWS\Installer\{654977DB-0001-0002-0001-EABD228DDE8B}\DMClient.ico ()
Shortcut: C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Documents and Settings\All Users\Desktop\OpenOffice.org 3.3.lnk -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
Shortcut: C:\Documents and Settings\All Users\Desktop\Seagate Dashboard.lnk -> C:\Program Files\Seagate\Seagate Dashboard\MemeoLauncher.exe ()
Shortcut: C:\Documents and Settings\All Users\Desktop\Shared Space.lnk -> C:\Documents and Settings\All Users\Application Data\Shared Space ()
Shortcut: C:\Documents and Settings\All Users\Desktop\Virtual Comodo Dragon.lnk -> C:\Program Files\Comodo\Dragon\virtual_mode_helper.exe ()
Shortcut: C:\Documents and Settings\Biomed\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Documents and Settings\Biomed\Start Menu\Programs\Outlook Express.lnk -> C:\Program Files\Outlook Express\msimn.exe (Microsoft Corporation)
Shortcut: C:\Documents and Settings\Biomed\Start Menu\Programs\Online Services\Easy Internet Sign-up.lnk -> C:\Program Files\Easy Internet signup\HPSdpApp.exe (Hewlett-Packard)
Shortcut: C:\Documents and Settings\Biomed\Start Menu\Programs\Glarysoft\Disk SpeedUp\Disk SpeedUp.lnk -> C:\Program Files\Glarysoft\Disk SpeedUp\Defrag.exe (Glarysoft Ltd)
Shortcut: C:\Documents and Settings\Biomed\Start Menu\Programs\Glarysoft\Disk SpeedUp\Uninstall.lnk -> C:\Program Files\Glarysoft\Disk SpeedUp\uninst.exe ()
Shortcut: C:\Documents and Settings\Biomed\Start Menu\Programs\Glarysoft\Disk SpeedUp\Website.lnk -> C:\Program Files\Glarysoft\Disk SpeedUp\Disk SpeedUp.url ()
Shortcut: C:\Documents and Settings\Biomed\Start Menu\Programs\CCleaner\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)
Shortcut: C:\Documents and Settings\Biomed\Start Menu\Programs\Anuman Interactive\Genealogie\Wizard.lnk -> C:\Anuman Interactive\Family Tree For Dummies\Wizard.vig ()
Shortcut: C:\Documents and Settings\Biomed\Start Menu\Programs\Amazon\Amazon Kindle\Kindle.lnk -> C:\Program Files\Amazon\Kindle\Kindle.exe (Amazon.com)
Shortcut: C:\Documents and Settings\Biomed\Start Menu\Programs\Amazon\Amazon Kindle\Uninstall Kindle.lnk -> C:\Program Files\Amazon\Kindle\uninstall.exe (Amazon.com)
Shortcut: C:\Documents and Settings\Biomed\Start Menu\Programs\Accessories\Address Book.lnk -> C:\Program Files\Outlook Express\wab.exe (Microsoft Corporation)
Shortcut: C:\Documents and Settings\Biomed\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\WINDOWS\system32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Documents and Settings\Biomed\Start Menu\Programs\Accessories\Notepad.lnk -> C:\WINDOWS\system32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Documents and Settings\Biomed\Start Menu\Programs\Accessories\Synchronize.lnk -> C:\WINDOWS\system32\mobsync.exe (Microsoft Corporation)
Shortcut: C:\Documents and Settings\Biomed\Start Menu\Programs\Accessories\Tour Windows XP.lnk -> C:\WINDOWS\system32\tourstart.exe (Microsoft Corporation)
Shortcut: C:\Documents and Settings\Biomed\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\WINDOWS\explorer.exe (Microsoft Corporation)
Shortcut: C:\Documents and Settings\Biomed\Start Menu\Programs\Accessories\Accessibility\Magnifier.lnk -> C:\WINDOWS\system32\magnify.exe (Microsoft Corporation)
Shortcut: C:\Documents and Settings\Biomed\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\WINDOWS\system32\narrator.exe (Microsoft Corporation)
Shortcut: C:\Documents and Settings\Biomed\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\WINDOWS\system32\osk.exe (Microsoft Corporation)
Shortcut: C:\Documents and Settings\Biomed\NetHood\SharedDocs on Pam (Msaimh002)\target.lnk -> \\MSAIMH002\SharedDocs ()
Shortcut: C:\Documents and Settings\Biomed\NetHood\MBAM info on Msaimh002\target.lnk -> \\MSAIMH002\MBAM info ()
Shortcut: C:\Documents and Settings\Biomed\My Documents\My Videos\Samples.lnk -> C:\Program Files\muvee Technologies\muvee autoProducer 4.0\Samples ()
Shortcut: C:\Documents and Settings\Biomed\My Documents\My Pictures\Sample Pictures.lnk -> C:\Documents and Settings\All Users\Documents\My Pictures\Sample Pictures ()
Shortcut: C:\Documents and Settings\Biomed\My Documents\My Pictures\Samples.lnk -> C:\Program Files\muvee Technologies\muvee autoProducer 4.0\Samples ()
Shortcut: C:\Documents and Settings\Biomed\My Documents\My Music\Sample Music.lnk -> C:\Documents and Settings\All Users\Documents\My Music\Sample Music ()
Shortcut: C:\Documents and Settings\Biomed\My Documents\My Music\Samples.lnk -> C:\Program Files\muvee Technologies\muvee autoProducer 4.0\Samples ()
Shortcut: C:\Documents and Settings\Biomed\My Documents\Downloads\Shortcut to mbam-setup-1.51.0.1200.exe.lnk -> C:\Documents and Settings\Biomed\My Documents\Downloads\mbam-setup-1.51.0.1200.exe (No File)
Shortcut: C:\Documents and Settings\Biomed\desktop\Calculator.lnk -> C:\WINDOWS\system32\calc.exe (Microsoft Corporation)
Shortcut: C:\Documents and Settings\Biomed\desktop\Disk SpeedUp.lnk -> C:\Program Files\Glarysoft\Disk SpeedUp\Defrag.exe (Glarysoft Ltd)
Shortcut: C:\Documents and Settings\Biomed\desktop\ERUNT.lnk -> C:\Program Files\ERUNT\ERUNT.EXE ()
Shortcut: C:\Documents and Settings\Biomed\desktop\Family Tree For Dummies.lnk -> C:\Program Files\Anuman Interactive\Family Tree For Dummies\genealogy.exe ()
Shortcut: C:\Documents and Settings\Biomed\desktop\Kindle.lnk -> C:\Program Files\Amazon\Kindle\Kindle.exe (Amazon.com)
Shortcut: C:\Documents and Settings\Biomed\desktop\Microsoft Works.LNK -> C:\Program Files\Microsoft Works\MSWorks.exe (Microsoft® Corporation)
Shortcut: C:\Documents and Settings\Biomed\desktop\Shortcut (2) to Downloads.lnk -> C:\Documents and Settings\Biomed\My Documents\Downloads ()
Shortcut: C:\Documents and Settings\Biomed\desktop\Shortcut to Belkin Help.pdf.lnk -> C:\Program Files\Belkin\Router Setup and Monitor\help\Belkin Help.pdf ()
Shortcut: C:\Documents and Settings\Biomed\desktop\Shortcut to ComodoLogsFolder.lnk -> C:\Documents and Settings\Biomed\Local Settings\temp\ComodoLogsFolder (No File)
Shortcut: C:\Documents and Settings\Biomed\desktop\Shortcut to Downloads.lnk -> C:\Documents and Settings\Biomed\My Documents\Downloads ()
Shortcut: C:\Documents and Settings\Biomed\desktop\Tweaking.com - Windows Repair (All in One).lnk -> C:\Program Files\Tweaking.com\Windows Repair (All in One)\Repair_Windows.exe (Tweaking.com)
Shortcut: C:\Documents and Settings\Biomed\desktop\Pam\Shortcut to Skybird.jpg.lnk -> C:\Documents and Settings\Biomed\desktop\Pam\Screen Savers\Skybird.jpg ()
Shortcut: C:\Documents and Settings\Biomed\desktop\for malwarebytes\Shortcut (3) to ErrorLogs.lnk -> C:\Documents and Settings\Default User\Application Data\Real\RealPlayer\ErrorLogs ()
Shortcut: C:\Documents and Settings\Biomed\desktop\for malwarebytes\Shortcut to CCE_20140509_103036.txt.lnk -> C:\Documents and Settings\Biomed\Application Data\Comodo\CCE\Logs\CCE_20140509_103036.txt (No File)
Shortcut: C:\Documents and Settings\Biomed\desktop\David's\Shortcut to Mrs. Wilson photo.JPG.lnk -> C:\Documents and Settings\Biomed\My Documents\Downloads\Mrs. Wilson photo.JPG ()
Shortcut: C:\Documents and Settings\Biomed\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Documents and Settings\Default User\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Documents and Settings\Default User\Start Menu\Programs\Outlook Express.lnk -> C:\Program Files\Outlook Express\msimn.exe (Microsoft Corporation)
Shortcut: C:\Documents and Settings\Default User\Start Menu\Programs\Online Services\Easy Internet Sign-up.lnk -> C:\Program Files\Easy Internet signup\HPSdpApp.exe (Hewlett-Packard)
Shortcut: C:\Documents and Settings\Default User\Start Menu\Programs\Accessories\Address Book.lnk -> C:\Program Files\Outlook Express\wab.exe (Microsoft Corporation)
Shortcut: C:\Documents and Settings\Default User\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\WINDOWS\system32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Documents and Settings\Default User\Start Menu\Programs\Accessories\Notepad.lnk -> C:\WINDOWS\system32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Documents and Settings\Default User\Start Menu\Programs\Accessories\Synchronize.lnk -> C:\WINDOWS\system32\mobsync.exe (Microsoft Corporation)
Shortcut: C:\Documents and Settings\Default User\Start Menu\Programs\Accessories\Tour Windows XP.lnk -> C:\WINDOWS\system32\tourstart.exe (Microsoft Corporation)
Shortcut: C:\Documents and Settings\Default User\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\WINDOWS\explorer.exe (Microsoft Corporation)
Shortcut: C:\Documents and Settings\Default User\Start Menu\Programs\Accessories\Entertainment\RealPlayer.lnk -> C:\Program Files\real\RealPlayer\realplay.exe (RealNetworks, Inc.)
Shortcut: C:\Documents and Settings\Default User\Start Menu\Programs\Accessories\Accessibility\Magnifier.lnk -> C:\WINDOWS\system32\magnify.exe (Microsoft Corporation)
Shortcut: C:\Documents and Settings\Default User\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\WINDOWS\system32\narrator.exe (Microsoft Corporation)
Shortcut: C:\Documents and Settings\Default User\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\WINDOWS\system32\osk.exe (Microsoft Corporation)
Shortcut: C:\Documents and Settings\Default User\My Documents\My Videos\Samples.lnk -> C:\Program Files\muvee Technologies\muvee autoProducer 4.0\Samples ()
Shortcut: C:\Documents and Settings\Default User\My Documents\My Pictures\Sample Pictures.lnk -> C:\Documents and Settings\All Users\Documents\My Pictures\Sample Pictures ()
Shortcut: C:\Documents and Settings\Default User\My Documents\My Pictures\Samples.lnk -> C:\Program Files\muvee Technologies\muvee autoProducer 4.0\Samples ()
Shortcut: C:\Documents and Settings\Default User\My Documents\My Music\Sample Music.lnk -> C:\Documents and Settings\All Users\Documents\My Music\Sample Music ()
Shortcut: C:\Documents and Settings\Default User\My Documents\My Music\Samples.lnk -> C:\Program Files\muvee Technologies\muvee autoProducer 4.0\Samples ()
Shortcut: C:\Documents and Settings\Default User\Application Data\Microsoft\Internet Explorer\Quick Launch\iTunes.lnk -> C:\Program Files\iTunes\iTunes.exe (Apple Computer, Inc.)
Shortcut: C:\Documents and Settings\Default User\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Documents and Settings\Default User\Application Data\Microsoft\Internet Explorer\Quick Launch\QuickTime Player.lnk -> C:\Program Files\QuickTime\QuickTimePlayer.exe (Apple Computer, Inc.)
Shortcut: C:\Documents and Settings\Default User\Application Data\Microsoft\Internet Explorer\Quick Launch\RealPlayer.lnk -> C:\Program Files\real\RealPlayer\realplay.exe (RealNetworks, Inc.)
Shortcut: C:\Documents and Settings\Guest\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Documents and Settings\Guest\Start Menu\Programs\Outlook Express.lnk -> C:\Program Files\Outlook Express\msimn.exe (Microsoft Corporation)
Shortcut: C:\Documents and Settings\Guest\Start Menu\Programs\Online Services\Easy Internet Sign-up.lnk -> C:\Program Files\Easy Internet signup\HPSdpApp.exe (Hewlett-Packard)
Shortcut: C:\Documents and Settings\Guest\Start Menu\Programs\Accessories\Address Book.lnk -> C:\Program Files\Outlook Express\wab.exe (Microsoft Corporation)
Shortcut: C:\Documents and Settings\Guest\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\WINDOWS\system32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Documents and Settings\Guest\Start Menu\Programs\Accessories\Notepad.lnk -> C:\WINDOWS\system32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Documents and Settings\Guest\Start Menu\Programs\Accessories\Synchronize.lnk -> C:\WINDOWS\system32\mobsync.exe (Microsoft Corporation)
Shortcut: C:\Documents and Settings\Guest\Start Menu\Programs\Accessories\Tour Windows XP.lnk -> C:\WINDOWS\system32\tourstart.exe (Microsoft Corporation)
Shortcut: C:\Documents and Settings\Guest\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\WINDOWS\explorer.exe (Microsoft Corporation)
Shortcut: C:\Documents and Settings\Guest\Start Menu\Programs\Accessories\Entertainment\RealPlayer.lnk -> C:\Program Files\real\RealPlayer\realplay.exe (RealNetworks, Inc.)
Shortcut: C:\Documents and Settings\Guest\Start Menu\Programs\Accessories\Accessibility\Magnifier.lnk -> C:\WINDOWS\system32\magnify.exe (Microsoft Corporation)
Shortcut: C:\Documents and Settings\Guest\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\WINDOWS\system32\narrator.exe (Microsoft Corporation)
Shortcut: C:\Documents and Settings\Guest\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\WINDOWS\system32\osk.exe (Microsoft Corporation)
Shortcut: C:\Documents and Settings\Guest\My Documents\My Videos\Samples.lnk -> C:\Program Files\muvee Technologies\muvee autoProducer 4.0\Samples ()
Shortcut: C:\Documents and Settings\Guest\My Documents\My Pictures\Sample Pictures.lnk -> C:\Documents and Settings\All Users\Documents\My Pictures\Sample Pictures ()
Shortcut: C:\Documents and Settings\Guest\My Documents\My Pictures\Samples.lnk -> C:\Program Files\muvee Technologies\muvee autoProducer 4.0\Samples ()
Shortcut: C:\Documents and Settings\Guest\My Documents\My Music\Sample Music.lnk -> C:\Documents and Settings\All Users\Documents\My Music\Sample Music ()
Shortcut: C:\Documents and Settings\Guest\My Documents\My Music\Samples.lnk -> C:\Program Files\muvee Technologies\muvee autoProducer 4.0\Samples ()
Shortcut: C:\Documents and Settings\Guest\Application Data\Microsoft\Internet Explorer\Quick Launch\iTunes.lnk -> C:\Program Files\iTunes\iTunes.exe (Apple Computer, Inc.)
Shortcut: C:\Documents and Settings\Guest\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Documents and Settings\Guest\Application Data\Microsoft\Internet Explorer\Quick Launch\QuickTime Player.lnk -> C:\Program Files\QuickTime\QuickTimePlayer.exe (Apple Computer, Inc.)
Shortcut: C:\Documents and Settings\Guest\Application Data\Microsoft\Internet Explorer\Quick Launch\RealPlayer.lnk -> C:\Program Files\real\RealPlayer\realplay.exe (RealNetworks, Inc.)
Shortcut: C:\Documents and Settings\LocalService\Start Menu\Programs\Accessories\Synchronize.lnk -> C:\WINDOWS\system32\mobsync.exe (Microsoft Corporation)

ShortcutWithArgument: C:\Documents and Settings\Administrator\Start Menu\Programs\Install Microsoft Money 2005.lnk -> C:\hp\bin\cloaker.exe (Hewlett-Packard Co.) -> c:\hp\bin\commands /ww /lw:c:\hp\bin\IFC\Money\lg.ini cmd /c c:\hp\bin\IFC\ifc.cmd

c:\hp\recovery\links\apprec.lnk
ShortcutWithArgument: C:\Documents and Settings\Administrator\Start Menu\Programs\Install WeatherBug.lnk -> C:\hp\bin\cloaker.exe (Hewlett-Packard Co.) -> c:\hp\bin\commands /ww /lw:c:\hp\bin\IFC\WeatherBug\lg.ini cmd /c c:\hp\bin\IFC\ifc.cmd

c:\hp\recovery\links\apprec.lnk
ShortcutWithArgument: C:\Documents and Settings\Administrator\Start Menu\Programs\Remote Assistance.lnk -> C:\WINDOWS\system32\rcimlby.exe (Microsoft Corporation) -> -LaunchRA
ShortcutWithArgument: C:\Documents and Settings\Administrator\Start Menu\Programs\Quicken\Install Quicken New User Edition.lnk -> C:\hp\bin\cloaker.exe (Hewlett-Packard Co.) -> c:\hp\bin\commands /ww /lw:c:\hp\bin\IFC\Quicken_NUE\lg.ini cmd /c c:\hp\bin\IFC\ifc.cmd

c:\hp\recovery\links\apprec.lnk
ShortcutWithArgument: C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories\Accessibility\Utility Manager.lnk -> C:\WINDOWS\system32\utilman.exe (Microsoft Corporation) -> /start
ShortcutWithArgument: C:\Documents and Settings\Administrator\Desktop\Help and Support.lnk -> C:\WINDOWS\pchealth\helpctr\binaries\helpctr.exe (Microsoft Corporation) -> /mode hcp://system/panels/HSCFullScreen.xml /url hcp://services/centers/homepage
ShortcutWithArgument: C:\Documents and Settings\Administrator Pam\Start Menu\Programs\Install Microsoft Money 2005.lnk -> C:\hp\bin\cloaker.exe (Hewlett-Packard Co.) -> c:\hp\bin\commands /ww /lw:c:\hp\bin\IFC\Money\lg.ini cmd /c c:\hp\bin\IFC\ifc.cmd

c:\hp\recovery\links\apprec.lnk
ShortcutWithArgument: C:\Documents and Settings\Administrator Pam\Start Menu\Programs\Install WeatherBug.lnk -> C:\hp\bin\cloaker.exe (Hewlett-Packard Co.) -> c:\hp\bin\commands /ww /lw:c:\hp\bin\IFC\WeatherBug\lg.ini cmd /c c:\hp\bin\IFC\ifc.cmd

c:\hp\recovery\links\apprec.lnk
ShortcutWithArgument: C:\Documents and Settings\Administrator Pam\Start Menu\Programs\Remote Assistance.lnk -> C:\WINDOWS\system32\rcimlby.exe (Microsoft Corporation) -> -LaunchRA
ShortcutWithArgument: C:\Documents and Settings\Administrator Pam\Start Menu\Programs\Windows Media Player.lnk -> C:\Program Files\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\Documents and Settings\Administrator Pam\Start Menu\Programs\Quicken\Install Quicken New User Edition.lnk -> C:\hp\bin\cloaker.exe (Hewlett-Packard Co.) -> c:\hp\bin\commands /ww /lw:c:\hp\bin\IFC\Quicken_NUE\lg.ini cmd /c c:\hp\bin\IFC\ifc.cmd

c:\hp\recovery\links\apprec.lnk
ShortcutWithArgument: C:\Documents and Settings\Administrator Pam\Start Menu\Programs\Accessories\Accessibility\Utility Manager.lnk -> C:\WINDOWS\system32\utilman.exe (Microsoft Corporation) -> /start
ShortcutWithArgument: C:\Documents and Settings\Administrator Pam\Desktop\Help and Support.lnk -> C:\WINDOWS\pchealth\helpctr\binaries\helpctr.exe (Microsoft Corporation) -> /mode hcp://system/panels/HSCFullScreen.xml /url hcp://services/centers/homepage
ShortcutWithArgument: C:\Documents and Settings\All Users\Start Menu\Programs\Tweaking.com\Windows Repair (All in One)\Uninstall Tweaking.com - Windows Repair (All in One).lnk -> C:\Program Files\Tweaking.com\Windows Repair (All in One)\uninstall.exe (Indigo Rose Corporation) -> "/U:C:\Program Files\Tweaking.com\Windows Repair (All in One)\Uninstall\uninstall.xml"
ShortcutWithArgument: C:\Documents and Settings\All Users\Start Menu\Programs\RealNetworks\RealPlayer Converter.lnk -> C:\Program Files\real\realplayer\realconverter.exe (RealNetworks, Inc.) -> /launch:start_menu
ShortcutWithArgument: C:\Documents and Settings\All Users\Start Menu\Programs\RealNetworks\RealPlayer Trimmer.lnk -> C:\Program Files\real\realplayer\realtrimmer.exe (RealNetworks, Inc.) -> /launch:start_menu
ShortcutWithArgument: C:\Documents and Settings\All Users\Start Menu\Programs\RealNetworks\RealPlayer.lnk -> C:\Program Files\real\realplayer\realplay.exe (RealNetworks, Inc.) -> /launch:start_menu
ShortcutWithArgument: C:\Documents and Settings\All Users\Start Menu\Programs\Comodo\GeekBuddy\GeekBuddy.lnk -> C:\Program Files\Comodo\GeekBuddy\launcher.exe (Comodo Security Solutions, Inc.) -> "unit_manager.exe" "lps-ca"
ShortcutWithArgument: C:\Documents and Settings\All Users\Start Menu\Programs\Comodo\COMODO Internet Security\Add and Remove components.lnk -> C:\WINDOWS\system32\msiexec.exe (Microsoft Corporation) -> /I{F1EC4151-805B-4097-B9BB-7D71A417AAF1}
ShortcutWithArgument: C:\Documents and Settings\All Users\Start Menu\Programs\Comodo\COMODO Internet Security\COMODO Internet Security.lnk -> C:\Program Files\Comodo\COMODO Internet Security\cistray.exe (COMODO) -> --shortcut
ShortcutWithArgument: C:\Documents and Settings\All Users\Start Menu\Programs\Accessories\Scanner and Camera Wizard.lnk -> C:\WINDOWS\system32\wiaacmgr.exe (Microsoft Corporation) -> -SelectDevice
ShortcutWithArgument: C:\Documents and Settings\All Users\Desktop\COMODO Internet Security.lnk -> C:\Program Files\Comodo\COMODO Internet Security\cistray.exe (COMODO) -> --shortcut
ShortcutWithArgument: C:\Documents and Settings\All Users\Desktop\GeekBuddy.lnk -> C:\Program Files\Comodo\GeekBuddy\launcher.exe (Comodo Security Solutions, Inc.) -> "unit_manager.exe" "lps-ca"
ShortcutWithArgument: C:\Documents and Settings\All Users\Desktop\RealPlayer.lnk -> C:\Program Files\real\realplayer\realplay.exe (RealNetworks, Inc.) -> /launch:desktop
ShortcutWithArgument: C:\Documents and Settings\Biomed\Start Menu\Programs\Install Microsoft Money 2005.lnk -> C:\hp\bin\cloaker.exe (Hewlett-Packard Co.) -> c:\hp\bin\commands /ww /lw:c:\hp\bin\IFC\Money\lg.ini cmd /c c:\hp\bin\IFC\ifc.cmd

c:\hp\recovery\links\apprec.lnk
ShortcutWithArgument: C:\Documents and Settings\Biomed\Start Menu\Programs\Install WeatherBug.lnk -> C:\hp\bin\cloaker.exe (Hewlett-Packard Co.) -> c:\hp\bin\commands /ww /lw:c:\hp\bin\IFC\WeatherBug\lg.ini cmd /c c:\hp\bin\IFC\ifc.cmd

c:\hp\recovery\links\apprec.lnk
ShortcutWithArgument: C:\Documents and Settings\Biomed\Start Menu\Programs\Remote Assistance.lnk -> C:\WINDOWS\system32\rcimlby.exe (Microsoft Corporation) -> -LaunchRA
ShortcutWithArgument: C:\Documents and Settings\Biomed\Start Menu\Programs\Windows Media Player.lnk -> C:\Program Files\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\Documents and Settings\Biomed\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk -> C:\Program Files\ERUNT\AUTOBACK.EXE () -> %SystemRoot%\ERDNT\AutoBackup\#Date# /noconfirmdelete /noprogresswindow
ShortcutWithArgument: C:\Documents and Settings\Biomed\Start Menu\Programs\Startup\Seagate NA0L6FDC Product Registration.lnk -> C:\Documents and Settings\Biomed\Application Data\Leadertech\PowerRegister\Seagate NA0L6FDC Product Registration.exe (Leader Technologies/Seagate) -> /remind /language=ENU /SRNM="NA0L6FDC" /BRND="Seagate" /BDSR="Seagate NA0L6FDC" /loadsrnm="NA0L6FDC"
ShortcutWithArgument: C:\Documents and Settings\Biomed\Start Menu\Programs\Startup\Seagate Product Registration.lnk -> C:\Documents and Settings\Biomed\Application Data\Leadertech\PowerRegister\Seagate Product Registration.exe (Leader Technologies/Seagate) -> /remind /language=ENU /BRND="Seagate" /BDSR="Seagate"
ShortcutWithArgument: C:\Documents and Settings\Biomed\Start Menu\Programs\Quicken\Install Quicken New User Edition.lnk -> C:\hp\bin\cloaker.exe (Hewlett-Packard Co.) -> c:\hp\bin\commands /ww /lw:c:\hp\bin\IFC\Quicken_NUE\lg.ini cmd /c c:\hp\bin\IFC\ifc.cmd

c:\hp\recovery\links\apprec.lnk
ShortcutWithArgument: C:\Documents and Settings\Biomed\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -extoff
ShortcutWithArgument: C:\Documents and Settings\Biomed\Start Menu\Programs\Accessories\Accessibility\Utility Manager.lnk -> C:\WINDOWS\system32\utilman.exe (Microsoft Corporation) -> /start
ShortcutWithArgument: C:\Documents and Settings\Biomed\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk -> C:\Program Files\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\Documents and Settings\Default User\Start Menu\Programs\Install Microsoft Money 2005.lnk -> C:\hp\bin\cloaker.exe (Hewlett-Packard Co.) -> c:\hp\bin\commands /ww /lw:c:\hp\bin\IFC\Money\lg.ini cmd /c c:\hp\bin\IFC\ifc.cmd

c:\hp\recovery\links\apprec.lnk
ShortcutWithArgument: C:\Documents and Settings\Default User\Start Menu\Programs\Install WeatherBug.lnk -> C:\hp\bin\cloaker.exe (Hewlett-Packard Co.) -> c:\hp\bin\commands /ww /lw:c:\hp\bin\IFC\WeatherBug\lg.ini cmd /c c:\hp\bin\IFC\ifc.cmd

c:\hp\recovery\links\apprec.lnk
ShortcutWithArgument: C:\Documents and Settings\Default User\Start Menu\Programs\Remote Assistance.lnk -> C:\WINDOWS\system32\rcimlby.exe (Microsoft Corporation) -> -LaunchRA
ShortcutWithArgument: C:\Documents and Settings\Default User\Start Menu\Programs\Quicken\Install Quicken New User Edition.lnk -> C:\hp\bin\cloaker.exe (Hewlett-Packard Co.) -> c:\hp\bin\commands /ww /lw:c:\hp\bin\IFC\Quicken_NUE\lg.ini cmd /c c:\hp\bin\IFC\ifc.cmd

c:\hp\recovery\links\apprec.lnk
ShortcutWithArgument: C:\Documents and Settings\Default User\Start Menu\Programs\Accessories\Accessibility\Utility Manager.lnk -> C:\WINDOWS\system32\utilman.exe (Microsoft Corporation) -> /start
ShortcutWithArgument: C:\Documents and Settings\Default User\Desktop\Help and Support.lnk -> C:\WINDOWS\pchealth\helpctr\binaries\helpctr.exe (Microsoft Corporation) -> /mode hcp://system/panels/HSCFullScreen.xml /url hcp://services/centers/homepage
ShortcutWithArgument: C:\Documents and Settings\Guest\Start Menu\Programs\Install Microsoft Money 2005.lnk -> C:\hp\bin\cloaker.exe (Hewlett-Packard Co.) -> c:\hp\bin\commands /ww /lw:c:\hp\bin\IFC\Money\lg.ini cmd /c c:\hp\bin\IFC\ifc.cmd

c:\hp\recovery\links\apprec.lnk
ShortcutWithArgument: C:\Documents and Settings\Guest\Start Menu\Programs\Install WeatherBug.lnk -> C:\hp\bin\cloaker.exe (Hewlett-Packard Co.) -> c:\hp\bin\commands /ww /lw:c:\hp\bin\IFC\WeatherBug\lg.ini cmd /c c:\hp\bin\IFC\ifc.cmd

c:\hp\recovery\links\apprec.lnk
ShortcutWithArgument: C:\Documents and Settings\Guest\Start Menu\Programs\Remote Assistance.lnk -> C:\WINDOWS\system32\rcimlby.exe (Microsoft Corporation) -> -LaunchRA
ShortcutWithArgument: C:\Documents and Settings\Guest\Start Menu\Programs\Windows Media Player.lnk -> C:\Program Files\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\Documents and Settings\Guest\Start Menu\Programs\Quicken\Install Quicken New User Edition.lnk -> C:\hp\bin\cloaker.exe (Hewlett-Packard Co.) -> c:\hp\bin\commands /ww /lw:c:\hp\bin\IFC\Quicken_NUE\lg.ini cmd /c c:\hp\bin\IFC\ifc.cmd

c:\hp\recovery\links\apprec.lnk
ShortcutWithArgument: C:\Documents and Settings\Guest\Start Menu\Programs\Accessories\Accessibility\Utility Manager.lnk -> C:\WINDOWS\system32\utilman.exe (Microsoft Corporation) -> /start
ShortcutWithArgument: C:\Documents and Settings\Guest\Desktop\Help and Support.lnk -> C:\WINDOWS\pchealth\helpctr\binaries\helpctr.exe (Microsoft Corporation) -> /mode hcp://system/panels/HSCFullScreen.xml /url hcp://services/centers/homepage

InternetURL: C:\Documents and Settings\Administrator\Favorites\MSN.com.url -> hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=IStart
InternetURL: C:\Documents and Settings\Administrator\Favorites\Radio Station Guide.url -> hxxp://www.microsoft.com/isapi/redir.dll?prd=windows&sbp=mediaplayer&plcid=&pver=6.1&os=&over=&olcid=&clcid=&ar=Media&sba=RadioBar&o1=&o2=&o3=
InternetURL: C:\Documents and Settings\Administrator\Favorites\Links\Free Hotmail.url -> hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=hotmail
InternetURL: C:\Documents and Settings\Administrator\Favorites\Links\Suggested Sites.url -> https://ieonline.microsoft.com/#ieslice
InternetURL: C:\Documents and Settings\Administrator Pam\Favorites\MSN.com.url -> hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=IStart
InternetURL: C:\Documents and Settings\Administrator Pam\Favorites\Radio Station Guide.url -> hxxp://www.microsoft.com/isapi/redir.dll?prd=windows&sbp=mediaplayer&plcid=&pver=6.1&os=&over=&olcid=&clcid=&ar=Media&sba=RadioBar&o1=&o2=&o3=
InternetURL: C:\Documents and Settings\Administrator Pam\Favorites\Microsoft Websites\IE Add-on site.url -> hxxp://go.microsoft.com/fwlink/?LinkId=50893
InternetURL: C:\Documents and Settings\Administrator Pam\Favorites\Microsoft Websites\IE site on Microsoft.com.url -> hxxp://go.microsoft.com/fwlink/?linkid=44661
InternetURL: C:\Documents and Settings\Administrator Pam\Favorites\Microsoft Websites\Microsoft At Home.url -> hxxp://go.microsoft.com/fwlink/?linkid=55424
InternetURL: C:\Documents and Settings\Administrator Pam\Favorites\Microsoft Websites\Microsoft At Work.url -> hxxp://go.microsoft.com/fwlink/?linkid=68920
InternetURL: C:\Documents and Settings\Administrator Pam\Favorites\Microsoft Websites\Microsoft Store.url -> hxxp://go.microsoft.com/fwlink/?linkid=140813
InternetURL: C:\Documents and Settings\Administrator Pam\Favorites\Links\Free Hotmail.url -> hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=hotmail
InternetURL: C:\Documents and Settings\Administrator Pam\Favorites\Links\Suggested Sites.url -> https://ieonline.microsoft.com/#ieslice
InternetURL: C:\Documents and Settings\Administrator Pam\Favorites\Links\Web Slice Gallery.url -> hxxp://go.microsoft.com/fwlink/?LinkId=121315
InternetURL: C:\Documents and Settings\All Users\Start Menu\Programs\CCleaner\CCleaner Homepage.url -> hxxp://www.piriform.com/ccleaner
InternetURL: C:\Documents and Settings\Biomed\Start Menu\Programs\CCleaner\CCleaner Homepage.url -> hxxp://www.ccleaner.com/
InternetURL: C:\Documents and Settings\Biomed\Favorites\Microsoft Exchange - Outlook Web Access.url -> https://webmail.iredellmemorial.org/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fwebmail.iredellmemorial.org%2fowa%2f
InternetURL: C:\Documents and Settings\Biomed\Favorites\Microsoft Store Online - Windows 7.url -> hxxp://www.microsoftstore.com/store/msstore/en_US/list/categoryID.50726100
InternetURL: C:\Documents and Settings\Biomed\Favorites\RCA TV cable Hook up diagram.url -> hxxp://dl.owneriq.net/5/562ac210-72f8-dc94-850e-bb440ca53415.pdf
InternetURL: C:\Documents and Settings\Biomed\Favorites\super antispyware forum, help\Help!! I have a broken file association in registry and alot more!! - SUPERAntiSpyware.com.url -> hxxp://forums.superantispyware.com/index.php?/topic/4758-help-i-have-a-broken-file-association-in-registry-and-alot-more/
InternetURL: C:\Documents and Settings\Biomed\Favorites\Road Runner\Benefits.url -> hxxp://www.rr.com/home/benefits
InternetURL: C:\Documents and Settings\Biomed\Favorites\Road Runner\Help.url -> hxxp://help.rr.com
InternetURL: C:\Documents and Settings\Biomed\Favorites\Road Runner\Home Page.url -> hxxp://www.rr.com/
InternetURL: C:\Documents and Settings\Biomed\Favorites\Road Runner\Password Help.url -> hxxp://help.rr.com/password/
InternetURL: C:\Documents and Settings\Biomed\Favorites\Pam's\ADP ezLabor.url -> hxxp://workforceportal.elabor.com/
InternetURL: C:\Documents and Settings\Biomed\Favorites\Pam's\Amazon Books.url -> hxxp://www.amazon.com/books-used-books-textbooks/b/ref=sa_menu_bo0?ie=UTF8&node=283155
InternetURL: C:\Documents and Settings\Biomed\Favorites\Pam's\Barn Quilting.url -> hxxp://barnquilting.ning.com/
InternetURL: C:\Documents and Settings\Biomed\Favorites\Pam's\Fidelity Investments.url -> https://www.fidelity.com/
InternetURL: C:\Documents and Settings\Biomed\Favorites\Pam's\HSA-OptumHealth Bank.url -> https://secure.optumhealthbank.com/PBI_PBI1961/Pbi1961.asp?Rt=124384877&LogonBy=connect3&PrmAccess=Account&AFC=00001
InternetURL: C:\Documents and Settings\Biomed\Favorites\Pam's\Huntington Bank.url -> https://www.huntington.com/
InternetURL: C:\Documents and Settings\Biomed\Favorites\Pam's\Iredell Memorial Hospital.url -> hxxp://www.iredellmemorial.org/staffonly.aspx
InternetURL: C:\Documents and Settings\Biomed\Favorites\Pam's\LunchPrepay.url -> https://www.lunchprepay.com/Redirection.aspx
InternetURL: C:\Documents and Settings\Biomed\Favorites\Pam's\Nutrition facts and calories .url -> hxxp://nutritiondata.self.com/
InternetURL: C:\Documents and Settings\Biomed\Favorites\Pam's\Paystubs.url -> https://portal.adp.com/public/index.htm
InternetURL: C:\Documents and Settings\Biomed\Favorites\Pam's\Piedmont Bank.url -> hxxp://www.yadkinvalleybank.com/
InternetURL: C:\Documents and Settings\Biomed\Favorites\Pam's\The World's Healthiest Foods.url -> hxxp://whfoods.org/
InternetURL: C:\Documents and Settings\Biomed\Favorites\Pam's\TV Episodes Online.url -> hxxp://video.tvguide.com/episodes.aspx
InternetURL: C:\Documents and Settings\Biomed\Favorites\Pam's\United Credit Union.url -> https://www.unitedfcu.com/
InternetURL: C:\Documents and Settings\Biomed\Favorites\Pam's\Wachovia Bank.url -> hxxp://www.wachovia.com/
InternetURL: C:\Documents and Settings\Biomed\Favorites\Pam\amazon book reviews.url -> hxxp://www.amazon.com/
InternetURL: C:\Documents and Settings\Biomed\Favorites\Pam\LunchPrepay.url -> https://www.lunchprepay.com/Redirection.aspx
InternetURL: C:\Documents and Settings\Biomed\Favorites\Pam\PaperBackSwap Member Login.url -> https://secure.paperbackswap.com/members/login.php
InternetURL: C:\Documents and Settings\Biomed\Favorites\Pam\Wachovia.url -> https://onlineservices.wachovia.com/auth/AuthService?action=presentLogin&url=https%3a//onlineservices.wachovia.com/NASApp/NavApp/Titanium%3faction%3dreturnHome
InternetURL: C:\Documents and Settings\Biomed\Favorites\Microsoft Websites\IE Add-on site.url -> hxxp://go.microsoft.com/fwlink/?LinkId=50893
InternetURL: C:\Documents and Settings\Biomed\Favorites\Microsoft Websites\IE site on Microsoft.com.url -> hxxp://go.microsoft.com/fwlink/?linkid=44661
InternetURL: C:\Documents and Settings\Biomed\Favorites\Microsoft Websites\Microsoft At Home.url -> hxxp://go.microsoft.com/fwlink/?linkid=55424
InternetURL: C:\Documents and Settings\Biomed\Favorites\Microsoft Websites\Microsoft At Work.url -> hxxp://go.microsoft.com/fwlink/?linkid=68920
InternetURL: C:\Documents and Settings\Biomed\Favorites\Microsoft Websites\Microsoft Store.url -> hxxp://go.microsoft.com/fwlink/?linkid=140813
InternetURL: C:\Documents and Settings\Biomed\Favorites\Microsoft Websites\Welcome to IE7.url -> hxxp://go.microsoft.com/fwlink/?linkid=68919
InternetURL: C:\Documents and Settings\Biomed\Favorites\Links\Suggested Sites.url -> https://ieonline.microsoft.com/#ieslice
InternetURL: C:\Documents and Settings\Biomed\Favorites\Librarys\ECAC Library.url -> hxxp://www.ecac-parentcenter.org/resources/libraries.htm
InternetURL: C:\Documents and Settings\Biomed\Favorites\Librarys\Iredell Library.url -> hxxp://hip.iredell.lib.nc.us/ipac20/ipac.jsp?&profile=web&menu=account
InternetURL: C:\Documents and Settings\Biomed\Favorites\Librarys\Mooresville Library.url -> hxxp://68.71.163.2:81/ipac20/ipac.jsp?profile=mpl--1&menu=account
InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Best-1 Hummingbird Feeder 32 Ounce.url -> hxxp://www.northwestnatureshop.com/Birds_and_Backyards/Bird_and_Wildlife_Feeders/Hummingbird_and_Oriole_Feeders/220.html
InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Bottles - Glass and Plasticware - Equipment & Supplies - Carolina Biological Supply Company.url -> hxxp://www.carolina.com/category/equipment+and+supplies/glass+and+plasticware/bottles.do?s_cid=ppc_gl_bottles&gclid=CMCh3_f1iqQCFYdh2godtnOxqQ
InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Browsing SPECIAL APPLICATION plastic bottles.url -> hxxp://shop.tps-online.com/browse.cfm/2,262.html
InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Browsing Store - SQUEEZE JET W-CAP 60ML.url -> hxxp://shop.tps-online.com/browse.cfm/4,1869.html
InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Citizen science People power Nature News.url -> hxxp://www.nature.com/news/2010/100804/full/466685a.html
InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Dispenser Bottles & Leak-Proof Oilers.url -> hxxp://www.tecratools.com/pages/assorted/bottles.html
InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Free Circular Saw Cutting Guide Plan - Free Panel Saw Plans.url -> hxxp://wayneofthewoods.com/circular-saw-cutting-guide.html
InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Free Gun Rack Plans - How to Build a Gun Rack.url -> hxxp://wayneofthewoods.com/gunrack.html
InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Free Step Stool Plans - How to Build A Step Stool.url -> hxxp://wayneofthewoods.com/stool.html
InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Free Table Saw Extension Plans - Free Panel Saw Plans.url -> hxxp://wayneofthewoods.com/table-saw-extension.html
InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Free Wood Building Plans - Free Woodworking Plans.url -> hxxp://wayneofthewoods.com/freeplans.htm
InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\G.E. Christmas Bulbs and light sets.url -> hxxp://fp.enter.net/~jpill612/page2/jsp_pg2.htm
InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\How to Build a Custom Doghouse, from Ron Hazelton.url -> hxxp://www.ronhazelton.com/archives/howto/doghouse_construction.shtm
InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\http--www.diamondbackironworks.com-GOOGLE9e64d9483d5b3dca.html.url -> hxxp://www.diamondbackironworks.com/GOOGLE9e64d9483d5b3dca.html
InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Jensen Global Inc - Dispensing Systems -- Bottles.url -> hxxp://jensenglobal.com/cgi-bin/jgd1/bottles.html
InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Journey North Hummingbird Migration.url -> hxxp://www.learner.org/jnorth/tm/humm/AboutSpring.html
InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Lake Norman Covekeepers — Catawba Riverkeeper Foundation.url -> hxxp://www.catawbariverkeeper.org/our-work/covekeepers/lake-norman-covekeepers
InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Micro-Tools.url -> hxxp://www.micro-tools.com/store/
InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\NC Whisper Momma Atmospheric Forge-Centaur Forge.url -> hxxp://www.centaurforge.com/NC-Whisper-Momma-Atmospheric-Forge/productinfo/NCMOMMA/
InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Needle Tip Dispensing Plastic Bottles – HDPE - Freund Container & Supply.url -> hxxp://www.freundcontainer.com/product.asp_Q_pn_E_3112B03_A_cn_E_401
InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Patrick McKenna, Comedian, on His ADHD ADDitude - Attention Deficit Information and Resources.url -> hxxp://www.additudemag.com/adhd/article/7657.html
InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Plastic Bottles.url -> hxxp://www.containerandpackaging.com/subtype.asp?itemtype=Plastic_Bottles&gad=plastic_bottle&gclid=CKLz56n1iqQCFctW2godYRwzIw
InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Plastic Dispensing Caps.url -> hxxp://www.sks-bottle.com/340c/C2.html
InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Specialty Bottle - Glass & Plastic Bottles Jars Vials Tins Other Containers.url -> hxxp://www.specialtybottle.com/?gclid=CJer1rf3iqQCFbBe7AodmWxwGw
InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Squeeze bottle dispenser - Shop sales, stores & prices at TheFind.com.url -> hxxp://www.thefind.com/kitchen/info-squeeze-bottle-dispenser
InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Squeeze bottle dispenser at TheFind - Search, discover and compare prices.url -> hxxp://www.thefind.com/search?query=squeeze+bottle+dispenser&filter%5Bquery%5D=squeeze+bottle+dispenser&filter%5Bcategoryorder%5D=EwMDCwUMDwkQDQYOFgoRGAIZAQgHCAAOAAwA&filter%5Bqpcookie%5D=%24%24K87ILy9ITE8tqSxItTXUAQA%3D&filter[category]=craft_supplies
InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Steals and Deals Thermal shirt, beauty kit, jewelry - Holiday Guide - TODAYshow.com.url -> hxxp://today.msnbc.msn.com/id/40421556/ns/today-holiday_guide/
InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\The Network for Citizen Science Projects & Resources Science for Citizens.url -> hxxp://scienceforcitizens.net/
InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Tooltron Industries - Squeeze Bottle with needle tips.url -> hxxp://www.tooltron.com/products_jewelry_beading/2_oz_squeeze_bottle.html
InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\World War II Historical Preservation Federation Rules of Authenticity.url -> hxxp://www.wwiifederation.org/command.html
InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\World War II Veterans of the Battle of the Bulge Association The Ardennes Offensive.url -> hxxp://www.battleofthebulge.org/index.html
InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Wood working library,free books\Masters' Library - Woodworking Tools - Design, Production and Use - Historical Books - wkFineTools.com.url -> hxxp://www.wkfinetools.com/mLibrary/mLibrary_index.asp
InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Wineries to visit\Welcome to the website for Starrlight Mead! Starrlight Mead.url -> hxxp://starrlightmead.com/
InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Watch forum\Can anyone give me some information on this Bucherer Pocket Watch.url -> hxxp://forums.watchuseek.com/f11/can-anyone-give-me-some-information-bucherer-pocket-watch-508505.html
InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Stainless steel needle oiler bottles\Needle applicator - Shop sales, stores & prices at TheFind.com.url -> hxxp://www.thefind.com/office/info-needle-applicator
InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Recipes\Breast milk ice cream + Poppy Seed Baby Fig & Cherry.url -> hxxp://www.figandcherry.com/food-news/breast-milk-ice-cream-poppy-seed-baby/
InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Recipes\Gluten-free recipes, from The Dr. Oz Show.url -> hxxp://www.doctoroz.com/videos?page=2&tid=All&tid_1=147
InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Recipes\The Saturday Evening Pot Star Recipes.url -> hxxp://www.thesaturdayeveningpot.com/p/star-recipes.html
InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Pocket watch information, ..reallly good info!\Antique Pocket Watch...your source for everything pocket watch!.url -> hxxp://www.antique-pocket-watch.com/
InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Pocket watch information, ..reallly good info!\Barry S. Goldberg's Pocket Watch Collection - Helpful Information.url -> hxxp://barrygoldberg.net/watchinfo2.htm
InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Pocket watch information, ..reallly good info!\Hamilton Watch Co. - National Association of Watch and Clock Collectors Message Board.url -> hxxp://mb.nawcc.org/showwiki.php?title=Hamilton+Watch+Co
InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Pocket watch information, ..reallly good info!\Hampden Watch Co. - National Association of Watch and Clock Collectors Message Board.url -> hxxp://mb.nawcc.org/showwiki.php?title=Hampden+Watch+Co
InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Pocket watch information, ..reallly good info!\Welcome to the NAWCC School of Horology Watchmakers and Clockmakers General.url -> hxxp://www.horology.edu/
InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Pocket watch information, ..reallly good info!\[ELGIN] Documents and Pictures.url -> hxxp://elginwatches.org/scans/sales_catalogs/1917_Oskamp-Nolting/m_pg_DH02.html
InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Pocket watch chain and Fobs\Cowboy Emporium Watch Chains and Fobs.url -> hxxp://www.cemp.com/chains.htm
InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\N.C. Railroad Station Photos\http--www.pwrr.org-nstation-index.html.url -> hxxp://www.pwrr.org/nstation/index.html
InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Model railroading info\CSD Home.url -> hxxp://www.carolinasouthern.org/
InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Model railroading info\Visit and volunteer at Train Town in Hickory, NC.url -> hxxp://www.carolinasouthern.org/TrainTown.htm
InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Humming bird info\Building Your Own Hummingbird Feeder.url -> hxxp://howtoenjoyhummingbirds.com/building_your_own_hummingbird_feeder.htm
InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Humming bird info\Erva 14 Inch Weather Guard With Ant Moat.url -> hxxp://www.northwestnatureshop.com/Birds_and_Backyards/Birds_and_Backyards_by_Brand/Erva_Tool_and_Manufacturing/203.html
InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\heating and cooling help\http--www.toolbase.org-pdf-designguides-doe_airdistributionsysteminstallation.pdf.url -> hxxp://www.toolbase.org/pdf/designguides/doe_airdistributionsysteminstallation.pdf
InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Free card games, play online\Julianne Giffin's 500 Club. 500 Card Game. Five Hundred Card Game. Play the card game Five Hundred (500) online.url -> hxxp://www.juliannegiffin.com/500/500_intro.jsp
InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Free card games, play online\The Deck of Cards.url -> hxxp://www.thedeckofcards.com/
InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Farming Info and tips\Agriculture equipment, farm magazines, farm equipment, farm inventions, farm machinery, agriculture machinery.url -> hxxp://www.farmshow.com/default.asp
InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Elgin watch info,   the 315 grade watch\Cleaning watch dials.url -> hxxp://www.cwrnh.com/techpages/cleaning_watch_dials.htm
InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Elgin watch info,   the 315 grade watch\HOW TO CLEAN AND OIL A VINTAGE MECHANICAL WRIST WATCH OR POCKET WATCH REPAIR.url -> hxxp://thewatchguy.homestead.com/pages/repair.html
InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Elgin watch info,   the 315 grade watch\Making the Elgin Grade 315.url -> hxxp://www.rdrop.com/~jsexton/watches/museum/elgin28563994.html
InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Computer help\Foner Books - Publishing Books and eBooks For Do-It-Yourself.url -> hxxp://www.fonerbooks.com/
InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Computer help\HowStuffWorks Videos Episode 6 - Home Network Primer.url -> hxxp://videos.howstuffworks.com/labrats-tv/829-episode-6-home-network-primer-video.htm
InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Computer help\Speed test sites\Speedtest.net - The Global Broadband Speed Test.url -> hxxp://speedtest.net/
InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Computer help\Speed test sites\Time Warner Bandwidth Speed Test.url -> hxxp://speedtest.twcnc.com/
InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\Bird plans for houses and more, and not only birds\Meisel Hardware Specialties.url -> hxxp://www.meiselwoodhobby.com/Products/ViewCategory.aspx?ID=2912&Path=50
InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\ADHD help\ADHD documentary starts airing on PBS today – November 26, 2010 - Toronto adhd Examiner.com.url -> hxxp://www.examiner.com/adhd-in-toronto/adhd-documentary-starts-airing-on-pbs-today-november-26-2010?render=print
InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\ADHD help\Career Advice Finding Right Job for ADHD Adults ADDitude - Attention Deficit Information & Resources.url -> hxxp://www.additudemag.com/adhd/article/1497.html
InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\ADHD help\Celebrities With ADHD.url -> hxxp://www.healthcentral.com/adhd/understanding-adhd-161681-5_3.html
InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\ADHD help\Dr Hallowell.url -> hxxp://www.drhallowell.com/
InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\ADHD help\http--totallyadd.com-about-the-team-.url -> hxxp://totallyadd.com/about/the-team/
InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\ADHD help\http--totallyadd.com-links-.url -> hxxp://totallyadd.com/links/
InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\ADHD help\http--www.zoominfo.com-people-Kurtz_Steven_3934022.aspx.url -> hxxp://www.zoominfo.com/people/Kurtz_Steven_3934022.aspx
InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\ADHD help\Keyword Search ADDitude Information on Attention Deficit Symptoms, Diagnosis, Treatment, Parenting and More.url -> hxxp://www.additudemag.com/search/keyword/Career%20Paths%20for%20ADHD%20Adults.html
InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\ADHD help\TotallyADD.com Forums.url -> hxxp://totallyadd.com/forum/
InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\ADHD help\Understanding ADHD Where to find help - Toronto adhd Examiner.com.url -> hxxp://www.examiner.com/adhd-in-toronto/understanding-adhd-where-to-find-help
InternetURL: C:\Documents and Settings\Biomed\Favorites\David's\ADHD help\Wrightslaw - Subscribe to The Special Ed Advocate Newsletter.url -> hxxp://www.wrightslaw.com/subscribe.htm
InternetURL: C:\Documents and Settings\Biomed\Favorites\Beach rentals\http--www.vrbo.com-21797, @ holden beach.url -> hxxp://www.vrbo.com/21797
InternetURL: C:\Documents and Settings\Biomed\Favorites\Beach rentals\http--www.vrbo.com-vacation-rentals-usa-north-carolina-coastal-southern-coast.url -> hxxp://www.vrbo.com/vacation-rentals/usa/north-carolina/coastal/southern-coast
InternetURL: C:\Documents and Settings\Biomed\Favorites\Beach rentals\North Carolina Beach House Rentals, NC Beach House Rentals, GreatRentals.url -> hxxp://www.greatrentals.com/nc/nccoastal.html
InternetURL: C:\Documents and Settings\Biomed\desktop\Microsoft Fix it.url -> hxxp://go.microsoft.com/fwlink/?LinkId=152693
InternetURL: C:\Documents and Settings\Biomed\desktop\Pam\Pay Stubs.url -> https://portal.adp.com/public/index.htm
InternetURL: C:\Documents and Settings\Default User\Favorites\MSN.com.url -> hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=IStart
InternetURL: C:\Documents and Settings\Default User\Favorites\Radio Station Guide.url -> hxxp://www.microsoft.com/isapi/redir.dll?prd=windows&sbp=mediaplayer&plcid=&pver=6.1&os=&over=&olcid=&clcid=&ar=Media&sba=RadioBar&o1=&o2=&o3=
InternetURL: C:\Documents and Settings\Default User\Favorites\Links\Customize Links.url -> hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=CLinks
InternetURL: C:\Documents and Settings\Default User\Favorites\Links\Free Hotmail.url -> hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=hotmail
InternetURL: C:\Documents and Settings\Default User\Favorites\Links\Windows Marketplace.url -> hxxp://go.microsoft.com/fwlink/?LinkId=30857&clcid=0x409
InternetURL: C:\Documents and Settings\Default User\Favorites\Links\Windows Media.url -> hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=windowsmedia
InternetURL: C:\Documents and Settings\Default User\Favorites\Links\Windows.url -> hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=windows
InternetURL: C:\Documents and Settings\Guest\Favorites\MSN.com.url -> hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=IStart
InternetURL: C:\Documents and Settings\Guest\Favorites\Radio Station Guide.url -> hxxp://www.microsoft.com/isapi/redir.dll?prd=windows&sbp=mediaplayer&plcid=&pver=6.1&os=&over=&olcid=&clcid=&ar=Media&sba=RadioBar&o1=&o2=&o3=
InternetURL: C:\Documents and Settings\Guest\Favorites\Microsoft Websites\IE Add-on site.url -> hxxp://go.microsoft.com/fwlink/?LinkId=50893
InternetURL: C:\Documents and Settings\Guest\Favorites\Microsoft Websites\IE site on Microsoft.com.url -> hxxp://go.microsoft.com/fwlink/?linkid=44661
InternetURL: C:\Documents and Settings\Guest\Favorites\Microsoft Websites\Microsoft At Home.url -> hxxp://go.microsoft.com/fwlink/?linkid=55424
InternetURL: C:\Documents and Settings\Guest\Favorites\Microsoft Websites\Microsoft At Work.url -> hxxp://go.microsoft.com/fwlink/?linkid=68920
InternetURL: C:\Documents and Settings\Guest\Favorites\Microsoft Websites\Microsoft Store.url -> hxxp://go.microsoft.com/fwlink/?linkid=140813
InternetURL: C:\Documents and Settings\Guest\Favorites\Links\Customize Links.url -> hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=CLinks
InternetURL: C:\Documents and Settings\Guest\Favorites\Links\Free Hotmail.url -> hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=hotmail
InternetURL: C:\Documents and Settings\Guest\Favorites\Links\Web Slice Gallery.url -> hxxp://go.microsoft.com/fwlink/?LinkId=121315
InternetURL: C:\Documents and Settings\Guest\Favorites\Links\Windows Marketplace.url -> hxxp://go.microsoft.com/fwlink/?LinkId=30857&clcid=0x409
InternetURL: C:\Documents and Settings\Guest\Favorites\Links\Windows Media.url -> hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=windowsmedia
InternetURL: C:\Documents and Settings\Guest\Favorites\Links\Windows.url -> hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=windows

==================== End of log =============================

flywelder · November 2, 2014

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 29-10-2014 01
Ran by Biomed at 2014-10-29 11:12:53
Running from C:\Documents and Settings\Biomed\desktop\FRST-OlderVersion
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: COMODO Antivirus (Disabled - Up to date) {043803A5-4F86-4ef7-AFC5-F6E02A79969B}
FW: COMODO Firewall (Disabled) {043803A3-4F86-4ef6-AFC5-F6E02A79969B}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Acrobat.com (Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 2.7.1.19610 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Agere Systems PCI Soft Modem (HKLM\...\Agere Systems Soft Modem) (Version: - )
AiO_Scan (Version: 47.0.1.000 - Hewlett-Packard) Hidden
AiOSoftware (Version: 47.0.1.000 - Hewlett-Packard) Hidden
Amazon Kindle (HKLM\...\Amazon Kindle) (Version: - Amazon)
BackupManager (HKLM\...\{0B0FABBA-6F8D-4087-B0FB-BF8AB57A0FEF}) (Version: 1.00.0000 - GLi)
Belkin Setup and Router Monitor (HKLM\...\Belkin Setup and Router Monitor_is1) (Version: - )
Belkin USB Print and Storage Center (HKLM\...\Belkin USB Print and Storage Center) (Version: 1.0.0 - Belkin International, Inc.)
Blackhawk Striker 2 from Hewlett-Packard Desktops (remove only) (HKLM\...\58D1A004-6D3C-480A-9E0D-FAA58F3C2A62) (Version: - )
Blasterball 2 from Hewlett-Packard Desktops (remove only) (HKLM\...\8C4E79CC-03E1-43AA-9910-9A5113F24603) (Version: - )
Blasterball 2 Holidays from Hewlett-Packard Desktops (remove only) (HKLM\...\B41503CB-5FE0-47E0-87C1-47BA8E660BCC) (Version: - )
Blasterball 2 Remix from Hewlett-Packard Desktops (remove only) (HKLM\...\B151D9AC-5E4E-4AD0-96C9-5A6C9EC23502) (Version: - )
Bounce Symphony from Hewlett-Packard Desktops (remove only) (HKLM\...\D11F7128-8CBD-408B-8BF8-034604DEDD42) (Version: - )
BufferChm (Version: 45.4.157.000 - Hewlett-Packard) Hidden
CameraDrivers (Version: 4.5.0.211 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
Chinese Simplified Fonts Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-2447-0000-900000000003}) (Version: 9.0.0 - Adobe Systems Incorporated)
Comodo Dragon (HKLM\...\Comodo Dragon) (Version: 33.1.0.0 - COMODO)
COMODO Internet Security (HKLM\...\{F1EC4151-805B-4097-B9BB-7D71A417AAF1}) (Version: 6.1.14723.2813 - COMODO Security Solutions Inc.)
Copy (Version: 45.4.157.000 - Hewlett-Packard) Hidden
CP_AtenaShokunin1Config (Version: 45.4.131.000 - Hewlett-Packard) Hidden
cp_dwSharkTaleAlbums1 (Version: 45.4.157.000 - Hewlett-Packard) Hidden
cp_dwSharkTaleCards1 (Version: 45.4.157.000 - Hewlett-Packard) Hidden
cp_dwShrek2Albums1 (Version: 45.4.157.000 - Hewlett-Packard) Hidden
cp_dwShrek2Cards1 (Version: 45.4.157.000 - Hewlett-Packard) Hidden
CP_PLSBusinessFlyers (Version: 45.4.157.000 - Hewlett-Packard) Hidden
CreativeProjects (Version: 45.4.157.000 - Hewlett-Packard) Hidden
CreativeProjectsTemplates (Version: 45.4.157.000 - Hewlett-Packard) Hidden
Crystal Maze from Hewlett-Packard Desktops (remove only) (HKLM\...\DAE7A92A-BAC7-42FA-AC62-53DEF1DC4292) (Version: - )
CueTour (Version: 45.4.157.000 - Hewlett-Packard) Hidden
Destinations (Version: 45.4.157.000 - Hewlett-Packard) Hidden
Director (Version: 45.4.157.000 - Hewlett-Packard) Hidden
Disk SpeedUp 1.4.0.888 (HKLM\...\Disk SpeedUp) (Version: 1.4.0.888 - Glarysoft Ltd)
DocProc (Version: 4.5.0.0 - Hewlett-Packard) Hidden
DocumentViewer (Version: 45.4.157.000 - Hewlett-Packard) Hidden
Easy Internet Sign-up (HKLM\...\InstallShield_{8105684D-8CA6-440D-8F58-7E5FD67A499D}) (Version: FE UI-3.2.0.1491 - Hewlett-Packard)
Easy Internet Sign-up (Version: FE UI-3.2.0.1491 - Hewlett-Packard) Hidden
Enhanced Multimedia Keyboard Solution (HKLM\...\KBD) (Version: - )
ERUNT 1.1j (HKLM\...\ERUNT_is1) (Version: - Lars Hederer)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - )
Family Tree For Dummies (HKLM\...\Family Tree For Dummies_is1) (Version: - Anuman Interactive)
Fax (Version: 47.0.1.000 - Hewlett-Packard) Hidden
Final Drive Nitro from Hewlett-Packard Desktops (remove only) (HKLM\...\741C4983-B139-407A-AD4E-3D6C7B29704B) (Version: - )
GeekBuddy (HKLM\...\{B7A6A044-B9C1-4420-B3F8-5200B523FC84}) (Version: 4.16.114 - Comodo Security Solutions Inc)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: - )
GoToMeeting 4.5.0.457 (HKCU\...\GoToMeeting) (Version: - )
Help and Support Additions (HKLM\...\Help and Support Additions) (Version: 3.0.5 - Hewlett Packard)
High Definition Audio Driver Package - KB835221 (HKLM\...\KB835221WXP) (Version: 20040219.000000 - Microsoft Corporation)
HP Boot Optimizer (HKLM\...\{3BA95526-6AE0-4B87-A62D-17187EF565FC}) (Version: 1.0.2 - Hewlett-Packard)
HP Deskjet Printer Preload (HKLM\...\{2C5D07FB-31A2-4F2D-9FDA-0B24ACD42BD0}) (Version: 10.1.0 - Hewlett-Packard Company)
HP Image Zone 4.8.6 (HKLM\...\HP Photo & Imaging) (Version: 4.8.6 - HP)
HP Image Zone Plus 4.8.6 (HKLM\...\{32498B7B-E1F3-4ad5-A23B-F26414E94BE0}) (Version: 4.8.6 - HP)
HP Organize (HKLM\...\{D0122362-6333-4DE4-93F6-A5A2F3CC101A}) (Version: - )
HP Photosmart Cameras 4.5 (HKLM\...\{ABA2B37F-AB88-486e-870A-52454A23FEE0}) (Version: 4.5 - HP)
HP Product Assistant (Version: 2.0.0.0 - Hewlett-Packard) Hidden
HP Product Detection (HKLM\...\{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}) (Version: 10.7.8.0 - Hewlett-Packard Company)
HP PSC & OfficeJet 4.7 (HKLM\...\{342C7C88-D335-4bc2-8CF1-281857629CE2}) (Version: - HP)
HP Update (HKLM\...\{FE57DE70-95DE-4B64-9266-84DA811053DB}) (Version: 4.000.012.001 - Hewlett-Packard)
HPIZplus450 (Version: 48.2.6.0 - Hewlett-Packard) Hidden
HpSdpAppCoreApp (Version: 3.00.0000 - Hewlett-Packard) Hidden
HPSystemDiagnostics (Version: 1.6.0.0 - Your Company Name) Hidden
IBM iSeries Access for Windows (HKLM\...\ClientAccessExpress) (Version: - )
IBM iSeries Access for Windows SI29771 (HKLM\...\ClientAccessExpressSP) (Version: - )
InstantShare (Version: 45.4.157.000 - Hewlett-Packard) Hidden
Intel® Graphics Media Accelerator Driver (HKLM\...\{8A708DD8-A5E6-11D4-A706-000629E95E20}) (Version: - )
IntelliMover Data Transfer Demo (HKLM\...\{14589F05-C658-4594-9429-D437BA688686}) (Version: - )
InterVideo WinDVD Player (HKLM\...\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}) (Version: 5.0-B11.767 - InterVideo Inc.)
iTunes (HKLM\...\InstallShield_{BE20E2F5-1903-4AAE-B1AF-2046E586C925}) (Version: 4.7.0.42 - Apple Computer, Inc.)
iTunes (Version: 4.7.0.42 - Apple Computer, Inc.) Hidden
Lexibox Deluxe from Hewlett-Packard Desktops (remove only) (HKLM\...\E2A4EA31-80A1-4460-9510-631AF4D6A636) (Version: - )
LS_HSI (Version: 1.4.27.1 - Integrator) Hidden
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Memeo Instant Backup (HKLM\...\{8E666407-AC41-46a2-9692-6C7BFCBFDD37}) (Version: 4.60.0.7923 - Memeo Inc.)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2742597) (HKLM\...\M2742597) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version: - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft Access 2000 SR-1 Runtime (HKLM\...\{004F0409-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.3821 - Microsoft Corporation)
Microsoft Automated Troubleshooting Services Shim (HKLM\...\{c9920352-04e6-469d-bab8-e2b9c7c75415}.sdb) (Version: - )
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Download Manager (HKLM\...\{654977DB-0001-0002-0001-EABD228DDE8B}) (Version: 1.2.1 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Standard Edition 2003 (HKLM\...\{91120409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Plus! Dancer LE (HKLM\...\{1A103D70-5C9B-4E1A-B306-5106C68F9914}) (Version: 1.1.0.3522 - Microsoft Corporation)
Microsoft Plus! Digital Media Edition Installer (HKLM\...\{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}) (Version: 1.1.0.3500 - Microsoft Corporation)
Microsoft Plus! Photo Story 2 LE (HKLM\...\{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}) (Version: 1.1.0.3463 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Works (HKLM\...\{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}) (Version: 08.04.0623 - Microsoft Corporation)
Mozilla Firefox 32.0.3 (x86 en-US) (HKLM\...\Mozilla Firefox 32.0.3 (x86 en-US)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
mp (Version: 05.04.0000 - IBM) Hidden
mpmri (Version: 05.04.0000 - IBM) Hidden
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
muvee autoProducer 4.0 (HKLM\...\{FC10C922-52E9-4739-ACD0-EB0FF035EE7E}) (Version: 4.00.050 - muvee Technologies)
OpenOffice.org 3.3 (HKLM\...\{3E171899-0175-47CC-84C4-562ACDD4C021}) (Version: 3.3.9567 - OpenOffice.org)
Overball from Hewlett-Packard Desktops (remove only) (HKLM\...\6723E59E-322A-417A-8E03-27A61E18253C) (Version: - )
PanoStandAlone (Version: 45.4.157.000 - Hewlett-Packard) Hidden
PC-Doctor for Windows (HKLM\...\InstallShield_{19C989C4-50AE-43A4-B06E-8C70FFFF852F}) (Version: 1.06.005 - PC-Doctor, Inc.)
PC-Doctor for Windows (Version: 1.06.005 - PC-Doctor, Inc.) Hidden
Phoenix Assault from Hewlett-Packard Desktops (remove only) (HKLM\...\7CEF0F00-BA1B-4861-A102-38CC86CA622B) (Version: - )
PhotoGallery (Version: 45.4.157.000 - Hewlett-Packard) Hidden
Polar Bowler from Hewlett-Packard Desktops (remove only) (HKLM\...\36317AE4-57EC-4F3E-B828-009A3DD96BE8) (Version: - )
Polar Golfer from Hewlett-Packard Desktops (remove only) (HKLM\...\B2D3332F-EA2D-42B3-8E4A-F74D052BCBC1) (Version: - )
PrintScreen (Version: 43.1.5.000 - Hewlett-Packard) Hidden
PS2 (HKLM\...\PS2) (Version: - )
PSPrinters06 (Version: 1.00.0000 - HP) Hidden
Python 2.2 pywin32 extensions (build 203) (HKLM\...\pywin32-py2.2) (Version: - )
Python 2.2.3 (HKLM\...\Python 2.2.3) (Version: 2.2.3 - PythonLabs at Zope Corporation)
QFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
QuickProjects (Version: 43.1.5.000 - Hewlett-Packard) Hidden
QuickTime (HKLM\...\QuickTime) (Version: - )
Readme (Version: 47.0.1.000 - Hewlett-Packard) Hidden
RealDownloader (Version: 1.3.3 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Remove Microsoft Money 2005 installer (HKLM\...\Money) (Version: - )
Remove Quicken New User Edition installer (HKLM\...\Quicken_NUE) (Version: - )
Remove WeatherBug installer (HKLM\...\WeatherBug) (Version: - )
Scan (Version: 4.5.0.0 - Hewlett-Packard) Hidden
ScannerCopy (Version: 4.5.0.0 - Hewlett-Packard) Hidden
Seagate Dashboard (HKLM\...\{C3A11907-930D-41AC-A135-CC3B12F92011}) (Version: 1.1.0.1421 - Memeo Inc.)
Shooting Stars Pool from Hewlett-Packard Desktops (remove only) (HKLM\...\14DD9322-0AAE-4DA4-90A9-EB42CF296127) (Version: - )
SkinsHP1 (Version: 45.4.157.000 - Hewlett-Packard) Hidden
Slyder from Hewlett-Packard Desktops (remove only) (HKLM\...\C2C3C2DB-7D8A-4E20-B527-E3149FAECC3A) (Version: - )
Smart Defrag 2 (HKLM\...\Smart Defrag 2_is1) (Version: 2.0.1 - IObit)
Sonic Express Labeler (HKLM\...\{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}) (Version: 2.0.0 - Sonic Solutions)
Sonic MyDVD Plus (HKLM\...\{21657574-BD54-48A2-9450-EB03B2C7FC29}) (Version: 6.1.0 - Sonic Solutions)
Sonic RecordNow Audio (HKLM\...\{AB708C9B-97C8-4AC9-899B-DBF226AC9382}) (Version: 2.0.0 - Sonic Solutions)
Sonic RecordNow Copy (HKLM\...\{B12665F4-4E93-4AB4-B7FC-37053B524629}) (Version: 2.0.0 - Sonic Solutions)
Sonic RecordNow Data (HKLM\...\{075473F5-846A-448B-BCB3-104AA1760205}) (Version: 2.0.0 - Sonic Solutions)
Super Granny from Hewlett-Packard Desktops (remove only) (HKLM\...\3F34F72F-9BB0-4B73-8312-558953ACF56F) (Version: - )
Tradewinds from Hewlett-Packard Desktops (remove only) (HKLM\...\F5215F01-DFC0-475D-A910-6F1AF94E807E) (Version: - )
TrayApp (Version: 45.4.157.000 - Hewlett-Packard) Hidden
Tweaking.com - Windows Repair (All in One) (HKLM\...\Tweaking.com - Windows Repair (All in One)) (Version: 1.9.14 - Tweaking.com)
Unload (Version: 4.5.0 - Hewlett-Packard) Hidden
Updates from HP (HKLM\...\BackWeb-309731 Uninstaller) (Version: - )
Video Mover (HKLM\...\Video Mover_is1) (Version: - )
VS10RuntimeWin32 (Version: 1.0.0 - immunet) Hidden
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
WebReg (Version: 45.4.157.000 - Hewlett-Packard) Hidden
WildTangent Web Driver (HKLM\...\WildTangent CDA) (Version: - )
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version: - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - )
Windows PowerShell 1.0 (HKLM\...\KB926139-v2) (Version: 2 - Microsoft Corporation)
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-605865402-4069305935-1106247723-1011_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files\Citrix\GoToMeeting\457\G2MOutlookAddin.dll (Citrix Online, a division of Citrix Systems, Inc.)

==================== Restore Points =========================

26-09-2014 16:27:23 Configured Seagate Manager Installer
27-09-2014 16:08:05 System Checkpoint
28-09-2014 18:40:20 System Checkpoint
29-09-2014 19:43:06 System Checkpoint
30-09-2014 22:43:42 System Checkpoint
01-10-2014 23:19:13 Software Distribution Service 3.0
03-10-2014 00:12:29 System Checkpoint
04-10-2014 00:28:46 System Checkpoint
05-10-2014 03:29:15 System Checkpoint
06-10-2014 10:23:10 System Checkpoint
06-10-2014 13:17:35 Logitech Webcam Software v12.10.1110
08-10-2014 10:39:06 System Checkpoint
08-10-2014 17:00:20 Software Distribution Service 3.0
10-10-2014 10:47:36 System Checkpoint
10-10-2014 18:38:43 Installed Microsoft Visual C++ 2005 Redistributable
12-10-2014 10:48:37 System Checkpoint
13-10-2014 11:01:13 System Checkpoint
14-10-2014 11:29:41 System Checkpoint
15-10-2014 12:58:41 System Checkpoint
15-10-2014 17:00:20 Software Distribution Service 3.0
16-10-2014 18:28:20 System Checkpoint
18-10-2014 01:05:20 System Checkpoint
19-10-2014 08:53:40 System Checkpoint
20-10-2014 10:36:44 System Checkpoint
21-10-2014 11:24:15 System Checkpoint
22-10-2014 12:09:58 System Checkpoint
22-10-2014 17:00:22 Software Distribution Service 3.0
23-10-2014 17:09:49 System Checkpoint
24-10-2014 18:09:47 System Checkpoint
25-10-2014 19:09:48 System Checkpoint
26-10-2014 20:09:49 System Checkpoint
27-10-2014 21:09:48 System Checkpoint
28-10-2014 21:16:15 System Checkpoint

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2004-08-04 07:00 - 2014-05-11 17:59 - 00000741 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9}.job => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: C:\WINDOWS\Tasks\COMODO Scan {141AECDD-A802-44D4-AD26-9AC193B9807D}.job => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: C:\WINDOWS\Tasks\COMODO Scan {4439D323-FD55-4375-BAD7-6EE4D256E847}.job => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: C:\WINDOWS\Tasks\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22}.job => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: C:\WINDOWS\Tasks\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}.job => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: C:\WINDOWS\Tasks\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}.job => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: C:\WINDOWS\Tasks\Defrag.job => C:\Program Files\Glarysoft\Disk SpeedUp\Defrag.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-605865402-4069305935-1106247723-1011.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-605865402-4069305935-1106247723-1011.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-605865402-4069305935-1106247723-1011.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-605865402-4069305935-1106247723-1011.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\ReclaimerUpdateFiles_Biomed.job => C:\Documents and Settings\Biomed\Application Data\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe
Task: C:\WINDOWS\Tasks\ReclaimerUpdateXML_Biomed.job => C:\Documents and Settings\Biomed\Application Data\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe
Task: C:\WINDOWS\Tasks\RNUpgradeHelperLogonPrompt_Biomed.job => C:\Documents and Settings\Biomed\Application Data\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe

==================== Loaded Modules (whitelisted) =============

2011-03-06 21:35 - 2010-07-28 18:34 - 00022424 _____ () C:\Program Files\Belkin\Router Setup and Monitor\BelkinServicePS.dll
2011-03-06 21:35 - 2010-02-17 19:25 - 00152064 _____ () C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe
2011-03-06 21:35 - 2010-02-09 16:55 - 00049152 _____ () C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe
2014-05-21 06:22 - 2014-05-21 06:22 - 02135232 _____ () C:\Program Files\Comodo\Dragon\dragon_updater.exe
2013-08-14 15:19 - 2013-08-14 15:19 - 00039056 _____ () C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
2011-06-01 12:42 - 2011-06-01 12:42 - 00108296 _____ () C:\Program Files\Seagate\Seagate Dashboard\Memeo.Progress.dll
2011-06-01 12:46 - 2011-06-01 12:46 - 00030984 _____ () C:\Program Files\Seagate\Seagate Dashboard\Plugins\Memeo.Dashboard.SeagateSharePlusPlugin.dll
2011-05-04 17:10 - 2011-05-04 17:10 - 00325344 _____ () C:\Program Files\Memeo\AutoBackup\InstantBackup.exe
2011-05-04 17:10 - 2011-05-04 17:10 - 02896608 _____ () C:\Program Files\Memeo\AutoBackup\Memeo.Client.UI.dll
2011-05-04 17:10 - 2011-05-04 17:10 - 00027360 _____ () C:\Program Files\Memeo\AutoBackup\Memeo.Client.DriveDetection.dll
2010-03-22 18:59 - 2010-03-22 18:59 - 00504293 _____ () C:\Program Files\Memeo\AutoBackup\sqlite3.dll
2011-06-01 12:16 - 2011-06-01 12:16 - 00241664 _____ () C:\Program Files\Seagate\Seagate Dashboard\HipServAgent\libupnp.dll
2011-06-01 12:16 - 2011-06-01 12:16 - 00971776 _____ () C:\Program Files\Seagate\Seagate Dashboard\HipServAgent\libxml2.dll
2011-03-06 21:35 - 2010-06-23 19:11 - 00325632 _____ () C:\Program Files\Belkin\Router Setup and Monitor\QtXml4.dll
2011-03-06 21:35 - 2010-06-23 19:11 - 01954304 _____ () C:\Program Files\Belkin\Router Setup and Monitor\QtCore4.dll
2011-03-06 21:35 - 2010-06-23 19:12 - 07187456 _____ () C:\Program Files\Belkin\Router Setup and Monitor\QtGui4.dll
2011-03-06 21:35 - 2010-06-23 19:11 - 00847360 _____ () C:\Program Files\Belkin\Router Setup and Monitor\QtNetwork4.dll
2011-03-06 21:35 - 2010-06-23 18:38 - 00119808 _____ () C:\Program Files\Belkin\Router Setup and Monitor\imageformats\qjpeg4.dll
2011-03-06 21:35 - 2010-02-17 19:25 - 00132096 _____ () C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkLocalBackup.dll
2011-03-06 21:35 - 2010-07-28 18:02 - 00658432 _____ () C:\Program Files\Belkin\Router Setup and Monitor\gateways\GenericBelkinGatewayLOC.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Start GeekBuddy.lnk => C:\WINDOWS\pss\Start GeekBuddy.lnkCommon Startup

========================= Accounts: ==========================

Administrator (S-1-5-21-605865402-4069305935-1106247723-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
Administrator Pam (S-1-5-21-605865402-4069305935-1106247723-1013 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator Pam
Biomed (S-1-5-21-605865402-4069305935-1106247723-1011 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Biomed
Guest (S-1-5-21-605865402-4069305935-1106247723-501 - Limited - Enabled) => %SystemDrive%\Documents and Settings\Guest
HelpAssistant (S-1-5-21-605865402-4069305935-1106247723-1008 - Limited - Disabled)
HP_Owner (S-1-5-21-605865402-4069305935-1106247723-1009 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\HP_Owner
SUPPORT_388945a0 (S-1-5-21-605865402-4069305935-1106247723-1002 - Limited - Disabled)
SUPPORT_fddfa904 (S-1-5-21-605865402-4069305935-1106247723-1007 - Limited - Disabled)

==================== Faulty Device Manager Devices =============

Name: 1394 Net Adapter
Description: 1394 Net Adapter
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: NIC1394
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

==================== Event log errors: =========================

Application errors:
==================
Error: (10/27/2014 11:41:21 AM) (Source: crypt32) (EventID: 8) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.

Error: (10/27/2014 11:41:20 AM) (Source: crypt32) (EventID: 8) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.

Error: (10/27/2014 11:41:12 AM) (Source: crypt32) (EventID: 8) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.

Error: (10/27/2014 11:41:12 AM) (Source: crypt32) (EventID: 8) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.

Error: (10/27/2014 11:41:10 AM) (Source: crypt32) (EventID: 8) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.

Error: (10/27/2014 11:41:06 AM) (Source: crypt32) (EventID: 8) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.

Error: (10/27/2014 11:41:06 AM) (Source: crypt32) (EventID: 8) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.

Error: (10/27/2014 11:41:04 AM) (Source: crypt32) (EventID: 8) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: A connection with the server could not be established

Error: (10/27/2014 11:30:11 AM) (Source: crypt32) (EventID: 8) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.

Error: (10/27/2014 11:30:09 AM) (Source: crypt32) (EventID: 8) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: A connection with the server could not be established

System errors:
=============
Error: (10/29/2014 10:57:13 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The GeekBuddyRSP Server service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.

Error: (10/27/2014 10:48:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Microsoft Antimalware Service service failed to start due to the following error:
%%1053

Error: (10/27/2014 10:48:12 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Timeout (120000 milliseconds) waiting for the Microsoft Antimalware Service service to connect.

Error: (10/22/2014 01:02:43 PM) (Source: Windows Update Agent) (EventID: 20) (User: )
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 1.1 SP1 on Windows XP, Windows Vista, and Windows Server 2008 x86 (KB2833941).

Error: (10/21/2014 03:30:19 AM) (Source: Dhcp) (EventID: 1002) (User: )
Description: The IP address lease 192.168.2.2 for the Network Card with network address 0013D4247088 has been
denied by the DHCP server 192.168.2.1 (The DHCP Server sent a DHCPNACK message).

Error: (10/18/2014 08:08:43 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Timeout (120000 milliseconds) waiting for a transaction response from the MBAMService service.

Error: (10/18/2014 08:06:34 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Microsoft Antimalware Service service failed to start due to the following error:
%%1053

Error: (10/18/2014 08:06:34 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Timeout (120000 milliseconds) waiting for the Microsoft Antimalware Service service to connect.

Error: (10/18/2014 07:51:41 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {25637086-A0B4-4181-8307-191B62A805E2} did not register with DCOM within the required timeout.

Error: (10/17/2014 07:40:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Microsoft Antimalware Service service failed to start due to the following error:
%%1053

Microsoft Office Sessions:
=========================
Error: (10/27/2014 11:41:21 AM) (Source: crypt32) (EventID: 8) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis network connection does not exist.

Error: (10/27/2014 11:41:20 AM) (Source: crypt32) (EventID: 8) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis network connection does not exist.

Error: (10/27/2014 11:41:12 AM) (Source: crypt32) (EventID: 8) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis network connection does not exist.

Error: (10/27/2014 11:41:12 AM) (Source: crypt32) (EventID: 8) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis network connection does not exist.

Error: (10/27/2014 11:41:10 AM) (Source: crypt32) (EventID: 8) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis network connection does not exist.

Error: (10/27/2014 11:41:06 AM) (Source: crypt32) (EventID: 8) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis network connection does not exist.

Error: (10/27/2014 11:41:06 AM) (Source: crypt32) (EventID: 8) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis network connection does not exist.

Error: (10/27/2014 11:41:04 AM) (Source: crypt32) (EventID: 8) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtA connection with the server could not be established

Error: (10/27/2014 11:30:11 AM) (Source: crypt32) (EventID: 8) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis network connection does not exist.

Error: (10/27/2014 11:30:09 AM) (Source: crypt32) (EventID: 8) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtA connection with the server could not be established

==================== Memory info ===========================

Processor: Intel® Pentium® 4 CPU 2.93GHz
Percentage of memory in use: 31%
Total physical RAM: 3063.29 MB
Available physical RAM: 2105.38 MB
Total Pagefile: 3658.9 MB
Available Pagefile: 2546.11 MB
Total Virtual: 2047.88 MB
Available Virtual: 1922.86 MB

================

==================== End Of Log ============================

AdvancedSetup · November 3, 2014

Please run the following.

Please download the following scanner from Kaspersky and save it to your computer: TDSSkiller

Then watch the following video on how to use the tool and make sure to temporarily disable your security applications before running TDSSkiller.

If any infection is found please make sure to choose SKIP and post back the log in case of a False Positive detection.

Once the tool has completed scanning make sure to re-enable your other security applications.

Please download MiniToolBox save it to your desktop and run it.

Checkmark the following check-boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Devices
List Users, Partitions and Memory size.
List Minidump Files

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using Reset FF Proxy Settings option Firefox should be closed.

Please download aswMBR ( 4.5MB ) to your desktop.

Double click the aswMBR.exe icon, and click Run.
There will be a short delay before the next dialog box comes up. Please just wait a minute or two.
When asked if you'd like to "download the latest Avast! virus definitions", click Yes.
Typically this is about a 100MB download so depending on your connection speed it can take a short while to download and become ready.
Click the Scan button to start the scan once the update has finished downloading
On completion of the scan, click the save log button, save it to your desktop, then copy and paste it in your next reply.

Note: There will also be a file on your desktop named MBR.dat do not delete this for now. It is an actual backup of the MBR (master boot record).

flywelder · November 4, 2014

Ron what does this mean:

Note: When using Reset FF Proxy Settings option Firefox should be closed.

How do I inturpret "closed" from "open?"

Does "closed" mean that I wouldn't be " on line surfing the web" using firefox?

flywelder · November 4, 2014

Here is some of the results from the scans. TDSSKiller and mini tool box ran just fine, with no issues or problems.

The awsMBR results will come next.

Also, I am not able to attach any logs to this post, because this web site says there is a (error I0) with each one of my attempts to attache. What is (error I0) mean/ refer to?

PS: You will delete / remove any sensitive info I paste to my postings that wouldn't be of help to any one else who would read these postings, so that it is not available to others who might utilize that info for wrong means? Can I depend on you to do that? ....please. thank you Ron.

MiniToolBox by Farbar Version: 16-06-2013
Ran by Biomed (administrator) on 04-11-2014 at 15:41:40
Running from "C:\Documents and Settings\Biomed\My Documents\malware scanning tools and programs"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

========================= Hosts content: =================================

127.0.0.1   localhost

========================= IP Configuration: ================================

1394 Net Adapter = 1394 Connection (Disconnected)
Realtek RTL8139/810x Family Fast Ethernet NIC = Local Area Connection (Connected)

# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip

# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=static addr=156.154.70.22 register=PRIMARY
add dns name="Local Area Connection" addr=156.154.71.22 index=2
set wins name="Local Area Connection" source=dhcp

popd
# End of interface IP configuration

Windows IP Configuration

        Host Name . . . . . . . . . . . . : MSAIMH002

        Primary Dns Suffix . . . . . . . :

        Node Type . . . . . . . . . . . . : Hybrid

        IP Routing Enabled. . . . . . . . : No

        WINS Proxy Enabled. . . . . . . . : No

        DNS Suffix Search List. . . . . . : Belkin

Ethernet adapter Local Area Connection:

        Connection-specific DNS Suffix . : Belkin

        Description . . . . . . . . . . . : Realtek RTL8139/810x Family Fast Ethernet NIC

        Physical Address. . . . . . . . . : 00-13-D4-24-70-88

        Dhcp Enabled. . . . . . . . . . . : Yes

        Autoconfiguration Enabled . . . . : Yes

        IP Address. . . . . . . . . . . . : 192.168.2.2

        Subnet Mask . . . . . . . . . . . : 255.255.255.0

        Default Gateway . . . . . . . . . : 192.168.2.1

        DHCP Server . . . . . . . . . . . : 192.168.2.1

        DNS Servers . . . . . . . . . . . : 156.154.70.22

                                            156.154.71.22

        Lease Obtained. . . . . . . . . . : Tuesday, November 04, 2014 3:30:18 AM

        Lease Expires . . . . . . . . . . : Monday, January 18, 2038 10:14:07 PM

Server: UnKnown
Address: 156.154.70.22

Name:    google.com
Addresses: 173.194.115.128, 173.194.115.136, 173.194.115.134, 173.194.115.129
      173.194.115.135, 173.194.115.137, 173.194.115.133, 173.194.115.131, 173.194.115.130
      173.194.115.132, 173.194.115.142

Pinging google.com [173.194.115.0] with 32 bytes of data:

Reply from 173.194.115.0: bytes=32 time=60ms TTL=51

Reply from 173.194.115.0: bytes=32 time=38ms TTL=51

Ping statistics for 173.194.115.0:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 38ms, Maximum = 60ms, Average = 49ms

Server: UnKnown
Address: 156.154.70.22

Name:    yahoo.com
Addresses: 98.138.253.109, 98.139.183.24, 206.190.36.45

Pinging yahoo.com [98.138.253.109] with 32 bytes of data:

Reply from 98.138.253.109: bytes=32 time=70ms TTL=47

Reply from 98.138.253.109: bytes=32 time=68ms TTL=47

Ping statistics for 98.138.253.109:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 68ms, Maximum = 70ms, Average = 69ms

Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x10003 ...00 13 d4 24 70 88 ...... Realtek RTL8139/810x Family Fast Ethernet NIC
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface Metric
          0.0.0.0          0.0.0.0      192.168.2.1     192.168.2.2      20
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1      1
      192.168.2.0    255.255.255.0      192.168.2.2     192.168.2.2      20
      192.168.2.2 255.255.255.255        127.0.0.1       127.0.0.1      20
    192.168.2.255 255.255.255.255      192.168.2.2     192.168.2.2      20
        224.0.0.0        240.0.0.0      192.168.2.2     192.168.2.2      20
255.255.255.255 255.255.255.255      192.168.2.2     192.168.2.2      1
Default Gateway:       192.168.2.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\system32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 15 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/31/2014 06:06:01 AM) (Source: ESENT) (User: )
Description: wuaueng.dll (5404) SUS20ClientDataStore: Error -1032 (0xfffffbf8) occurred while opening logfile C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log.

Error: (10/31/2014 06:06:01 AM) (Source: ESENT) (User: )
Description: wuauclt (5404) An attempt to open the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log" for read only access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8).

Error: (10/31/2014 06:05:51 AM) (Source: ESENT) (User: )
Description: wuaueng.dll (5404) SUS20ClientDataStore: Error -1032 (0xfffffbf8) occurred while opening logfile C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log.

Error: (10/31/2014 06:05:51 AM) (Source: ESENT) (User: )
Description: wuauclt (5404) An attempt to open the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log" for read only access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8).

Error: (10/31/2014 05:54:32 AM) (Source: ESENT) (User: )
Description: wuaueng.dll (5292) SUS20ClientDataStore: Error -1032 (0xfffffbf8) occurred while opening logfile C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log.

Error: (10/31/2014 05:54:32 AM) (Source: ESENT) (User: )
Description: wuauclt (5292) An attempt to open the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log" for read only access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8).

Error: (10/31/2014 05:54:22 AM) (Source: ESENT) (User: )
Description: wuaueng.dll (5292) SUS20ClientDataStore: Error -1032 (0xfffffbf8) occurred while opening logfile C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log.

Error: (10/31/2014 05:54:22 AM) (Source: ESENT) (User: )
Description: wuauclt (5292) An attempt to open the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log" for read only access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8).

Error: (10/31/2014 05:44:36 AM) (Source: ESENT) (User: )
Description: wuaueng.dll (2468) SUS20ClientDataStore: Error -1032 (0xfffffbf8) occurred while opening logfile C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log.

Error: (10/31/2014 05:44:36 AM) (Source: ESENT) (User: )
Description: wuauclt (2468) An attempt to open the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8).

System errors:
=============
Error: (11/04/2014 03:30:13 AM) (Source: Dhcp) (User: )
Description: The IP address lease 192.168.2.2 for the Network Card with network address 0013D4247088 has been
denied by the DHCP server 192.168.2.1 (The DHCP Server sent a DHCPNACK message).

Error: (11/03/2014 07:13:44 PM) (Source: Service Control Manager) (User: )
Description: Timeout (120000 milliseconds) waiting for a transaction response from the MBAMService service.

Error: (11/03/2014 07:11:36 PM) (Source: Service Control Manager) (User: )
Description: The Microsoft Antimalware Service service failed to start due to the following error:
%%1053

Error: (11/03/2014 07:11:36 PM) (Source: Service Control Manager) (User: )
Description: Timeout (120000 milliseconds) waiting for the Microsoft Antimalware Service service to connect.

Error: (11/03/2014 10:00:53 AM) (Source: Service Control Manager) (User: )
Description: The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (11/03/2014 10:00:46 AM) (Source: Service Control Manager) (User: )
Description: The Belkin Local Backup Service service terminated unexpectedly. It has done this 1 time(s).

Error: (11/03/2014 10:00:46 AM) (Source: Service Control Manager) (User: )
Description: The Belkin Network USB Helper service terminated unexpectedly. It has done this 1 time(s).

Error: (11/03/2014 09:57:59 AM) (Source: Service Control Manager) (User: )
Description: The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (11/03/2014 09:56:52 AM) (Source: Service Control Manager) (User: )
Description: The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (11/03/2014 09:40:22 AM) (Source: Service Control Manager) (User: )
Description: The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Microsoft Office Sessions:
=========================
Error: (10/31/2014 06:06:01 AM) (Source: ESENT)(User: )
Description: wuaueng.dll5404SUS20ClientDataStore: C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log-1032 (0xfffffbf8)

Error: (10/31/2014 06:06:01 AM) (Source: ESENT)(User: )
Description: wuauclt5404C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log-1032 (0xfffffbf8)32 (0x00000020)The process cannot access the file because it is being used by another process.

Error: (10/31/2014 06:05:51 AM) (Source: ESENT)(User: )
Description: wuaueng.dll5404SUS20ClientDataStore: C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log-1032 (0xfffffbf8)

Error: (10/31/2014 06:05:51 AM) (Source: ESENT)(User: )
Description: wuauclt5404C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log-1032 (0xfffffbf8)32 (0x00000020)The process cannot access the file because it is being used by another process.

Error: (10/31/2014 05:54:32 AM) (Source: ESENT)(User: )
Description: wuaueng.dll5292SUS20ClientDataStore: C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log-1032 (0xfffffbf8)

Error: (10/31/2014 05:54:32 AM) (Source: ESENT)(User: )
Description: wuauclt5292C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log-1032 (0xfffffbf8)32 (0x00000020)The process cannot access the file because it is being used by another process.

Error: (10/31/2014 05:54:22 AM) (Source: ESENT)(User: )
Description: wuaueng.dll5292SUS20ClientDataStore: C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log-1032 (0xfffffbf8)

Error: (10/31/2014 05:54:22 AM) (Source: ESENT)(User: )
Description: wuauclt5292C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log-1032 (0xfffffbf8)32 (0x00000020)The process cannot access the file because it is being used by another process.

Error: (10/31/2014 05:44:36 AM) (Source: ESENT)(User: )
Description: wuaueng.dll2468SUS20ClientDataStore: C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log-1032 (0xfffffbf8)

Error: (10/31/2014 05:44:36 AM) (Source: ESENT)(User: )
Description: wuauclt2468C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log-1032 (0xfffffbf8)32 (0x00000020)The process cannot access the file because it is being used by another process.

=========================== Installed Programs ============================

Acrobat.com (Version: 0.0.0)
Acrobat.com (Version: 1.1.377)
Adobe AIR (Version: 2.7.1.19610)
Adobe Flash Player 15 ActiveX (Version: 15.0.0.152)
Adobe Flash Player 15 Plugin (Version: 15.0.0.189)
Adobe Reader XI (11.0.08) (Version: 11.0.08)
Agere Systems PCI Soft Modem
AiO_Scan (Version: 47.0.1.000)
AiOSoftware (Version: 47.0.1.000)
Amazon Kindle
BackupManager (Version: 1.00.0000)
Belkin Setup and Router Monitor
Belkin USB Print and Storage Center (Version: 1.0.0)
Blackhawk Striker 2 from Hewlett-Packard Desktops (remove only)
Blasterball 2 from Hewlett-Packard Desktops (remove only)
Blasterball 2 Holidays from Hewlett-Packard Desktops (remove only)
Blasterball 2 Remix from Hewlett-Packard Desktops (remove only)
Bounce Symphony from Hewlett-Packard Desktops (remove only)
BufferChm (Version: 45.4.157.000)
CameraDrivers (Version: 4.5.0.211)
CCleaner (Version: 4.19)
Chinese Simplified Fonts Support For Adobe Reader 9 (Version: 9.0.0)
Comodo Dragon (Version: 33.1.0.0)
COMODO Internet Security (Version: 6.1.14723.2813)
Copy (Version: 45.4.157.000)
CP_AtenaShokunin1Config (Version: 45.4.131.000)
cp_dwSharkTaleAlbums1 (Version: 45.4.157.000)
cp_dwSharkTaleCards1 (Version: 45.4.157.000)
cp_dwShrek2Albums1 (Version: 45.4.157.000)
cp_dwShrek2Cards1 (Version: 45.4.157.000)
CP_PLSBusinessFlyers (Version: 45.4.157.000)
CreativeProjects (Version: 45.4.157.000)
CreativeProjectsTemplates (Version: 45.4.157.000)
Crystal Maze from Hewlett-Packard Desktops (remove only)
CueTour (Version: 45.4.157.000)
Destinations (Version: 45.4.157.000)
Director (Version: 45.4.157.000)
Disk SpeedUp 1.4.0.888 (Version: 1.4.0.888)
DocProc (Version: 4.5.0.0)
DocumentViewer (Version: 45.4.157.000)
Easy Internet Sign-up (Version: FE UI-3.2.0.1491)
Enhanced Multimedia Keyboard Solution
ERUNT 1.1j
ESET Online Scanner v3
Family Tree For Dummies
Fax (Version: 47.0.1.000)
Final Drive Nitro from Hewlett-Packard Desktops (remove only)
GeekBuddy (Version: 4.18.121)
Google Toolbar for Internet Explorer
GoToMeeting 4.5.0.457
Help and Support Additions (Version: 3.0.5)
High Definition Audio Driver Package - KB835221 (Version: 20040219.000000)
HP Boot Optimizer (Version: 1.0.2)
HP Deskjet Printer Preload (Version: 10.1.0)
HP Image Zone 4.8.6 (Version: 4.8.6)
HP Image Zone Plus 4.8.6 (Version: 4.8.6)
HP Organize
HP Photosmart Cameras 4.5 (Version: 4.5)
HP Product Assistant (Version: 2.0.0.0)
HP Product Detection (Version: 10.7.8.0)
HP PSC & OfficeJet 4.7
HP Update (Version: 4.000.012.001)
HPIZplus450 (Version: 48.2.6.0)
HpSdpAppCoreApp (Version: 3.00.0000)
HPSystemDiagnostics (Version: 1.6.0.0)
IBM iSeries Access for Windows
IBM iSeries Access for Windows SI29771
InstantShare (Version: 45.4.157.000)
Intel® Graphics Media Accelerator Driver
IntelliMover Data Transfer Demo
InterVideo WinDVD Player (Version: 5.0-B11.767)
iTunes (Version: 4.7.0.42)
Lexibox Deluxe from Hewlett-Packard Desktops (remove only)
LS_HSI (Version: 1.4.27.1)
Malwarebytes Anti-Malware version 2.0.3.1025 (Version: 2.0.3.1025)
Memeo Instant Backup (Version: 4.60.0.7923)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2742597)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Access 2000 SR-1 Runtime (Version: 9.00.3821)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Automated Troubleshooting Services Shim
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Download Manager (Version: 1.2.1)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Standard Edition 2003 (Version: 11.0.8173.0)
Microsoft Plus! Dancer LE (Version: 1.1.0.3522)
Microsoft Plus! Digital Media Edition Installer (Version: 1.1.0.3500)
Microsoft Plus! Photo Story 2 LE (Version: 1.1.0.3463)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Works (Version: 08.04.0623)
Mozilla Firefox 32.0.3 (x86 en-US) (Version: 32.0.3)
Mozilla Maintenance Service (Version: 29.0.1)
mp (Version: 05.04.0000)
mpmri (Version: 05.04.0000)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
muvee autoProducer 4.0 (Version: 4.00.050)
OpenOffice.org 3.3 (Version: 3.3.9567)
Overball from Hewlett-Packard Desktops (remove only)
PanoStandAlone (Version: 45.4.157.000)
PC-Doctor for Windows (Version: 1.06.005)
Phoenix Assault from Hewlett-Packard Desktops (remove only)
PhotoGallery (Version: 45.4.157.000)
Polar Bowler from Hewlett-Packard Desktops (remove only)
Polar Golfer from Hewlett-Packard Desktops (remove only)
PrintScreen (Version: 43.1.5.000)
PS2
PSPrinters06 (Version: 1.00.0000)
Python 2.2 pywin32 extensions (build 203)
Python 2.2.3 (Version: 2.2.3)
QFolder (Version: 1.00.0000)
QuickProjects (Version: 43.1.5.000)
QuickTime
Readme (Version: 47.0.1.000)
RealDownloader (Version: 1.3.3)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0)
RealPlayer (Version: 16.0.3)
RealUpgrade 1.1 (Version: 1.1.0)
Remove Microsoft Money 2005 installer
Remove Quicken New User Edition installer
Remove WeatherBug installer
Scan (Version: 4.5.0.0)
ScannerCopy (Version: 4.5.0.0)
Seagate Dashboard (Version: 1.1.0.1421)
Shooting Stars Pool from Hewlett-Packard Desktops (remove only)
SkinsHP1 (Version: 45.4.157.000)
Slyder from Hewlett-Packard Desktops (remove only)
Smart Defrag 2 (Version: 2.0.1)
Sonic Express Labeler (Version: 2.0.0)
Sonic MyDVD Plus (Version: 6.1.0)
Sonic RecordNow Audio (Version: 2.0.0)
Sonic RecordNow Copy (Version: 2.0.0)
Sonic RecordNow Data (Version: 2.0.0)
Super Granny from Hewlett-Packard Desktops (remove only)
Tradewinds from Hewlett-Packard Desktops (remove only)
TrayApp (Version: 45.4.157.000)
Tweaking.com - Windows Repair (All in One) (Version: 1.9.14)
Unload (Version: 4.5.0)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB2863058) (Version: 1)
Update for Windows XP (KB2904266) (Version: 1)
Update for Windows XP (KB2934207) (Version: 1)
Update for Windows XP (KB951072-v2) (Version: 2)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB955839) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
Updates from HP
Video Mover
VS10RuntimeWin32 (Version: 1.0.0)
WebFldrs XP (Version: 9.50.7523)
WebReg (Version: 45.4.157.000)
WildTangent Web Driver
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7 (Version: 20070813.185237)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Format 11 runtime
Windows Media Player 11
Windows PowerShell 1.0 (Version: 2)
Windows XP Service Pack 3 (Version: 20080414.031525)

========================= Devices: ================================

Name: 1394 Net Adapter
Description: 1394 Net Adapter
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: NIC1394
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

========================= Memory info: ===================================

Percentage of memory in use: 34%
Total physical RAM: 3063.29 MB
Available physical RAM: 2010.61 MB
Total Pagefile: 3658.9 MB
Available Pagefile: 2591.54 MB
Total Virtual: 2047.88 MB
Available Virtual: 1968.96 MB

========================= Partitions: =====================================

1 Drive c: (HP_PAVILION) (Fixed) (Total:142.07 GB) (Free:100.43 GB) NTFS
2 Drive d: (HP_RECOVERY) (Fixed) (Total:6.96 GB) (Free:1.27 GB) FAT32
4 Drive f: (USB20FD) (Removable) (Total:7.55 GB) (Free:6.64 GB) FAT32

========================= Users: ========================================

User accounts for \\MSAIMH002

Administrator            Administrator Pam        Biomed
Guest                    HelpAssistant            HP_Owner
SUPPORT_388945a0         SUPPORT_fddfa904

========================= Minidump Files ==================================

No minidump file found

========================= Restore Points ==================================

26-09-2014 16:27:23 Configured Seagate Manager Installer
27-09-2014 16:08:05 System Checkpoint
28-09-2014 18:40:20 System Checkpoint
29-09-2014 19:43:06 System Checkpoint
30-09-2014 22:43:42 System Checkpoint
01-10-2014 23:19:13 Software Distribution Service 3.0
03-10-2014 00:12:29 System Checkpoint
04-10-2014 00:28:46 System Checkpoint
05-10-2014 03:29:15 System Checkpoint
06-10-2014 10:23:10 System Checkpoint
06-10-2014 13:17:35 Logitech Webcam Software v12.10.1110
08-10-2014 10:39:06 System Checkpoint
08-10-2014 17:00:20 Software Distribution Service 3.0
10-10-2014 10:47:36 System Checkpoint
10-10-2014 18:38:43 Installed Microsoft Visual C++ 2005 Redistributable
12-10-2014 10:48:37 System Checkpoint
13-10-2014 11:01:13 System Checkpoint
14-10-2014 11:29:41 System Checkpoint
15-10-2014 12:58:41 System Checkpoint
15-10-2014 17:00:20 Software Distribution Service 3.0
16-10-2014 18:28:20 System Checkpoint
18-10-2014 01:05:20 System Checkpoint
19-10-2014 08:53:40 System Checkpoint
20-10-2014 10:36:44 System Checkpoint
21-10-2014 11:24:15 System Checkpoint
22-10-2014 12:09:58 System Checkpoint
22-10-2014 17:00:22 Software Distribution Service 3.0
23-10-2014 17:09:49 System Checkpoint
24-10-2014 18:09:47 System Checkpoint
25-10-2014 19:09:48 System Checkpoint
26-10-2014 20:09:49 System Checkpoint
27-10-2014 21:09:48 System Checkpoint
28-10-2014 21:16:15 System Checkpoint
29-10-2014 17:01:17 Software Distribution Service 3.0
31-10-2014 23:16:25 System Checkpoint
01-11-2014 23:27:37 System Checkpoint
02-11-2014 23:35:50 System Checkpoint
04-11-2014 00:27:26 System Checkpoint

**** End of log ****

flywelder · November 4, 2014

12:49:18.0247 0x06ac TDSS rootkit removing tool 3.0.0.41 Oct 28 2014 17:58:34
12:50:11.0888 0x06ac ============================================================
12:50:11.0888 0x06ac Current date / time: 2014/11/04 12:50:11.0888
12:50:11.0888 0x06ac SystemInfo:
12:50:11.0888 0x06ac
12:50:11.0888 0x06ac OS Version: 5.1.2600 ServicePack: 3.0
12:50:11.0888 0x06ac Product type: Workstation
12:50:11.0888 0x06ac ComputerName: MSAIMH002
12:50:11.0888 0x06ac UserName: Biomed
12:50:11.0888 0x06ac Windows directory: C:\WINDOWS
12:50:11.0888 0x06ac System windows directory: C:\WINDOWS
12:50:11.0888 0x06ac Processor architecture: Intel x86
12:50:11.0888 0x06ac Number of processors: 1
12:50:11.0888 0x06ac Page size: 0x1000
12:50:11.0888 0x06ac Boot type: Normal boot
12:50:11.0888 0x06ac ============================================================
12:50:14.0138 0x06ac KLMD registered as C:\WINDOWS\system32\drivers\57293916.sys
12:50:14.0841 0x06ac System UUID: {2ABF175F-A49B-9AB0-F07E-DF43704EC96B}
12:50:16.0622 0x06ac Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 ( 149.05 Gb ), SectorSize: 0x200, Cylinders: 0x50C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000054
12:50:22.0638 0x06ac Drive \Device\Harddisk1\DR3 - Size: 0x1E4000000 ( 7.56 Gb ), SectorSize: 0x200, Cylinders: 0x3DB, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:50:57.0341 0x06ac ============================================================
12:50:57.0341 0x06ac \Device\Harddisk0\DR0:
12:50:57.0372 0x06ac MBR partitions:
12:50:57.0372 0x06ac \Device\Harddisk0\DR0\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0xDF1931
12:50:57.0372 0x06ac \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xDF1970, BlocksNum 0x11C23290
12:50:57.0372 0x06ac \Device\Harddisk1\DR3:
12:50:57.0372 0x06ac MBR partitions:
12:50:57.0372 0x06ac \Device\Harddisk1\DR3\Partition1: MBR, Type 0xB, StartLBA 0x1, BlocksNum 0xF1E000
12:50:57.0372 0x06ac ============================================================
12:50:57.0685 0x06ac C: <-> \Device\Harddisk0\DR0\Partition2
12:50:57.0904 0x06ac D: <-> \Device\Harddisk0\DR0\Partition1
12:50:57.0904 0x06ac ============================================================
12:50:57.0919 0x06ac Initialize success
12:50:57.0919 0x06ac ============================================================
12:53:06.0904 0x107c ============================================================
12:53:06.0904 0x107c Scan started
12:53:06.0904 0x107c Mode: Manual; SigCheck; TDLFS;
12:53:06.0904 0x107c ============================================================
12:53:06.0904 0x107c KSN ping started
12:53:09.0450 0x107c KSN ping finished: true
12:53:10.0607 0x107c ================ Scan system memory ========================
12:53:10.0654 0x107c System memory - ok
12:53:10.0669 0x107c ================ Scan services =============================
12:53:10.0825 0x107c Abiosdsk - ok
12:53:10.0825 0x107c abp480n5 - ok
12:53:10.0888 0x107c [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE803914C572B1DCC43C ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
12:53:11.0419 0x107c ACPI - ok
12:53:11.0513 0x107c [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
12:53:11.0685 0x107c ACPIEC - ok
12:53:11.0779 0x107c [ 2637233632CCD1837A1A57A43CAF00A4, 848026C6C9B38FD9F70BC7B2306BF4F5DD395726D4FDD6A18B29354921191DC5 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
12:53:11.0825 0x107c AdobeFlashPlayerUpdateSvc - ok
12:53:11.0825 0x107c adpu160m - ok
12:53:11.0857 0x107c [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec             C:\WINDOWS\system32\drivers\aec.sys
12:53:12.0044 0x107c aec - ok
12:53:12.0091 0x107c [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
12:53:12.0185 0x107c AFD - ok
12:53:12.0310 0x107c [ 7E077309910CE334C3B2B7B8665A55C4, 3DA0ABF8A6303F362DF08E39C23092192526F207F40DDCDEB6A0DB8EA576E03B ] AffinegyService C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe
12:53:12.0388 0x107c AffinegyService - ok
12:53:12.0404 0x107c AFGMp50 - ok
12:53:12.0419 0x107c [ 1961590AA191B6B7DCF18A6A693AF7B8, 69DB6D42DB4EB8C77DC927FA946D115C19A936ADBD2F5677CBB5039401D6EFD0 ] AFGSp50         C:\WINDOWS\system32\Drivers\AFGSp50.sys
12:53:12.0497 0x107c AFGSp50 - ok
12:53:12.0575 0x107c [ 593AEFC67283D409F34CC1245D00A509, 0845C09D8B76C20C2C43CC9FC42A07C23F006A0A4619D68445316BBC0CC28344 ] AgereSoftModem C:\WINDOWS\system32\DRIVERS\AGRSM.sys
12:53:12.0732 0x107c AgereSoftModem - ok
12:53:12.0747 0x107c Aha154x - ok
12:53:12.0763 0x107c aic78u2 - ok
12:53:12.0763 0x107c aic78xx - ok
12:53:12.0810 0x107c [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
12:53:12.0982 0x107c Alerter - ok
12:53:13.0013 0x107c [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] ALG             C:\WINDOWS\System32\alg.exe
12:53:13.0122 0x107c ALG - ok
12:53:13.0122 0x107c AliIde - ok
12:53:13.0138 0x107c amsint - ok
12:53:13.0185 0x107c [ B5B8A80875C1DEDEDA8B02765642C32F, AD0C71D73B1B8225351FBF4FFB43001A32B4DAE69504C59970CD2428BB33D4EF ] Arp1394         C:\WINDOWS\system32\DRIVERS\arp1394.sys
12:53:13.0341 0x107c Arp1394 - ok
12:53:13.0341 0x107c asc - ok
12:53:13.0357 0x107c asc3350p - ok
12:53:13.0372 0x107c asc3550 - ok
12:53:13.0419 0x107c [ ED8CEE58C1E4C5893F5B2FD686A272BF, D52C214F7AD27F14FC66B3D6049D4781006D77992D276D9E986AFD2E2A459B63 ] Aspi32          C:\WINDOWS\system32\drivers\Aspi32.sys
12:53:13.0435 0x107c Aspi32 - detected UnsignedFile.Multi.Generic ( 1 )
12:53:16.0341 0x107c Detect skipped due to KSN trusted
12:53:16.0341 0x107c Aspi32 - ok
12:53:16.0466 0x107c [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
12:53:16.0497 0x107c aspnet_state - ok
12:53:16.0497 0x107c [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
12:53:16.0669 0x107c AsyncMac - ok
12:53:16.0716 0x107c [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
12:53:16.0904 0x107c atapi - ok
12:53:16.0919 0x107c Atdisk - ok
12:53:16.0966 0x107c [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
12:53:17.0138 0x107c Atmarpc - ok
12:53:17.0185 0x107c [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
12:53:17.0357 0x107c AudioSrv - ok
12:53:17.0388 0x107c [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
12:53:17.0560 0x107c audstub - ok
12:53:17.0591 0x107c [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
12:53:17.0747 0x107c Beep - ok
12:53:17.0794 0x107c [ DEFCE42FE9EED1A0DC4A28FDDFF603C9, DAB072CDBE098B7693A51299314094D66D91344BCD57BD3846054654A5F2B863 ] Belkin Local Backup Service C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe
12:53:17.0825 0x107c Belkin Local Backup Service - detected UnsignedFile.Multi.Generic ( 1 )
12:53:20.0294 0x107c Detect skipped due to KSN trusted
12:53:20.0294 0x107c Belkin Local Backup Service - ok
12:53:20.0310 0x107c [ E23AF2900A4E3CA7FF22F1C80A013305, F87A24B3AC8984991EB2315DEA2C64C7F547F05AA9E917B450D6A659C88A338F ] Belkin Network USB Helper C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe
12:53:20.0341 0x107c Belkin Network USB Helper - detected UnsignedFile.Multi.Generic ( 1 )
12:53:22.0794 0x107c Detect skipped due to KSN trusted
12:53:22.0794 0x107c Belkin Network USB Helper - ok
12:53:22.0872 0x107c [ 574738F61FCA2935F5265DC4E5691314, 3C7CCF064397186C3A3863DD2370AB6414A61B330097DCA4F299CA7BBAA3D1B4 ] BITS            C:\WINDOWS\system32\qmgr.dll
12:53:23.0122 0x107c BITS - ok
12:53:23.0169 0x107c [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] Browser         C:\WINDOWS\System32\browser.dll
12:53:23.0279 0x107c Browser - ok
12:53:24.0044 0x107c catchme - ok
12:53:24.0200 0x107c [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
12:53:24.0357 0x107c cbidf2k - ok
12:53:24.0388 0x107c [ 0BE5AEF125BE881C4F854C554F2B025C, 1770DD70B3F115A0EF460907DEDC1E4B7241C08615A98F194D61A49C3E2BAA54 ] CCDECODE        C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
12:53:24.0575 0x107c CCDECODE - ok
12:53:24.0591 0x107c cd20xrnt - ok
12:53:24.0622 0x107c [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
12:53:24.0779 0x107c Cdaudio - ok
12:53:24.0825 0x107c [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
12:53:25.0013 0x107c Cdfs - ok
12:53:25.0044 0x107c [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
12:53:25.0216 0x107c Cdrom - ok
12:53:25.0263 0x107c [ 61305C679E5766A03A09C0E966939206, E85EC9D23C81A2F8C08B439FA34F43C475A26C38DF4B4B40758CFC0D64C50C17 ] CFRMD           C:\WINDOWS\system32\DRIVERS\CFRMD.sys
12:53:25.0294 0x107c CFRMD - ok
12:53:25.0294 0x107c Changer - ok
12:53:25.0341 0x107c [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7AC9D07319F1726 ] CiSvc           C:\WINDOWS\system32\cisvc.exe
12:53:25.0497 0x107c CiSvc - ok
12:53:25.0513 0x107c [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA8628CD4572CC9A43 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
12:53:25.0700 0x107c ClipSrv - ok
12:53:25.0779 0x107c [ E7FEED85EBA61455717A421E55217428, 26B1129601A49BB40B8A01BB8B3F1002F05C6189DDBD44DA889CA7C5B76CDCB3 ] CLPSLauncher    C:\Program Files\Common Files\COMODO\launcher_service.exe
12:53:25.0825 0x107c CLPSLauncher - ok
12:53:25.0935 0x107c [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:53:25.0966 0x107c clr_optimization_v2.0.50727_32 - ok
12:53:26.0325 0x107c [ DFACF6F69457E3EE2CE81EDCB4693674, E04CA54BCF6C75C6382423A5BC965744E76EB67E6448C1094AD4C4DBE02670DB ] cmdAgent        C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
12:53:26.0685 0x107c cmdAgent - ok
12:53:26.0732 0x107c [ 5C634AABDD28F349C6457BEEE84D4D7B, 2227EC6C47CCD7B82744AB4976D065887967710E7E37CB5567916702BF7FA008 ] cmderd          C:\WINDOWS\system32\DRIVERS\cmderd.sys
12:53:26.0747 0x107c cmderd - ok
12:53:26.0810 0x107c [ 16F731584ECBA307EB4AD9C4D8507B27, D309691DDE199137367FAD32F730CFD21A498E7498E91BCAAB772F5472A06F14 ] cmdGuard        C:\WINDOWS\system32\DRIVERS\cmdguard.sys
12:53:26.0904 0x107c cmdGuard - ok
12:53:26.0919 0x107c [ 1FAAF13D85A36D448238F53C42FE7A67, 09B23F591291C53616EF28E8D4842707AB9E445BA3D2D74BEAC98C7C2AF2D430 ] cmdHlp          C:\WINDOWS\system32\DRIVERS\cmdhlp.sys
12:53:26.0950 0x107c cmdHlp - ok
12:53:26.0950 0x107c CmdIde - ok
12:53:27.0075 0x107c [ A665EF912EEFD99EA557C6AB35CA1021, D8B53E70DF25E036F02D3707CF18ED2980F42A99D655230A9F7804E5F5D4BAB4 ] cmdvirth        C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
12:53:27.0216 0x107c cmdvirth - ok
12:53:27.0232 0x107c COMSysApp - ok
12:53:27.0247 0x107c Cpqarray - ok
12:53:27.0294 0x107c [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
12:53:27.0466 0x107c CryptSvc - ok
12:53:27.0482 0x107c dac2w2k - ok
12:53:27.0482 0x107c dac960nt - ok
12:53:27.0544 0x107c [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
12:53:27.0622 0x107c DcomLaunch - ok
12:53:27.0669 0x107c [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
12:53:27.0857 0x107c Dhcp - ok
12:53:27.0872 0x107c [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
12:53:28.0029 0x107c Disk - ok
12:53:28.0044 0x107c dmadmin - ok
12:53:28.0107 0x107c [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B5714AA045545C9B99 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
12:53:28.0357 0x107c dmboot - ok
12:53:28.0372 0x107c [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C57AB73DAED8CCDE ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
12:53:28.0560 0x107c dmio - ok
12:53:28.0575 0x107c [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
12:53:28.0747 0x107c dmload - ok
12:53:28.0779 0x107c [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] dmserver        C:\WINDOWS\System32\dmserver.dll
12:53:28.0950 0x107c dmserver - ok
12:53:28.0982 0x107c [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
12:53:29.0154 0x107c DMusic - ok
12:53:29.0200 0x107c [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
12:53:29.0310 0x107c Dnscache - ok
12:53:29.0357 0x107c [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D4928DA710F8BFBA3 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
12:53:29.0544 0x107c Dot3svc - ok
12:53:29.0560 0x107c dpti2o - ok
12:53:29.0716 0x107c [ 803569711F5976AD4A1469A091617946, 9FCFAE663992126B43EF9C729172A27D0B10CA758251D687430361D3A08BB4E2 ] DragonUpdater   C:\Program Files\Comodo\Dragon\dragon_updater.exe
12:53:29.0888 0x107c DragonUpdater - ok
12:53:29.0935 0x107c [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
12:53:30.0091 0x107c drmkaud - ok
12:53:30.0107 0x107c [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B143A253CF2508CFD ] EapHost         C:\WINDOWS\System32\eapsvc.dll
12:53:30.0263 0x107c EapHost - ok
12:53:30.0294 0x107c [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] ERSvc           C:\WINDOWS\System32\ersvc.dll
12:53:30.0482 0x107c ERSvc - ok
12:53:30.0529 0x107c [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] Eventlog        C:\WINDOWS\system32\services.exe
12:53:30.0575 0x107c Eventlog - ok
12:53:30.0622 0x107c [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] EventSystem     C:\WINDOWS\system32\es.dll
12:53:30.0700 0x107c EventSystem - ok
12:53:30.0732 0x107c [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
12:53:30.0904 0x107c Fastfat - ok
12:53:30.0950 0x107c [ 1E580770BDECE924494B368AC980749E, 023997B2B113FB5B9900F7AF8E528D157C779067234601C9246F72CEEBADE8B1 ] fasttx2k        C:\WINDOWS\system32\DRIVERS\fasttx2k.sys
12:53:31.0029 0x107c fasttx2k - ok
12:53:31.0075 0x107c [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
12:53:31.0169 0x107c FastUserSwitchingCompatibility - ok
12:53:31.0216 0x107c [ E97D6A8684466DF94FF3BC24FB787A07, 89E5A6889E3C5AB9AD3E80FFC16DD608278F3ADC282048B40B60196336A5CBEB ] Fax             C:\WINDOWS\system32\fxssvc.exe
12:53:31.0404 0x107c Fax - ok
12:53:31.0450 0x107c [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys
12:53:31.0622 0x107c Fdc - ok
12:53:31.0638 0x107c FilterService - ok
12:53:31.0669 0x107c [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
12:53:31.0825 0x107c Fips - ok
12:53:31.0841 0x107c [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk        C:\WINDOWS\system32\DRIVERS\flpydisk.sys
12:53:32.0013 0x107c Flpydisk - ok
12:53:32.0060 0x107c [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
12:53:32.0232 0x107c FltMgr - ok
12:53:32.0294 0x107c [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
12:53:32.0325 0x107c FontCache3.0.0.0 - ok
12:53:32.0357 0x107c [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
12:53:32.0513 0x107c Fs_Rec - ok
12:53:32.0529 0x107c [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
12:53:32.0700 0x107c Ftdisk - ok
12:53:32.0732 0x107c [ 2FB04DB459C71F416EE8B05448CA4AC3, 30606475AEB4FECA7D6C5ACAF2A89F8A5DE15027056EF4A2AF0884BE578CBFD6 ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
12:53:32.0763 0x107c GEARAspiWDM - ok
12:53:32.0997 0x107c [ 39B47A50DC3D5E898298468307765710, 06268FF65CF69E2B0822477C2D1DA44721B1ADBE4F06C0D3AC0B70C2A18D8DC6 ] GeekBuddyRSP    C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe
12:53:33.0216 0x107c GeekBuddyRSP - ok
12:53:33.0263 0x107c [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
12:53:33.0419 0x107c Gpc - ok
12:53:33.0513 0x107c [ 751C1D2CA2ABF4A9F5A6B8D7D45B907C, 8F62DF65DB30770448E297D000B570683DEA454A5D84B5BCB1478D91030212DB ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
12:53:33.0544 0x107c gusvc - ok
12:53:33.0591 0x107c [ 160B24FD894E79E71C983EA403A6E6E7, 2D1A557BA9E1293A44BA00AB746A484A69B8DA1F95A1B6CEDA9D4352845E77C6 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
12:53:33.0669 0x107c HdAudAddService - ok
12:53:33.0716 0x107c [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
12:53:33.0888 0x107c HDAudBus - ok
12:53:33.0966 0x107c [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
12:53:34.0107 0x107c helpsvc - ok
12:53:34.0138 0x107c [ DEB04DA35CC871B6D309B77E1443C796, F66A15C9528D661940F1F4CA453B3E95036D68C74C3B8AB53644211DBD3D2F32 ] HidServ         C:\WINDOWS\System32\hidserv.dll
12:53:34.0294 0x107c HidServ - ok
12:53:34.0325 0x107c [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
12:53:34.0482 0x107c HidUsb - ok
12:53:34.0513 0x107c [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B7922AD946597E2 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
12:53:34.0669 0x107c hkmsvc - ok
12:53:34.0700 0x107c [ 0E69D8294A78C7AB4A7CEE1F5F9D2546, E121E60DD8A3C2C0FD696F02490E4E09DDBB285521BCA79A74FD94FEE743808C ] HMD             C:\WINDOWS\system32\DRIVERS\hmd.sys
12:53:34.0732 0x107c HMD - ok
12:53:34.0747 0x107c hpn - ok
12:53:34.0794 0x107c [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
12:53:34.0857 0x107c HTTP - ok
12:53:34.0888 0x107c [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
12:53:35.0060 0x107c HTTPFilter - ok
12:53:35.0060 0x107c i2omgmt - ok
12:53:35.0075 0x107c i2omp - ok
12:53:35.0122 0x107c [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
12:53:35.0279 0x107c i8042prt - ok
12:53:35.0357 0x107c [ 737DA0BE27652C4482AC5CDE099BFCE9, CAF6463D851C18D2BCB3BEC3DCF9E906B95AD2E053BD48C25421FAD1DBC42585 ] ialm            C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
12:53:35.0497 0x107c ialm - ok
12:53:35.0591 0x107c [ 6F95324909B502E2651442C1548AB12F, FF1B104990FE186C6100ED229A45345FF695323AC778688EC11AA8F5A87B141E ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
12:53:35.0622 0x107c IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
12:53:38.0732 0x107c Detect skipped due to KSN trusted
12:53:38.0732 0x107c IDriverT - ok
12:53:38.0810 0x107c [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc           c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:53:38.0919 0x107c idsvc - ok
12:53:38.0935 0x107c [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
12:53:39.0075 0x107c Imapi - ok
12:53:39.0122 0x107c [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] ImapiService    C:\WINDOWS\system32\imapi.exe
12:53:39.0263 0x107c ImapiService - ok
12:53:39.0294 0x107c ini910u - ok
12:53:39.0341 0x107c [ F84E7F907434450B00E753D44AEC8EAA, A4C0C5230471B3D3FF4AA4B76A8E5F3986DD8FB8C2A2E180CDF216216FC8B10A ] Inspect         C:\WINDOWS\system32\DRIVERS\inspect.sys
12:53:39.0372 0x107c Inspect - ok
12:53:39.0529 0x107c [ 44792CCBC7B41B42EC068C6416D17DE1, 73BE3274305B73AB7B189DAD20C46172B6CA61B1F21B18331EEAA466DABA5D6A ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
12:53:39.0841 0x107c IntcAzAudAddService - ok
12:53:39.0888 0x107c [ B5466A9250342A7AA0CD1FBA13420678, 87E735C4E8924A883AB692D387A83BCBFAE6E165688336AE7AB488F7CA8D339E ] IntelIde        C:\WINDOWS\system32\DRIVERS\intelide.sys
12:53:40.0044 0x107c IntelIde - ok
12:53:40.0091 0x107c [ 8C953733D8F36EB2133F5BB58808B66B, 555868F246D73652E998B0B1296476E42FCEDED30D646CC000F31ECE4EBC25E6 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
12:53:40.0247 0x107c intelppm - ok
12:53:40.0263 0x107c [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys
12:53:40.0435 0x107c Ip6Fw - ok
12:53:40.0450 0x107c [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
12:53:40.0591 0x107c IpInIp - ok
12:53:40.0638 0x107c [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
12:53:40.0794 0x107c IpNat - ok
12:53:40.0810 0x107c [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
12:53:40.0997 0x107c IPSec - ok
12:53:41.0013 0x107c [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
12:53:41.0091 0x107c IRENUM - ok
12:53:41.0122 0x107c [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B3586917166C2DC ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
12:53:41.0279 0x107c isapnp - ok
12:53:41.0294 0x107c [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
12:53:41.0435 0x107c Kbdclass - ok
12:53:41.0466 0x107c [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
12:53:41.0622 0x107c kmixer - ok
12:53:41.0669 0x107c [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
12:53:41.0732 0x107c KSecDD - ok
12:53:41.0779 0x107c [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
12:53:41.0841 0x107c lanmanserver - ok
12:53:41.0904 0x107c [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
12:53:41.0966 0x107c lanmanworkstation - ok
12:53:41.0982 0x107c lbrtfdc - ok
12:53:42.0044 0x107c [ 9BD7ADD61B031307DD075E5E6A917C4D, 0023186FEA45E8DA7FB1A288AB931725C9AEC8B6B43D81747C739A8F31B9118C ] LightScribeService c:\Program Files\Common Files\LightScribe\LSSrvc.exe
12:53:42.0060 0x107c LightScribeService - detected UnsignedFile.Multi.Generic ( 1 )
12:53:44.0935 0x107c Detect skipped due to KSN trusted
12:53:44.0935 0x107c LightScribeService - ok
12:53:44.0982 0x107c [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
12:53:45.0138 0x107c LmHosts - ok
12:53:45.0154 0x107c LVRS - ok
12:53:45.0169 0x107c LVUSBSta - ok
12:53:45.0185 0x107c LVUVC - ok
12:53:45.0232 0x107c [ D2DED3C333A5D9CB3F4C244B0F0DD877, 5C1D6C2520C24B12AC99B4B1AB8A0C41052B78CEC2E8B52807057B09A03AD81F ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys
12:53:45.0263 0x107c MBAMProtector - ok
12:53:45.0404 0x107c [ 6D8A2EE4244630B290A837E79C0F37A1, 6783BBC0BDC93E4D6D43531A1AD0DF5CD26C3BBFA6384927C5CF65AD97FB04AD ] MBAMScheduler   C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
12:53:45.0560 0x107c MBAMScheduler - ok
12:53:45.0654 0x107c [ 09D4503CBB6ADB3A54E7C7A75090B728, 6139EA3338FD64205481EDEC813A44F8D395FDA7B67AA431DA61F3631C3EDAE6 ] MBAMService     C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
12:53:45.0747 0x107c MBAMService - ok
12:53:45.0810 0x107c [ 8E2E9CCD873ABF180F48BCAEEEBE347D, 35DBBB8E63B480151EA5701D9DB7C90642FA2391D044DB400D3644F3E21BB0C1 ] MBAMSwissArmy   C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
12:53:45.0825 0x107c MBAMSwissArmy - ok
12:53:45.0919 0x107c [ 11F714F85530A2BD134074DC30E99FCA, BDB5FD3B2DF4ADD19B31965B3E789768B59E872B3EA85912B1FFB32B2AF9D5D8 ] MDM             C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
12:53:45.0966 0x107c MDM - ok
12:53:46.0013 0x107c [ 780D96F551833E0DCFE0A33B02B774E8, 856F4E361A5956FE30CFF73112C3E2E59B4034C47F1B051A39DD9787FCABC9A2 ] MemeoBackgroundService C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe
12:53:46.0044 0x107c MemeoBackgroundService - ok
12:53:46.0075 0x107c [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
12:53:46.0247 0x107c Messenger - ok
12:53:46.0279 0x107c [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
12:53:46.0450 0x107c mnmdd - ok
12:53:46.0482 0x107c [ D18F1F0C101D06A1C1ADF26EED16FCDD, BA0837C7780BD8262E143E2935AFA63BE59C3C39EF56CB8608EED0F50AF070D4 ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
12:53:46.0622 0x107c mnmsrvc - ok
12:53:46.0669 0x107c [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
12:53:46.0810 0x107c Modem - ok
12:53:46.0825 0x107c [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
12:53:46.0997 0x107c Mouclass - ok
12:53:47.0060 0x107c [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
12:53:47.0216 0x107c mouhid - ok
12:53:47.0247 0x107c [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
12:53:47.0404 0x107c MountMgr - ok
12:53:47.0466 0x107c [ 707E98CC15C2224C078C9E71FF1889BC, 958416FE081436FDBF7F2BEBBB2795C54CC4F3F349D6DF463296A7BBA3404F13 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
12:53:47.0497 0x107c MozillaMaintenance - ok
12:53:47.0560 0x107c [ E77DC03DD3C8E5A388BF9EED2A28F3D1, ED0DAA975D1EC35CE036F02596218E15CC6A054167628D12A0A5AD91B841F422 ] MpFilter        C:\WINDOWS\system32\DRIVERS\MpFilter.sys
12:53:47.0607 0x107c MpFilter - ok
12:53:47.0622 0x107c mraid35x - ok
12:53:47.0638 0x107c [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
12:53:47.0794 0x107c MRxDAV - ok
12:53:47.0857 0x107c [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
12:53:47.0997 0x107c MRxSmb - ok
12:53:48.0013 0x107c [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F616301B30B858C724E8 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
12:53:48.0154 0x107c MSDTC - ok
12:53:48.0169 0x107c [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
12:53:48.0341 0x107c Msfs - ok
12:53:48.0357 0x107c MSIServer - ok
12:53:48.0372 0x107c [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
12:53:48.0544 0x107c MSKSSRV - ok
12:53:48.0622 0x107c [ B0F49DA36F30922F5DDC3B623B778FCE, EE025AEFA4A2095AFEABFB3A49639DA77D78068A3F5EEDA6C15D34853AFD5609 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
12:53:48.0654 0x107c MsMpSvc - ok
12:53:48.0685 0x107c [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
12:53:48.0857 0x107c MSPCLOCK - ok
12:53:48.0857 0x107c [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
12:53:49.0029 0x107c MSPQM - ok
12:53:49.0075 0x107c [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
12:53:49.0216 0x107c mssmbios - ok
12:53:49.0247 0x107c [ E53736A9E30C45FA9E7B5EAC55056D1D, 38602F280BF69EBA3706AD175AFC1AEB561A8302B4B61E3FECB3C27D7A9BDB41 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
12:53:49.0388 0x107c MSTEE - ok
12:53:49.0435 0x107c [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
12:53:49.0513 0x107c Mup - ok
12:53:49.0544 0x107c [ 5B50F1B2A2ED47D560577B221DA734DB, C16A554B6E1A7F5F98C94DFA88163E0F7426506BF2F51FD351B1A05FC0DB3BC5 ] NABTSFEC        C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
12:53:49.0716 0x107c NABTSFEC - ok
12:53:49.0763 0x107c [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F6785DFAABF339B09 ] napagent        C:\WINDOWS\System32\qagentrt.dll
12:53:49.0950 0x107c napagent - ok
12:53:49.0982 0x107c [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
12:53:50.0138 0x107c NDIS - ok
12:53:50.0154 0x107c [ 7FF1F1FD8609C149AA432F95A8163D97, 18CD1FF5AC1EF8A38D1EC53014F2BADD28D9CDF4ECE2EBC2313D08903776F323 ] NdisIP          C:\WINDOWS\system32\DRIVERS\NdisIP.sys
12:53:50.0279 0x107c NdisIP - ok
12:53:50.0325 0x107c [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
12:53:50.0404 0x107c NdisTapi - ok
12:53:50.0435 0x107c [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
12:53:50.0575 0x107c Ndisuio - ok
12:53:50.0591 0x107c [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:53:50.0747 0x107c NdisWan - ok
12:53:50.0779 0x107c [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
12:53:50.0841 0x107c NDProxy - ok
12:53:50.0841 0x107c [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
12:53:51.0013 0x107c NetBIOS - ok
12:53:51.0044 0x107c [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
12:53:51.0200 0x107c NetBT - ok
12:53:51.0247 0x107c [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDE          C:\WINDOWS\system32\netdde.exe
12:53:51.0419 0x107c NetDDE - ok
12:53:51.0435 0x107c [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
12:53:51.0622 0x107c NetDDEdsdm - ok
12:53:51.0669 0x107c [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] Netlogon        C:\WINDOWS\system32\lsass.exe
12:53:51.0825 0x107c Netlogon - ok
12:53:51.0872 0x107c [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] Netman          C:\WINDOWS\System32\netman.dll
12:53:52.0060 0x107c Netman - ok
12:53:52.0091 0x107c [ D34612C5D02D026535B3095D620626AE, 1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:53:52.0122 0x107c NetTcpPortSharing - ok
12:53:52.0154 0x107c [ E9E47CFB2D461FA0FC75B7A74C6383EA, 544136F5BFD4DC23D45E90F12FA48B82FD9EAEA9EAF3E0F5F0BD27E23D672C3E ] NIC1394         C:\WINDOWS\system32\DRIVERS\nic1394.sys
12:53:52.0310 0x107c NIC1394 - ok
12:53:52.0372 0x107c [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] Nla             C:\WINDOWS\System32\mswsock.dll
12:53:52.0419 0x107c Nla - ok
12:53:52.0435 0x107c [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
12:53:52.0575 0x107c Npfs - ok
12:53:52.0638 0x107c [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
12:53:52.0825 0x107c Ntfs - ok
12:53:52.0825 0x107c [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
12:53:52.0997 0x107c NtLmSsp - ok
12:53:53.0044 0x107c [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84F83FC3043FA9CD ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
12:53:53.0232 0x107c NtmsSvc - ok
12:53:53.0279 0x107c [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null            C:\WINDOWS\system32\drivers\Null.sys
12:53:53.0419 0x107c Null - ok
12:53:53.0435 0x107c [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
12:53:53.0575 0x107c NwlnkFlt - ok
12:53:53.0575 0x107c [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
12:53:53.0732 0x107c NwlnkFwd - ok
12:53:53.0747 0x107c [ CA33832DF41AFB202EE7AEB05145922F, 9DD0089C2E13C7F81214C3B5A4A61276292052F9BBFEA7FCD0F6AA27815D5F95 ] ohci1394        C:\WINDOWS\system32\DRIVERS\ohci1394.sys
12:53:53.0919 0x107c ohci1394 - ok
12:53:53.0982 0x107c [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC918BF6BE94A5C2 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:53:54.0013 0x107c ose - ok
12:53:54.0044 0x107c [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
12:53:54.0200 0x107c Parport - ok
12:53:54.0216 0x107c [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
12:53:54.0372 0x107c PartMgr - ok
12:53:54.0404 0x107c [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
12:53:54.0544 0x107c ParVdm - ok
12:53:54.0560 0x107c [ 505CBA425DF3BB230F244E1C23221058, EF46E06FA198EDCDAE1AADD6657045F9EA5597B7B0B0C078F119D10FD9F78022 ] PcdrNdisuio     C:\WINDOWS\system32\DRIVERS\pcdrndisuio.sys
12:53:54.0575 0x107c PcdrNdisuio - detected UnsignedFile.Multi.Generic ( 1 )
12:53:57.0029 0x107c Detect skipped due to KSN trusted
12:53:57.0029 0x107c PcdrNdisuio - ok
12:53:57.0060 0x107c [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B22984804CEC269 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
12:53:57.0232 0x107c PCI - ok
12:53:57.0247 0x107c PCIDump - ok
12:53:57.0263 0x107c [ CCF5F451BB1A5A2A522A76E670000FF0, D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020198724042C9257 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
12:53:57.0419 0x107c PCIIde - ok
12:53:57.0466 0x107c [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FCFEC1C8C987F617 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
12:53:57.0607 0x107c Pcmcia - ok
12:53:57.0622 0x107c PDCOMP - ok
12:53:57.0638 0x107c PDFRAME - ok
12:53:57.0654 0x107c PDRELI - ok
12:53:57.0669 0x107c PDRFRAME - ok
12:53:57.0669 0x107c perc2 - ok
12:53:57.0685 0x107c perc2hib - ok
12:53:57.0732 0x107c [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] PlugPlay        C:\WINDOWS\system32\services.exe
12:53:57.0779 0x107c PlugPlay - ok
12:53:57.0810 0x107c [ 2D091A99624FB9E7EEF0A86D872EC0C3, 465C0772E23F7959EC71DCCFA3304E2E46FD31548AE37D7BA3DAAA59E6B561FD ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.exe
12:53:57.0841 0x107c Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
12:54:00.0310 0x107c Detect skipped due to KSN trusted
12:54:00.0310 0x107c Pml Driver HPZ12 - ok
12:54:00.0310 0x107c [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
12:54:00.0450 0x107c PolicyAgent - ok
12:54:00.0497 0x107c [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
12:54:00.0654 0x107c PptpMiniport - ok
12:54:00.0669 0x107c [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
12:54:00.0810 0x107c ProtectedStorage - ok
12:54:00.0825 0x107c [ 390C204CED3785609AB24E9C52054A84, D997A9EAAE4A7FED9C2FEBD1AA7D1171431B9C9D56F8BFB587DCAE26203FF4D2 ] Ps2             C:\WINDOWS\system32\DRIVERS\PS2.sys
12:54:00.0904 0x107c Ps2 - ok
12:54:00.0935 0x107c [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
12:54:01.0075 0x107c PSched - ok
12:54:01.0107 0x107c [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
12:54:01.0247 0x107c Ptilink - ok
12:54:01.0263 0x107c [ 7C81AE3C9B82BA2DA437ED4D31BC56CF, 42407981358C3D27851442441C9A9692A747390469F03C3E89483F85BFCB797B ] PxHelp20        C:\WINDOWS\system32\Drivers\PxHelp20.sys
12:54:01.0263 0x107c PxHelp20 - detected UnsignedFile.Multi.Generic ( 1 )
12:54:03.0716 0x107c Detect skipped due to KSN trusted
12:54:03.0716 0x107c PxHelp20 - ok
12:54:03.0716 0x107c ql1080 - ok
12:54:03.0732 0x107c Ql10wnt - ok
12:54:03.0747 0x107c ql12160 - ok
12:54:03.0763 0x107c ql1240 - ok
12:54:03.0779 0x107c ql1280 - ok
12:54:03.0810 0x107c [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
12:54:03.0966 0x107c RasAcd - ok
12:54:03.0997 0x107c [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F31862656E96E2B20C ] RasAuto         C:\WINDOWS\System32\rasauto.dll
12:54:04.0138 0x107c RasAuto - ok
12:54:04.0169 0x107c [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
12:54:04.0341 0x107c Rasl2tp - ok
12:54:04.0388 0x107c [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] RasMan          C:\WINDOWS\System32\rasmans.dll
12:54:04.0544 0x107c RasMan - ok
12:54:04.0560 0x107c [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
12:54:04.0732 0x107c RasPppoe - ok
12:54:04.0763 0x107c [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
12:54:04.0919 0x107c Raspti - ok
12:54:04.0966 0x107c [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
12:54:05.0138 0x107c Rdbss - ok
12:54:05.0154 0x107c [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
12:54:05.0294 0x107c RDPCDD - ok
12:54:05.0357 0x107c [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
12:54:05.0435 0x107c RDPWD - ok
12:54:05.0466 0x107c [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944333039375AC08C ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
12:54:05.0622 0x107c RDSessMgr - ok
12:54:05.0700 0x107c [ 96EFEC24346A8EB1157E80523079ADDC, 7F8FC284029856C754E400B6C954369FFE27763C81D8F4AF4E58BFDD44CBC24A ] RealNetworks Downloader Resolver Service C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
12:54:05.0732 0x107c RealNetworks Downloader Resolver Service - ok
12:54:05.0763 0x107c [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
12:54:05.0935 0x107c redbook - ok
12:54:05.0966 0x107c [ 7E699FF5F59B5D9DE5390E3C34C67CF5, 3FCF0442D80AB181FED4303E570378736AA1F8718C0B8B70F689A1E45200FFE4 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
12:54:06.0122 0x107c RemoteAccess - ok
12:54:06.0154 0x107c [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC343561DC5EF9A360 ] RpcLocator      C:\WINDOWS\system32\locator.exe
12:54:06.0294 0x107c RpcLocator - ok
12:54:06.0341 0x107c [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] RpcSs           C:\WINDOWS\System32\rpcss.dll
12:54:06.0404 0x107c RpcSs - ok
12:54:06.0435 0x107c [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP            C:\WINDOWS\system32\rsvp.exe
12:54:06.0575 0x107c RSVP - ok
12:54:06.0622 0x107c [ 1A2A445E8968B2019E75E08F3A1344FC, 321DD411E2B7B4BB958E9823E0F41E04A1D2C3E426DCFD0AC286FF5B0617B614 ] RTL8023xp       C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys
12:54:06.0700 0x107c RTL8023xp - ok
12:54:06.0732 0x107c [ D507C1400284176573224903819FFDA3, DD0BDB2AB39A8A0A300B6D60FB6A7F5BA08C4DB8F59E0A784FB763EA8AD72AB2 ] rtl8139         C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
12:54:06.0857 0x107c rtl8139 - ok
12:54:06.0904 0x107c [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] SamSs           C:\WINDOWS\system32\lsass.exe
12:54:07.0044 0x107c SamSs - ok
12:54:07.0060 0x107c [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F45DD054EEA04C7 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
12:54:07.0232 0x107c SCardSvr - ok
12:54:07.0279 0x107c [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
12:54:07.0466 0x107c Schedule - ok
12:54:07.0560 0x107c [ 16B44D246835EAC156F8DAF0AA4F530C, F882BE1B27C0500AEE34BB9D9B69EBD258A19418475DB5552345DC844CDA1ECB ] SeagateDashboardService C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe
12:54:07.0575 0x107c SeagateDashboardService - ok
12:54:07.0607 0x107c [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
12:54:07.0700 0x107c Secdrv - ok
12:54:07.0716 0x107c [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] seclogon        C:\WINDOWS\System32\seclogon.dll
12:54:07.0888 0x107c seclogon - ok
12:54:07.0919 0x107c [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] SENS            C:\WINDOWS\system32\sens.dll
12:54:08.0075 0x107c SENS - ok
12:54:08.0138 0x107c [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] Serial          C:\WINDOWS\system32\drivers\Serial.sys
12:54:08.0279 0x107c Serial - ok
12:54:08.0325 0x107c [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
12:54:08.0466 0x107c Sfloppy - ok
12:54:08.0513 0x107c [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
12:54:08.0685 0x107c SharedAccess - ok
12:54:08.0716 0x107c [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
12:54:08.0763 0x107c ShellHWDetection - ok
12:54:08.0779 0x107c Simbad - ok
12:54:08.0794 0x107c [ 866D538EBE33709A5C9F5C62B73B7D14, BC94BEB7C17B4FCAC8B5D0D5006A203BC209E0504EECE149651D8691935696CD ] SLIP            C:\WINDOWS\system32\DRIVERS\SLIP.sys
12:54:08.0950 0x107c SLIP - ok
12:54:08.0966 0x107c Sparrow - ok
12:54:09.0013 0x107c [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
12:54:09.0169 0x107c splitter - ok
12:54:09.0216 0x107c [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
12:54:09.0263 0x107c Spooler - ok
12:54:09.0294 0x107c [ 76BB022C2FB6902FD5BDD4F78FC13A5D, 6031CB2344D7277FC703480EB43CF856A0F8F818EA98FF26A2CA532336CD2DFA ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
12:54:09.0372 0x107c sr - ok
12:54:09.0404 0x107c [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] srservice       C:\WINDOWS\system32\srsvc.dll
12:54:09.0497 0x107c srservice - ok
12:54:09.0560 0x107c [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
12:54:09.0638 0x107c Srv - ok
12:54:09.0669 0x107c [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
12:54:09.0763 0x107c SSDPSRV - ok
12:54:09.0825 0x107c [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
12:54:10.0029 0x107c stisvc - ok
12:54:10.0060 0x107c [ 77813007BA6265C4B6098187E6ED79D2, 93939120E803C46FBFD577C8FC2E6C7E71C0460E01D25CB29579490640AB50C7 ] streamip        C:\WINDOWS\system32\DRIVERS\StreamIP.sys
12:54:10.0200 0x107c streamip - ok
12:54:10.0247 0x107c [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
12:54:10.0388 0x107c swenum - ok
12:54:10.0435 0x107c [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
12:54:10.0591 0x107c swmidi - ok
12:54:10.0607 0x107c SwPrv - ok
12:54:10.0669 0x107c [ C8A43978DADCF12B7E40A0577227DFBC, 72C753CB8CE9F2770C8E1B28B9DAAD0CDA3473FAE751A9009AC7FADAA79AAE96 ] sxuptp          C:\WINDOWS\system32\DRIVERS\sxuptp.sys
12:54:10.0716 0x107c sxuptp - ok
12:54:10.0732 0x107c symc810 - ok
12:54:10.0732 0x107c symc8xx - ok
12:54:10.0747 0x107c sym_hi - ok
12:54:10.0763 0x107c sym_u3 - ok
12:54:10.0779 0x107c [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
12:54:10.0950 0x107c sysaudio - ok
12:54:10.0997 0x107c [ C7ABBC59B43274B1109DF6B24D617051, 4384CA0AA6CE9B603CF7DB775A3C721E46715D5B120B94FB57DEADAADE18535B ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
12:54:11.0154 0x107c SysmonLog - ok
12:54:11.0200 0x107c [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
12:54:11.0388 0x107c TapiSrv - ok
12:54:11.0435 0x107c [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
12:54:11.0497 0x107c Tcpip - ok
12:54:11.0544 0x107c [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
12:54:11.0685 0x107c TDPIPE - ok
12:54:11.0716 0x107c [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
12:54:11.0857 0x107c TDTCP - ok
12:54:11.0872 0x107c [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
12:54:12.0029 0x107c TermDD - ok
12:54:12.0075 0x107c [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] TermService     C:\WINDOWS\System32\termsrv.dll
12:54:12.0232 0x107c TermService - ok
12:54:12.0263 0x107c [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] Themes          C:\WINDOWS\System32\shsvcs.dll
12:54:12.0294 0x107c Themes - ok
12:54:12.0325 0x107c TosIde - ok
12:54:12.0341 0x107c [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] TrkWks          C:\WINDOWS\system32\trkwks.dll
12:54:12.0513 0x107c TrkWks - ok
12:54:12.0544 0x107c [ 446118FFFF5576434393AE4551A5CA74, 6E72F429EBF7EF5351735E12E153F39DDCAD3E0341106D3384C9EACFC105FDA6 ] TrueSight       C:\WINDOWS\system32\drivers\TrueSight.sys
12:54:12.0575 0x107c TrueSight - ok
12:54:12.0607 0x107c [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
12:54:12.0763 0x107c Udfs - ok
12:54:12.0779 0x107c ultra - ok
12:54:12.0841 0x107c [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
12:54:13.0029 0x107c Update - ok
12:54:13.0075 0x107c [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91, 7746916DB48E3F5B243B63C066596AD9037A494BF1AD935946DD04AC85D983DF ] upnphost        C:\WINDOWS\System32\upnphost.dll
12:54:13.0169 0x107c upnphost - ok
12:54:13.0185 0x107c [ 05365FB38FCA1E98F7A566AAAF5D1815, 16843048CEEC3DAA3B953A12FF1EE339E86783A08F2A56DA7F94AD9F9717D77D ] UPS             C:\WINDOWS\System32\ups.exe
12:54:13.0341 0x107c UPS - ok
12:54:13.0388 0x107c [ 65898A183FBF1D1F7759D5CCB364DCD4, 85E823123FDB4CA5F8255064E22A444627999055EC3419DFD001371893F36AB9 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
12:54:13.0497 0x107c usbaudio - ok
12:54:13.0529 0x107c [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
12:54:13.0607 0x107c usbccgp - ok
12:54:13.0654 0x107c [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
12:54:13.0685 0x107c usbehci - ok
12:54:13.0732 0x107c [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
12:54:13.0888 0x107c usbhub - ok
12:54:13.0919 0x107c [ F8EDE2B6928970DCE3D5614C27D9E7F6, 6E5EBBC8B70C1D593634DAF0C190DEADFDA18C3CBC8F552A76F156F3869EF05B ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
12:54:13.0950 0x107c usbscan - ok
12:54:14.0013 0x107c [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
12:54:14.0154 0x107c USBSTOR - ok
12:54:14.0200 0x107c [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
12:54:14.0341 0x107c usbuhci - ok
12:54:14.0388 0x107c [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
12:54:14.0529 0x107c VgaSave - ok
12:54:14.0544 0x107c [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E, FC7FFD53FCC0F81587EFF26A43C141D25C43DBC68311520CE2BCDD739CA58CA9 ] ViaIde          C:\WINDOWS\system32\DRIVERS\viaide.sys
12:54:14.0700 0x107c ViaIde - ok
12:54:14.0732 0x107c [ 4C8FCB5CC53AAB716D810740FE59D025, 010EAC43DBED700B73E4FC908FAAF9F6A0168EBBD5D86751E49BC33AAA18BFA4 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
12:54:14.0872 0x107c VolSnap - ok
12:54:14.0935 0x107c [ 7A9DB3A67C333BF0BD42E42B8596854B, D31A9A3B1AAAB373EDD73B674102395212FCB616F829E938B7B2B7BE7D4752C5 ] VSS             C:\WINDOWS\System32\vssvc.exe
12:54:15.0060 0x107c VSS - ok
12:54:15.0107 0x107c [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] W32Time         C:\WINDOWS\system32\w32time.dll
12:54:15.0263 0x107c W32Time - ok
12:54:15.0310 0x107c [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:54:15.0450 0x107c Wanarp - ok
12:54:15.0482 0x107c [ 4C0B8EF721783F52F8E531FBDC4B1F74, FA603ADA2FCA64E03D3642B335AD4454CEE3AE9FDEA21FCF9BA2D16DACBB1BDD ] wceusbsh        C:\WINDOWS\system32\DRIVERS\wceusbsh.sys
12:54:15.0622 0x107c wceusbsh - ok
12:54:15.0638 0x107c WDICA - ok
12:54:15.0669 0x107c [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
12:54:15.0825 0x107c wdmaud - ok
12:54:15.0857 0x107c [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] WebClient       C:\WINDOWS\System32\webclnt.dll
12:54:16.0044 0x107c WebClient - ok
12:54:16.0122 0x107c [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
12:54:16.0279 0x107c winmgmt - ok
12:54:16.0341 0x107c [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
12:54:16.0419 0x107c WmdmPmSN - ok
12:54:16.0466 0x107c [ E0673F1106E62A68D2257E376079F821, 12992F18C9653050B10DC61D12988067933FCFDF02123D3A7EF5DE607A785DDC ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
12:54:16.0607 0x107c WmiApSrv - ok
12:54:16.0716 0x107c [ F74E3D9A7FA9556C3BBB14D4E5E63D3B, C71FAAC752F6D58BF8556661252DBF8C5DDD090CAE002A2C7E09C9A014526066 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\WMPNetwk.exe
12:54:16.0825 0x107c WMPNetworkSvc - ok
12:54:16.0872 0x107c [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] WS2IFSL         C:\WINDOWS\System32\drivers\ws2ifsl.sys
12:54:17.0029 0x107c WS2IFSL - ok
12:54:17.0075 0x107c [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D4476F57867FCC12A ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
12:54:17.0232 0x107c wscsvc - ok
12:54:17.0247 0x107c [ C98B39829C2BBD34E454150633C62C78, 71B60EA3AD0E2637917D528C6A9E7ECF2949E3E5E91036AA5BBADA95BD725511 ] WSTCODEC        C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
12:54:17.0404 0x107c WSTCODEC - ok
12:54:17.0419 0x107c [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E27B161F9FFD4CD ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
12:54:17.0560 0x107c wuauserv - ok
12:54:17.0575 0x107c [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
12:54:17.0638 0x107c WudfPf - ok
12:54:17.0669 0x107c [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
12:54:17.0716 0x107c WudfRd - ok
12:54:17.0747 0x107c [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
12:54:17.0794 0x107c WudfSvc - ok
12:54:17.0857 0x107c [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
12:54:18.0075 0x107c WZCSVC - ok
12:54:18.0122 0x107c [ 295D21F14C335B53CB8154E5B1F892B9, 9418477C2E3EA93E93D931A4EDD4500DA568FAD6040204B5201D1080203B0BBC ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
12:54:18.0263 0x107c xmlprov - ok
12:54:18.0294 0x107c ================ Scan global ===============================
12:54:18.0341 0x107c [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll
12:54:18.0404 0x107c [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
12:54:18.0450 0x107c [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
12:54:18.0482 0x107c [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe
12:54:18.0482 0x107c [ Global ] - ok
12:54:18.0482 0x107c ================ Scan MBR ==================================
12:54:18.0513 0x107c [ 671B81004FDD1588FA9ED1331C9CECA9 ] \Device\Harddisk0\DR0
12:54:18.0732 0x107c \Device\Harddisk0\DR0 - ok
12:54:18.0732 0x107c [ 66D0B28C8B44E531D0C19F436252ABAA ] \Device\Harddisk1\DR3
12:54:18.0825 0x107c \Device\Harddisk1\DR3 - ok
12:54:18.0841 0x107c ================ Scan VBR ==================================
12:54:18.0841 0x107c [ D17D79E71CFAF7B747F3DB26D17DB4D5 ] \Device\Harddisk0\DR0\Partition1
12:54:18.0841 0x107c \Device\Harddisk0\DR0\Partition1 - ok
12:54:18.0857 0x107c [ A156533FFA0348EADB56BA557CCAA2FE ] \Device\Harddisk0\DR0\Partition2
12:54:18.0888 0x107c \Device\Harddisk0\DR0\Partition2 - ok
12:54:18.0888 0x107c [ B1477374868051A5F668D32CBEDB5CF2 ] \Device\Harddisk1\DR3\Partition1
12:54:18.0888 0x107c \Device\Harddisk1\DR3\Partition1 - ok
12:54:18.0888 0x107c ================ Scan generic autorun ======================
12:54:18.0997 0x107c [ 6380625DD0480ED60960A149A087C848, 50D920A3184B431246B38066FB6D6452C90294FCCEB8E2F1F1B7A2743E6C1106 ] c:\hp\bin\cloaker.exe
12:54:19.0029 0x107c thirdintel - detected UnsignedFile.Multi.Generic ( 1 )
12:54:21.0482 0x107c Detect skipped due to KSN trusted
12:54:21.0482 0x107c thirdintel - ok
12:54:21.0513 0x107c [ C81BE1B951C36E97D3DA90DA745DA5F7, DCE7E9127BC9C02B124CA201561A99DE29243CA0353A65B5C794D8C050D98CFF ] C:\HP\KBD\KBD.EXE
12:54:21.0544 0x107c KBD - detected UnsignedFile.Multi.Generic ( 1 )
12:54:23.0997 0x107c Detect skipped due to KSN trusted
12:54:23.0997 0x107c KBD - ok
12:54:24.0404 0x107c [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
12:54:24.0497 0x107c Adobe ARM - ok
12:54:24.0575 0x107c [ F6158734F1E24C6C510155CF0D363911, 320900BA90AF14E254CFAFA70FB15A0E77506217E47A406FA1ED821D0206FE29 ] C:\program files\real\realplayer\update\realsched.exe
12:54:24.0622 0x107c TkBellExe - ok
12:54:24.0654 0x107c [ 76A3A30B58405C2C6D833895253A51A9, 9EC13191F3938E0E63A5594687A7D93E0C5A77FB54BCFEBD3855719EA62262F8 ] C:\Program Files\QuickTime\qttask.exe
12:54:24.0669 0x107c QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 )
12:54:27.0107 0x107c Detect skipped due to KSN trusted
12:54:27.0107 0x107c QuickTime Task - ok
12:54:27.0216 0x107c [ 376FB589890E90BAA3D05867E44116E9, 287F0B0555E0A025C6F7F6C18B6FA79B849172AAB4ACC9406D726570DC6ABE87 ] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
12:54:27.0294 0x107c COMODO Internet Security - ok
12:54:27.0325 0x107c [ 850B548DFCC9794A69092A3CF4946556, EDAE70289FDE4363BCD81216C7684D8F7D93E5CFEDA3319B105D3C8088928054 ] C:\Program Files\Memeo\AutoBackup\MemeoLauncher2.exe
12:54:27.0357 0x107c Memeo Instant Backup - ok
12:54:27.0404 0x107c [ A853FB4774AAA16D7D57E26F46196ABF, 71791A0EB922CD554E58120F5E884B1E08EEDEA4B1BFFA19C8975CFEE38297FD ] C:\Program Files\Seagate\Seagate Dashboard\MemeoLauncher.exe
12:54:27.0435 0x107c Seagate Dashboard - ok
12:54:27.0654 0x107c [ 39B47A50DC3D5E898298468307765710, 06268FF65CF69E2B0822477C2D1DA44721B1ADBE4F06C0D3AC0B70C2A18D8DC6 ] C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe
12:54:27.0763 0x107c tvncontrol - ok
12:54:27.0810 0x107c [ 5F1D5F88303D4A4DBC8E5F97BA967CC3, 5FB24FC7916A6E6B3BE7D84CB1684215B266CD1495575C2E5672B8447932E5B1 ] C:\WINDOWS\system32\ctfmon.exe
12:54:27.0997 0x107c ctfmon.exe - ok
12:54:28.0169 0x107c [ 3E930C641079443D4DE036167A69CAA2, DEBA83978850F17B33A3C4C06C5E707B9A3FACA30FE0DFC5A9425EF2CA592473 ] C:\Program Files\Messenger\msmsgs.exe
12:54:28.0419 0x107c MSMSGS - ok
12:54:28.0435 0x107c [ 5F1D5F88303D4A4DBC8E5F97BA967CC3, 5FB24FC7916A6E6B3BE7D84CB1684215B266CD1495575C2E5672B8447932E5B1 ] C:\WINDOWS\system32\ctfmon.exe
12:54:28.0575 0x107c ctfmon.exe - ok
12:54:28.0857 0x107c [ 947835240308F523C9D980C89D35E76D, AC170D4185B7083E0433F21427C4D6EC4951958DCBE07CEC82515783E69B2646 ] C:\Program Files\CCleaner\CCleaner.exe
12:54:29.0075 0x107c CCleaner Monitoring - ok
12:54:29.0122 0x107c [ 5F1D5F88303D4A4DBC8E5F97BA967CC3, 5FB24FC7916A6E6B3BE7D84CB1684215B266CD1495575C2E5672B8447932E5B1 ] C:\WINDOWS\system32\ctfmon.exe
12:54:29.0263 0x107c ctfmon.exe - ok
12:54:29.0497 0x107c [ 947835240308F523C9D980C89D35E76D, AC170D4185B7083E0433F21427C4D6EC4951958DCBE07CEC82515783E69B2646 ] C:\Program Files\CCleaner\CCleaner.exe
12:54:29.0700 0x107c CCleaner Monitoring - ok
12:54:29.0810 0x107c [ 5F1D5F88303D4A4DBC8E5F97BA967CC3, 5FB24FC7916A6E6B3BE7D84CB1684215B266CD1495575C2E5672B8447932E5B1 ] C:\WINDOWS\system32\ctfmon.exe
12:54:29.0966 0x107c ctfmon.exe - ok
12:54:29.0982 0x107c [ 5F1D5F88303D4A4DBC8E5F97BA967CC3, 5FB24FC7916A6E6B3BE7D84CB1684215B266CD1495575C2E5672B8447932E5B1 ] C:\WINDOWS\system32\ctfmon.exe
12:54:30.0122 0x107c ctfmon.exe - ok
12:54:30.0122 0x107c Waiting for KSN requests completion. In queue: 13
12:54:31.0122 0x107c Waiting for KSN requests completion. In queue: 13
12:54:32.0122 0x107c Waiting for KSN requests completion. In queue: 13
12:54:33.0216 0x107c AV detected via SS1: COMODO Antivirus, 6.0, disabled, updated
12:54:33.0232 0x107c FW detected via SS1: COMODO Firewall, 6.0, disabled
12:54:33.0232 0x107c Win FW state via NFM: disabled
12:54:35.0747 0x107c ============================================================
12:54:35.0747 0x107c Scan finished
12:54:35.0747 0x107c ============================================================
12:54:35.0763 0x17c4 Detected object count: 0
12:54:35.0763 0x17c4 Actual detected object count: 0
13:07:18.0935 0x06d8 Deinitialize success

2014/11/04 12:48:04.0325 6108   TDSS rootkit removing tool 2.5.6.0 Jun 27 2011 15:22:52
2014/11/04 12:48:06.0154 6108   Perform update action was selected
2014/11/04 12:48:06.0169 5780   Deinitialize success

2014/11/04 12:46:56.0872 5840   TDSS rootkit removing tool 2.5.6.0 Jun 27 2011 15:22:52
2014/11/04 12:46:59.0732 5840   Perform update action was selected
2014/11/04 12:46:59.0732 1976   Deinitialize success

flywelder · November 4, 2014

aswMBR report:

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2014-11-04 16:00:58
-----------------------------
16:00:58.091    OS Version: Windows 5.1.2600 Service Pack 3
16:00:58.091    Number of processors: 1 586 0x401
16:00:58.091    ComputerName: MSAIMH002 UserName: Biomed
16:00:58.825    Initialize success
16:06:01.857    AVAST engine defs: 14110401
16:07:57.591    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-e
16:07:57.591    Disk 0 Vendor: SAMSUNG_SP1614C SW100-30 Size: 152627MB BusType: 3
16:07:57.779    Disk 0 MBR read successfully
16:07:57.794    Disk 0 MBR scan
16:07:57.825    Disk 0 unknown MBR code
16:07:57.825    Disk 0 Partition 1 00     0C    FAT32 LBA RECOVERY     7139 MB offset 63
16:07:57.841    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS       145478 MB offset 14621040
16:07:57.872    Disk 0 scanning sectors +312560640
16:07:58.091    Disk 0 scanning C:\WINDOWS\system32\drivers
16:08:08.794    Service scanning
16:08:26.747    Modules scanning
16:08:31.482    Disk 0 trace - called modules:
16:08:31.497    ntkrnlpa.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll pciide.sys PCIIDEX.SYS
16:08:31.888    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8afeeab8]
16:08:31.904    3 CLASSPNP.SYS[ba108fd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-e[0x8aff2d98]
16:08:32.482    AVAST engine scan C:\WINDOWS
16:08:39.404    AVAST engine scan C:\WINDOWS\system32
16:11:33.872    AVAST engine scan C:\WINDOWS\system32\drivers
16:11:50.779    AVAST engine scan C:\Documents and Settings\Biomed
16:16:57.544    AVAST engine scan C:\Documents and Settings\All Users
16:17:58.529    Scan finished successfully
17:11:39.263    Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Biomed\Desktop\MBR.dat"
17:11:39.263    The log file has been saved successfully to "C:\Documents and Settings\Biomed\Desktop\aswMBR.txt"

AdvancedSetup · November 5, 2014

Well so far the computer isn't really showing much in terms of an infection. You might try the following sites to see if some of their fixes might help the computer run better.

http://support2.microsoft.com/fixit/

http://www.tweaking.com/content/page/windows_repair_all_in_one.html

flywelder · November 5, 2014

oh?

and what about the errors listed inthe MBAM check results? what do they mean and point to?

What do I do with the aswMBR report? for i have it still onthe desk top and the buttons for "fix MBR" and a button for "save log" are still waiting to be activated. (and I did save the log as you instructed ealrlier. )

Shall I press the " fix mbr" button or not?

Shall I do nothing except close the aswMBR ?

today Comodo reported finding two infections both are : Packed Win32. MU

Both were successfully quarentined.

and earlier it found one called " swearware" .. but i think it is still active??

and while I wait on your reply, I will try the links you provided and report back.

Mlawarebytes's malicious website protection not activating for some reason

Recommended Posts

Link to post

Share on other sites

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Posted Images

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Recently Browsing 0 members

Important Information