After extensive cleaning looks like MB found 27 occurrences of PUP.Optional.Babylon.C after removing the program previously - or so I thought.
Thanks for your help.
Here are the FRST Texts
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 06-05-2015 01
Ran by Owner (administrator) on OWNER-FE8C2F80E on 06-05-2015 19:48:49
Running from C:\Documents and Settings\Owner\Desktop
Loaded Profiles: Owner (Available profiles: Owner & Administrator)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Ruiware) C:\Program Files\Ruiware\WinPatrol\WinPatrol.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [948440 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll [2005-08-09] (ATI Technologies Inc.)
HKU\S-1-5-21-1275210071-1035525444-1606980848-1003\...\Run: [WinPatrol] => C:\Program Files\Ruiware\WinPatrol\winpatrol.exe [1238152 2015-04-23] (Ruiware)
HKU\S-1-5-21-1275210071-1035525444-1606980848-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\ssflwbox.scr [393216 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [DWQueuedReporting] => c:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE [437160 2007-02-26] (Microsoft Corporation)
Startup: C:\Documents and Settings\Owner\Start Menu\Programs\Startup\Billminder.lnk [2012-06-02]
ShortcutTarget: Billminder.lnk -> C:\QUICKENW\billmind.exe (Intuit)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-1275210071-1035525444-1606980848-1003\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\S-1-5-21-1275210071-1035525444-1606980848-1003\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = https://www.netaddre...?Domain=usa.net
https://login.microsoftonline.com/
https://duckduckgo.com/
HKU\S-1-5-21-1275210071-1035525444-1606980848-1003\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKU\S-1-5-21-1275210071-1035525444-1606980848-1003\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-04-27] (Oracle Corporation)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-27] (Oracle Corporation)
DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://www.pcpitstop...t/PCPitStop.CAB
DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://windowsupdate...b?1318284984953
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2013-04-16] (Belarc, Inc.)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll [2014-03-06] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll [2014-03-06] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\z3zu8u0o.default-1407623485265
FF DefaultSearchEngine.US: Google
FF Homepage: about:home|hxxp://www.netvibes.com/privatepage/2#General|https://www.netaddre...gle.com/finance
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-25] ()
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-27] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-27] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
FF Plugin: @videolan.org/vlc,version=2.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-02-03]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-10-23] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 BANTExt; C:\WINDOWS\System32\Drivers\BANTExt.sys [3840 2013-09-10] () [File not signed]
R3 BCM43XX; C:\WINDOWS\System32\DRIVERS\bcmwl5.sys [265728 2003-07-17] (Broadcom Corporation)
R3 E1000; C:\WINDOWS\System32\DRIVERS\e1000325.sys [163840 2005-06-29] (Intel Corporation)
R0 giveio; C:\WINDOWS\System32\giveio.sys [5248 1996-04-03] () [File not signed]
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [119512 2015-05-06] (Malwarebytes Corporation)
R0 MpFilter; C:\WINDOWS\System32\DRIVERS\MpFilter.sys [214696 2013-09-27] (Microsoft Corporation)
R0 speedfan; C:\WINDOWS\System32\speedfan.sys [24184 2012-12-29] (Almico Software)
R3 STAC97; C:\WINDOWS\System32\drivers\STAC97.sys [252144 2003-10-14] (SigmaTel, Inc.)
U1 WS2IFSL; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-06 19:48 - 2015-05-06 19:49 - 00008418 _____ () C:\Documents and Settings\Owner\Desktop\FRST.txt
2015-05-06 19:48 - 2015-05-06 19:48 - 00000000 ____D () C:\FRST
2015-05-06 19:47 - 2015-05-06 19:47 - 01141248 _____ (Farbar) C:\Documents and Settings\Owner\Desktop\FRST.exe
2015-05-02 23:25 - 2015-05-02 23:25 - 00000682 _____ () C:\Documents and Settings\Owner\Desktop\SpeedFan.lnk
2015-05-02 23:24 - 2015-05-02 23:24 - 02218504 _____ () C:\Documents and Settings\Owner\Desktop\instspeedfan451.exe
2015-05-02 20:53 - 2015-05-02 20:53 - 00128504 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-05-02 08:55 - 2015-05-02 08:55 - 00020680 _____ () C:\Documents and Settings\Owner\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2015-05-01 21:12 - 2015-05-01 21:12 - 00000000 ____D () C:\Qutoes
2015-05-01 21:11 - 2015-05-01 21:11 - 00001586 _____ () C:\quotes.csv
2015-04-30 22:53 - 2015-04-30 22:53 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-04-30 22:53 - 2015-04-30 22:53 - 00000000 _____ () C:\WINDOWS\setupact.log
2015-04-29 00:39 - 2015-05-03 20:41 - 00039212 _____ () C:\WINDOWS\setupapi.log
2015-04-27 23:58 - 2015-04-27 23:58 - 00000000 ____D () C:\Program Files\Common Files\Java
2015-04-27 23:57 - 2015-04-28 00:01 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Oracle
2015-04-27 23:19 - 2015-04-27 23:19 - 00001567 _____ () C:\DelFix.txt
2015-04-27 23:19 - 2015-04-27 23:19 - 00000000 ____D () C:\WINDOWS\ERUNT
2015-04-26 20:33 - 2015-04-27 19:40 - 00000000 ____D () C:\Documents and Settings\Owner\Application Data\vlc
2015-04-26 20:33 - 2015-04-26 20:33 - 00000719 _____ () C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
2015-04-25 20:40 - 2015-04-25 20:40 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Auslogics
2015-04-25 20:14 - 2015-04-25 20:18 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-04-25 20:04 - 2015-04-25 20:04 - 00001687 _____ () C:\Documents and Settings\Owner\Start Menu\Programs\FileHippo App Manager.lnk
2015-04-25 20:04 - 2015-04-25 20:04 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\IsolatedStorage
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-06 19:49 - 2011-10-10 17:05 - 00000000 ____D () C:\Documents and Settings\Owner\Local Settings\Temp
2015-05-06 19:44 - 2014-03-30 16:33 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2015-05-06 11:53 - 2012-06-09 17:04 - 00001774 ____H () C:\Documents and Settings\Owner\My Documents\Default.rdp
2015-05-06 10:26 - 2011-10-10 16:58 - 02034457 _____ () C:\WINDOWS\WindowsUpdate.log
2015-05-06 10:20 - 2011-10-10 17:04 - 00000000 ____D () C:\Documents and Settings\NetworkService\Local Settings\Temp
2015-05-06 01:14 - 2014-02-25 00:13 - 00000384 ____H () C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
2015-05-06 01:14 - 2012-06-02 00:15 - 00001537 _____ () C:\WINDOWS\QUICKEN.INI
2015-05-06 01:05 - 2004-08-04 07:00 - 00013646 _____ () C:\WINDOWS\system32\wpa.dbl
2015-05-06 01:04 - 2011-10-10 17:04 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-05-06 01:04 - 2011-10-10 12:52 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2015-05-06 01:04 - 2011-10-10 12:52 - 00000048 _____ () C:\WINDOWS\wiaservc.log
2015-05-06 01:03 - 2011-10-10 17:24 - 00000000 __HDC () C:\WINDOWS\ie7
2015-05-06 01:03 - 2011-10-10 17:05 - 00000178 ___SH () C:\Documents and Settings\Owner\ntuser.ini
2015-05-06 01:03 - 2011-10-10 17:04 - 00032626 _____ () C:\WINDOWS\SchedLgU.Txt
2015-05-05 00:26 - 2011-10-10 12:41 - 00000000 ____D () C:\WINDOWS\security
2015-05-04 23:09 - 2013-09-05 19:10 - 00000000 ____D () C:\Program Files\pdf995
2015-05-03 23:55 - 2013-08-05 09:17 - 00000000 ____D () C:\Documents and Settings\Owner\My Documents\CCleaner
2015-05-02 23:26 - 2012-09-14 03:13 - 00000000 ____D () C:\Program Files\SpeedFan
2015-05-02 23:25 - 2012-05-28 16:32 - 00000045 _____ () C:\WINDOWS\system32\initdebug.nfo
2015-05-01 21:10 - 2012-06-02 00:14 - 00000000 ____D () C:\QUICKENW
2015-04-28 01:00 - 2012-01-31 14:18 - 00000155 _____ () C:\Documents and Settings\Owner\Application Data\default.rss
2015-04-28 00:59 - 2012-05-14 21:31 - 00000000 ____D () C:\WINDOWS\ERDNT
2015-04-28 00:59 - 2012-01-26 18:46 - 00000069 _____ () C:\WINDOWS\NeroDigital.ini
2015-04-28 00:37 - 2011-10-10 17:04 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\Temp
2015-04-28 00:32 - 2012-10-29 12:35 - 00002347 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk
2015-04-28 00:31 - 2011-10-10 17:22 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2015-04-27 23:57 - 2014-08-09 18:40 - 00146432 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2015-04-27 23:57 - 2014-08-09 18:40 - 00096680 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2015-04-27 23:57 - 2011-10-10 17:21 - 00000000 ____D () C:\Program Files\Java
2015-04-27 22:56 - 2011-10-10 17:05 - 00000000 ____D () C:\Documents and Settings\Owner
2015-04-27 19:38 - 2012-05-18 19:26 - 00000000 ____D () C:\Documents and Settings\Owner\Application Data\dvdcss
2015-04-26 20:33 - 2012-11-30 11:49 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\VideoLAN
2015-04-25 22:43 - 2014-03-30 16:50 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-04-25 22:33 - 2013-07-14 16:37 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-04-25 21:16 - 2014-03-30 16:51 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
2015-04-25 21:04 - 2012-07-26 00:00 - 00778416 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-04-25 21:04 - 2012-07-26 00:00 - 00142512 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-04-25 21:04 - 2011-10-13 16:59 - 00000000 ____D () C:\Documents and Settings\Owner\Local Settings\Application Data\Adobe
2015-04-25 20:35 - 2013-11-17 17:46 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\WinPatrol
2015-04-25 20:35 - 2012-05-22 23:10 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\InstallMate
2015-04-25 20:17 - 2013-01-25 11:35 - 00000000 ____D () C:\Program Files\CCleaner
2015-04-25 20:04 - 2012-05-14 23:19 - 00000000 ____D () C:\Program Files\FileHippo.com
2015-04-25 19:58 - 2011-10-10 12:49 - 00603684 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-04-14 09:37 - 2014-03-30 16:50 - 00120024 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-04-14 09:37 - 2013-01-01 20:31 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
==================== Files in the root of some directories =======
2012-01-30 15:41 - 2012-01-31 14:10 - 0000007 ___SH () C:\Documents and Settings\Owner\Application Data\date
2012-01-31 14:18 - 2015-04-28 01:00 - 0000155 _____ () C:\Documents and Settings\Owner\Application Data\default.rss
2012-06-04 08:39 - 2012-06-04 08:39 - 0000000 _____ () C:\Documents and Settings\Owner\Application Data\downloads.m3u
2012-01-30 15:40 - 2012-05-31 23:15 - 0000002 ___SH () C:\Documents and Settings\Owner\Application Data\evf6
2012-01-30 16:08 - 2012-06-09 21:03 - 0005632 _____ () C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-11-26 14:01 - 2012-03-01 15:18 - 0037632 _____ () C:\Documents and Settings\All Users\dlea.log
2011-11-25 14:06 - 2012-05-14 22:45 - 0053650 _____ () C:\Documents and Settings\All Users\dleaJSW.log
2011-11-25 13:35 - 2012-05-14 22:48 - 0029259 _____ () C:\Documents and Settings\All Users\dleascan.log
2011-11-25 21:11 - 2011-11-25 21:11 - 0000252 ____C () C:\Documents and Settings\All Users\FastPics.log
2011-12-24 20:00 - 2011-12-24 20:00 - 0000000 ____C () C:\Documents and Settings\All Users\LxWbGwLog.log
2011-11-25 13:30 - 2011-11-25 13:30 - 0000000 ____C () C:\Documents and Settings\All Users\UpdaterLog.txt
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 06-05-2015 01
Ran by Owner at 2015-05-06 19:49:48
Running from C:\Documents and Settings\Owner\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1275210071-1035525444-1606980848-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
ASPNET (S-1-5-21-1275210071-1035525444-1606980848-1004 - Limited - Enabled)
Guest (S-1-5-21-1275210071-1035525444-1606980848-501 - Limited - Enabled)
HelpAssistant (S-1-5-21-1275210071-1035525444-1606980848-1000 - Limited - Disabled)
Owner (S-1-5-21-1275210071-1035525444-1606980848-1003 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Owner
SUPPORT_388945a0 (S-1-5-21-1275210071-1035525444-1606980848-1002 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (HKLM\...\7-zip) (Version: v9.20 - TUGUU SL) <==== ATTENTION
Adobe Flash Player 17 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Advertising Center (Version: 0.0.0.2 - Nero AG) Hidden
ATI Display Driver (HKLM\...\ATI Display Driver) (Version: 8.163-050809a1-026378C-Gateway - )
Auslogics DiskDefrag (HKLM\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 5.4.0.0 - Auslogics Labs Pty Ltd)
Belarc Advisor 8.4 (HKLM\...\Belarc Advisor) (Version: 8.4.0.0 - Belarc Inc.)
Canon MP Navigator EX 3.0 (HKLM\...\MP Navigator EX 3.0) (Version: - )
Canon MP490 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP490_series) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
CleanUp! (HKLM\...\CleanUp!) (Version: - )
ClearType Tuning Control Panel Applet (HKLM\...\{C9E4932C-8417-4E4C-A0E3-EE534810AB4D}) (Version: 1.01.0000 - Microsoft Corporation)
C-Major Audio (HKLM\...\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}) (Version: - )
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
ERUNT 1.1j (HKLM\...\ERUNT_is1) (Version: - Lars Hederer)
FileHippo App Manager (HKLM\...\FileHippo.com) (Version: - FileHippo.com)
Google Update Helper (Version: 1.3.21.111 - Google Inc.) Hidden
HD Tune 2.55 (HKLM\...\HD Tune_is1) (Version: - EFD Software)
ImagXpress (Version: 7.0.74.0 - Nero AG) Hidden
ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!)
Intel® PRO Network Connections Drivers (HKLM\...\PROSet) (Version: - )
Java 8 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
K-Lite Codec Pack 8.2.0 (Full) (HKLM\...\KLiteCodecPack_is1) (Version: 8.2.0 - )
Leawo DVD Ripper version 4.3.0.0 (HKLM\...\{1FE417E2-6B8F-44CA-A7DF-A4BD072E8ED8}_is1) (Version: 4.3.0.0 - Leawo Software Co., Ltd.)
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Menu Templates - Starter Kit (Version: 9.6.0.0 - Nero AG) Hidden
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version: - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Base Smart Card Cryptographic Service Provider Package (HKLM\...\KB909520) (Version: - Microsoft Corporation)
Microsoft Calculator Plus (HKLM\...\{83073C45-3003-4671-9A86-243AAADD915A}) (Version: 1.0.0 - Microsoft)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Office Excel Viewer (HKLM\...\{95120000-003F-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM\...\{90850409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.4.304.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Motorola SM56 Data Fax Modem (HKLM\...\SMSERIAL) (Version: - )
Movie Templates - Starter Kit (Version: 9.6.0.0 - Nero AG) Hidden
Mozilla Firefox 37.0.2 (x86 en-US) (HKLM\...\Mozilla Firefox 37.0.2 (x86 en-US)) (Version: 37.0.2 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 6.0 Parser (KB925673) (HKLM\...\{FE9126DB-5F84-495A-BB46-3C724F1C2D08}) (Version: 6.00.3888.0 - Microsoft Corporation)
Nero 9 Essentials (HKLM\...\{6eb90063-f7c5-42f8-b197-571607c158d9}) (Version: - Nero AG)
Pdf995 (HKLM\...\Pdf995) (Version: - )
PdfEdit995 (HKLM\...\PdfEdit995) (Version: - )
Quicken Deluxe 98 (HKLM\...\Quicken Deluxe 98) (Version: - )
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Signature995 (HKLM\...\Signature995) (Version: - )
Speccy (HKLM\...\Speccy) (Version: 1.28 - Piriform)
SpeedFan (remove only) (HKLM\...\SpeedFan) (Version: - )
Toolbar Cleaner 1.1 (HKLM\...\Toolbar Cleaner) (Version: - Visicom Media Inc.)
TurboTax 2011 (HKLM\...\TurboTax 2011) (Version: - Intuit, Inc)
TurboTax 2012 (HKLM\...\TurboTax 2012) (Version: 2012.0 - Intuit, Inc)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows 7 Upgrade Advisor (HKLM\...\{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}) (Version: 2.0.5000.0 - Microsoft Corporation)
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version: - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Management Framework Core (HKLM\...\KB968930) (Version: - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - )
WinPatrol (HKLM\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 33.5.2015.7 - Ruiware)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version: - )
XML Paper Specification Shared Components Pack 1.0 (Version: - Microsoft Corporation) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
28-04-2015 09:21:38 Software Distribution Service 3.0
29-04-2015 22:31:18 Software Distribution Service 3.0
30-04-2015 23:04:23 Software Distribution Service 3.0
06-05-2015 01:17:16 System Checkpoint
02-05-2015 08:58:14 Software Distribution Service 3.0
03-05-2015 09:27:03 Software Distribution Service 3.0
04-05-2015 21:59:44 Software Distribution Service 3.0
05-05-2015 23:53:38 Software Distribution Service 3.0
06-05-2015 10:19:09 Software Distribution Service 3.0
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2004-08-04 07:00 - 2004-08-04 07:00 - 00000734 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
==================== Loaded Modules (whitelisted) ==============
2012-05-14 21:58 - 2013-09-05 19:11 - 00049852 _____ () C:\WINDOWS\system32\pdf995mon.dll
2011-10-10 17:12 - 2008-09-16 20:18 - 00132608 _____ () C:\Program Files\WinRAR\rarext.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-1275210071-1035525444-1606980848-1003\...\ebay.com -> hxxp://www.ebay.com
IE restricted site: HKU\S-1-5-21-1275210071-1035525444-1606980848-1003\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1275210071-1035525444-1606980848-1003\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-1275210071-1035525444-1606980848-1003\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-1275210071-1035525444-1606980848-1003\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-1275210071-1035525444-1606980848-1003\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-1275210071-1035525444-1606980848-1003\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-1275210071-1035525444-1606980848-1003\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-1275210071-1035525444-1606980848-1003\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-1275210071-1035525444-1606980848-1003\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-1275210071-1035525444-1606980848-1003\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-1275210071-1035525444-1606980848-1003\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-1275210071-1035525444-1606980848-1003\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-1275210071-1035525444-1606980848-1003\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-1275210071-1035525444-1606980848-1003\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-1275210071-1035525444-1606980848-1003\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1275210071-1035525444-1606980848-1003\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-1275210071-1035525444-1606980848-1003\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-1275210071-1035525444-1606980848-1003\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-1275210071-1035525444-1606980848-1003\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-1275210071-1035525444-1606980848-1003\...\100sexlinks.com -> 100sexlinks.com
There are 5146 more restricted sites.
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1275210071-1035525444-1606980848-1003\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.1.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Search.lnk => C:\WINDOWS\pss\Windows Search.lnkCommon Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: ctfmon.exe => C:\WINDOWS\system32\ctfmon.exe
MSCONFIG\startupreg: MSMSGS => "C:\Program Files\Messenger\msmsgs.exe" /background
MSCONFIG\startupreg: StacSysTray => C:\Program Files\SigmaTel\C-Major Audio\ControlPanel\StacSysTray.exe
==================== FirewallRules (whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
StandardProfile\AuthorizedApplications: [C:\Program Files\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe] => Enabled:ABBYY FineReader
StandardProfile\AuthorizedApplications: [C:\Documents and Settings\Owner\Local Settings\Application Data\LogMeIn Rescue Applet\LMIR0001.tmp\lmi_rescue.exe] => Enabled:LogMeIn Rescue
StandardProfile\AuthorizedApplications: [C:\WINDOWS\system32\dpvsetup.exe] => Enabled:Microsoft DirectPlay Voice Test
StandardProfile\AuthorizedApplications: [C:\WINDOWS\system32\rundll32.exe] => Enabled:Run a DLL as an App
StandardProfile\AuthorizedApplications: [C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe] => :LocalSubNet:Disabled:Intuit Update v4 Shared Downloads Server
StandardProfile\AuthorizedApplications: [C:\Program Files\Mozilla Firefox\firefox.exe] => Enabled:Firefox (C:\Program Files\Mozilla Firefox)
StandardProfile\GloballyOpenPorts: [5985:TCP] => Disabled:Windows Remote Management
StandardProfile\GloballyOpenPorts: [80:TCP] => Disabled:Windows Remote Management - Compatibility Mode (HTTP-In)
StandardProfile\GloballyOpenPorts: [1900:UDP] => :LocalSubNet:Disabled:@xpsp2res.dll,-22007
StandardProfile\GloballyOpenPorts: [2869:TCP] => :LocalSubNet:Disabled:@xpsp2res.dll,-22008
==================== Faulty Device Manager Devices =============
Name: 1394 Net Adapter
Description: 1394 Net Adapter
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: NIC1394
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (05/05/2015 11:54:42 PM) (Source: MPSampleSubmission) (EventID: 5000) (User: )
Description: EventType mptelemetry, P1 0x80508007, P2 mpupdateengine, P3 am bdd, P4 11.1.5020.0, P5 mpsigstub.exe, P6 4.4.304.0, P7 microsoft security essentials, P8 NIL, P9 mptelemetry0, P10 mptelemetry1.
Error: (05/05/2015 11:53:55 PM) (Source: MPSampleSubmission) (EventID: 5000) (User: )
Description: EventType mptelemetry, P1 unspecified, P2 hardeningtelemetry, P3 hardeningtelemetrydisablertp, P4 4.4.304.0, P5 unspecified, P6 unspecified, P7 unspecified, P8 NIL, P9 mptelemetry0, P10 mptelemetry1.
Error: (04/28/2015 09:23:12 AM) (Source: MPSampleSubmission) (EventID: 5000) (User: )
Description: EventType mptelemetry, P1 0x80508007, P2 mpupdateengine, P3 am delta, P4 11.1.5020.0, P5 mpsigstub.exe, P6 4.4.304.0, P7 microsoft security essentials, P8 NIL, P9 mptelemetry0, P10 mptelemetry1.
Error: (04/27/2015 07:45:15 PM) (Source: MPSampleSubmission) (EventID: 5000) (User: )
Description: EventType mptelemetry, P1 unspecified, P2 hardeningtelemetry, P3 hardeningtelemetrydisablertp, P4 4.4.304.0, P5 unspecified, P6 unspecified, P7 unspecified, P8 NIL, P9 mptelemetry0, P10 mptelemetry1.
Error: (04/27/2015 07:32:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application frst.exe, version 26.4.2015.0, faulting module frst.exe, version 26.4.2015.0, fault address 0x0001f09e.
Processing media-specific event for [frst.exe!ws!]
Error: (04/27/2015 07:32:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application plugin-container.exe, version 37.0.2.5583, faulting module mozalloc.dll, version 37.0.2.5583, fault address 0x00001aa1.
Processing media-specific event for [plugin-container.exe!ws!]
Error: (04/27/2015 08:30:06 AM) (Source: MPSampleSubmission) (EventID: 5000) (User: )
Description: EventType mptelemetry, P1 0x80070670, P2 patchapplication, P3 am bdd, P4 11.1.5020.0, P5 mpsigstub.exe, P6 4.4.304.0, P7 microsoft security essentials, P8 NIL, P9 mptelemetry0, P10 mptelemetry1.
Error: (04/27/2015 08:29:57 AM) (Source: MPSampleSubmission) (EventID: 5000) (User: )
Description: EventType mptelemetry, P1 0x80070670, P2 patchapplication, P3 am bdd, P4 11.1.5020.0, P5 mpsigstub.exe, P6 4.4.304.0, P7 microsoft security essentials, P8 NIL, P9 mptelemetry0, P10 mptelemetry1.
Error: (04/25/2015 09:34:41 PM) (Source: crypt32) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
Error: (04/25/2015 09:34:41 PM) (Source: crypt32) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
System errors:
=============
Error: (05/06/2015 10:02:12 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.197.1467.0
Update Source: %NT AUTHORITY59
Update Stage: 4.4.0304.00
Source Path: 4.4.0304.01
Signature Type: %NT AUTHORITY602
Update Type: %NT AUTHORITY604
User: NT AUTHORITY\SYSTEM
Current Engine Version: %NT AUTHORITY605
Previous Engine Version: %NT AUTHORITY606
Error code: %NT AUTHORITY607
Error description: %NT AUTHORITY608
Error: (05/06/2015 10:02:12 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.197.1467.0
Update Source: %NT AUTHORITY59
Update Stage: 4.4.0304.00
Source Path: 4.4.0304.01
Signature Type: %NT AUTHORITY602
Update Type: %NT AUTHORITY604
User: NT AUTHORITY\SYSTEM
Current Engine Version: %NT AUTHORITY605
Previous Engine Version: %NT AUTHORITY606
Error code: %NT AUTHORITY607
Error description: %NT AUTHORITY608
Error: (05/06/2015 01:16:44 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intuit Update Service v4 service terminated unexpectedly. It has done this 1 time(s).
Error: (05/06/2015 01:04:54 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
PCIIde
Error: (05/05/2015 11:55:53 PM) (Source: Windows Update Agent) (EventID: 20) (User: )
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.197.1590.0).
Error: (05/05/2015 11:54:45 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.197.1467.0
Update Source: %NT AUTHORITY59
Update Stage: 4.4.0304.00
Source Path: 4.4.0304.01
Signature Type: %NT AUTHORITY602
Update Type: %NT AUTHORITY604
User: NT AUTHORITY\SYSTEM
Current Engine Version: %NT AUTHORITY605
Previous Engine Version: %NT AUTHORITY606
Error code: %NT AUTHORITY607
Error description: %NT AUTHORITY608
Error: (05/05/2015 11:54:42 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
New Signature Version: 1.197.1590.0
Previous Signature Version: 1.197.1467.0
Update Source: %NT AUTHORITY15
Update Stage: 4.4.0304.00
Source Path: 4.4.0304.01
Signature Type: %NT AUTHORITY602
Update Type: %NT AUTHORITY604
User: NT AUTHORITY\SYSTEM
Current Engine Version: %NT AUTHORITY605
Previous Engine Version: %NT AUTHORITY606
Error code: %NT AUTHORITY607
Error description: %NT AUTHORITY608
Error: (05/05/2015 11:54:42 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
New Signature Version: 1.197.1590.0
Previous Signature Version: 1.197.1467.0
Update Source: %NT AUTHORITY15
Update Stage: 4.4.0304.00
Source Path: 4.4.0304.01
Signature Type: %NT AUTHORITY602
Update Type: %NT AUTHORITY604
User: NT AUTHORITY\SYSTEM
Current Engine Version: %NT AUTHORITY605
Previous Engine Version: %NT AUTHORITY606
Error code: %NT AUTHORITY607
Error description: %NT AUTHORITY608
Error: (05/05/2015 11:41:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intuit Update Service v4 service terminated unexpectedly. It has done this 1 time(s).
Error: (05/05/2015 11:41:57 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Intuit Update Service v4 service hung on starting.
Microsoft Office Sessions:
=========================
Error: (05/05/2015 11:54:42 PM) (Source: MPSampleSubmission) (EventID: 5000) (User: )
Description: mptelemetry0x80508007mpupdateengineam bdd11.1.5020.0mpsigstub.exe4.4.304.0microsoft security essentialsNILNILNIL
Error: (05/05/2015 11:53:55 PM) (Source: MPSampleSubmission) (EventID: 5000) (User: )
Description: mptelemetryunspecifiedhardeningtelemetryhardeningtelemetrydisablertp4.4.304.0unspecifiedunspecifiedunspecifiedNILNILNIL
Error: (04/28/2015 09:23:12 AM) (Source: MPSampleSubmission) (EventID: 5000) (User: )
Description: mptelemetry0x80508007mpupdateengineam delta11.1.5020.0mpsigstub.exe4.4.304.0microsoft security essentialsNILNILNIL
Error: (04/27/2015 07:45:15 PM) (Source: MPSampleSubmission) (EventID: 5000) (User: )
Description: mptelemetryunspecifiedhardeningtelemetryhardeningtelemetrydisablertp4.4.304.0unspecifiedunspecifiedunspecifiedNILNILNIL
Error: (04/27/2015 07:32:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: frst.exe26.4.2015.0frst.exe26.4.2015.00001f09e
Error: (04/27/2015 07:32:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe37.0.2.5583mozalloc.dll37.0.2.558300001aa1
Error: (04/27/2015 08:30:06 AM) (Source: MPSampleSubmission) (EventID: 5000) (User: )
Description: mptelemetry0x80070670patchapplicationam bdd11.1.5020.0mpsigstub.exe4.4.304.0microsoft security essentialsNILNILNIL
Error: (04/27/2015 08:29:57 AM) (Source: MPSampleSubmission) (EventID: 5000) (User: )
Description: mptelemetry0x80070670patchapplicationam bdd11.1.5020.0mpsigstub.exe4.4.304.0microsoft security essentialsNILNILNIL
Error: (04/25/2015 09:34:41 PM) (Source: crypt32) (EventID: 11) (User: )
Description: http://www.download....uthrootstl.cabArequired certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
Error: (04/25/2015 09:34:41 PM) (Source: crypt32) (EventID: 11) (User: )
Description: http://www.download....uthrootstl.cabArequired certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
==================== Memory info ===========================
Processor: Intel® Pentium® 4 CPU 3.00GHz
Percentage of memory in use: 40%
Total physical RAM: 2046.98 MB
Available physical RAM: 1212.66 MB
Total Pagefile: 3957.09 MB
Available Pagefile: 3286.46 MB
Total Virtual: 2047.88 MB
Available Virtual: 1944.51 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:37.25 GB) (Free:18.08 GB) NTFS ==>[Drive with boot components (Windows XP)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 37.3 GB) (Disk ID: FFFFFFFF)
Partition 1: (Active) - (Size=37.3 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Edited by joseph456, 06 May 2015 - 06:33 PM.