Hi everyone,
My computer has been fine till something happened this morning while browsing online newspapers.
It froze and now will start in safe mode but was taking so long for a normal start I cancelled that.
I have run one MBAM threat scan that found nothing, but other times I tried to run MBAM and other scans the scans were cancelling themselves after a few seconds. I cant open SuperAntispyware or MBAM now.
I have run a Comodo quick scan and found nothing. Comodo has an error that says defense is not working properly, but cant fix it by itself.
I restored to a system point from 2days ago but the computer still wont start in normal mode.
Here are my FRST results:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 20-07-2015
Ran by User (administrator) on USER-AEE4542569 on 25-07-2015 11:14:43
Running from C:\Documents and Settings\User\Desktop
Loaded Profiles: User & UpdatusUser (Available Profiles: User & UpdatusUser)
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 8 (Default browser: IE)
Boot Mode: Safe Mode (with Networking)
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware\mbam.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(COMODO) C:\Program Files\Comodo\COMODO Internet Security\cistray.exe
(COMODO) C:\Program Files\Comodo\COMODO Internet Security\cmdagent.exe
(COMODO) C:\Program Files\Comodo\COMODO Internet Security\cis.exe
(COMODO) C:\Program Files\Comodo\COMODO Internet Security\cavwp.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [20064872 2011-10-15] (Realtek Semiconductor Corp.)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] => RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [1982312 2013-03-15] ()
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-22] (Adobe Systems Incorporated)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-01-20] (Apple Inc.)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2015\avgui.exe [3730344 2015-07-10] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1361088 2015-06-10] (COMODO)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-01-20] (Apple Inc.)
HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k
HKU\S-1-5-21-1177238915-1123561945-1417001333-1004\...\Run: [bluebirds] => C:\Documents and Settings\User\Bluebirds\BlueBirds.exe [270336 2009-04-29] (LG Electronics)
HKU\S-1-5-21-1177238915-1123561945-1417001333-1004\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6715160 2015-07-10] (SUPERAntiSpyware)
HKU\S-1-5-21-1177238915-1123561945-1417001333-1004\...\Run: [AVG-Secure-Search-Update_0913b] => C:\Documents and Settings\User\Application Data\AVG 0913b Campaign\AVG-Secure-Search-Update-0913b.exe /PROMPT --mid 5ac8033af26a47d3bed9d16d675081d4-b020def64769dc8aa546c7c4903ee6ef14922b5b --CMPID 09 (the data entry has 3 more characters).
HKU\S-1-5-21-1177238915-1123561945-1417001333-1004\...\Run: [AVG-Secure-Search-Update_1213b] => C:\Documents and Settings\User\Application Data\AVG 1213b Campaign\AVG-Secure-Search-Update-1213b.exe /PROMPT /mid=5ac8033af26a47d3bed9d16d675081d4-b020def64769dc8aa546c7c4903ee6ef14922b5b /CMPID=1213 (the data entry has 1 more characters).
HKU\S-1-5-21-1177238915-1123561945-1417001333-1004\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [22066272 2014-10-01] (Skype Technologies S.A.)
HKU\S-1-5-21-1177238915-1123561945-1417001333-1004\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6405912 2015-07-13] (Piriform Ltd)
HKU\S-1-5-18\...\Run: [Google Update] => C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [116648 2015-06-05] (Google Inc.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Cordless DUALphone Startup.lnk [2013-06-02]
ShortcutTarget: Cordless DUALphone Startup.lnk -> C:\Program Files\Cordless USB Phone\Cordless DUALphone Suite.exe (RTX Products A/S)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\User\Application Data\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\User\Application Data\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\User\Application Data\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\User\Application Data\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
BootExecute: autocheck autochk * C:\PROGRA~1\AVG\AVG2015\avgrsx.exe /sync /restart
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-1177238915-1123561945-1417001333-1004\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.theage.com.au/
URLSearchHook: [S-1-5-21-1177238915-1123561945-1417001333-1005] ATTENTION ==> Default URLSearchHook is missing.
SearchScopes: HKU\S-1-5-21-1177238915-1123561945-1417001333-1004 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1177238915-1123561945-1417001333-1004 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL =
https://mysearch.avg...fr&d=2015-02-2809:16:50&v=4.1.0.411&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-27] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-27] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-1177238915-1123561945-1417001333-1004 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [115440 2013-05-08] (SuperAdBlocker.com)
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{AF763B9B-69E6-402F-B120-6D1D412660C7}: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\13bn0w1f.default-1428713209031
FF Homepage: news.com.au
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-22] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2013-12-18] ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2014-01-07] (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-27] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-27] (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-04-15] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-06] (Adobe Systems Inc.)
FF Plugin HKU\.DEFAULT: @tools.google.com/Google Update;version=3 -> C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Google\Update\1.3.22.3\npGoogleUpdate3.dll [2015-06-05] (Google Inc.)
FF Plugin HKU\.DEFAULT: @tools.google.com/Google Update;version=9 -> C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Google\Update\1.3.22.3\npGoogleUpdate3.dll [2015-06-05] (Google Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\wtu-secure-search.xml [2015-02-28]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-05-24]
Chrome:
=======
CHR Profile: C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (Chrome Hotword Shared Module) - C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-10]
CHR Extension: (Google Wallet) - C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-25]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2014-08-15] (SUPERAntiSpyware.com)
S2 AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [3518376 2015-07-10] (AVG Technologies CZ, s.r.o.)
S2 avgwd; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [314304 2015-07-10] (AVG Technologies CZ, s.r.o.)
S2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [4352816 2015-06-10] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [1664704 2015-06-10] (COMODO)
S2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative)
S1 Avgdiskx; C:\WINDOWS\System32\DRIVERS\avgdiskx.sys [132576 2015-05-15] (AVG Technologies CZ, s.r.o.)
S1 AVGIDSDriverl; C:\WINDOWS\System32\DRIVERS\avgidsdriverlx.sys [217008 2015-07-10] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [190944 2015-05-12] (AVG Technologies CZ, s.r.o.)
S1 AVGIDSShim; C:\WINDOWS\System32\DRIVERS\avgidsshimx.sys [29664 2015-05-22] (AVG Technologies CZ, s.r.o.)
S1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [207328 2015-07-10] (AVG Technologies CZ, s.r.o.)
S0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [290272 2015-05-22] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [170464 2015-07-10] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [35808 2015-05-15] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\WINDOWS\System32\DRIVERS\avgtdix.sys [213984 2015-05-12] (AVG Technologies CZ, s.r.o.)
S3 BrScnUsb; C:\WINDOWS\System32\DRIVERS\BrScnUsb.sys [15295 2010-01-20] (Brother Industries Ltd.)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [15552 2015-06-05] (COMODO)
S1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [627008 2015-06-05] (COMODO)
S3 LVHybrid; C:\WINDOWS\System32\DRIVERS\LVHybrid.sys [1000064 2005-04-27] (Animation Technologies Inc.)
R2 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [121560 2015-06-18] (Malwarebytes Corporation)
S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [98520 2015-07-25] (Malwarebytes Corporation)
S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.)
S3 MPE; C:\WINDOWS\System32\DRIVERS\MPE.sys [15232 2008-04-14] (Microsoft Corporation)
S1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-23] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-13] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 WsAudio_DeviceS(1); C:\WINDOWS\System32\drivers\WsAudio_DeviceS(1).sys [25704 2015-03-08] (Wondershare)
S3 WsAudio_DeviceS(2); C:\WINDOWS\System32\drivers\WsAudio_DeviceS(2).sys [25704 2015-03-08] (Wondershare)
S3 WsAudio_DeviceS(3); C:\WINDOWS\System32\drivers\WsAudio_DeviceS(3).sys [25704 2015-03-08] (Wondershare)
S3 WsAudio_DeviceS(4); C:\WINDOWS\System32\drivers\WsAudio_DeviceS(4).sys [25704 2015-03-08] (Wondershare)
S3 WsAudio_DeviceS(5); C:\WINDOWS\System32\drivers\WsAudio_DeviceS(5).sys [25704 2015-03-08] (Wondershare)
S4 IntelIde; No ImagePath
S3 motmodem; system32\DRIVERS\motmodem.sys [X]
U1 WS2IFSL; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-25 11:14 - 2015-07-25 11:14 - 00016331 _____ C:\Documents and Settings\User\Desktop\FRST.txt
2015-07-25 11:14 - 2015-07-25 11:14 - 00000000 ____D C:\FRST
2015-07-25 11:11 - 2015-07-25 11:11 - 01638912 _____ (Farbar) C:\Documents and Settings\User\Desktop\FRST.exe
2015-07-25 11:02 - 2015-07-25 11:02 - 00145209 _____ C:\Documents and Settings\User\My Documents\CisReport_x86_v8.2.0.4591_20150725-110215.zip
2015-07-25 10:48 - 2015-07-25 10:48 - 00000000 ____D C:\Program Files\malwarebytes regassassin
2015-07-25 09:37 - 2015-07-25 09:37 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Application Data\Avg2015
2015-07-25 09:37 - 2015-07-25 09:37 - 00000000 ____D C:\Documents and Settings\Administrator\Application Data\SUPERAntiSpyware.com
2015-07-25 09:34 - 2015-07-25 09:34 - 00144053 _____ C:\Documents and Settings\Administrator\My Documents\CisReport_x86_v8.2.0.4591_20150725-093411.zip
2015-07-25 09:26 - 2015-07-25 09:26 - 00000000 ____D C:\Documents and Settings\Administrator\PrivacIE
2015-07-25 09:26 - 2015-07-24 23:25 - 00144260 _____ C:\Documents and Settings\Administrator\Desktop\CisReport_x86_v8.2.0.4591_20150725-092505.xml
2015-07-25 09:26 - 2015-07-24 23:25 - 00108008 _____ C:\Documents and Settings\Administrator\Desktop\CisTrace_x86_v8.2.0.4591_20150725-092505.evtx
2015-07-25 09:26 - 2015-01-17 11:24 - 00234959 _____ C:\Documents and Settings\Administrator\Desktop\cmdagent.exe_x86_8.0.0.4344_20150117_222408.dmp
2015-07-25 09:26 - 2014-12-13 11:11 - 00237257 _____ C:\Documents and Settings\Administrator\Desktop\cmdagent.exe_x86_8.0.0.4344_20141213_221110.dmp
2015-07-25 09:26 - 2013-05-27 12:31 - 00131264 _____ C:\Documents and Settings\Administrator\Desktop\cmdagent.exe_6.1.275152.2801_20130527_223150.dmp
2015-07-25 09:25 - 2015-07-25 09:25 - 00143621 _____ C:\Documents and Settings\Administrator\Desktop\CisReport_x86_v8.2.0.4591_20150725-092449.zip
2015-07-25 09:25 - 2015-07-25 09:25 - 00000000 ____D C:\Documents and Settings\Administrator\Application Data\WinRAR
2015-07-25 09:22 - 2015-07-25 09:22 - 00048056 _____ C:\Documents and Settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2015-07-25 09:19 - 2015-07-25 09:46 - 00000000 ___SD C:\Documents and Settings\Administrator
2015-07-25 09:19 - 2015-07-25 09:19 - 00000000 ____D C:\Documents and Settings\Administrator\IETldCache
2015-07-11 21:35 - 2015-07-11 22:09 - 00000000 ____D C:\Documents and Settings\User\Desktop\behemoth
2015-07-11 21:31 - 2015-07-11 21:31 - 00000303 _____ C:\Documents and Settings\User\Desktop\behemoth setlist.txt
2015-07-04 22:32 - 2015-07-04 22:34 - 00000000 ____D C:\Documents and Settings\User\My Documents\orchid docs
2015-07-04 22:16 - 2015-07-04 22:18 - 00000000 ____D C:\Documents and Settings\User\My Documents\ORCHID ARTICE
2015-07-04 22:09 - 2015-07-04 22:09 - 00000000 ____D C:\Documents and Settings\User\Start Menu\Programs\e-tax 2015
2015-07-04 22:09 - 2015-07-04 22:09 - 00000000 ____D C:\Documents and Settings\User\Local Settings\Application Data\etax2015
2015-07-04 22:07 - 2015-07-15 07:13 - 00000000 ____D C:\Documents and Settings\User\My Documents\etax 14 15
2015-07-03 23:06 - 2015-07-04 09:26 - 00000000 ____D C:\Program Files\Mozilla Firefox
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-25 11:14 - 2013-05-14 15:01 - 00000000 ____D C:\Documents and Settings\User\Local Settings\Temp
2015-07-25 10:19 - 2014-05-25 08:39 - 00098520 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-07-25 10:16 - 2013-05-14 15:01 - 00000178 ___SH C:\Documents and Settings\User\ntuser.ini
2015-07-25 10:16 - 2013-05-14 14:54 - 01367333 _____ C:\WINDOWS\WindowsUpdate.log
2015-07-25 10:04 - 2013-05-14 21:34 - 00000440 _____ C:\WINDOWS\Tasks\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9}.job
2015-07-25 10:00 - 2013-05-14 21:32 - 01474832 _____ C:\WINDOWS\system32\Drivers\sfi.dat
2015-07-25 09:51 - 2013-05-18 07:05 - 00000159 _____ C:\WINDOWS\wiadebug.log
2015-07-25 09:51 - 2013-05-18 07:05 - 00000050 _____ C:\WINDOWS\wiaservc.log
2015-07-25 09:51 - 2013-05-14 15:00 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-07-25 09:48 - 2013-05-14 15:00 - 00000000 __SHD C:\Documents and Settings\LocalService
2015-07-25 09:48 - 2013-05-14 14:59 - 00000000 __SHD C:\Documents and Settings\NetworkService
2015-07-25 09:48 - 2013-05-14 14:52 - 00000000 ____D C:\WINDOWS\Registration
2015-07-25 09:47 - 2013-05-14 15:35 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\MFAData
2015-07-25 09:41 - 2013-05-14 22:32 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2015-07-25 08:53 - 2013-07-01 08:01 - 00000000 ____D C:\Documents and Settings\User\Application Data\Skype
2015-07-25 08:49 - 2013-05-14 21:34 - 00000440 _____ C:\WINDOWS\Tasks\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}.job
2015-07-25 08:49 - 2013-05-14 21:34 - 00000440 _____ C:\WINDOWS\Tasks\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}.job
2015-07-25 08:49 - 2013-05-14 21:34 - 00000440 _____ C:\WINDOWS\Tasks\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22}.job
2015-07-25 08:48 - 2014-03-15 20:36 - 00000220 _____ C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2015-07-25 08:48 - 2013-05-14 19:08 - 00000882 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-25 08:40 - 2015-06-05 06:23 - 00000998 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-18UA.job
2015-07-25 08:40 - 2013-05-14 19:08 - 00000886 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-25 07:53 - 2013-05-14 15:20 - 00014434 _____ C:\WINDOWS\system32\nvAppTimestamps
2015-07-25 07:24 - 2008-04-14 22:00 - 00013646 _____ C:\WINDOWS\system32\wpa.dbl
2015-07-24 23:56 - 2013-05-14 15:00 - 00032534 _____ C:\WINDOWS\SchedLgU.Txt
2015-07-24 06:28 - 2015-06-05 06:23 - 00000946 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-18Core.job
2015-07-23 22:53 - 2013-05-14 19:21 - 00131072 _____ C:\WINDOWS\system32\config\OAlerts.evt
2015-07-22 07:07 - 2013-05-14 22:22 - 00778416 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-07-22 07:07 - 2013-05-14 22:22 - 00142512 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-07-22 00:39 - 2013-05-15 18:26 - 00000000 ____D C:\Documents and Settings\User\My Documents\Correspondence
2015-07-21 15:35 - 2013-06-06 20:58 - 00000000 ____D C:\Documents and Settings\User\Local Settings\Application Data\Paint.NET
2015-07-19 23:40 - 2013-08-13 22:49 - 00000000 ____D C:\Documents and Settings\User\My Documents\jpegs
2015-07-18 22:29 - 2013-06-17 01:07 - 00000000 ____D C:\Documents and Settings\User\My Documents\recipes
2015-07-18 21:05 - 2013-05-14 15:28 - 00000284 _____ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2015-07-16 01:30 - 2013-05-14 19:18 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Microsoft Help
2015-07-15 07:31 - 2013-08-15 01:10 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-07-14 06:22 - 2013-05-14 22:55 - 00000000 ____D C:\Documents and Settings\User\Desktop\shortcuts
2015-07-13 06:29 - 2013-06-01 07:17 - 00000000 ____D C:\WINDOWS\Minidump
2015-07-13 06:25 - 2013-05-14 22:34 - 00000000 ____D C:\Program Files\CCleaner
2015-07-12 09:34 - 2014-08-22 16:10 - 00000000 ____D C:\Documents and Settings\User\Local Settings\Application Data\Adobe
2015-07-10 08:59 - 2014-06-17 16:17 - 00217008 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidsdriverlx.sys
2015-07-10 08:59 - 2014-04-01 07:05 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\AVG
2015-07-10 08:58 - 2013-02-08 04:37 - 00207328 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgldx86.sys
2015-07-10 08:58 - 2013-02-08 04:37 - 00170464 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgmfx86.sys
2015-07-08 16:08 - 2014-03-15 20:36 - 00000214 _____ C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2015-07-05 07:57 - 2014-04-06 10:01 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-07-04 22:34 - 2014-10-18 10:27 - 00000000 ____D C:\Documents and Settings\User\Desktop\new photo folder 181014
2015-07-04 22:32 - 2015-05-24 14:58 - 00000000 ____D C:\Documents and Settings\User\Desktop\restaurants
2015-07-04 22:24 - 2014-11-02 09:32 - 00000000 ____D C:\Documents and Settings\User\My Documents\jordys
2015-07-03 08:49 - 2013-05-14 16:04 - 127070192 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-07-02 06:19 - 2013-05-14 15:00 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\Temp
==================== Files in the root of some directories =======
2013-05-19 20:34 - 2015-06-21 13:20 - 0011776 _____ () C:\Documents and Settings\User\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End of log ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 20-07-2015
Ran by User at 2015-07-25 11:15:19
Running from C:\Documents and Settings\User\Desktop
Boot Mode: Safe Mode (with Networking)
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1177238915-1123561945-1417001333-500 - Administrator - Enabled)
ASPNET (S-1-5-21-1177238915-1123561945-1417001333-1006 - Limited - Enabled)
Guest (S-1-5-21-1177238915-1123561945-1417001333-501 - Limited - Disabled)
HelpAssistant (S-1-5-21-1177238915-1123561945-1417001333-1000 - Limited - Disabled)
SUPPORT_388945a0 (S-1-5-21-1177238915-1123561945-1417001333-1002 - Limited - Disabled)
UpdatusUser (S-1-5-21-1177238915-1123561945-1417001333-1005 - Limited - Enabled) => %SystemDrive%\Documents and Settings\UpdatusUser
User (S-1-5-21-1177238915-1123561945-1417001333-1004 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\User
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: COMODO Antivirus (Enabled - Up to date) {043803A5-4F86-4ef7-AFC5-F6E02A79969B}
AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 17 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Aimersoft Music Converter(Build 1.4.3.0) (HKLM\...\Aimersoft Music Converter_is1) (Version: - Aimersoft Software)
Apple Application Support (HKLM\...\{A922C4B7-50E0-4787-A94C-59DBF3C65DBE}) (Version: 3.0 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{10E3A6DD-84D8-4D8A-BB11-5E5314BCA7FD}) (Version: 7.1.0.32 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.6081 - AVG Technologies)
AVG 2015 (Version: 15.0.4392 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.6081 - AVG Technologies) Hidden
Battle.net (HKLM\...\Battle.net) (Version: - Blizzard Entertainment)
BitTorrent (HKLM\...\BitTorrent) (Version: 7.8.0.29676 - BitTorrent Inc.)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform)
COMODO Antivirus (HKLM\...\{F1EC4151-805B-4097-B9BB-7D71A417AAF1}) (Version: 6.1.14723.2813 - COMODO Security Solutions Inc.)
Cordless DUALphone Suite (HKLM\...\UcpHost_is1) (Version: - RTX Products A/S)
Corel PaintShop Pro X5 (HKLM\...\_{1563C6F2-E9B5-42DE-9EA6-207C9A8C2DFB}) (Version: 15.0.0.183 - Corel Corporation)
Corel PaintShop Pro X5 (Version: 15.0.0.183 - Corel Corporation) Hidden
Curse Client (HKU\S-1-5-21-1177238915-1123561945-1417001333-1004\...\101a9f93b8f0bb6f) (Version: 5.1.1.792 - Curse)
Dropbox (HKU\S-1-5-21-1177238915-1123561945-1417001333-1004\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.)
e-tax 2013 (HKLM\...\{FFF14233-FE39-4671-A38E-76FD8F24A879}) (Version: 0.10.558 - Australian Taxation Office)
e-tax 2014 (HKLM\...\{42D5C0B2-A309-4F84-9BD7-5DDDFE6C09E1}) (Version: 2.8.758 - Australian Taxation Office)
e-tax 2015 (HKLM\...\{9D19C250-CE9A-4BF0-91C8-031665D54D16}) (Version: 2.7.488 - Australian Taxation Office)
Google Chrome (HKLM\...\Google Chrome) (Version: 44.0.2403.89 - Google Inc.)
Google Photos Backup (HKU\.DEFAULT\...\Google Photos Backup) (Version: 1.1.0.239 - Google, Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.28.1 - Google Inc.) Hidden
Google+ Auto Backup (HKLM\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
ICA (Version: 15.0.0.183 - Corel Corporation) Hidden
IPM_PSP_COM (Version: 15.0.0.183 - Corel Corporation) Hidden
iTunes (HKLM\...\{616445AF-BBCF-41C1-A4D6-8CFF171C182D}) (Version: 11.1.4.62 - Apple Inc.)
Java 8 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
MakeMKV v1.8.10 (HKLM\...\MakeMKV) (Version: v1.8.10 - GuinpinSoft inc)
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version: - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Calculator Plus (HKLM\...\{83073C45-3003-4671-9A86-243AAADD915A}) (Version: 1.0.0 - Microsoft)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 39.0 (x86 en-US) (HKLM\...\Mozilla Firefox 39.0 (x86 en-US)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NavDesk 7.50 (HKLM\...\{AB756389-9A03-44f3-ABAF-3699C01B4868}-Navman-7.50) (Version: 7.50.0111.133 - Navman Technology NZ Limited)
NVIDIA Graphics Driver 314.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 314.22 - NVIDIA Corporation)
NVIDIA nView 136.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 136.53 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Update 1.12.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.12.12 - NVIDIA Corporation)
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1BF}) (Version: 3.60.0 - dotPDN LLC)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PSPPContent (Version: 15.0.0.183 - Corel Corporation) Hidden
PSPPHelp (Version: 15.0.0.183 - Corel Corporation) Hidden
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.6482 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Setup (Version: 15.0.0.183 - Corel Corporation) Hidden
Skype™ 6.21 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.6.1018 - SUPERAntiSpyware.com)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.0.6 (HKLM\...\VLC media player) (Version: 2.0.6 - VideoLAN)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray (HKLM\...\KB952011) (Version: 1.0 - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version: - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - )
Windows PowerShell 1.0 (HKLM\...\KB926139-v2) (Version: 2 - Microsoft Corporation)
WinRAR 4.20 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
World of Warcraft (HKLM\...\World of Warcraft) (Version: - Blizzard Entertainment)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1177238915-1123561945-1417001333-1004_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Documents and Settings\User\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1177238915-1123561945-1417001333-1004_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-1177238915-1123561945-1417001333-1004_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-1177238915-1123561945-1417001333-1004_Classes\CLSID\{43fda345-3097-4473-900d-b54befda750b}\InprocServer32 -> C:\WINDOWS\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177238915-1123561945-1417001333-1004_Classes\CLSID\{BB6410D8-F879-4184-9C5C-6A02D16AE0B3}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-1177238915-1123561945-1417001333-1004_Classes\CLSID\{CA1073A2-5F3F-4445-8E5E-7109BDCEDDBE}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-1177238915-1123561945-1417001333-1004_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-1177238915-1123561945-1417001333-1004_Classes\CLSID\{D5A55D2D-C59D-42C3-A5BF-4C08EEE74339}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-1177238915-1123561945-1417001333-1004_Classes\CLSID\{E69341A3-E6D2-4175-B60C-C9D3D6FA40F6}\localserver32 -> C:\Documents and Settings\User\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1177238915-1123561945-1417001333-1004_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\User\Application Data\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1177238915-1123561945-1417001333-1004_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\User\Application Data\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1177238915-1123561945-1417001333-1004_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\User\Application Data\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1177238915-1123561945-1417001333-1004_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\User\Application Data\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
==================== Restore Points =========================
25-04-2015 19:33:46 System Checkpoint
26-04-2015 19:33:54 System Checkpoint
27-04-2015 19:47:50 System Checkpoint
28-04-2015 19:54:20 System Checkpoint
30-04-2015 06:20:38 System Checkpoint
01-05-2015 07:13:57 System Checkpoint
02-05-2015 07:44:52 System Checkpoint
03-05-2015 08:51:43 System Checkpoint
04-05-2015 08:55:54 System Checkpoint
05-05-2015 10:21:38 System Checkpoint
06-05-2015 16:11:29 System Checkpoint
07-05-2015 16:14:38 System Checkpoint
09-05-2015 07:23:51 System Checkpoint
10-05-2015 12:13:01 System Checkpoint
11-05-2015 13:37:33 System Checkpoint
12-05-2015 13:38:07 System Checkpoint
13-05-2015 06:03:04 Software Distribution Service 3.0
14-05-2015 06:45:57 System Checkpoint
15-05-2015 07:17:33 System Checkpoint
16-05-2015 07:48:33 System Checkpoint
17-05-2015 08:39:11 System Checkpoint
18-05-2015 10:09:43 System Checkpoint
19-05-2015 11:58:08 System Checkpoint
20-05-2015 12:33:15 System Checkpoint
21-05-2015 14:45:47 System Checkpoint
22-05-2015 15:14:24 System Checkpoint
23-05-2015 18:34:57 System Checkpoint
24-05-2015 21:23:34 System Checkpoint
25-05-2015 21:44:22 System Checkpoint
27-05-2015 06:23:00 System Checkpoint
28-05-2015 06:26:26 System Checkpoint
29-05-2015 07:05:37 System Checkpoint
30-05-2015 07:39:03 System Checkpoint
31-05-2015 12:56:17 System Checkpoint
01-06-2015 17:35:04 System Checkpoint
02-06-2015 18:24:02 System Checkpoint
03-06-2015 21:06:29 System Checkpoint
04-06-2015 23:03:02 System Checkpoint
05-06-2015 23:33:39 System Checkpoint
07-06-2015 00:21:39 System Checkpoint
08-06-2015 08:36:34 System Checkpoint
09-06-2015 08:48:09 System Checkpoint
10-06-2015 12:04:11 System Checkpoint
10-06-2015 17:04:09 Software Distribution Service 3.0
11-06-2015 19:52:41 System Checkpoint
13-06-2015 07:39:36 System Checkpoint
14-06-2015 09:16:04 System Checkpoint
15-06-2015 10:34:23 System Checkpoint
16-06-2015 10:48:11 System Checkpoint
17-06-2015 10:53:28 System Checkpoint
18-06-2015 11:13:20 System Checkpoint
19-06-2015 11:42:41 System Checkpoint
20-06-2015 12:41:50 System Checkpoint
21-06-2015 13:48:13 System Checkpoint
22-06-2015 14:08:45 System Checkpoint
23-06-2015 14:38:19 System Checkpoint
24-06-2015 15:03:03 System Checkpoint
26-06-2015 07:02:50 System Checkpoint
27-06-2015 12:16:37 System Checkpoint
28-06-2015 12:26:42 System Checkpoint
29-06-2015 13:10:04 System Checkpoint
30-06-2015 13:28:52 System Checkpoint
01-07-2015 13:57:06 System Checkpoint
02-07-2015 18:29:50 System Checkpoint
03-07-2015 18:57:45 System Checkpoint
04-07-2015 22:09:16 Installed e-tax 2015
06-07-2015 11:05:14 System Checkpoint
07-07-2015 11:08:55 System Checkpoint
08-07-2015 11:30:54 System Checkpoint
09-07-2015 11:51:25 System Checkpoint
10-07-2015 12:21:38 System Checkpoint
11-07-2015 13:34:17 System Checkpoint
12-07-2015 13:55:16 System Checkpoint
13-07-2015 16:59:34 System Checkpoint
14-07-2015 17:27:49 System Checkpoint
15-07-2015 07:15:56 Software Distribution Service 3.0
16-07-2015 01:29:54 Software Distribution Service 3.0
17-07-2015 07:10:33 System Checkpoint
18-07-2015 10:16:36 System Checkpoint
19-07-2015 11:02:44 System Checkpoint
20-07-2015 14:05:44 System Checkpoint
21-07-2015 14:42:34 System Checkpoint
22-07-2015 16:01:25 System Checkpoint
23-07-2015 21:50:30 System Checkpoint
25-07-2015 09:45:01 Restore Operation
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2008-04-14 22:00 - 2008-04-14 22:00 - 00000734 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9}.job => 0x010501009E45306A4BEBEF45B9F79DDA44D2743F46008601000000003C000500200000000014730F0000000000130400F0008021DF0707000600190009003B000800BF0201003E0043003A005C00500072006F006700720061006D002000460069006C00650073005C0043004F004D004F0044004F005C0043004F004D004F0044004F00200049006E007400650072006E00650074002000530065006300750072006900740079005C0063006600700063006F006E00660067002E00650078006500000038002D002D006C00610075006E00630068005300630068006500640075006C00650020007B00300046004200370037003600370034002D0037003900300035002D0034004600330034002D0041003300360032002D004300350041003900410032003600460038004300460039007D00000000001F0043004F004D004F0044004F00200053006500630075007200690074007900200053006F006C007500740069006F006E007300200049006E0063002E0000000000000008000000000000000000010030000000DF07070019000000000000000800310000000000000000000000000005000000010000000000000000000000
Task: C:\WINDOWS\Tasks\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22}.job => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: C:\WINDOWS\Tasks\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}.job => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: C:\WINDOWS\Tasks\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}.job => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-18Core.job => C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-18UA.job => C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe
==================== Loaded Modules (Whitelisted) ==============
2008-04-14 22:00 - 2008-04-14 22:00 - 00059904 _____ () C:\WINDOWS\system32\devenum.dll
2008-04-14 22:00 - 2008-04-14 22:00 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2013-04-15 18:39 - 2015-01-09 08:02 - 00061152 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav
2015-07-22 11:29 - 2015-07-14 15:55 - 16308040 _____ () C:\Program Files\Google\Chrome\Application\44.0.2403.89\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\WINDOWS\system32\FlashPlayerApp.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\java.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\javaw.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\javaws.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\ksproxy.ax:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\WS_ATLMovie.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\avgdiskx.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\avgidsdriverlx.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\avgidsshimx.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\avgldx86.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\avglogx.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\avgmfx86.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\avgrkx86.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\WsAudio_DeviceS(1).sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\WsAudio_DeviceS(2).sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\WsAudio_DeviceS(3).sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\WsAudio_DeviceS(4).sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\WsAudio_DeviceS(5).sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\dllcache\ksproxy.ax:$CmdTcID
AlternateDataStreams: C:\Documents and Settings\User\Desktop\slc-elusive-dream-peace-am-aoc.jpg:$CmdZnID
AlternateDataStreams: C:\Documents and Settings\User\My Documents\dendrobium-collection.htm:$CmdZnID
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1177238915-1123561945-1417001333-1004\Control Panel\Desktop\\Wallpaper -> C:\Documents and Settings\User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
HKU\S-1-5-21-1177238915-1123561945-1417001333-1005\Control Panel\Desktop\\Wallpaper -> (None)
DNS Servers: 192.168.1.1
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
StandardProfile\AuthorizedApplications: [C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe] => Enabled:Daemonu.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Bonjour\mDNSResponder.exe] => Enabled:Bonjour Service
StandardProfile\AuthorizedApplications: [C:\Program Files\AVG\AVG2013\avgmfapx.exe] => Enabled:AVG Installer
StandardProfile\AuthorizedApplications: [C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE] => Enabled:Microsoft OneNote
StandardProfile\AuthorizedApplications: [C:\Documents and Settings\All Users\Application Data\Battle.net\Agent\Agent.1544\Agent.exe] => Enabled:Battle.net Update Agent
StandardProfile\AuthorizedApplications: [C:\Documents and Settings\All Users\Application Data\Battle.net\Agent\Agent.1737\Agent.exe] => Enabled:Battle.net Update Agent
StandardProfile\AuthorizedApplications: [C:\Documents and Settings\User\Local Settings\Apps\2.0\T7NQ2MJ9.TRH\6C3DWODV.WAX\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\CurseClient.exe] => Enabled:Curse Client 4.0
StandardProfile\AuthorizedApplications: [C:\Program Files\bittorent\BitTorrent.exe] => Enabled:BitTorrent
StandardProfile\AuthorizedApplications: [C:\Program Files\Skype\Plugin Manager\skypePM.exe] => Enabled:Skype Extras Manager
StandardProfile\AuthorizedApplications: [C:\Documents and Settings\User\Application Data\Dropbox\bin\Dropbox.exe] => Enabled:Dropbox
StandardProfile\AuthorizedApplications: [C:\Documents and Settings\All Users\Application Data\Battle.net\Agent\Agent.2045\Agent.exe] => Enabled:Battle.net Update Agent
StandardProfile\AuthorizedApplications: [C:\Documents and Settings\All Users\Application Data\Battle.net\Agent\Agent.2328\Agent.exe] => Enabled:Battle.net Update Agent
StandardProfile\AuthorizedApplications: [C:\Documents and Settings\All Users\Application Data\Battle.net\Agent\Agent.2380\Agent.exe] => Enabled:Battle.net Update Agent
StandardProfile\AuthorizedApplications: [C:\Program Files\iTunes\iTunes.exe] => Enabled:iTunes
StandardProfile\AuthorizedApplications: [C:\Program Files\Google\Chrome\Application\chrome.exe] => Enabled:Google Chrome
StandardProfile\AuthorizedApplications: [C:\Program Files\AVG\AVG2014\avgmfapx.exe] => Enabled:AVG Installer
StandardProfile\AuthorizedApplications: [C:\Documents and Settings\All Users\Application Data\Battle.net\Agent\Agent.2717\Agent.exe] => Enabled:Battle.net Update Agent
StandardProfile\AuthorizedApplications: [C:\Documents and Settings\All Users\Application Data\Battle.net\Agent\Agent.3322\Agent.exe] => Enabled:Battle.net Update Agent
StandardProfile\AuthorizedApplications: [C:\Program Files\Battle.net\Battle.net.exe] => Enabled:Battle.net
StandardProfile\AuthorizedApplications: [C:\Program Files\Skype\Phone\Skype.exe] => Enabled:Skype
StandardProfile\AuthorizedApplications: [C:\Documents and Settings\All Users\Application Data\Battle.net\Agent\Agent.3427\Agent.exe] => Enabled:Battle.net Update Agent
StandardProfile\AuthorizedApplications: [C:\Documents and Settings\All Users\Application Data\Battle.net\Agent\Agent.3478\Agent.exe] => Enabled:Battle.net Update Agent
StandardProfile\AuthorizedApplications: [C:\Documents and Settings\All Users\Application Data\Battle.net\Agent\Agent.3526\Agent.exe] => Enabled:Battle.net Update Agent
StandardProfile\AuthorizedApplications: [C:\Documents and Settings\All Users\Application Data\Battle.net\Agent\Agent.3634\Agent.exe] => Enabled:Battle.net Update Agent
StandardProfile\AuthorizedApplications: [C:\Program Files\AVG\AVG2015\avgmfapx.exe] => Enabled:AVG Installer
StandardProfile\AuthorizedApplications: [C:\Program Files\Mozilla Firefox\firefox.exe] => Enabled:Firefox (C:\Program Files\Mozilla Firefox)
StandardProfile\AuthorizedApplications: [C:\Program Files\AVG\AVG2015\avgnsx.exe] => Enabled:Online Shield
StandardProfile\AuthorizedApplications: [C:\Program Files\AVG\AVG2015\avgdiagex.exe] => Enabled:AVG Diagnostics 2015
StandardProfile\AuthorizedApplications: [C:\Program Files\AVG\AVG2015\avgemcx.exe] => Enabled:Personal Email Scanner
StandardProfile\GloballyOpenPorts: [1900:UDP] => :LocalSubNet:Disabled:@xpsp2res.dll,-22007
StandardProfile\GloballyOpenPorts: [2869:TCP] => :LocalSubNet:Disabled:@xpsp2res.dll,-22008
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/25/2015 08:49:04 AM) (Source: Application Error) (EventID: 1004) (User: )
Description: Faulting application mbamservice.exe, version 0.0.0.0, faulting module unknown, version 0.0.0.0, fault address 0x00000000.
Error in creating result PEAP-TLV in response to received PEAP-TLV (mbamservice.exe!ld!)
Error: (07/25/2015 08:44:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application , version 0.0.0.0, faulting module unknown, version 0.0.0.0, fault address 0x00000000.
Processing media-specific event for [!ws!]
Error: (07/25/2015 08:29:15 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application mbamservice.exe, version 3.2.13.0, faulting module mbamservice.exe, version 3.2.13.0, fault address 0x00006008.
Processing media-specific event for [mbamservice.exe!ws!]
Error: (07/21/2015 02:20:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application explorer.exe, version 6.0.2900.5512, faulting module comctl32.dll, version 6.0.2900.6028, fault address 0x0004dbe4.
Processing media-specific event for [explorer.exe!ws!]
Error: (07/21/2015 02:14:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application drwtsn32.exe, version 5.1.2600.0, faulting module dbghelp.dll, version 5.1.2600.5512, fault address 0x0001295d.
Processing media-specific event for [drwtsn32.exe!ws!]
Error: (07/21/2015 02:14:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application explorer.exe, version 6.0.2900.5512, faulting module , version 0.0.0.0, fault address 0x00000000.
Processing media-specific event for [explorer.exe!ws!]
Error: (07/13/2015 01:29:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application drwtsn32.exe, version 5.1.2600.0, faulting module dbghelp.dll, version 5.1.2600.5512, fault address 0x0001295d.
Processing media-specific event for [drwtsn32.exe!ws!]
Error: (07/13/2015 01:29:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application explorer.exe, version 6.0.2900.5512, faulting module , version 0.0.0.0, fault address 0x00000000.
Processing media-specific event for [explorer.exe!ws!]
Error: (07/13/2015 01:23:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application explorer.exe, version 6.0.2900.5512, faulting module comctl32.dll, version 6.0.2900.6028, fault address 0x0004dbe4.
Processing media-specific event for [explorer.exe!ws!]
Error: (07/13/2015 01:03:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application drwtsn32.exe, version 5.1.2600.0, faulting module dbghelp.dll, version 5.1.2600.5512, fault address 0x0001295d.
Processing media-specific event for [drwtsn32.exe!ws!]
System errors:
=============
Error: (07/25/2015 11:08:49 AM) (Source: DCOM) (EventID: 10005) (User: USER-AEE4542569)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}
Error: (07/25/2015 11:02:27 AM) (Source: DCOM) (EventID: 10005) (User: USER-AEE4542569)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}
Error: (07/25/2015 10:53:12 AM) (Source: DCOM) (EventID: 10005) (User: USER-AEE4542569)
Description: DCOM got error "%%1084" attempting to start the service BITS with arguments ""
in order to run the server:
{4991D34B-80A1-4291-83B6-3328366B9097}
Error: (07/25/2015 10:50:29 AM) (Source: DCOM) (EventID: 10005) (User: USER-AEE4542569)
Description: DCOM got error "%%1084" attempting to start the service cmdAgent with arguments ""
in order to run the server:
{C288AC5A-D846-4696-8028-2DF6F508D0D9}
Error: (07/25/2015 10:48:07 AM) (Source: DCOM) (EventID: 10005) (User: USER-AEE4542569)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}
Error: (07/25/2015 10:19:33 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Avgdiskx
AVGIDSDriverl
AVGIDSShim
Avgldx86
Avglogx
cmdGuard
Fips
intelppm
SASDIFSV
SASKUTIL
Error: (07/25/2015 10:19:33 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The AVGIDSAgent service depends on the AVGIDSDriverl service which failed to start because of the following error:
%%31
Error: (07/25/2015 10:18:39 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}
Error: (07/25/2015 10:16:56 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}
Error: (07/25/2015 10:11:45 AM) (Source: DCOM) (EventID: 10005) (User: USER-AEE4542569)
Description: DCOM got error "%%1084" attempting to start the service netman with arguments ""
in order to run the server:
{BA126AE5-2166-11D1-B1D0-00805FC1270E}
Microsoft Office:
=========================
Error: (07/25/2015 08:49:04 AM) (Source: Application Error) (EventID: 1004) (User: )
Description: mbamservice.exe0.0.0.0unknown0.0.0.000000000
Error: (07/25/2015 08:44:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: 0.0.0.0unknown0.0.0.000000000
Error: (07/25/2015 08:29:15 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbamservice.exe3.2.13.0mbamservice.exe3.2.13.000006008
Error: (07/21/2015 02:20:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: explorer.exe6.0.2900.5512comctl32.dll6.0.2900.60280004dbe4
Error: (07/21/2015 02:14:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: drwtsn32.exe5.1.2600.0dbghelp.dll5.1.2600.55120001295d
Error: (07/21/2015 02:14:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: explorer.exe6.0.2900.55120.0.0.000000000
Error: (07/13/2015 01:29:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: drwtsn32.exe5.1.2600.0dbghelp.dll5.1.2600.55120001295d
Error: (07/13/2015 01:29:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: explorer.exe6.0.2900.55120.0.0.000000000
Error: (07/13/2015 01:23:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: explorer.exe6.0.2900.5512comctl32.dll6.0.2900.60280004dbe4
Error: (07/13/2015 01:03:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: drwtsn32.exe5.1.2600.0dbghelp.dll5.1.2600.55120001295d
==================== Memory info ===========================
Processor: Intel® Core2 Quad CPU Q8200 @ 2.33GHz
Percentage of memory in use: 31%
Total physical RAM: 3071.17 MB
Available physical RAM: 2103.39 MB
Total Virtual: 4961.33 MB
Available Virtual: 3779.12 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:931.51 GB) (Free:745.78 GB) NTFS ==>[drive with boot components (Windows XP)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: AD54AD54)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End of log ============================
If anyone can offer any help with this it would be much appreciated. Please let me know if any other information I can provide would help,
Thank you!