122 replies to this topic

[oldman960]

Hi gcdi,

Open MBAM

• At the top click History
• On the next screen click Application logs on the left
• Click on the most receny Scan log
• Click View

[gcdi]

It doesn't show a recent scan log just some protection logs.

Should I run it again?

[oldman960]

Hi gcdi,

Yes please.

[gcdi]

Well, I don't know what I'm doing wrong. I run the scan, it shows it found a problem but when i look at the log there is nothing there.

There is a log but when i look at it there is no information.

[oldman960]

Hi gcdi,

When the scan completes are you given the option to quarantine the detected item(s)?

[gcdi]

Yes and I did, then ran malware again the next day and it showed the same two problems.

I attached a screenshot if that helps.  mallog.bmp   1.51MB   232 downloads

[oldman960]

Hi gcdi,

What happens when you click Apply Actions?

[gcdi]

It looks like it works, says items were successfully cleaned, has a place to view details but there are no details there.

Says computer needs to resart, when it restarts it says something like malwarebytes can't start because of a restriction policy.

[oldman960]

Hi gdci,

Please download Farbar Recovery Scan Tool and save it to your desktop.

You will need the 32bit version.

• Double-click to run it. When the tool opens click Yes to disclaimer.
• Press Scan button.
• It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
• The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply

[gcdi]

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 27-09-2014
Ran by MIKE (administrator) on GCDI on 27-09-2014 23:20:39
Running from C:\Documents and Settings\MIKE\My Documents\Downloads
Loaded Profiles: MIKE & UpdatusUser (Available profiles: MIKE & UpdatusUser & Administrator)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
() C:\Program Files\Gigabyte\EasySaver\essvr.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(HP) C:\WINDOWS\system32\HPZipm12.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(NEC Electronics Corporation) C:\Program Files\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(HP) C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe
(Creative Technology Ltd) C:\WINDOWS\system32\Ctxfihlp.exe
(Sony Corporation) C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe
() C:\WINDOWS\tsnp2std.exe
(Autodesk, Inc.) C:\Program Files\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(Creative Technology Ltd) C:\WINDOWS\system32\CTxfispi.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Sonix) C:\WINDOWS\vsnp2std.exe
() C:\WINDOWS\FixCamera.exe
(Microsoft Corporation) C:\Program Files\Microsoft ActiveSync\wcescomm.exe
(Microsoft Corporation) C:\PROGRA~1\MI3AA1~1\rapimgr.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [18782720 2009-10-16] (Realtek Semiconductor Corp.)
HKLM\...\Run: [NUSB3MON] => C:\Program Files\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496 2009-09-25] (NEC Electronics Corporation)
HKLM\...\Run: [Logitech Hardware Abstraction Layer] => C:\WINDOWS\KHALMNPR.EXE [28160 2005-07-23] (Logitech Inc.)
HKLM\...\Run: [JMB36X IDE Setup] => C:\WINDOWS\RaidTool\xInsIDE.exe [36864 2007-03-20] ()
HKLM\...\Run: [HPDJ Taskbar Utility] => C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe [176128 2005-03-07] (HP)
HKLM\...\Run: [CTxfiHlp] => C:\WINDOWS\system32\CTXFIHLP.EXE [25600 2010-05-05] (Creative Technology Ltd)
HKLM\...\Run: [ContentTransferWMDetector.exe] => C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe [583016 2009-11-19] (Sony Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [36X Raid Configurer] => C:\WINDOWS\system32\xRaidSetup.exe [1970176 2009-08-26] (Gigabyte Technology Corp.)
HKLM\...\Run: [EasyTuneV] => C:\Program Files\Gigabyte\ET5\ETcall.exe [20480 2007-08-14] ()
HKLM\...\Run: [tsnp2std] => C:\WINDOWS\tsnp2std.exe [262144 2007-08-31] ()
HKLM\...\Run: [ADSK DLMSession] => C:\Program Files\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe [1632216 2012-05-15] (Autodesk, Inc.)
HKLM\...\Run: [NvMediaCenter] => RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
HKLM\...\Run: [Nvtmru] => C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1012000 2013-05-16] (NVIDIA Corporation)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [995176 2013-06-20] (Microsoft Corporation)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\qttask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [snp2std] => C:\WINDOWS\vsnp2std.exe [348160 2007-08-07] (Sonix)
HKLM\...\Run: [FixCamera] => C:\WINDOWS\FixCamera.exe [20480 2007-07-11] ()
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\McAfee <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Malwarebytes <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Malwarebytes' Anti-Malware <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Microsoft Security Client <====== ATTENTION
HKLM\...99B7938DA9E4}\LocalServer32: [a] #@~^wH4AAA==n{F+2im'xh,)mDk-+or8%mYvEUmDb2ORUtVsJbIStrVc+e'*+* Y.zPhxlc3XwC NAx\bDKU:xO?DDrUT/ (the data entry has 32372 more characters). <==== ATTENTION!
InvalidSubkeyName: [HKLM\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\LocalServer32\******<*>] <===== ATTENTION
HKU\S-1-5-21-1085031214-2000478354-839522115-1003\...\Run: [H/PC Connection Agent] => C:\Program Files\Microsoft ActiveSync\Wcescomm.exe [1289000 2006-11-13] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [DWQueuedReporting] => c:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE [437160 2007-02-26] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [H/PC Connection Agent] => C:\Program Files\Microsoft ActiveSync\wcescomm.exe [1289000 2006-11-13] (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: localhost:8080
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
URLSearchHook: HKCU - Default Value = {CFBFAE00-17A6-11D0-99CB-00C04FD64497}
URLSearchHook: HKCU - SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll No File
SearchScopes: HKCU - DefaultScope {3906D159-82FC-450d-A57A-92D10437A2F5} URL = http://search.yahoo....cevm&type=STDVM
SearchScopes: HKCU - {3906D159-82FC-450d-A57A-92D10437A2F5} URL = http://search.yahoo....cevm&type=STDVM
SearchScopes: HKCU - {69375861-28F5-4c72-B52E-5C6DA8270101} URL = http://www.bing.com/...=SPLBR2&pc=SPLH
SearchScopes: HKCU - {6E8FEB12-4AFD-4c88-A16F-6EBD16138199} URL = http://www.google.co...2788:4067623346
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: {01025D1C-BB03-4369-8344-732CD0DCCCF0} http://www.geforce.c.../GPU_Reader.cab
DPF: {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} http://download.giga...bject/Dldrv.ocx
DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://utilities.pcp...ols/pcmatic.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\common\yinsthelper.dll
DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creat...102/CTSUEng.cab
DPF: {714E667D-360C-4BFB-8C1A-E4812B608CC1} http://service.samsu...rustChecker.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab
DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creat...13/CTPIDPDE.cab
DPF: {E0FEE963-BB53-4215-81AD-B28C77384644} https://pbells.broad...otiveClient.cab
DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} http://ccfiles.creat...015/CTSUEng.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creat...21022/CTPID.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Documents and Settings\MIKE\Application Data\Mozilla\Firefox\Profiles\ijhmco84.default-1410203501343
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @Motive.com/NpMotive,version=1.0 -> C:\Program Files\ATT\8.3.1.18\ma\bin\npMotive.dll No File
FF Plugin: @real.com/nppl3260;version=16.0.2.32 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.2 -> C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.2 -> C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.2 -> C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 -> C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.2.32 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 -> C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Documents and Settings\All Users\Application Data\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Documents and Settings\MIKE\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll No File
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Documents and Settings\MIKE\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll No File
FF Plugin HKCU: @yahoo.com/BrowserPlus,version=2.9.8 -> C:\Documents and Settings\MIKE\Local Settings\Application Data\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdjvu.dll (LizardTech)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpplugin.dll (RealPlayer)
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-09-25]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2014-09-25]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-03-30]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-09-23]
FF HKLM\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF HKLM\...\Firefox\Extensions: [{0153E448-190B-4987-BDE1-F256CADA672F}] - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF HKLM\...\Firefox\Extensions: [{FCE04E1F-9378-4f39-96F6-5689A9159E45}] - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-07-03]

Chrome:
=======
CHR HomePage: Default ->
CHR DefaultSearchKeyword: Default -> search.conduit.com
CHR DefaultSearchProvider: Default -> Conduit
CHR DefaultSearchURL: Default -> http://search.condui...=CT3313053&UM=2
CHR DefaultSuggestURL: Default -> http://suggest.searc...CUI=SB_CUI&UM=2
CHR CustomProfile: C:\Documents and Settings\MIKE\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Documents and Settings\MIKE\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-23]
CHR Extension: (RealDownloader) - C:\Documents and Settings\MIKE\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2012-12-25]
CHR Extension: (Google Wallet) - C:\Documents and Settings\MIKE\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-04-16]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Creative Audio Engine Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2011-05-31] (Creative Labs) [File not signed]
S3 Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.EXE [44032 1999-12-13] (Creative Technology Ltd) [File not signed]
S3 CTAudSvcService; C:\Program Files\Creative\Shared Files\CTAudSvc.exe [307200 2009-02-23] (Creative Technology Ltd) [File not signed]
R2 ES lite Service; C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE [68136 2009-08-24] ()
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-04-14] (Oracle Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-06-20] (Microsoft Corporation)
R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [73728 2007-08-09] (HP) [File not signed]
S3 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [66872 2011-01-24] ()
S2 pr2ah4nc; C:\WINDOWS\system32\pr2ah4nc.exe [407152 2007-05-18] (CODEMASTERS)
S3 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-04-16] ()
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011b\RpcAgentSrv.exe [93848 2009-08-10] (SiSoftware) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1684736 2008-08-05] (Creative)
S1 AmdK8; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [36864 2006-07-01] (Advanced Micro Devices)
R1 AmdPPM; C:\WINDOWS\System32\DRIVERS\AmdPPM.sys [33792 2007-04-16] (Advanced Micro Devices)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
S3 ctdvda2k; C:\WINDOWS\System32\drivers\ctdvda2k.sys [347144 2010-05-05] (Creative Technology Ltd)
S3 ET5Drv; C:\WINDOWS\system32\Drivers\ET5Drv.sys [40136 2006-11-24] (Microsoft Corporation)
S3 etdrv; C:\WINDOWS\etdrv.sys [17488 2011-03-09] (Windows ® 2000 DDK provider)
R3 FETNDISB; C:\WINDOWS\System32\DRIVERS\dlkfet5b.sys [43008 2007-07-13] (D-Link                              )
S3 FTDIBUS; C:\WINDOWS\System32\drivers\ftdibus.sys [57800 2009-11-11] (FTDI Ltd.)
S3 gameenum; C:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2008-04-13] (Microsoft Corporation)
R3 gdrv; C:\WINDOWS\gdrv.sys [17488 2014-09-27] (Windows ® 2000 DDK provider)
S3 GVTDrv; C:\WINDOWS\system32\Drivers\GVTDrv.sys [24944 2011-03-27] ()
R3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49920 2009-08-26] (HP)
R3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2009-08-26] (HP)
R3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2009-08-26] (HP)
R0 JRAID; C:\WINDOWS\System32\DRIVERS\jraid.sys [99440 2009-10-07] (JMicron Technology Corp.)
R2 MDC8021X; C:\WINDOWS\System32\DRIVERS\mdc8021x.sys [15781 2004-04-13] (Meetinghouse Data Communications) [File not signed]
S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1389056 2006-01-04] (Creative Technology Ltd.)
R0 MpFilter; C:\WINDOWS\System32\DRIVERS\MpFilter.sys [211560 2013-06-18] (Microsoft Corporation)
S3 MREMP50; C:\Program Files\Common Files\Motive\MREMP50.sys [21248 2010-02-02] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 MRESP50; C:\Program Files\Common Files\Motive\MRESP50.sys [20096 2010-02-02] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 ms_mpu401; C:\WINDOWS\System32\drivers\msmpu401.sys [2944 2001-08-17] (Microsoft Corporation)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R3 NVHDA; C:\WINDOWS\System32\drivers\nvhda32.sys [128672 2013-02-25] (NVIDIA Corporation)
R0 pe3ah4nc; C:\WINDOWS\System32\drivers\pe3ah4nc.sys [64880 2007-05-18] (CODEMASTERS)
R0 ps6ah4nc; C:\WINDOWS\System32\drivers\ps6ah4nc.sys [55160 2007-05-18] (CODEMASTERS)
S3 RemoteControl-USBLAN; C:\WINDOWS\System32\DRIVERS\rcblan.sys [39704 2007-01-24] (Belcarra Technologies)
S3 RTLTEAMING; C:\WINDOWS\System32\DRIVERS\RTLTEAMING.SYS [29440 2009-10-11] (Realtek Semiconductor Corporation) [File not signed]
S3 RTLVLAN; C:\WINDOWS\System32\DRIVERS\RTLVLAN.SYS [17536 2009-02-16] (Realtek Semiconductor Corporation                           ) [File not signed]
R2 RtNdPt5x; C:\WINDOWS\System32\DRIVERS\RtNdPt5x.sys [22016 2008-07-09] (Realtek Semiconductor Corporation                           )
S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011b\WNt500x86\Sandra.sys [23112 2009-08-07] (SiSoftware)
R0 sfdrv01; C:\WINDOWS\System32\drivers\sfdrv01.sys [50688 2005-08-10] (Protection Technology) [File not signed]
R0 sfhlp02; C:\WINDOWS\System32\drivers\sfhlp02.sys [6656 2005-05-16] (Protection Technology) [File not signed]
R0 sfsync02; C:\WINDOWS\System32\drivers\sfsync02.sys [19968 2005-08-10] (Protection Technology) [File not signed]
R0 sfvfs02; C:\WINDOWS\System32\drivers\sfvfs02.sys [66048 2005-09-29] (Protection Technology) [File not signed]
S3 SNP2STD; C:\WINDOWS\System32\DRIVERS\snp2sxp.sys [12212864 2007-09-05] ()
S3 SONYPVU1; C:\WINDOWS\System32\DRIVERS\SONYPVU1.SYS [7552 2001-08-17] (Sony Corporation)
S3 wceusbsh; C:\WINDOWS\System32\DRIVERS\wceusbsh.sys [31744 2010-09-13] (Microsoft Corporation)
R3 WmBEnum; C:\WINDOWS\System32\drivers\WmBEnum.sys [22856 2010-04-27] (Logitech Inc.)
R3 WmFilter; C:\WINDOWS\System32\drivers\WmFilter.sys [37704 2010-04-27] (Logitech Inc.)
R3 WmHidLo; C:\WINDOWS\System32\drivers\WmHidLo.sys [31816 2010-04-27] (Logitech Inc.)
S3 WmVirHid; C:\WINDOWS\System32\drivers\WmVirHid.sys [15048 2010-04-27] (Logitech Inc.)
R3 WmXlCore; C:\WINDOWS\System32\drivers\WmXlCore.sys [66632 2010-04-27] (Logitech Inc.)
S3 AODDriver; \??\C:\Program Files\GIGABYTE\ET6\i386\AODDriver.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S4 IntelIde; No ImagePath
S3 mosuport; system32\DRIVERS\mosuport.sys [X]
S3 MREMP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [X]
S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [X]
S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [X]
S3 MRESP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-27 23:19 - 2014-09-27 23:20 - 00000000 ____D () C:\FRST
2014-09-27 23:18 - 2014-09-27 23:18 - 00000878 _____ () C:\Documents and Settings\MIKE\Desktop\Shortcut to FRST.lnk
2014-09-25 01:42 - 2014-09-25 01:49 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-09-25 01:10 - 2014-09-25 01:10 - 00000000 ____D () C:\Avenger
2014-09-24 09:15 - 2014-09-24 09:16 - 00000000 ____D () C:\log
2014-09-22 22:26 - 2014-09-22 22:26 - 00007168 ___SH () C:\Thumbs.db
2014-09-17 02:26 - 2014-09-27 01:26 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-09-17 02:25 - 2014-09-17 02:25 - 00000777 _____ () C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-17 02:25 - 2014-09-17 02:25 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-09-17 02:25 - 2014-09-17 02:25 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-17 02:25 - 2014-05-12 07:26 - 00053208 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-09-17 02:25 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-09-13 21:12 - 2014-09-13 21:13 - 00000664 _____ () C:\WINDOWS\system32\d3d9caps.dat
2014-09-12 02:16 - 2014-09-12 02:16 - 00000079 _____ () C:\WINDOWS\wininit.ini
2014-09-07 23:53 - 2014-09-07 23:53 - 00000853 _____ () C:\Documents and Settings\MIKE\Desktop\JRT.txt
2014-09-07 23:43 - 2014-09-07 23:43 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-09-07 23:27 - 2014-09-07 23:27 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2014-09-07 19:02 - 2014-09-07 23:19 - 00000000 ____D () C:\AdwCleaner
2014-09-07 18:58 - 2014-09-07 18:58 - 00000927 _____ () C:\Documents and Settings\MIKE\Desktop\Shortcut to AdwCleaner(4).lnk
2014-09-07 18:06 - 2014-09-27 01:36 - 00000000 ____D () C:\Documents and Settings\NetworkService\Local Settings\temp
2014-09-07 18:06 - 2014-09-25 23:59 - 00000000 ____D () C:\Documents and Settings\UpdatusUser.GCDI-F7150E40D8.001\Local Settings\temp
2014-09-07 18:06 - 2014-09-07 18:06 - 00020841 _____ () C:\ComboFix.txt
2014-09-07 18:06 - 2014-09-07 18:06 - 00000000 ____D () C:\Documents and Settings\UpdatusUser\Local Settings\temp
2014-09-07 18:06 - 2014-09-07 18:06 - 00000000 ____D () C:\Documents and Settings\UpdatusUser.GCDI-F7150E40D8\Local Settings\temp
2014-09-07 18:06 - 2014-09-07 18:06 - 00000000 ____D () C:\Documents and Settings\UpdatusUser.GCDI-F7150E40D8.000\Local Settings\temp
2014-09-07 18:06 - 2014-09-07 18:06 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\temp
2014-09-07 18:06 - 2014-09-07 18:06 - 00000000 ____D () C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\temp
2014-09-07 18:06 - 2014-09-07 18:06 - 00000000 ____D () C:\Documents and Settings\Default User\Local Settings\temp
2014-09-07 18:06 - 2014-09-07 18:06 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\temp
2014-09-07 17:46 - 2014-09-27 23:21 - 00000000 ____D () C:\Documents and Settings\MIKE\Local Settings\temp
2014-09-07 17:24 - 2014-09-07 17:24 - 00001277 _____ () C:\Documents and Settings\MIKE\Desktop\Shortcut to ComboFix.lnk

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-27 23:17 - 2013-04-11 04:00 - 00020070 _____ () C:\WINDOWS\system32\nvAppTimestamps
2014-09-27 23:17 - 2010-03-26 22:18 - 01539882 _____ () C:\WINDOWS\WindowsUpdate.log
2014-09-27 23:09 - 2013-08-30 04:24 - 00000384 ____H () C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
2014-09-27 23:01 - 2010-03-26 23:52 - 00000144 _____ () C:\service.log
2014-09-27 23:01 - 2004-08-04 07:00 - 00011936 _____ () C:\WINDOWS\system32\wpa.dbl
2014-09-27 22:59 - 2012-09-16 16:01 - 00017488 _____ (Windows ® 2000 DDK provider) C:\WINDOWS\gdrv.sys
2014-09-27 22:59 - 2010-03-26 16:08 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-09-27 22:59 - 2010-03-26 16:08 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2014-09-27 22:58 - 2010-03-26 22:22 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-09-27 05:03 - 2010-03-26 22:24 - 00000278 __SHC () C:\Documents and Settings\MIKE\ntuser.ini
2014-09-27 05:03 - 2010-03-26 22:22 - 00032764 _____ () C:\WINDOWS\SchedLgU.Txt
2014-09-27 02:28 - 2012-11-14 04:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2727528$
2014-09-25 03:48 - 2012-05-07 03:15 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-09-25 01:39 - 2013-12-19 08:18 - 00001813 _____ () C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
2014-09-25 01:10 - 2010-06-10 03:07 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB980218$
2014-09-22 23:31 - 2010-03-30 13:01 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB974392$
2014-09-22 22:27 - 2010-07-04 06:21 - 00007680 __SHC () C:\WINDOWS\Thumbs.db
2014-09-22 22:27 - 2010-04-19 08:30 - 00000116 _____ () C:\WINDOWS\NeroDigital.ini
2014-09-22 01:41 - 2010-10-25 14:53 - 00231568 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2014-09-17 04:21 - 2010-03-27 15:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB958644_0$
2014-09-15 08:24 - 2012-09-16 16:15 - 00000178 ___SH () C:\Documents and Settings\UpdatusUser.GCDI-F7150E40D8.001\ntuser.ini
2014-09-12 02:20 - 2013-10-29 23:46 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2014-09-12 02:17 - 2013-10-29 23:46 - 00524288 _____ () C:\WINDOWS\system32\config\SpybotSD.evt
2014-09-11 03:02 - 2013-08-14 22:15 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-09-11 02:49 - 2010-03-27 15:46 - 98758480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-09-07 23:26 - 2010-03-26 22:22 - 00000000 __SHD () C:\Documents and Settings\NetworkService
2014-09-07 18:06 - 2011-05-25 02:06 - 00000000 ____D () C:\Qoobox
2014-09-07 17:53 - 2004-08-04 07:00 - 00000246 _____ () C:\WINDOWS\system.ini
2014-09-07 17:02 - 2004-08-04 07:00 - 00001031 _____ () C:\WINDOWS\win.ini
2014-09-06 03:46 - 2014-07-25 00:01 - 00000180 _____ () C:\WINDOWS\setupact.log
2014-09-03 03:35 - 2011-07-22 10:26 - 01146752 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1085031214-2000478354-839522115-1003-0.dat
2014-09-03 03:35 - 2011-07-22 10:26 - 00145058 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
2014-08-30 17:56 - 2014-08-01 12:47 - 00000000 ____D () C:\Documents and Settings\MIKE\Desktop\OTL

Some content of TEMP:
====================
C:\Documents and Settings\MIKE\Local Settings\temp\drm_dialogs.dll
C:\Documents and Settings\MIKE\Local Settings\temp\Quarantine.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 27-09-2014
Ran by MIKE at 2014-09-27 23:21:56
Running from C:\Documents and Settings\MIKE\My Documents\Downloads
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Disabled - Up to date) {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
AV: Microsoft Security Essentials (Disabled - Up to date) {BCF43643-A118-4432-AEDE-D861FCBCFCDF}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

@BIOS (HKLM\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.20 - GIGABYTE)
5600 (Version: 50.0.206.000 - Hewlett-Packard) Hidden
5600_Help (Version: 50.0.206.000 - Hewlett-Packard) Hidden
5600Trb (Version: 50.0.206.000 - Hewlett-Packard) Hidden
Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 2.0.0.0 - Adobe Systems Incorporated)
Acrobat.com (Version: 2.0.0 - Adobe Systems Incorporated) Hidden
Activision® (Version: 1.00.0000 - Activision) Hidden
ACUBE UniSSOTray V1.0 (HKLM\...\{817DE62F-5787-43BB-8877-5F81FAE5A823}) (Version:  - )
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe AIR (Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.9.900.152 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 11.9.900.152 - Adobe Systems Incorporated)
Adobe Reader X (10.1.11) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.11 - Adobe Systems Incorporated)
AiO_Scan (Version: 50.0.206.000 - Hewlett-Packard) Hidden
AiOSoftware (Version: 50.0.206.000 - Hewlett-Packard) Hidden
AMD Processor Driver (HKLM\...\{C151CE54-E7EA-4804-854B-F515368B0798}) (Version: 1.3.2.0053 - AMD)
AnswerWorks 5.0 English Runtime (HKLM\...\{DBCC73BA-C69A-4BF5-B4BF-F07501EE7039}) (Version: 5.0.7 - Vantage Software Technologies)
Apple Application Support (HKLM\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Autodesk Download Manager (HKLM\...\{D672018C-BCC5-4994-94FD-BF2EF24865F4}) (Version: 1.0.122.0 - Autodesk, Inc.)
AutoTap 3.1 (HKLM\...\AutoTap 3.1) (Version:  - )
Blur™ (HKLM\...\InstallShield_{589A63D3-89E1-4D9B-8DBC-6039BB27289E}) (Version: 1.00.0000 - Activision)
Browser Configuration Utility (HKLM\...\{5B363E1D-8C36-4458-BAE4-D5081999E094}) (Version: 1.1.11.0 - DeviceVM) <==== ATTENTION
BufferChm (Version: 53.0.13.000 - Hewlett-Packard) Hidden
CalMAN Pattern Generator (HKLM\...\{FAC36425-4266-4DE4-9CB5-68FB4FB9385A}) (Version: 1.2.12 - SpectraCal, LLC)
CMS (HKLM\...\CMS) (Version:  - )
CodeAxNew (HKLM\...\{71A7DBB4-D82B-4BC4-9FD4-0C1833E34784}) (Version:  - )
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Content Transfer (HKLM\...\{CFADE4AF-C0CF-4A04-A776-741318F1658F}) (Version: 1.3.0.23190 - Sony Corporation)
CP_Package_Variety1 (Version: 53.0.13.000 - Hewlett-Packard) Hidden
CP_Package_Variety2 (Version: 53.0.13.000 - Hewlett-Packard) Hidden
CP_Package_Variety3 (Version: 53.0.13.000 - Hewlett-Packard) Hidden
Creative Audio Control Panel (HKLM\...\AudioCS) (Version: 2.00 - Creative Technology Limited)
Creative Console Launcher (HKLM\...\Console Launcher) (Version:  - Creative Technology Limited)
Creative MediaSource (HKLM\...\{2E0C1913-886B-4C5C-8DAF-D1E649CE5FCC}) (Version: 3.00 - )
Creative MediaSource 5 (HKLM\...\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}) (Version: 5.26 - Creative Technology Limited)
Creative Software AutoUpdate (HKLM\...\Creative Software AutoUpdate) (Version: 1.40 - Creative Technology Limited)
Creative System Information (HKLM\...\SysInfo) (Version:  - )
Creative WaveStudio 7 (HKLM\...\WaveStudio 7) (Version: 7.12 - Creative Technology Limited)
CustomerResearchQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
Destinations (Version: 53.0.13.000 - Hewlett-Packard) Hidden
DeviceManagementQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
Diagnostic Utility (HKLM\...\{7236672F-6430-439E-9B27-27EDEAF1D676}) (Version: 1.00.0000 - Realtek)
Digital Viewer (HKLM\...\{75438C0E-9925-412E-AD85-D0E71C6CE2ED}) (Version: 5.7.19103.102 - Sonix)
DiRT (HKLM\...\{57B89E30-0BBA-4F20-9F2C-8E8CDE1CEDB6}) (Version: 1.00.0000 - Codemasters)
Disney Interactive Compatibility Update May 2002 (HKLM\...\{70af630e-2e1b-470f-b600-9ae48f0b94d0}.sdb) (Version:  - )
D-Link DFE-530TX+ (HKLM\...\InstallShield_{2D6A5BD9-FE4B-49CD-8D96-2C4746302A82}) (Version:  - D-Link)
D-Link DFE-530TX+ (Version:  - D-Link) Hidden
D-Link PCI Fast Ethernet Adapter (HKLM\...\VN_VUIns_Rhine_D-Link) (Version:  - )
DocProc (Version: 5.2.0.0 - Hewlett-Packard) Hidden
Easy Tune 6 B10.0728.1 (HKLM\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Easy Tune 6 B10.0728.1 (Version: 1.00.0000 - GIGABYTE) Hidden
EasySaver B9.0904.1  (HKLM\...\{07300F01-89CA-4CF8-92BD-2A605EB83C95}) (Version: 1.00.0000 - Gigabyte)
EasyTune5 (HKLM\...\EasyTune5) (Version:  - )
eSupportQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
Fax (Version: 50.0.206.000 - Hewlett-Packard) Hidden
FlatOut 2 (HKLM\...\{4E6D2462-AB33-40BB-AA9F-3FA3E0DD0290}) (Version: 1.00.0000 - Empire Interactive)
Forecaster HD (HKLM\...\{84C4714D-E6D2-4409-AE5C-F35F178C3F09}) (Version: 01.02.0000 - Community Professional Loudspeakers)
FUEL (HKLM\...\{F51FF206-2273-4B3E-A90A-4752AE288C12}) (Version: 1.00.0000 - Codemasters)
Gigabyte Raid Cinfigurer (HKLM\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.00.0001 - GIGABYTE Technologies, Inc.)
Google Chrome (HKLM\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
GRID (HKLM\...\{5A0B7BA5-4682-4273-81C2-69B17E649103}) (Version: 1.00.0000 - Codemasters)
GT Legends 1.1.0.0 (HKLM\...\{1064CABD-7390-4336-94E4-8A53DFBCB636}_is1) (Version: v1.1.0.0 - 10tacle Studios Publishing)
GTI Racing (HKLM\...\Steam App 3000) (Version:  - Techland)
GTR 2 1.0.0.0 (HKLM\...\{1619204B-7F8C-4293-B342-5345721F4A1F}_is1) (Version: v1.0.0.0 - 10tacle Studios Publishing AG)
GTR Evolution (HKLM\...\GTR Evolution_1.1.1.2_is1) (Version:  - SimBin)
Hewlett-Packard ACLM.NET v1.1.0.0 (Version: 1.00.0000 - Hewlett-Packard) Hidden
HiDef Media Player 1.1.12 (HKLM\...\HiDef Media Player) (Version: 1.1.12 - HiDefMedia)
High Definition Audio Driver Package - KB888111 (HKLM\...\KB888111WXPSP2) (Version: 20040219.000000 - Microsoft Corporation)
HP Extended Capabilities 5.3 (HKLM\...\HPExtendedCapabilities) (Version: 5.3 - HP)
HP Image Zone Express (HKLM\...\{FE64AE29-0883-4C70-8388-DC026019C900}) (Version: 1.5.1.29 - Hewlett-Packard)
HP Imaging Device Functions 5.3 (HKLM\...\HP Imaging Device Functions) (Version: 5.3 - HP)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.12992 - HP)
HP Product Assistant (Version: 100.000.001.000 - Hewlett-Packard) Hidden
HP Product Detection (HKLM\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
HP Product Detection (HKLM\...\{AF5D2519-C6B4-4AFD-9A8D-FBF74DD4F0A0}) (Version: 11.15.0004 - HP)
HP PSC & OfficeJet 5.3.B (HKLM\...\{5B79CFD1-6845-4158-9D7D-6BE89DF2C135}) (Version:  - HP)
HP Solution Center & Imaging Support Tools 5.3 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 5.3 - HP)
HP Update (HKLM\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)
HPProductAssistant (Version: 53.0.13.000 - Hewlett-Packard) Hidden
Image Plugin (HKLM\...\{FDC8065B-80DE-4466-B90B-2581F6D77DFF}) (Version: 3.04.0226 - Snap-on Business Solutions)
Instant Play Blues Guitar (HKLM\...\{ABA56678-A0C9-4D0F-90C5-3BCB2466BE5C}) (Version: 1.00.0000 - Charanga Ltd)
Instant Play Electric Guitar 4 CD-ROM (HKLM\...\{310609F9-5F1C-475C-A49D-8A2AC3D53022}) (Version: 1.00.0000 - Charanga Ltd)
Internet Explorer (Enable DEP) (HKLM\...\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb) (Version:  - )
iSEEK AnswerWorks English Runtime (HKLM\...\{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}) (Version: 010.000.0101 - Vantage Linguistics)
Itibiti RTC (Version: 0.0.1 - Itibiti Inc) Hidden
Japanese Fonts Support For Adobe Reader X (HKLM\...\{AC76BA86-7AD7-5760-0000-A00000000003}) (Version: 10.0.0 - Adobe Systems Incorporated)
Java 7 Update 55 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
LizardTech DjVu Control (HKLM\...\{105CFC7C-6992-11D5-BD9D-000102C10FD8}) (Version:  - )
Logitech Gaming Software 5.10 (HKLM\...\{60D32CDC-E3BE-4578-BA10-29322307CDDC}) (Version: 5.10.127 - Logitech)
Logitech Harmony Remote Software 7 (HKLM\...\{5C6F884D-680C-448B-B4C9-22296EE1B206}) (Version: 7.7.0.0 - Logitech)
Logitech Harmony Remote Software 7 (Version: 7.7.0.0 - Logitech) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MarketResearch (Version: 53.0.13.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft ActiveSync (HKLM\...\{99052DB7-9592-4522-A558-5417BBAD48EE}) (Version: 4.5.5096.0 - Microsoft Corporation)
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM\...\{86A4C6D9-29EE-4719-AFA1-BA3341862B83}) (Version: 3.4.54.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{8FB1B528-E260-451E-9B55-E9152F94B80B}) (Version: 3.2.3.0 - Microsoft Corporation)
Microsoft Internationalized Domain Names Mitigation APIs (Version:  - Microsoft Corporation) Hidden
Microsoft National Language Support Downlevel APIs (Version:  - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95120000-0122-0409-0000-0000000FF1CE}) (Version: 12.0.6423.1000 - Microsoft Corporation)
Microsoft Office Standard Edition 2003 (HKLM\...\{91120409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Security Client (Version: 4.2.0223.1 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.2.223.1 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version:  - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Mozilla Firefox 32.0.3 (x86 en-US) (HKLM\...\Mozilla Firefox 32.0.3 (x86 en-US)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSN (HKLM\...\MSNINST) (Version:  - )
MSVCRT (Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 6.0 Parser (KB933579) (HKLM\...\{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}) (Version: 6.10.1200.0 - Microsoft Corporation)
Music Coach Player (HKLM\...\{07AC0CAF-F5A2-4FFB-A2F6-DB4E059BE678}) (Version: 2.80.0000 - Music Coach)
MX-950 Editor (HKLM\...\{B762B2A5-883B-454B-A586-1DF6C4528262}) (Version: 1.12.119 - Universal Remote Control, Inc.)
MyHarmony (HKCU\...\036a0e4fc6a247ec) (Version: 1.0.1.218 - Logitech)
NEC Electronics USB 3.0 Host Controller Driver (HKLM\...\InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}) (Version: 1.0.14.0 - NEC Electronics Corporation)
NEC Electronics USB 3.0 Host Controller Driver (Version: 1.0.14.0 - NEC Electronics Corporation) Hidden
Need for Speed™ ProStreet (HKLM\...\{CC419DDC-E0F0-4013-B25A-6FA036516F0D}) (Version: 1.0.1.0 - Electronic Arts)
Need for Speed™ SHIFT (HKLM\...\{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}) (Version: 1.0.0.0 - Electronic Arts)
Nero Suite (HKLM\...\NeroMultiInstaller!UninstallKey) (Version:  - )
netKar PRO v1.3 (HKLM\...\{04B68109-F196-49A7-9286-C3DA440E4690}}_is1) (Version:  - Kunos Simulazioni)
NetSurveillance (HKLM\...\NetSurveillance) (Version:  - )
NetZero For Cosmi (HKLM\...\{53CDAAAB-6D41-4A36-BAA4-90261DE31B13}) (Version: 1.0.0 - NetZero, Inc.)
NewCopy (Version: 50.0.206.000 - Hewlett-Packard) Hidden
NVIDIA Control Panel 320.49 (Version: 320.49 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.5 - NVIDIA Corporation)
NVIDIA Graphics Driver 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 320.49 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.24.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.24.2 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.124.810 - NVIDIA Corporation) Hidden
NVIDIA nView 140.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 140.62 - NVIDIA Corporation)
NVIDIA nView Desktop Manager (Version: 6.14.10.13594 - NVIDIA Corporation) Hidden
NVIDIA PhysX (Version: 9.13.0604 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0604 - NVIDIA Corporation)
NVIDIA Update 4.11.9 (Version: 4.11.9 - NVIDIA Corporation) Hidden
NVIDIA Update Components (Version: 4.11.9 - NVIDIA Corporation) Hidden
NWZ-E340 WALKMAN Guide (HKLM\...\{E33956B7-301C-429D-9E6C-2C12EACB8A62}) (Version: 2.0.00.07010 - Sony Corporation)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
OpenAL (HKLM\...\OpenAL) (Version:  - )
Origin (HKLM\...\Origin) (Version: 9.2.1.4399 - Electronic Arts, Inc.)
ProductContext (Version: 50.0.206.000 - Hewlett-Packard) Hidden
Pure (HKLM\...\{FF3C203A-2F19-43A2-9C7C-EC1B5A0FC873}) (Version: 1.0 - Disney Interactive Studios)
Quicken 2014 (HKLM\...\{0877F595-254F-45F4-991D-3F72E86B17CE}) (Version: 23.1.7.6 - Intuit)
QuickTime (HKLM\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
RACE 07 Offline (HKLM\...\RACE 07 Offline_1.0_is1) (Version:  - Simbin Development Team AB)
RadioTuna (HKLM\...\{FBF1656D-56D9-4507-BD67-D1DC8B90EC62}) (Version: 1.01.0003 - TunaMediaLtd)
Readme (Version: 50.0.206.000 - Hewlett-Packard) Hidden
RealDownloader (Version: 1.3.2 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM\...\RealPlayer 16.0) (Version: 16.0.2 - RealNetworks)
REALTEK GbE & FE Ethernet PCI-E NIC Driver (HKLM\...\{C9BED750-1211-4480-B1A5-718A3BE15525}) (Version: 1.24.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.5964 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Remote Control USB Driver (HKLM\...\{8471021C-F529-43DE-84DF-3612E10F58C4}) (Version: 2.3.2.317 - )
rFactor (remove only) (HKLM\...\rFactor) (Version:  - )
RIDGE RACER™ Driftopia (HKLM\...\Steam App 226410) (Version:  - BUGBEAR)
Room EQ Wizard V5 (HKLM\...\RoomEQWizardV5) (Version:  - John Mulcahy)
Scan (Version: 5.2.0.0 - Hewlett-Packard) Hidden
ScannerCopy (Version: 5.2.0.0 - Hewlett-Packard) Hidden
SCORE International: Baja 1000 (HKLM\...\Baja 1000) (Version: 1.0 - Activision Value)
Segoe UI (Version: 14.0.4327.805 - Microsoft Corp) Hidden
SHIFT 2 UNLEASHED™ (HKLM\...\{E8C37E27-5205-4C8A-BECB-B00533045AAE}) (Version: 1.0.0.0 - Electronic Arts)
SiSoftware Sandra Lite 2011.SP4a (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2296}_is1) (Version: 17.72.2011.8 - SiSoftware)
SolutionCenter (Version: 50.0.152.000 - Hewlett-Packard) Hidden
Sound Blaster X-Fi (HKLM\...\{18F11181-EA1A-42AE-AF89-4867C7F7A6FA}) (Version: 1.0 - )
SoundFont Bank Manager (HKLM\...\SFBM) (Version: 3.21 - Creative Technology Limited)
Speed Dreams 1.4.0-r2307 (HKLM\...\Speed Dreams) (Version: 1.4.0 - The Speed Dreams Team)
Sprint Cars - Road to Knoxville (HKLM\...\{86076752-37A4-41E6-BFC4-73186683AF7B}) (Version: 1.00.0000 - ValuSoft)
Status (Version: 53.0.13.000 - Hewlett-Packard) Hidden
Steam (HKLM\...\Steam) (Version:  - Valve Corporation)
Test Drive Unlimited 2 (HKLM\...\Test Drive Unlimited 2_is1) (Version:  - Atari)
TmUnitedForever Update 2010-03-15 (HKLM\...\TmUnitedForever_is1) (Version:  - Nadeo)
TrayApp (Version: 53.0.13.000 - Hewlett-Packard) Hidden
Unload (Version: 5.0.0 - Hewlett-Packard) Hidden
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 7 (KB980182) (Version: 1 - Microsoft Corporation) Hidden
Update for Windows Internet Explorer 8 (KB2447568) (HKLM\...\KB2447568-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB976662) (HKLM\...\KB976662-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2141007) (HKLM\...\KB2141007) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2467659) (HKLM\...\KB2467659) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2541763) (HKLM\...\KB2541763) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2607712) (HKLM\...\KB2607712) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2616676) (HKLM\...\KB2616676) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2641690) (HKLM\...\KB2641690) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2661254-v2) (HKLM\...\KB2661254-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB2718704) (HKLM\...\KB2718704) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2736233) (HKLM\...\KB2736233) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2934207) (HKLM\...\KB2934207) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB951978) (Version: 1 - Microsoft Corporation) Hidden
Update for Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB967715) (HKLM\...\KB967715) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971737) (HKLM\...\KB971737) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973687) (HKLM\...\KB973687) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
Update Manager B09.1008.1 (HKLM\...\InstallShield_{4E25C468-7745-4051-8B37-4A2C6635BA8B}) (Version: 1.00.0000 - GIGABYTE)
Update Manager B09.1008.1 (Version: 1.00.0000 - GIGABYTE) Hidden
USB Compound Device (HKLM\...\USB Compound Device) (Version:  - )
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
WebReg (Version: 53.0.13.000 - Hewlett-Packard) Hidden
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)
Windows Imaging Component (HKLM\...\WIC) (Version: 3.0.0.0 - Microsoft Corporation)
Windows Internet Explorer 7 (Version: 20070813.185237 - Microsoft Corporation) Hidden
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Live Communications Platform (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Essentials (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (HKLM\...\{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live Mail (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Upload Tool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
Windows Media Format 11 runtime (Version:  - Microsoft Corporation) Hidden
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version:  - )
Windows Media Player 11 (Version:  - Microsoft Corporation) Hidden
Windows PowerShell™ 1.0 (HKLM\...\KB926139-v2) (Version: 2 - Microsoft Corporation)
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
World Racing 2 (HKLM\...\InstallShield_{5EBAC9CB-97D7-44CD-A82D-4FCB37F582AC}) (Version: 2.0.1.0 - Synetic)
World Racing 2 (Version: 2.0.1.0 - Synetic) Hidden
Yahoo! BrowserPlus 2.9.8 (HKCU\...\Yahoo! BrowserPlus) (Version:  - Yahoo! Inc.)
Yahoo! Install Manager (HKLM\...\YInstHelper) (Version:  - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1085031214-2000478354-839522115-1003_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Documents and Settings\MIKE\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1085031214-2000478354-839522115-1003_Classes\CLSID\{047466F1-82AE-455A-AFC4-D3AC463FBF6B}\InprocServer32 -> C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1085031214-2000478354-839522115-1003_Classes\CLSID\{218D2740-5A50-42A8-AB9F-62FF1B168782}\InprocServer32 -> C:\Documents and Settings\MIKE\Local Settings\Application Data\Google\Update\1.3.21.69\psuser.dll No (the data entry has 5 more characters).
CustomCLSID: HKU\S-1-5-21-1085031214-2000478354-839522115-1003_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> "C:\Documents and Settings\MIKE\Local Settings\Application Data\Google\Update\1.3.21.69\GoogleUpdate (the data entry has 21 more characters).
CustomCLSID: HKU\S-1-5-21-1085031214-2000478354-839522115-1003_Classes\CLSID\{29A96789-9595-4947-BEDB-0FCC776F7DB8}\InprocServer32 -> C:\Documents and Settings\MIKE\Local Settings\Application Data\Google\Update\1.2.183.39\goopdate.dll (the data entry has 8 more characters).
CustomCLSID: HKU\S-1-5-21-1085031214-2000478354-839522115-1003_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> "C:\Documents and Settings\MIKE\Local Settings\Application Data\Google\Update\1.3.21.69\GoogleUpdate (the data entry has 21 more characters).
CustomCLSID: HKU\S-1-5-21-1085031214-2000478354-839522115-1003_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> "C:\Documents and Settings\MIKE\Local Settings\Application Data\Google\Update\1.3.21.69\GoogleUpdate (the data entry has 21 more characters).
CustomCLSID: HKU\S-1-5-21-1085031214-2000478354-839522115-1003_Classes\CLSID\{6CE4B8A6-4DB5-4F63-8013-1197503692EF}\InprocServer32 -> C:\Documents and Settings\MIKE\Local Settings\Application Data\Yahoo!\BrowserPlus\2.9.8\Plugins\YBPAddon_2.9.8.dll (Yahoo! Inc.)
CustomCLSID: HKU\S-1-5-21-1085031214-2000478354-839522115-1003_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Documents and Settings\MIKE\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdat (the data entry has 14 more characters).
CustomCLSID: HKU\S-1-5-21-1085031214-2000478354-839522115-1003_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Documents and Settings\MIKE\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdat (the data entry has 14 more characters).
CustomCLSID: HKU\S-1-5-21-1085031214-2000478354-839522115-1003_Classes\CLSID\{DB25D157-76D4-41C1-97B5-359E4A4CECEB}\InprocServer32 -> C:\Documents and Settings\MIKE\Local Settings\Application Data\Google\Update\1.3.21.65\psuser.dll No (the data entry has 5 more characters).
CustomCLSID: HKU\S-1-5-21-1085031214-2000478354-839522115-1003_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> "C:\Documents and Settings\MIKE\Local Settings\Application Data\Google\Update\1.3.21.69\GoogleUpdate (the data entry has 21 more characters).
CustomCLSID: HKU\S-1-5-21-1085031214-2000478354-839522115-1003_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Documents and Settings\MIKE\Local Settings\Application Data\Google\Update\1.3.21.69\psuser.dll No (the data entry has 5 more characters).

==================== Restore Points  =========================

24-07-2014 06:25:17 Software Distribution Service 3.0
26-07-2014 06:18:59 Software Distribution Service 3.0
27-07-2014 19:11:43 Software Distribution Service 3.0
29-07-2014 05:02:22 Software Distribution Service 3.0
31-07-2014 05:55:30 Software Distribution Service 3.0
31-07-2014 06:18:11 Software Distribution Service 3.0
31-07-2014 06:30:49 Software Distribution Service 3.0
31-07-2014 06:45:43 Software Distribution Service 3.0
01-08-2014 18:44:14 OTL Restore Point - 8/1/2014 1:42:57 PM
03-08-2014 04:54:07 OTL Restore Point - 8/2/2014 11:52:40 PM
14-08-2014 06:51:34 OTL Restore Point - 8/14/2014 1:50:30 AM
16-08-2014 10:21:36 ComboFix created restore point
18-08-2014 02:22:36 Software Distribution Service 3.0
24-08-2014 06:20:43 Software Distribution Service 3.0
26-08-2014 06:11:57 Software Distribution Service 3.0
26-08-2014 06:30:05 OTL Restore Point - 8/26/2014 1:29:19 AM
28-08-2014 05:23:48 Software Distribution Service 3.0
29-08-2014 05:31:26 Software Distribution Service 3.0
30-08-2014 22:57:13 OTL Restore Point - 8/30/2014 5:56:16 PM
30-08-2014 22:57:31 Software Distribution Service 3.0
30-08-2014 23:13:46 Software Distribution Service 3.0
01-09-2014 14:44:47 Software Distribution Service 3.0
03-09-2014 06:33:19 Software Distribution Service 3.0
04-09-2014 17:52:40 Software Distribution Service 3.0
06-09-2014 06:33:29 Software Distribution Service 3.0
07-09-2014 21:29:16 Software Distribution Service 3.0
11-09-2014 06:14:44 Software Distribution Service 3.0
11-09-2014 07:47:32 Software Distribution Service 3.0
12-09-2014 07:33:12 Software Distribution Service 3.0
14-09-2014 01:44:40 Software Distribution Service 3.0
14-09-2014 02:43:06 Software Distribution Service 3.0
15-09-2014 13:42:04 Software Distribution Service 3.0
17-09-2014 06:52:44 Software Distribution Service 3.0
18-09-2014 08:19:40 Software Distribution Service 3.0
20-09-2014 07:19:59 Software Distribution Service 3.0
22-09-2014 16:24:38 Software Distribution Service 3.0
24-09-2014 09:53:39 Software Distribution Service 3.0
26-09-2014 05:07:30 Software Distribution Service 3.0
27-09-2014 06:30:24 Software Distribution Service 3.0

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2004-08-04 07:00 - 2014-09-07 17:52 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1085031214-2000478354-839522115-1003Core1cc6f98ed6cb1dc.job => C:\Documents and Settings\MIKE\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1085031214-2000478354-839522115-1003UA.job => C:\Documents and Settings\MIKE\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HP Photo Creations Communicator.job => C:\Documents and Settings\All Users\Application Data\HP Photo Creations\Communicator.exe
Task: C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1085031214-2000478354-839522115-1003.job => C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe
Task: C:\WINDOWS\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1085031214-2000478354-839522115-1003.job => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1085031214-2000478354-839522115-1003.job => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1085031214-2000478354-839522115-1003.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1085031214-2000478354-839522115-1003.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-1085031214-2000478354-839522115-1003.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-1085031214-2000478354-839522115-1003.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{7256C714-F702-4676-8958-FD1AD3CD13D2}.job => C:\WINDOWS\system32\msfeedssync.exe

==================== Loaded Modules (whitelisted) =============

2010-03-26 23:52 - 2009-08-24 15:38 - 00068136 _____ () C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE
2010-03-26 23:52 - 2009-03-13 12:30 - 00109096 _____ () C:\Program Files\Gigabyte\EasySaver\YCC.DLL
2009-06-04 01:55 - 2009-06-04 01:55 - 00002560 _____ () C:\WINDOWS\CTXFIRES.DLL
2012-10-03 06:41 - 2007-08-31 10:48 - 00262144 _____ () C:\WINDOWS\tsnp2std.exe
2011-02-04 04:32 - 2007-07-11 16:09 - 00020480 _____ () C:\WINDOWS\FixCamera.exe
2014-09-25 01:44 - 2014-09-25 01:48 - 03715184 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\WINDOWS\system32\Drivers\mrckvjsi.sys:changelist

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

========================= Accounts: ==========================

Administrator (S-1-5-21-1085031214-2000478354-839522115-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
ASPNET (S-1-5-21-1085031214-2000478354-839522115-1011 - Limited - Enabled)
Guest (S-1-5-21-1085031214-2000478354-839522115-501 - Limited - Disabled)
HelpAssistant (S-1-5-21-1085031214-2000478354-839522115-1000 - Limited - Disabled)
MIKE (S-1-5-21-1085031214-2000478354-839522115-1003 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\MIKE
SUPPORT_388945a0 (S-1-5-21-1085031214-2000478354-839522115-1002 - Limited - Disabled)
UpdatusUser (S-1-5-21-1085031214-2000478354-839522115-1009 - Limited - Enabled) => %SystemDrive%\Documents and Settings\UpdatusUser.GCDI-F7150E40D8.001

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (09/24/2014 04:46:17 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application firefox.exe, version 32.0.2.5373, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (09/17/2014 04:28:46 AM) (Source: WmiAdapter) (EventID: 4099) (User: BUILTIN)
Description: Open of service failed.

Error: (09/07/2014 05:31:03 PM) (Source: crypt32) (EventID: 8) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download....authrootseq.txt> with error: A connection with the server could not be established

Error: (09/04/2014 05:35:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application gtl.exe, version 1.1.0.0, faulting module gtl.exe, version 1.1.0.0, fault address 0x001711c0.
Processing media-specific event for [gtl.exe!ws!]

Error: (09/04/2014 03:28:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application gtl.exe, version 1.1.0.0, faulting module gtl.exe, version 1.1.0.0, fault address 0x001711c0.
Processing media-specific event for [gtl.exe!ws!]

Error: (08/21/2014 02:03:39 AM) (Source: MPSampleSubmission) (EventID: 5000) (User: )
Description: EventType mptelemetry, P1 0x8000ffff, P2 patchapplication, P3 am bde, P4 11.1.4590.0, P5 mpsigstub.exe, P6 4.3.215.0, P7 microsoft security essentials, P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

Error: (08/21/2014 01:55:11 AM) (Source: Windows Product Activation) (EventID: 1009) (User: )
Description: You have not activated Windows within the grace period. To activate Windows, contact a customer service representative by telephone.

Error: (08/21/2014 01:54:14 AM) (Source: MPSampleSubmission) (EventID: 5000) (User: )
Description: EventType mptelemetry, P1 0x8000ffff, P2 patchapplication, P3 am bde, P4 11.1.4590.0, P5 mpsigstub.exe, P6 4.3.215.0, P7 microsoft security essentials, P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

Error: (08/21/2014 01:46:11 AM) (Source: Windows Product Activation) (EventID: 1009) (User: )
Description: You have not activated Windows within the grace period. To activate Windows, contact a customer service representative by telephone.

Error: (08/21/2014 01:45:10 AM) (Source: MPSampleSubmission) (EventID: 5000) (User: )
Description: EventType mptelemetry, P1 0x8000ffff, P2 patchapplication, P3 am bde, P4 11.1.4590.0, P5 mpsigstub.exe, P6 4.3.215.0, P7 microsoft security essentials, P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

System errors:
=============
Error: (09/27/2014 11:00:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Parallel port driver service failed to start due to the following error:
%%1058

Error: (09/27/2014 10:58:52 PM) (Source: 0) (EventID: 1) (User: )
Description:

Error: (09/27/2014 02:36:17 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the nvsvc service.

Error: (09/27/2014 02:35:36 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The NVIDIA Update Service Daemon service hung on starting.

Error: (09/27/2014 02:33:55 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Parallel port driver service failed to start due to the following error:
%%1058

Error: (09/27/2014 02:31:00 AM) (Source: 0) (EventID: 1) (User: )
Description:

Error: (09/27/2014 01:18:28 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Parallel port driver service failed to start due to the following error:
%%1058

Error: (09/27/2014 01:16:54 AM) (Source: 0) (EventID: 1) (User: )
Description:

Error: (09/25/2014 11:56:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Parallel port driver service failed to start due to the following error:
%%1058

Error: (09/25/2014 11:55:13 PM) (Source: 0) (EventID: 1) (User: )
Description:

Microsoft Office Sessions:
=========================
Error: (09/24/2014 04:46:17 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: firefox.exe32.0.2.5373hungapp0.0.0.000000000

Error: (09/17/2014 04:28:46 AM) (Source: WmiAdapter) (EventID: 4099) (User: BUILTIN)
Description:

Error: (09/07/2014 05:31:03 PM) (Source: crypt32) (EventID: 8) (User: )
Description: http://www.download....uthrootseq.txtA connection with the server could not be established

Error: (09/04/2014 05:35:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: gtl.exe1.1.0.0gtl.exe1.1.0.0001711c0

Error: (09/04/2014 03:28:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: gtl.exe1.1.0.0gtl.exe1.1.0.0001711c0

Error: (08/21/2014 02:03:39 AM) (Source: MPSampleSubmission) (EventID: 5000) (User: )
Description: mptelemetry0x8000ffffpatchapplicationam bde11.1.4590.0mpsigstub.exe4.3.215.0microsoft security essentialsNILNILNIL

Error: (08/21/2014 01:55:11 AM) (Source: Windows Product Activation) (EventID: 1009) (User: )
Description:

Error: (08/21/2014 01:54:14 AM) (Source: MPSampleSubmission) (EventID: 5000) (User: )
Description: mptelemetry0x8000ffffpatchapplicationam bde11.1.4590.0mpsigstub.exe4.3.215.0microsoft security essentialsNILNILNIL

Error: (08/21/2014 01:46:11 AM) (Source: Windows Product Activation) (EventID: 1009) (User: )
Description:

Error: (08/21/2014 01:45:10 AM) (Source: MPSampleSubmission) (EventID: 5000) (User: )
Description: mptelemetry0x8000ffffpatchapplicationam bde11.1.4590.0mpsigstub.exe4.3.215.0microsoft security essentialsNILNILNIL

==================== Memory info ===========================

Processor: AMD Phenom™ II X4 955 Processor
Percentage of memory in use: 23%
Total physical RAM: 3198.42 MB
Available physical RAM: 2436.11 MB
Total Pagefile: 5082.81 MB
Available Pagefile: 4494.98 MB
Total Virtual: 2047.88 MB
Available Virtual: 1922.52 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.5 GB) (Free:802.95 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: (GTR2 US) (CDROM) (Total:1.46 GB) (Free:0 GB) CDFS
Drive e: () (Fixed) (Total:69.23 GB) (Free:29.04 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive f: (DRV5_VOL1) (Fixed) (Total:232.88 GB) (Free:175.53 GB) NTFS ==>[Drive with boot components (Windows XP)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: E0E8E0E8)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 232.9 GB) (Disk ID: 00100F09)
Partition 1: (Active) - (Size=232.9 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 69.2 GB) (Disk ID: F224F224)
Partition 1: (Active) - (Size=69.2 GB) - (Type=07 NTFS)

==================== End Of Log ============================

[oldman960]

Hi gdci,

Down load the attached file, fixlist.txt, and save it to the same loacation as Farbar Recovery Scan Tool . Looking at the log you have the tool in your download folder so this is where you would need to download fix.txt to otherwise it won't work.

Run FRST again but this time press the Fix button just once and wait.

When finished, it will make a log (fixlog.txt) next to FRST. Please copy and paste the content of this file to your reply.

Any better?

 fixlist.txt   1.16KB   179 downloads

[gcdi]

Here's the log. I'll let you know if it seems better.

 

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 27-09-2014
Ran by MIKE at 2014-09-29 03:17:24 Run:1
Running from C:\Documents and Settings\MIKE\My Documents\Downloads
Loaded Profiles: MIKE & UpdatusUser (Available profiles: MIKE & UpdatusUser & Administrator)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\McAfee <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Malwarebytes <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Malwarebytes' Anti-Malware <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Microsoft Security Client <====== ATTENTION
HKLM\...99B7938DA9E4}\LocalServer32: [a] #@~^wH4AAA==n{F+2im'xh,)mDk-+or8%mYvEUmDb2ORUtVsJbIStrVc+e'*+* Y.zPhxlc3XwC NAx\bDKU:xO?DDrUT/ (the data entry has 32372 more characters). <==== ATTENTION!
InvalidSubkeyName: [HKLM\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\LocalServer32\******<*>] <===== ATTENTION
CHR DefaultSearchKeyword: Default -> search.conduit.com
CHR DefaultSearchProvider: Default -> Conduit
CHR DefaultSearchURL: Default -> http://search.condui...=CT3313053&UM=2
CHR DefaultSuggestURL: Default -> http://suggest.searc...CUI=SB_CUI&UM=2
*****************

HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\LocalServer32\\a => value deleted successfully.
[HKLM\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\LocalServer32\******<*>] => Subkey with invalid name deleted successfully.
Chrome DefaultSearchKeyword deleted successfully.
CHR DefaultSearchProvider: Default -> Conduit ==> The Chrome "Settings" can be used to fix the entry.
Chrome DefaultSearchURL deleted successfully.
Chrome DefaultSuggestURL deleted successfully.

==== End of Fixlog ====

[gcdi]

I can't tell if there was much of a difference.

[oldman960]

Hi gcdi,

Have you tried the internet with all of your browsers? do any of them work better?

Are you still having problems opening programs while disconnected from the internet?

[gcdi]

You mentioned before that my google chrome looked odd so I haven't been using it but just tried it and it had an error that it couldn't read my preferences.

None of the browsers seem better than the other, all very slow to open but sometimes work ok once they are open but sometimes still slow to load any page.

Programs that don't use internet will work but are still slow to open.

Something else I've noticed but don't know if it really means anything, when I look at task manager CPU usage it may show system idle process to be 99 percent but CPU usage may be at 30-50 percent?