I've been sent here by Midknyte to be sure my system is clean. We resolved my previous thread, and he suggested I visit here.
This is that previous thread: http://discussions.virtualdr.com/sho...s-odd-behavior
I'm hoping to be able to stay within the suggested time boundaries. However, my first responsibility is for my wife, who is recovering from a stroke. I'll do the best I can.
Per his instructions, here is/are the log(s) from FRST.
**************************
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-07-2015
Ran by Kenneth (administrator) on ISLEAUHAUT on 11-07-2015 11:48:11
Running from E:\DownLoad Programs
Loaded Profiles: Kenneth (Available Profiles: Kenneth & Joan & Administrator)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 6 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avast Software s.r.o.) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(Acronis) C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
(Executive Software International, Inc.) E:\DKService.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehRecvr.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehSched.exe
(Intuit Inc.) C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
(Intuit Inc.) C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jqs.exe
(Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
(Prolific Technology Inc.) C:\WINDOWS\system32\IoctlSvc.exe
(Cyber Power Systems, Inc.) C:\Program Files\CyberPower PowerPanel Personal Edition\ppped.exe
() C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
(Microsoft Corporation) C:\WINDOWS\system32\dllhost.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehtray.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehmsas.exe
(Conexant Systems, Inc.) C:\Program Files\U.S. Robotics\Wireless USB Manager\PRISMSVR.exe
(Nullsoft, Inc.) C:\Program Files\Winamp\winampa.exe
(Acronis) C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis) C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
(Acronis) C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
(Avast Software s.r.o.) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(Cyber Power Systems, Inc.) C:\Program Files\CyberPower PowerPanel Personal Edition\pppeuser.exe
(Microsoft Corporation) C:\Program Files\Messenger\msmsgs.exe
() C:\Program Files\MagicTune Premium\GammaTray.exe
() C:\Program Files\U.S. Robotics\Wireless USB Manager\USR11G.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(OpenOffice.org) G:\Program Files\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) G:\Program Files\OpenOffice.org 3\program\soffice.bin
(Microsoft Corporation) C:\WINDOWS\system32\taskmgr.exe
(David Harris) C:\PMAIL\Programs\winpm-32.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ehTray] => C:\WINDOWS\ehome\ehtray.exe [59392 2004-08-10] (Microsoft Corporation)
HKLM\...\Run: [PRISMSVR.EXE] => C:\Program Files\U.S. Robotics\Wireless USB Manager\PRISMSVR.EXE [295001 2004-07-02] (Conexant Systems, Inc.)
HKLM\...\Run: [EPSON Stylus Photo R300 Series] => C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2F1.EXE [99840 2003-06-04] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [WinampAgent] => C:\Program Files\Winamp\winampa.exe [74752 2012-06-28] (Nullsoft, Inc.)
HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [570664 2008-07-09] (Nero AG)
HKLM\...\Run: [NBKeyScan] => C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2221352 2008-06-08] (Nero AG)
HKLM\...\Run: [MagicTuneLauncher] => C:\Program Files\MagicTune Premium\MagicTuneLauncher.exe [51712 2011-01-04] ()
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [OSSelectorReinstall] => C:\Program Files\Common Files\Acronis\Acronis Disk Director\oss_reinstall.exe [2209224 2007-02-22] ()
HKLM\...\Run: [TrueImageMonitor.exe] => C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe [2595792 2008-04-09] (Acronis)
HKLM\...\Run: [AcronisTimounterMonitor] => C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe [909208 2008-04-09] (Acronis)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [136472 2008-04-09] (Acronis)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvastUI.exe [5535048 2015-06-13] (Avast Software s.r.o.)
HKLM\...\Run: [PowerPanel Personal Edition User Interaction] => C:\Program Files\CyberPower PowerPanel Personal Edition\pppeuser.exe [350144 2012-03-27] (Cyber Power Systems, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254896 2012-09-17] (Sun Microsystems, Inc.)
HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.pif <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\RECYCLER\*\*\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.com <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\RECYCLER\*\*\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.com <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.com <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\RECYCLER\*\*\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\RECYCLER\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\RECYCLER\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.com <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.com <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\RECYCLER\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.pif <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.png.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\RECYCLER\*\*\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\RECYCLER\*\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.com <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\RECYCLER\*\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\RECYCLER\*\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\RECYCLER\*\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.png.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.com <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.png.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.scr <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.png.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.com <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.com <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\RECYCLER\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.exe <====== ATTENTION
HKU\S-1-5-21-823518204-842925246-854245398-1004\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)
Lsa: [Authentication Packages] msv1_0 relog_ap
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Billminder.lnk [2015-01-31]
ShortcutTarget: Billminder.lnk -> C:\QUICKENW\BILLMIND.EXE (Intuit)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\EPSON Status Monitor 3 Environment Check.lnk [2010-04-08]
ShortcutTarget: EPSON Status Monitor 3 Environment Check.lnk -> C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV03.EXE (SEIKO EPSON CORPORATION)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\GammaTray.lnk [2012-01-23]
ShortcutTarget: GammaTray.lnk -> C:\Program Files\MagicTune Premium\GammaTray.exe ()
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk [2011-03-03]
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\U.S. Robotics Wireless USB Adapter.lnk [2015-01-31]
ShortcutTarget: U.S. Robotics Wireless USB Adapter.lnk -> C:\Program Files\U.S. Robotics\Wireless USB Manager\USR11G.exe ()
Startup: C:\Documents and Settings\Kenneth\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk [2015-01-31]
ShortcutTarget: OpenOffice.org 3.3.lnk -> G:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll [2015-06-13] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-04-28] (Google)
ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-04-28] (Google)
ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-04-28] (Google)
ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-04-28] (Google)
ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-04-28] (Google)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-823518204-842925246-854245398-1004\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir...ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir...=ie&ar=msnhome
HKU\S-1-5-21-823518204-842925246-854245398-1004\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir...r=6&ar=msnhome
HKU\S-1-5-21-823518204-842925246-854245398-1004\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir...ie&ar=iesearch
URLSearchHook: HKU\S-1-5-21-823518204-842925246-854245398-1004 - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation)
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "" <======= ATTENTION
SearchScopes: HKLM -> DefaultScope value is missing
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll No File
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO: JQSIEStartDetectorImpl Class -> {E7E6F031-17CE-4C07-BC86-EABFE594F69C} -> C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab
DPF: {CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll [2010-02-10] (Belarc, Inc.)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2000-12-23] (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll No File
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{088B7FC7-4886-42D1-AF89-28314D313A1C}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{D25E175F-CD8A-4002-9D61-F69A113886D8}: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Kenneth\Application Data\Mozilla\Firefox\Profiles\arh2ores.default
FF DefaultSearchEngine: Wikipedia (en)
FF DefaultSearchEngine.US: Wikipedia (en)
FF SelectedSearchEngine: Wikipedia (en)
FF Homepage: https://www.google.com/
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_296.dll [2015-01-29] ()
FF Plugin: @java.com/DTPlugin,version=1.6.0_45 -> C:\WINDOWS\system32\npdeployJava1.dll [2013-04-19] (Sun Microsystems, Inc.)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll [2013-04-19] (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll No File
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npwachk.dll [2012-06-28] (Nullsoft, Inc.)
FF SearchPlugin: C:\Documents and Settings\Kenneth\Application Data\Mozilla\Firefox\Profiles\arh2ores.default\searchplugins\pinterest.xml [2015-04-04]
FF Extension: Microsoft .NET Framework Assistant - C:\Documents and Settings\Kenneth\Application Data\Mozilla\Firefox\Profiles\arh2ores.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011-01-09]
FF Extension: WOT - C:\Documents and Settings\Kenneth\Application Data\Mozilla\Firefox\Profiles\arh2ores.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-07-10]
FF Extension: Download YouTube Videos as MP4 - C:\Documents and Settings\Kenneth\Application Data\Mozilla\Firefox\Profiles\arh2ores.default\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2013-02-22]
FF Extension: Adblock Plus - C:\Documents and Settings\Kenneth\Application Data\Mozilla\Firefox\Profiles\arh2ores.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-05-02]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-06-02]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA} [2015-06-02]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-04-09]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011-05-17]
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF Extension: Java Quick Starter - C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2013-04-19]
Chrome:
=======
CHR Profile: C:\Documents and Settings\Kenneth\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Documents and Settings\Kenneth\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-03-31]
CHR Extension: (Google Search) - C:\Documents and Settings\Kenneth\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-03-31]
CHR Extension: (avast! Online Security) - C:\Documents and Settings\Kenneth\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-01-22]
CHR Extension: (Chrome In-App Payments service) - C:\Documents and Settings\Kenneth\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-06]
CHR Extension: (Gmail) - C:\Documents and Settings\Kenneth\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-03-31]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx [2015-03-21]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AcrSch2Svc; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [431384 2008-04-09] (Acronis)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [343336 2015-06-13] (Avast Software s.r.o.)
R2 Diskeeper; E:\DKService.exe [159744 2002-07-22] (Executive Software International, Inc.) [File not signed]
R2 ehRecvr; C:\WINDOWS\eHome\ehRecvr.exe [194560 2004-08-10] (Microsoft Corporation) [File not signed]
R2 JavaQuickStarterService; C:\Program Files\Java\jre6\bin\jqs.exe [158128 2013-04-19] (Sun Microsystems, Inc.)
S3 MHN; C:\WINDOWS\System32\mhn.dll [85504 2004-08-10] (Microsoft Corporation) [File not signed]
R2 PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [File not signed]
R2 ppped; C:\Program Files\CyberPower PowerPanel Personal Edition\ppped.exe [1013696 2012-03-27] (Cyber Power Systems, Inc.)
R2 TryAndDecideService; C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe [492896 2008-04-09] ()
S3 UMWdf; C:\WINDOWS\system32\wdfmgr.exe [38912 2004-08-10] (Microsoft Corporation) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24144 2015-06-13] ()
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [74976 2015-06-13] (Avast Software s.r.o.)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55200 2015-06-13] (Avast Software s.r.o.)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49904 2015-06-13] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [787760 2015-06-13] (Avast Software s.r.o.)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [428120 2015-06-26] (Avast Software s.r.o.)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57888 2015-06-13] (Avast Software s.r.o.)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [209048 2015-06-13] ()
R1 BANTExt; C:\WINDOWS\System32\Drivers\BANTExt.sys [3840 2008-02-27] () [File not signed]
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
S0 cercsr6; C:\WINDOWS\system32\Drivers\cercsr6.sys [39904 2004-12-13] (Adaptec, Inc.) [File not signed]
S3 FETNDISB; C:\WINDOWS\System32\DRIVERS\dlkfet5b.sys [43008 2005-07-28] (D-Link )
S3 giveio; C:\WINDOWS\system32\giveio.sys [5248 2013-06-29] () [File not signed]
S3 HCF_MSFT; C:\WINDOWS\System32\DRIVERS\HCF_MSFT.sys [907456 2001-08-17] (Conexant)
R3 Icam4USB; C:\WINDOWS\System32\Drivers\Icam4USB.sys [154496 2001-08-17] (Microsoft Corporation)
R1 MagicTune; C:\WINDOWS\system32\drivers\MTiCtwl.sys [14336 2010-04-22] (Samsung Electronics, Inc. ) [File not signed]
R2 MDC8021X; C:\WINDOWS\System32\DRIVERS\mdc8021x.sys [15781 2010-04-08] (Meetinghouse Data Communications) [File not signed]
S3 MHNDRV; C:\WINDOWS\System32\DRIVERS\mhndrv.sys [11008 2004-08-10] (Microsoft Corporation) [File not signed]
S4 mrtRate; C:\WINDOWS\system32\Drivers\mrtRate.sys [34916 1999-08-12] (Marimba, Inc.) [File not signed]
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
S3 NuidFltr; C:\WINDOWS\System32\DRIVERS\NuidFltr.sys [14736 2009-05-09] (Microsoft Corporation)
S3 RSC4_A02; C:\WINDOWS\System32\DRIVERS\RSC4USB.sys [380160 2004-08-11] (U.S. Robotics) [File not signed]
R0 tdrpman; C:\WINDOWS\System32\DRIVERS\tdrpman.sys [368480 2013-08-25] (Acronis)
R2 tifsfilter; C:\WINDOWS\System32\DRIVERS\tifsfilt.sys [44384 2013-08-25] (Acronis)
R0 viaagp; C:\WINDOWS\System32\DRIVERS\viaagp1.sys [32128 2002-07-23] (VIA Technologies, Inc.)
R0 viaagp1; C:\WINDOWS\System32\DRIVERS\viaagp1.sys [32128 2002-07-23] (VIA Technologies, Inc.)
R0 ViaIde; C:\WINDOWS\System32\DRIVERS\viaidexp.sys [6144 2001-10-17] (VIA Technologies, Inc.)
R1 VIAPFD; C:\WINDOWS\System32\Drivers\VIAPFD.SYS [3279 2001-12-17] (VIA Technologies. Inc.) [File not signed]
R3 VIAudio; C:\WINDOWS\System32\drivers\ac97via.sys [84480 2004-08-03] (VIA Technologies, Inc.)
S0 bhkmyd; System32\drivers\xauu.sys [X]
S3 catchme; \??\C:\DOCUME~1\Kenneth\LOCALS~1\Temp\catchme.sys [X]
S0 egrfoli; System32\drivers\cewyi.sys [X]
S4 IntelIde; No ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
U1 WS2IFSL; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
NETSVC: MHN -> C:\Windows\System32\mhn.dll (Microsoft Corporation)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-11 11:12 - 2015-07-11 11:48 - 00000000 ____D C:\FRST
2015-07-05 06:11 - 2015-07-05 06:11 - 00000000 ____D C:\Program Files\GUM2.tmp
2015-07-04 00:09 - 2015-07-04 00:09 - 00000000 ____D C:\Program Files\GUM78.tmp
2015-07-03 14:09 - 2015-07-03 14:09 - 00000000 ____D C:\Program Files\GUM1D.tmp
2015-07-03 01:10 - 2015-07-03 01:10 - 00094208 _____ C:\WINDOWS\Minidump\Mini070315-01.dmp
2015-07-01 08:09 - 2015-07-01 08:09 - 00000000 ____D C:\Program Files\GUM5B.tmp
2015-06-21 21:23 - 2015-06-21 21:23 - 00000000 _____ C:\Documents and Settings\Kenneth\Desktop\KGOURMET.INI
2015-06-13 21:09 - 2015-06-13 21:09 - 00000000 ____D C:\Program Files\GUMB.tmp
2015-06-13 17:33 - 2015-06-13 17:33 - 00000000 ____D C:\Program Files\avast software
2015-06-13 17:32 - 2015-06-13 17:32 - 00291312 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\aswBoot.exe
2015-06-13 17:32 - 2015-06-13 17:32 - 00043112 _____ (Avast Software s.r.o.) C:\WINDOWS\avastSS.scr
2015-06-11 05:15 - 2015-07-11 07:57 - 00082176 _____ C:\WINDOWS\setupapi.log
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-11 11:49 - 2010-04-03 14:16 - 00000000 ____D C:\Documents and Settings\Kenneth\Local Settings\Temp
2015-07-11 11:09 - 2014-09-12 17:43 - 00000886 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-11 08:13 - 2014-02-15 20:45 - 00000000 ____D C:\Program Files\CyberPower PowerPanel Personal Edition
2015-07-11 08:09 - 2014-09-12 17:43 - 00000882 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-11 07:57 - 2014-03-27 06:10 - 00000226 _____ C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2015-07-11 07:57 - 2012-07-05 23:37 - 00000366 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job
2015-07-11 07:56 - 2010-04-03 13:27 - 02000549 _____ C:\WINDOWS\WindowsUpdate.log
2015-07-11 07:55 - 2010-04-03 13:24 - 00000000 ____D C:\WINDOWS\Registration
2015-07-11 07:54 - 2010-04-03 13:39 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-07-11 07:54 - 2010-04-03 05:14 - 00000159 _____ C:\WINDOWS\wiadebug.log
2015-07-11 07:54 - 2010-04-03 05:14 - 00000049 _____ C:\WINDOWS\wiaservc.log
2015-07-11 07:54 - 2004-08-10 04:00 - 00001374 _____ C:\WINDOWS\system32\wpa.dbl
2015-07-11 00:38 - 2010-04-03 14:16 - 00000278 ___SH C:\Documents and Settings\Kenneth\ntuser.ini
2015-07-11 00:38 - 2010-04-03 13:39 - 00032474 _____ C:\WINDOWS\SchedLgU.Txt
2015-07-10 08:29 - 2013-02-27 18:22 - 00000000 ____D C:\Documents and Settings\Kenneth\Application Data\vlc
2015-07-09 22:21 - 2013-02-23 14:58 - 00000071 _____ C:\Documents and Settings\Kenneth\Application Data\default.pls
2015-07-09 22:20 - 2011-01-20 18:16 - 00000069 _____ C:\WINDOWS\NeroDigital.ini
2015-07-09 17:34 - 2013-02-27 12:11 - 00000865 _____ C:\WINDOWS\QUICKEN.INI
2015-07-08 15:25 - 2014-03-27 06:10 - 00000220 _____ C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2015-07-03 01:10 - 2013-07-03 05:58 - 00000000 ____D C:\WINDOWS\Minidump
2015-06-26 17:32 - 2011-01-16 13:12 - 00428120 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswsp.sys
2015-06-22 19:15 - 2012-01-20 12:30 - 00001143 _____ C:\WINDOWS\PSTUDIO.INI
2015-06-22 19:14 - 2013-03-04 15:56 - 00000000 ____D C:\Documents and Settings\Kenneth\Application Data\Canon
2015-06-16 22:10 - 2011-03-13 01:42 - 00000000 ____D C:\Documents and Settings\Kenneth\Application Data\Skype
2015-06-15 21:52 - 2015-01-27 13:26 - 00002265 _____ C:\Documents and Settings\All Users\Desktop\Skype.lnk
2015-06-13 17:32 - 2014-04-19 20:19 - 00024144 _____ C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-06-13 17:32 - 2013-03-02 20:04 - 00209048 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-06-13 17:32 - 2013-03-02 20:04 - 00074976 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-06-13 17:32 - 2013-03-02 20:04 - 00049904 _____ C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-06-13 17:32 - 2011-05-17 13:06 - 00787760 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswSnx.sys
2015-06-13 17:32 - 2011-01-16 13:12 - 00057888 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswTdi.sys
2015-06-13 17:32 - 2011-01-16 13:12 - 00055200 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswRdr.sys
==================== Files in the root of some directories =======
2013-03-06 18:08 - 1999-03-18 13:35 - 0001636 _____ () C:\Program Files\addrbook.cnt
2013-03-06 18:08 - 1999-03-24 11:56 - 1043968 _____ (FS Igoware) C:\Program Files\AddrBook.exe
2013-03-06 18:08 - 1999-03-18 15:35 - 0043260 _____ () C:\Program Files\ADDRBOOK.HLP
2013-03-06 18:09 - 2013-03-06 18:09 - 0000005 _____ () C:\Program Files\data.pab
2013-03-06 18:08 - 2013-03-06 18:09 - 0001962 _____ () C:\Program Files\DeIsL1.isu
2013-03-06 18:08 - 1999-03-22 15:57 - 0000021 _____ () C:\Program Files\PAB Recover.bat
2013-03-06 18:08 - 1999-03-24 12:17 - 0000539 _____ () C:\Program Files\PAB402.txt
2013-03-06 18:08 - 2013-03-06 18:08 - 0000147 _____ () C:\Program Files\_DEISREG.ISR
2013-03-06 18:08 - 1997-04-23 03:16 - 0040960 _____ (Stirling) C:\Program Files\_ISREG32.DLL
2013-02-23 14:58 - 2015-07-09 22:21 - 0000071 _____ () C:\Documents and Settings\Kenneth\Application Data\default.pls
2011-01-15 13:21 - 2015-04-25 10:08 - 0021504 _____ () C:\Documents and Settings\Kenneth\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-01-09 17:16 - 2011-01-09 17:16 - 0000130 _____ () C:\Documents and Settings\Kenneth\Local Settings\Application Data\fusioncache.dat
2014-07-31 13:35 - 2014-07-31 13:35 - 0000865 _____ () C:\Documents and Settings\Kenneth\Local Settings\Application Data\recently-used.xbel
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End of log ============================
***************************
The log "Addition.txt" will come in my next posting. The forum software complained that this post is too long when both logs are here.