Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Computer rebooting frequently [Solved]

Started by Tigerlure , Jan 02 2012 02:30 PM

  • This topic is locked This topic is locked

#1
Tigerlure
Posted 02 January 2012 - 02:30 PM

Tigerlure

    Member

  • Member
  • PipPip
  • 46 posts
My computer has been rebooting randomly and frequently for the past few days. I'm not sure if it's a virus or not, but wanted to make sure. I think it may have began when Malwarebytes started acting up with the update around Christmas Day. I had to uninstall and reinstall it several times, and when I did, the computer had a "this system has recovered from serious error" message. The message finally went away. I ended up uninstalling SuperAntiSpyware and Spyware Guard, because I thought they were the problem. It turns out I was wrong.



OTL logfile created on: 1/2/2012 2:11:22 PM - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\HP_Administrator\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.99 Gb Total Physical Memory | 2.01 Gb Available Physical Memory | 67.16% Memory free
4.32 Gb Paging File | 3.44 Gb Available in Paging File | 79.57% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 456.25 Gb Total Space | 206.63 Gb Free Space | 45.29% Space Free | Partition Type: NTFS
Drive D: | 9.48 Gb Total Space | 3.06 Gb Free Space | 32.22% Space Free | Partition Type: FAT32

Computer Name: EODASO | User Name: HP_Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/01/02 13:56:46 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\HP_Administrator\Desktop\OTL.exe
PRC - [2011/12/24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/12/24 17:50:18 | 000,460,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/12/20 18:41:43 | 006,676,808 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
PRC - [2011/12/19 12:58:58 | 001,960,584 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
PRC - [2011/12/03 11:13:51 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\real\realplayer\Update\realsched.exe
PRC - [2011/10/31 16:40:46 | 000,107,000 | ---- | M] (Siber Systems) -- C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe
PRC - [2011/08/10 10:53:46 | 000,094,880 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
PRC - [2011/06/28 07:26:20 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/05/03 18:52:59 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011/02/14 07:55:16 | 000,043,520 | R--- | M] () -- C:\Program Files\HTC\ModeSelection\VMMModeSelection.exe
PRC - [2011/01/17 17:37:40 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2011/01/17 17:37:40 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2011/01/13 05:20:00 | 000,041,296 | ---- | M] (AOL Inc.) -- C:\Program Files\AOL Desktop 9.6\waol.exe
PRC - [2011/01/13 05:19:58 | 000,045,392 | ---- | M] (AOL Inc.) -- C:\Program Files\AOL Desktop 9.6\shellmon.exe
PRC - [2010/11/03 15:06:28 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/03/08 01:27:49 | 000,041,800 | ---- | M] (AOL Inc.) -- C:\Program Files\Common Files\AOL\1238950621\ee\aolsoftware.exe
PRC - [2010/01/14 21:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009/03/05 15:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008/04/13 18:12:33 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\savedump.exe
PRC - [2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/04/19 20:38:22 | 001,945,688 | ---- | M] (Acronis) -- C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe
PRC - [2007/04/19 20:29:56 | 000,149,024 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe
PRC - [2007/04/19 20:29:44 | 000,411,168 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
PRC - [2007/04/19 20:24:50 | 001,169,744 | ---- | M] (Seagate) -- C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe
PRC - [2006/10/23 06:50:35 | 000,046,640 | R--- | M] (AOL LLC) -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe
PRC - [2005/02/25 17:34:02 | 000,245,760 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe


========== Modules (No Company Name) ==========

MOD - [2011/10/14 17:38:00 | 000,456,192 | ---- | M] () -- C:\WINDOWS\system32\encdec.dll
MOD - [2011/06/24 21:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 21:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/05/23 18:44:05 | 000,985,088 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\program\libxml2.dll
MOD - [2011/02/14 07:55:16 | 000,043,520 | R--- | M] () -- C:\Program Files\HTC\ModeSelection\VMMModeSelection.exe
MOD - [2011/02/04 17:48:30 | 000,291,840 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll
MOD - [2011/01/13 05:20:01 | 000,048,640 | ---- | M] () -- C:\Program Files\AOL Desktop 9.6\zlib.dll
MOD - [2010/02/05 12:27:45 | 001,291,776 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2010/01/28 12:57:58 | 000,355,688 | ---- | M] () -- C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2009/02/13 11:44:52 | 000,117,264 | ---- | M] () -- c:\Program Files\McAfee\SiteAdvisor\apengine.dll
MOD - [2008/04/13 18:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/13 18:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2007/04/19 19:15:06 | 000,050,720 | ---- | M] () -- C:\Program Files\Common Files\Seagate\Common\gc.dll
MOD - [2005/08/05 13:01:54 | 000,159,744 | ---- | M] () -- C:\WINDOWS\system32\VBICodec.ax
MOD - [2005/08/05 12:06:50 | 000,165,376 | ---- | M] () -- C:\WINDOWS\system32\mpg2splt.ax
MOD - [2004/10/08 11:43:10 | 000,196,608 | ---- | M] () -- c:\Program Files\HP\Digital Imaging\bin\HpqUtil.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/12/24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/12/19 12:58:58 | 001,960,584 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2011/08/10 10:53:46 | 000,094,880 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2011/06/28 07:26:20 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/05/03 18:52:59 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2007/04/19 20:29:44 | 000,411,168 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2006/10/23 06:50:35 | 000,046,640 | R--- | M] (AOL LLC) [On_Demand | Running] -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe -- (AOL ACS)


========== Driver Services (SafeList) ==========

DRV - [2012/01/02 10:36:10 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2011/12/19 12:59:22 | 000,097,760 | ---- | M] (COMODO) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\inspect.sys -- (Inspect)
DRV - [2011/12/19 12:59:21 | 000,031,704 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2011/12/19 12:59:20 | 000,494,816 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\cmdGuard.sys -- (cmdGuard)
DRV - [2011/12/10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/09/06 20:29:27 | 000,122,752 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tinspusb.sys -- (USBTINSP) TI-Nspire™
DRV - [2011/06/28 07:26:22 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/06/28 07:26:22 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009/05/11 11:49:19 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009/05/11 09:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/04/05 23:16:44 | 000,392,320 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\timntr.sys -- (timounter)
DRV - [2009/04/05 23:16:44 | 000,032,768 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\tifsfilt.sys -- (tifsfilter)
DRV - [2009/04/05 23:16:41 | 000,120,992 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\snapman.sys -- (snapman)
DRV - [2009/03/09 13:06:56 | 000,064,160 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2008/04/13 12:45:34 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\irbus.sys -- (IrBus)
DRV - [2006/11/02 07:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)
DRV - [2005/12/12 16:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2)
DRV - [2005/04/15 19:05:42 | 002,564,032 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2005/04/11 18:22:14 | 000,085,248 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cxfalcon.sys -- (CXFALCON)
DRV - [2005/01/19 12:21:56 | 000,012,416 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PcdrNdisuio.sys -- (PcdrNdisuio)
DRV - [2004/08/04 06:31:36 | 000,032,768 | ---- | M] (SiS Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sisnic.sys -- (SISNIC)
DRV - [2004/08/03 22:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2004/06/29 11:07:18 | 001,268,204 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2004/02/04 10:27:56 | 000,049,536 | ---- | M] (Texas Instruments Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tiehdusb.sys -- (TIEHDUSB)
DRV - [2003/12/02 19:23:20 | 000,142,336 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\fasttx2k.sys -- (fasttx2k)
DRV - [2003/01/10 15:13:04 | 000,033,588 | R--- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.h...lion&pf=desktop
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.redirect.h...lion&pf=desktop

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.aol.com/?ncid=customie8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.h...lion&pf=desktop
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.h...lion&pf=desktop
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.aol.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.msn.com
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Secure Search"
FF - prefs.js..browser.search.defaulturl: "http://www.bing.com/...F&PC=GM2TDF&q="
FF - prefs.js..browser.search.selectedengine: "Bing"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.aol.com/"
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3.1
FF - prefs.js..extensions.enabledItems: {22119944-ED35-4ab1-910B-E619EA06A115}:6.9.98
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {195A3098-0BD5-4e90-AE22-BA1C540AFD1E}:2.9.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "http://search.yahoo....h?fr=mcafee&p="


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.0.198: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.0.198: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.0.198: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.0.198: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.0.198: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/03/09 22:20:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\AutocompletePro\[email protected] [2010/07/13 09:34:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/12/03 11:14:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2011/11/10 16:20:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{22119944-ED35-4ab1-910B-E619EA06A115}: C:\Program Files\Siber Systems\AI RoboForm\Firefox [2011/10/31 16:41:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/12/25 14:22:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/12/27 12:37:31 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/03/09 22:20:34 | 000,000,000 | ---D | M]

[2009/04/05 11:16:49 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Extensions
[2012/01/02 11:46:24 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rqmfed16.default\extensions
[2011/08/24 19:52:29 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rqmfed16.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2010/05/09 19:08:46 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rqmfed16.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/12/22 12:30:43 | 000,000,000 | ---D | M] (AOL Toolbar) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rqmfed16.default\extensions\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1}
[2011/11/18 11:50:19 | 000,000,000 | ---D | M] (WOT) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rqmfed16.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2011/12/30 12:54:28 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rqmfed16.default\extensions\staged
[2011/11/19 22:09:40 | 000,000,000 | ---D | M] (LastPass) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rqmfed16.default\extensions\[email protected]
[2011/12/22 12:30:42 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rqmfed16.default\extensions\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1}\aol\distribution\extensions
[2012/01/02 11:46:24 | 000,000,000 | ---D | M] (AOL Toolbar) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rqmfed16.default\extensions\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1}\aol\distribution\extensions\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1}
[2009/04/26 10:04:34 | 000,000,931 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rqmfed16.default\searchplugins\dictionary.xml
[2011/12/31 18:38:31 | 000,002,600 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rqmfed16.default\searchplugins\wr-english-french.xml
[2011/12/31 18:38:31 | 000,002,600 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rqmfed16.default\searchplugins\wr-french-english.xml
[2009/04/26 16:09:56 | 000,004,140 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rqmfed16.default\searchplugins\youtube.xml
[2011/12/26 22:33:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/12/26 22:33:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}
[2011/12/22 12:30:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\distribution\extensions
[2011/12/22 12:30:34 | 000,000,000 | ---D | M] (AOL Toolbar) -- C:\Program Files\Mozilla Firefox\distribution\extensions\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1}
[2011/12/22 12:30:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\distribution\extensions\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1}\aol\distribution\extensions
[2011/12/22 12:30:34 | 000,000,000 | ---D | M] (AOL Toolbar) -- C:\Program Files\Mozilla Firefox\distribution\extensions\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1}\aol\distribution\extensions\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1}
() (No name found) -- C:\DOCUMENTS AND SETTINGS\HP_ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\RQMFED16.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2011/12/26 22:32:50 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/11/10 16:20:33 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES\MCAFEE\SITEADVISOR
[2011/12/25 14:22:52 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/12/26 22:32:49 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/12/16 19:20:10 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/12/16 19:20:10 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\Application\16.0.912.63\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\Application\16.0.912.63\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\Application\16.0.912.63\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.40.135.1_0\McChPlg.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll
CHR - plugin: RoboForm Plugin for Google Chrome/Opera/etc. (Enabled) = C:\Program Files\Siber Systems\AI RoboForm\Chrome\plugin/rf-np-plugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Java Deployment Toolkit 7.0.10.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: RealPlayer™ HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: RealNetworks™ Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: MetaStream 3 Plugin (Enabled) = C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\
CHR - Extension: Adblock Plus for Google Chrome\u2122 (Beta) = C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.1.4_0\
CHR - Extension: Black Hole Sun = C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cjflaldchiphekckakjglcfjiomhjobc\1_0\
CHR - Extension: Google Search = C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\
CHR - Extension: SiteAdvisor = C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.40.135.1_0\
CHR - Extension: LastPass = C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.80.4_0\
CHR - Extension: Gmail = C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\

O1 HOSTS File: ([2011/12/18 17:31:04 | 000,610,942 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost #[IPv6]
O1 - Hosts: 127.0.0.1 fr.a2dfp.net
O1 - Hosts: 127.0.0.1 m.fr.a2dfp.net
O1 - Hosts: 127.0.0.1 ad.a8.net
O1 - Hosts: 127.0.0.1 asy.a8ww.net
O1 - Hosts: 127.0.0.1 abcstats.com
O1 - Hosts: 127.0.0.1 a.abv.bg
O1 - Hosts: 127.0.0.1 adserver.abv.bg
O1 - Hosts: 127.0.0.1 adv.abv.bg
O1 - Hosts: 127.0.0.1 bimg.abv.bg
O1 - Hosts: 127.0.0.1 ca.abv.bg
O1 - Hosts: 127.0.0.1 www2.a-counter.kiev.ua
O1 - Hosts: 127.0.0.1 track.acclaimnetwork.com
O1 - Hosts: 127.0.0.1 accuserveadsystem.com
O1 - Hosts: 127.0.0.1 www.accuserveadsystem.com
O1 - Hosts: 127.0.0.1 achmedia.com
O1 - Hosts: 127.0.0.1 aconti.net
O1 - Hosts: 127.0.0.1 secure.aconti.net
O1 - Hosts: 127.0.0.1 www.aconti.net #[Dialer.Aconti]
O1 - Hosts: 127.0.0.1 am1.activemeter.com
O1 - Hosts: 127.0.0.1 www.activemeter.com #[Tracking.Cookie]
O1 - Hosts: 127.0.0.1 ads.activepower.net
O1 - Hosts: 127.0.0.1 stat.active24stats.nl #[Tracking.Cookie]
O1 - Hosts: 127.0.0.1 ad2games.com
O1 - Hosts: 16256 more lines...
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (AC-Pro) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Program Files\AutocompletePro\AutocompletePro.dll (SimplyGen)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Reg Error: Value error.) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_9993303B90FE6C1D.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (&Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKLM\..\Toolbar: (&RoboForm) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKLM\..\Toolbar: (HP view) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll (Hewlett-Packard Company)
O3 - HKCU\..\Toolbar\ShellBrowser: (HP view) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll (Hewlett-Packard Company)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (&RoboForm) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (HP view) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll (Hewlett-Packard Company)
O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe (Acronis)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [DiscWizardMonitor.exe] C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe (Seagate)
O4 - HKLM..\Run: [Google Quick Search Box] C:\Program Files\Google\Quick Search Box\qsb.exe (Google Inc.)
O4 - HKLM..\Run: [HostManager] C:\Program Files\Common Files\AOL\1238950621\ee\aolsoftware.exe (AOL Inc.)
O4 - HKLM..\Run: [HPBootOp] C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [TkBellExe] C:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [VMM Mode Selection] C:\Program Files\HTC\ModeSelection\VMMModeSelection.exe ()
O4 - HKCU..\Run: [AOL Fast Start] C:\Program Files\AOL Desktop 9.6\AOL.EXE (AOL Inc.)
O4 - HKCU..\Run: [DW6] "C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe" File not found
O4 - HKCU..\Run: [HLBackupScheduler] C:\Program Files\Verizon V CAST Media Manager\V CAST Backup Scheduler.exe File not found
O4 - HKCU..\Run: [RoboForm] C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (Siber Systems)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe AcStd7_0_0 -reboot 1 File not found
O4 - Startup: C:\Documents and Settings\HP_Administrator\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowLegacyWebView = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowUnhashedWebView = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Customize Menu - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8 - Extra context menu item: Fill Forms - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8 - Extra context menu item: RoboForm Toolbar - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O8 - Extra context menu item: Save Forms - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra Button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra 'Tools' menuitem : RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O9 - Extra 'Tools' menuitem : Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1238999803828 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 69.1.30.43 69.1.30.42 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4BD16F00-2D72-4E14-8D84-59E100007E75}: DhcpNameServer = 69.1.30.43 69.1.30.42 192.168.1.1
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Filter\x-sdch {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_9993303B90FE6C1D.dll (Google Inc.)
O20 - AppInit_DLLs: (c:\windows\system32\guard32.dll) -C:\WINDOWS\system32\guard32.dll (COMODO)
O20 - AppInit_DLLs: (C:\WINDOWS\system32\guard32.dll) -C:\WINDOWS\system32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (relog_ap) -C:\WINDOWS\System32\relog_ap.dll (Acronis)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/04/04 22:02:09 | 000,000,100 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/27 14:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - Unable to obtain root file information for disk D:\
O33 - MountPoints2\{bf200393-639b-11df-b7b8-00038a000015}\Shell\Auto\command - "" = K:\Start.exe
O33 - MountPoints2\{bf200393-639b-11df-b7b8-00038a000015}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{bf200393-639b-11df-b7b8-00038a000015}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Start.exe
O33 - MountPoints2\{d3451be4-bc13-11d9-bafb-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{d3451be4-bc13-11d9-bafb-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{d3451be4-bc13-11d9-bafb-806d6172696f}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480
O33 - MountPoints2\{ff17faff-34c6-11e0-b9a4-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{ff17faff-34c6-11e0-b9a4-00038a000015}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{ff17faff-34c6-11e0-b9a4-00038a000015}\Shell\AutoRun\command - "" = K:\TL-Bootstrap.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/01/02 13:56:46 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\HP_Administrator\Desktop\OTL.exe
[2012/01/02 09:03:03 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/12/29 17:55:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\Malwarebytes
[2011/12/29 17:55:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/12/29 17:55:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/12/29 17:55:22 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/12/29 17:55:22 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/12/28 16:27:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Desktop\Backups
[2011/12/28 16:26:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Desktop\Android
[2011/12/28 16:04:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Desktop\OpenOffice
[2011/12/28 15:40:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Desktop\Isobeye
[2011/12/28 15:38:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Desktop\Frederick
[2011/12/27 12:36:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2011/12/26 22:33:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011/12/26 22:02:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe Systems
[2011/12/26 15:31:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Desktop\Cisco
[2011/12/25 14:49:02 | 000,000,000 | ---D | C] -- C:\Program Files\Cisco Systems
[2011/12/25 14:39:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Cisco Systems
[2011/12/23 19:20:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2011/12/23 19:19:00 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/12/23 19:18:55 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/12/19 18:48:45 | 000,000,000 | ---D | C] -- C:\Program Files\SpywareGuard
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/01/02 14:14:01 | 000,000,906 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/01/02 14:08:02 | 000,000,902 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/01/02 14:08:02 | 000,000,300 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1152887323-3892239175-806143724-1008.job
[2012/01/02 14:07:58 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/01/02 14:07:56 | 3211,251,712 | -HS- | M] () -- C:\hiberfil.sys
[2012/01/02 13:56:46 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\HP_Administrator\Desktop\OTL.exe
[2012/01/02 13:55:00 | 000,001,022 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1152887323-3892239175-806143724-1008UA.job
[2012/01/02 13:12:20 | 000,000,188 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.DAT
[2012/01/02 10:36:10 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2012/01/02 06:55:00 | 000,000,970 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1152887323-3892239175-806143724-1008Core.job
[2012/01/01 23:49:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2011/12/30 17:40:02 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/12/28 13:33:31 | 000,257,656 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\TSP Accounr Balance 12-27-2011
[2011/12/28 13:30:32 | 000,265,383 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\TSP Account Balance 12-27-2011
[2011/12/28 12:01:49 | 000,000,020 | ---- | M] () -- C:\dirref.ini
[2011/12/27 12:04:07 | 000,375,264 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/12/23 19:20:27 | 000,001,553 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2011/12/22 12:30:36 | 000,000,753 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/12/22 12:30:36 | 000,000,735 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/12/21 15:38:26 | 000,000,040 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\jagex_cl_runescape_LIVE.dat
[2011/12/19 12:59:22 | 000,097,760 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\inspect.sys
[2011/12/19 12:59:21 | 000,031,704 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\cmdhlp.sys
[2011/12/19 12:59:20 | 000,494,816 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\cmdGuard.sys
[2011/12/19 12:59:19 | 000,018,056 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\cmderd.sys
[2011/12/19 12:58:56 | 000,033,984 | ---- | M] (COMODO) -- C:\WINDOWS\System32\cmdcsr.dll
[2011/12/19 12:58:55 | 000,301,224 | ---- | M] (COMODO) -- C:\WINDOWS\System32\guard32.dll
[2011/12/18 17:31:04 | 000,610,942 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\HOSTS
[2011/12/17 11:11:00 | 000,000,308 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1152887323-3892239175-806143724-1008.job
[2011/12/14 22:24:18 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/12/14 22:17:20 | 002,002,592 | ---- | M] () -- C:\WINDOWS\iis6.BAK
[2011/12/13 19:56:48 | 000,002,376 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Google Chrome.lnk
[2011/12/13 19:56:48 | 000,002,354 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/12/10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/12/28 13:33:27 | 000,257,656 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\TSP Accounr Balance 12-27-2011
[2011/12/28 13:30:28 | 000,265,383 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\TSP Account Balance 12-27-2011
[2011/12/28 12:01:49 | 000,000,020 | ---- | C] () -- C:\dirref.ini
[2011/12/27 12:37:31 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader X.lnk
[2011/12/25 14:50:31 | 000,001,821 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Cisco Connect.lnk
[2011/12/23 19:20:27 | 000,001,553 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2011/06/18 03:27:55 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2010/06/23 14:59:11 | 000,609,768 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/03/09 22:17:43 | 000,023,113 | ---- | C] () -- C:\WINDOWS\hpqins15.dat
[2010/02/16 22:01:06 | 000,077,377 | ---- | C] () -- C:\WINDOWS\hpqins05.dat
[2010/02/16 17:09:30 | 000,000,096 | -H-- | C] () -- C:\WINDOWS\System32\HsInfo.dat
[2009/11/27 14:56:53 | 000,073,320 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/10/10 08:58:56 | 000,000,355 | ---- | C] () -- C:\WINDOWS\Sonic3K.INI
[2009/08/22 14:18:09 | 000,154,849 | ---- | C] () -- C:\WINDOWS\hpoins35.dat
[2009/08/22 14:18:08 | 000,001,008 | ---- | C] () -- C:\WINDOWS\hpomdl35.dat
[2009/06/19 07:34:14 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/04/10 15:29:45 | 000,039,936 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/04/06 08:41:47 | 000,000,659 | ---- | C] () -- C:\WINDOWS\AdrBook.INI
[2009/04/05 23:11:55 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\PTQL10F.DLL
[2009/04/05 23:11:53 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\PTQL5F.DLL
[2009/04/05 23:11:52 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\PTQL65F.DLL
[2009/04/05 22:20:10 | 000,068,954 | ---- | C] () -- C:\WINDOWS\hpoins05.dat
[2009/04/05 22:20:10 | 000,019,696 | ---- | C] () -- C:\WINDOWS\hpomdl05.dat
[2009/04/05 11:25:34 | 000,042,240 | ---- | C] () -- C:\WINDOWS\System32\drivers\viaagp.sys
[2009/04/05 10:48:11 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/04/04 23:19:29 | 000,000,139 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\fusioncache.dat
[2009/04/04 22:04:16 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2009/04/04 22:01:19 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2009/04/04 22:01:19 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2009/04/04 22:01:19 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2009/04/04 22:01:19 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2009/04/04 22:01:19 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2009/04/04 22:01:19 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2009/04/04 21:34:14 | 000,015,327 | ---- | C] () -- C:\WINDOWS\System32\CHODDI.SYS
[2009/04/04 21:34:08 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpreg.dll
[2009/04/04 21:33:52 | 000,002,158 | ---- | C] () -- C:\WINDOWS\System32\ssmute.ini
[2009/04/04 21:30:50 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/04/04 21:17:32 | 000,047,832 | ---- | C] () -- C:\WINDOWS\hpiins01.dat
[2009/04/04 21:17:32 | 000,000,000 | ---- | C] () -- C:\WINDOWS\hpimdl01.dat
[2009/04/04 21:16:00 | 000,094,364 | ---- | C] () -- C:\WINDOWS\HPHins03.dat
[2009/04/04 21:16:00 | 000,002,655 | ---- | C] () -- C:\WINDOWS\hphmdl03.dat
[2009/04/04 21:09:58 | 000,050,500 | ---- | C] () -- C:\WINDOWS\hpdins05.dat
[2009/04/04 21:09:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\hpdmdl01.dat
[2009/04/04 21:08:47 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2009/04/04 21:01:26 | 000,156,672 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2009/04/04 20:49:15 | 000,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2009/04/04 19:03:59 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2009/04/04 19:03:59 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2009/04/04 19:03:55 | 000,004,490 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2009/04/04 19:03:49 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2009/04/04 19:03:40 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2009/04/04 19:03:05 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2009/04/04 19:03:05 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2009/04/04 19:02:18 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2009/04/04 19:01:43 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2008/05/26 20:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/26 20:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2007/09/27 09:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 09:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 09:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2005/08/05 13:01:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/05/03 21:47:35 | 000,323,584 | ---- | C] () -- C:\WINDOWS\System32\pythoncom22.dll
[2005/05/03 21:47:35 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\pywintypes22.dll
[2005/05/03 21:47:05 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2005/02/18 11:56:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/01/28 03:55:32 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2005/01/28 03:47:28 | 000,528,100 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2005/01/28 03:47:28 | 000,096,904 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2005/01/28 03:45:04 | 000,375,264 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005/01/28 03:41:00 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2005/01/28 03:36:46 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2005/01/19 17:45:40 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\PcdrKernelModeServices.dll
[2005/01/19 17:45:40 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\ProgressTrace.dll
[2004/08/10 12:00:00 | 000,058,112 | ---- | C] () -- C:\WINDOWS\System32\drivers\vdmindvd.sys
[2004/08/10 12:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/07/26 15:51:38 | 000,000,560 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2004/06/07 12:32:52 | 000,009,505 | ---- | C] () -- C:\WINDOWS\System32\hphmon06.dat
[2003/04/10 17:04:00 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\JAWTAccessBridge.dll
[2003/01/07 17:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

========== LOP Check ==========

[2009/05/29 12:16:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\billeo
[2011/12/25 14:39:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Cisco Systems
[2009/08/22 19:47:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Linksys
[2009/05/21 20:03:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSScanAppDataDir
[2010/01/03 19:52:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Napster
[2009/04/06 01:04:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RoboForm
[2011/09/06 19:09:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SafeNet Sentinel
[2009/04/05 23:19:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Seagate
[2009/07/27 15:13:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony
[2009/05/21 20:04:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SSScanAppDataDir
[2011/03/17 12:49:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SwiftKit
[2011/12/28 22:26:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/09/06 20:32:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TI-Nspire
[2010/01/11 17:31:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2010/02/27 13:06:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Western Digital
[2009/06/23 18:27:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2009/04/06 01:22:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2010/03/30 20:10:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/09/10 18:13:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/04/16 18:07:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2012/01/01 23:49:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34

< End of report >
  • 0

Advertisements

#2
myrti
Posted 07 January 2012 - 06:48 AM

myrti

    Expert

  • Expert
  • 2,580 posts
Hi,

please run gmer next:
Please download GMER from one of the following locations and save it to your desktop:
  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.

    Posted Image
  • GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and re-enable all active protection when done.
-- If you encounter any problems, try running GMER in Safe Mode.
  • 0

#3
Tigerlure
Posted 10 January 2012 - 06:32 AM

Tigerlure

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts
I ran gmer over night, but when I woke up there was a bunch of error messages saying I didn't have enough quota to open up files such as family documents and the such. Should I still try to run in safe mode?

Edited by Tigerlure, 10 January 2012 - 06:33 AM.

  • 0

#4
myrti
Posted 11 January 2012 - 04:28 PM

myrti

    Expert

  • Expert
  • 2,580 posts
Hi,

yes please. Gmer only reads your data, it doesn't make any changes. Any problems you have should be fixed with a reboot.

If the issues persist please let me know.

regards myrti
  • 0

#5
Tigerlure
Posted 11 January 2012 - 10:21 PM

Tigerlure

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts
Hi, I could not run Gmer in safe mode. The computer restarted by itself again.
  • 0

#6
myrti
Posted 12 January 2012 - 04:07 AM

myrti

    Expert

  • Expert
  • 2,580 posts
Hi,

please try running aswmbr instead:
Please download aswMBR ( 511KB ) to your desktop.
  • Double click the aswMBR.exe icon to run it
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.
regards myrti
  • 0

#7
Tigerlure
Posted 12 January 2012 - 01:23 PM

Tigerlure

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts
aswMBR version 0.9.9.1297 Copyright© 2011 AVAST Software
Run date: 2012-01-12 13:19:47
-----------------------------
13:19:47.953 OS Version: Windows 5.1.2600 Service Pack 3
13:19:47.953 Number of processors: 2 586 0x404
13:19:47.953 ComputerName: EODASO UserName:
13:19:49.359 Initialize success
13:19:58.453 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-17
13:19:58.453 Disk 0 Vendor: ST3500320AS SD1A Size: 476940MB BusType: 3
13:19:58.468 Disk 0 MBR read successfully
13:19:58.468 Disk 0 MBR scan
13:19:58.468 Disk 0 unknown MBR code
13:19:58.468 Disk 0 Partition 1 00 0C FAT32 LBA RECOVERY 9730 MB offset 63
13:19:58.468 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 467199 MB offset 19928160
13:19:58.468 Disk 0 scanning sectors +976752000
13:19:58.531 Disk 0 scanning C:\WINDOWS\system32\drivers
13:20:05.843 Service scanning
13:20:07.203 Modules scanning
13:20:21.171 Disk 0 trace - called modules:
13:20:21.171
13:20:21.171 Scan finished successfully
13:20:38.359 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\HP_Administrator\Desktop\MBR.dat"
13:20:38.375 The log file has been saved successfully to "C:\Documents and Settings\HP_Administrator\Desktop\aswMBR.txt"
  • 0

#8
myrti
Posted 13 January 2012 - 05:20 AM

myrti

    Expert

  • Expert
  • 2,580 posts
Hi,

the logs seem clean. Just to be safe please run a scan with Eset:
I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Check Posted Image
  • Push the Start button.
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image

as well as TDSSKiller:
  • Download TDSSKiller and save it to your Desktop.
  • Extract its contents to your desktop and make sure TDSSKiller.exe (the contents of the zipped file) is on the Desktop itself, not within a folder on the desktop.
  • Go to Start > Run (Or you can hold down your Windows key and press R) and copy and paste the following into the text field. (make sure you include the quote marks) Then press OK.

    "%userprofile%\Desktop\TDSSKiller.exe" -l C:\TDSSKiller.txt

  • If it says "Hidden service detected" DO NOT type anything in. Just press Enter on your keyboard to not do anything to the file.
  • When it is done, a log file should be created on your C: drive called "TDSSKiller.txt" please copy and paste the contents of that file here.

Finally please disable automatic reboot on failure, that way you should get a blue screen with an error message next time the PC reboots. Post that message here:
Please disable automatic restart:
  • Right-click My Computer, and then click Properties.
  • Click the Advanced tab.
  • Under Startup and Recovery, click Settings to open the Startup and Recovery dialog box.
  • Uncheck the Automatically restart check box, and click OK the necessary number of times.
  • Restart your computer for the settings to take effect.

regards myrti
  • 0

#9
Tigerlure
Posted 14 January 2012 - 08:17 AM

Tigerlure

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts
I'm not sure, but I think the ESET scanner may have found some false positives. Here they are.


C:\Documents and Settings\HP_Administrator\Local Settings\Temp\FFoxPackage.exe a variant of Win32/Adware.Bandoo.AA application deleted - quarantined
C:\Documents and Settings\HP_Administrator\Local Settings\Temp\nsf215.tmp.exe a variant of Win32/Adware.Bandoo.AA application deleted - quarantined
C:\Documents and Settings\HP_Administrator\Local Settings\Temp\Fun4IMFiles\files.exe a variant of Win32/Adware.Bandoo.AA application deleted - quarantined
C:\Documents and Settings\HP_Administrator\Local Settings\Temp\Fun4IMFiles\Bin\AIMPlugin.dll a variant of Win32/Adware.Bandoo.AA application cleaned by deleting - quarantined
C:\Documents and Settings\HP_Administrator\Local Settings\Temp\Fun4IMFiles\Bin\Bandoo.exe a variant of Win32/Adware.Bandoo.AA application cleaned by deleting - quarantined
C:\Documents and Settings\HP_Administrator\Local Settings\Temp\Fun4IMFiles\Bin\BandooGo.exe a variant of Win32/Adware.Bandoo.AA application cleaned by deleting - quarantined
C:\Documents and Settings\HP_Administrator\Local Settings\Temp\Fun4IMFiles\Bin\BandooUI.exe a variant of Win32/Adware.Bandoo.AA application cleaned by deleting - quarantined
C:\Documents and Settings\HP_Administrator\Local Settings\Temp\Fun4IMFiles\Bin\BndCore.exe a variant of Win32/Adware.Bandoo.AA application cleaned by deleting - quarantined
C:\Documents and Settings\HP_Administrator\Local Settings\Temp\Fun4IMFiles\Bin\ExtensionsManager.exe a variant of Win32/Adware.Bandoo.AA application cleaned by deleting - quarantined
C:\Documents and Settings\HP_Administrator\Local Settings\Temp\Fun4IMFiles\Bin\FFoxPackage.exe a variant of Win32/Adware.Bandoo.AA application deleted - quarantined
C:\Documents and Settings\HP_Administrator\Local Settings\Temp\Fun4IMFiles\Bin\ieplugin.dll a variant of Win32/Adware.Bandoo.AA application cleaned by deleting - quarantined
C:\Documents and Settings\HP_Administrator\Local Settings\Temp\Fun4IMFiles\Bin\InstallerHelper.dll a variant of Win32/Adware.Bandoo.AA application cleaned by deleting - quarantined
C:\Documents and Settings\HP_Administrator\Local Settings\Temp\Fun4IMFiles\Bin\msnplugin.dll a variant of Win32/Adware.Bandoo.AA application cleaned by deleting - quarantined
C:\Documents and Settings\HP_Administrator\Local Settings\Temp\Fun4IMFiles\Bin\OEPlugin.dll a variant of Win32/Adware.Bandoo.AA application cleaned by deleting - quarantined
C:\Documents and Settings\HP_Administrator\Local Settings\Temp\Fun4IMFiles\Bin\YahooPlugin.dll a variant of Win32/Adware.Bandoo.AA application cleaned by deleting - quarantined
C:\Documents and Settings\HP_Administrator\Local Settings\Temp\~nsu.tmp\nsl210.tmp a variant of Win32/Adware.Bandoo.AA application deleted - quarantined
C:\Documents and Settings\HP_Administrator\My Documents\Downloads\cnet2_Windows7UpgradeAdvisorSetup_exe.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined


And here's the TDSSKiller

08:03:22.0250 9796 TDSS rootkit removing tool 2.7.1.0 Jan 13 2012 15:24:05
08:03:24.0265 9796 ============================================================
08:03:24.0265 9796 Current date / time: 2012/01/14 08:03:24.0265
08:03:24.0265 9796 SystemInfo:
08:03:24.0265 9796
08:03:24.0265 9796 OS Version: 5.1.2600 ServicePack: 3.0
08:03:24.0265 9796 Product type: Workstation
08:03:24.0265 9796 ComputerName: EODASO
08:03:24.0265 9796 UserName: HP_Administrator
08:03:24.0265 9796 Windows directory: C:\WINDOWS
08:03:24.0265 9796 System windows directory: C:\WINDOWS
08:03:24.0265 9796 Processor architecture: Intel x86
08:03:24.0265 9796 Number of processors: 2
08:03:24.0265 9796 Page size: 0x1000
08:03:24.0265 9796 Boot type: Normal boot
08:03:24.0265 9796 ============================================================
08:04:44.0921 9796 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000, SectorSize: 0x200, Cylinders: 0xFC59, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K', Flags 0x00000054
08:04:45.0187 9796 Initialize success
08:05:49.0531 8268 ============================================================
08:05:49.0531 8268 Scan started
08:05:49.0531 8268 Mode: Manual;
08:05:49.0531 8268 ============================================================
08:05:49.0937 8268 Abiosdsk - ok
08:05:49.0937 8268 abp480n5 - ok
08:05:50.0015 8268 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
08:05:50.0015 8268 ACPI - ok
08:05:50.0062 8268 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
08:05:50.0078 8268 ACPIEC - ok
08:05:50.0093 8268 adpu160m - ok
08:05:50.0109 8268 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
08:05:50.0140 8268 aec - ok
08:05:50.0171 8268 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
08:05:50.0203 8268 AFD - ok
08:05:50.0281 8268 AgereSoftModem (593aefc67283d409f34cc1245d00a509) C:\WINDOWS\system32\DRIVERS\AGRSM.sys
08:05:50.0359 8268 AgereSoftModem - ok
08:05:50.0359 8268 Aha154x - ok
08:05:50.0375 8268 aic78u2 - ok
08:05:50.0390 8268 aic78xx - ok
08:05:50.0406 8268 AliIde - ok
08:05:50.0421 8268 amsint - ok
08:05:50.0468 8268 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
08:05:50.0484 8268 Arp1394 - ok
08:05:50.0500 8268 asc - ok
08:05:50.0515 8268 asc3350p - ok
08:05:50.0531 8268 asc3550 - ok
08:05:50.0578 8268 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
08:05:50.0609 8268 AsyncMac - ok
08:05:50.0625 8268 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
08:05:50.0625 8268 atapi - ok
08:05:50.0640 8268 Atdisk - ok
08:05:50.0671 8268 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
08:05:50.0671 8268 Atmarpc - ok
08:05:50.0687 8268 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
08:05:50.0718 8268 audstub - ok
08:05:50.0796 8268 avgio (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Program Files\Avira\AntiVir Desktop\avgio.sys
08:05:50.0828 8268 avgio - ok
08:05:50.0843 8268 avgntflt (1e4114685de1ffa9675e09c6a1fb3f4b) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
08:05:50.0843 8268 avgntflt - ok
08:05:50.0875 8268 avipbb (0f78d3dae6dedd99ae54c9491c62adf2) C:\WINDOWS\system32\DRIVERS\avipbb.sys
08:05:50.0890 8268 avipbb - ok
08:05:50.0953 8268 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
08:05:50.0953 8268 Beep - ok
08:05:50.0984 8268 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
08:05:51.0000 8268 cbidf2k - ok
08:05:51.0031 8268 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
08:05:51.0031 8268 CCDECODE - ok
08:05:51.0046 8268 cd20xrnt - ok
08:05:51.0062 8268 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
08:05:51.0062 8268 Cdaudio - ok
08:05:51.0078 8268 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
08:05:51.0078 8268 Cdfs - ok
08:05:51.0093 8268 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
08:05:51.0109 8268 Cdrom - ok
08:05:51.0125 8268 Changer - ok
08:05:51.0187 8268 cmdGuard (a2c97b4f0db351930d58f467948dc51d) C:\WINDOWS\system32\DRIVERS\cmdguard.sys
08:05:51.0218 8268 cmdGuard - ok
08:05:51.0234 8268 cmdHlp (a736f2263310fee1799de88cb50c1023) C:\WINDOWS\system32\DRIVERS\cmdhlp.sys
08:05:51.0265 8268 cmdHlp - ok
08:05:51.0281 8268 CmdIde - ok
08:05:51.0296 8268 Cpqarray - ok
08:05:51.0343 8268 CXFALCON (0d95dccd7c2755fdf0bd0b416b0b142f) C:\WINDOWS\system32\drivers\cxfalcon.sys
08:05:51.0343 8268 CXFALCON - ok
08:05:51.0359 8268 dac2w2k - ok
08:05:51.0375 8268 dac960nt - ok
08:05:51.0390 8268 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
08:05:51.0390 8268 Disk - ok
08:05:51.0437 8268 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
08:05:51.0468 8268 dmboot - ok
08:05:51.0484 8268 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
08:05:51.0484 8268 dmio - ok
08:05:51.0500 8268 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
08:05:51.0500 8268 dmload - ok
08:05:51.0515 8268 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
08:05:51.0531 8268 DMusic - ok
08:05:51.0546 8268 dpti2o - ok
08:05:51.0578 8268 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
08:05:51.0593 8268 drmkaud - ok
08:05:51.0625 8268 E100B (95974e66d3de4951d29e28e8bc0b644c) C:\WINDOWS\system32\DRIVERS\e100b325.sys
08:05:51.0640 8268 E100B - ok
08:05:51.0640 8268 EagleNT - ok
08:05:51.0671 8268 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
08:05:51.0687 8268 Fastfat - ok
08:05:51.0703 8268 fasttx2k (1e580770bdece924494b368ac980749e) C:\WINDOWS\system32\DRIVERS\fasttx2k.sys
08:05:51.0703 8268 fasttx2k - ok
08:05:51.0718 8268 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
08:05:51.0765 8268 Fdc - ok
08:05:51.0796 8268 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
08:05:51.0812 8268 Fips - ok
08:05:51.0843 8268 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
08:05:51.0875 8268 Flpydisk - ok
08:05:51.0921 8268 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
08:05:51.0921 8268 FltMgr - ok
08:05:51.0953 8268 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
08:05:51.0968 8268 Fs_Rec - ok
08:05:51.0968 8268 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
08:05:51.0968 8268 Ftdisk - ok
08:05:52.0000 8268 gagp30kx (3a74c423cf6bcca6982715878f450a3b) C:\WINDOWS\system32\DRIVERS\gagp30kx.sys
08:05:52.0000 8268 gagp30kx - ok
08:05:52.0015 8268 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
08:05:52.0015 8268 GEARAspiWDM - ok
08:05:52.0046 8268 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
08:05:52.0062 8268 Gpc - ok
08:05:52.0093 8268 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
08:05:52.0125 8268 HDAudBus - ok
08:05:52.0140 8268 HidIr (bb1a6fb7d35a91e599973fa74a619056) C:\WINDOWS\system32\DRIVERS\hidir.sys
08:05:52.0140 8268 HidIr - ok
08:05:52.0218 8268 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
08:05:52.0218 8268 HidUsb - ok
08:05:52.0234 8268 hpn - ok
08:05:52.0265 8268 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
08:05:52.0296 8268 HPZid412 - ok
08:05:52.0312 8268 HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
08:05:52.0312 8268 HPZipr12 - ok
08:05:52.0343 8268 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
08:05:52.0375 8268 HPZius12 - ok
08:05:52.0406 8268 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
08:05:52.0406 8268 HTTP - ok
08:05:52.0421 8268 i2omgmt - ok
08:05:52.0437 8268 i2omp - ok
08:05:52.0468 8268 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
08:05:52.0484 8268 i8042prt - ok
08:05:52.0578 8268 ialm (0294a30b302ca71a2c26e582dda93486) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
08:05:52.0593 8268 ialm - ok
08:05:52.0609 8268 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
08:05:52.0640 8268 Imapi - ok
08:05:52.0656 8268 ini910u - ok
08:05:52.0671 8268 Inspect (456003490faa4a2361ceacbfb6409172) C:\WINDOWS\system32\DRIVERS\inspect.sys
08:05:52.0687 8268 Inspect - ok
08:05:52.0796 8268 IntcAzAudAddService (44792ccbc7b41b42ec068c6416d17de1) C:\WINDOWS\system32\drivers\RtkHDAud.sys
08:05:52.0875 8268 IntcAzAudAddService - ok
08:05:52.0906 8268 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
08:05:52.0921 8268 IntelIde - ok
08:05:52.0937 8268 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
08:05:52.0953 8268 intelppm - ok
08:05:52.0984 8268 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
08:05:53.0015 8268 Ip6Fw - ok
08:05:53.0046 8268 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
08:05:53.0062 8268 IpFilterDriver - ok
08:05:53.0093 8268 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
08:05:53.0109 8268 IpInIp - ok
08:05:53.0140 8268 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
08:05:53.0156 8268 IpNat - ok
08:05:53.0171 8268 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
08:05:53.0187 8268 IPSec - ok
08:05:53.0250 8268 IrBus (b43b36b382aea10861f7c7a37f9d4ae2) C:\WINDOWS\system32\DRIVERS\IrBus.sys
08:05:53.0265 8268 IrBus - ok
08:05:53.0281 8268 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
08:05:53.0296 8268 IRENUM - ok
08:05:53.0328 8268 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
08:05:53.0328 8268 isapnp - ok
08:05:53.0343 8268 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
08:05:53.0359 8268 Kbdclass - ok
08:05:53.0375 8268 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
08:05:53.0375 8268 kbdhid - ok
08:05:53.0406 8268 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
08:05:53.0437 8268 kmixer - ok
08:05:53.0453 8268 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
08:05:53.0468 8268 KSecDD - ok
08:05:53.0515 8268 Lbd (52320254d74ea11b6f129e7df1016975) C:\WINDOWS\system32\DRIVERS\Lbd.sys
08:05:53.0515 8268 Lbd - ok
08:05:53.0531 8268 lbrtfdc - ok
08:05:53.0562 8268 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\WINDOWS\system32\drivers\mbam.sys
08:05:53.0562 8268 MBAMProtector - ok
08:05:53.0593 8268 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys
08:05:53.0625 8268 MHNDRV - ok
08:05:53.0640 8268 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
08:05:53.0640 8268 mnmdd - ok
08:05:53.0656 8268 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
08:05:53.0671 8268 Modem - ok
08:05:53.0687 8268 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
08:05:53.0687 8268 Mouclass - ok
08:05:53.0734 8268 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
08:05:53.0734 8268 mouhid - ok
08:05:53.0750 8268 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
08:05:53.0750 8268 MountMgr - ok
08:05:53.0765 8268 mraid35x - ok
08:05:53.0781 8268 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
08:05:53.0781 8268 MRxDAV - ok
08:05:53.0843 8268 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
08:05:53.0843 8268 MRxSmb - ok
08:05:53.0859 8268 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
08:05:53.0875 8268 Msfs - ok
08:05:53.0875 8268 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
08:05:53.0890 8268 MSKSSRV - ok
08:05:53.0906 8268 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
08:05:53.0921 8268 MSPCLOCK - ok
08:05:53.0953 8268 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
08:05:53.0984 8268 MSPQM - ok
08:05:54.0031 8268 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
08:05:54.0031 8268 mssmbios - ok
08:05:54.0046 8268 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
08:05:54.0062 8268 MSTEE - ok
08:05:54.0078 8268 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
08:05:54.0093 8268 Mup - ok
08:05:54.0125 8268 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
08:05:54.0125 8268 NABTSFEC - ok
08:05:54.0156 8268 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
08:05:54.0156 8268 NDIS - ok
08:05:54.0187 8268 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
08:05:54.0203 8268 NdisIP - ok
08:05:54.0218 8268 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
08:05:54.0234 8268 NdisTapi - ok
08:05:54.0250 8268 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
08:05:54.0281 8268 Ndisuio - ok
08:05:54.0296 8268 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
08:05:54.0312 8268 NdisWan - ok
08:05:54.0328 8268 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
08:05:54.0328 8268 NDProxy - ok
08:05:54.0343 8268 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
08:05:54.0343 8268 NetBIOS - ok
08:05:54.0359 8268 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
08:05:54.0390 8268 NetBT - ok
08:05:54.0437 8268 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
08:05:54.0468 8268 NIC1394 - ok
08:05:54.0484 8268 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
08:05:54.0484 8268 Npfs - ok
08:05:54.0500 8268 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
08:05:54.0500 8268 Ntfs - ok
08:05:54.0531 8268 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
08:05:54.0531 8268 Null - ok
08:05:54.0546 8268 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
08:05:54.0546 8268 NwlnkFlt - ok
08:05:54.0578 8268 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
08:05:54.0609 8268 NwlnkFwd - ok
08:05:54.0609 8268 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
08:05:54.0609 8268 ohci1394 - ok
08:05:54.0640 8268 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
08:05:54.0656 8268 Parport - ok
08:05:54.0656 8268 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
08:05:54.0656 8268 PartMgr - ok
08:05:54.0687 8268 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
08:05:54.0703 8268 ParVdm - ok
08:05:54.0718 8268 PcdrNdisuio (505cba425df3bb230f244e1c23221058) C:\WINDOWS\system32\DRIVERS\pcdrndisuio.sys
08:05:54.0734 8268 PcdrNdisuio - ok
08:05:54.0750 8268 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
08:05:54.0750 8268 PCI - ok
08:05:54.0765 8268 PCIDump - ok
08:05:54.0781 8268 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
08:05:54.0781 8268 PCIIde - ok
08:05:54.0812 8268 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
08:05:54.0843 8268 Pcmcia - ok
08:05:54.0859 8268 PDCOMP - ok
08:05:54.0859 8268 PDFRAME - ok
08:05:54.0875 8268 PDRELI - ok
08:05:54.0890 8268 PDRFRAME - ok
08:05:54.0906 8268 perc2 - ok
08:05:54.0906 8268 perc2hib - ok
08:05:54.0968 8268 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
08:05:55.0000 8268 PptpMiniport - ok
08:05:55.0031 8268 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
08:05:55.0062 8268 Processor - ok
08:05:55.0093 8268 Ps2 (390c204ced3785609ab24e9c52054a84) C:\WINDOWS\system32\DRIVERS\PS2.sys
08:05:55.0109 8268 Ps2 - ok
08:05:55.0125 8268 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
08:05:55.0125 8268 PSched - ok
08:05:55.0140 8268 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
08:05:55.0140 8268 Ptilink - ok
08:05:55.0171 8268 PxHelp20 (7c81ae3c9b82ba2da437ed4d31bc56cf) C:\WINDOWS\system32\Drivers\PxHelp20.sys
08:05:55.0171 8268 PxHelp20 - ok
08:05:55.0171 8268 ql1080 - ok
08:05:55.0187 8268 Ql10wnt - ok
08:05:55.0203 8268 ql12160 - ok
08:05:55.0218 8268 ql1240 - ok
08:05:55.0218 8268 ql1280 - ok
08:05:55.0234 8268 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
08:05:55.0250 8268 RasAcd - ok
08:05:55.0265 8268 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
08:05:55.0312 8268 Rasl2tp - ok
08:05:55.0328 8268 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
08:05:55.0343 8268 RasPppoe - ok
08:05:55.0359 8268 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
08:05:55.0375 8268 Raspti - ok
08:05:55.0390 8268 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
08:05:55.0390 8268 Rdbss - ok
08:05:55.0390 8268 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
08:05:55.0406 8268 RDPCDD - ok
08:05:55.0453 8268 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
08:05:55.0468 8268 rdpdr - ok
08:05:55.0515 8268 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
08:05:55.0531 8268 RDPWD - ok
08:05:55.0546 8268 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
08:05:55.0562 8268 redbook - ok
08:05:55.0609 8268 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
08:05:55.0656 8268 rtl8139 - ok
08:05:55.0734 8268 SDDMI2 - ok
08:05:55.0796 8268 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
08:05:55.0796 8268 Secdrv - ok
08:05:55.0812 8268 Serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
08:05:55.0828 8268 Serenum - ok
08:05:55.0828 8268 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
08:05:55.0843 8268 Serial - ok
08:05:55.0890 8268 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\DRIVERS\sfloppy.sys
08:05:55.0890 8268 Sfloppy - ok
08:05:55.0906 8268 Simbad - ok
08:05:55.0937 8268 SISNIC (3fbb6ef8b5a71a2fa11f5f461bb73219) C:\WINDOWS\system32\DRIVERS\sisnic.sys
08:05:55.0968 8268 SISNIC - ok
08:05:55.0984 8268 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
08:05:55.0984 8268 SLIP - ok
08:05:56.0031 8268 snapman (b6aa9bbff890ffea333ffe81d0b888ff) C:\WINDOWS\system32\DRIVERS\snapman.sys
08:05:56.0046 8268 snapman - ok
08:05:56.0046 8268 Sparrow - ok
08:05:56.0109 8268 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
08:05:56.0140 8268 splitter - ok
08:05:56.0156 8268 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
08:05:56.0156 8268 sr - ok
08:05:56.0187 8268 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
08:05:56.0203 8268 Srv - ok
08:05:56.0234 8268 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
08:05:56.0234 8268 ssmdrv - ok
08:05:56.0265 8268 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
08:05:56.0265 8268 streamip - ok
08:05:56.0281 8268 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
08:05:56.0281 8268 swenum - ok
08:05:56.0312 8268 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
08:05:56.0343 8268 swmidi - ok
08:05:56.0359 8268 symc810 - ok
08:05:56.0375 8268 symc8xx - ok
08:05:56.0375 8268 sym_hi - ok
08:05:56.0390 8268 sym_u3 - ok
08:05:56.0421 8268 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
08:05:56.0437 8268 sysaudio - ok
08:05:56.0468 8268 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
08:05:56.0500 8268 Tcpip - ok
08:05:56.0515 8268 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
08:05:56.0531 8268 TDPIPE - ok
08:05:56.0562 8268 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
08:05:56.0593 8268 TDTCP - ok
08:05:56.0593 8268 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
08:05:56.0609 8268 TermDD - ok
08:05:56.0656 8268 TIEHDUSB (a1124ebc672aa3ae1b327096c1dcc346) C:\WINDOWS\system32\drivers\tiehdusb.sys
08:05:56.0671 8268 TIEHDUSB - ok
08:05:56.0687 8268 tifsfilter (b84b82c0cbeb1b0d7eb7a946bade5830) C:\WINDOWS\system32\DRIVERS\tifsfilt.sys
08:05:56.0687 8268 tifsfilter - ok
08:05:56.0703 8268 timounter (74711884439bdf9ccf446c79cb05fac0) C:\WINDOWS\system32\DRIVERS\timntr.sys
08:05:56.0703 8268 timounter - ok
08:05:56.0718 8268 TosIde - ok
08:05:56.0750 8268 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
08:05:56.0765 8268 Udfs - ok
08:05:56.0781 8268 ultra - ok
08:05:56.0796 8268 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
08:05:56.0828 8268 Update - ok
08:05:56.0875 8268 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys
08:05:56.0890 8268 USBAAPL - ok
08:05:56.0953 8268 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
08:05:56.0968 8268 usbccgp - ok
08:05:57.0015 8268 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
08:05:57.0015 8268 usbehci - ok
08:05:57.0062 8268 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
08:05:57.0062 8268 usbhub - ok
08:05:57.0109 8268 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
08:05:57.0125 8268 usbohci - ok
08:05:57.0140 8268 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
08:05:57.0140 8268 usbprint - ok
08:05:57.0156 8268 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
08:05:57.0156 8268 usbscan - ok
08:05:57.0171 8268 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
08:05:57.0187 8268 USBSTOR - ok
08:05:57.0203 8268 USBTINSP (f9288b919ea3065ad65f33d971604696) C:\WINDOWS\system32\DRIVERS\tinspusb.sys
08:05:57.0218 8268 USBTINSP - ok
08:05:57.0250 8268 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
08:05:57.0281 8268 usbuhci - ok
08:05:57.0296 8268 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
08:05:57.0296 8268 VgaSave - ok
08:05:57.0312 8268 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
08:05:57.0328 8268 ViaIde - ok
08:05:57.0328 8268 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
08:05:57.0328 8268 VolSnap - ok
08:05:57.0359 8268 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
08:05:57.0406 8268 Wanarp - ok
08:05:57.0421 8268 wanatw (0a716c08cb13c3a8f4f51e882dbf7416) C:\WINDOWS\system32\DRIVERS\wanatw4.sys
08:05:57.0437 8268 wanatw - ok
08:05:57.0437 8268 WDC_SAM - ok
08:05:57.0500 8268 Wdf01000 (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\Drivers\wdf01000.sys
08:05:57.0515 8268 Wdf01000 - ok
08:05:57.0531 8268 WDICA - ok
08:05:57.0562 8268 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
08:05:57.0593 8268 wdmaud - ok
08:05:57.0625 8268 WinUSB (fd600b032e741eb6aab509fc630f7c42) C:\WINDOWS\system32\DRIVERS\WinUSB.sys
08:05:57.0640 8268 WinUSB - ok
08:05:57.0703 8268 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
08:05:57.0718 8268 WpdUsb - ok
08:05:57.0750 8268 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
08:05:57.0781 8268 WSTCODEC - ok
08:05:57.0812 8268 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
08:05:57.0812 8268 WudfPf - ok
08:05:57.0828 8268 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
08:05:57.0843 8268 WudfRd - ok
08:05:57.0875 8268 MBR (0x1B8) (0ac6d996bce152aed9600e6d6b797e2e) \Device\Harddisk0\DR0
08:05:57.0921 8268 \Device\Harddisk0\DR0 - ok
08:05:57.0921 8268 Boot (0x1200) (68ad736e33b7020226bd20b470083849) \Device\Harddisk0\DR0\Partition0
08:05:57.0921 8268 \Device\Harddisk0\DR0\Partition0 - ok
08:05:57.0937 8268 Boot (0x1200) (6142ba2c599ee5adf64592c1906057ca) \Device\Harddisk0\DR0\Partition1
08:05:57.0937 8268 \Device\Harddisk0\DR0\Partition1 - ok
08:05:57.0937 8268 ============================================================
08:05:57.0937 8268 Scan finished
08:05:57.0937 8268 ============================================================
08:05:57.0953 9608 Detected object count: 0
08:05:57.0953 9608 Actual detected object count: 0
08:06:22.0468 9576 Deinitialize success

I also did not get the blue screen with an error message after turning off automatic restart.

Edited by Tigerlure, 14 January 2012 - 08:27 AM.

  • 0

#10
myrti
Posted 14 January 2012 - 09:00 AM

myrti

    Expert

  • Expert
  • 2,580 posts
Hi,

but your PC did reboot again on its own? The files found by eset are in your temporary folder and not part of an active infection. You don't need to worry about those.

regards myrti
  • 0

Advertisements

#11
Tigerlure
Posted 14 January 2012 - 09:05 AM

Tigerlure

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts
I restarted it after turning off the automatic restart. It did not do it on its own
  • 0

#12
myrti
Posted 14 January 2012 - 09:25 AM

myrti

    Expert

  • Expert
  • 2,580 posts
Hi,

so have the automatic restarts stopped? The error message will only show when the PC restarts on its own.

regards myrti
  • 0

#13
Tigerlure
Posted 14 January 2012 - 09:38 AM

Tigerlure

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts
Oh, it hasn't done it yet, but since its random and not just on startup, I guess we won't know at the moment. If it does reboot again, I'll let you know. Thanks for your help.
  • 0

#14
myrti
Posted 14 January 2012 - 01:13 PM

myrti

    Expert

  • Expert
  • 2,580 posts
Hi,

I'm not seeing any malware. So I'm not sure this is due to malware at all. I would start focussing on other possible reasons, namely hardware failure or software problems.

Do you have an idea how warm your PC is running at any given time?

regards myrti
  • 0

#15
Tigerlure
Posted 14 January 2012 - 01:15 PM

Tigerlure

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts
I think sometimes it gets a little too hot, but most of the time it's fine. In any case, I'm planning on installing Windows 7 soon, so hopefully the problems will go away then if they don't now.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP