Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Network stops working [Closed]

Started by Foo Bar , Mar 31 2012 06:08 AM

  • This topic is locked This topic is locked

#1
Foo Bar
Posted 31 March 2012 - 06:08 AM

Foo Bar

    New Member

  • Member
  • Pip
  • 2 posts
After a day or two, the network goes disconnected. I have a cable connected to a wireless extender, resetting the router or the extender doesn't help, only reboot of PC.
What I can do at this time is connect a USB wireless dongle and then the network is up max one more day.
When I reboot I have to turn off the PC via the power button.

The first problem I had was that one morning Firefox was minimized and couldn't be restored. I could close it and open a new instance, but as soon as I resumed the previous session it went minimized again.

After this I installed Adaware, but it interferes with a web service I use.

OTL log:
OTL logfile created on: 2012-03-31 13:50:43 - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\tabort
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000041d | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd

7,91 Gb Total Physical Memory | 6,11 Gb Available Physical Memory | 77,27% Memory free
15,82 Gb Paging File | 13,95 Gb Available in Paging File | 88,19% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 558,81 Gb Total Space | 433,34 Gb Free Space | 77,55% Space Free | Partition Type: NTFS
Drive M: | 931,28 Gb Total Space | 175,62 Gb Free Space | 18,86% Space Free | Partition Type: FAT32

Computer Name: MOH-TYST | User Name: mohsart | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012-03-31 13:49:37 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\tabort\OTL.exe
PRC - [2012-03-29 12:44:02 | 001,161,072 | ---- | M] (Lavasoft Limited) -- C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
PRC - [2012-03-14 20:21:06 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012-02-23 17:43:15 | 000,740,216 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
PRC - [2012-01-03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011-11-25 16:32:36 | 000,687,400 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2011-11-10 11:49:56 | 000,124,616 | ---- | M] (Intel® Corporation) -- C:\Program Files (x86)\Intel\Intel Desktop Utilities\iduServ.exe
PRC - [2011-11-10 11:49:52 | 001,632,456 | ---- | M] (Intel® Corporation) -- C:\Program Files (x86)\Intel\Intel Desktop Utilities\iptray.exe
PRC - [2011-11-10 11:47:08 | 000,061,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\FSC\FSCAppServ.exe
PRC - [2011-10-21 11:09:36 | 000,198,032 | ---- | M] (Lavasoft) -- C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
PRC - [2011-09-16 15:39:24 | 000,115,048 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2011-08-08 18:44:56 | 002,656,536 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2011-08-08 18:44:54 | 000,325,912 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2011-03-28 12:21:16 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011-03-21 15:18:34 | 000,087,352 | ---- | M] (SecMaker AB) -- C:\Program Files (x86)\Net iD\iid.exe
PRC - [2011-01-17 21:11:22 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
PRC - [2011-01-17 21:11:22 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
PRC - [2010-09-08 08:22:30 | 000,721,408 | ---- | M] (Autodesk Inc) -- C:\Program Files (x86)\Autodesk\SketchBookPro2011\SketchBookSnapshot.exe
PRC - [2010-07-08 07:53:00 | 000,075,048 | ---- | M] (cyberlink) -- C:\Program Files (x86)\CyberLink\Shared files\brs.exe
PRC - [2010-04-20 17:15:18 | 000,697,640 | ---- | M] (CyberLink Corporation.) -- C:\Program Files (x86)\CyberLink\InstantBurn\Win2K\IBurn.exe
PRC - [2009-11-11 17:02:20 | 001,089,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtWlan.exe
PRC - [2009-11-02 15:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2009-07-10 12:23:54 | 000,036,864 | ---- | M] (Realtek) -- C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe
PRC - [2009-07-06 15:22:04 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
PRC - [2007-02-15 13:17:18 | 000,106,551 | ---- | M] (Hauppauge Computer Works) -- C:\Program Files (x86)\WinTV\Ir.exe
PRC - [2006-11-28 18:17:38 | 000,361,984 | ---- | M] (Hauppauge Computer Works) -- C:\PROGRA~2\WinTV\EPG Services\System\EPGService.exe
PRC - [2006-11-28 17:07:28 | 000,688,128 | ---- | M] (Hauppauge Inc.) -- C:\Program Files (x86)\WinTV\EPG Services\System\EPGClient.exe


========== Modules (No Company Name) ==========

MOD - [2012-03-30 17:42:39 | 008,797,344 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_228.dll
MOD - [2012-03-14 20:21:05 | 001,969,080 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011-12-21 05:24:26 | 000,985,088 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
MOD - [2010-02-09 11:52:26 | 033,735,976 | ---- | M] () -- C:\Program Files (x86)\CyberLink\InstantBurn\Win2K\res.dll
MOD - [2009-11-02 15:23:36 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009-11-02 15:20:10 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011-09-26 18:15:38 | 000,178,344 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\IPROSetMonitor.exe -- (Intel® PROSet Monitoring Service) Intel®
SRV:64bit: - [2009-07-14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012-03-30 18:29:31 | 000,253,600 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-03-29 12:44:02 | 001,161,072 | ---- | M] (Lavasoft Limited) [Auto | Running] -- C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe -- (Ad-Aware Service)
SRV - [2012-01-03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011-11-25 16:32:36 | 000,687,400 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate) @C:\Program Files (x86)
SRV - [2011-11-14 11:16:38 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Users\mohsart\AppData\Local\Temp\7zS5107\hpslpsvc64.dll -- (HPSLPSVC)
SRV - [2011-11-10 11:49:56 | 000,124,616 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Desktop Utilities\iduServ.exe -- (IduService) Intel®
SRV - [2011-11-10 11:47:08 | 000,061,440 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\FSC\FSCAppServ.exe -- (Intel® Desktop Boards FSC Application Service) Intel®
SRV - [2011-08-08 18:44:56 | 002,656,536 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®
SRV - [2011-08-08 18:44:54 | 000,325,912 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®
SRV - [2011-05-17 18:35:56 | 002,804,280 | ---- | M] (Sunbelt Software) [Auto | Stopped] -- C:\Program Files (x86)\Ad-Aware Antivirus\Engine\SBAMSvc.exe -- (SBAMSvc)
SRV - [2011-04-27 18:21:18 | 000,288,272 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV - [2011-04-27 18:21:18 | 000,012,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2011-04-01 12:14:30 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011-03-28 22:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Program\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2011-03-28 12:21:16 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2010-09-22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2010-05-25 11:39:52 | 000,246,256 | ---- | M] (CyberLink) [Auto | Stopped] -- C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe -- (CLKMSVC10_9EC60124)
SRV - [2010-03-18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009-07-10 12:23:54 | 000,036,864 | ---- | M] (Realtek) [Auto | Running] -- C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe -- (Realtek11nSU)
SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007-02-20 16:11:28 | 000,815,104 | ---- | M] (Hauppauge Computer Works) [On_Demand | Stopped] -- C:\PROGRA~2\WinTV\HCWTVS~1.EXE -- (HauppaugeTVServer)
SRV - [2006-11-28 18:17:38 | 000,361,984 | ---- | M] (Hauppauge Computer Works) [Auto | Running] -- C:\PROGRA~2\WinTV\EPG Services\System\EPGService.exe -- (EPGService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011-12-21 03:16:50 | 000,674,304 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rtl8192su.sys -- (RTL8192su)
DRV:64bit: - [2011-12-01 11:42:44 | 000,072,240 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NBVol.sys -- (NBVol)
DRV:64bit: - [2011-12-01 11:42:44 | 000,015,920 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NBVolUp.sys -- (NBVolUp)
DRV:64bit: - [2011-11-10 11:47:16 | 000,028,544 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\intelsmb.sys -- (smbusp) Intel®
DRV:64bit: - [2011-10-21 18:30:04 | 012,310,112 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011-10-05 01:28:42 | 000,032,936 | ---- | M] (Intel Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iqvw64e.sys -- (NAL)
DRV:64bit: - [2011-09-13 17:14:44 | 000,212,992 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2011-09-13 17:14:42 | 000,095,744 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2011-07-20 10:37:56 | 000,342,704 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1c62x64.sys -- (e1cexpress) Intel®
DRV:64bit: - [2011-05-13 16:37:54 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2011-05-11 16:26:04 | 000,072,280 | ---- | M] (Sunbelt Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\sbapifs.sys -- (sbapifs)
DRV:64bit: - [2011-04-29 14:15:42 | 000,055,384 | ---- | M] (Sunbelt Software) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\SBREDrv.sys -- (SBRE)
DRV:64bit: - [2011-04-27 16:25:24 | 000,084,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2011-04-05 17:35:20 | 000,253,528 | ---- | M] (Sunbelt Software, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SbFw.sys -- (SbFw)
DRV:64bit: - [2011-04-05 17:35:20 | 000,094,296 | ---- | M] (Sunbelt Software, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\sbtis.sys -- (SbTis)
DRV:64bit: - [2011-04-05 17:35:20 | 000,060,504 | ---- | M] (Sunbelt Software, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sbhips.sys -- (sbhips)
DRV:64bit: - [2011-04-04 19:53:04 | 000,019,840 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hcw95rc.sys -- (hcw95rc)
DRV:64bit: - [2011-04-04 19:52:40 | 000,658,944 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hcw95bda.sys -- (hcw95bda)
DRV:64bit: - [2011-03-11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011-03-11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011-02-08 09:14:20 | 000,084,568 | ---- | M] (Sunbelt Software, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SbFwIm.sys -- (SBFWIMCLMP)
DRV:64bit: - [2011-02-08 09:14:20 | 000,084,568 | ---- | M] (Sunbelt Software, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SbFwIm.sys -- (SBFWIMCL)
DRV:64bit: - [2010-11-21 05:24:43 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010-11-21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010-11-21 05:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2010-11-21 05:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2010-11-21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010-11-21 05:23:48 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2010-11-21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010-11-21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010-10-19 17:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel®
DRV:64bit: - [2010-04-20 16:59:02 | 000,024,560 | ---- | M] (Cyberlink Co.,Ltd.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\CLBStor.sys -- (CLBStor)
DRV:64bit: - [2010-04-20 16:59:00 | 000,376,816 | ---- | M] (CyberLink Corporation.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\CLBUDF.sys -- (CLBUDF)
DRV:64bit: - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009-07-14 03:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008-09-24 09:53:28 | 000,017,944 | ---- | M] (Initio Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\inidvd.sys -- (INIDVD)
DRV - [2011-12-12 10:41:02 | 000,015,384 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\cpuiox64.sys -- (cpuio)
DRV - [2011-04-29 14:15:42 | 000,101,720 | ---- | M] (Sunbelt Software) [Kernel | System | Stopped] -- C:\Windows\SysWOW64\drivers\SBREDrv.sys -- (SBRE)
DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://se.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = sv-SE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 2F A6 32 AA 06 F4 CC 01 [binary data]
IE - HKCU\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_228.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_228.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-03-14 20:21:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012-02-26 17:41:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 10.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012-02-17 12:01:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 10.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins

[2011-12-20 18:45:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\mohsart\AppData\Roaming\mozilla\Extensions
[2011-12-21 11:00:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\mohsart\AppData\Roaming\mozilla\Firefox\Profiles\cjvbyyro.default\extensions
[2012-03-12 12:44:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012-03-14 20:21:06 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011-03-21 15:18:34 | 000,227,640 | ---- | M] (SecMaker AB) -- C:\Program Files (x86)\mozilla firefox\plugins\npiidplg.dll
[2012-02-16 09:59:13 | 000,001,470 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allaannonser-sv-SE.xml
[2012-02-16 09:59:13 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012-02-16 09:59:13 | 000,002,670 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\prisjakt-sv-SE.xml
[2012-02-16 09:59:13 | 000,000,948 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\tyda-sv-SE.xml
[2012-02-16 09:59:13 | 000,001,174 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-sv-SE.xml
[2012-02-16 09:59:13 | 000,000,951 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-sv-SE.xml

O1 HOSTS File: ([2009-06-10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\Windows\SysNative\LogiLDA.dll (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Ad-Aware Antivirus] C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher.exe (Lavasoft Limited)
O4 - HKLM..\Run: [Ad-Aware Browsing Protection] C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [EPGServiceTool] C:\PROGRA~2\WinTV\EPGSER~1\System\EPGCLI~1.EXE /Minimize File not found
O4 - HKLM..\Run: [InstantBurn] C:\PROGRA~2\CYBERL~1\INSTAN~1\Win2K\IBurn.exe (CyberLink Corporation.)
O4 - HKLM..\Run: [ipTray.exe] C:\Program Files (x86)\Intel\Intel Desktop Utilities\ipTray.exe (Intel® Corporation)
O4 - HKLM..\Run: [NBAgent] C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe (Nero AG)
O4 - HKLM..\Run: [Net iD] C:\Program Files (x86)\Net iD\iid.exe (SecMaker AB)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [RemoteControl9] C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKCU..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - Startup: C:\Users\mohsart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://support.asus....k_sys_ctrl3.cab (asusTek_sysctrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1663D2D0-83B5-4615-8433-37A39EDC0CF3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{433071FE-DEA0-41AB-846F-E790B15F5723}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BC9C740B-0DA2-4FD0-B09A-89E0C096BBC8}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012-03-31 13:45:36 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\{F1F5C995-07E7-4DD0-8986-F63B96651AA6}
[2012-03-30 17:41:31 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\{406CE5F5-4578-4FB5-85D6-50EA2F7F135A}
[2012-03-30 17:35:16 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012-03-30 17:35:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2012-03-30 14:54:00 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\{376DE0A3-DD16-43D5-8FF2-F6F3929FF661}
[2012-03-30 11:09:21 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\{9C26B029-EC8D-4F4E-B594-B870901ACA15}
[2012-03-30 02:30:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Ad-Aware Browsing Protection
[2012-03-30 02:30:04 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\adaware
[2012-03-30 02:30:03 | 000,055,384 | ---- | C] (Sunbelt Software) -- C:\Windows\SysNative\drivers\SBREDrv.sys
[2012-03-30 02:30:03 | 000,045,904 | ---- | C] (Sunbelt Software) -- C:\Windows\SysNative\sbbd.exe
[2012-03-30 02:30:01 | 000,094,296 | ---- | C] (Sunbelt Software, Inc.) -- C:\Windows\SysNative\drivers\sbtis.sys
[2012-03-30 02:30:01 | 000,060,504 | ---- | C] (Sunbelt Software, Inc.) -- C:\Windows\SysNative\drivers\sbhips.sys
[2012-03-30 02:30:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-Aware Antivirus
[2012-03-30 02:29:58 | 000,253,528 | ---- | C] (Sunbelt Software, Inc.) -- C:\Windows\SysNative\drivers\SbFw.sys
[2012-03-30 02:29:58 | 000,084,568 | ---- | C] (Sunbelt Software, Inc.) -- C:\Windows\SysNative\drivers\SbFwIm.sys
[2012-03-30 02:29:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2012-03-30 02:29:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ad-Aware Antivirus
[2012-03-30 02:28:43 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Roaming\Ad-Aware Antivirus
[2012-03-29 23:09:10 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\{033C0C55-DB1E-414D-AF77-7C83B9512A5E}
[2012-03-29 21:34:57 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\Spotify
[2012-03-29 21:34:50 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Roaming\Spotify
[2012-03-29 14:02:41 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\Nero_AG
[2012-03-29 14:02:39 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Roaming\Nero
[2012-03-29 14:02:37 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\Nero
[2012-03-29 14:02:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
[2012-03-29 14:01:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nero
[2012-03-29 14:01:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nero
[2012-03-29 14:01:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2012-03-28 23:08:48 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\{580CC0F2-CA51-47DC-8C68-76735DE0D74A}
[2012-03-28 23:08:38 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\{11AF31E8-29F3-418C-B79C-8CB5039655D0}
[2012-03-28 11:08:14 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\{E731100E-47C2-4FB5-A955-E7C662F38C50}
[2012-03-28 11:08:04 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\{74217339-1E39-4F64-A219-A54D440A0D91}
[2012-03-20 01:34:58 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Roaming\CyberLink
[2012-03-18 14:19:25 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\{DE3C245C-D0A4-4AB8-9EF6-2F88AD271D02}
[2012-03-18 14:19:15 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\{14451068-91D4-4CEE-8B83-060C34C157A4}
[2012-03-18 02:19:04 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\{ECCD5893-7175-4455-A51A-498BDBF25FA1}
[2012-03-18 02:18:54 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\{41B3A9AA-9789-499E-B1EE-C8D98C03DF91}
[2012-03-17 14:18:43 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\{45CFC345-0890-4C21-9ADB-AED81EA7DE24}
[2012-03-17 14:18:33 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\{7F824D71-3FE9-42D0-8AD6-493910A9C081}
[2012-03-17 02:18:21 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\{85698B57-84A5-4952-BCEB-DE9478DB21C3}
[2012-03-17 02:18:11 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\{F791E311-4628-4EC9-8EBA-D1166CE4F7EC}
[2012-03-16 14:18:00 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\{5C60D4CC-CCD4-4D58-A82D-CCC62CEA3C64}
[2012-03-16 14:17:50 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\{F8BCDE1E-6C20-43AF-A86C-D9F316057098}
[2012-03-16 02:17:39 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\{1BE18B7F-AE06-4484-B914-220029E7A954}
[2012-03-16 02:17:27 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\{7CE559F2-68A5-415A-A66D-A9BF15C3271C}
[2012-03-15 14:17:16 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\{4B012800-4ABF-4F47-849F-504694D4B156}
[2012-03-15 14:17:06 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\{75256FF4-6505-463A-84F1-846EF430E0AC}
[2012-03-15 02:16:42 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\{C8931B5A-0FD1-4BF7-947A-29A422934240}
[2012-03-15 02:16:32 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\{980F1A0B-EDE1-4C09-8998-0D9DA6A32519}
[2012-03-14 14:16:21 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\{12F22E2F-05E2-40CF-8D55-C673134C1B35}
[2012-03-14 02:16:00 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\{D73B3BEF-30DC-4235-AF02-EBA75884C026}
[2012-03-14 00:21:15 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\KGS Online
[2012-03-13 14:15:38 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\{B5AE731A-4FA7-4207-AB34-1CF4416B678F}
[2012-03-13 02:15:15 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\{E280F25F-164E-4FCD-81A4-8DC29ECDBE54}
[2012-03-12 14:14:54 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\{5DDF12C3-1B90-4781-8C67-59C37D82B09D}
[2012-03-12 14:14:43 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\{7ABD2B2D-B430-47A2-9B25-D9EF3F6B86EB}
[2012-03-12 02:14:17 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\{88D4ECEB-E180-4121-AD86-4448D2297DF2}
[2012-03-12 02:14:07 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\{616A3BBB-064F-4BF4-B08A-D7EA685C4F3C}
[2012-03-11 14:13:56 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\{0728423C-2508-4632-985A-E6ADEBA8A56B}
[2012-03-11 14:13:46 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\{0898989E-48D1-4164-88BB-C38906E2D628}
[2012-03-11 02:13:35 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\{B2E444C0-36D3-405E-ADB1-025F02513633}
[2012-03-11 02:13:24 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\{01E8FE83-18A2-49DD-98C0-23184DF18350}
[2012-03-10 14:12:49 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\{429CEFD6-1382-41D2-BA60-996A0A8E2063}
[2012-03-10 14:12:39 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\{6EA9ABCD-61E9-4EF8-A6EE-F4F2F68F872C}
[2012-03-10 02:12:28 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\{286BE841-371C-47CA-B979-51D10F4C3680}
[2012-03-10 02:12:18 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\{EAA8292A-158C-445F-A35B-B03881E9B21C}
[2012-03-09 14:12:07 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\{3A60A7FF-6866-4611-9406-4AFE75376DDF}
[2012-03-09 14:11:57 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\{84873A2D-DB8B-45F5-92B2-D336B99DC7F9}
[2012-03-09 02:11:46 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\{BBE3A5E6-7957-4C70-BD0A-5809D628D97F}
[2012-03-09 02:11:35 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\{34FE4B92-5999-4C76-A551-A05DFC81EAA4}
[2012-03-08 14:11:24 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\{F54DCEC8-61E2-479F-8548-05FC0D7B8B7C}
[2012-03-08 14:11:14 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\{1584EC20-6DD6-44C9-AFBD-007735353162}
[2012-03-08 02:11:03 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\{D914F76E-A147-4B12-8D57-E54B6D084E94}
[2012-03-08 02:10:53 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\{EFBC68A2-7AC9-4EE7-91E8-D80638D33D67}
[2012-03-07 14:10:42 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\{F754B2EA-9322-44C3-9FF1-3B55449BADEB}
[2012-03-07 14:10:30 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\{5F5105DF-6C15-4F6C-AFB4-3AA517F42294}
[2012-03-07 02:10:19 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\{AFD55999-6AC5-4645-82E7-3CCF2B94717D}
[2012-03-07 02:10:09 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\{5FD9F634-316E-42C0-9061-F83D1A05A8EA}
[2012-03-06 14:09:58 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\{15590866-5A21-44EF-B650-1C8EEABB7099}
[2012-03-06 14:09:48 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\{A3897FF0-8B76-41A5-9969-5812B8320B06}
[2012-03-06 02:09:37 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\{797D71E3-8B54-4FFF-A181-6F378470CA3E}
[2012-03-06 02:09:26 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\{18811DC4-0977-457F-A228-6B9BFA43CF66}
[2012-03-05 14:09:16 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\{3A48FE63-05C4-4A6C-B8CE-10EF0FDD2B09}
[2012-03-05 14:09:06 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\{9F506EBB-89A2-4A6C-A8DE-8B0531E03D23}
[2012-03-05 02:08:55 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\{82A785A6-5BAE-404D-9C8D-E2B53BFD67BF}
[2012-03-05 02:08:45 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\{FC8A2E3E-BF06-47CE-A37D-D26EFE1E3106}
[2012-03-04 14:08:34 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\{0A0A5DBA-93B9-48A2-AACA-9DB0D58F6D66}
[2012-03-04 14:08:24 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\{FC4A99E8-DF63-48EC-AFD1-3AC2E47D6182}
[2012-03-04 13:19:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2012-03-04 13:19:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2012-03-04 13:19:27 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\Google
[2012-03-04 02:08:13 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\{5952EEF9-C8A9-46CF-8623-EAF8FE91694F}
[2012-03-04 02:08:03 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\{2F17F2AF-C879-4338-9B88-62EF868920F2}
[2012-03-03 14:07:28 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\{62DA6629-8CF4-483C-935B-3FFE2A6A9FF8}
[2012-03-03 14:07:18 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\{EC42957C-9AE5-4E59-83BC-B1A76005231E}
[2012-03-03 02:07:07 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\{1F390E5A-ED1E-40F7-9DD4-0ED711CE759F}
[2012-03-03 02:06:58 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\{BB9541DA-D512-4EB3-9D5A-F472C1BF64FE}
[2012-03-02 14:06:47 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\{E458BA52-AE54-42CC-83EC-1B20E6E5B85E}
[2012-03-02 14:06:37 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\{C294646A-4982-410D-9176-3A3BFA20556A}
[2012-03-02 02:06:25 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\{615DA291-4D7B-4121-9E69-468FD247B30D}
[2012-03-02 02:06:13 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\{6ADB8B0F-BC6A-4112-97B1-302046B49FAD}
[2012-03-01 14:06:02 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\{CECFC468-ACC1-4DD4-8A23-66DF874D1B5B}
[2012-03-01 14:05:52 | 000,000,000 | ---D | C] -- C:\Users\mohsart\AppData\Local\{436D326F-2C0E-45EF-84CB-5BAFCD2E34BF}

========== Files - Modified Within 30 Days ==========

[2012-03-31 13:49:08 | 001,940,954 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012-03-31 13:49:08 | 000,627,634 | ---- | M] () -- C:\Windows\SysNative\perfh01D.dat
[2012-03-31 13:49:08 | 000,617,910 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012-03-31 13:49:08 | 000,363,670 | ---- | M] () -- C:\Windows\SysNative\prfh0804.dat
[2012-03-31 13:49:08 | 000,124,688 | ---- | M] () -- C:\Windows\SysNative\perfc01D.dat
[2012-03-31 13:49:08 | 000,107,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012-03-31 13:49:08 | 000,105,050 | ---- | M] () -- C:\Windows\SysNative\prfc0804.dat
[2012-03-31 13:47:04 | 000,022,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-03-31 13:47:04 | 000,022,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-03-31 13:45:24 | 000,001,868 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
[2012-03-31 13:45:06 | 000,000,992 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-03-31 13:44:56 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-03-31 13:44:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-03-31 13:44:51 | 2074,664,959 | -HS- | M] () -- C:\hiberfil.sys
[2012-03-31 13:29:10 | 000,000,996 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-03-30 17:40:51 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Antivirus Scheduled Scan.job
[2012-03-30 14:57:57 | 000,002,797 | ---- | M] () -- C:\Users\Public\Desktop\Nero Video 11.lnk
[2012-03-30 14:56:24 | 000,002,783 | ---- | M] () -- C:\Users\Public\Desktop\Nero BackItUp 11.lnk
[2012-03-30 14:56:07 | 000,002,881 | ---- | M] () -- C:\Users\Public\Desktop\Nero 11.lnk
[2012-03-30 14:55:45 | 000,002,843 | ---- | M] () -- C:\Users\Public\Desktop\Nero Burning ROM 11.lnk
[2012-03-29 21:34:57 | 000,001,815 | ---- | M] () -- C:\Users\mohsart\Desktop\Spotify.lnk
[2012-03-29 14:02:14 | 000,002,109 | ---- | M] () -- C:\Users\Public\Desktop\Nero Kwik Media.lnk
[2012-03-28 12:16:51 | 000,001,133 | ---- | M] () -- C:\Users\mohsart\Desktop\tabs.php
[2012-03-19 20:24:59 | 000,000,017 | ---- | M] () -- C:\Users\mohsart\AppData\Local\resmon.resmoncfg
[2012-03-15 08:18:13 | 000,294,712 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012-03-14 00:21:15 | 000,002,013 | ---- | M] () -- C:\Users\mohsart\Desktop\CGoban 3.lnk

========== Files Created - No Company Name ==========

[2012-03-30 17:42:40 | 000,000,868 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-03-30 14:57:57 | 000,002,797 | ---- | C] () -- C:\Users\Public\Desktop\Nero Video 11.lnk
[2012-03-30 14:56:24 | 000,002,783 | ---- | C] () -- C:\Users\Public\Desktop\Nero BackItUp 11.lnk
[2012-03-30 14:56:07 | 000,002,881 | ---- | C] () -- C:\Users\Public\Desktop\Nero 11.lnk
[2012-03-30 14:55:45 | 000,002,843 | ---- | C] () -- C:\Users\Public\Desktop\Nero Burning ROM 11.lnk
[2012-03-30 14:53:46 | 000,000,948 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Antivirus Scheduled Scan.job
[2012-03-30 02:30:01 | 000,001,868 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
[2012-03-29 21:34:57 | 000,001,815 | ---- | C] () -- C:\Users\mohsart\Desktop\Spotify.lnk
[2012-03-29 21:34:57 | 000,001,801 | ---- | C] () -- C:\Users\mohsart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
[2012-03-29 14:02:14 | 000,002,109 | ---- | C] () -- C:\Users\Public\Desktop\Nero Kwik Media.lnk
[2012-03-28 12:16:51 | 000,001,133 | ---- | C] () -- C:\Users\mohsart\Desktop\tabs.php
[2012-03-19 20:24:59 | 000,000,017 | ---- | C] () -- C:\Users\mohsart\AppData\Local\resmon.resmoncfg
[2012-03-04 13:19:31 | 000,000,996 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-03-04 13:19:31 | 000,000,992 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011-12-22 10:34:38 | 000,000,030 | ---- | C] () -- C:\Windows\SysWow64\UNWISE.INI
[2011-12-22 10:34:37 | 000,149,504 | ---- | C] () -- C:\Windows\SysWow64\UNWISE.EXE
[2011-12-22 10:34:10 | 000,031,804 | ---- | C] () -- C:\Windows\Irremote.ini
[2011-12-22 10:33:42 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2011-12-22 10:33:42 | 000,000,135 | ---- | C] () -- C:\Windows\ODBC.INI
[2011-12-22 10:33:41 | 000,159,744 | ---- | C] () -- C:\Windows\SysWow64\hcwChDB.dll
[2011-12-22 10:32:48 | 000,006,218 | ---- | C] () -- C:\Windows\HCWPNP.INI
[2011-12-21 04:23:21 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\dmcrypto.dll
[2011-12-21 03:17:07 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe
[2011-12-20 22:52:19 | 000,000,032 | ---- | C] () -- C:\Program Files\plugins-04041e-fe8.dat
[2011-12-12 11:21:12 | 001,491,554 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011-10-21 18:27:54 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011-10-21 18:27:54 | 000,217,536 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011-10-21 18:27:54 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011-10-21 18:22:54 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2011-10-21 18:03:04 | 013,903,872 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll

========== LOP Check ==========

[2012-03-30 17:59:11 | 000,000,000 | ---D | M] -- C:\Users\mohsart\AppData\Roaming\Ad-Aware Antivirus
[2011-12-21 05:16:19 | 000,000,000 | ---D | M] -- C:\Users\mohsart\AppData\Roaming\Autodesk
[2012-01-07 15:47:39 | 000,000,000 | ---D | M] -- C:\Users\mohsart\AppData\Roaming\Canon
[2012-03-30 14:40:15 | 000,000,000 | ---D | M] -- C:\Users\mohsart\AppData\Roaming\FileZilla
[2012-03-10 19:08:39 | 000,000,000 | ---D | M] -- C:\Users\mohsart\AppData\Roaming\GoPanda
[2012-02-26 17:42:13 | 000,000,000 | ---D | M] -- C:\Users\mohsart\AppData\Roaming\iid
[2011-12-21 08:28:43 | 000,000,000 | ---D | M] -- C:\Users\mohsart\AppData\Roaming\OpenOffice.org
[2012-03-30 14:11:10 | 000,000,000 | ---D | M] -- C:\Users\mohsart\AppData\Roaming\Spotify
[2012-03-07 17:29:52 | 000,000,000 | ---D | M] -- C:\Users\mohsart\AppData\Roaming\TeraCopy
[2012-02-17 12:01:22 | 000,000,000 | ---D | M] -- C:\Users\mohsart\AppData\Roaming\Thunderbird
[2012-03-31 13:51:18 | 000,000,000 | ---D | M] -- C:\Users\mohsart\AppData\Roaming\uTorrent
[2012-03-30 17:40:51 | 000,000,948 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Antivirus Scheduled Scan.job
[2009-07-14 07:08:49 | 000,012,646 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >
  • 0

Advertisements

#2
Essexboy
Posted 15 April 2012 - 08:14 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi there and sorry for the delay, could you update me on the current problems please

Download OTL to your Desktop
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Select All Users
  • Under the Custom Scan box paste this in
    netsvcs
    %SYSTEMDRIVE%\*.exe
    /md5start
    consrv.dll
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    /md5stop
    C:\Windows\assembly\tmp\U\*.* /s
    %Temp%\smtmp\1\*.*
    %Temp%\smtmp\2\*.*
    %Temp%\smtmp\3\*.*
    %Temp%\smtmp\4\*.*
    >C:\commands.txt echo list vol /raw /hide /c
    /wait
    >C:\DiskReport.txt diskpart /s C:\commands.txt /raw /hide /c
    /wait
    type c:\diskreport.txt /c
    /wait
    erase c:\commands.txt /hide /c
    /wait
    erase c:\diskreport.txt /hide /c
    CREATERESTOREPOINT
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Post both logs

THEN

Download aswMBR.exe ( 1.8mb ) to your desktop.
Double click the aswMBR.exe to run it Click the "Scan" button to start scan

Posted Image

On completion of the scan click save log, save it to your desktop and post in your next reply

Posted Image

FINALLY

run farbar service scanner

Posted Image

Tick "All" options.
Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.

Please copy and paste the log to your reply.
  • 0

#3
Essexboy
Posted 19 April 2012 - 05:20 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP