Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

my computer will restart at random

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

my computer will restart at random

Unread postby thom15 » September 26th, 2013, 2:26 pm

my computer will restart at random
by thom15 » Thu 05 Sep, 2013 8:24 am in Infected? Virus, malware, adware, ransomware, oh my!
5
196
by deltalima View the latest post
Tue 17 Sep, 2013 2:54 pm.

my computer will restart at random
by thom15 » Wed 28 Aug, 2013 9:23 pm in Infected? Virus, malware, adware, ransomware, oh my!
7
245
by Gary R View the latest post
Mon 02 Sep, 2013 2:26 pm


DDS (Ver_11-03-05.01) - NTFSx86
Run by Administrator at 13:21:15.70 on Thu 09/26/2013
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.7.2
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.743 [GMT -5:00]
.
AV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: StopSign® Antivirus *Enabled/Updated* {3E1D4556-3240-40c8-BBED-64A8690A3FB4}
FW: StopSign® Firewall *Enabled*
.
============== Running Processes ===============
.
C:\WINDOWS\VPDAgent.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
svchost.exe
C:\Program Files\Acceleration Software\Anti-Virus\stopsignav.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\EACCEL~1\FRAMEW~1\eac_productsvc.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Neat\exec\NeatStartupService.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\PROGRA~1\EACCEL~1\FRAMEW~1\eac_svc.exe
C:\Program Files\StopSign\Firewall\FWService.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\SeaMonkey\seamonkey.exe
C:\Program Files\eAcceleration\Station\station_bk.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\SeaMonkey\plugin-container.exe
C:\Program Files\Quicken\qw.exe
C:\Program Files\Acceleration Software\Anti-Virus\stopsignav.exe
C:\Program Files\StopSign\ThreatScanner\engines\vipre\viprecomsvc.exe
C:\Documents and Settings\Administrator\Desktop\MELWARE\dds.scr
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://start.iminent.com/?appId=1C89CFA ... BCFB8F4BAC
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://www.google.com
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
uURLSearchHooks: H - No File
mURLSearchHooks: H - No File
mWinlogon: Userinit=c:\windows\system32\Userinit.exe
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: {b753c7c5-0942-4b7f-bc27-942b52bdac66} - c:\progra~1\stopsign\popupb~1\sspopupblocker.dll
BHO: Act.UI.InternetExplorer.Plugins.AttachFile.CAttachFile: {d5233fcd-d258-4903-89b8-fb1568e7413d} - mscoree.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: CostMin: {e7dd70de-3940-7edf-bb76-1db87353df22} - c:\documents and settings\all users\application data\costmin\Py2CX.dll
TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File
uRun: [Smart PC Booster Startup Dialog] "c:\program files\ask4expert\smart pc booster 7\Helper.exe" --windows-startup-nag-dialog --windows-startup
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [webscan] "c:\program files\acceleration software\anti-virus\stopsignav.exe" -k
mRun: [SoftwareStation] "c:\program files\eacceleration\station\station.exe" /b Startup
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [LXCJCATS] rundll32 c:\windows\system32\spool\drivers\w32x86\3\LXCJtime.dll,_RunDLLEntry@16
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {24BE56F9-F0B6-4ac7-97F1-8CACEDA9A427} - {B753C7C5-0942-4b7f-BC27-942B52BDAC66} - c:\progra~1\stopsign\popupb~1\sspopupblocker.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {6F431AC3-364A-478b-BBDB-89C7CE1B18F6} - {6F431AC3-364A-478b-BBDB-89C7CE1B18F6} - mscoree.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/ ... ontrol.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/microso ... 1318987109
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microso ... 0472385019
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {8BBDC81D-81B3-49EE-87E8-47B7A707FAE8} - hxxps://www2.gotomeeting.com/default/ap ... 2mdlax.cab
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/s ... wflash.cab
TCP: {D9895870-0F22-417D-9EDD-62ECEFD39F4B} = 192.168.2.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: AtiExtEvent - Ati2evxx.dll
Notify: igfxcui - igfxsrvc.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
SEH: ExecuteMonitorShellHook Class: {42dd0873-5fa9-465d-90de-0826020416a5} - c:\program files\stopsign\onaccess\onaccess_hk32.dll
mASetup: Neat ADF Scanner 2008 - reg copy "HKLM\Software\The Neat Company\Neat ADF Scanner 2008" "HKCU\Software\The Neat Company\Neat ADF Scanner 2008" /s /f
mASetup: Send To Neat - reg copy "HKLM\Software\The Neat Company\Send To Neat" "HKCU\Software\The Neat Company\Send To Neat" /s /f
.
============= SERVICES / DRIVERS ===============
.
R0 fwcore;Fwcore Filter;c:\windows\system32\drivers\fwcore.sys [2013-8-21 111520]
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2013-8-30 37664]
R1 CbFs;CbFs;c:\windows\system32\drivers\cbfs.sys [2012-4-14 146904]
R2 Agent;VPDAgent;c:\windows\VPDAgent.exe [2013-7-26 192512]
R2 DLPORTIO;DLPORTIO;c:\windows\Dlportio.sys [2009-1-18 3584]
R2 eac_notifysvc;eAcceleration Notification Service;c:\progra~1\eaccel~1\framew~1\eac_svc.exe [2013-7-26 115784]
R2 eac_productsvc;eAcceleration Product Manager Service;c:\progra~1\eaccel~1\framew~1\eac_productsvc.exe [2013-7-26 264152]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2010-3-19 54752]
R2 FWService;FWService;c:\program files\stopsign\firewall\fwservice.exe -service --> c:\program files\stopsign\firewall\FWService.exe -Service [?]
R2 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files\common files\intuit\update service v4\IntuitUpdateService.exe [2012-8-23 13672]
R2 Neat Startup Service;Neat Startup Service;c:\program files\neat\exec\NeatStartupService.exe [2013-6-26 5632]
R2 ssfwmonsvc;StopSign® Firewall Security Center Provider;c:\progra~1\eaccel~1\framew~1\eac_svc.exe [2013-7-26 115784]
R2 sstsmonsvc;StopSign® Antivirus Security Center Provider;c:\progra~1\eaccel~1\framew~1\eac_svc.exe [2013-7-26 115784]
R3 tgiul50;tgiul50;c:\windows\system32\drivers\tgiulnt5.sys [2012-4-18 138528]
R3 viprecomsvc;viprecomsvc;c:\program files\stopsign\threatscanner\engines\vipre\viprecomsvc.exe [2013-7-26 182224]
S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\avgidseh.sys --> c:\windows\system32\drivers\AVGIDSEH.Sys [?]
S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys --> c:\windows\system32\drivers\avgrkx86.sys [?]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys --> c:\windows\system32\drivers\avgldx86.sys [?]
S1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys --> c:\windows\system32\drivers\avgmfx86.sys [?]
S1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys --> c:\windows\system32\drivers\avgtdix.sys [?]
S2 ACT! Scheduler;ACT! Scheduler;c:\program files\act\act for windows\Act.Scheduler.exe [2010-12-21 81920]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2012-5-16 116648]
S2 Sage ACT! Scheduler;Sage ACT! Scheduler;c:\program files\act\act for windows\Act.Scheduler.exe [2010-12-21 81920]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944]
S2 USBDLM;USBDLM;f:\usbdlm.exe --> f:\USBDLM.exe [?]
S2 vToolbarUpdater15.5.0;vToolbarUpdater15.5.0;c:\program files\common files\avg secure search\vtoolbarupdater\15.5.0\toolbarupdater.exe --> c:\program files\common files\avg secure search\vtoolbarupdater\15.5.0\ToolbarUpdater.exe [?]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-1 257416]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriver.sys --> c:\windows\system32\drivers\AVGIDSDriver.Sys [?]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\avgidsfilter.sys --> c:\windows\system32\drivers\AVGIDSFilter.Sys [?]
S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshim.sys --> c:\windows\system32\drivers\AVGIDSShim.Sys [?]
S3 cpuz132;cpuz132;\??\c:\docume~1\admini~1\locals~1\temp\cpuz132\cpuz132_x32.sys --> c:\docume~1\admini~1\locals~1\temp\cpuz132\cpuz132_x32.sys [?]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-4-28 704872]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2012-5-16 116648]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-7-30 114144]
S3 MSSQL$ACT7;SQL Server (ACT7);c:\program files\microsoft sql server\mssql10_50.act7\mssql\binn\sqlservr.exe [2010-5-5 42884448]
S3 MusCAudio;MusCAudio;c:\windows\system32\drivers\MusCAudio.sys [2009-7-27 23096]
S3 SWDUMon;SWDUMon;c:\windows\system32\drivers\SWDUMon.sys [2013-7-2 13464]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2004-8-4 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-4-18 754856]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\microsoft sql server\100\shared\sqladhlp.exe [2010-5-5 44896]
S4 RsFx0150;RsFx0150 Driver;c:\windows\system32\drivers\RsFx0150.sys [2010-4-3 240608]
S4 SQLAgent$ACT7;SQL Server Agent (ACT7);c:\program files\microsoft sql server\mssql10_50.act7\mssql\binn\SQLAGENT.EXE [2010-5-5 367456]
.
=============== Created Last 30 ================
.
2013-09-07 01:23:00 -------- d-sh--w- c:\documents and settings\administrator\IECompatCache
2013-09-05 14:04:02 209272 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll
2013-09-05 14:04:02 209272 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll
2013-09-02 20:21:11 18816 ----a-w- c:\windows\system32\drivers\dvd43llh.sys
2013-09-02 20:21:09 -------- d-----w- c:\program files\dvd43
2013-08-30 15:08:01 -------- d-----w- C:\AdwCleaner
2013-08-30 09:33:18 -------- d-----w- c:\docume~1\admini~1\locals~1\applic~1\AVG SafeGuard toolbar
2013-08-30 09:32:04 -------- d-----w- c:\docume~1\admini~1\applic~1\AVG SafeGuard toolbar
2013-08-30 09:31:13 37664 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2013-08-30 09:31:07 -------- d-----w- c:\docume~1\alluse~1\applic~1\AVG SafeGuard toolbar
2013-08-30 09:31:03 -------- d-----w- c:\program files\AVG SafeGuard toolbar
.
==================== Find3M ====================
.
2013-09-13 09:23:48 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-09-13 09:23:45 71048 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-08-09 01:56:45 386560 ----a-w- c:\windows\system32\themeui.dll
2013-08-08 06:05:59 920064 ----a-w- c:\windows\system32\wininet.dll
2013-08-08 06:05:59 43520 ----a-w- c:\windows\system32\licmgr10.dll
2013-08-08 06:05:59 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-08-08 06:05:58 18944 ----a-w- c:\windows\system32\corpol.dll
2013-08-08 01:27:48 1877760 ----a-w- c:\windows\system32\win32k.sys
2013-08-08 00:02:34 385024 ----a-w- c:\windows\system32\html.iec
2013-08-05 13:30:32 1289728 ----a-w- c:\windows\system32\ole32.dll
2013-08-03 19:18:38 1543680 ------w- c:\windows\system32\wmvdecod.dll
2013-07-25 15:17:02 499712 -c--a-w- c:\windows\iwexec.exe
2013-07-10 10:37:53 406016 ----a-w- c:\windows\system32\usp10.dll
2013-07-04 03:03:25 2149888 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-07-04 02:08:30 2028544 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-10-31 17:23:57 0 ----a-w- c:\program files\GUT92.tmp
2001-10-19 01:08:22 376832 -c--a-w- c:\program files\PowerDVD.exe
.
============= FINISH: 13:22:28.15 ===============
thom15
Regular Member
 
Posts: 42
Joined: July 11th, 2008, 11:49 pm
Advertisement
Register to Remove

Re: my computer will restart at random

Unread postby nunped » October 2nd, 2013, 7:18 am

Hi thom15,

Hello user, and welcome to the forum.

My name is nunped and I'll be helping you with any malware problems.

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start.

Here are some guidelines for the cleaning process to run as easy as possible.

  1. Please read this topic: ALL USERS OF THIS FORUM MUST READ THIS FIRST where the conditions for receiving help here are explained.
  2. The instructions being given are for YOUR computer and system only! Using these instructions on a different computer can cause damage to that computer and possibly render it inoperable!
  3. You must have Administrator rights permissions for this computer.
  4. DO NOT run any other fix or removal tools unless instructed to do so!
  5. DO NOT install any other software (or hardware) during the cleaning process. This adds more items to be researched.
  6. Only post your problem at one help site. Applying fixes from multiple help sites can cause problems.
  7. Only reply to this thread. Do not start another thread.
  8. The absence of symptoms does not imply the absence of malware. Please continue responding until I give you the "All Clean".
  9. No Reply Within 3 Days will result in your topic being closed!

Read through these instructions with your full attention.
Please ask first if you have any doubts.



We need fresh logs:
Step 1 - MGADiag
  • Please download this tool from Microsoft.
  • Right click on MGADiag.exe and select: Run as Administrator.
  • Click Continue.
  • The program will run. It takes a while to finish the diagnosis, please be patient.
  • Once done, click on Copy.
  • Open Notepad and paste the contents in the window.
  • Save this file and copy/paste it in your next reply.

Step 2 - OTL
Delete your previous copies and:
Please download OTL by Old Timer. Save it to your Desktop.
If you can't download the exe file, try these links:
http://oldtimer.geekstogo.com/OTL.com
http://oldtimer.geekstogo.com/OTL.scr
  • Double click OTL.exe (or OTL.com or OTL.scr) to launch the program.
  • Click the Scan All Users checkbox.
    Leave the remaining selections to the default settings.
  • Click on Run Scan at the top left hand corner.
  • When done, two Notepad files will open.
    • OTL.txt <-- Will be opened, maximized
    • Extras.txt <-- Will be minimized on task bar.
  • Please post the contents of both OTL.txt and Extras.txt files in your next reply.

Step 3 - CKScanner
Please download CKScanner ... Save it to your desktop.
This program should only be run once!
Make sure that CKScanner.exe is on the your desktop before running the application!

  1. Double-click on the CKScanner.exe icon... then click the Search For Files button.
  2. When the scan is finished (the cursor hourglass disappears) click the Save List To File button.
    A text file will be created on your desktop named "ckfiles.txt"
  3. Click OK at the file saved message box. Double-click on the ckfiles.txt icon on your desktop.
  4. Please copy/paste the contents of ckfiles.txt in your next reply.
User avatar
nunped
MRU Honors Grad Emeritus
 
Posts: 1210
Joined: August 17th, 2011, 5:03 pm
Location: Portugal

Re: my computer will restart at random

Unread postby thom15 » October 3rd, 2013, 10:08 pm

OTL logfile created on: 10/3/2013 8:45:22 PM - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Administrator\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.15 Gb Available Physical Memory | 57.31% Memory free
3.85 Gb Paging File | 3.12 Gb Available in Paging File | 80.95% Paging File free
Paging file location(s): C:\pagefile.sys 2048 2048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 931.51 Gb Total Space | 440.20 Gb Free Space | 47.26% Space Free | Partition Type: NTFS
Drive D: | 465.76 Gb Total Space | 62.43 Gb Free Space | 13.40% Space Free | Partition Type: NTFS
Drive F: | 111.78 Gb Total Space | 21.82 Gb Free Space | 19.52% Space Free | Partition Type: NTFS

Computer Name: THOMXP | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/10/03 09:26:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
PRC - [2013/09/19 04:10:42 | 000,067,072 | ---- | M] (mozilla.org) -- C:\Program Files\SeaMonkey\seamonkey.exe
PRC - [2013/09/17 08:05:02 | 006,249,880 | ---- | M] (MetaQuotes Software Corp.) -- C:\Program Files\IBFX MT4\terminal.exe
PRC - [2013/06/26 02:22:46 | 000,005,632 | ---- | M] (The Neat Company) -- C:\Program Files\Neat\exec\NeatStartupService.exe
PRC - [2013/06/25 11:08:26 | 000,192,512 | ---- | M] (Two Pilots) -- C:\WINDOWS\VPDAgent.exe
PRC - [2013/06/03 12:27:37 | 000,465,296 | ---- | M] (eAcceleration Corp) -- C:\Program Files\eAcceleration\Station\station_bk.exe
PRC - [2012/11/13 16:44:34 | 001,502,376 | R--- | M] (eAcceleration Corp) -- C:\Program Files\Acceleration Software\Anti-Virus\stopsignav.exe
PRC - [2012/10/18 18:57:13 | 000,115,784 | ---- | M] (eAcceleration Corp) -- C:\Program Files\eAcceleration\Framework\eac_svc.exe
PRC - [2012/10/18 18:30:16 | 000,264,152 | ---- | M] (eAcceleration Corp) -- C:\Program Files\eAcceleration\Framework\eac_productsvc.exe
PRC - [2012/09/14 04:44:04 | 000,161,768 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2012/08/23 13:37:16 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
PRC - [2012/08/16 19:36:18 | 000,366,536 | ---- | M] (eAcceleration Corp) -- C:\Program Files\StopSign\Firewall\FWService.exe
PRC - [2012/06/03 10:44:46 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe
PRC - [2010/08/23 21:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
PRC - [2010/05/18 15:13:58 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2008/04/13 19:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/02/08 08:41:12 | 000,185,632 | ---- | M] (Protexis Inc.) -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe


========== Modules (No Company Name) ==========

MOD - [2013/09/19 04:10:45 | 002,999,808 | ---- | M] () -- C:\Program Files\SeaMonkey\mozjs.dll
MOD - [2013/09/19 04:10:44 | 000,150,528 | ---- | M] () -- C:\Program Files\SeaMonkey\nsldap32v60.dll
MOD - [2013/09/19 04:10:44 | 000,014,848 | ---- | M] () -- C:\Program Files\SeaMonkey\nsldappr32v60.dll
MOD - [2013/08/15 05:57:07 | 013,325,312 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Data.Entity\01288085cbefbc8439953dbf5d42b87e\System.Data.Entity.ni.dll
MOD - [2013/08/15 05:51:29 | 000,393,216 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\32800018747dbf43506ac49e697daea9\System.Xml.Linq.ni.dll
MOD - [2013/08/15 05:51:26 | 002,646,528 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\332407a3f224f388f70120d33cb872d5\System.Runtime.Serialization.ni.dll
MOD - [2013/08/15 05:51:21 | 000,221,696 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\7bf3e4deef4483205017aa7b13194845\System.ServiceProcess.ni.dll
MOD - [2013/08/15 05:51:14 | 001,189,376 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Data.OracleC#\191f91aab285c18de5d3c6c38f44a118\System.Data.OracleClient.ni.dll
MOD - [2013/08/15 05:51:12 | 001,926,144 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Web.Services\a540ff38f0072f09c4f3918e7a0ccba9\System.Web.Services.ni.dll
MOD - [2013/08/15 05:51:04 | 012,100,096 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Web\c7a85f1270da03424f153ed84a2fae51\System.Web.ni.dll
MOD - [2013/08/15 05:50:50 | 000,771,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\900d7d45b5a5498cbb97c36409f0afe1\System.Runtime.Remoting.ni.dll
MOD - [2013/08/15 05:50:47 | 000,787,456 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\bfa9e814cb8b662508aa93ae387b434f\System.EnterpriseServices.ni.dll
MOD - [2013/08/15 05:50:45 | 000,649,728 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Transactions\102014a4f570b1dc944ff7eb8e1c6e2b\System.Transactions.ni.dll
MOD - [2013/08/15 05:44:52 | 000,400,896 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\5dd5d8a799f25be9912df4cd25e29e78\System.Xml.Linq.ni.dll
MOD - [2013/08/15 05:44:18 | 000,696,320 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\log4net\8fe0df61049bcfb0ee3a608b59ea39ba\log4net.ni.dll
MOD - [2013/08/14 21:29:42 | 000,998,400 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\cf3c9d1496acdcb836853e59fe20223b\System.Management.ni.dll
MOD - [2013/08/14 21:29:20 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\15fd2d2f4e709154b44187a6915db244\System.ServiceProcess.ni.dll
MOD - [2013/08/14 21:28:37 | 000,978,944 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\14d1a28674a9f78c5759e7dcf74a13fd\System.Configuration.ni.dll
MOD - [2013/08/14 21:21:42 | 013,199,360 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\1a3b614a84244ea5fa4147b5cf007333\System.Windows.Forms.ni.dll
MOD - [2013/08/14 21:21:20 | 001,667,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\3a3fc0216674bdea0be809b305517c98\System.Drawing.ni.dll
MOD - [2013/08/14 21:21:07 | 000,749,568 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Security\121e3bb63d1d2d2487c855819263ed7c\System.Security.ni.dll
MOD - [2013/08/14 21:21:00 | 001,014,272 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\df40dab689e9d8febfb943599ba79f8d\System.Configuration.ni.dll
MOD - [2013/08/14 21:20:55 | 005,628,928 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\884bcbd22130ebeb1211bc7bcc3910c9\System.Xml.ni.dll
MOD - [2013/08/14 21:20:45 | 006,813,184 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Data\a10f361c888b8b98f7ad1fa8d7a51516\System.Data.ni.dll
MOD - [2013/08/14 21:20:32 | 007,053,824 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\608aa2db27d45e63a4863f1f1d06897a\System.Core.ni.dll
MOD - [2013/08/14 21:20:06 | 009,099,776 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\de853615c8224ba5d9aa9b76276c6d98\System.ni.dll
MOD - [2013/08/14 21:17:21 | 005,462,016 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\f93600ac836b9140e1df13bb0f6bfccf\System.Xml.ni.dll
MOD - [2013/08/14 21:15:48 | 002,295,808 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Core\2bd89ed2dc0f585328fd1ac4c5a206dd\System.Core.ni.dll
MOD - [2013/08/14 21:13:55 | 007,977,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\10df39542df7d48462451fc39bce8418\System.ni.dll
MOD - [2013/08/14 21:11:42 | 000,425,984 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll
MOD - [2013/08/14 21:11:42 | 000,114,688 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
MOD - [2013/08/14 21:11:41 | 002,933,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2013/08/14 21:11:40 | 002,052,096 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll
MOD - [2013/08/14 21:11:39 | 003,194,880 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
MOD - [2013/08/14 21:11:39 | 000,630,784 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
MOD - [2013/08/14 21:11:29 | 000,258,048 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
MOD - [2013/08/14 21:11:27 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2013/08/14 21:11:26 | 000,261,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2013/08/14 21:11:20 | 005,025,792 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
MOD - [2013/07/12 04:28:02 | 000,145,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Numerics\cfbc74c91b44af85d10b272ae5c70d5a\System.Numerics.ni.dll
MOD - [2013/07/12 04:27:55 | 014,416,896 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\cf58670896c5313b9b52f026f4455a5d\mscorlib.ni.dll
MOD - [2013/07/12 04:19:33 | 011,497,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\b14359470744c840c59fbe4e58034fd6\mscorlib.ni.dll
MOD - [2013/06/25 11:08:26 | 000,048,640 | ---- | M] () -- C:\WINDOWS\system32\sdtnpm.dll
MOD - [2012/06/03 10:44:46 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe
MOD - [2011/09/27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/01/27 05:42:34 | 000,409,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.WindowsFirewallUtilities\5.0.136.0__7ce6deabcb36a8ea\Intuit.Spc.Map.WindowsFirewallUtilities.dll
MOD - [2011/01/27 05:42:33 | 000,476,520 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\5.0.136.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll
MOD - [2011/01/27 05:42:30 | 000,421,224 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Api.Net\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Api.Net.dll
MOD - [2011/01/27 05:42:30 | 000,046,952 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin.dll
MOD - [2011/01/27 05:42:30 | 000,018,792 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker.dll
MOD - [2011/01/27 05:42:29 | 000,269,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Core\3.1.26.0__540d4816ead86321\Intuit.Spc.Esd.Core.dll
MOD - [2011/01/27 05:42:29 | 000,121,704 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.BusinessLogic\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.Client.BusinessLogic.dll
MOD - [2011/01/27 05:42:29 | 000,120,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.DataAccess\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.Client.DataAccess.dll
MOD - [2011/01/27 05:42:29 | 000,070,504 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.Common\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.Client.Common.dll
MOD - [2011/01/07 20:10:37 | 000,023,912 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateService\1.0.0.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateService.dll
MOD - [2011/01/07 20:10:37 | 000,012,136 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateService.PluginContract\1.0.0.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateService.PluginContract.dll
MOD - [2010/01/20 04:48:08 | 000,854,016 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data.SQLite\1.0.61.0__db937bc2d44ff139\System.Data.SQLite.dll
MOD - [2010/01/20 04:48:06 | 000,403,456 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.WindowsFirewallUtilities\5.0.104.0__7ce6deabcb36a8ea\Intuit.Spc.Map.WindowsFirewallUtilities.dll
MOD - [2010/01/20 04:48:05 | 000,471,040 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\5.0.104.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll
MOD - [2010/01/20 04:48:01 | 000,419,616 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Api.Net\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Api.Net.dll
MOD - [2010/01/20 04:48:01 | 000,046,880 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin.dll
MOD - [2010/01/20 04:48:01 | 000,018,720 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker.dll
MOD - [2010/01/20 04:48:00 | 000,270,112 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Core\2.0.445.0__540d4816ead86321\Intuit.Spc.Esd.Core.dll
MOD - [2010/01/20 04:47:59 | 000,121,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.BusinessLogic\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.Client.BusinessLogic.dll
MOD - [2010/01/20 04:47:59 | 000,120,096 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.DataAccess\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.Client.DataAccess.dll
MOD - [2010/01/20 04:47:59 | 000,070,432 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.Common\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.Client.Common.dll
MOD - [2009/03/05 14:54:16 | 001,058,304 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.WindowsFirewallUtilities\4.0.114.0__7ce6deabcb36a8ea\Intuit.Spc.Map.WindowsFirewallUtilities.dll
MOD - [2009/03/05 14:54:15 | 000,471,040 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\4.0.114.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll
MOD - [2009/03/05 14:54:14 | 000,402,208 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Api.Net\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.WinClient.Api.Net.dll
MOD - [2009/03/05 14:54:14 | 000,047,392 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin.dll
MOD - [2009/03/05 14:54:14 | 000,018,720 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker.dll
MOD - [2009/03/05 14:54:13 | 000,238,368 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Core\2.0.145.4__540d4816ead86321\Intuit.Spc.Esd.Core.dll
MOD - [2009/03/05 14:54:13 | 000,120,608 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.DataAccess\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.Client.DataAccess.dll
MOD - [2009/03/05 14:54:13 | 000,072,992 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.Common\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.Client.Common.dll
MOD - [2009/03/05 14:54:12 | 000,130,848 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.BusinessLogic\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.Client.BusinessLogic.dll
MOD - [2009/03/05 14:45:54 | 000,755,712 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data.SQLite\1.0.56.0__28c9bcd4dddc48a1\System.Data.SQLite.dll
MOD - [2009/03/05 14:45:50 | 000,270,336 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\log4net\1.2.10.0__1b44e1d426115821\log4net.dll
MOD - [2009/03/05 14:45:45 | 000,458,752 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Foundations.Portability\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Portability.dll
MOD - [2009/03/05 14:45:44 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Foundations.Primary.Logging\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Primary.Logging.dll
MOD - [2009/03/05 14:45:43 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Foundations.Primary.ExceptionHandling\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Primary.ExceptionHandling.dll
MOD - [2009/03/05 14:45:42 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Foundations.Primary.Config\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Primary.Config.dll
MOD - [2005/08/08 11:01:04 | 000,061,440 | ---- | M] () -- C:\Program Files\Lexmark 8300 Series\lxcjcnv4.dll


========== Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\PROGRA~1\ATIMUL~1\RemCtrl\x10nets.exe -- (x10nets)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe -- (vToolbarUpdater15.5.0)
SRV - File not found [Auto | Stopped] -- F:\USBDLM.exe -- (USBDLM)
SRV - [2013/09/13 04:23:49 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/06/26 02:22:46 | 000,005,632 | ---- | M] (The Neat Company) [Auto | Running] -- C:\Program Files\Neat\exec\NeatStartupService.exe -- (Neat Startup Service)
SRV - [2013/06/25 11:08:26 | 000,192,512 | ---- | M] (Two Pilots) [Auto | Running] -- C:\WINDOWS\VPDAgent.exe -- (Agent)
SRV - [2012/10/18 18:30:16 | 000,264,152 | ---- | M] (eAcceleration Corp) [Auto | Running] -- C:\Program Files\eAcceleration\Framework\eac_productsvc.exe -- (eac_productsvc)
SRV - [2012/10/18 18:30:09 | 000,235,480 | ---- | M] (eAcceleration Corp) [Auto | Running] -- C:\Program Files\eAcceleration\Framework\eac_notifysvc.dll -- (eac_notifysvc)
SRV - [2012/09/14 04:44:04 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012/09/05 20:26:40 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/08/23 13:37:16 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe -- (IntuitUpdateServiceV4)
SRV - [2012/08/22 21:54:44 | 000,182,224 | R--- | M] (eAcceleration Corp) [On_Demand | Stopped] -- C:\Program Files\StopSign\ThreatScanner\engines\vipre\viprecomsvc.exe -- (viprecomsvc)
SRV - [2012/08/16 19:36:18 | 000,366,536 | ---- | M] (eAcceleration Corp) [Auto | Running] -- C:\Program Files\StopSign\Firewall\FWService.exe -- (FWService)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/06/03 10:44:46 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)
SRV - [2012/01/02 19:20:31 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/08/15 18:17:10 | 000,202,264 | R--- | M] (eAcceleration Corp) [Auto | Running] -- C:\Program Files\Acceleration Software\Anti-Virus\sstsmonsvc.dll -- (sstsmonsvc)
SRV - [2011/04/05 16:58:11 | 000,189,904 | ---- | M] (eAcceleration Corp) [Auto | Running] -- C:\Program Files\StopSign\Firewall\ssfwmonsvc.dll -- (ssfwmonsvc)
SRV - [2010/12/21 15:38:30 | 000,081,920 | ---- | M] (Sage Software, Inc.) [Auto | Stopped] -- C:\Program Files\ACT\Act for Windows\Act.Scheduler.exe -- (Sage ACT! Scheduler)
SRV - [2010/12/21 15:38:30 | 000,081,920 | ---- | M] (Sage Software, Inc.) [Auto | Stopped] -- C:\Program Files\ACT\Act for Windows\Act.Scheduler.exe -- (ACT! Scheduler)
SRV - [2010/08/23 21:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2010/05/18 15:13:58 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2008/04/13 19:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (W3SVC)
SRV - [2008/04/13 19:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (IISADMIN)
SRV - [2008/02/08 08:41:12 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2005/10/24 09:33:04 | 000,491,520 | ---- | M] ( ) [On_Demand | Stopped] -- C:\WINDOWS\system32\lxcjcoms.exe -- (lxcj_device)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\CTERFXFX.DLL -- (CTERFXFX.DLL)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\cpuz132\cpuz132_x32.sys -- (cpuz132)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | System | Stopped] -- system32\DRIVERS\avgtdix.sys -- (Avgtdix)
DRV - File not found [File_System | Boot | Stopped] -- system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - File not found [File_System | System | Stopped] -- system32\DRIVERS\avgmfx86.sys -- (Avgmfx86)
DRV - File not found [Kernel | System | Stopped] -- system32\DRIVERS\avgldx86.sys -- (Avgldx86)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\AVGIDSShim.Sys -- (AVGIDSShim)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\AVGIDSFilter.Sys -- (AVGIDSFilter)
DRV - File not found [Kernel | Boot | Stopped] -- system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\AVGIDSDriver.Sys -- (AVGIDSDriver)
DRV - [2013/08/30 04:31:24 | 000,037,664 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2013/07/02 11:41:04 | 000,013,464 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SWDUMon.sys -- (SWDUMon)
DRV - [2012/08/16 19:36:25 | 000,111,520 | ---- | M] (eAcceleration Corp) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\fwcore.sys -- (fwcore)
DRV - [2012/06/03 10:44:46 | 000,005,504 | ---- | M] () [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2010/04/03 11:02:54 | 000,240,608 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\RsFx0150.sys -- (RsFx0150)
DRV - [2010/02/16 13:44:18 | 000,146,904 | ---- | M] (EldoS Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cbfs.sys -- (CbFs)
DRV - [2009/08/05 22:48:42 | 000,054,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2009/07/24 07:58:56 | 000,023,096 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MusCAudio.sys -- (MusCAudio)
DRV - [2009/01/18 22:02:27 | 000,003,584 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\Dlportio.sys -- (DLPORTIO)
DRV - [2006/08/11 15:48:52 | 000,061,952 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\CTHWIUT.DLL -- (CTHWIUT.DLL)
DRV - [2006/08/11 15:48:50 | 000,158,720 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\CT20XUT.DLL -- (CT20XUT.DLL)
DRV - [2006/08/11 15:48:42 | 001,170,432 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\CTEXFIFX.dll -- (CTEXFIFX.DLL)
DRV - [2006/08/11 15:48:32 | 000,548,352 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\ctsblfx.dll -- (CTSBLFX.DLL)
DRV - [2006/08/11 15:48:28 | 000,160,768 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\cteapsfx.dll -- (CTEAPSFX.DLL)
DRV - [2006/08/11 15:48:12 | 000,536,576 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\ctaudfx.dll -- (CTAUDFX.DLL)
DRV - [2006/08/11 15:48:08 | 000,087,552 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\commonfx.dll -- (COMMONFX.DLL)
DRV - [2006/08/11 15:48:06 | 000,317,952 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\CTEDSPSY.DLL -- (CTEDSPSY.DLL)
DRV - [2006/08/11 15:45:50 | 000,115,200 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\CTEDSPIO.DLL -- (CTEDSPIO.DLL)
DRV - [2006/08/11 15:45:40 | 000,269,824 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\CTEDSPFX.DLL -- (CTEDSPFX.DLL)
DRV - [2006/08/11 15:45:40 | 000,007,168 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV - [2006/08/11 15:45:38 | 000,499,584 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctaud2k.sys -- (ctaud2k)
DRV - [2006/08/11 15:45:28 | 000,180,224 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\haP17v2k.sys -- (hap17v2k)
DRV - [2006/08/11 15:45:26 | 000,766,976 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ha10kx2k.sys -- (ha10kx2k)
DRV - [2006/08/11 15:45:26 | 000,154,112 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\haP16v2k.sys -- (hap16v2k)
DRV - [2006/08/11 15:45:24 | 000,116,224 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2006/08/11 15:45:18 | 000,143,872 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2006/08/11 15:45:18 | 000,078,336 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\emupia2k.sys -- (emupia)
DRV - [2006/08/11 15:45:14 | 000,502,272 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctac32k.sys -- (ctac32k)
DRV - [2006/02/21 20:46:26 | 001,505,792 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005/11/10 18:06:04 | 000,340,704 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctdvda2k.sys -- (ctdvda2k)
DRV - [2004/09/17 09:02:54 | 000,732,928 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt)
DRV - [2004/08/03 23:29:32 | 000,104,960 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atinrvxx.sys -- (atinrvxx)
DRV - [2004/08/03 23:29:32 | 000,073,216 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atintuxx.sys -- (ATITUNEP)
DRV - [2004/08/03 23:29:32 | 000,063,488 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atinxsxx.sys -- (ATIXSAudio)
DRV - [2004/08/03 23:29:30 | 000,052,224 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atinraxx.sys -- (ativraxx)
DRV - [2004/08/03 23:29:30 | 000,014,336 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atinpdxx.sys -- (PCDCODEC)
DRV - [2004/08/03 23:29:30 | 000,013,824 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atinmdxx.sys -- (MVDCODEC)
DRV - [2003/12/17 10:50:00 | 000,070,801 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lmouflt2.sys -- (LMouFlt2)
DRV - [2003/12/17 10:50:00 | 000,051,729 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L8042PR2.SYS -- (L8042PR2)
DRV - [2003/12/17 10:50:00 | 000,037,887 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHIDUSB.SYS -- (LHidUsb)
DRV - [2003/12/17 10:50:00 | 000,025,505 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHIDFLT2.SYS -- (LHidFlt2)
DRV - [2003/12/17 10:50:00 | 000,014,095 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LCCFLTR.SYS -- (LCcfltr)
DRV - [2002/10/15 16:59:24 | 000,017,153 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\omci.sys -- (omci)
DRV - [2001/08/17 12:51:10 | 000,138,528 | ---- | M] (Trident Microsystems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tgiulnt5.sys -- (tgiul50)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKU\.DEFAULT\..\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}: "URL" = http://www.inbox.com/search/dispatcher.aspx?tp=bs&qkw={searchTerms}&tbid=70001
IE - HKU\.DEFAULT\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search.yahoo.com/avg/sear ... rome_us&p={searchTerms}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKU\S-1-5-18\..\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}: "URL" = http://www.inbox.com/search/dispatcher.aspx?tp=bs&qkw={searchTerms}&tbid=70001
IE - HKU\S-1-5-18\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search.yahoo.com/avg/sear ... rome_us&p={searchTerms}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-583907252-1770027372-725345543-500\SOFTWARE\Microsoft\Internet Explorer\Main,BrowserMngr Start Page = http://www.google.com
IE - HKU\S-1-5-21-583907252-1770027372-725345543-500\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-583907252-1770027372-725345543-500\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-583907252-1770027372-725345543-500\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-583907252-1770027372-725345543-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.iminent.com/?appId=1C89CFA ... BCFB8F4BAC
IE - HKU\S-1-5-21-583907252-1770027372-725345543-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-583907252-1770027372-725345543-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-583907252-1770027372-725345543-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 61 92 5D 5F 27 1C CE 01 [binary data]
IE - HKU\S-1-5-21-583907252-1770027372-725345543-500\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-583907252-1770027372-725345543-500\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-583907252-1770027372-725345543-500\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-21-583907252-1770027372-725345543-500\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-583907252-1770027372-725345543-500\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-583907252-1770027372-725345543-500\..\SearchScopes\{21971F0F-1912-4672-80DC-2ED13C5307E7}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\S-1-5-21-583907252-1770027372-725345543-500\..\SearchScopes\{2256D71E-BC53-4933-9D3A-D5535DB30265}: "URL" = http://search.avg.com/route/?d=4d14e073 ... =chrome&q={searchTerms}&lng={language}&iy=&ychte=us
IE - HKU\S-1-5-21-583907252-1770027372-725345543-500\..\SearchScopes\{5F427495-5C6C-444D-8516-861A536191DA}: "URL" = http://search.avg.com/route/?d=4e30bc50 ... =chrome&q={searchTerms}&lng={language}&iy=&ychte=us
IE - HKU\S-1-5-21-583907252-1770027372-725345543-500\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searcerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-583907252-1770027372-725345543-500\..\SearchScopes\{A4862931-C9B9-4C52-A4F4-C7B20FD5B952}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3291679&CUI=UN68023012417131119&UM=2
IE - HKU\S-1-5-21-583907252-1770027372-725345543-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://mysearch.avg.com/?cid={97454E7F-3BAB-4AC9-B881-CB0AEA2DEB94}&mid=f359e15a2b1ef11bcdb955c06a4a3d6e-1680464a21a017e42b382492c130b8ad24bd6e86&lang=en&ds=co011&pr=sa&d=2013-08-30 04:31:53&v=15.5.0.2&pid=safeguard&sg=0&sap=hp"
FF - prefs.js..browser.startup.homepage: "http://start.iminent.com/?appId=1C89CFAC-D090-4F9E-B286-2CBCFB8F4BAC"
FF - prefs.js..browser.search.selectedEngine: "StartWeb"
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG10\Toolbar\Firefox\avg@igeared
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}: C:\Program Files\Updater By SweetPacks\Firefox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files\Mozilla Firefox 4.0 Beta 3\components [2013/08/21 08:46:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox 4.0 Beta 3\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/08/21 08:46:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/09/10 17:31:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\SeaMonkey 1.1.14\Extensions\\Components: C:\Program Files\mozilla.org\SeaMonkey\Components [2013/08/21 08:46:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\SeaMonkey 1.1.14\Extensions\\Plugins: C:\Program Files\mozilla.org\SeaMonkey\Plugins [2013/09/10 17:31:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\SeaMonkey 2.21\extensions\\Components: C:\Program Files\SeaMonkey\components [2013/09/19 04:10:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\SeaMonkey 2.21\extensions\\Plugins: C:\Program Files\SeaMonkey\plugins [2013/09/10 17:31:10 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey 1.1.14\Extensions\\Components: C:\Program Files\mozilla.org\SeaMonkey\Components [2013/08/21 08:46:32 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey 1.1.14\Extensions\\Plugins: C:\Program Files\mozilla.org\SeaMonkey\Plugins [2013/09/10 17:31:10 | 000,000,000 | ---D | M]

[2012/10/24 02:24:39 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions
[2009/11/21 08:16:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions\{92650c4d-4b8e-4d2a-b7eb-24ecf4f6b63a}
[2009/02/25 19:54:59 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions\home2@tomtom.com
[2013/08/30 10:11:53 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\g9clsfpo.default\extensions
[2013/02/16 17:42:31 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\g9clsfpo.default\extensions\{1be04434-6b9f-48c8-8675-94c640d5b293}
[2010/08/04 18:04:17 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\g9clsfpo.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012/11/09 11:46:59 | 000,000,000 | ---D | M] (FireFTP) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\g9clsfpo.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}
[2013/08/22 10:33:46 | 000,000,000 | ---D | M] (Iminent Toolbar) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\g9clsfpo.default\extensions\ffxtlbr@iminent.com
[2012/11/09 13:06:21 | 000,000,000 | ---D | M] (Firefox Hotfix) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\g9clsfpo.default\extensions\firefox-hotfix@mozilla.org
[2013/08/22 05:44:43 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\g9clsfpo.default\extensions\staged
[2013/03/08 17:51:13 | 000,000,000 | ---D | M] (Web Backup Drop Pad) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\g9clsfpo.default\extensions\Strongvault@Strongvault.com
[2013/02/25 06:43:53 | 000,000,000 | ---D | M] (LastPass) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\g9clsfpo.default\extensions\support@lastpass.com
[2012/11/09 11:46:55 | 000,000,000 | ---D | M] (Test Pilot) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\g9clsfpo.default\extensions\testpilot@labs.mozilla.com
[2013/07/23 13:22:30 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkey\Profiles\pl6wiyw8.default\extensions
[2013/07/23 13:22:30 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkey\Profiles\pl6wiyw8.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
[2013/07/04 03:52:35 | 000,000,000 | ---D | M] (ReminderFox) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkey\Profiles\pl6wiyw8.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}
[2012/05/04 20:51:53 | 000,000,000 | ---D | M] (IE Tab Plus) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkey\Profiles\pl6wiyw8.default\extensions\ietab@ip.cn
[2013/04/15 03:53:07 | 000,000,000 | ---D | M] (DOM Inspector) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkey\Profiles\pl6wiyw8.default\extensions\inspector@mozilla.org
[2013/01/31 16:04:49 | 000,000,000 | ---D | M] (LastPass) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkey\Profiles\pl6wiyw8.default\extensions\support@lastpass.com
[2013/07/15 07:02:06 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkey\Profiles\pl6wiyw8.default\extensions\trash
[2011/03/20 12:30:01 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkey1\pl6wiyw8.default\extensions
[2011/03/20 12:30:00 | 000,000,000 | ---D | M] (Image Zoom) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkey1\pl6wiyw8.default\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}
[2011/03/20 12:29:59 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkey1\pl6wiyw8.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
[2011/03/20 12:29:58 | 000,000,000 | ---D | M] (ReminderFox) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkey1\pl6wiyw8.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}
[2011/03/20 12:29:58 | 000,000,000 | ---D | M] (JavaScript Debugger) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkey1\pl6wiyw8.default\extensions\{f13b157f-b174-47e7-a34d-4815ddfdfeb8}
[2011/03/20 12:30:02 | 000,000,000 | ---D | M] (IE Tab Plus) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkey1\pl6wiyw8.default\extensions\ietab@ip.cn
[2011/03/20 12:30:01 | 000,000,000 | ---D | M] (DOM Inspector) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkey1\pl6wiyw8.default\extensions\inspector@mozilla.org
[2010/08/04 18:05:58 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkey1\Profiles\xfxz4wkn2.default\extensions
[2010/06/30 19:32:57 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkey1\Profiles\xfxz4wkn2.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
[2010/06/30 19:32:56 | 000,000,000 | ---D | M] (IE Tab Plus) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkey1\Profiles\xfxz4wkn2.default\extensions\ietab@ip.cn
[2010/08/04 18:05:56 | 000,000,000 | ---D | M] (DOM Inspector) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkey1\Profiles\xfxz4wkn2.default\extensions\inspector@mozilla.org
[2011/04/06 14:39:13 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Copy of SeaMonkey\Profiles\pl6wiyw8.default\extensions
[2011/04/06 14:39:13 | 000,000,000 | ---D | M] (Image Zoom) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Copy of SeaMonkey\Profiles\pl6wiyw8.default\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}
[2011/04/06 14:39:12 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Copy of SeaMonkey\Profiles\pl6wiyw8.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
[2011/04/06 14:39:11 | 000,000,000 | ---D | M] (ReminderFox) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Copy of SeaMonkey\Profiles\pl6wiyw8.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}
[2011/04/06 14:39:11 | 000,000,000 | ---D | M] (JavaScript Debugger) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Copy of SeaMonkey\Profiles\pl6wiyw8.default\extensions\{f13b157f-b174-47e7-a34d-4815ddfdfeb8}
[2011/04/06 14:39:15 | 000,000,000 | ---D | M] (IE Tab Plus) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Copy of SeaMonkey\Profiles\pl6wiyw8.default\extensions\ietab@ip.cn
[2011/04/06 14:39:13 | 000,000,000 | ---D | M] (DOM Inspector) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Copy of SeaMonkey\Profiles\pl6wiyw8.default\extensions\inspector@mozilla.org
[2011/04/06 14:35:11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Copy of SeaMonkey\Profiles\pl6wiyw8.default\pl6wiyw8.default\extensions
[2011/04/06 14:35:10 | 000,000,000 | ---D | M] (Image Zoom) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Copy of SeaMonkey\Profiles\pl6wiyw8.default\pl6wiyw8.default\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}
[2011/04/06 14:35:10 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Copy of SeaMonkey\Profiles\pl6wiyw8.default\pl6wiyw8.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
[2011/04/06 14:35:09 | 000,000,000 | ---D | M] (ReminderFox) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Copy of SeaMonkey\Profiles\pl6wiyw8.default\pl6wiyw8.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}
[2011/04/06 14:35:09 | 000,000,000 | ---D | M] (JavaScript Debugger) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Copy of SeaMonkey\Profiles\pl6wiyw8.default\pl6wiyw8.default\extensions\{f13b157f-b174-47e7-a34d-4815ddfdfeb8}
[2011/04/06 14:35:13 | 000,000,000 | ---D | M] (IE Tab Plus) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Copy of SeaMonkey\Profiles\pl6wiyw8.default\pl6wiyw8.default\extensions\ietab@ip.cn
[2011/04/06 14:35:11 | 000,000,000 | ---D | M] (DOM Inspector) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Copy of SeaMonkey\Profiles\pl6wiyw8.default\pl6wiyw8.default\extensions\inspector@mozilla.org
[2011/04/05 20:34:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Profiles\pl6wiyw8.default\extensions
[2010/12/31 10:42:43 | 000,000,000 | ---D | M] (Image Zoom) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Profiles\pl6wiyw8.default\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}
[2011/03/19 08:07:01 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Profiles\pl6wiyw8.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
[2011/03/19 08:07:02 | 000,000,000 | ---D | M] (ReminderFox) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Profiles\pl6wiyw8.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}
[2010/08/23 04:34:50 | 000,000,000 | ---D | M] (JavaScript Debugger) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Profiles\pl6wiyw8.default\extensions\{f13b157f-b174-47e7-a34d-4815ddfdfeb8}
[2010/11/27 05:47:53 | 000,000,000 | ---D | M] (IE Tab Plus) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Profiles\pl6wiyw8.default\extensions\ietab@ip.cn
[2011/03/04 06:18:10 | 000,000,000 | ---D | M] (DOM Inspector) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Profiles\pl6wiyw8.default\extensions\inspector@mozilla.org
[2011/04/05 19:10:11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Profiles\pl6wiyw8.default\pl6wiyw8.default\extensions
[2011/04/05 19:10:10 | 000,000,000 | ---D | M] (Image Zoom) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Profiles\pl6wiyw8.default\pl6wiyw8.default\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}
[2011/04/05 19:10:09 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Profiles\pl6wiyw8.default\pl6wiyw8.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
[2011/04/05 19:10:09 | 000,000,000 | ---D | M] (ReminderFox) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Profiles\pl6wiyw8.default\pl6wiyw8.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}
[2011/04/05 19:10:08 | 000,000,000 | ---D | M] (JavaScript Debugger) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Profiles\pl6wiyw8.default\pl6wiyw8.default\extensions\{f13b157f-b174-47e7-a34d-4815ddfdfeb8}
[2011/04/05 19:10:13 | 000,000,000 | ---D | M] (IE Tab Plus) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Profiles\pl6wiyw8.default\pl6wiyw8.default\extensions\ietab@ip.cn
[2011/04/05 19:10:11 | 000,000,000 | ---D | M] (DOM Inspector) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Profiles\pl6wiyw8.default\pl6wiyw8.default\extensions\inspector@mozilla.org
[2011/04/05 19:28:03 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\SeaMonkey\Profiles\pl6wiyw8.default\extensions
[2011/04/05 19:28:02 | 000,000,000 | ---D | M] (Image Zoom) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\SeaMonkey\Profiles\pl6wiyw8.default\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}
[2011/04/05 19:28:02 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\SeaMonkey\Profiles\pl6wiyw8.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
[2011/04/05 19:28:02 | 000,000,000 | ---D | M] (ReminderFox) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\SeaMonkey\Profiles\pl6wiyw8.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}
[2011/04/05 19:28:01 | 000,000,000 | ---D | M] (JavaScript Debugger) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\SeaMonkey\Profiles\pl6wiyw8.default\extensions\{f13b157f-b174-47e7-a34d-4815ddfdfeb8}
[2011/04/05 19:28:04 | 000,000,000 | ---D | M] (IE Tab Plus) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\SeaMonkey\Profiles\pl6wiyw8.default\extensions\ietab@ip.cn
[2011/04/05 19:28:03 | 000,000,000 | ---D | M] (DOM Inspector) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\SeaMonkey\Profiles\pl6wiyw8.default\extensions\inspector@mozilla.org
[2011/04/06 12:47:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\SeaMonkey\Profiles\pl6wiyw8.default\pl6wiyw8.default\extensions
[2011/04/06 12:47:15 | 000,000,000 | ---D | M] (Image Zoom) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\SeaMonkey\Profiles\pl6wiyw8.default\pl6wiyw8.default\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}
[2011/04/06 12:47:14 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\SeaMonkey\Profiles\pl6wiyw8.default\pl6wiyw8.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
[2011/04/06 12:47:14 | 000,000,000 | ---D | M] (ReminderFox) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\SeaMonkey\Profiles\pl6wiyw8.default\pl6wiyw8.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}
[2011/04/06 12:47:13 | 000,000,000 | ---D | M] (JavaScript Debugger) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\SeaMonkey\Profiles\pl6wiyw8.default\pl6wiyw8.default\extensions\{f13b157f-b174-47e7-a34d-4815ddfdfeb8}
[2011/04/06 12:47:18 | 000,000,000 | ---D | M] (IE Tab Plus) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\SeaMonkey\Profiles\pl6wiyw8.default\pl6wiyw8.default\extensions\ietab@ip.cn
[2011/04/06 12:47:16 | 000,000,000 | ---D | M] (DOM Inspector) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\SeaMonkey\Profiles\pl6wiyw8.default\pl6wiyw8.default\extensions\inspector@mozilla.org
[2011/12/11 15:40:26 | 000,074,865 | ---- | M] () (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\g9clsfpo.default\extensions\addon@homepagepays.com.xpi
[2012/11/09 11:51:07 | 000,025,868 | ---- | M] () (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\g9clsfpo.default\extensions\firefox-hotfix@mozilla.org.xpi
[2012/09/19 23:46:32 | 000,621,521 | ---- | M] () (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\g9clsfpo.default\extensions\testpilot@labs.mozilla.com.xpi
[2012/08/15 12:11:20 | 000,071,420 | ---- | M] () (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\g9clsfpo.default\extensions\{6B79F0E9-1B47-4e19-A030-F33D8976D320}.xpi
[2012/11/09 11:46:53 | 000,341,143 | ---- | M] () (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\g9clsfpo.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}.xpi
[2013/08/22 05:20:23 | 000,001,005 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\g9clsfpo.default\searchplugins\conduit.xml._eac_qt_
[2013/08/22 10:33:47 | 000,001,368 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\g9clsfpo.default\searchplugins\iminent.xml
[2013/08/30 04:33:35 | 000,003,725 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\g9clsfpo.default\searchplugins\safeguard-secure-search.xml
[2013/08/22 12:31:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2009/10/30 16:01:37 | 000,536,352 | ---- | M] (iLinc Communications, Inc.) -- C:\Program Files\mozilla firefox\plugins\NPCltInstall.dll
[2010/07/17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2013/08/30 04:33:36 | 000,003,771 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\safeguard-secure-search.xml

========== Chrome ==========

CHR - Extension: No name found = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gpdgdlcjhlbaphcjmagicjhhgfnkiihp\1.0.0_0\
CHR - Extension: No name found = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb\2.6.17_0\
CHR - Extension: No name found = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmgjcfciomphoojcgkgbhhlcdmbbbbjn\2.2\
CHR - Extension: No name found = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\

O1 HOSTS File: ([2004/08/04 07:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Reg Error: Value error.) - {B753C7C5-0942-4b7f-BC27-942B52BDAC66} - C:\Program Files\StopSign\PopupBlocker\sspopupblocker.dll (eAcceleration Corp )
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (CostMin) - {E7DD70DE-3940-7EDF-BB76-1DB87353DF22} - C:\Documents and Settings\All Users\Application Data\CostMin\Py2CX.dll File not found
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKU\S-1-5-21-583907252-1770027372-725345543-500\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [LXCJCATS] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCJtime.DLL ()
O4 - HKLM..\Run: [SoftwareStation] C:\Program Files\eAcceleration\Station\station.exe (eAcceleration Corp)
O4 - HKLM..\Run: [webscan] C:\Program Files\Acceleration Software\Anti-Virus\stopsignav.exe (eAcceleration Corp)
O4 - HKU\S-1-5-21-583907252-1770027372-725345543-500..\Run: [Smart PC Booster Startup Dialog] "C:\Program Files\Ask4Expert\Smart PC Booster 7\Helper.exe" --windows-startup-nag-dialog --windows-startup File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Activities present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-583907252-1770027372-725345543-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html File not found
O9 - Extra 'Tools' menuitem : Block This Page - {24BE56F9-F0B6-4ac7-97F1-8CACEDA9A427} - C:\Program Files\StopSign\PopupBlocker\sspopupblocker.dll (eAcceleration Corp )
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/microso ... 1318987109 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microso ... 0472385019 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Value error.)
O16 - DPF: {8BBDC81D-81B3-49EE-87E8-47B7A707FAE8} https://www2.gotomeeting.com/default/ap ... 2mdlax.cab (GoToMeeting/GoToWebinar Web Starter)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D9895870-0F22-417D-9EDD-62ECEFD39F4B}: NameServer = 192.168.2.1
O18 - Protocol\Handler\avgsecuritytoolbar - No CLSID value found
O18 - Protocol\Handler\linkscanner - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\Userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxsrvc.dll) - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O28 - HKLM ShellExecuteHooks: {42DD0873-5FA9-465D-90DE-0826020416A5} - C:\Program Files\StopSign\OnAccess\onaccess_hk32.dll (eAcceleration Corp)
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/01/12 21:11:39 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/01/12 21:11:39 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{8146574b-c98f-11df-9fb3-000bdb74528e}\Shell - "" = AutoRun
O33 - MountPoints2\{8146574b-c98f-11df-9fb3-000bdb74528e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{8146574b-c98f-11df-9fb3-000bdb74528e}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL JaiJAeQ.EXe
O33 - MountPoints2\{88419c08-31a3-11de-a705-000d56a04924}\Shell - "" = AutoRun
O33 - MountPoints2\{88419c08-31a3-11de-a705-000d56a04924}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{88419c08-31a3-11de-a705-000d56a04924}\Shell\AutoRun\command - "" = F:\bobo.bat
O33 - MountPoints2\{b1bedfd2-9767-11df-9f5f-000bdb74528e}\Shell\AutoRun\command - "" = I:\setupSNK.exe
O33 - MountPoints2\{d306922a-97ea-11df-9f60-000bdb74528e}\Shell - "" = AutoRun
O33 - MountPoints2\{d306922a-97ea-11df-9f60-000bdb74528e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{d306922a-97ea-11df-9f60-000bdb74528e}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL JaijaEQ.exE
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/10/03 09:26:33 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2013/10/03 09:19:45 | 002,031,992 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Administrator\Desktop\MGADiag.exe
[2013/09/17 10:57:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\MELWARE2
[2013/09/14 19:45:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\THOM ALL MY MUSIC
[2013/09/06 20:23:00 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\IECompatCache
[2013/09/05 08:17:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\MELWARE
[2009/01/22 11:09:03 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Administrator\Application Data\pcouffin.sys
[2009/01/14 10:58:49 | 000,376,832 | ---- | C] (CyberLink Corp.) -- C:\Program Files\PowerDVD.exe
[2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/10/03 20:34:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
[2013/10/03 20:29:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2013/10/03 20:15:00 | 000,001,010 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-583907252-1770027372-725345543-500UA.job
[2013/10/03 20:15:00 | 000,000,958 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-583907252-1770027372-725345543-500Core.job
[2013/10/03 20:04:00 | 000,000,900 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/10/03 20:01:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/10/03 16:27:27 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/10/03 16:24:55 | 000,000,896 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/10/03 16:24:52 | 000,000,294 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-583907252-1770027372-725345543-500.job
[2013/10/03 16:24:38 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/10/03 12:00:50 | 000,000,452 | ---- | M] () -- C:\WINDOWS\tasks\Daily Scan.job
[2013/10/03 09:26:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2013/10/03 09:19:22 | 002,031,992 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Administrator\Desktop\MGADiag.exe
[2013/10/02 19:04:24 | 000,002,098 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys
[2013/10/02 14:43:02 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013/09/30 21:42:02 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2013/09/29 22:26:37 | 000,030,912 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000002-00000000-00000009-00001102-00000004-10031102}.rfx
[2013/09/29 22:26:37 | 000,030,912 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000002-00000000-00000009-00001102-00000004-10031102}.rfx
[2013/09/29 22:26:37 | 000,030,120 | ---- | M] () -- C:\WINDOWS\System32\BMXCtrlState-{00000002-00000000-00000009-00001102-00000004-10031102}.rfx
[2013/09/29 22:26:37 | 000,030,120 | ---- | M] () -- C:\WINDOWS\System32\BMXBkpCtrlState-{00000002-00000000-00000009-00001102-00000004-10031102}.rfx
[2013/09/29 22:26:37 | 000,011,564 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000002-00000000-00000009-00001102-00000004-10031102}.rfx
[2013/09/29 22:26:37 | 000,002,064 | ---- | M] () -- C:\WINDOWS\System32\settingsbkup.sfm
[2013/09/29 22:26:37 | 000,002,064 | ---- | M] () -- C:\WINDOWS\System32\settings.sfm
[2013/09/28 13:11:00 | 000,000,302 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-583907252-1770027372-725345543-500.job
[2013/09/23 17:00:54 | 000,000,768 | ---- | M] () -- C:\WINDOWS\System32\d3d8caps.dat
[2013/09/22 22:08:13 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2013/09/13 22:18:09 | 000,002,567 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Excel 2007.lnk
[2013/09/13 04:23:48 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013/09/13 04:23:45 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013/09/12 05:02:33 | 000,278,152 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/09/11 22:28:26 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013/09/03 22:33:08 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/08/20 09:33:01 | 000,000,884 | RHS- | C] () -- C:\Documents and Settings\Administrator\ntuser.pol
[2013/07/26 09:36:21 | 000,048,640 | ---- | C] () -- C:\WINDOWS\System32\sdtnpm.dll
[2013/07/18 19:18:07 | 000,340,568 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2013/07/02 11:41:04 | 000,013,464 | ---- | C] () -- C:\WINDOWS\System32\drivers\SWDUMon.sys
[2013/03/07 07:18:48 | 000,000,664 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\d3d9caps.dat
[2012/11/29 22:47:43 | 000,000,108 | ---- | C] () -- C:\WINDOWS\MLMBrowser.INI
[2012/09/11 05:13:47 | 000,001,278 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2012/09/09 16:57:55 | 000,005,504 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2012/09/09 04:00:03 | 000,059,392 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\glhxxsvq
[2012/09/08 06:36:34 | 000,059,392 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\cgefxfsx
[2012/09/08 04:19:17 | 000,059,392 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\xgoqwxsv
[2012/09/07 13:28:06 | 000,059,392 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\eakavotx
[2012/09/07 03:38:18 | 000,059,392 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\siefblhk
[2012/09/06 13:55:41 | 000,059,392 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\jswxiswf
[2012/09/06 13:50:58 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\SharedSettings.ccs
[2012/05/22 18:42:32 | 000,000,153 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\default.rss
[2012/05/11 16:00:04 | 000,000,208 | ---- | C] () -- C:\WINDOWS\ActiveAct.INI
[2012/04/19 14:58:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2012/04/19 14:41:27 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2012/04/19 11:04:12 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2012/02/25 06:08:32 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/02/18 00:26:37 | 001,468,799 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-583907252-1770027372-725345543-500-0.dat
[2012/02/18 00:26:34 | 000,280,650 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2012/02/17 07:44:07 | 000,000,744 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.400.32.bc
[2011/12/29 11:13:57 | 000,034,308 | ---- | C] () -- C:\WINDOWS\System32\Chip.dll
[2011/11/08 05:12:59 | 001,183,744 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcjserv.dll
[2011/11/08 05:12:59 | 001,122,304 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcjusb1.dll
[2011/11/08 05:12:59 | 000,155,648 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcjprox.dll
[2011/11/08 05:12:59 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxcjvs.dll
[2011/11/08 05:12:58 | 000,770,048 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcjhbn3.dll
[2011/11/08 05:12:58 | 000,704,512 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcjcomc.dll
[2011/11/08 05:12:58 | 000,630,784 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcjpmui.dll
[2011/11/08 05:12:58 | 000,491,520 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcjlmpm.dll
[2011/11/08 05:12:58 | 000,491,520 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcjcoms.exe
[2011/11/08 05:12:58 | 000,413,696 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcjcomm.dll
[2011/11/08 05:12:58 | 000,372,736 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcjih.exe
[2011/11/08 05:12:58 | 000,368,640 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcjcfg.exe
[2011/11/08 05:12:58 | 000,114,688 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcjpplc.dll
[2011/11/05 15:07:10 | 000,000,088 | RHS- | C] () -- C:\Documents and Settings\All Users\Application Data\8E76001A22.sys
[2009/09/20 14:53:43 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\inst.exe
[2009/09/20 14:44:04 | 000,000,040 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\.zreglib
[2009/09/02 17:40:31 | 000,103,784 | ---- | C] () -- C:\Documents and Settings\Administrator\GoToAssistDownloadHelper.exe
[2009/04/22 15:24:58 | 000,000,088 | RHS- | C] () -- C:\Documents and Settings\All Users\Application Data\1B29BB592B.sys
[2009/04/22 15:24:57 | 000,002,098 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys
[2009/03/08 06:02:27 | 000,000,109 | ---- | C] () -- C:\Documents and Settings\Administrator\default.pls
[2009/02/16 11:38:25 | 000,060,864 | ---- | C] () -- C:\Documents and Settings\Administrator\g2mdlhlpx.exe
[2009/01/25 08:57:32 | 000,029,696 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/01/22 11:09:03 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\ezpinst.exe
[2009/01/22 11:09:03 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\pcouffin.cat
[2009/01/22 11:09:03 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\pcouffin.inf

========== ZeroAccess Check ==========

[2012/07/14 19:11:12 | 000,000,596 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkey\Profiles\pl6wiyw8.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}\defaults\printing\icons\@.png
[2009/01/15 22:40:38 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[2011/11/26 09:57:21 | 000,000,000 | ---D | M] -- C:\WINDOWS\assembly\GAC_MSIL\Act.Outlook.Service.Desktop

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/13 19:12:05 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 07:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/13 19:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== Alternate Data Streams ==========

@Alternate Data Stream - 216 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7ADA8871
@Alternate Data Stream - 215 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:6F1F66C0
@Alternate Data Stream - 212 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:38DE6D05
@Alternate Data Stream - 200 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7BA83BF4
@Alternate Data Stream - 172 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0CE7F3C9
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:373E1720
@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:24051EFF

< End of report >

no Extras.txt

Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->
Validation Status: Genuine
Validation Code: 0
Cached Validation Code: N/A
Windows Product Key: *****-*****-GPGMJ-KBCRR-2JKDW
Windows Product Key Hash: yQ+hpjlcYXdByU9lIyritAunUho=
Windows Product ID: 76487-OEM-2250525-78975
Windows Product ID Type: 3
Windows License Type: OEM System Builder
Windows OS version: 5.1.2600.2.00010100.3.0.pro
ID: {9AD11BC4-F939-48CF-AB0F-B3DA6EBA2AEC}(3)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: Registered, 1.9.42.0
Signed By: Microsoft
Product Name: N/A
Architecture: N/A
Build lab: N/A
TTS Error: N/A
Validation Diagnostic: 025D1FF3-230-1
Resolution Status: N/A

Vista WgaER Data-->
ThreatID(s): N/A
Version: N/A

Windows XP Notifications Data-->
Cached Result: 0
File Exists: Yes
Version: 1.9.40.0
WgaTray.exe Signed By: Microsoft
WgaLogon.dll Signed By: Microsoft

OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: 2.0.48.0
OGAExec.exe Signed By: Microsoft
OGAAddin.dll Signed By: Microsoft

OGA Data-->
Office Status: 100 Genuine
Microsoft Office Enterprise 2007 - 100 Genuine
OGA Version: Registered, 2.0.48.0
Signed By: Microsoft
Office Diagnostics: B4D0AA8B-604-645_025D1FF3-230-1

Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
Default Browser: C:\Program Files\SeaMonkey\seamonkey.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed

File Scan Data-->

Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{9AD11BC4-F939-48CF-AB0F-B3DA6EBA2AEC}</UGUID><Version>1.9.0027.0</Version><OS>5.1.2600.2.00010100.3.0.pro</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-2JKDW</PKey><PID>76487-OEM-2250525-78975</PID><PIDType>3</PIDType><SID>S-1-5-21-583907252-1770027372-725345543</SID><SYSTEM><Manufacturer>Dell Computer Corporation</Manufacturer><Model>OptiPlex GX270 </Model></SYSTEM><BIOS><Manufacturer>Dell Computer Corporation</Manufacturer><Version>A07</Version><SMBIOSVersion major="2" minor="3"/><Date>20060626000000.000000+000</Date></BIOS><HWID>53A0386F01848073</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Central Standard Time(GMT-06:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM/><GANotification><File Name="WgaTray.exe" Version="1.9.40.0"/><File Name="WgaLogon.dll" Version="1.9.40.0"/><File Name="OGAAddin.dll" Version="2.0.48.0"/></GANotification></MachineData><Software><Office><Result>100</Result><Products><Product GUID="{91120000-0030-0000-0000-0000000FF1CE}"><LegitResult>100</LegitResult><Name>Microsoft Office Enterprise 2007</Name><Ver>12</Ver><Val>BA57C2E92F216D0</Val><Hash>l5c3NdSptLC5pjuHaJKieIt+Nl8=</Hash><Pid>81599-872-0010204-65926</Pid><PidType>1</PidType></Product></Products><Applications><App Id="15" Version="12" Result="100"/><App Id="16" Version="12" Result="100"/><App Id="18" Version="12" Result="100"/><App Id="19" Version="12" Result="100"/><App Id="1A" Version="12" Result="100"/><App Id="1B" Version="12" Result="100"/><App Id="44" Version="12" Result="100"/><App Id="A1" Version="12" Result="100"/><App Id="BA" Version="12" Result="100"/></Applications></Office></Software></GenuineResults>

Licensing Data-->
N/A

Windows Activation Technologies-->
N/A

HWID Data-->
N/A

OEM Activation 1.0 Data-->
BIOS string matches: yes
Marker string from BIOS: 1B16F:Dell Inc|10008:Microsoft Corporation|1B16F:Microsoft Corporation
Marker string from OEMBIOS.DAT: N/A, hr = 0x80004005

OEM Activation 2.0 Data-->
N/A

CKScanner 2.4 - Additional Security Risks - These are not necessarily bad
c:\documents and settings\all users\documents\pro beatz backup files\user\synthetic_drums_2\synthetic drums 2\dust kit\dust kit samples\crackedsnare.nov
c:\documents and settings\all users\documents\pro beatz backup files\user\synthetic_drums_2\synthetic drums 2\kai tracid kit\kai tracid kit samples\1984 crackel tom kt.nov
c:\documents and settings\all users\documents\pro beatz backup files\user\synthetic_drums_2\synthetic drums 2\kai tracid kit\kai tracid kit samples\1986 crackfuzz kt.nov
scanner sequence 3.AB.11.HPCPJZ
----- EOF -----
thom15
Regular Member
 
Posts: 42
Joined: July 11th, 2008, 11:49 pm

Re: my computer will restart at random

Unread postby nunped » October 4th, 2013, 5:45 am

Hi thom15,

We have some bad stuff to clean, but first I'll need to check for more signs of infection with some more scanners.
Can you tell me what issues are you experimenting?

Step 1
Multiple Antivirus Programs
You are running more than 1 Antivirus program!
AVG Anti-Virus Free
StopSign® Antivirus
Running more than one antivirus program is not recommended because:
  1. They can conflict with each other.
  2. Report the other antivirus software as malicious.
  3. Antivirus programs use an enormous amount of computer's resources actively scanning your computer.
  4. Can cause your computer to run slowly, become unstable and crash.
I strongly suggest you uninstall one of them.
StopSign had a bad reputation some time ago, so I'll advise you to uninstall it, and keep AVG.

Step 2 - AdwCleaner - Scan Only
Please download AdwCleaner by Xplode, save it to your desktop.
  1. Close ALL open programs, including your Internet browsers.
  2. Double-click on adwcleaner.exe to run it.
  3. Click on Scan.
    When the scan finishes, you'll see a message on the product window: "Pending. Please uncheck elements you don't want to remove."
  4. Press the Report button to produce the scan report.
  5. A logfile C:\AdwCleaner[Rn].txt will automatically open. ([Rn] n = number of run)
  6. Please post the content of the C:\AdwCleaner[Rn].txt logfile in your next reply.

Step 3 - TDSSKiller - Rootkit Removal Tool
Please download the TDSSKiller.exe by Kaspersky... save it to your Desktop. <-Important!!!
  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    If TDSSKiller does not run... rename it. Right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. ektfhtw.com). If you don't see file extensions, please see: How to change the file extension.
  • Click the Start Scan button. Do not use the computer during the scan!
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the "Scan results - Select action for found objects" and offer 3 options.
    • Ensure SKIP is selected... DO NOT attempt to FIX anything yet!
    • Now click on Report to open the log file created by TDSSKiller in your root directory C:\
  • A log file named TDSSKiller_version_dd.mm.yyyy_hh.mm.ss_log.txt will be created and saved to the root directory. (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.
User avatar
nunped
MRU Honors Grad Emeritus
 
Posts: 1210
Joined: August 17th, 2011, 5:03 pm
Location: Portugal

Re: my computer will restart at random

Unread postby thom15 » October 4th, 2013, 10:58 pm

# AdwCleaner v3.006 - Report created 04/10/2013 at 21:15:59
# Updated 01/10/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Administrator - THOMXP
# Running from : C:\Documents and Settings\Administrator\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\g9clsfpo.default\searchplugins\iminent.xml
File Found : C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage
Folder Found : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\g9clsfpo.default\Extensions\ffxtlbr@iminent.com
Folder Found C:\Documents and Settings\Administrator\Local Settings\Application Data\DownloadTerms
Folder Found C:\Program Files\IminentToolbar

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\ParetoLogic
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3289847
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3291679
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3298567
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3303000
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{8D15E1B2-D2B7-4A17-B44B-D2DDE5981406}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyPC Backup
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Key Found : HKLM\Software\ParetoLogic
Value Found : HKCU\Software\Microsoft\Internet Explorer\Main [BrowserMngr Start Page]

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v16.0.2 (en-US)

[ File : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\g9clsfpo.default\prefs.js ]


-\\ Google Chrome v

[ File : C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R1].txt - [1131 octets] - [30/08/2013 10:42:44]
AdwCleaner[R2].txt - [2237 octets] - [04/10/2013 21:15:59]
AdwCleaner[S0].txt - [64508 octets] - [30/08/2013 10:09:51]

########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [2358 octets] ##########

21:44:04.0109 0x06b4 TDSS rootkit removing tool 3.0.0.11 Sep 30 2013 09:17:03
21:44:04.0656 0x06b4 ============================================================
21:44:04.0656 0x06b4 Current date / time: 2013/10/04 21:44:04.0656
21:44:04.0656 0x06b4 SystemInfo:
21:44:04.0656 0x06b4
21:44:04.0656 0x06b4 OS Version: 5.1.2600 ServicePack: 3.0
21:44:04.0656 0x06b4 Product type: Workstation
21:44:04.0656 0x06b4 ComputerName: THOMXP
21:44:04.0656 0x06b4 UserName: Administrator
21:44:04.0656 0x06b4 Windows directory: C:\WINDOWS
21:44:04.0656 0x06b4 System windows directory: C:\WINDOWS
21:44:04.0656 0x06b4 Processor architecture: Intel x86
21:44:04.0656 0x06b4 Number of processors: 2
21:44:04.0656 0x06b4 Page size: 0x1000
21:44:04.0656 0x06b4 Boot type: Normal boot
21:44:04.0656 0x06b4 ============================================================
21:44:13.0015 0x06b4 System UUID: {FB84E76C-F2D1-94AF-2852-40E899D23A06}
21:44:13.0609 0x06b4 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
21:44:13.0625 0x06b4 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
21:44:13.0640 0x06b4 Drive \Device\Harddisk2\DR2 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
21:44:13.0671 0x06b4 ============================================================
21:44:13.0671 0x06b4 \Device\Harddisk0\DR0:
21:44:13.0671 0x06b4 MBR partitions:
21:44:13.0671 0x06b4 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xDF8F8C1
21:44:13.0671 0x06b4 \Device\Harddisk1\DR1:
21:44:13.0671 0x06b4 MBR partitions:
21:44:13.0671 0x06b4 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982
21:44:13.0671 0x06b4 \Device\Harddisk2\DR2:
21:44:13.0671 0x06b4 MBR partitions:
21:44:13.0671 0x06b4 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02
21:44:13.0671 0x06b4 ============================================================
21:44:13.0703 0x06b4 C: <-> \Device\Harddisk1\DR1\Partition1
21:44:13.0734 0x06b4 D: <-> \Device\Harddisk2\DR2\Partition1
21:44:13.0765 0x06b4 F: <-> \Device\Harddisk0\DR0\Partition1
21:44:13.0765 0x06b4 ============================================================
21:44:13.0765 0x06b4 Initialize success
21:44:13.0765 0x06b4 ============================================================
21:44:22.0781 0x0e50 ============================================================
21:44:22.0781 0x0e50 Scan started
21:44:22.0781 0x0e50 Mode: Manual;
21:44:22.0781 0x0e50 ============================================================
21:44:22.0781 0x0e50 KSN ping started
21:44:25.0359 0x0e50 KSN ping finished: true
21:44:26.0203 0x0e50 ================ Scan system memory ========================
21:44:26.0203 0x0e50 System memory - ok
21:44:26.0203 0x0e50 ================ Scan services =============================
21:44:26.0312 0x0e50 Abiosdsk - ok
21:44:26.0312 0x0e50 abp480n5 - ok
21:44:26.0375 0x0e50 [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE803914C572B1DCC43C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
21:44:26.0375 0x0e50 ACPI - ok
21:44:26.0546 0x0e50 [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
21:44:26.0562 0x0e50 ACPIEC - ok
21:44:26.0718 0x0e50 [ 802A0E6308BAF3A61F1250B46BCFE20E, E9631C94C48AB1EDA222B37019AFBA8BDBA7121FD3C16739B991C7211B5B498F ] ACT! Scheduler C:\Program Files\ACT\Act for Windows\Act.Scheduler.exe
21:44:26.0718 0x0e50 ACT! Scheduler - ok
21:44:26.0828 0x0e50 [ 3109B16A0939BA11696EEB04F345D099, 8863EFE3631F0F4D8F6BAE804DBB01564FF2969D53393B2887F682427C289B25 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
21:44:26.0828 0x0e50 AdobeFlashPlayerUpdateSvc - ok
21:44:26.0843 0x0e50 adpu160m - ok
21:44:26.0906 0x0e50 [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec C:\WINDOWS\system32\drivers\aec.sys
21:44:26.0906 0x0e50 aec - ok
21:44:26.0968 0x0e50 [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD C:\WINDOWS\System32\drivers\afd.sys
21:44:26.0968 0x0e50 AFD - ok
21:44:27.0015 0x0e50 [ 65C0CF9924B9017A581C396CFFFBBC9D, 6F132C716FD6F89DB7B10D933E74A1B9304811C1D4FE15AEBC960BCD7173FA45 ] Agent C:\WINDOWS\VPDAgent.exe
21:44:27.0031 0x0e50 Agent - ok
21:44:27.0046 0x0e50 [ 08FD04AA961BDC77FB983F328334E3D7, A784EC8A9EDB579262366B5A9AB177DB7BEC0A421BDE85431D0AD4959D5AF5E7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
21:44:27.0046 0x0e50 agp440 - ok
21:44:27.0062 0x0e50 Aha154x - ok
21:44:27.0062 0x0e50 aic78u2 - ok
21:44:27.0078 0x0e50 aic78xx - ok
21:44:27.0093 0x0e50 [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
21:44:27.0093 0x0e50 Alerter - ok
21:44:27.0125 0x0e50 [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] ALG C:\WINDOWS\System32\alg.exe
21:44:27.0125 0x0e50 ALG - ok
21:44:27.0125 0x0e50 AliIde - ok
21:44:27.0140 0x0e50 amsint - ok
21:44:27.0250 0x0e50 [ 4FE5C6D40664AE07BE5105874357D2ED, 70DD05EE80B77EB2F781E0919885D1BBB1119EA1A8955935AF5AECD05E30F14A ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:44:27.0250 0x0e50 Apple Mobile Device - ok
21:44:27.0281 0x0e50 [ D8849F77C0B66226335A59D26CB4EDC6, 4990031453204C57E36E850252A39B05D6ECDAB9E71A8136FB4900F17E59C9CA ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
21:44:27.0296 0x0e50 AppMgmt - ok
21:44:27.0328 0x0e50 [ B5B8A80875C1DEDEDA8B02765642C32F, AD0C71D73B1B8225351FBF4FFB43001A32B4DAE69504C59970CD2428BB33D4EF ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
21:44:27.0328 0x0e50 Arp1394 - ok
21:44:27.0343 0x0e50 asc - ok
21:44:27.0343 0x0e50 asc3350p - ok
21:44:27.0359 0x0e50 asc3550 - ok
21:44:27.0484 0x0e50 [ 776ACEFA0CA9DF0FAA51A5FB2F435705, 72DF7ED6B085BC468994F5B3189506FD726A9A17A9C42ACA1E420D787691361D ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
21:44:27.0500 0x0e50 aspnet_state - ok
21:44:27.0562 0x0e50 [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
21:44:27.0562 0x0e50 AsyncMac - ok
21:44:27.0578 0x0e50 [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
21:44:27.0578 0x0e50 atapi - ok
21:44:27.0578 0x0e50 Atdisk - ok
21:44:27.0640 0x0e50 [ BBA22521D24625C7A7B8D57FB20A812E, DD8A296F98893A7FF2201F814556188F046BD529150771AA474DFE5ABD9AD2D6 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
21:44:27.0671 0x0e50 Ati HotKey Poller - ok
21:44:27.0734 0x0e50 [ B979BA0120B6DB757196A8E2E873FE3C, 4F4CCD1D07485A53CA3ECEB10E029102BBE9946A15C7B67840E64D352808A0CA ] ATI Smart C:\WINDOWS\system32\ati2sgag.exe
21:44:27.0750 0x0e50 ATI Smart - ok
21:44:27.0875 0x0e50 [ 07AC9A98EA70B5A6655A5797174BD282, 95FE05144A51FC4E3FB75F8C9BA45A9FD0F482A81451102037F72F4D60D8E13B ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
21:44:27.0906 0x0e50 ati2mtag - ok
21:44:27.0968 0x0e50 [ A7A01B907DB63898D40B0A14248FF9A2, 98ADA36661765A46942859AAAE8F71B9B09728D77717EB4175E66AD2A727437D ] atinrvxx C:\WINDOWS\system32\DRIVERS\atinrvxx.sys
21:44:27.0968 0x0e50 atinrvxx - ok
21:44:28.0000 0x0e50 [ EDD66332608D27F4FD5069BCD0BC5164, C5C70130C69524162458B6B778145542A1DE9E9AF5EB57C17DDC4C4D2701AD39 ] ATITUNEP C:\WINDOWS\system32\DRIVERS\atintuxx.sys
21:44:28.0000 0x0e50 ATITUNEP - ok
21:44:28.0031 0x0e50 [ DA36687D701C833430605A298731410B, 6B2D9281B11985BC584E87B8325519E3A5556CFE67F21341D4F006BDFE71608C ] ativraxx C:\WINDOWS\system32\DRIVERS\atinraxx.sys
21:44:28.0031 0x0e50 ativraxx - ok
21:44:28.0062 0x0e50 [ 77B575D7AAB35D5908AE6CE681608D62, CB62179A98D97D56BDC2F0E56C45671E3CDA842283EA7404FACBFBC8599F9FC8 ] ATIXSAudio C:\WINDOWS\system32\DRIVERS\atinxsxx.sys
21:44:28.0078 0x0e50 ATIXSAudio - ok
21:44:28.0093 0x0e50 [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
21:44:28.0093 0x0e50 Atmarpc - ok
21:44:28.0125 0x0e50 [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
21:44:28.0140 0x0e50 AudioSrv - ok
21:44:28.0171 0x0e50 [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
21:44:28.0171 0x0e50 audstub - ok
21:44:28.0187 0x0e50 AVGIDSDriver - ok
21:44:28.0203 0x0e50 AVGIDSEH - ok
21:44:28.0203 0x0e50 AVGIDSFilter - ok
21:44:28.0218 0x0e50 AVGIDSShim - ok
21:44:28.0234 0x0e50 Avgldx86 - ok
21:44:28.0234 0x0e50 Avgmfx86 - ok
21:44:28.0250 0x0e50 Avgrkx86 - ok
21:44:28.0250 0x0e50 Avgtdix - ok
21:44:28.0296 0x0e50 [ C760DB4EBFED4409638070B1BEBE6C34, A23E15D075891F946A4073E13F3B34B2071ABAD79E5A2FE9C7A1571F5D9BB9F8 ] avgtp C:\WINDOWS\system32\drivers\avgtpx86.sys
21:44:28.0296 0x0e50 avgtp - ok
21:44:28.0328 0x0e50 [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys
21:44:28.0328 0x0e50 Beep - ok
21:44:28.0390 0x0e50 [ 574738F61FCA2935F5265DC4E5691314, 3C7CCF064397186C3A3863DD2370AB6414A61B330097DCA4F299CA7BBAA3D1B4 ] BITS C:\WINDOWS\system32\qmgr.dll
21:44:28.0406 0x0e50 BITS - ok
21:44:28.0453 0x0e50 [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] Browser C:\WINDOWS\System32\browser.dll
21:44:28.0453 0x0e50 Browser - ok
21:44:28.0531 0x0e50 [ 92A964547B96D697E5E9ED43B4297F5A, 01A84802B68253FF093EAFED5B85DE716BB85EBD080D92D4814B6FB39286CD24 ] BrScnUsb C:\WINDOWS\system32\DRIVERS\BrScnUsb.sys
21:44:28.0531 0x0e50 BrScnUsb - ok
21:44:28.0562 0x0e50 [ A975187F3C8867F8D00A698A5282672B, E1F54AECE29CEF6626B5BF065C73D54212A689256EF96A13C059E856CDE22085 ] CbFs C:\WINDOWS\system32\drivers\cbfs.sys
21:44:28.0578 0x0e50 CbFs - ok
21:44:28.0593 0x0e50 [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
21:44:28.0593 0x0e50 cbidf2k - ok
21:44:28.0640 0x0e50 [ 0BE5AEF125BE881C4F854C554F2B025C, 1770DD70B3F115A0EF460907DEDC1E4B7241C08615A98F194D61A49C3E2BAA54 ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
21:44:28.0640 0x0e50 CCDECODE - ok
21:44:28.0640 0x0e50 cd20xrnt - ok
21:44:28.0687 0x0e50 [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
21:44:28.0687 0x0e50 Cdaudio - ok
21:44:28.0718 0x0e50 [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
21:44:28.0718 0x0e50 Cdfs - ok
21:44:28.0750 0x0e50 [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
21:44:28.0750 0x0e50 Cdrom - ok
21:44:28.0750 0x0e50 Changer - ok
21:44:28.0781 0x0e50 [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7AC9D07319F1726 ] CiSvc C:\WINDOWS\system32\cisvc.exe
21:44:28.0781 0x0e50 CiSvc - ok
21:44:28.0796 0x0e50 [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA8628CD4572CC9A43 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
21:44:28.0796 0x0e50 ClipSrv - ok
21:44:28.0875 0x0e50 [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:44:28.0937 0x0e50 clr_optimization_v2.0.50727_32 - ok
21:44:28.0953 0x0e50 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:44:28.0984 0x0e50 clr_optimization_v4.0.30319_32 - ok
21:44:29.0000 0x0e50 CmdIde - ok
21:44:29.0046 0x0e50 [ C87684620CD1AE8B833C1B97F5506931, 7308A4C6EC9A2DB63632F12B457A16DC28CFFBF62D7E45AA325FAB3CA0333A80 ] COMMONFX.DLL C:\WINDOWS\system32\COMMONFX.DLL
21:44:29.0046 0x0e50 COMMONFX.DLL - ok
21:44:29.0046 0x0e50 COMSysApp - ok
21:44:29.0062 0x0e50 Cpqarray - ok
21:44:29.0375 0x0e50 cpuz132 - ok
21:44:29.0468 0x0e50 [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
21:44:29.0468 0x0e50 CryptSvc - ok
21:44:29.0531 0x0e50 [ 71C8899FC61309E4233D66F33C8B07B0, 68882A9259C8756BAB98453A630E2E96E94387F98C765CCEE553854A27D1D950 ] CT20XUT.DLL C:\WINDOWS\system32\CT20XUT.DLL
21:44:29.0546 0x0e50 CT20XUT.DLL - ok
21:44:29.0609 0x0e50 [ FB06BB39860340C6FA84867F0288D1DD, A334E0DCAC9B44FD5911840BC3D34FE943C9F41A943DCE8770E1D4E9D5752DDD ] ctac32k C:\WINDOWS\system32\drivers\ctac32k.sys
21:44:29.0625 0x0e50 ctac32k - ok
21:44:29.0671 0x0e50 [ B810FA12CF726B200E057834EAEBB1AC, 7536C1FA2B332DA7ACA71E50ECE18170359B5703E0BDA9331DC4C738F3149511 ] ctaud2k C:\WINDOWS\system32\drivers\ctaud2k.sys
21:44:29.0703 0x0e50 ctaud2k - ok
21:44:29.0718 0x0e50 [ EB9B1F0EB965C6F4E10DC3A4F4B32A6B, E73F2742CFE95A201F665113BA121D696F36798167C191821BCC4B5A87ED8D19 ] CTAUDFX.DLL C:\WINDOWS\system32\CTAUDFX.DLL
21:44:29.0734 0x0e50 CTAUDFX.DLL - ok
21:44:29.0781 0x0e50 [ C4333325D325EFA668888D0D3177C6FF, 71BBA3BFD8B97D7D98DC9A1339E0707FB7081AF428C05060BE7D24782602659B ] ctdvda2k C:\WINDOWS\system32\drivers\ctdvda2k.sys
21:44:29.0812 0x0e50 ctdvda2k - ok
21:44:29.0843 0x0e50 [ 6D463E3473A09EB9772D9512FFEA7E8A, 80F0CBFF90DE78E0ACA52662D4E1F6A6CC3019BC2B157E755B3B6EF038A57FA5 ] CTEAPSFX.DLL C:\WINDOWS\system32\CTEAPSFX.DLL
21:44:29.0843 0x0e50 CTEAPSFX.DLL - ok
21:44:29.0890 0x0e50 [ 4FBE0B52297F9E0F001E470D6A213F4A, 6F99B0C636C2BDC593E71021E0354B9ABEFC01672326352858C9EA2CD3FCD576 ] CTEDSPFX.DLL C:\WINDOWS\system32\CTEDSPFX.DLL
21:44:29.0921 0x0e50 CTEDSPFX.DLL - ok
21:44:29.0937 0x0e50 [ E80548B835C9EEC32E05DB2E89FC812D, 537ADF7FDD5C92EFE7A4B6C973CA3E6202BF0A220C1DCCB20D128EC58160CAA6 ] CTEDSPIO.DLL C:\WINDOWS\system32\CTEDSPIO.DLL
21:44:29.0937 0x0e50 CTEDSPIO.DLL - ok
21:44:29.0968 0x0e50 [ A51BD797FF213A37BB5110F0966C8D22, D7BE1ECEB38ECED19D1D4B257E2B87B23407578F52148063C0B8CCD8633A9D18 ] CTEDSPSY.DLL C:\WINDOWS\system32\CTEDSPSY.DLL
21:44:30.0000 0x0e50 CTEDSPSY.DLL - ok
21:44:30.0000 0x0e50 CTERFXFX.DLL - ok
21:44:30.0078 0x0e50 [ 053E9C1CF766A57EFFA6C6240D8F8479, BA5C05FC978FACEE65882C79A92E267BE58CB6AF3AA72ED75F9BB2FEF6D0FCCE ] CTEXFIFX.DLL C:\WINDOWS\system32\CTEXFIFX.DLL
21:44:30.0140 0x0e50 CTEXFIFX.DLL - ok
21:44:30.0171 0x0e50 [ 14C514F2A0A9C339D84BBD82042D9A7A, 45A27433908058E299B01B525FA0541C084DD25A0832EE4CDD40273F1FE1E46E ] CTHWIUT.DLL C:\WINDOWS\system32\CTHWIUT.DLL
21:44:30.0171 0x0e50 CTHWIUT.DLL - ok
21:44:30.0203 0x0e50 [ 1FA95C8CF34B9911E352A07EA7A200FC, 38EE4B68421E3B2A902BFB15B51EC63F21B47041B2AB3D851F572A6B1F732BAB ] ctprxy2k C:\WINDOWS\system32\drivers\ctprxy2k.sys
21:44:30.0203 0x0e50 ctprxy2k - ok
21:44:30.0234 0x0e50 [ 3EB698774A5817034B50D99C60CED637, 6AF5283E92D8858B73CC17B4CFFADCAB196760B213F7CB1601F99CE41668865F ] CTSBLFX.DLL C:\WINDOWS\system32\CTSBLFX.DLL
21:44:30.0250 0x0e50 CTSBLFX.DLL - ok
21:44:30.0296 0x0e50 [ 400CB754B91F73BEE2655686A57269D2, 79AC33E04DAA2AEFBA4B276586F1268CA6EF3589527FC1D922F6AA340D3DFA41 ] ctsfm2k C:\WINDOWS\system32\drivers\ctsfm2k.sys
21:44:30.0312 0x0e50 ctsfm2k - ok
21:44:30.0312 0x0e50 dac2w2k - ok
21:44:30.0328 0x0e50 dac960nt - ok
21:44:30.0390 0x0e50 [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
21:44:30.0406 0x0e50 DcomLaunch - ok
21:44:30.0468 0x0e50 [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
21:44:30.0484 0x0e50 Dhcp - ok
21:44:30.0546 0x0e50 [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
21:44:30.0546 0x0e50 Disk - ok
21:44:30.0578 0x0e50 [ 1D95D36DB805787D54EB50E45ED4AF40, F5E4DCB0CAE8A16434BBB8D801D031EFAA0C182CE70B722A1C0EAB84211DCE88 ] DLPORTIO C:\WINDOWS\DLPORTIO.sys
21:44:30.0593 0x0e50 DLPORTIO - ok
21:44:30.0593 0x0e50 dmadmin - ok
21:44:30.0656 0x0e50 [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B5714AA045545C9B99 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
21:44:30.0687 0x0e50 dmboot - ok
21:44:30.0718 0x0e50 [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C57AB73DAED8CCDE ] dmio C:\WINDOWS\system32\drivers\dmio.sys
21:44:30.0734 0x0e50 dmio - ok
21:44:30.0750 0x0e50 [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys
21:44:30.0750 0x0e50 dmload - ok
21:44:30.0765 0x0e50 [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] dmserver C:\WINDOWS\System32\dmserver.dll
21:44:30.0765 0x0e50 dmserver - ok
21:44:30.0796 0x0e50 [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
21:44:30.0796 0x0e50 DMusic - ok
21:44:30.0843 0x0e50 [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
21:44:30.0843 0x0e50 Dnscache - ok
21:44:30.0875 0x0e50 [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D4928DA710F8BFBA3 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
21:44:30.0890 0x0e50 Dot3svc - ok
21:44:30.0906 0x0e50 dpti2o - ok
21:44:30.0921 0x0e50 [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
21:44:30.0921 0x0e50 drmkaud - ok
21:44:30.0937 0x0e50 [ 1FC1EED3EA0C3A0ECF8A95B97E1B4831, 162CA60AFEEB45C45BA986D21660F23CF2432645993D4FAB8C8AE27CE40DA9AF ] dvd43llh C:\WINDOWS\system32\DRIVERS\dvd43llh.sys
21:44:30.0937 0x0e50 dvd43llh - ok
21:44:30.0968 0x0e50 [ D94437E7EE086677B266099F695CDEA1, 16FBD82CCCD9212A81DF5F344259A588CEACEEDC752B9A8F48C7F9541DE4CCA3 ] E1000 C:\WINDOWS\system32\DRIVERS\e1000325.sys
21:44:30.0984 0x0e50 E1000 - ok
21:44:31.0015 0x0e50 [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B143A253CF2508CFD ] EapHost C:\WINDOWS\System32\eapsvc.dll
21:44:31.0015 0x0e50 EapHost - ok
21:44:31.0046 0x0e50 [ 7BB488EC082D40645936D9E583F560DC, DD7C4B844EAAA40B91AD19419E27CDE55E3A5D465BC6ECBD0DF20F81588DE3C7 ] emupia C:\WINDOWS\system32\drivers\emupia2k.sys
21:44:31.0046 0x0e50 emupia - ok
21:44:31.0093 0x0e50 [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] ERSvc C:\WINDOWS\System32\ersvc.dll
21:44:31.0093 0x0e50 ERSvc - ok
21:44:31.0156 0x0e50 [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] Eventlog C:\WINDOWS\system32\services.exe
21:44:31.0171 0x0e50 Eventlog - ok
21:44:31.0218 0x0e50 [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] EventSystem C:\WINDOWS\system32\es.dll
21:44:31.0234 0x0e50 EventSystem - ok
21:44:31.0281 0x0e50 [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
21:44:31.0296 0x0e50 Fastfat - ok
21:44:31.0343 0x0e50 [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
21:44:31.0343 0x0e50 FastUserSwitchingCompatibility - ok
21:44:31.0359 0x0e50 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
21:44:31.0359 0x0e50 Fdc - ok
21:44:31.0406 0x0e50 [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] Fips C:\WINDOWS\system32\drivers\Fips.sys
21:44:31.0406 0x0e50 Fips - ok
21:44:31.0515 0x0e50 [ BB0667B0171B632B97EA759515476F07, 07A123B2182D5813D2898928C231638353CF086606E9D5A5AF4A2A73E17CEC27 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
21:44:31.0562 0x0e50 FLEXnet Licensing Service - ok
21:44:31.0609 0x0e50 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
21:44:31.0609 0x0e50 Flpydisk - ok
21:44:31.0656 0x0e50 [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
21:44:31.0656 0x0e50 FltMgr - ok
21:44:31.0765 0x0e50 [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
21:44:31.0781 0x0e50 FontCache3.0.0.0 - ok
21:44:31.0812 0x0e50 [ C6EE3A87FE609D3E1DB9DBD072A248DE, 9C2189FA09A9E1DC39F9AB8F0C9C0B44BE0E11FC3165BCD0813DFA85EA62907C ] fssfltr C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys
21:44:31.0812 0x0e50 fssfltr - ok
21:44:31.0937 0x0e50 [ 45B52394F9624237F33A8A3D73C0B221, AC3E26F9D0E8A91164C54E87C9C8BFCF824A14C80D4CEF3255C6127A482F25FE ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
21:44:31.0984 0x0e50 fsssvc - ok
21:44:32.0000 0x0e50 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
21:44:32.0015 0x0e50 Fs_Rec - ok
21:44:32.0015 0x0e50 [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
21:44:32.0031 0x0e50 Ftdisk - ok
21:44:32.0062 0x0e50 [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
21:44:32.0062 0x0e50 GEARAspiWDM - ok
21:44:32.0078 0x0e50 [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
21:44:32.0078 0x0e50 Gpc - ok
21:44:32.0171 0x0e50 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
21:44:32.0171 0x0e50 gupdate - ok
21:44:32.0187 0x0e50 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
21:44:32.0187 0x0e50 gupdatem - ok
21:44:32.0234 0x0e50 [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
21:44:32.0250 0x0e50 gusvc - ok
21:44:32.0296 0x0e50 [ 9BB84B1DFF8BCE7FDDDEA746F6819FCF, E1FCAD260744DF4CCABC71044D28458B0FB8AA4FFF525D8D14488635C51C2D5F ] ha10kx2k C:\WINDOWS\system32\drivers\ha10kx2k.sys
21:44:32.0328 0x0e50 ha10kx2k - ok
21:44:32.0375 0x0e50 [ 1418833169B29780FBDAB127623B8767, 9F49DBCDEAD423B3D52FBAA61B7378DF79D87AE05C59EB8A6EA3F11827D6F1CA ] hap16v2k C:\WINDOWS\system32\drivers\hap16v2k.sys
21:44:32.0375 0x0e50 hap16v2k - ok
21:44:32.0406 0x0e50 [ 8B3148391DC121D96D513785D588E75B, 2B431D67F52A4898CCD77EF52986B93D63438054858601CF912080A27C315547 ] hap17v2k C:\WINDOWS\system32\drivers\hap17v2k.sys
21:44:32.0421 0x0e50 hap17v2k - ok
21:44:32.0500 0x0e50 [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
21:44:32.0500 0x0e50 helpsvc - ok
21:44:32.0531 0x0e50 [ DEB04DA35CC871B6D309B77E1443C796, F66A15C9528D661940F1F4CA453B3E95036D68C74C3B8AB53644211DBD3D2F32 ] HidServ C:\WINDOWS\System32\hidserv.dll
21:44:32.0531 0x0e50 HidServ - ok
21:44:32.0546 0x0e50 [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
21:44:32.0546 0x0e50 HidUsb - ok
21:44:32.0593 0x0e50 [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B7922AD946597E2 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
21:44:32.0593 0x0e50 hkmsvc - ok
21:44:32.0593 0x0e50 hpn - ok
21:44:32.0625 0x0e50 [ D03D10F7DED688FECF50F8FBF1EA9B8A, C19A733571BA831E24EE45EDB730FFFDBA22638F138A32A794BEAB8D8B71D8DD ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
21:44:32.0625 0x0e50 HPZid412 - ok
21:44:32.0640 0x0e50 [ 89F41658929393487B6B7D13C8528CE3, 5D06A11225A83F3F33417148BE53654080C88BFA876FEB486A7E43410AC99F23 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
21:44:32.0640 0x0e50 HPZipr12 - ok
21:44:32.0656 0x0e50 [ ABCB05CCDBF03000354B9553820E39F8, 6361B5A57CDE23AC5E987ACECF3BEE7AD51134C6E5BF4F833E512C9BC4B86877 ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
21:44:32.0656 0x0e50 HPZius12 - ok
21:44:32.0703 0x0e50 [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
21:44:32.0718 0x0e50 HTTP - ok
21:44:32.0781 0x0e50 [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
21:44:32.0781 0x0e50 HTTPFilter - ok
21:44:32.0781 0x0e50 i2omgmt - ok
21:44:32.0796 0x0e50 i2omp - ok
21:44:32.0843 0x0e50 [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
21:44:32.0843 0x0e50 i8042prt - ok
21:44:32.0921 0x0e50 [ DA58A8BE6A445835F603720C4BC8837E, 3B73ECB8A4E3BCD15822F8FB794F0F2D3D6F118C7C59B68C82E1CCDC5D242F2E ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
21:44:32.0968 0x0e50 ialm - ok
21:44:33.0062 0x0e50 [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:44:33.0093 0x0e50 idsvc - ok
21:44:33.0171 0x0e50 [ DB3C22745C0DA4666F3BE31F1AF36B2F, 2FE9A0F157AF9FB3CA03B8D4E706213E63E388206A8C04EF4A84E0D7A364A3A6 ] IISADMIN C:\WINDOWS\system32\inetsrv\inetinfo.exe
21:44:33.0171 0x0e50 IISADMIN - ok
21:44:33.0187 0x0e50 [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
21:44:33.0187 0x0e50 Imapi - ok
21:44:33.0234 0x0e50 [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] ImapiService C:\WINDOWS\system32\imapi.exe
21:44:33.0250 0x0e50 ImapiService - ok
21:44:33.0265 0x0e50 ini910u - ok
21:44:33.0281 0x0e50 [ B5466A9250342A7AA0CD1FBA13420678, 87E735C4E8924A883AB692D387A83BCBFAE6E165688336AE7AB488F7CA8D339E ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
21:44:33.0281 0x0e50 IntelIde - ok
21:44:33.0312 0x0e50 [ 8C953733D8F36EB2133F5BB58808B66B, 555868F246D73652E998B0B1296476E42FCEDED30D646CC000F31ECE4EBC25E6 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
21:44:33.0328 0x0e50 intelppm - ok
21:44:33.0437 0x0e50 [ 3DC635B66DD7412E1C9C3A77B8D78F25, D3894065DA2D08744863ECC5EE9027A0E39711A6A56AAB599F1CAF4BB996F42A ] IntuitUpdateService C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
21:44:33.0453 0x0e50 IntuitUpdateService - ok
21:44:33.0515 0x0e50 [ D9DA7B3117BF5EFF921C0CDED4D58050, D51A2AFC0E310C5A0EE1540A9E6353F5F7C9E76711187FAD91EEB0B3254EE935 ] IntuitUpdateServiceV4 C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
21:44:33.0515 0x0e50 IntuitUpdateServiceV4 - ok
21:44:33.0546 0x0e50 [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
21:44:33.0546 0x0e50 Ip6Fw - ok
21:44:33.0562 0x0e50 [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
21:44:33.0578 0x0e50 IpFilterDriver - ok
21:44:33.0593 0x0e50 [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
21:44:33.0593 0x0e50 IpInIp - ok
21:44:33.0625 0x0e50 [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
21:44:33.0640 0x0e50 IpNat - ok
21:44:33.0718 0x0e50 [ D8B8B5A8FE57CF4F307A540D9A153C23, 1C5AA5C29204A90D11FF40A5DD5967CC7195F5C4ACD7E41CB94C230A7DFD459D ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
21:44:33.0750 0x0e50 iPod Service - ok
21:44:33.0765 0x0e50 [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
21:44:33.0765 0x0e50 IPSec - ok
21:44:33.0812 0x0e50 [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
21:44:33.0812 0x0e50 IRENUM - ok
21:44:33.0828 0x0e50 [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B3586917166C2DC ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
21:44:33.0828 0x0e50 isapnp - ok
21:44:33.0906 0x0e50 [ A12175F063302CD68F8FC6D572D7E5FD, 1FCDBBC169A5137DA97B90F6593B8BB3B49D7AD55BE8AFAD763F4FE1D2D4A76C ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
21:44:33.0921 0x0e50 JavaQuickStarterService - ok
21:44:33.0937 0x0e50 [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
21:44:33.0937 0x0e50 Kbdclass - ok
21:44:33.0953 0x0e50 [ 9EF487A186DEA361AA06913A75B3FA99, B94EBA4EC6D85E11C81AF9927E9EF0AF2E6FE134CFF1FDB0535B7C5A794B4261 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
21:44:33.0953 0x0e50 kbdhid - ok
21:44:33.0984 0x0e50 [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
21:44:33.0984 0x0e50 kmixer - ok
21:44:34.0015 0x0e50 [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
21:44:34.0015 0x0e50 KSecDD - ok
21:44:34.0046 0x0e50 [ 0F8B7BF7097D1E8D78F2F52A2BEA03CD, 62E92E7D1C523E6C16DA42D7E4B86B2E02665B63387484867FFDE9AC4712075A ] L8042PR2 C:\WINDOWS\system32\Drivers\l8042pr2.sys
21:44:34.0046 0x0e50 L8042PR2 - ok
21:44:34.0093 0x0e50 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
21:44:34.0093 0x0e50 lanmanserver - ok
21:44:34.0140 0x0e50 [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
21:44:34.0140 0x0e50 lanmanworkstation - ok
21:44:34.0156 0x0e50 lbrtfdc - ok
21:44:34.0187 0x0e50 [ 8D26E30C111288F6F12E1903ADDDD3FB, DCDBA14EC2B2A012D33A343C881A22C54F44FC9B3880F53F71637B2EFE1F7F5A ] LCcfltr C:\WINDOWS\system32\Drivers\LCcFltr.Sys
21:44:34.0187 0x0e50 LCcfltr - ok
21:44:34.0203 0x0e50 [ 3C357DFDBBF2B4B01AA4B9C8A26E4416, 0E23BFFFC16BD1B5EC3D1D97747FAF7C060D0D494D508F1278D104A74B1ED9E9 ] LHidFlt2 C:\WINDOWS\system32\DRIVERS\LHidFlt2.Sys
21:44:34.0203 0x0e50 LHidFlt2 - ok
21:44:34.0218 0x0e50 [ FFB851B1B2F6596B7D3182B977A85206, CD8D3C791694D5D910188B47A2455AA01753D768414A29CCF9F0C411F43D002D ] LHidUsb C:\WINDOWS\system32\Drivers\LHidUsb.Sys
21:44:34.0218 0x0e50 LHidUsb - ok
21:44:34.0250 0x0e50 [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
21:44:34.0265 0x0e50 LmHosts - ok
21:44:34.0265 0x0e50 [ AEF09673376A4D93C09E8341854F1BF4, A760244ABE5801AB4BEA91702F7926943DBEAC46311D50DAB8C635338585AFD5 ] LMouFlt2 C:\WINDOWS\system32\Drivers\LMouFlt2.sys
21:44:34.0265 0x0e50 LMouFlt2 - ok
21:44:34.0281 0x0e50 lxcj_device - ok
21:44:34.0296 0x0e50 [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] Messenger C:\WINDOWS\System32\msgsvc.dll
21:44:34.0312 0x0e50 Messenger - ok
21:44:34.0437 0x0e50 [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
21:44:34.0437 0x0e50 Microsoft Office Groove Audit Service - ok
21:44:34.0453 0x0e50 [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
21:44:34.0453 0x0e50 mnmdd - ok
21:44:34.0515 0x0e50 [ D18F1F0C101D06A1C1ADF26EED16FCDD, BA0837C7780BD8262E143E2935AFA63BE59C3C39EF56CB8608EED0F50AF070D4 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
21:44:34.0515 0x0e50 mnmsrvc - ok
21:44:34.0531 0x0e50 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] Modem C:\WINDOWS\system32\drivers\Modem.sys
21:44:34.0531 0x0e50 Modem - ok
21:44:34.0531 0x0e50 [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
21:44:34.0546 0x0e50 Mouclass - ok
21:44:34.0562 0x0e50 [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
21:44:34.0562 0x0e50 mouhid - ok
21:44:34.0578 0x0e50 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
21:44:34.0578 0x0e50 MountMgr - ok
21:44:34.0625 0x0e50 [ CB8AF049AC9BE419A77ADAE288673359, 57C27A81C09BBEE532D5907D3FACE1B6CBA64D12C33E93582B45FB12DDF41748 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
21:44:34.0640 0x0e50 MozillaMaintenance - ok
21:44:34.0640 0x0e50 mraid35x - ok
21:44:34.0687 0x0e50 [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
21:44:34.0703 0x0e50 MRxDAV - ok
21:44:34.0750 0x0e50 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
21:44:34.0765 0x0e50 MRxSmb - ok
21:44:34.0781 0x0e50 [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F616301B30B858C724E8 ] MSDTC C:\WINDOWS\system32\msdtc.exe
21:44:34.0781 0x0e50 MSDTC - ok
21:44:34.0812 0x0e50 [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
21:44:34.0812 0x0e50 Msfs - ok
21:44:34.0828 0x0e50 MSIServer - ok
21:44:34.0859 0x0e50 [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
21:44:34.0859 0x0e50 MSKSSRV - ok
21:44:34.0890 0x0e50 [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
21:44:34.0890 0x0e50 MSPCLOCK - ok
21:44:34.0906 0x0e50 [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
21:44:34.0906 0x0e50 MSPQM - ok
21:44:34.0937 0x0e50 [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
21:44:34.0937 0x0e50 mssmbios - ok
21:44:35.0015 0x0e50 MSSQL$ACT7 - ok
21:44:35.0109 0x0e50 [ 8E8E74C953EB0C4F8828D99D6F27FD6F, 94AFB1B09A6E92302D29B3C563B1744CECC5F5487418962BE537B7C57717CA42 ] MSSQLServerADHelper100 C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
21:44:35.0125 0x0e50 MSSQLServerADHelper100 - ok
21:44:35.0140 0x0e50 [ E53736A9E30C45FA9E7B5EAC55056D1D, 38602F280BF69EBA3706AD175AFC1AEB561A8302B4B61E3FECB3C27D7A9BDB41 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
21:44:35.0140 0x0e50 MSTEE - ok
21:44:35.0171 0x0e50 [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
21:44:35.0171 0x0e50 Mup - ok
21:44:35.0218 0x0e50 [ 2893B158FC5D98A42D0B2F4D7C22C788, 35ED7EE9539BFBD59F979B439ACF69826E2CCB43E7877F7BEC70E8F459EA3300 ] MusCAudio C:\WINDOWS\system32\drivers\MusCAudio.sys
21:44:35.0218 0x0e50 MusCAudio - ok
21:44:35.0234 0x0e50 [ ED4C2BF8403F4437987C0BA09CF48716, C099CCCF099DC383A0FF4E82D86AA537048B9E46D097982DCFE355274952E6EB ] MVDCODEC C:\WINDOWS\system32\DRIVERS\atinmdxx.sys
21:44:35.0234 0x0e50 MVDCODEC - ok
21:44:35.0265 0x0e50 [ 5B50F1B2A2ED47D560577B221DA734DB, C16A554B6E1A7F5F98C94DFA88163E0F7426506BF2F51FD351B1A05FC0DB3BC5 ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
21:44:35.0265 0x0e50 NABTSFEC - ok
21:44:35.0312 0x0e50 [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F6785DFAABF339B09 ] napagent C:\WINDOWS\System32\qagentrt.dll
21:44:35.0328 0x0e50 napagent - ok
21:44:35.0453 0x0e50 [ 552FC8FD7EE6BC0F85DB78B52A15D9F2, AAD3BAEE58340DA951EA612703FCC4D02042E0358728A57EE3CEA5A6F6ECBCF8 ] NBService C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
21:44:35.0453 0x0e50 NBService - ok
21:44:35.0515 0x0e50 [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
21:44:35.0515 0x0e50 NDIS - ok
21:44:35.0546 0x0e50 [ 7FF1F1FD8609C149AA432F95A8163D97, 18CD1FF5AC1EF8A38D1EC53014F2BADD28D9CDF4ECE2EBC2313D08903776F323 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
21:44:35.0546 0x0e50 NdisIP - ok
21:44:35.0562 0x0e50 [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
21:44:35.0578 0x0e50 NdisTapi - ok
21:44:35.0609 0x0e50 [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
21:44:35.0609 0x0e50 Ndisuio - ok
21:44:35.0625 0x0e50 [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:44:35.0625 0x0e50 NdisWan - ok
21:44:35.0640 0x0e50 [ 9282BD12DFB069D3889EB3FCC1000A9B, 09A46F1712BD9165068D8E153585FE3E6E5CBF4F1DDEC142115555D3A91AEC09 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
21:44:35.0640 0x0e50 NDProxy - ok
21:44:35.0703 0x0e50 [ 4B41C38960BFFF839ED9E52780C1F2B3, 0DB9AD6376AE61972C624534AB380D73DF2054C66ECAA7C925761553605F38A7 ] Neat Startup Service C:\Program Files\Neat\exec\NeatStartupService.exe
21:44:35.0703 0x0e50 Neat Startup Service - ok
21:44:35.0859 0x0e50 [ 0FF3C6AA3E0FE0EB316DF5449B569463, 7EDB0349F5E4714368EB27667385FF7B935D6C050E7E45C25E792D9825082C52 ] Nero BackItUp Scheduler 4.0 C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
21:44:35.0937 0x0e50 Nero BackItUp Scheduler 4.0 - ok
21:44:36.0000 0x0e50 [ 69C503C004F49AEE8B8E3067CC047BA7, 0E7A2FB0CC7669E6400EDA4D2220BBB1A85CF3D3529739DA5AE2C073FFA08313 ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll
21:44:36.0000 0x0e50 Net Driver HPZ12 - ok
21:44:36.0015 0x0e50 [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
21:44:36.0015 0x0e50 NetBIOS - ok
21:44:36.0046 0x0e50 [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
21:44:36.0062 0x0e50 NetBT - ok
21:44:36.0109 0x0e50 [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDE C:\WINDOWS\system32\netdde.exe
21:44:36.0125 0x0e50 NetDDE - ok
21:44:36.0140 0x0e50 [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
21:44:36.0140 0x0e50 NetDDEdsdm - ok
21:44:36.0156 0x0e50 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] Netlogon C:\WINDOWS\system32\lsass.exe
21:44:36.0156 0x0e50 Netlogon - ok
21:44:36.0203 0x0e50 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] Netman C:\WINDOWS\System32\netman.dll
21:44:36.0203 0x0e50 Netman - ok
21:44:36.0296 0x0e50 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:44:36.0312 0x0e50 NetTcpPortSharing - ok
21:44:36.0328 0x0e50 [ E9E47CFB2D461FA0FC75B7A74C6383EA, 544136F5BFD4DC23D45E90F12FA48B82FD9EAEA9EAF3E0F5F0BD27E23D672C3E ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
21:44:36.0343 0x0e50 NIC1394 - ok
21:44:36.0375 0x0e50 [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] Nla C:\WINDOWS\System32\mswsock.dll
21:44:36.0390 0x0e50 Nla - ok
21:44:36.0453 0x0e50 [ 7AEA4DF1CA68FD45DD4BBE1F0243CE7F, 4CCE820F455512C41E4F98109FA6F048907DD3452D5A00D5F885C77F93C9C105 ] NMSAccess C:\Program Files\CDBurnerXP\NMSAccessU.exe
21:44:36.0453 0x0e50 NMSAccess - ok
21:44:36.0468 0x0e50 [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
21:44:36.0468 0x0e50 Npfs - ok
21:44:36.0500 0x0e50 [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
21:44:36.0531 0x0e50 Ntfs - ok
21:44:36.0546 0x0e50 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
21:44:36.0546 0x0e50 NtLmSsp - ok
21:44:36.0609 0x0e50 [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84F83FC3043FA9CD ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
21:44:36.0640 0x0e50 NtmsSvc - ok
21:44:36.0656 0x0e50 [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys
21:44:36.0656 0x0e50 Null - ok
21:44:36.0687 0x0e50 [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
21:44:36.0687 0x0e50 NwlnkFlt - ok
21:44:36.0703 0x0e50 [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
21:44:36.0703 0x0e50 NwlnkFwd - ok
21:44:36.0781 0x0e50 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:44:36.0812 0x0e50 odserv - ok
21:44:36.0843 0x0e50 [ CA33832DF41AFB202EE7AEB05145922F, 9DD0089C2E13C7F81214C3B5A4A61276292052F9BBFEA7FCD0F6AA27815D5F95 ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
21:44:36.0843 0x0e50 ohci1394 - ok
21:44:36.0890 0x0e50 [ 1D98907D80461371437A7C898C58C8AE, 1BFEAD2AC3CCA5057F19368D8B2FE53641759772051F0927BE95FDE99B17A4A1 ] omci C:\WINDOWS\system32\DRIVERS\omci.sys
21:44:36.0890 0x0e50 omci - ok
21:44:36.0921 0x0e50 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:44:36.0937 0x0e50 ose - ok
21:44:36.0953 0x0e50 [ 01E1AB8249F9DDE5978C6B4AF18EDA7C, 3A7F8107A0C6855E44AC75C5877D7E571F64F5A9EDC4C7992C4EEE400F0BBD16 ] ossrv C:\WINDOWS\system32\drivers\ctoss2k.sys
21:44:36.0968 0x0e50 ossrv - ok
21:44:36.0984 0x0e50 [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
21:44:36.0984 0x0e50 Parport - ok
21:44:36.0984 0x0e50 [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
21:44:36.0984 0x0e50 PartMgr - ok
21:44:37.0031 0x0e50 [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
21:44:37.0031 0x0e50 ParVdm - ok
21:44:37.0062 0x0e50 [ E90AC2B14E98F1A4372E5891B4278784, 34DB5548747FAD86D3DE8B8D5117C60E969042A9374110FE9A33BCF2E2CAF098 ] PCDCODEC C:\WINDOWS\system32\DRIVERS\atinpdxx.sys
21:44:37.0062 0x0e50 PCDCODEC - ok
21:44:37.0078 0x0e50 [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B22984804CEC269 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
21:44:37.0078 0x0e50 PCI - ok
21:44:37.0093 0x0e50 PCIDump - ok
21:44:37.0109 0x0e50 [ CCF5F451BB1A5A2A522A76E670000FF0, D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020198724042C9257 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
21:44:37.0109 0x0e50 PCIIde - ok
21:44:37.0140 0x0e50 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FCFEC1C8C987F617 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
21:44:37.0140 0x0e50 Pcmcia - ok
21:44:37.0171 0x0e50 [ 5B6C11DE7E839C05248CED8825470FEF, DB57DFD02C18461B1B383DF759730FFEE9C7FA8577E1679FD4740A590303EE79 ] pcouffin C:\WINDOWS\system32\Drivers\pcouffin.sys
21:44:37.0171 0x0e50 pcouffin - ok
21:44:37.0187 0x0e50 PDCOMP - ok
21:44:37.0187 0x0e50 PDFRAME - ok
21:44:37.0203 0x0e50 PDRELI - ok
21:44:37.0203 0x0e50 PDRFRAME - ok
21:44:37.0218 0x0e50 perc2 - ok
21:44:37.0218 0x0e50 perc2hib - ok
21:44:37.0265 0x0e50 [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] PlugPlay C:\WINDOWS\system32\services.exe
21:44:37.0281 0x0e50 PlugPlay - ok
21:44:37.0328 0x0e50 [ 12B4549D515CB26BB8D375038017CA65, B09ED2BED994D2B04862BBF62EF56F110235D3489D3B1762432F22A3A8F97BB8 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll
21:44:37.0328 0x0e50 Pml Driver HPZ12 - ok
21:44:37.0343 0x0e50 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
21:44:37.0343 0x0e50 PolicyAgent - ok
21:44:37.0375 0x0e50 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
21:44:37.0375 0x0e50 PptpMiniport - ok
21:44:37.0375 0x0e50 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
21:44:37.0375 0x0e50 ProtectedStorage - ok
21:44:37.0390 0x0e50 [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
21:44:37.0390 0x0e50 PSched - ok
21:44:37.0437 0x0e50 [ E0D0CB09AA07B22BE984E4F7EC0326F5, C3302AFE28E7128DC5E76CDDA82F9AA0E135201775189136DCA2ABDBB52F0AAE ] PSI_SVC_2 C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
21:44:37.0453 0x0e50 PSI_SVC_2 - ok
21:44:37.0484 0x0e50 [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
21:44:37.0484 0x0e50 Ptilink - ok
21:44:37.0500 0x0e50 ql1080 - ok
21:44:37.0515 0x0e50 Ql10wnt - ok
21:44:37.0515 0x0e50 ql12160 - ok
21:44:37.0531 0x0e50 ql1240 - ok
21:44:37.0531 0x0e50 ql1280 - ok
21:44:37.0546 0x0e50 [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
21:44:37.0546 0x0e50 RasAcd - ok
21:44:37.0578 0x0e50 [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F31862656E96E2B20C ] RasAuto C:\WINDOWS\System32\rasauto.dll
21:44:37.0578 0x0e50 RasAuto - ok
21:44:37.0609 0x0e50 [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
21:44:37.0609 0x0e50 Rasl2tp - ok
21:44:37.0656 0x0e50 [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] RasMan C:\WINDOWS\System32\rasmans.dll
21:44:37.0671 0x0e50 RasMan - ok
21:44:37.0671 0x0e50 [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
21:44:37.0687 0x0e50 RasPppoe - ok
21:44:37.0687 0x0e50 [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
21:44:37.0687 0x0e50 Raspti - ok
21:44:37.0718 0x0e50 [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
21:44:37.0734 0x0e50 Rdbss - ok
21:44:37.0734 0x0e50 [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
21:44:37.0734 0x0e50 RDPCDD - ok
21:44:37.0765 0x0e50 [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
21:44:37.0765 0x0e50 rdpdr - ok
21:44:37.0812 0x0e50 [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
21:44:37.0828 0x0e50 RDPWD - ok
21:44:37.0859 0x0e50 [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944333039375AC08C ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
21:44:37.0859 0x0e50 RDSessMgr - ok
21:44:37.0890 0x0e50 [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
21:44:37.0890 0x0e50 redbook - ok
21:44:37.0937 0x0e50 [ 7E699FF5F59B5D9DE5390E3C34C67CF5, 3FCF0442D80AB181FED4303E570378736AA1F8718C0B8B70F689A1E45200FFE4 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
21:44:37.0937 0x0e50 RemoteAccess - ok
21:44:37.0984 0x0e50 [ 5B19B557B0C188210A56A6B699D90B8F, 0FA880B81AE615206FD1738B83428AAA491D54B24168339DE6E87FDE8C6C14B0 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
21:44:37.0984 0x0e50 RemoteRegistry - ok
21:44:38.0000 0x0e50 [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC343561DC5EF9A360 ] RpcLocator C:\WINDOWS\system32\locator.exe
21:44:38.0000 0x0e50 RpcLocator - ok
21:44:38.0046 0x0e50 [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] RpcSs C:\WINDOWS\system32\rpcss.dll
21:44:38.0062 0x0e50 RpcSs - ok
21:44:38.0109 0x0e50 [ A95840A95A9FF74B0009E5D848CDDB39, 11A0EDAC60F231AEA5692623F26F6441FA2D5D8FA6291955743AA3A067E52BD1 ] RsFx0150 C:\WINDOWS\system32\DRIVERS\RsFx0150.sys
21:44:38.0125 0x0e50 RsFx0150 - ok
21:44:38.0156 0x0e50 [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP C:\WINDOWS\system32\rsvp.exe
21:44:38.0156 0x0e50 RSVP - ok
21:44:38.0281 0x0e50 [ 802A0E6308BAF3A61F1250B46BCFE20E, E9631C94C48AB1EDA222B37019AFBA8BDBA7121FD3C16739B991C7211B5B498F ] Sage ACT! Scheduler C:\Program Files\ACT\Act for Windows\Act.Scheduler.exe
21:44:38.0296 0x0e50 Sage ACT! Scheduler - ok
21:44:38.0296 0x0e50 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] SamSs C:\WINDOWS\system32\lsass.exe
21:44:38.0296 0x0e50 SamSs - ok
21:44:38.0312 0x0e50 [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F45DD054EEA04C7 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
21:44:38.0328 0x0e50 SCardSvr - ok
21:44:38.0343 0x0e50 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] Schedule C:\WINDOWS\system32\schedsvc.dll
21:44:38.0359 0x0e50 Schedule - ok
21:44:38.0390 0x0e50 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
21:44:38.0390 0x0e50 Secdrv - ok
21:44:38.0406 0x0e50 [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] seclogon C:\WINDOWS\System32\seclogon.dll
21:44:38.0421 0x0e50 seclogon - ok
21:44:38.0468 0x0e50 [ B9C7617C1E8AB6FDFF75D3C8DAFCB4C8, E94F7E97AAB80600DED0310160527C3CC8CAC8593EC2FBEAED2EF5EC5A6C4086 ] senfilt C:\WINDOWS\system32\drivers\senfilt.sys
21:44:38.0515 0x0e50 senfilt - ok
21:44:38.0546 0x0e50 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] SENS C:\WINDOWS\system32\sens.dll
21:44:38.0546 0x0e50 SENS - ok
21:44:38.0609 0x0e50 [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
21:44:38.0609 0x0e50 serenum - ok
21:44:38.0640 0x0e50 [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
21:44:38.0656 0x0e50 Serial - ok
21:44:38.0718 0x0e50 [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
21:44:38.0718 0x0e50 Sfloppy - ok
21:44:38.0765 0x0e50 [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
21:44:38.0796 0x0e50 SharedAccess - ok
21:44:38.0843 0x0e50 [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
21:44:38.0843 0x0e50 ShellHWDetection - ok
21:44:38.0843 0x0e50 Simbad - ok
21:44:38.0937 0x0e50 [ F07AF60B152221472FBDB2FECEC4896D, A18FDCE8462A48429E249C44F0E49F844F2E3A4B5215349DE104F34D935EF983 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
21:44:38.0937 0x0e50 SkypeUpdate - ok
21:44:38.0984 0x0e50 [ 866D538EBE33709A5C9F5C62B73B7D14, BC94BEB7C17B4FCAC8B5D0D5006A203BC209E0504EECE149651D8691935696CD ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
21:44:38.0984 0x0e50 SLIP - ok
21:44:39.0015 0x0e50 [ C6D9959E493682F872A639B6EC1B4A08, 5B6D3FD23A44422F8B3972CF47BF16B5015DC0CCF7EF59FADAFEEF1AEE32958B ] smwdm C:\WINDOWS\system32\drivers\smwdm.sys
21:44:39.0046 0x0e50 smwdm - ok
21:44:39.0046 0x0e50 Sparrow - ok
21:44:39.0078 0x0e50 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter C:\WINDOWS\system32\drivers\splitter.sys
21:44:39.0078 0x0e50 splitter - ok
21:44:39.0109 0x0e50 [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler C:\WINDOWS\system32\spoolsv.exe
21:44:39.0109 0x0e50 Spooler - ok
21:44:39.0156 0x0e50 [ 37761F6BE2EBAED72CC0D43BD4C8C2A6, 2743C87917472306648AA4E0241C766898DB8843A81F384F915C76D2B041B300 ] SQLAgent$ACT7 C:\Program Files\Microsoft SQL Server\MSSQL10_50.ACT7\MSSQL\Binn\SQLAGENT.EXE
21:44:39.0187 0x0e50 SQLAgent$ACT7 - ok
21:44:39.0281 0x0e50 [ 7D67C07C63796775CC5492BCFEAFF125, BAEFF806F656FA252D1DBC1E21603CF5F7D54C5AFB3FC91F2723729A7740DF8A ] SQLBrowser C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
21:44:39.0312 0x0e50 SQLBrowser - ok
21:44:39.0343 0x0e50 [ 8E6E5CFA06769A417B03FD6FAA29E010, CFF4FF34C2E0D9DFB502FCDB99DF4A21D0DBC335B6AD46805DAB069E789ECF9E ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
21:44:39.0343 0x0e50 SQLWriter - ok
21:44:39.0375 0x0e50 [ 76BB022C2FB6902FD5BDD4F78FC13A5D, 6031CB2344D7277FC703480EB43CF856A0F8F818EA98FF26A2CA532336CD2DFA ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
21:44:39.0375 0x0e50 sr - ok
21:44:39.0437 0x0e50 [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] srservice C:\WINDOWS\system32\srsvc.dll
21:44:39.0437 0x0e50 srservice - ok
21:44:39.0484 0x0e50 [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
21:44:39.0500 0x0e50 Srv - ok
21:44:39.0531 0x0e50 [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
21:44:39.0546 0x0e50 SSDPSRV - ok
21:44:39.0562 0x0e50 [ E57B778208C783D8DEBAB320C16A1B82, D9B0ACAF219D377E91737337466137F1AC78731659C1F0531BA3D9191DADC483 ] StarOpen C:\WINDOWS\system32\drivers\StarOpen.sys
21:44:39.0562 0x0e50 StarOpen - ok
21:44:39.0609 0x0e50 [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] stisvc C:\WINDOWS\system32\wiaservc.dll
21:44:39.0640 0x0e50 stisvc - ok
21:44:39.0687 0x0e50 [ 77813007BA6265C4B6098187E6ED79D2, 93939120E803C46FBFD577C8FC2E6C7E71C0460E01D25CB29579490640AB50C7 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
21:44:39.0687 0x0e50 streamip - ok
21:44:39.0734 0x0e50 [ 965F4DD2870F83642BC9CC7B4F1A1C7B, 8E5B3C4AFB116EE40D9841C38E9D9A6E2094C67900A2063D7D774512EEDD2224 ] SWDUMon C:\WINDOWS\system32\DRIVERS\SWDUMon.sys
21:44:39.0734 0x0e50 SWDUMon - ok
21:44:39.0750 0x0e50 [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
21:44:39.0750 0x0e50 swenum - ok
21:44:39.0765 0x0e50 [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
21:44:39.0765 0x0e50 swmidi - ok
21:44:39.0781 0x0e50 SwPrv - ok
21:44:39.0781 0x0e50 symc810 - ok
21:44:39.0796 0x0e50 symc8xx - ok
21:44:39.0796 0x0e50 sym_hi - ok
21:44:39.0812 0x0e50 sym_u3 - ok
21:44:39.0843 0x0e50 [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
21:44:39.0843 0x0e50 sysaudio - ok
21:44:39.0859 0x0e50 [ C7ABBC59B43274B1109DF6B24D617051, 4384CA0AA6CE9B603CF7DB775A3C721E46715D5B120B94FB57DEADAADE18535B ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
21:44:39.0859 0x0e50 SysmonLog - ok
21:44:39.0906 0x0e50 [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
21:44:39.0921 0x0e50 TapiSrv - ok
21:44:39.0968 0x0e50 [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
21:44:39.0984 0x0e50 Tcpip - ok
21:44:40.0015 0x0e50 [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
21:44:40.0015 0x0e50 TDPIPE - ok
21:44:40.0046 0x0e50 [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
21:44:40.0046 0x0e50 TDTCP - ok
21:44:40.0078 0x0e50 [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
21:44:40.0078 0x0e50 TermDD - ok
21:44:40.0140 0x0e50 [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] TermService C:\WINDOWS\System32\termsrv.dll
21:44:40.0156 0x0e50 TermService - ok
21:44:40.0203 0x0e50 [ 5387CE194233F3827A5C599C0B74EF13, CC0A35A098F6413A060B5DBEBCE76FBBD0ECC33847B059D006D1A784C140C44F ] tgiul50 C:\WINDOWS\system32\DRIVERS\tgiulnt5.sys
21:44:40.0218 0x0e50 tgiul50 - ok
21:44:40.0234 0x0e50 [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] Themes C:\WINDOWS\System32\shsvcs.dll
21:44:40.0234 0x0e50 Themes - ok
21:44:40.0281 0x0e50 [ DB7205804759FF62C34E3EFD8A4CC76A, 13A4248F528CE98ACA66898E56822E4FC49B11F491FF1F61A687BA601BF0A802 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
21:44:40.0281 0x0e50 TlntSvr - ok
21:44:40.0296 0x0e50 TosIde - ok
21:44:40.0312 0x0e50 [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] TrkWks C:\WINDOWS\system32\trkwks.dll
21:44:40.0328 0x0e50 TrkWks - ok
21:44:40.0375 0x0e50 [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
21:44:40.0375 0x0e50 Udfs - ok
21:44:40.0390 0x0e50 ultra - ok
21:44:40.0437 0x0e50 [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
21:44:40.0437 0x0e50 Update - ok
21:44:40.0500 0x0e50 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91, 7746916DB48E3F5B243B63C066596AD9037A494BF1AD935946DD04AC85D983DF ] upnphost C:\WINDOWS\System32\upnphost.dll
21:44:40.0515 0x0e50 upnphost - ok
21:44:40.0515 0x0e50 [ 05365FB38FCA1E98F7A566AAAF5D1815, 16843048CEEC3DAA3B953A12FF1EE339E86783A08F2A56DA7F94AD9F9717D77D ] UPS C:\WINDOWS\System32\ups.exe
21:44:40.0531 0x0e50 UPS - ok
21:44:40.0578 0x0e50 [ E919708DB44ED8543A7C017953148330, 226D032912D396117213FC29CD0BB5A8B2F872DD91D92F254F2F1FE392481B61 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
21:44:40.0578 0x0e50 usbaudio - ok
21:44:40.0625 0x0e50 [ 173F317CE0DB8E21322E71B7E60A27E8, 7042441BA63AE38AE9D7BE0BC5CA7404FC9EE5BB3F084604A68F01E82769652A ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
21:44:40.0625 0x0e50 usbccgp - ok
21:44:40.0625 0x0e50 USBDLM - ok
21:44:40.0671 0x0e50 [ 65DCF09D0E37D4C6B11B5B0B76D470A7, 90EBA8BAF45932B453D905EDF2BDDDF3A432BFD50B9F7DF58CDEAE98D11C2E2F ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
21:44:40.0687 0x0e50 usbehci - ok
21:44:40.0687 0x0e50 [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
21:44:40.0687 0x0e50 usbhub - ok
21:44:40.0703 0x0e50 [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
21:44:40.0703 0x0e50 usbprint - ok
21:44:40.0750 0x0e50 [ A0B8CF9DEB1184FBDD20784A58FA75D4, D8AFD45BD9CF7B02F2554AA6085194DE82893AF794EDF479BC9B9E9C1758DC75 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
21:44:40.0750 0x0e50 usbscan - ok
21:44:40.0750 0x0e50 [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
21:44:40.0765 0x0e50 USBSTOR - ok
21:44:40.0781 0x0e50 [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
21:44:40.0781 0x0e50 usbuhci - ok
21:44:40.0828 0x0e50 [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
21:44:40.0828 0x0e50 VgaSave - ok
21:44:40.0828 0x0e50 ViaIde - ok
21:44:40.0875 0x0e50 [ 4C8FCB5CC53AAB716D810740FE59D025, 010EAC43DBED700B73E4FC908FAAF9F6A0168EBBD5D86751E49BC33AAA18BFA4 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
21:44:40.0890 0x0e50 VolSnap - ok
21:44:40.0937 0x0e50 [ 7A9DB3A67C333BF0BD42E42B8596854B, D31A9A3B1AAAB373EDD73B674102395212FCB616F829E938B7B2B7BE7D4752C5 ] VSS C:\WINDOWS\System32\vssvc.exe
21:44:40.0968 0x0e50 VSS - ok
21:44:40.0968 0x0e50 vToolbarUpdater15.5.0 - ok
21:44:41.0046 0x0e50 [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] W32Time C:\WINDOWS\system32\w32time.dll
21:44:41.0046 0x0e50 W32Time - ok
21:44:41.0125 0x0e50 [ DB3C22745C0DA4666F3BE31F1AF36B2F, 2FE9A0F157AF9FB3CA03B8D4E706213E63E388206A8C04EF4A84E0D7A364A3A6 ] W3SVC C:\WINDOWS\system32\inetsrv\inetinfo.exe
21:44:41.0125 0x0e50 W3SVC - ok
21:44:41.0140 0x0e50 [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:44:41.0140 0x0e50 Wanarp - ok
21:44:41.0140 0x0e50 WDICA - ok
21:44:41.0187 0x0e50 [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
21:44:41.0187 0x0e50 wdmaud - ok
21:44:41.0234 0x0e50 [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] WebClient C:\WINDOWS\System32\webclnt.dll
21:44:41.0250 0x0e50 WebClient - ok
21:44:41.0343 0x0e50 [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
21:44:41.0359 0x0e50 winmgmt - ok
21:44:41.0437 0x0e50 [ 18F347402DA544A780949B8FDF83351B, D1AD972D438A51A4998FEF68670395DAE3353240AD2A17F35794287AF0826FFB ] WinRM C:\WINDOWS\system32\WsmSvc.dll
21:44:41.0500 0x0e50 WinRM - ok
21:44:41.0640 0x0e50 [ D9250B31B353EE3322C1CAD411997E38, D3EE89549A76E335B1DA774280FDC31184DCA714B99489AE96B90006CF6A0BA1 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:44:41.0734 0x0e50 wlidsvc - ok
21:44:41.0781 0x0e50 [ 051B1BDECD6DEE18C771B5D5EC7F044D, E9D4870C7E4E6119B274CF788D564BE9C48EA63790F5D6A2E987EB6DF7C93200 ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
21:44:41.0781 0x0e50 WmdmPmSN - ok
21:44:41.0828 0x0e50 [ E76F8807070ED04E7408A86D6D3A6137, BFCF5361B7335760A7AE4B6958DE516A27AC60AA09135A46F0B49F588FAFE3A0 ] Wmi C:\WINDOWS\System32\advapi32.dll
21:44:41.0859 0x0e50 Wmi - ok
21:44:41.0890 0x0e50 [ E0673F1106E62A68D2257E376079F821, 12992F18C9653050B10DC61D12988067933FCFDF02123D3A7EF5DE607A785DDC ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
21:44:41.0890 0x0e50 WmiApSrv - ok
21:44:41.0984 0x0e50 [ 6BAB4DC65515A098505F8B3D01FB6FE5, 52AA14777920753A8AF76072216A266F5D0036F112F671E7104E1F4C04AE499E ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
21:44:42.0031 0x0e50 WMPNetworkSvc - ok
21:44:42.0140 0x0e50 [ B800EEC15851597405784126C407188C, 78FE6A9CBFC2C10DB88D5D8616DBFD848849630907906D06199C14DC4F6C152D ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
21:44:42.0156 0x0e50 WPFFontCache_v0400 - ok
21:44:42.0218 0x0e50 [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D4476F57867FCC12A ] wscsvc C:\WINDOWS\system32\wscsvc.dll
21:44:42.0218 0x0e50 wscsvc - ok
21:44:42.0234 0x0e50 WSearch - ok
21:44:42.0265 0x0e50 [ C98B39829C2BBD34E454150633C62C78, 71B60EA3AD0E2637917D528C6A9E7ECF2949E3E5E91036AA5BBADA95BD725511 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
21:44:42.0265 0x0e50 WSTCODEC - ok
21:44:42.0296 0x0e50 [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E27B161F9FFD4CD ] wuauserv C:\WINDOWS\system32\wuauserv.dll
21:44:42.0296 0x0e50 wuauserv - ok
21:44:42.0328 0x0e50 [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
21:44:42.0328 0x0e50 WudfPf - ok
21:44:42.0343 0x0e50 [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
21:44:42.0359 0x0e50 WudfRd - ok
21:44:42.0390 0x0e50 [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
21:44:42.0406 0x0e50 WudfSvc - ok
21:44:42.0468 0x0e50 [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
21:44:42.0500 0x0e50 WZCSVC - ok
21:44:42.0562 0x0e50 x10nets - ok
21:44:42.0609 0x0e50 [ 295D21F14C335B53CB8154E5B1F892B9, 9418477C2E3EA93E93D931A4EDD4500DA568FAD6040204B5201D1080203B0BBC ] xmlprov C:\WINDOWS\System32\xmlprov.dll
21:44:42.0625 0x0e50 xmlprov - ok
21:44:42.0640 0x0e50 ================ Scan global ===============================
21:44:42.0687 0x0e50 [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll
21:44:42.0718 0x0e50 [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
21:44:42.0750 0x0e50 [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
21:44:42.0781 0x0e50 [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe
21:44:42.0781 0x0e50 [ Global ] - ok
21:44:42.0781 0x0e50 ================ Scan MBR ==================================
21:44:42.0796 0x0e50 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
21:44:42.0796 0x0e50 \Device\Harddisk0\DR0 - ok
21:44:42.0828 0x0e50 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
21:44:43.0015 0x0e50 \Device\Harddisk1\DR1 - ok
21:44:43.0015 0x0e50 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk2\DR2
21:44:43.0515 0x0e50 \Device\Harddisk2\DR2 - ok
21:44:43.0515 0x0e50 ================ Scan VBR ==================================
21:44:43.0531 0x0e50 [ 460B9A5480C73BF8F8C17D4FA06E8409 ] \Device\Harddisk0\DR0\Partition1
21:44:43.0531 0x0e50 \Device\Harddisk0\DR0\Partition1 - ok
21:44:43.0531 0x0e50 [ 4539098800FA741CBE41795D66A9CA76 ] \Device\Harddisk1\DR1\Partition1
21:44:43.0531 0x0e50 \Device\Harddisk1\DR1\Partition1 - ok
21:44:43.0546 0x0e50 [ 1E4CD0B7E6CAF8F9FC0FFD6CFF9463C7 ] \Device\Harddisk2\DR2\Partition1
21:44:43.0546 0x0e50 \Device\Harddisk2\DR2\Partition1 - ok
21:44:43.0546 0x0e50 Waiting for KSN requests completion. In queue: 250
21:44:44.0546 0x0e50 Waiting for KSN requests completion. In queue: 250
21:44:45.0546 0x0e50 Waiting for KSN requests completion. In queue: 250
21:44:46.0625 0x0e50 AV detected via SS1: AVG Anti-Virus Free Edition 2011, 10.0, enabled, updated
21:44:46.0625 0x0e50 Win FW state via NFM: disabled
21:44:49.0171 0x0e50 ============================================================
21:44:49.0171 0x0e50 Scan finished
21:44:49.0171 0x0e50 ============================================================
21:44:49.0171 0x0dc4 Detected object count: 0
21:44:49.0171 0x0dc4 Actual detected object count: 0
thom15
Regular Member
 
Posts: 42
Joined: July 11th, 2008, 11:49 pm

Re: my computer will restart at random

Unread postby nunped » October 5th, 2013, 4:47 am

Hi thom15,

You didn't answer my question.
Can you tell me what issues you are experimenting?

AdwCleaner - Scan/Clean
You should still have AdwCleaner on your desktop.
  1. Close ALL open programs, including your Internet browsers.
  2. Right click on adwcleaner.exe and select "Run as administrator" to run it.
  3. Click on Scan. When the scan finishes...the Clean button will become active.
  4. Click on Clean.
  5. Select OK at each prompt... to reboot the computer.
  6. A logfile C:\AdwCleaner[Sn].txt will open after you log back on the computer. ([Sn] n = number of run)
  7. Please post the content of the C:\AdwCleaner[Sn].txt logfile in your next reply.

OTL fix
  • Double click OTL.exe to launch the program.
  • Copy/Paste the contents of the code box below into the Custom Scans/Fixes box.
Code: Select all
:commands
[createrestorepoint]

:OTL
SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe -- (vToolbarUpdater15.5.0)
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\..\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}: "URL" = http://www.inbox.com/search/dispatcher. ... s&qkw= {searchTerms}&tbid=70001
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\..\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}: "URL" = http://www.inbox.com/search/dispatcher. ... s&qkw= {searchTerms}&tbid=70001
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-583907252-1770027372-725345543-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.iminent.com/?appId=1C89CFA ... BCFB8F4BAC
IE - HKU\S-1-5-21-583907252-1770027372-725345543-500\..\SearchScopes\{2256D71E-BC53-4933-9D3A-D5535DB30265}: "URL" = http://search.avg.com/route/?d=4d14e073 ... =chrome&q= {searchTerms}&lng={language}&iy=&ychte=us
IE - HKU\S-1-5-21-583907252-1770027372-725345543-500\..\SearchScopes\{5F427495-5C6C-444D-8516-861A536191DA}: "URL" = http://search.avg.com/route/?d=4e30bc50 ... =chrome&q= {searchTerms}&lng={language}&iy=&ychte=us
IE - HKU\S-1-5-21-583907252-1770027372-725345543-500\..\SearchScopes\{A4862931-C9B9-4C52-A4F4-C7B20FD5B952}: "URL" = http://search.conduit.com/ResultsExt.aspx?q= {searchTerms}&SearchSource=4&ctid=CT3291679&CUI=UN68023012417131119&UM=2
FF - prefs.js..browser.startup.homepage: "http://mysearch.avg.com/?cid={97454E7F-3BAB-4AC9-B881-CB0AEA2DEB94}&mid=f359e15a2b1ef11bcdb955c06a4a3d6e-1680464a21a017e42b382492c130b8ad24bd6e86&lang=en&ds=co011&pr=sa&d=2013-08-30 04:31:53&v=15.5.0.2&pid=safeguard&sg=0&sap=hp"
FF - prefs.js..browser.startup.homepage: "http://start.iminent.com/?appId=1C89CFAC-D090-4F9E-B286-2CBCFB8F4BAC"
FF - prefs.js..browser.search.selectedEngine: "StartWeb"
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}: C:\Program Files\Updater By SweetPacks\Firefox
[2013/08/22 10:33:46 | 000,000,000 | ---D | M] (Iminent Toolbar) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\g9clsfpo.default\extensions\ffxtlbr@iminent.com
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Reg Error: Value error.) - {B753C7C5-0942-4b7f-BC27-942B52BDAC66} - C:\Program Files\StopSign\PopupBlocker\sspopupblocker.dll (eAcceleration Corp )
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKU\S-1-5-21-583907252-1770027372-725345543-500\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Value error.)
O16 - DPF: {8BBDC81D-81B3-49EE-87E8-47B7A707FAE8} https://www2.gotomeeting.com/default/ap ... 2mdlax.cab (GoToMeeting/GoToWebinar Web Starter)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_33)
O32 - AutoRun File - [2009/01/12 21:11:39 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/01/12 21:11:39 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{8146574b-c98f-11df-9fb3-000bdb74528e}\Shell - "" = AutoRun
O33 - MountPoints2\{8146574b-c98f-11df-9fb3-000bdb74528e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{8146574b-c98f-11df-9fb3-000bdb74528e}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL JaiJAeQ.EXe
O33 - MountPoints2\{88419c08-31a3-11de-a705-000d56a04924}\Shell - "" = AutoRun
O33 - MountPoints2\{88419c08-31a3-11de-a705-000d56a04924}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{88419c08-31a3-11de-a705-000d56a04924}\Shell\AutoRun\command - "" = F:\bobo.bat
O33 - MountPoints2\{b1bedfd2-9767-11df-9f5f-000bdb74528e}\Shell\AutoRun\command - "" = I:\setupSNK.exe
O33 - MountPoints2\{d306922a-97ea-11df-9f60-000bdb74528e}\Shell - "" = AutoRun
O33 - MountPoints2\{d306922a-97ea-11df-9f60-000bdb74528e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{d306922a-97ea-11df-9f60-000bdb74528e}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL JaijaEQ.exE
@Alternate Data Stream - 216 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7ADA8871
@Alternate Data Stream - 215 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:6F1F66C0
@Alternate Data Stream - 212 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:38DE6D05
@Alternate Data Stream - 200 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7BA83BF4
@Alternate Data Stream - 172 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0CE7F3C9
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:373E1720
@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:24051EFF

:commands
[emptytemp]

  • Click the Run Fix button.
  • OTL will now process the instructions.
  • When finished a box will open asking you to open the fix log, click OK.
  • The fix log will open.
  • Copy/Paste the log in your next reply please.

Note: If necessary, OTL may re-boot your computer, or request that you do so, if it does, re-boot your computer. A log will be produced upon re-boot.

For your next reply:
  1. Answer to my question
  2. Log from adwcleaner
  3. Log from OTL
User avatar
nunped
MRU Honors Grad Emeritus
 
Posts: 1210
Joined: August 17th, 2011, 5:03 pm
Location: Portugal

Re: my computer will restart at random

Unread postby thom15 » October 5th, 2013, 12:10 pm

# AdwCleaner v3.006 - Report created 05/10/2013 at 10:32:08
# Updated 01/10/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Administrator - THOMXP
# Running from : C:\Documents and Settings\Administrator\Desktop\MELWARE3\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files\IminentToolbar
Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Application Data\DownloadTerms
Folder Deleted : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\g9clsfpo.default\Extensions\ffxtlbr@iminent.com
File Deleted : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\g9clsfpo.default\searchplugins\iminent.xml
File Deleted : C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [BrowserMngr Start Page]
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3289847
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3291679
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3298567
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3303000
Key Deleted : HKCU\Software\ParetoLogic
Key Deleted : HKLM\Software\ParetoLogic
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{8D15E1B2-D2B7-4A17-B44B-D2DDE5981406}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyPC Backup

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v16.0.2 (en-US)

[ File : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\g9clsfpo.default\prefs.js ]


-\\ Google Chrome v

[ File : C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R1].txt - [1131 octets] - [30/08/2013 10:42:44]
AdwCleaner[R2].txt - [2438 octets] - [04/10/2013 21:15:59]
AdwCleaner[R3].txt - [2507 octets] - [05/10/2013 10:31:04]
AdwCleaner[S0].txt - [64508 octets] - [30/08/2013 10:09:51]
AdwCleaner[S1].txt - [2462 octets] - [05/10/2013 10:32:08]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [2522 octets] ##########

no otl fix

OTL logfile created on: 10/5/2013 10:41:12 AM - Run 5
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Administrator\Desktop\MELWARE3
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.30 Gb Available Physical Memory | 65.05% Memory free
3.85 Gb Paging File | 3.29 Gb Available in Paging File | 85.46% Paging File free
Paging file location(s): C:\pagefile.sys 2048 2048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 931.51 Gb Total Space | 550.59 Gb Free Space | 59.11% Space Free | Partition Type: NTFS
Drive D: | 465.76 Gb Total Space | 62.45 Gb Free Space | 13.41% Space Free | Partition Type: NTFS
Drive F: | 111.78 Gb Total Space | 21.82 Gb Free Space | 19.52% Space Free | Partition Type: NTFS

Computer Name: THOMXP | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/10/03 09:26:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\MELWARE3\OTL.exe
PRC - [2013/09/19 04:10:42 | 000,067,072 | ---- | M] (mozilla.org) -- C:\Program Files\SeaMonkey\seamonkey.exe
PRC - [2013/09/19 04:10:42 | 000,010,240 | ---- | M] (Mozilla Corporation) -- C:\Program Files\SeaMonkey\plugin-container.exe
PRC - [2013/06/26 02:22:46 | 000,005,632 | ---- | M] (The Neat Company) -- C:\Program Files\Neat\exec\NeatStartupService.exe
PRC - [2013/06/25 11:08:26 | 000,192,512 | ---- | M] (Two Pilots) -- C:\WINDOWS\VPDAgent.exe
PRC - [2012/09/14 04:44:04 | 000,161,768 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2012/08/23 13:37:16 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
PRC - [2012/06/03 10:44:46 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe
PRC - [2010/08/23 21:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
PRC - [2010/05/18 15:13:58 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2008/04/13 19:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/02/08 08:41:12 | 000,185,632 | ---- | M] (Protexis Inc.) -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe


========== Modules (No Company Name) ==========

MOD - [2013/09/19 04:10:45 | 002,999,808 | ---- | M] () -- C:\Program Files\SeaMonkey\mozjs.dll
MOD - [2013/09/19 04:10:44 | 000,150,528 | ---- | M] () -- C:\Program Files\SeaMonkey\nsldap32v60.dll
MOD - [2013/09/19 04:10:44 | 000,014,848 | ---- | M] () -- C:\Program Files\SeaMonkey\nsldappr32v60.dll
MOD - [2013/09/13 04:23:44 | 016,177,544 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll
MOD - [2013/08/15 05:51:21 | 000,221,696 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\7bf3e4deef4483205017aa7b13194845\System.ServiceProcess.ni.dll
MOD - [2013/08/15 05:50:50 | 000,771,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\900d7d45b5a5498cbb97c36409f0afe1\System.Runtime.Remoting.ni.dll
MOD - [2013/08/15 05:50:47 | 000,787,456 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\bfa9e814cb8b662508aa93ae387b434f\System.EnterpriseServices.ni.dll
MOD - [2013/08/15 05:50:45 | 000,649,728 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Transactions\102014a4f570b1dc944ff7eb8e1c6e2b\System.Transactions.ni.dll
MOD - [2013/08/15 05:44:52 | 000,400,896 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\5dd5d8a799f25be9912df4cd25e29e78\System.Xml.Linq.ni.dll
MOD - [2013/08/15 05:44:18 | 000,696,320 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\log4net\8fe0df61049bcfb0ee3a608b59ea39ba\log4net.ni.dll
MOD - [2013/08/14 21:29:42 | 000,998,400 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\cf3c9d1496acdcb836853e59fe20223b\System.Management.ni.dll
MOD - [2013/08/14 21:29:20 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\15fd2d2f4e709154b44187a6915db244\System.ServiceProcess.ni.dll
MOD - [2013/08/14 21:28:37 | 000,978,944 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\14d1a28674a9f78c5759e7dcf74a13fd\System.Configuration.ni.dll
MOD - [2013/08/14 21:21:42 | 013,199,360 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\1a3b614a84244ea5fa4147b5cf007333\System.Windows.Forms.ni.dll
MOD - [2013/08/14 21:21:20 | 001,667,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\3a3fc0216674bdea0be809b305517c98\System.Drawing.ni.dll
MOD - [2013/08/14 21:21:00 | 001,014,272 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\df40dab689e9d8febfb943599ba79f8d\System.Configuration.ni.dll
MOD - [2013/08/14 21:20:55 | 005,628,928 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\884bcbd22130ebeb1211bc7bcc3910c9\System.Xml.ni.dll
MOD - [2013/08/14 21:20:45 | 006,813,184 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Data\a10f361c888b8b98f7ad1fa8d7a51516\System.Data.ni.dll
MOD - [2013/08/14 21:20:32 | 007,053,824 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\608aa2db27d45e63a4863f1f1d06897a\System.Core.ni.dll
MOD - [2013/08/14 21:20:06 | 009,099,776 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\de853615c8224ba5d9aa9b76276c6d98\System.ni.dll
MOD - [2013/08/14 21:17:21 | 005,462,016 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\f93600ac836b9140e1df13bb0f6bfccf\System.Xml.ni.dll
MOD - [2013/08/14 21:15:48 | 002,295,808 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Core\2bd89ed2dc0f585328fd1ac4c5a206dd\System.Core.ni.dll
MOD - [2013/08/14 21:13:55 | 007,977,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\10df39542df7d48462451fc39bce8418\System.ni.dll
MOD - [2013/08/14 21:11:42 | 000,425,984 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll
MOD - [2013/08/14 21:11:42 | 000,114,688 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
MOD - [2013/08/14 21:11:41 | 002,933,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2013/08/14 21:11:40 | 002,052,096 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll
MOD - [2013/08/14 21:11:39 | 003,194,880 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
MOD - [2013/08/14 21:11:39 | 000,630,784 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
MOD - [2013/08/14 21:11:29 | 000,258,048 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
MOD - [2013/08/14 21:11:27 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2013/08/14 21:11:26 | 000,261,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2013/08/14 21:11:20 | 005,025,792 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
MOD - [2013/07/12 04:27:55 | 014,416,896 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\cf58670896c5313b9b52f026f4455a5d\mscorlib.ni.dll
MOD - [2013/07/12 04:19:33 | 011,497,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\b14359470744c840c59fbe4e58034fd6\mscorlib.ni.dll
MOD - [2013/06/25 11:08:26 | 000,048,640 | ---- | M] () -- C:\WINDOWS\system32\sdtnpm.dll
MOD - [2012/06/03 10:44:46 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe
MOD - [2011/11/26 09:56:30 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Act.Shared.Diagnostics\13.1.111.0__ebf6b2ff4d0a08aa\Act.Shared.Diagnostics.dll
MOD - [2011/09/27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/01/27 05:42:34 | 000,409,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.WindowsFirewallUtilities\5.0.136.0__7ce6deabcb36a8ea\Intuit.Spc.Map.WindowsFirewallUtilities.dll
MOD - [2011/01/27 05:42:33 | 000,476,520 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\5.0.136.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll
MOD - [2011/01/27 05:42:30 | 000,421,224 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Api.Net\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Api.Net.dll
MOD - [2011/01/27 05:42:30 | 000,046,952 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin.dll
MOD - [2011/01/27 05:42:30 | 000,018,792 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker.dll
MOD - [2011/01/27 05:42:29 | 000,269,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Core\3.1.26.0__540d4816ead86321\Intuit.Spc.Esd.Core.dll
MOD - [2011/01/27 05:42:29 | 000,121,704 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.BusinessLogic\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.Client.BusinessLogic.dll
MOD - [2011/01/27 05:42:29 | 000,120,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.DataAccess\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.Client.DataAccess.dll
MOD - [2011/01/27 05:42:29 | 000,070,504 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.Common\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.Client.Common.dll
MOD - [2011/01/07 20:10:37 | 000,023,912 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateService\1.0.0.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateService.dll
MOD - [2011/01/07 20:10:37 | 000,012,136 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateService.PluginContract\1.0.0.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateService.PluginContract.dll
MOD - [2010/01/20 04:48:08 | 000,854,016 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data.SQLite\1.0.61.0__db937bc2d44ff139\System.Data.SQLite.dll
MOD - [2010/01/20 04:48:06 | 000,403,456 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.WindowsFirewallUtilities\5.0.104.0__7ce6deabcb36a8ea\Intuit.Spc.Map.WindowsFirewallUtilities.dll
MOD - [2010/01/20 04:48:05 | 000,471,040 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\5.0.104.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll
MOD - [2010/01/20 04:48:01 | 000,419,616 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Api.Net\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Api.Net.dll
MOD - [2010/01/20 04:48:01 | 000,046,880 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin.dll
MOD - [2010/01/20 04:48:01 | 000,018,720 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker.dll
MOD - [2010/01/20 04:48:00 | 000,270,112 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Core\2.0.445.0__540d4816ead86321\Intuit.Spc.Esd.Core.dll
MOD - [2010/01/20 04:47:59 | 000,121,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.BusinessLogic\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.Client.BusinessLogic.dll
MOD - [2010/01/20 04:47:59 | 000,120,096 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.DataAccess\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.Client.DataAccess.dll
MOD - [2010/01/20 04:47:59 | 000,070,432 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.Common\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.Client.Common.dll
MOD - [2009/03/05 14:54:16 | 001,058,304 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.WindowsFirewallUtilities\4.0.114.0__7ce6deabcb36a8ea\Intuit.Spc.Map.WindowsFirewallUtilities.dll
MOD - [2009/03/05 14:54:15 | 000,471,040 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\4.0.114.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll
MOD - [2009/03/05 14:54:14 | 000,402,208 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Api.Net\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.WinClient.Api.Net.dll
MOD - [2009/03/05 14:54:14 | 000,047,392 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin.dll
MOD - [2009/03/05 14:54:14 | 000,018,720 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker.dll
MOD - [2009/03/05 14:54:13 | 000,238,368 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Core\2.0.145.4__540d4816ead86321\Intuit.Spc.Esd.Core.dll
MOD - [2009/03/05 14:54:13 | 000,120,608 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.DataAccess\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.Client.DataAccess.dll
MOD - [2009/03/05 14:54:13 | 000,072,992 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.Common\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.Client.Common.dll
MOD - [2009/03/05 14:54:12 | 000,130,848 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.BusinessLogic\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.Client.BusinessLogic.dll
MOD - [2009/03/05 14:45:54 | 000,755,712 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data.SQLite\1.0.56.0__28c9bcd4dddc48a1\System.Data.SQLite.dll
MOD - [2009/03/05 14:45:50 | 000,270,336 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\log4net\1.2.10.0__1b44e1d426115821\log4net.dll
MOD - [2009/03/05 14:45:45 | 000,458,752 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Foundations.Portability\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Portability.dll
MOD - [2009/03/05 14:45:44 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Foundations.Primary.Logging\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Primary.Logging.dll
MOD - [2009/03/05 14:45:43 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Foundations.Primary.ExceptionHandling\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Primary.ExceptionHandling.dll
MOD - [2009/03/05 14:45:42 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Foundations.Primary.Config\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Primary.Config.dll
MOD - [2005/08/08 11:01:04 | 000,061,440 | ---- | M] () -- C:\Program Files\Lexmark 8300 Series\lxcjcnv4.dll


========== Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\PROGRA~1\ATIMUL~1\RemCtrl\x10nets.exe -- (x10nets)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe -- (vToolbarUpdater15.5.0)
SRV - File not found [Auto | Stopped] -- F:\USBDLM.exe -- (USBDLM)
SRV - [2013/09/13 04:23:49 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/06/26 02:22:46 | 000,005,632 | ---- | M] (The Neat Company) [Auto | Running] -- C:\Program Files\Neat\exec\NeatStartupService.exe -- (Neat Startup Service)
SRV - [2013/06/25 11:08:26 | 000,192,512 | ---- | M] (Two Pilots) [Auto | Running] -- C:\WINDOWS\VPDAgent.exe -- (Agent)
SRV - [2012/09/14 04:44:04 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012/09/05 20:26:40 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/08/23 13:37:16 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe -- (IntuitUpdateServiceV4)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/06/03 10:44:46 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)
SRV - [2012/01/02 19:20:31 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/12/21 15:38:30 | 000,081,920 | ---- | M] (Sage Software, Inc.) [Auto | Stopped] -- C:\Program Files\ACT\Act for Windows\Act.Scheduler.exe -- (Sage ACT! Scheduler)
SRV - [2010/12/21 15:38:30 | 000,081,920 | ---- | M] (Sage Software, Inc.) [Auto | Stopped] -- C:\Program Files\ACT\Act for Windows\Act.Scheduler.exe -- (ACT! Scheduler)
SRV - [2010/08/23 21:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2010/05/18 15:13:58 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2008/04/13 19:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (W3SVC)
SRV - [2008/04/13 19:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (IISADMIN)
SRV - [2008/02/08 08:41:12 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2005/10/24 09:33:04 | 000,491,520 | ---- | M] ( ) [On_Demand | Stopped] -- C:\WINDOWS\system32\lxcjcoms.exe -- (lxcj_device)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\CTERFXFX.DLL -- (CTERFXFX.DLL)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\cpuz132\cpuz132_x32.sys -- (cpuz132)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | System | Stopped] -- system32\DRIVERS\avgtdix.sys -- (Avgtdix)
DRV - File not found [File_System | Boot | Stopped] -- system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - File not found [File_System | System | Stopped] -- system32\DRIVERS\avgmfx86.sys -- (Avgmfx86)
DRV - File not found [Kernel | System | Stopped] -- system32\DRIVERS\avgldx86.sys -- (Avgldx86)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\AVGIDSShim.Sys -- (AVGIDSShim)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\AVGIDSFilter.Sys -- (AVGIDSFilter)
DRV - File not found [Kernel | Boot | Stopped] -- system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\AVGIDSDriver.Sys -- (AVGIDSDriver)
DRV - [2013/08/30 04:31:24 | 000,037,664 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2013/07/02 11:41:04 | 000,013,464 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SWDUMon.sys -- (SWDUMon)
DRV - [2012/06/03 10:44:46 | 000,005,504 | ---- | M] () [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2010/04/03 11:02:54 | 000,240,608 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\RsFx0150.sys -- (RsFx0150)
DRV - [2010/02/16 13:44:18 | 000,146,904 | ---- | M] (EldoS Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cbfs.sys -- (CbFs)
DRV - [2009/08/05 22:48:42 | 000,054,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2009/07/24 07:58:56 | 000,023,096 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MusCAudio.sys -- (MusCAudio)
DRV - [2009/01/18 22:02:27 | 000,003,584 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\Dlportio.sys -- (DLPORTIO)
DRV - [2006/08/11 15:48:52 | 000,061,952 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\CTHWIUT.DLL -- (CTHWIUT.DLL)
DRV - [2006/08/11 15:48:50 | 000,158,720 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\CT20XUT.DLL -- (CT20XUT.DLL)
DRV - [2006/08/11 15:48:42 | 001,170,432 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\CTEXFIFX.dll -- (CTEXFIFX.DLL)
DRV - [2006/08/11 15:48:32 | 000,548,352 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\ctsblfx.dll -- (CTSBLFX.DLL)
DRV - [2006/08/11 15:48:28 | 000,160,768 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\cteapsfx.dll -- (CTEAPSFX.DLL)
DRV - [2006/08/11 15:48:12 | 000,536,576 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\ctaudfx.dll -- (CTAUDFX.DLL)
DRV - [2006/08/11 15:48:08 | 000,087,552 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\commonfx.dll -- (COMMONFX.DLL)
DRV - [2006/08/11 15:48:06 | 000,317,952 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\CTEDSPSY.DLL -- (CTEDSPSY.DLL)
DRV - [2006/08/11 15:45:50 | 000,115,200 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\CTEDSPIO.DLL -- (CTEDSPIO.DLL)
DRV - [2006/08/11 15:45:40 | 000,269,824 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\CTEDSPFX.DLL -- (CTEDSPFX.DLL)
DRV - [2006/08/11 15:45:40 | 000,007,168 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV - [2006/08/11 15:45:38 | 000,499,584 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctaud2k.sys -- (ctaud2k)
DRV - [2006/08/11 15:45:28 | 000,180,224 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\haP17v2k.sys -- (hap17v2k)
DRV - [2006/08/11 15:45:26 | 000,766,976 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ha10kx2k.sys -- (ha10kx2k)
DRV - [2006/08/11 15:45:26 | 000,154,112 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\haP16v2k.sys -- (hap16v2k)
DRV - [2006/08/11 15:45:24 | 000,116,224 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2006/08/11 15:45:18 | 000,143,872 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2006/08/11 15:45:18 | 000,078,336 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\emupia2k.sys -- (emupia)
DRV - [2006/08/11 15:45:14 | 000,502,272 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctac32k.sys -- (ctac32k)
DRV - [2006/02/21 20:46:26 | 001,505,792 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005/11/10 18:06:04 | 000,340,704 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctdvda2k.sys -- (ctdvda2k)
DRV - [2004/09/17 09:02:54 | 000,732,928 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt)
DRV - [2004/08/03 23:29:32 | 000,104,960 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atinrvxx.sys -- (atinrvxx)
DRV - [2004/08/03 23:29:32 | 000,073,216 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atintuxx.sys -- (ATITUNEP)
DRV - [2004/08/03 23:29:32 | 000,063,488 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atinxsxx.sys -- (ATIXSAudio)
DRV - [2004/08/03 23:29:30 | 000,052,224 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atinraxx.sys -- (ativraxx)
DRV - [2004/08/03 23:29:30 | 000,014,336 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atinpdxx.sys -- (PCDCODEC)
DRV - [2004/08/03 23:29:30 | 000,013,824 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atinmdxx.sys -- (MVDCODEC)
DRV - [2003/12/17 10:50:00 | 000,070,801 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lmouflt2.sys -- (LMouFlt2)
DRV - [2003/12/17 10:50:00 | 000,051,729 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L8042PR2.SYS -- (L8042PR2)
DRV - [2003/12/17 10:50:00 | 000,037,887 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHIDUSB.SYS -- (LHidUsb)
DRV - [2003/12/17 10:50:00 | 000,025,505 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHIDFLT2.SYS -- (LHidFlt2)
DRV - [2003/12/17 10:50:00 | 000,014,095 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LCCFLTR.SYS -- (LCcfltr)
DRV - [2002/10/15 16:59:24 | 000,017,153 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\omci.sys -- (omci)
DRV - [2001/08/17 12:51:10 | 000,138,528 | ---- | M] (Trident Microsystems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tgiulnt5.sys -- (tgiul50)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.iminent.com/?appId=1C89CFA ... BCFB8F4BAC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 61 92 5D 5F 27 1C CE 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{21971F0F-1912-4672-80DC-2ED13C5307E7}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\..\SearchScopes\{2256D71E-BC53-4933-9D3A-D5535DB30265}: "URL" = http://search.avg.com/route/?d=4d14e073 ... =chrome&q={searchTerms}&lng={language}&iy=&ychte=us
IE - HKCU\..\SearchScopes\{5F427495-5C6C-444D-8516-861A536191DA}: "URL" = http://search.avg.com/route/?d=4e30bc50 ... =chrome&q={searchTerms}&lng={language}&iy=&ychte=us
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searcerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{A4862931-C9B9-4C52-A4F4-C7B20FD5B952}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3291679&CUI=UN68023012417131119&UM=2
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://mysearch.avg.com/?cid={97454E7F-3BAB-4AC9-B881-CB0AEA2DEB94}&mid=f359e15a2b1ef11bcdb955c06a4a3d6e-1680464a21a017e42b382492c130b8ad24bd6e86&lang=en&ds=co011&pr=sa&d=2013-08-30 04:31:53&v=15.5.0.2&pid=safeguard&sg=0&sap=hp"
FF - prefs.js..browser.startup.homepage: "http://start.iminent.com/?appId=1C89CFAC-D090-4F9E-B286-2CBCFB8F4BAC"
FF - prefs.js..browser.search.selectedEngine: "StartWeb"
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG10\Toolbar\Firefox\avg@igeared
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}: C:\Program Files\Updater By SweetPacks\Firefox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files\Mozilla Firefox 4.0 Beta 3\components [2013/08/21 08:46:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox 4.0 Beta 3\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/08/21 08:46:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/09/10 17:31:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\SeaMonkey 1.1.14\Extensions\\Components: C:\Program Files\mozilla.org\SeaMonkey\Components [2013/08/21 08:46:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\SeaMonkey 1.1.14\Extensions\\Plugins: C:\Program Files\mozilla.org\SeaMonkey\Plugins [2013/09/10 17:31:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\SeaMonkey 2.21\extensions\\Components: C:\Program Files\SeaMonkey\components [2013/09/19 04:10:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\SeaMonkey 2.21\extensions\\Plugins: C:\Program Files\SeaMonkey\plugins [2013/09/10 17:31:10 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey 1.1.14\Extensions\\Components: C:\Program Files\mozilla.org\SeaMonkey\Components [2013/08/21 08:46:32 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey 1.1.14\Extensions\\Plugins: C:\Program Files\mozilla.org\SeaMonkey\Plugins [2013/09/10 17:31:10 | 000,000,000 | ---D | M]

[2012/10/24 02:24:39 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions
[2009/11/21 08:16:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions\{92650c4d-4b8e-4d2a-b7eb-24ecf4f6b63a}
[2009/02/25 19:54:59 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions\home2@tomtom.com
[2013/10/05 10:32:10 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\g9clsfpo.default\extensions
[2013/02/16 17:42:31 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\g9clsfpo.default\extensions\{1be04434-6b9f-48c8-8675-94c640d5b293}
[2010/08/04 18:04:17 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\g9clsfpo.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012/11/09 11:46:59 | 000,000,000 | ---D | M] (FireFTP) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\g9clsfpo.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}
[2012/11/09 13:06:21 | 000,000,000 | ---D | M] (Firefox Hotfix) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\g9clsfpo.default\extensions\firefox-hotfix@mozilla.org
[2013/08/22 05:44:43 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\g9clsfpo.default\extensions\staged
[2013/03/08 17:51:13 | 000,000,000 | ---D | M] (Web Backup Drop Pad) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\g9clsfpo.default\extensions\Strongvault@Strongvault.com
[2013/02/25 06:43:53 | 000,000,000 | ---D | M] (LastPass) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\g9clsfpo.default\extensions\support@lastpass.com
[2012/11/09 11:46:55 | 000,000,000 | ---D | M] (Test Pilot) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\g9clsfpo.default\extensions\testpilot@labs.mozilla.com
[2013/07/23 13:22:30 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkey\Profiles\pl6wiyw8.default\extensions
[2013/07/23 13:22:30 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkey\Profiles\pl6wiyw8.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
[2013/07/04 03:52:35 | 000,000,000 | ---D | M] (ReminderFox) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkey\Profiles\pl6wiyw8.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}
[2012/05/04 20:51:53 | 000,000,000 | ---D | M] (IE Tab Plus) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkey\Profiles\pl6wiyw8.default\extensions\ietab@ip.cn
[2013/04/15 03:53:07 | 000,000,000 | ---D | M] (DOM Inspector) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkey\Profiles\pl6wiyw8.default\extensions\inspector@mozilla.org
[2013/01/31 16:04:49 | 000,000,000 | ---D | M] (LastPass) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkey\Profiles\pl6wiyw8.default\extensions\support@lastpass.com
[2013/07/15 07:02:06 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkey\Profiles\pl6wiyw8.default\extensions\trash
[2011/03/20 12:30:01 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkey1\pl6wiyw8.default\extensions
[2011/03/20 12:30:00 | 000,000,000 | ---D | M] (Image Zoom) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkey1\pl6wiyw8.default\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}
[2011/03/20 12:29:59 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkey1\pl6wiyw8.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
[2011/03/20 12:29:58 | 000,000,000 | ---D | M] (ReminderFox) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkey1\pl6wiyw8.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}
[2011/03/20 12:29:58 | 000,000,000 | ---D | M] (JavaScript Debugger) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkey1\pl6wiyw8.default\extensions\{f13b157f-b174-47e7-a34d-4815ddfdfeb8}
[2011/03/20 12:30:02 | 000,000,000 | ---D | M] (IE Tab Plus) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkey1\pl6wiyw8.default\extensions\ietab@ip.cn
[2011/03/20 12:30:01 | 000,000,000 | ---D | M] (DOM Inspector) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkey1\pl6wiyw8.default\extensions\inspector@mozilla.org
[2010/08/04 18:05:58 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkey1\Profiles\xfxz4wkn2.default\extensions
[2010/06/30 19:32:57 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkey1\Profiles\xfxz4wkn2.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
[2010/06/30 19:32:56 | 000,000,000 | ---D | M] (IE Tab Plus) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkey1\Profiles\xfxz4wkn2.default\extensions\ietab@ip.cn
[2010/08/04 18:05:56 | 000,000,000 | ---D | M] (DOM Inspector) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkey1\Profiles\xfxz4wkn2.default\extensions\inspector@mozilla.org
[2011/04/06 14:39:13 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Copy of SeaMonkey\Profiles\pl6wiyw8.default\extensions
[2011/04/06 14:39:13 | 000,000,000 | ---D | M] (Image Zoom) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Copy of SeaMonkey\Profiles\pl6wiyw8.default\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}
[2011/04/06 14:39:12 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Copy of SeaMonkey\Profiles\pl6wiyw8.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
[2011/04/06 14:39:11 | 000,000,000 | ---D | M] (ReminderFox) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Copy of SeaMonkey\Profiles\pl6wiyw8.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}
[2011/04/06 14:39:11 | 000,000,000 | ---D | M] (JavaScript Debugger) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Copy of SeaMonkey\Profiles\pl6wiyw8.default\extensions\{f13b157f-b174-47e7-a34d-4815ddfdfeb8}
[2011/04/06 14:39:15 | 000,000,000 | ---D | M] (IE Tab Plus) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Copy of SeaMonkey\Profiles\pl6wiyw8.default\extensions\ietab@ip.cn
[2011/04/06 14:39:13 | 000,000,000 | ---D | M] (DOM Inspector) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Copy of SeaMonkey\Profiles\pl6wiyw8.default\extensions\inspector@mozilla.org
[2011/04/06 14:35:11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Copy of SeaMonkey\Profiles\pl6wiyw8.default\pl6wiyw8.default\extensions
[2011/04/06 14:35:10 | 000,000,000 | ---D | M] (Image Zoom) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Copy of SeaMonkey\Profiles\pl6wiyw8.default\pl6wiyw8.default\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}
[2011/04/06 14:35:10 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Copy of SeaMonkey\Profiles\pl6wiyw8.default\pl6wiyw8.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
[2011/04/06 14:35:09 | 000,000,000 | ---D | M] (ReminderFox) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Copy of SeaMonkey\Profiles\pl6wiyw8.default\pl6wiyw8.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}
[2011/04/06 14:35:09 | 000,000,000 | ---D | M] (JavaScript Debugger) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Copy of SeaMonkey\Profiles\pl6wiyw8.default\pl6wiyw8.default\extensions\{f13b157f-b174-47e7-a34d-4815ddfdfeb8}
[2011/04/06 14:35:13 | 000,000,000 | ---D | M] (IE Tab Plus) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Copy of SeaMonkey\Profiles\pl6wiyw8.default\pl6wiyw8.default\extensions\ietab@ip.cn
[2011/04/06 14:35:11 | 000,000,000 | ---D | M] (DOM Inspector) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Copy of SeaMonkey\Profiles\pl6wiyw8.default\pl6wiyw8.default\extensions\inspector@mozilla.org
[2011/04/05 20:34:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Profiles\pl6wiyw8.default\extensions
[2010/12/31 10:42:43 | 000,000,000 | ---D | M] (Image Zoom) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Profiles\pl6wiyw8.default\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}
[2011/03/19 08:07:01 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Profiles\pl6wiyw8.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
[2011/03/19 08:07:02 | 000,000,000 | ---D | M] (ReminderFox) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Profiles\pl6wiyw8.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}
[2010/08/23 04:34:50 | 000,000,000 | ---D | M] (JavaScript Debugger) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Profiles\pl6wiyw8.default\extensions\{f13b157f-b174-47e7-a34d-4815ddfdfeb8}
[2010/11/27 05:47:53 | 000,000,000 | ---D | M] (IE Tab Plus) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Profiles\pl6wiyw8.default\extensions\ietab@ip.cn
[2011/03/04 06:18:10 | 000,000,000 | ---D | M] (DOM Inspector) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Profiles\pl6wiyw8.default\extensions\inspector@mozilla.org
[2011/04/05 19:10:11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Profiles\pl6wiyw8.default\pl6wiyw8.default\extensions
[2011/04/05 19:10:10 | 000,000,000 | ---D | M] (Image Zoom) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Profiles\pl6wiyw8.default\pl6wiyw8.default\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}
[2011/04/05 19:10:09 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Profiles\pl6wiyw8.default\pl6wiyw8.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
[2011/04/05 19:10:09 | 000,000,000 | ---D | M] (ReminderFox) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Profiles\pl6wiyw8.default\pl6wiyw8.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}
[2011/04/05 19:10:08 | 000,000,000 | ---D | M] (JavaScript Debugger) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Profiles\pl6wiyw8.default\pl6wiyw8.default\extensions\{f13b157f-b174-47e7-a34d-4815ddfdfeb8}
[2011/04/05 19:10:13 | 000,000,000 | ---D | M] (IE Tab Plus) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Profiles\pl6wiyw8.default\pl6wiyw8.default\extensions\ietab@ip.cn
[2011/04/05 19:10:11 | 000,000,000 | ---D | M] (DOM Inspector) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Profiles\pl6wiyw8.default\pl6wiyw8.default\extensions\inspector@mozilla.org
[2011/04/05 19:28:03 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\SeaMonkey\Profiles\pl6wiyw8.default\extensions
[2011/04/05 19:28:02 | 000,000,000 | ---D | M] (Image Zoom) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\SeaMonkey\Profiles\pl6wiyw8.default\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}
[2011/04/05 19:28:02 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\SeaMonkey\Profiles\pl6wiyw8.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
[2011/04/05 19:28:02 | 000,000,000 | ---D | M] (ReminderFox) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\SeaMonkey\Profiles\pl6wiyw8.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}
[2011/04/05 19:28:01 | 000,000,000 | ---D | M] (JavaScript Debugger) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\SeaMonkey\Profiles\pl6wiyw8.default\extensions\{f13b157f-b174-47e7-a34d-4815ddfdfeb8}
[2011/04/05 19:28:04 | 000,000,000 | ---D | M] (IE Tab Plus) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\SeaMonkey\Profiles\pl6wiyw8.default\extensions\ietab@ip.cn
[2011/04/05 19:28:03 | 000,000,000 | ---D | M] (DOM Inspector) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\SeaMonkey\Profiles\pl6wiyw8.default\extensions\inspector@mozilla.org
[2011/04/06 12:47:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\SeaMonkey\Profiles\pl6wiyw8.default\pl6wiyw8.default\extensions
[2011/04/06 12:47:15 | 000,000,000 | ---D | M] (Image Zoom) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\SeaMonkey\Profiles\pl6wiyw8.default\pl6wiyw8.default\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}
[2011/04/06 12:47:14 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\SeaMonkey\Profiles\pl6wiyw8.default\pl6wiyw8.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
[2011/04/06 12:47:14 | 000,000,000 | ---D | M] (ReminderFox) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\SeaMonkey\Profiles\pl6wiyw8.default\pl6wiyw8.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}
[2011/04/06 12:47:13 | 000,000,000 | ---D | M] (JavaScript Debugger) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\SeaMonkey\Profiles\pl6wiyw8.default\pl6wiyw8.default\extensions\{f13b157f-b174-47e7-a34d-4815ddfdfeb8}
[2011/04/06 12:47:18 | 000,000,000 | ---D | M] (IE Tab Plus) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\SeaMonkey\Profiles\pl6wiyw8.default\pl6wiyw8.default\extensions\ietab@ip.cn
[2011/04/06 12:47:16 | 000,000,000 | ---D | M] (DOM Inspector) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\SeaMonkey\Profiles\pl6wiyw8.default\pl6wiyw8.default\extensions\inspector@mozilla.org
[2011/12/11 15:40:26 | 000,074,865 | ---- | M] () (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\g9clsfpo.default\extensions\addon@homepagepays.com.xpi
[2012/11/09 11:51:07 | 000,025,868 | ---- | M] () (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\g9clsfpo.default\extensions\firefox-hotfix@mozilla.org.xpi
[2012/09/19 23:46:32 | 000,621,521 | ---- | M] () (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\g9clsfpo.default\extensions\testpilot@labs.mozilla.com.xpi
[2012/08/15 12:11:20 | 000,071,420 | ---- | M] () (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\g9clsfpo.default\extensions\{6B79F0E9-1B47-4e19-A030-F33D8976D320}.xpi
[2012/11/09 11:46:53 | 000,341,143 | ---- | M] () (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\g9clsfpo.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}.xpi
[2013/08/30 04:33:35 | 000,003,725 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\g9clsfpo.default\searchplugins\safeguard-secure-search.xml
[2013/08/22 12:31:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2009/10/30 16:01:37 | 000,536,352 | ---- | M] (iLinc Communications, Inc.) -- C:\Program Files\mozilla firefox\plugins\NPCltInstall.dll
[2010/07/17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2013/08/30 04:33:36 | 000,003,771 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\safeguard-secure-search.xml

========== Chrome ==========

CHR - Extension: No name found = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gpdgdlcjhlbaphcjmagicjhhgfnkiihp\1.0.0_0\
CHR - Extension: No name found = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb\2.6.17_0\
CHR - Extension: No name found = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmgjcfciomphoojcgkgbhhlcdmbbbbjn\2.2\
CHR - Extension: No name found = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\

O1 HOSTS File: ([2004/08/04 07:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (CostMin) - {E7DD70DE-3940-7EDF-BB76-1DB87353DF22} - C:\Documents and Settings\All Users\Application Data\CostMin\Py2CX.dll File not found
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [LXCJCATS] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCJtime.DLL ()
O4 - HKCU..\Run: [Smart PC Booster Startup Dialog] "C:\Program Files\Ask4Expert\Smart PC Booster 7\Helper.exe" --windows-startup-nag-dialog --windows-startup File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Activities present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html File not found
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/microso ... 1318987109 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microso ... 0472385019 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Value error.)
O16 - DPF: {8BBDC81D-81B3-49EE-87E8-47B7A707FAE8} https://www2.gotomeeting.com/default/ap ... 2mdlax.cab (GoToMeeting/GoToWebinar Web Starter)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D9895870-0F22-417D-9EDD-62ECEFD39F4B}: NameServer = 192.168.2.1
O18 - Protocol\Handler\avgsecuritytoolbar - No CLSID value found
O18 - Protocol\Handler\linkscanner - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\Userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxsrvc.dll) - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/01/12 21:11:39 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/01/12 21:11:39 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{8146574b-c98f-11df-9fb3-000bdb74528e}\Shell - "" = AutoRun
O33 - MountPoints2\{8146574b-c98f-11df-9fb3-000bdb74528e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{8146574b-c98f-11df-9fb3-000bdb74528e}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL JaiJAeQ.EXe
O33 - MountPoints2\{88419c08-31a3-11de-a705-000d56a04924}\Shell - "" = AutoRun
O33 - MountPoints2\{88419c08-31a3-11de-a705-000d56a04924}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{88419c08-31a3-11de-a705-000d56a04924}\Shell\AutoRun\command - "" = F:\bobo.bat
O33 - MountPoints2\{b1bedfd2-9767-11df-9f5f-000bdb74528e}\Shell\AutoRun\command - "" = I:\setupSNK.exe
O33 - MountPoints2\{d306922a-97ea-11df-9f60-000bdb74528e}\Shell - "" = AutoRun
O33 - MountPoints2\{d306922a-97ea-11df-9f60-000bdb74528e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{d306922a-97ea-11df-9f60-000bdb74528e}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL JaijaEQ.exE
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/10/03 20:56:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\MELWARE3
[2013/09/17 10:57:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\MELWARE2
[2013/09/14 19:45:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\THOM ALL MY MUSIC
[2013/09/06 20:23:00 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\IECompatCache
[2009/01/22 11:09:03 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Administrator\Application Data\pcouffin.sys
[2009/01/14 10:58:49 | 000,376,832 | ---- | C] (CyberLink Corp.) -- C:\Program Files\PowerDVD.exe
[2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/10/05 10:36:24 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/10/05 10:34:09 | 000,000,896 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/10/05 10:34:05 | 000,000,294 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-583907252-1770027372-725345543-500.job
[2013/10/05 10:33:50 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/10/05 10:33:05 | 000,030,912 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000002-00000000-00000009-00001102-00000004-10031102}.rfx
[2013/10/05 10:33:05 | 000,030,912 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000002-00000000-00000009-00001102-00000004-10031102}.rfx
[2013/10/05 10:33:05 | 000,030,120 | ---- | M] () -- C:\WINDOWS\System32\BMXCtrlState-{00000002-00000000-00000009-00001102-00000004-10031102}.rfx
[2013/10/05 10:33:05 | 000,030,120 | ---- | M] () -- C:\WINDOWS\System32\BMXBkpCtrlState-{00000002-00000000-00000009-00001102-00000004-10031102}.rfx
[2013/10/05 10:33:05 | 000,011,564 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000002-00000000-00000009-00001102-00000004-10031102}.rfx
[2013/10/05 10:33:05 | 000,002,064 | ---- | M] () -- C:\WINDOWS\System32\settingsbkup.sfm
[2013/10/05 10:33:05 | 000,002,064 | ---- | M] () -- C:\WINDOWS\System32\settings.sfm
[2013/10/05 10:29:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2013/10/05 10:15:00 | 000,001,010 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-583907252-1770027372-725345543-500UA.job
[2013/10/05 10:04:00 | 000,000,900 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/10/05 10:01:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/10/05 09:34:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
[2013/10/04 20:15:00 | 000,000,958 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-583907252-1770027372-725345543-500Core.job
[2013/10/04 12:16:19 | 000,000,452 | ---- | M] () -- C:\WINDOWS\tasks\Daily Scan.job
[2013/10/04 05:27:53 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013/10/02 19:04:24 | 000,002,098 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys
[2013/09/30 21:42:02 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2013/09/28 13:11:00 | 000,000,302 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-583907252-1770027372-725345543-500.job
[2013/09/23 17:00:54 | 000,000,768 | ---- | M] () -- C:\WINDOWS\System32\d3d8caps.dat
[2013/09/22 22:08:13 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2013/09/13 22:18:09 | 000,002,567 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Excel 2007.lnk
[2013/09/13 04:23:48 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013/09/13 04:23:45 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013/09/12 05:02:33 | 000,278,152 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/09/11 22:28:26 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/08/20 09:33:01 | 000,000,884 | RHS- | C] () -- C:\Documents and Settings\Administrator\ntuser.pol
[2013/07/26 09:36:21 | 000,048,640 | ---- | C] () -- C:\WINDOWS\System32\sdtnpm.dll
[2013/07/18 19:18:07 | 000,340,568 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2013/07/02 11:41:04 | 000,013,464 | ---- | C] () -- C:\WINDOWS\System32\drivers\SWDUMon.sys
[2013/03/07 07:18:48 | 000,000,664 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\d3d9caps.dat
[2012/11/29 22:47:43 | 000,000,108 | ---- | C] () -- C:\WINDOWS\MLMBrowser.INI
[2012/09/11 05:13:47 | 000,001,278 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2012/09/09 16:57:55 | 000,005,504 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2012/09/09 04:00:03 | 000,059,392 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\glhxxsvq
[2012/09/08 06:36:34 | 000,059,392 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\cgefxfsx
[2012/09/08 04:19:17 | 000,059,392 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\xgoqwxsv
[2012/09/07 13:28:06 | 000,059,392 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\eakavotx
[2012/09/07 03:38:18 | 000,059,392 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\siefblhk
[2012/09/06 13:55:41 | 000,059,392 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\jswxiswf
[2012/09/06 13:50:58 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\SharedSettings.ccs
[2012/05/22 18:42:32 | 000,000,153 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\default.rss
[2012/05/11 16:00:04 | 000,000,208 | ---- | C] () -- C:\WINDOWS\ActiveAct.INI
[2012/04/19 14:58:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2012/04/19 14:41:27 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2012/04/19 11:04:12 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2012/02/25 06:08:32 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/02/18 00:26:37 | 001,468,799 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-583907252-1770027372-725345543-500-0.dat
[2012/02/18 00:26:34 | 000,280,650 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2012/02/17 07:44:07 | 000,000,744 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.400.32.bc
[2011/12/29 11:13:57 | 000,034,308 | ---- | C] () -- C:\WINDOWS\System32\Chip.dll
[2011/11/08 05:12:59 | 001,183,744 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcjserv.dll
[2011/11/08 05:12:59 | 001,122,304 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcjusb1.dll
[2011/11/08 05:12:59 | 000,155,648 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcjprox.dll
[2011/11/08 05:12:59 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxcjvs.dll
[2011/11/08 05:12:58 | 000,770,048 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcjhbn3.dll
[2011/11/08 05:12:58 | 000,704,512 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcjcomc.dll
[2011/11/08 05:12:58 | 000,630,784 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcjpmui.dll
[2011/11/08 05:12:58 | 000,491,520 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcjlmpm.dll
[2011/11/08 05:12:58 | 000,491,520 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcjcoms.exe
[2011/11/08 05:12:58 | 000,413,696 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcjcomm.dll
[2011/11/08 05:12:58 | 000,372,736 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcjih.exe
[2011/11/08 05:12:58 | 000,368,640 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcjcfg.exe
[2011/11/08 05:12:58 | 000,114,688 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcjpplc.dll
[2011/11/05 15:07:10 | 000,000,088 | RHS- | C] () -- C:\Documents and Settings\All Users\Application Data\8E76001A22.sys
[2009/09/20 14:53:43 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\inst.exe
[2009/09/20 14:44:04 | 000,000,040 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\.zreglib
[2009/09/02 17:40:31 | 000,103,784 | ---- | C] () -- C:\Documents and Settings\Administrator\GoToAssistDownloadHelper.exe
[2009/04/22 15:24:58 | 000,000,088 | RHS- | C] () -- C:\Documents and Settings\All Users\Application Data\1B29BB592B.sys
[2009/04/22 15:24:57 | 000,002,098 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys
[2009/03/08 06:02:27 | 000,000,109 | ---- | C] () -- C:\Documents and Settings\Administrator\default.pls
[2009/02/16 11:38:25 | 000,060,864 | ---- | C] () -- C:\Documents and Settings\Administrator\g2mdlhlpx.exe
[2009/01/25 08:57:32 | 000,029,696 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/01/22 11:09:03 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\ezpinst.exe
[2009/01/22 11:09:03 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\pcouffin.cat
[2009/01/22 11:09:03 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\pcouffin.inf

========== ZeroAccess Check ==========

[2012/07/14 19:11:12 | 000,000,596 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkey\Profiles\pl6wiyw8.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}\defaults\printing\icons\@.png
[2009/01/15 22:40:38 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[2011/11/26 09:57:21 | 000,000,000 | ---D | M] -- C:\WINDOWS\assembly\GAC_MSIL\Act.Outlook.Service.Desktop

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/13 19:12:05 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 07:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/13 19:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== Alternate Data Streams ==========

@Alternate Data Stream - 216 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7ADA8871
@Alternate Data Stream - 215 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:6F1F66C0
@Alternate Data Stream - 212 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:38DE6D05
@Alternate Data Stream - 200 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7BA83BF4
@Alternate Data Stream - 172 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0CE7F3C9
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:373E1720
@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:24051EFF

< End of report >
thom15
Regular Member
 
Posts: 42
Joined: July 11th, 2008, 11:49 pm

Re: my computer will restart at random

Unread postby nunped » October 5th, 2013, 12:38 pm

Hi thom15,

no OTL fix

What do you mean?
The fix didn't run? There was no log?

Are you still experiencing problems with your computer?
User avatar
nunped
MRU Honors Grad Emeritus
 
Posts: 1210
Joined: August 17th, 2011, 5:03 pm
Location: Portugal

Re: my computer will restart at random

Unread postby thom15 » October 5th, 2013, 1:58 pm

after running olt
the OTL logfile created on: 10/5/2013 12:36:32 PM - Run 7 poped up
when i click on run fix no has been provided click on ok to load it from a file
whin i click on ok i get this message
cannot open file c:\documents and settings\adminstrator\destop\fix.txt.
i click ok and get nothing
thom15
Regular Member
 
Posts: 42
Joined: July 11th, 2008, 11:49 pm

Re: my computer will restart at random

Unread postby nunped » October 6th, 2013, 5:45 am

Hi thom15,

If I understood correctly you didn't copy the text I provided you:
Code: Select all
:commands
[createrestorepoint]

:OTL
SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe -- (vToolbarUpdater15.5.0)
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\..\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}: "URL" = http://www.inbox.com/search/dispatcher. ... s&qkw= {searchTerms}&tbid=70001
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\..\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}: "URL" = http://www.inbox.com/search/dispatcher. ... s&qkw= {searchTerms}&tbid=70001
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-583907252-1770027372-725345543-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.iminent.com/?appId=1C89CFA ... BCFB8F4BAC
IE - HKU\S-1-5-21-583907252-1770027372-725345543-500\..\SearchScopes\{2256D71E-BC53-4933-9D3A-D5535DB30265}: "URL" = http://search.avg.com/route/?d=4d14e073 ... =chrome&q= {searchTerms}&lng={language}&iy=&ychte=us
IE - HKU\S-1-5-21-583907252-1770027372-725345543-500\..\SearchScopes\{5F427495-5C6C-444D-8516-861A536191DA}: "URL" = http://search.avg.com/route/?d=4e30bc50 ... =chrome&q= {searchTerms}&lng={language}&iy=&ychte=us
IE - HKU\S-1-5-21-583907252-1770027372-725345543-500\..\SearchScopes\{A4862931-C9B9-4C52-A4F4-C7B20FD5B952}: "URL" = http://search.conduit.com/ResultsExt.aspx?q= {searchTerms}&SearchSource=4&ctid=CT3291679&CUI=UN68023012417131119&UM=2
FF - prefs.js..browser.startup.homepage: "http://mysearch.avg.com/?cid={97454E7F-3BAB-4AC9-B881-CB0AEA2DEB94}&mid=f359e15a2b1ef11bcdb955c06a4a3d6e-1680464a21a017e42b382492c130b8ad24bd6e86&lang=en&ds=co011&pr=sa&d=2013-08-30 04:31:53&v=15.5.0.2&pid=safeguard&sg=0&sap=hp"
FF - prefs.js..browser.startup.homepage: "http://start.iminent.com/?appId=1C89CFAC-D090-4F9E-B286-2CBCFB8F4BAC"
FF - prefs.js..browser.search.selectedEngine: "StartWeb"
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}: C:\Program Files\Updater By SweetPacks\Firefox
[2013/08/22 10:33:46 | 000,000,000 | ---D | M] (Iminent Toolbar) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\g9clsfpo.default\extensions\ffxtlbr@iminent.com
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Reg Error: Value error.) - {B753C7C5-0942-4b7f-BC27-942B52BDAC66} - C:\Program Files\StopSign\PopupBlocker\sspopupblocker.dll (eAcceleration Corp )
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKU\S-1-5-21-583907252-1770027372-725345543-500\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Value error.)
O16 - DPF: {8BBDC81D-81B3-49EE-87E8-47B7A707FAE8} https://www2.gotomeeting.com/default/ap ... 2mdlax.cab (GoToMeeting/GoToWebinar Web Starter)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_33)
O32 - AutoRun File - [2009/01/12 21:11:39 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/01/12 21:11:39 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{8146574b-c98f-11df-9fb3-000bdb74528e}\Shell - "" = AutoRun
O33 - MountPoints2\{8146574b-c98f-11df-9fb3-000bdb74528e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{8146574b-c98f-11df-9fb3-000bdb74528e}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL JaiJAeQ.EXe
O33 - MountPoints2\{88419c08-31a3-11de-a705-000d56a04924}\Shell - "" = AutoRun
O33 - MountPoints2\{88419c08-31a3-11de-a705-000d56a04924}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{88419c08-31a3-11de-a705-000d56a04924}\Shell\AutoRun\command - "" = F:\bobo.bat
O33 - MountPoints2\{b1bedfd2-9767-11df-9f5f-000bdb74528e}\Shell\AutoRun\command - "" = I:\setupSNK.exe
O33 - MountPoints2\{d306922a-97ea-11df-9f60-000bdb74528e}\Shell - "" = AutoRun
O33 - MountPoints2\{d306922a-97ea-11df-9f60-000bdb74528e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{d306922a-97ea-11df-9f60-000bdb74528e}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL JaijaEQ.exE
@Alternate Data Stream - 216 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7ADA8871
@Alternate Data Stream - 215 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:6F1F66C0
@Alternate Data Stream - 212 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:38DE6D05
@Alternate Data Stream - 200 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7BA83BF4
@Alternate Data Stream - 172 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0CE7F3C9
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:373E1720
@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:24051EFF

:commands
[emptytemp]

You have to copy it to the Custom Scans/Fixes box on OTL and only after that shall you click on Run Fix.

Also:
Are you still experiencing problems with your computer?
User avatar
nunped
MRU Honors Grad Emeritus
 
Posts: 1210
Joined: August 17th, 2011, 5:03 pm
Location: Portugal

Re: my computer will restart at random

Unread postby thom15 » October 6th, 2013, 8:39 am

olt fix
i due not know if my computer is fixed.
if we wait a week. i will know and post then.
what due you see on the reports.is this fixed??
You do not have the required permissions to view the files attached to this post.
thom15
Regular Member
 
Posts: 42
Joined: July 11th, 2008, 11:49 pm

Re: my computer will restart at random

Unread postby nunped » October 6th, 2013, 6:19 pm

Hi thom15,

Please do not post files as an attachment. Paste them in your answers.

You didn´t run the OTL fix correctly. Please try again, following my instructions carefully and asking if you don't understand any of the steps:

  • Double click OTL.exe to launch the program.
  • Copy/Paste the contents of the code box below into the Custom Scans/Fixes box.
  • (Click the select all button next to the codebox to select the entire script).
Code: Select all
:commands
[createrestorepoint]

:OTL
SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe -- (vToolbarUpdater15.5.0)
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\..\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}: "URL" = http://www.inbox.com/search/dispatcher. ... s&qkw= {searchTerms}&tbid=70001
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\..\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}: "URL" = http://www.inbox.com/search/dispatcher. ... s&qkw= {searchTerms}&tbid=70001
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-583907252-1770027372-725345543-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.iminent.com/?appId=1C89CFA ... BCFB8F4BAC
IE - HKU\S-1-5-21-583907252-1770027372-725345543-500\..\SearchScopes\{2256D71E-BC53-4933-9D3A-D5535DB30265}: "URL" = http://search.avg.com/route/?d=4d14e073 ... =chrome&q= {searchTerms}&lng={language}&iy=&ychte=us
IE - HKU\S-1-5-21-583907252-1770027372-725345543-500\..\SearchScopes\{5F427495-5C6C-444D-8516-861A536191DA}: "URL" = http://search.avg.com/route/?d=4e30bc50 ... =chrome&q= {searchTerms}&lng={language}&iy=&ychte=us
IE - HKU\S-1-5-21-583907252-1770027372-725345543-500\..\SearchScopes\{A4862931-C9B9-4C52-A4F4-C7B20FD5B952}: "URL" = http://search.conduit.com/ResultsExt.aspx?q= {searchTerms}&SearchSource=4&ctid=CT3291679&CUI=UN68023012417131119&UM=2
FF - prefs.js..browser.startup.homepage: "http://mysearch.avg.com/?cid={97454E7F-3BAB-4AC9-B881-CB0AEA2DEB94}&mid=f359e15a2b1ef11bcdb955c06a4a3d6e-1680464a21a017e42b382492c130b8ad24bd6e86&lang=en&ds=co011&pr=sa&d=2013-08-30 04:31:53&v=15.5.0.2&pid=safeguard&sg=0&sap=hp"
FF - prefs.js..browser.startup.homepage: "http://start.iminent.com/?appId=1C89CFAC-D090-4F9E-B286-2CBCFB8F4BAC"
FF - prefs.js..browser.search.selectedEngine: "StartWeb"
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}: C:\Program Files\Updater By SweetPacks\Firefox
[2013/08/22 10:33:46 | 000,000,000 | ---D | M] (Iminent Toolbar) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\g9clsfpo.default\extensions\ffxtlbr@iminent.com
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Reg Error: Value error.) - {B753C7C5-0942-4b7f-BC27-942B52BDAC66} - C:\Program Files\StopSign\PopupBlocker\sspopupblocker.dll (eAcceleration Corp )
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKU\S-1-5-21-583907252-1770027372-725345543-500\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Value error.)
O16 - DPF: {8BBDC81D-81B3-49EE-87E8-47B7A707FAE8} https://www2.gotomeeting.com/default/ap ... 2mdlax.cab (GoToMeeting/GoToWebinar Web Starter)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_33)
O32 - AutoRun File - [2009/01/12 21:11:39 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/01/12 21:11:39 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{8146574b-c98f-11df-9fb3-000bdb74528e}\Shell - "" = AutoRun
O33 - MountPoints2\{8146574b-c98f-11df-9fb3-000bdb74528e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{8146574b-c98f-11df-9fb3-000bdb74528e}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL JaiJAeQ.EXe
O33 - MountPoints2\{88419c08-31a3-11de-a705-000d56a04924}\Shell - "" = AutoRun
O33 - MountPoints2\{88419c08-31a3-11de-a705-000d56a04924}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{88419c08-31a3-11de-a705-000d56a04924}\Shell\AutoRun\command - "" = F:\bobo.bat
O33 - MountPoints2\{b1bedfd2-9767-11df-9f5f-000bdb74528e}\Shell\AutoRun\command - "" = I:\setupSNK.exe
O33 - MountPoints2\{d306922a-97ea-11df-9f60-000bdb74528e}\Shell - "" = AutoRun
O33 - MountPoints2\{d306922a-97ea-11df-9f60-000bdb74528e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{d306922a-97ea-11df-9f60-000bdb74528e}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL JaijaEQ.exE
@Alternate Data Stream - 216 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7ADA8871
@Alternate Data Stream - 215 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:6F1F66C0
@Alternate Data Stream - 212 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:38DE6D05
@Alternate Data Stream - 200 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7BA83BF4
@Alternate Data Stream - 172 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0CE7F3C9
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:373E1720
@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:24051EFF

:commands
[emptytemp]

  • Click the Run Fix button.
  • OTL will now process the instructions.
  • When finished a box will open asking you to open the fix log, click OK.
  • The fix log will open.
  • Copy/Paste the log in your next reply please.

Note: If necessary, OTL may re-boot your computer, or request that you do so, if it does, re-boot your computer. A log will be produced upon re-boot.
User avatar
nunped
MRU Honors Grad Emeritus
 
Posts: 1210
Joined: August 17th, 2011, 5:03 pm
Location: Portugal

Re: my computer will restart at random

Unread postby thom15 » October 6th, 2013, 8:01 pm

All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== OTL ==========
Service vToolbarUpdater15.5.0 stopped successfully!
Service vToolbarUpdater15.5.0 deleted successfully!
File C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\{A3BC75A2-1F87-4686-AA43-5347D756017C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C}\ not found.
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\{A3BC75A2-1F87-4686-AA43-5347D756017C} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C}\ not found.
HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}\ not found.
HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKU\S-1-5-21-583907252-1770027372-725345543-500\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-583907252-1770027372-725345543-500\Software\Microsoft\Internet Explorer\SearchScopes\{2256D71E-BC53-4933-9D3A-D5535DB30265}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2256D71E-BC53-4933-9D3A-D5535DB30265}\ not found.
Registry key HKEY_USERS\S-1-5-21-583907252-1770027372-725345543-500\Software\Microsoft\Internet Explorer\SearchScopes\{5F427495-5C6C-444D-8516-861A536191DA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5F427495-5C6C-444D-8516-861A536191DA}\ not found.
Registry key HKEY_USERS\S-1-5-21-583907252-1770027372-725345543-500\Software\Microsoft\Internet Explorer\SearchScopes\{A4862931-C9B9-4C52-A4F4-C7B20FD5B952}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A4862931-C9B9-4C52-A4F4-C7B20FD5B952}\ not found.
Prefs.js: "http://mysearch.avg.com/?cid={97454E7F-3BAB-4AC9-B881-CB0AEA2DEB94}&mid=f359e15a2b1ef11bcdb955c06a4a3d6e-1680464a21a017e42b382492c130b8ad24bd6e86&lang=en&ds=co011&pr=sa&d=2013-08-30 04:31:53&v=15.5.0.2&pid=safeguard&sg=0&sap=hp" removed from browser.startup.homepage
Prefs.js: "http://start.iminent.com/?appId=1C89CFAC-D090-4F9E-B286-2CBCFB8F4BAC" removed from browser.startup.homepage
Prefs.js: "StartWeb" removed from browser.search.selectedEngine
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}\ not found.
File C:\Program Files\Updater By SweetPacks\Firefox not found.
Folder C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\g9clsfpo.default\extensions\ffxtlbr@iminent.com\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B753C7C5-0942-4b7f-BC27-942B52BDAC66}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B753C7C5-0942-4b7f-BC27-942B52BDAC66}\ not found.
File C:\Program Files\StopSign\PopupBlocker\sspopupblocker.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}\ not found.
Registry value HKEY_USERS\S-1-5-21-583907252-1770027372-725345543-500\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{A057A204-BACC-4D26-9990-79A187E2698E} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A057A204-BACC-4D26-9990-79A187E2698E}\ not found.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {8BBDC81D-81B3-49EE-87E8-47B7A707FAE8}
C:\WINDOWS\Downloaded Program Files\g2mdlax.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8BBDC81D-81B3-49EE-87E8-47B7A707FAE8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8BBDC81D-81B3-49EE-87E8-47B7A707FAE8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8BBDC81D-81B3-49EE-87E8-47B7A707FAE8}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8BBDC81D-81B3-49EE-87E8-47B7A707FAE8}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
C:\AUTOEXEC.BAT moved successfully.
D:\AUTOEXEC.BAT moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8146574b-c98f-11df-9fb3-000bdb74528e}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8146574b-c98f-11df-9fb3-000bdb74528e}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8146574b-c98f-11df-9fb3-000bdb74528e}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8146574b-c98f-11df-9fb3-000bdb74528e}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8146574b-c98f-11df-9fb3-000bdb74528e}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8146574b-c98f-11df-9fb3-000bdb74528e}\ not found.
File C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL JaiJAeQ.EXe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{88419c08-31a3-11de-a705-000d56a04924}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88419c08-31a3-11de-a705-000d56a04924}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{88419c08-31a3-11de-a705-000d56a04924}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88419c08-31a3-11de-a705-000d56a04924}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{88419c08-31a3-11de-a705-000d56a04924}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88419c08-31a3-11de-a705-000d56a04924}\ not found.
File F:\bobo.bat not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b1bedfd2-9767-11df-9f5f-000bdb74528e}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b1bedfd2-9767-11df-9f5f-000bdb74528e}\ not found.
File I:\setupSNK.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d306922a-97ea-11df-9f60-000bdb74528e}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d306922a-97ea-11df-9f60-000bdb74528e}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d306922a-97ea-11df-9f60-000bdb74528e}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d306922a-97ea-11df-9f60-000bdb74528e}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d306922a-97ea-11df-9f60-000bdb74528e}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d306922a-97ea-11df-9f60-000bdb74528e}\ not found.
File C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL JaijaEQ.exE not found.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:7ADA8871 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:6F1F66C0 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:38DE6D05 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:7BA83BF4 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:0CE7F3C9 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:373E1720 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:24051EFF deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 1997396289 bytes
->Temporary Internet Files folder emptied: 331435082 bytes
->Java cache emptied: 59686744 bytes
->FireFox cache emptied: 62848379 bytes
->Google Chrome cache emptied: 17086047 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 87143 bytes

User: All Users

User: BRANDON TAX

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41044 bytes

User: Documents and Settings

User: Downloads

User: HelpAssistant
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41044 bytes

User: LEGACY FOR LIFE

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 1254320 bytes

User: NetworkService
->Temp folder emptied: 3046806 bytes
->Temporary Internet Files folder emptied: 998708155 bytes

User: NEW DESTOP PICTURES

User: THE LEGACY OF LOVE MINISTRY

User: THOM ALL MY TAXES

User: TurboTax

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 2577 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 56130511 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 559970436 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 1210545116 bytes

Total Files Cleaned = 5,053.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 10062013_181839

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
thom15
Regular Member
 
Posts: 42
Joined: July 11th, 2008, 11:49 pm

Re: my computer will restart at random

Unread postby nunped » October 7th, 2013, 7:00 am

Hi thom15,

Good job!

Now,


ESET NOD32 Online Scan
Note: If using Mozilla Firefox you will need to download "esetsmartinstaller_enu.exe" when prompted... then right click on it and select "run as administrator" to install.
Please temporarily disable your Anti-virus real-time protection. If active, it could impact the online scan.
Do NOT use the computer while the scan is running... make sure all other programs and windows are closed!


Please go to ESET Online Scanner - © ESET All Rights Reserved... to run an online scan.
  • Click the [Run ESET Online Scanner] button.
  • Read the End User License Agreement and check the box: [Yes, I accept the terms of use].
  • Click the green [Start] button.
  • Accept any security warnings from your browser and allow the download/installation of any require files.
    If your browser blocks or halts a download, please allow it to download any required files.
  • Under scan settings:
    • Check "Scan archives"
    • Remove found threats is UNCHECKED
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click the [Start] button.
    ESET will install itself, download virus signature database updates and begin scanning your computer.
    The scan will take a while so please be patient. Do NOT use the computer while the scan is running.
  • When the scan completes, press the text: Image
  • Press the text: Image ... then save the file to your desktop as ESETScan.txt.
  • Press the [Back] button, then press the [Finish] button.
  • Copy and paste the contents of ESETScan.txt in your next reply.
    Note: If no threats are found, there is no option to create a log. Just report back to me there was nothing found.

Remember to enable your Anti-virus protection before continuing!
User avatar
nunped
MRU Honors Grad Emeritus
 
Posts: 1210
Joined: August 17th, 2011, 5:03 pm
Location: Portugal

Re: my computer will restart at random

Unread postby thom15 » October 7th, 2013, 6:53 pm

C:\AdwCleaner\Quarantine\C\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\g9clsfpo.default\Extensions\plugin@yontoo.com\content\overlay.js.vir Win32/Adware.Yontoo application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\optimizer pro\OptimizerPro.exe.vir a variant of Win32/SpeedingUpMyPC application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\optimizer pro\OptProSmartScan.exe.vir a variant of Win32/Adware.SpeedingUpMyPC.C application cleaned by deleting - quarantined
C:\Documents and Settings\Administrator\Desktop\MELWARE\Setup.exe a variant of Win32/Kryptik.BLXE trojan cleaned by deleting - quarantined
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmgjcfciomphoojcgkgbhhlcdmbbbbjn\2.2\Rd74nh.js Win32/Adware.MultiPlug.H application cleaned by deleting - quarantined
C:\Documents and Settings\Administrator\Local Settings\Application Data\Torch\User Data\Default\Extensions\epojlgbehpaeekopencdagbdamnkppci\1.128_0\cs.js Win32/Adware.AddLyrics.L application cleaned by deleting - quarantined
C:\Documents and Settings\Administrator\Local Settings\Application Data\Torch\User Data\Default\Extensions\jmgjcfciomphoojcgkgbhhlcdmbbbbjn\2.2\Rd74nh.js Win32/Adware.MultiPlug.H application cleaned by deleting - quarantined
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BarowwsoeSave1.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\YontooPagerage2.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
D:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\g9clsfpo.default\extensions\plugin@yontoo.com\content\overlay.js Win32/Adware.Yontoo application cleaned by deleting - quarantined
D:\Documents and Settings\Administrator\Local Settings\Temp\Doma\FlashPlayer_151\software\OptimizerPro.exe a variant of Win32/SpeedingUpMyPC.B application cleaned by deleting - quarantined
D:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BarowwsoeSave1.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
D:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\YontooPagerage2.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
D:\WINDOWS\Temp\Optimizer_Pro.exe multiple threats cleaned by deleting - quarantined
thom15
Regular Member
 
Posts: 42
Joined: July 11th, 2008, 11:49 pm
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 281 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware