Redirecting in firefox
-
Redirecting in firefox
first off I'm using windows 7.
I had the stupid Anti-malware doctor episode yesterday, I got that fixed but now anytime I click on a link from a search site, I get redirected to any number of stupid sites. If I type the direct address of the site I want to go to it works fine and I can navigate that specific site with its links, but other than that all search links redirect me.
I have :
AVG
Malwarebytes
Hijack this
and ad-aware,
I've ran them all and still I cant get browse properly
any ideas?
-
Here are my Logs:
MALWAREBYTES LOG:
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Database version: 4440
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
8/17/2010 10:53:20 AM
mbam-log-2010-08-17 (10-53-20).txt
Scan type: Quick scan
Objects scanned: 137607
Time elapsed: 18 minute(s), 3 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
Last edited by racethetrain; 17-08-2010 at 08:27 PM.
-
GMER LOG:
GMER 1.0.15.15281 - GMER - Rootkit Detector and Remover
Rootkit quick scan 2010-08-17 10:58:36
Windows 6.1.7600
Running: hu0esl9c.exe; Driver: C:\Users\Owner\AppData\Local\Temp\kglcapow.sys
---- System - GMER 1.0.15 ----
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwCreateProcessEx [0x8B577B9C]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwCreateSection [0x8B5779C0]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) NtCreateSection
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ObMakeTemporaryObject
---- Devices - GMER 1.0.15 ----
AttachedDevice \Driver\tdx \Device\Ip SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\tdx \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\tdx \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\tdx \Device\Tcp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\tdx \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\tdx \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\tdx \Device\Udp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\tdx \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\tdx \Device\RawIp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\tdx \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (Kernel Mode Driver Framework Runtime/Microsoft Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (Kernel Mode Driver Framework Runtime/Microsoft Corporation)
---- EOF - GMER 1.0.15 ----
-
MBRCHECK LOG:
MBRCheck, version 1.2.3
(c) 2010, AD
Command-line:
Windows Version: Windows 7 Ultimate Edition
Windows Information: (build 7600), 32-bit
Base Board Manufacturer: Hewlett-Packard
BIOS Manufacturer: Hewlett-Packard
System Manufacturer: Hewlett-Packard
System Product Name: Compaq Mini 110c-1100
Logical Drives Mask: 0x0000001c
Kernel Drivers (total 207):
0x81A4C000 \SystemRoot\system32\ntkrnlpa.exe
0x81A15000 \SystemRoot\system32\halmacpi.dll
0x818DE000 \SystemRoot\system32\kdcom.dll
0x8602E000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x860A6000 \SystemRoot\system32\PSHED.dll
0x860B7000 \SystemRoot\system32\BOOTVID.dll
0x860BF000 \SystemRoot\system32\CLFS.SYS
0x86101000 \SystemRoot\system32\CI.dll
0x86223000 \SystemRoot\system32\drivers\Wdf01000.sys
0x86294000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x862A2000 \SystemRoot\system32\DRIVERS\ACPI.sys
0x862EA000 \SystemRoot\system32\DRIVERS\WMILIB.SYS
0x862F3000 \SystemRoot\system32\DRIVERS\msisadrv.sys
0x862FB000 \SystemRoot\system32\DRIVERS\pci.sys
0x86325000 \SystemRoot\system32\DRIVERS\vdrvroot.sys
0x86330000 \SystemRoot\System32\drivers\partmgr.sys
0x86341000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x86349000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x86354000 \SystemRoot\system32\DRIVERS\volmgr.sys
0x86364000 \SystemRoot\System32\drivers\volmgrx.sys
0x863AF000 \SystemRoot\System32\drivers\mountmgr.sys
0x86428000 \SystemRoot\system32\DRIVERS\iaStor.sys
0x86502000 \SystemRoot\system32\DRIVERS\atapi.sys
0x8650B000 \SystemRoot\system32\DRIVERS\ataport.SYS
0x8652E000 \SystemRoot\system32\DRIVERS\msahci.sys
0x86538000 \SystemRoot\system32\DRIVERS\PCIIDEX.SYS
0x86546000 \SystemRoot\system32\DRIVERS\amdxata.sys
0x8654F000 \SystemRoot\system32\drivers\fltmgr.sys
0x86583000 \SystemRoot\system32\drivers\fileinfo.sys
0x86594000 \SystemRoot\system32\drivers\NIS\1007000.01E\SYMEF A.SYS
0x8661A000 \SystemRoot\System32\Drivers\Ntfs.sys
0x86749000 \SystemRoot\System32\Drivers\msrpc.sys
0x86774000 \SystemRoot\System32\Drivers\ksecdd.sys
0x86787000 \SystemRoot\System32\Drivers\cng.sys
0x867E4000 \SystemRoot\System32\drivers\pcw.sys
0x867F2000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x86803000 \SystemRoot\system32\drivers\ndis.sys
0x868BA000 \SystemRoot\system32\drivers\NETIO.SYS
0x868F8000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x86A33000 \SystemRoot\System32\drivers\tcpip.sys
0x86B7C000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x86BAD000 \SystemRoot\system32\DRIVERS\volsnap.sys
0x86BEC000 \SystemRoot\System32\Drivers\spldr.sys
0x86A00000 \SystemRoot\System32\drivers\rdyboost.sys
0x8691D000 \SystemRoot\System32\Drivers\mup.sys
0x86BF4000 \SystemRoot\System32\drivers\hwpolicy.sys
0x8692D000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x8695F000 \SystemRoot\system32\DRIVERS\disk.sys
0x86970000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
0x86995000 \SystemRoot\System32\Drivers\avgrkx86.sys
0x8992D000 \SystemRoot\System32\Drivers\Null.SYS
0x89934000 \SystemRoot\System32\Drivers\Beep.SYS
0x8993B000 \SystemRoot\System32\drivers\vga.sys
0x89947000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x89968000 \SystemRoot\System32\drivers\watchdog.sys
0x89975000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x8997D000 \SystemRoot\system32\drivers\rdpencdd.sys
0x89985000 \SystemRoot\system32\drivers\rdprefmp.sys
0x8998D000 \SystemRoot\System32\Drivers\Msfs.SYS
0x89998000 \SystemRoot\System32\Drivers\Npfs.SYS
0x899A6000 \SystemRoot\system32\DRIVERS\tdx.sys
0x899BD000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x899C8000 \SystemRoot\System32\Drivers\aswTdi.SYS
0x869AE000 \SystemRoot\system32\drivers\NIS\1007000.01E\SYMTD I.SYS
0x899D2000 \??\C:\Windows\system32\Drivers\SYMEVENT.SYS
0x863C5000 \SystemRoot\System32\Drivers\avgtdix.sys
0x861AC000 \SystemRoot\System32\DRIVERS\netbt.sys
0x8AE17000 \SystemRoot\system32\drivers\afd.sys
0x8AE71000 \SystemRoot\System32\Drivers\aswRdr.SYS
0x8AE76000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x8AE7D000 \SystemRoot\system32\DRIVERS\pacer.sys
0x8AE9C000 \SystemRoot\system32\DRIVERS\vwififlt.sys
0x8AEAD000 \SystemRoot\system32\DRIVERS\SymIMv.sys
0x8AEB6000 \SystemRoot\system32\DRIVERS\netbios.sys
0x8AEC4000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x8AED7000 \SystemRoot\system32\DRIVERS\termdd.sys
0x8AEE7000 \SystemRoot\system32\drivers\NIS\1007000.01E\SRTSP X.SYS
0x8AEF1000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x8AF32000 \SystemRoot\system32\drivers\nsiproxy.sys
0x8AF3C000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x8AF46000 \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20100224. 002\IDSvix86.sys
0x8AF9E000 \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
0x8B404000 \??\C:\Windows\system32\drivers\dtcdrom.sys
0x8B439000 \SystemRoot\System32\drivers\discache.sys
0x8B445000 \SystemRoot\System32\Drivers\dfsc.sys
0x8B45D000 \SystemRoot\system32\drivers\NIS\1007000.01E\ccHPx 86.sys
0x8B4D8000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x8B4E6000 \SystemRoot\system32\drivers\NIS\1007000.01E\BHDrv x86.sys
0x8B528000 \SystemRoot\System32\Drivers\avgmfx86.sys
0x8B52E000 \SystemRoot\System32\Drivers\avgldx86.sys
0x8B562000 \SystemRoot\System32\Drivers\aswSP.SYS
0x8B589000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x8B5AA000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x8F021000 \SystemRoot\system32\DRIVERS\igdkmd32.sys
0x8F52A000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x8B5BC000 \SystemRoot\System32\drivers\dxgmms1.sys
0x8F5E1000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x8F628000 \SystemRoot\system32\DRIVERS\bcmwl6.sys
0x8F88F000 \SystemRoot\system32\DRIVERS\vwifibus.sys
0x8F899000 \SystemRoot\system32\DRIVERS\L1C62x86.sys
0x8F8A9000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0x8F8B4000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x8F8FF000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x8F90E000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x8F926000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x8F933000 \SystemRoot\system32\DRIVERS\SynTP.sys
0x8F966000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x8F968000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x8F975000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x8F979000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x8F982000 \SystemRoot\system32\DRIVERS\CompositeBus.sys
0x8F98F000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x8F9A1000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x8F9B9000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x8F9C4000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x8F9E6000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x8F600000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x8F000000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x8F617000 \SystemRoot\system32\DRIVERS\rdpbus.sys
0x8F621000 \SystemRoot\system32\DRIVERS\swenum.sys
0x90212000 \SystemRoot\system32\DRIVERS\ks.sys
0x90246000 \SystemRoot\system32\DRIVERS\umbus.sys
0x90254000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x90298000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x902A9000 \SystemRoot\system32\DRIVERS\stwrt.sys
0x90310000 \SystemRoot\system32\DRIVERS\portcls.sys
0x9033F000 \SystemRoot\system32\DRIVERS\drmk.sys
0x90358000 \SystemRoot\System32\Drivers\crashdmp.sys
0x89800000 \SystemRoot\System32\Drivers\dump_iaStor.sys
0x90365000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x80C70000 \SystemRoot\System32\win32k.sys
0x90376000 \SystemRoot\System32\drivers\Dxapi.sys
0x90380000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x9038B000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x9039E000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x903A5000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x903B0000 \SystemRoot\system32\DRIVERS\monitor.sys
0x80ED0000 \SystemRoot\System32\TSDDD.dll
0x80F00000 \SystemRoot\System32\cdd.dll
0x903BB000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x903D2000 \SystemRoot\System32\Drivers\usbvideo.sys
0x80F20000 \SystemRoot\System32\ATMFD.DLL
0x898DA000 \SystemRoot\system32\drivers\luafv.sys
0x8AE00000 \??\C:\Windows\system32\drivers\aswMonFlt.sys
0x903F6000 \SystemRoot\System32\Drivers\aswFsBlk.SYS
0x898F5000 \SystemRoot\system32\drivers\WudfPf.sys
0x90200000 \SystemRoot\system32\DRIVERS\lltdio.sys
0xA7A0D000 \SystemRoot\system32\DRIVERS\nwifi.sys
0xA7A53000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xA7A63000 \SystemRoot\system32\DRIVERS\rspndr.sys
0xA7A76000 \SystemRoot\system32\drivers\HTTP.sys
0xA7AFB000 \SystemRoot\system32\DRIVERS\bowser.sys
0xA7B14000 \SystemRoot\System32\drivers\mpsdrv.sys
0xA7B26000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xA7B49000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0xA7B84000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0xACC2D000 \SystemRoot\system32\drivers\peauth.sys
0xACCC4000 \SystemRoot\System32\Drivers\secdrv.SYS
0xACCCE000 \SystemRoot\System32\DRIVERS\srvnet.sys
0xACCEF000 \SystemRoot\System32\drivers\tcpipreg.sys
0xACCFC000 \SystemRoot\System32\DRIVERS\srv2.sys
0xACD4B000 \SystemRoot\System32\DRIVERS\srv.sys
0xACD9C000 \SystemRoot\System32\drivers\rdpdr.sys
0xACDC1000 \SystemRoot\system32\drivers\tdtcp.sys
0xACDCB000 \SystemRoot\System32\DRIVERS\tssecsrv.sys
0xA7BB7000 \SystemRoot\System32\Drivers\RDPWD.SYS
0xB646E000 \SystemRoot\system32\DRIVERS\asyncmac.sys
0xB647F000 \??\C:\Users\Owner\AppData\Local\Temp\kglcapow.sys
0x76F20000 \Windows\System32\ntdll.dll
0x47B70000 \Windows\System32\smss.exe
0x77160000 \Windows\System32\apisetschema.dll
0x00EA0000 \Windows\System32\autochk.exe
0x770A0000 \Windows\System32\msvcrt.dll
0x77080000 \Windows\System32\sechost.dll
0x76E90000 \Windows\System32\clbcatq.dll
0x76D30000 \Windows\System32\ole32.dll
0x76CD0000 \Windows\System32\shlwapi.dll
0x76BF0000 \Windows\System32\kernel32.dll
0x75FA0000 \Windows\System32\shell32.dll
0x75EF0000 \Windows\System32\rpcrt4.dll
0x75D50000 \Windows\System32\setupapi.dll
0x77070000 \Windows\System32\nsi.dll
0x75CD0000 \Windows\System32\comdlg32.dll
0x75C80000 \Windows\System32\gdi32.dll
0x75BB0000 \Windows\System32\user32.dll
0x75B70000 \Windows\System32\ws2_32.dll
0x75A70000 \Windows\System32\wininet.dll
0x75A10000 \Windows\System32\difxapi.dll
0x77060000 \Windows\System32\psapi.dll
0x75970000 \Windows\System32\advapi32.dll
0x758D0000 \Windows\System32\usp10.dll
0x758C0000 \Windows\System32\lpk.dll
0x757F0000 \Windows\System32\msctf.dll
0x757C0000 \Windows\System32\imagehlp.dll
0x757A0000 \Windows\System32\imm32.dll
0x755A0000 \Windows\System32\iertutil.dll
0x75590000 \Windows\System32\normaliz.dll
0x75450000 \Windows\System32\urlmon.dll
0x753C0000 \Windows\System32\oleaut32.dll
0x75370000 \Windows\System32\Wldap32.dll
0x75340000 \Windows\System32\wintrust.dll
0x75220000 \Windows\System32\crypt32.dll
0x75190000 \Windows\System32\comctl32.dll
0x75160000 \Windows\System32\cfgmgr32.dll
0x75140000 \Windows\System32\devobj.dll
0x750F0000 \Windows\System32\KernelBase.dll
0x750E0000 \Windows\System32\msasn1.dll
Processes (total 75):
0 System Idle Process
4 System
312 C:\Windows\System32\smss.exe
416 csrss.exe
468 C:\Windows\System32\wininit.exe
476 csrss.exe
496 C:\Program Files\AVG\AVG9\avgchsvx.exe
524 C:\Windows\System32\winlogon.exe
536 C:\Program Files\AVG\AVG9\avgrsx.exe
596 C:\Program Files\AVG\AVG9\avgcsrvx.exe
644 C:\Windows\System32\services.exe
668 C:\Windows\System32\lsass.exe
676 C:\Windows\System32\lsm.exe
1036 C:\Windows\System32\svchost.exe
1132 C:\Windows\System32\svchost.exe
1184 C:\Windows\System32\svchost.exe
1288 C:\Windows\System32\svchost.exe
1336 C:\Windows\System32\svchost.exe
1384 C:\Windows\System32\DriverStore\FileRepository\stw rt.inf_x86_neutral_ee8b9ab8d1b9a68e\stacsv.exe
1556 C:\Windows\System32\svchost.exe
1692 C:\Windows\System32\svchost.exe
1800 C:\Windows\System32\wlanext.exe
1808 C:\Windows\System32\conhost.exe
1832 C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
908 C:\Windows\System32\spoolsv.exe
1228 C:\Windows\System32\svchost.exe
1900 C:\Windows\System32\DriverStore\FileRepository\stw rt.inf_x86_neutral_ee8b9ab8d1b9a68e\AEstSrv.exe
1964 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
1968 C:\Program Files\AVG\AVG9\avgwdsvc.exe
460 C:\Program Files\Bonjour\mDNSResponder.exe
2132 C:\Windows\System32\taskhost.exe
2196 C:\Windows\System32\dwm.exe
2244 C:\Windows\explorer.exe
2412 C:\Program Files\DAEMON Tools Net\DTNetSrv.exe
2424 C:\Program Files\AVG\AVG9\avgam.exe
2520 C:\Program Files\AVG\AVG9\avgnsx.exe
2880 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
3000 C:\Program Files\IDT\WDM\sttray.exe
3052 C:\Program Files\HP\HPBTWD.exe
3064 C:\Program Files\Norton Internet Security\Engine\16.7.0.30\ccSvcHst.exe
3108 C:\Program Files\Hewlett-Packard\HP QuickSync\QuickSync.exe
3284 C:\Program Files\Java\jre6\bin\jusched.exe
3296 C:\Program Files\HP\HP Software Update\hpwuschd2.exe
3348 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
3380 C:\Program Files\iTunes\iTunesHelper.exe
3392 C:\Windows\System32\svchost.exe
3408 C:\Program Files\Hewlett-Packard\HP QuickSync\jre\bin\javaw.exe
3428 C:\Windows\System32\igfxtray.exe
3464 C:\Windows\System32\hkcmd.exe
3480 C:\Windows\System32\svchost.exe
3496 C:\Windows\System32\igfxpers.exe
3552 C:\Program Files\AVG\AVG9\avgtray.exe
3664 C:\Program Files\AVG\AVG9\avgemc.exe
3700 C:\Program Files\Alwil Software\Avast5\AvastUI.exe
3788 C:\Windows\System32\igfxsrvc.exe
1620 C:\Program Files\AVG\AVG9\avgcsrvx.exe
4412 C:\Windows\System32\SearchIndexer.exe
4696 C:\Program Files\iPod\bin\iPodService.exe
5124 C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
5196 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
5240 WmiPrvSE.exe
5408 C:\Program Files\Norton Internet Security\Engine\16.7.0.30\ccSvcHst.exe
5532 C:\Program Files\AVG\AVG9\avgcsrvx.exe
4608 C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
5208 C:\Program Files\Mozilla Firefox\firefox.exe
4676 C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
5016 C:\Program Files\Windows Media Player\wmpnetwk.exe
2592 C:\Windows\System32\audiodg.exe
1976 C:\Windows\System32\SearchProtocolHost.exe
2628 C:\Windows\System32\SearchFilterHost.exe
4972 C:\Windows\System32\svchost.exe
3532 dllhost.exe
2184 dllhost.exe
1000 C:\Users\Owner\Downloads\MBRCheck(2).exe
480 C:\Windows\System32\conhost.exe
\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`0c800000 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000037`63500000 (NTFS)
PhysicalDrive0 Model Number: WDCWD2500BEVT-60ZCT1, Rev: 13.01A13
Size Device Name MBR Status
--------------------------------------------
232 GB \\.\PhysicalDrive0 Unknown MBR code
SHA1: F1A25A12D970D36E52B77D7FDA948E8EB3E290A6
Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:
Options:
[1] Dump the MBR of a physical disk to file.
[2] Restore the MBR of a physical disk with a standard boot code.
[3] Exit.
Enter your choice:
Done!
-
OTL LOGS:
OTL logfile created on: 8/17/2010 12:14:52 PM - Run 1
OTL by OldTimer - Version 3.2.10.0 Folder = C:\Users\Owner\Downloads
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1,015.00 Mb Total Physical Memory | 461.00 Mb Available Physical Memory | 45.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 75.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 221.36 Gb Total Space | 67.82 Gb Free Space | 30.64% Space Free | Partition Type: NTFS
Drive D: | 11.33 Gb Total Space | 1.90 Gb Free Space | 16.75% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: OWNER-PC
Current User Name: Owner
Logged in as Administrator.
Current Boot Mode: SafeMode with Networking
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ==========
PRC - [2010/08/17 10:20:10 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Downloads\OTL.exe
PRC - [2010/08/16 13
53 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/08/16 1353 | 000,014,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2009/10/30 22:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
========== Modules (SafeList) ==========
MOD - [2010/08/17 10:20:10 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Downloads\OTL.exe
MOD - [2009/07/13 18:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll
MOD - [2009/07/13 18:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll
MOD - [2009/07/13 18:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll
MOD - [2009/07/13 18:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll
MOD - [2009/07/13 18:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll
MOD - [2009/07/13 18:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll
MOD - [2009/07/13 18:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll
MOD - [2009/07/13 18:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll
MOD - [2009/07/13 18:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll
MOD - [2009/07/13 18:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
MOD - [2009/07/13 18:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_4211 89da2b7fabfc\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - [2010/08/16 13:18:13 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG9\avgemc.exe -- (avg9emc)
SRV - [2010/08/16 13:18:13 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010/07/29 04:19:46 | 000,394,560 | ---- | M] (DT Soft Ltd) [Auto | Stopped] -- C:\Program Files\DAEMON Tools Net\DTNetSrv.exe -- (DTNetService)
SRV - [2010/06/28 13:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010/06/28 13:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010/06/28 13:57:15 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/06/10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/05/05 10:03:23 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\msco rsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/28 04:02:09 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2009/09/07 18:46:50 | 000,117,640 | R--- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Norton Internet Security\Engine\16.7.0.30\ccSvcHst.exe -- (Norton Internet Security)
SRV - [2009/07/13 18:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc)
SRV - [2009/07/13 18:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)
SRV - [2009/07/13 18:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power)
SRV - [2009/07/13 18:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\themeservice.dll -- (Themes)
SRV - [2009/07/13 18:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify)
SRV - [2009/07/13 18:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)
SRV - [2009/07/13 18:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 18:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/13 18:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc)
SRV - [2009/07/13 18:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)
SRV - [2009/07/13 18:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider)
SRV - [2009/07/13 18:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)
SRV - [2009/07/13 18:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/07/13 18:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener)
SRV - [2009/07/13 18:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/07/13 18:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
SRV - [2009/07/13 18:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc)
SRV - [2009/07/13 18:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC)
SRV - [2009/07/13 18:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) ActiveX Installer (AxInstSV)
SRV - [2009/07/13 18:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc)
SRV - [2009/07/13 18:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\sppsvc.exe -- (sppsvc)
SRV - [2009/06/29 13:44:38 | 000,221,266 | ---- | M] (IDT, Inc.) [Auto | Stopped] -- C:\Windows\System32\DriverStore\FileRepository\stw rt.inf_x86_neutral_ee8b9ab8d1b9a68e\stacsv.exe -- (STacSV)
SRV - [2009/05/22 11:02:20 | 000,250,616 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2009/03/02 14:43:08 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) [Auto | Stopped] -- C:\Windows\System32\DriverStore\FileRepository\stw rt.inf_x86_neutral_ee8b9ab8d1b9a68e\AEstSrv.exe -- (AESTFilters)
SRV - [2009/02/06 17:02:14 | 000,109,056 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\RtsUCcid.sys -- (USBCCID)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\Rts516xIR.sys -- (RtsUIR)
DRV - [2010/08/16 13:18:32 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010/08/16 13:18:32 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010/08/16 13:18:32 | 000,052,872 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\Drivers\avgrkx86.sys -- (AvgRkx86)
DRV - [2010/08/16 13:18:29 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Stopped] -- C:\Windows\System32\drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2010/08/07 00:15:48 | 000,201,280 | ---- | M] (Disc-Soft) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\dtcdrom.sys -- (dtcdrom)
DRV - [2010/06/28 13:37:52 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010/06/28 13:37:30 | 000,165,456 | ---- | M] (ALWIL Software) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010/06/28 13:33:13 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010/06/28 13:32:56 | 000,050,256 | ---- | M] (ALWIL Software) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2010/06/28 13:32:33 | 000,017,744 | ---- | M] (ALWIL Software) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/02/26 04:53:22 | 001,324,720 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\2010022 6.006\navex15.sys -- (NAVEX15)
DRV - [2010/02/26 04:53:22 | 000,084,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\2010022 6.006\naveng.sys -- (NAVENG)
DRV - [2010/02/24 12:07:07 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010/02/24 09:30:25 | 002,506,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XX)
DRV - [2009/12/11 00:44:02 | 000,133,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg)
DRV - [2009/10/28 15:37:22 | 000,343,088 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20100224. 002\IDSvix86.sys -- (IDSVix86)
DRV - [2009/09/23 19:18:14 | 004,808,192 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2009/09/07 18:46:53 | 000,217,136 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\system32\drivers\NIS\1007000.01E\SYMTDI .SYS -- (SYMTDI)
DRV - [2009/09/07 18:46:53 | 000,089,904 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\NIS\1007000.01E\SYMFW. SYS -- (SYMFW)
DRV - [2009/09/07 18:46:53 | 000,048,688 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\NIS\1007000.01E\SYMNDI SV.SYS -- (SYMNDISV)
DRV - [2009/09/07 18:46:53 | 000,025,648 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\SymIMV.sys -- (SymIM)
DRV - [2009/09/07 18:46:52 | 000,482,432 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\system32\drivers\NIS\1007000.01E\ccHPx8 6.sys -- (ccHP)
DRV - [2009/09/07 18:46:52 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2009/09/07 18:46:52 | 000,310,320 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\system32\drivers\NIS\1007000.01E\SYMEFA .SYS -- (SymEFA)
DRV - [2009/09/07 18:46:52 | 000,308,272 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\system32\drivers\NIS\1007000.01E\SRTSP. SYS -- (SRTSP)
DRV - [2009/09/07 18:46:52 | 000,259,632 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\system32\drivers\NIS\1007000.01E\BHDrvx 86.sys -- (BHDrvx86)
DRV - [2009/09/07 18:46:52 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\system32\drivers\NIS\1007000.01E\SRTSPX .SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2009/07/13 18:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide)
DRV - [2009/07/13 18:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci)
DRV - [2009/07/13 18:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx)
DRV - [2009/07/13 18:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs)
DRV - [2009/07/13 18:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320)
DRV - [2009/07/13 18:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas)
DRV - [2009/07/13 18:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata)
DRV - [2009/07/13 18:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arc.sys -- (arc)
DRV - [2009/07/13 18:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata)
DRV - [2009/07/13 18:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\aliide.sys -- (aliide)
DRV - [2009/07/13 18:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor)
DRV - [2009/07/13 18:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid)
DRV - [2009/07/13 18:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960)
DRV - [2009/07/13 18:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS)
DRV - [2009/07/13 18:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV)
DRV - [2009/07/13 18:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR)
DRV - [2009/07/13 18:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2009/07/13 18:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC)
DRV - [2009/07/13 18:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2)
DRV - [2009/07/13 18:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp)
DRV - [2009/07/13 18:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\megasas.sys -- (megasas)
DRV - [2009/07/13 18:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy)
DRV - [2009/07/13 18:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor)
DRV - [2009/07/13 18:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx)
DRV - [2009/07/13 18:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD)
DRV - [2009/07/13 18:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends)
DRV - [2009/07/13 18:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid)
DRV - [2009/07/13 18:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp)
DRV - [2009/07/13 18:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot)
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/07/13 18:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\viaide.sys -- (viaide)
DRV - [2009/07/13 18:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300)
DRV - [2009/07/13 18:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost)
DRV - [2009/07/13 18:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx)
DRV - [2009/07/13 18:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4)
DRV - [2009/07/13 18:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcw.sys -- (pcw)
DRV - [2009/07/13 18:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2)
DRV - [2009/07/13 18:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor)
DRV - [2009/07/13 18:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\cng.sys -- (CNG)
DRV - [2009/07/13 17:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2009/07/13 17:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rdpbus.sys -- (rdpbus)
DRV - [2009/07/13 17:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV - [2009/07/13 16:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV - [2009/07/13 16:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf)
DRV - [2009/07/13 16:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap)
DRV - [2009/07/13 16:52:04 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vwififlt.sys -- (vwififlt)
DRV - [2009/07/13 16:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus)
DRV - [2009/07/13 16:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\1394ohci.sys -- (1394ohci)
DRV - [2009/07/13 16:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\umpass.sys -- (UmPass)
DRV - [2009/07/13 16:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009/07/13 16:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV - [2009/07/13 16:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig)
DRV - [2009/07/13 16:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\system32\DRIVERS\CompositeBus.sys -- (CompositeBus)
DRV - [2009/07/13 16:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\appid.sys -- (AppID)
DRV - [2009/07/13 16:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter)
DRV - [2009/07/13 16:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\discache.sys -- (discache)
DRV - [2009/07/13 16:19:21 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HidBatt.sys -- (HidBatt)
DRV - [2009/07/13 16:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi)
DRV - [2009/07/13 16:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdppm.sys -- (AmdPPM)
DRV - [2009/07/13 15:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/13 15:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm)
DRV - [2009/07/13 15:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer)
DRV - [2009/07/13 15:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm)
DRV - [2009/07/13 15:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo)
DRV - [2009/07/13 15:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp)
DRV - [2009/07/13 15:13:46 | 000,980,992 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTDPV3.SYS -- (SrvHsfV92)
DRV - [2009/07/13 15:13:45 | 000,661,504 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTCNXT3.SYS -- (SrvHsfWinac)
DRV - [2009/07/13 15:13:45 | 000,207,360 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (SrvHsfHDA)
DRV - [2009/07/13 15:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD)
DRV - [2009/07/13 15:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
DRV - [2009/07/13 15:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv)
DRV - [2009/07/13 15:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv)
DRV - [2009/06/29 13:44:38 | 000,408,576 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2009/06/24 11:59:10 | 000,167,424 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009/06/12 16:25:44 | 000,212,016 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2009/06/04 19:43:16 | 000,330,264 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\iaStor.sys -- (iaStor)
DRV - [2009/04/27 17:26:44 | 000,050,688 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C) NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = AOL.co.uk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = AOL.co.uk
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN.com
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://www.google.com/ig"
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:7
FF - prefs.js..extensions.enabledItems: {35379F86-8CCB-4724-AE33-4278DE266C70}:1.0.4
FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2
FF - prefs.js..extensions.enabledItems: 5
FF - prefs.js..extensions.enabledItems: 2
FF - prefs.js..extensions.enabledItems: 2
FF - prefs.js..extensions.enabledItems: {B562FE46-C37E-4304-B616-F6D8F11EC48F}:1.9.1
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.845
FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5 b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2010/08/16 13:18:13 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/08/16 1355 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/08/16 1355 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.4\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010/05/10 12:14:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.4\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
[2010/02/26 14:15:20 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Mozilla\Extensions
[2010/02/26 14:15:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Extensions\ {3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010/02/26 13:39:39 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Mozilla\Extensions\ mozswing@mozswing.org
[2010/08/16 14:07:07 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Pro files\yd49s7xl.default\extensions
[2010/03/27 20:19:03 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Pro files\yd49s7xl.default\extensions\firefox@tvunetwo rks.com
[2010/08/17 10:31:07 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
O1 HOSTS File: ([2009/06/10 14:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.7.0.30\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.7.0.30\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (hpBHO Class) - {ABD3B5E1-B268-407B-A150-2641DAB8D898} - C:\Program Files\Common Files\Homepage Protection\HomepageProtection.dll (AOL Products)
O2 - BHO: (Microsoft Live Search Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files\MSN\Toolbar\3.0.0560.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (Microsoft Live Search Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files\MSN\Toolbar\3.0.0560.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.7.0.30\CoIEPlg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.7.0.30\CoIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [HP] C:\Program Files\Hewlett-Packard\HP QuickSync\QuickSync.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HP BTW Detect Program] C:\Program Files\HP\HPBTWD.exe ()
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: WallpaperStyle = 2
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_14)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.2.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.7.0.30\CoIEPlg.dll (Symantec Corporation)
O20 - AppInit_DLLs: (avgrsstx.dll) - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.ex e (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 14:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
NetSvcs: Themes - C:\Windows\System32\themeservice.dll (Microsoft Corporation)
NetSvcs: BDESVC - C:\Windows\System32\bdesvc.dll (Microsoft Corporation)
Drivers32: midi - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midimapper - C:\Windows\System32\midimap.dll (Microsoft Corporation)
Drivers32: mixer - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: msacm.imaadpcm - C:\Windows\System32\imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.msadpcm - C:\Windows\System32\msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - C:\Windows\System32\msg711.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - C:\Windows\System32\msgsm32.acm (Microsoft Corporation)
Drivers32: msacm.siren - C:\Windows\System32\sirenacm.dll (Microsoft Corporation)
Drivers32: msacm.vorbis - C:\Windows\System32\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.i420 - C:\Windows\System32\iyuv_32.dll (Microsoft Corporation)
Drivers32: VIDC.IYUV - C:\Windows\System32\iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.mrle - C:\Windows\System32\msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msvc - C:\Windows\System32\msvidc32.dll (Microsoft Corporation)
Drivers32: VIDC.UYVY - C:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YUY2 - C:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YVU9 - C:\Windows\System32\tsbyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YVYU - C:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32: wave - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wavemapper - C:\Windows\System32\msacm32.drv (Microsoft Corporation)
========== Files/Folders - Created Within 90 Days ==========
[2010/08/17 10:01:57 | 000,165,456 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys
[2010/08/17 10:01:57 | 000,023,376 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2010/08/17 10:01:57 | 000,017,744 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2010/08/17 10:01:56 | 000,046,672 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2010/08/17 10:01:48 | 000,050,256 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2010/08/17 10:00:39 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\Windows\avastSS.scr
[2010/08/17 10:00:30 | 000,165,032 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2010/08/17 09:59:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software
[2010/08/17 09:59:55 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010/08/16 17:51:59 | 000,000,000 | -H-D | C] -- C:\$AVG
[2010/08/16 14:33:00 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/08/16 14:14:17 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\Xilisoft Video Converter Ultimate
[2010/08/16 13:24:58 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\ElevatedDiagnostics
[2010/08/16 13:18:33 | 000,012,536 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
[2010/08/16 13:18:32 | 000,243,024 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
[2010/08/16 13:18:32 | 000,052,872 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgrkx86.sys
[2010/08/16 13:18:30 | 000,216,400 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
[2010/08/16 13:18:29 | 000,029,584 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys
[2010/08/16 13:18:23 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\Avg
[2010/08/16 13:18:12 | 000,000,000 | ---D | C] -- C:\ProgramData\avg9
[2010/08/16 13:18:12 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2010/08/16 12:40:14 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Malwarebytes
[2010/08/16 12:23:52 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/08/16 12:23:50 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/08/16 12:23:50 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/08/16 12:23:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/08/16 12:06:00 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{B562FE46-C37E-4304-B616-F6D8F11EC48F}
[2010/08/16 12:04:33 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\qghkusalb
[2010/08/16 12:04:31 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\vgqkujyca
[2010/08/16 12:04:14 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Windows Server
[2010/08/16 12:04:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Update
[2010/08/16 12:03:40 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\976F362799865E1BD9D 3F9B79B623381
[2010/08/16 03:03:27 | 000,000,000 | ---D | C] -- C:\Windows\System32\x64
[2010/08/15 17
47 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUpMedia
[2010/08/07 00:15:48 | 000,201,280 | ---- | C] (Disc-Soft) -- C:\Windows\System32\drivers\dtcdrom.sys
[2010/08/07 00:15:21 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Net
[2010/08/07 00:14:50 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Net
[2010/08/07 00:14:49 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\DAEMON Tools Net
[2010/08/07 00:05:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Rosetta Stone
[2010/08/07 00:05:19 | 000,000,000 | ---D | C] -- C:\Program Files\Rosetta Stone
[2010/08/06 12:23:53 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\GeoVid
[2010/08/06 12:03:41 | 000,000,000 | ---D | C] -- C:\Program Files\GeoVid
[2010/08/06 12:03:04 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\WinSoftSpelling
[2010/08/02 10:01:11 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/07/30 14:24:42 | 000,000,000 | ---D | C] -- C:\Program Files\VisiPics
[2010/07/23 09:12:00 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\1
[2010/06/25 09:53:56 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2010/05/21 13:09:08 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Acreon
[2010/05/21 13:09:08 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\._Revolution_
[2010/05/21 13:07:12 | 002,990,080 | ---- | C] (HostM.com Web Hosting) -- C:\Windows\Simple CSS.exe
[2010/05/21 11:05:04 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Regensoft
[2010/05/21 10:49:45 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Geckofx
[2010/05/21 10:46:56 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Regensoft
[2010/05/21 10:46:55 | 000,000,000 | ---D | C] -- C:\Program Files\Regensoft
[2010/05/21 10:46:27 | 000,000,000 | ---D | C] -- C:\Program Files\AviSynth 2.5
[2010/05/21 10:45:22 | 000,000,000 | ---D | C] -- C:\Program Files\Red Kawa
[2010/05/20 09:08:49 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt
========== Files - Modified Within 90 Days ==========
[2010/08/17 12:10:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/08/17 12:10:33 | 798,466,048 | -HS- | M] () -- C:\hiberfil.sys
[2010/08/17 12:09:53 | 002,883,584 | -HS- | M] () -- C:\Users\Owner\NTUSER.DAT
[2010/08/17 12:08:43 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/08/17 11:33:43 | 001,810,586 | -H-- | M] () -- C:\Users\Owner\AppData\Local\IconCache.db
[2010/08/17 10:39:33 | 000,019,472 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/08/17 10:39:33 | 000,019,472 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/08/17 10:30:49 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/08/17 10:30:32 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/08/17 10:01:58 | 000,002,009 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2010/08/17 10:01:47 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2010/08/17 01:34:41 | 063,535,211 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2010/08/17 00:18:27 | 000,000,320 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForOwner.job
[2010/08/16 14:42:41 | 000,127,632 | ---- | M] () -- C:\Users\Owner\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/08/16 14:33:01 | 000,002,963 | ---- | M] () -- C:\Users\Owner\Desktop\HiJackThis.lnk
[2010/08/16 13:18:33 | 000,012,536 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
[2010/08/16 13:18:33 | 000,001,816 | ---- | M] () -- C:\Users\Public\Desktop\AVG 9.0.lnk
[2010/08/16 13:18:32 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
[2010/08/16 13:18:32 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
[2010/08/16 13:18:32 | 000,052,872 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgrkx86.sys
[2010/08/16 13:18:29 | 000,113,461 | ---- | M] () -- C:\Windows\System32\drivers\Avg\iavichjw.avm
[2010/08/16 13:18:29 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys
[2010/08/16 12:24:23 | 001,579,926 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/08/16 12:24:23 | 000,436,942 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/08/16 12:24:23 | 000,005,176 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/08/16 12:23:55 | 000,000,983 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/08/16 12:11:34 | 000,002,838 | ---- | M] () -- C:\Users\Owner\AppData\Local\iqepomukimu.dll
[2010/08/16 12:06:03 | 000,000,000 | ---- | M] () -- C:\Users\Owner\AppData\Local\Isudu.bin
[2010/08/16 12:06:02 | 000,000,120 | ---- | M] () -- C:\Users\Owner\AppData\Local\Gcizami.dat
[2010/08/15 17:09:34 | 000,000,362 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2010/08/13 03:27:48 | 001,772,008 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/08/11 11:47:32 | 000,003,584 | ---- | M] () -- C:\Users\Owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/08/07 00:15:48 | 000,201,280 | ---- | M] (Disc-Soft) -- C:\Windows\System32\drivers\dtcdrom.sys
[2010/08/06 12:23:27 | 000,000,000 | ---- | M] () -- C:\Users\Owner\Documents\vlc-1.1.2-win32.exe
[2010/08/02 09:54:06 | 000,001,152 | ---- | M] () -- C:\Windows\System32\mapisvc.inf
[2010/08/02 09:53:26 | 000,002,503 | ---- | M] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2010/08/02 09:53:25 | 000,002,479 | ---- | M] () -- C:\Users\Public\Desktop\Safari.lnk
[2010/07/19 13:44:42 | 000,001,913 | ---- | M] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/07/19 13:44:42 | 000,001,889 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/06/28 13:57:33 | 000,038,848 | ---- | M] (ALWIL Software) -- C:\Windows\avastSS.scr
[2010/06/28 13:57:12 | 000,165,032 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2010/06/28 13:37:52 | 000,046,672 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2010/06/28 13:37:30 | 000,165,456 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys
[2010/06/28 13:33:13 | 000,023,376 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2010/06/28 13:32:56 | 000,050,256 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2010/06/28 13:32:33 | 000,017,744 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2010/05/26 09:51:19 | 000,000,716 | ---- | M] () -- C:\Users\Owner\.recently-used.xbel
[2010/05/21 13:07:19 | 000,001,065 | ---- | M] () -- C:\Windows\unins000.dat
[2010/05/21 12:26:33 | 000,707,354 | ---- | M] () -- C:\Windows\unins000.exe
[2010/05/19 15:55:45 | 000,374,891 | ---- | M] () -- C:\Users\Owner\Documents\Untitled-1.jpg
========== Files Created - No Company Name ==========
[2010/08/17 10:01:58 | 000,002,009 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2010/08/16 14:33:01 | 000,002,963 | ---- | C] () -- C:\Users\Owner\Desktop\HiJackThis.lnk
[2010/08/16 13:18:33 | 000,001,816 | ---- | C] () -- C:\Users\Public\Desktop\AVG 9.0.lnk
[2010/08/16 13:18:28 | 000,113,461 | ---- | C] () -- C:\Windows\System32\drivers\Avg\iavichjw.avm
[2010/08/16 13:18:23 | 063,535,211 | ---- | C] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2010/08/16 12:23:55 | 000,000,983 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/08/16 12:11:34 | 000,002,838 | ---- | C] () -- C:\Users\Owner\AppData\Local\iqepomukimu.dll
[2010/08/16 12:06:03 | 000,000,000 | ---- | C] () -- C:\Users\Owner\AppData\Local\Isudu.bin
[2010/08/16 12:06:02 | 000,000,120 | ---- | C] () -- C:\Users\Owner\AppData\Local\Gcizami.dat
[2010/08/15 17:09:22 | 000,000,362 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010/08/11 11:47:32 | 000,003,584 | ---- | C] () -- C:\Users\Owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/08/06 12:23:27 | 000,000,000 | ---- | C] () -- C:\Users\Owner\Documents\vlc-1.1.2-win32.exe
[2010/07/19 13:44:42 | 000,001,889 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/06/24 09:27:45 | 000,002,479 | ---- | C] () -- C:\Users\Public\Desktop\Safari.lnk
[2010/05/26 09:51:19 | 000,000,716 | ---- | C] () -- C:\Users\Owner\.recently-used.xbel
[2010/05/21 13:07:12 | 000,707,354 | ---- | C] () -- C:\Windows\unins000.exe
[2010/05/21 13:07:12 | 000,001,065 | ---- | C] () -- C:\Windows\unins000.dat
[2010/05/19 15:55:38 | 000,374,891 | ---- | C] () -- C:\Users\Owner\Documents\Untitled-1.jpg
[2010/05/03 14:26:42 | 000,000,003 | ---- | C] () -- C:\Windows\treeskp.sys
[2010/04/14 14:17:06 | 000,176,235 | ---- | C] () -- C:\Windows\System32\Primomonnt.dll
[2010/02/24 12:05:51 | 000,000,189 | ---- | C] () -- C:\ProgramData\HPWALog.txt
[2010/02/24 10:00:28 | 000,000,032 | ---- | C] () -- C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
[2010/02/24 09:59:57 | 000,000,032 | ---- | C] () -- C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
[2010/02/24 09:30:36 | 000,006,656 | ---- | C] () -- C:\Windows\System32\bcmwlrc.dll
[2009/09/07 20:50:03 | 000,000,109 | ---- | C] () -- C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
[2009/09/07 20:46:13 | 000,000,105 | ---- | C] () -- C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
[2009/08/03 16:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/07/30 18:58:42 | 000,000,314 | ---- | C] () -- C:\Windows\primopdf.ini
[2009/07/13 16:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 16:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
========== LOP Check ==========
[2010/08/16 12:04:21 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\976F362799865E1BD9D 3F9B79B623381
[2010/05/21 13:09:08 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Acreon
[2010/08/17 09:49:04 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\BitTorrent
[2010/08/07 00:17:24 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\DAEMON Tools Net
[2010/08/06 12:23:53 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\GeoVid
[2010/03/05 10:45:24 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\GrabPro
[2010/03/02 22:11:13 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\inkscape
[2010/08/16 14:11:54 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\LimeWire
[2010/03/06 11:09:29 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\OpenCandy
[2010/08/16 14:39:18 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Orbit
[2010/06/08 11:12:52 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\PrimoPDF
[2010/05/21 11:05:04 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Regensoft
[2010/02/26 14:15:11 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Thunderbird
[2010/08/16 13:20:31 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\vghd
[2010/04/14 10:13:42 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\webex
[2010/03/01 10:22:07 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Xilisoft Corporation
[2009/07/13 21:53:46 | 000,031,840 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.* >
[2009/06/10 14:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2009/07/13 18:38:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr
[2009/06/10 14:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys
[2010/08/17 12:10:33 | 798,466,048 | -HS- | M] () -- C:\hiberfil.sys
[2010/08/17 12:10:37 | 1073,741,824 | -HS- | M] () -- C:\pagefile.sys
[2010/08/16 12:29:05 | 000,000,268 | ---- | M] () -- C:\rkill.log
< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >
[2009/07/13 18:15:35 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\jnwppr.d ll
[2009/07/13 18:16:19 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\winprint .dll
< %systemroot%\system32\*.wt >
< %systemroot%\system32\*.ruy >
< %systemroot%\Fonts\*.com >
[2009/07/13 21:52:25 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2009/07/13 21:52:25 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2009/07/13 21:52:25 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2009/07/13 21:52:25 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont
< %systemroot%\Fonts\*.dll >
< %systemroot%\system32\spool\prtprocs\w32x86\*.tmp >
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\user32.dll /md5 >
[2009/07/13 18:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\System32\user32.dll
< %systemroot%\system32\ws2_32.dll /md5 >
[2009/07/13 18:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\System32\ws2_32.dll
< %systemroot%\system32\ws2help.dll /md5 >
[2009/07/13 18:11:26 | 000,004,608 | ---- | M] (Microsoft Corporation) MD5=808AABDF9337312195CAFF76D1804786 -- C:\Windows\System32\ws2help.dll
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Win dows\WindowsUpdate\AU >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
< End of report >
-
OTL Extras logfile created on: 8/17/2010 12:14:52 PM - Run 1
OTL by OldTimer - Version 3.2.10.0 Folder = C:\Users\Owner\Downloads
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1,015.00 Mb Total Physical Memory | 461.00 Mb Available Physical Memory | 45.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 75.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 221.36 Gb Total Space | 67.82 Gb Free Space | 30.64% Space Free | Partition Type: NTFS
Drive D: | 11.33 Gb Total Space | 1.90 Gb Free Space | 16.75% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: OWNER-PC
Current User Name: Owner
Logged in as Administrator.
Current Boot Mode: SafeMode with Networking
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\DomainPr ofile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Standard Profile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Standard Profile\AuthorizedApplications\List]
"C:\Program Files\Orbitdownloader\orbitdm.exe" = C:\Program Files\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
"C:\Program Files\Orbitdownloader\orbitnet.exe" = C:\Program Files\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall]
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{0379CF3E-BED6-474C-AE96-D07E8D7763AC}_is1" = Simple CSS 2.1
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{08F32589-5E39-42B8-8BC5-6A8126ED2A70}" = Microsoft Visual C++ 2008 Redistributable Package
"{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger
"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour
"{11B7161D-3461-40CD-B31F-84065AC84A4E}" = HP User Guides 0166
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java(TM) 6 Update 14
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2D4E1F8A-901B-4BBD-B311-B6E56059066E}" = Microsoft Live Search Toolbar
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{34985F59-8F6F-46F4-9AD5-53E2714294D2}" = ArcSoft WebCam Companion 3
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C52E7DA-C431-4239-B66B-1BF703D5B194}" = Windows Live Photo Gallery
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = PowerRecover
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{495A8A3C-8FD0-4C46-9979-95C26181A1AB}" = HP Support Assistant
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{54CC7901-804D-4155-B353-21F0CC9112AB}" = HP Wireless Assistant
"{606BC780-101C-41DB-808D-4539BFA0774A}" = MobileMe Control Panel
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-00D1-0409-0000-0000000FF1CE}" = Microsoft Office Access database engine 2007 (English)
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91F7F3F3-CE80-48C3-8327-7D24A0A5716A}" = iTunes
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{99011A6E-5200-11DE-BDB8-7ACD56D89593}" = Rosetta Stone Version 3
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A1BF9950-8CDB-468E-83FA-EACFB00EA7D5}" = Windows Live Sync
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A93944F2-D2D4-4750-BFE7-9A288FEAF2CF}" = Apple Application Support
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.1 MUI
"{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}" = Adobe Shockwave Player
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C6CA8874-5F22-4AF0-9BE3-016BF299C536}" = Windows Live Essentials
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D46D081B-F60E-467E-A7C4-117B70D76731}" = HP Update
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DF802C05-4660-418c-970C-B988ADB1D316}" = Microsoft Live Search Toolbar
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{EAFEF30E-3789-49C7-A6D9-77C12E005BAC}" = Safari
"{EEA95E6C-6847-49BE-83C9-ED92D8E18983}" = HP QuickSync
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F3B912F5-EB57-45AA-B3D1-EB532BCF6EF8}" = HP Setup
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F7B0939E-58DF-11DF-B3A6-005056806466}" = Google Earth
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3
"ASIO4ALL" = ASIO4ALL
"avast5" = avast! Free Antivirus
"AVG9Uninstall" = AVG 9.0
"AviSynth" = AviSynth 2.5
"BitTorrent" = BitTorrent
"Broadcom 802.11 Wireless LAN Adapter" = Broadcom 802.11 Wireless LAN Adapter
"DAEMON Tools Net" = DAEMON Tools Net
"FL Studio 9" = FL Studio 9
"Free iPod Video Converter_is1" = Free iPod Video Converter 1.34
"FreshWebmaster FreshFTP_is1" = FreshFTP
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"Homepage Protection" = Homepage Protection
"IL Download Manager" = IL Download Manager
"Inkscape" = Inkscape 0.47
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"LimeWire" = LimeWire 5.4.6
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"Mozilla Thunderbird (3.0.4)" = Mozilla Thunderbird (3.0.4)
"NIS" = Norton Internet Security
"OfficeTrial" = Microsoft Office Home and Student 60 day trial
"Orbit_is1" = Orbit Downloader
"PoiZone" = PoiZone
"PrimoPDF" = PrimoPDF -- by Nitro PDF Software
"Sawer" = Sawer
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Toxic Biohazard" = Toxic Biohazard
"TVUPlayer" = TVUPlayer 2.5.2.2
"Veetle TV" = Veetle TV 0.9.16
"Videora iPod Converter" = Videora iPod Converter 5.04
"VidGIF_is1" = VidGIF
"VisiPics_is1" = VisiPics V1.30
"VLC media player" = VLC media player 1.0.5
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"YouTube Downloader App" = YouTube Downloader App 2.03
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Uninstall]
"ActiveTouchMeetingClient" = WebEx
"Charter Browser Updater" = Charter Browser Updater
"Move Media Player" = Move Media Player
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 8/4/2010 6:17:10 PM | Computer Name = Owner-PC | Source = Bonjour Service | ID = 100
Description = 460: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)
Error - 8/4/2010 6:17:10 PM | Computer Name = Owner-PC | Source = Bonjour Service | ID = 100
Description = 448: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)
Error - 8/5/2010 8:34:16 PM | Computer Name = Owner-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\Program Files\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\Program
Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BU ILD_NUMBER_MINOR"
of attribute "version" in element "assemblyIdentity" is invalid.
Error - 8/6/2010 12:17:38 PM | Computer Name = Owner-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .
Error - 8/6/2010 12:19:02 PM | Computer Name = Owner-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .
Error - 8/6/2010 12:19:03 PM | Computer Name = Owner-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .
Error - 8/6/2010 3:00:53 PM | Computer Name = Owner-PC | Source = Application Hang | ID = 1002
Description = The program wmplayer.exe version 12.0.7600.16415 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: da8 Start
Time: 01cb35994996883c Termination Time: 143 Application Path: C:\Program Files\Windows
Media Player\wmplayer.exe Report Id: e7454348-a18c-11df-ad57-18a9058d055f
Error - 8/6/2010 3:06:59 PM | Computer Name = Owner-PC | Source = Application Hang | ID = 1002
Description = The program ehshell.exe version 6.1.7600.16385 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 1858 Start
Time: 01cb359a45183bde Termination Time: 911 Application Path: C:\Windows\ehome\ehshell.exe
Report
Id: b5884551-a18d-11df-ad57-18a9058d055f
Error - 8/6/2010 3:08:33 PM | Computer Name = Owner-PC | Source = Bonjour Service | ID = 100
Description = 188: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)
Error - 8/6/2010 3:10:45 PM | Computer Name = Owner-PC | Source = Application Hang | ID = 1002
Description = The program wmplayer.exe version 12.0.7600.16415 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 15b8 Start
Time: 01cb359ac64dfe15 Termination Time: 260 Application Path: C:\Program Files\Windows
Media Player\wmplayer.exe Report Id: 47bf0024-a18e-11df-ad57-18a9058d055f
[ Hewlett-Packard Events ]
Error - 5/14/2010 12:17:07 PM | Computer Name = Owner-PC | Source = Hewlett-Packard | ID = 0
Description = en-US Could not find file 'C:\Program Files\Hewlett-Packard\HP Support
Framework\Logs\SystemInfoAA.xml'. mscorlib at System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options) at
System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
Int32 bufferSize) at System.IO.StreamReader..ctor(String path, Encoding encoding)
at System.IO.File.ReadAllText(String path, Encoding encoding) at n.a(Object
A_0, EventArgs A_1)
Error - 6/12/2010 11:35:51 AM | Computer Name = Owner-PC | Source = Hewlett-Packard | ID = 0
Description = en-US Could not find file 'C:\Program Files\Hewlett-Packard\HP Support
Framework\Logs\SystemInfoAA.xml'. mscorlib at System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options) at
System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
Int32 bufferSize) at System.IO.StreamReader..ctor(String path, Encoding encoding)
at System.IO.File.ReadAllText(String path, Encoding encoding) at n.a(Object
A_0, EventArgs A_1)
Error - 6/12/2010 11:35:52 AM | Computer Name = Owner-PC | Source = Hewlett-Packard | ID = 0
Description = en-US Could not find file 'C:\Program Files\Hewlett-Packard\HP Support
Framework\Logs\SystemInfoAA.xml'. mscorlib at System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options) at
System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
Int32 bufferSize) at System.IO.StreamReader..ctor(String path, Encoding encoding)
at System.IO.File.ReadAllText(String path, Encoding encoding) at n.a(Object
A_0, EventArgs A_1)
Error - 6/18/2010 12:44:42 PM | Computer Name = Owner-PC | Source = Hewlett-Packard | ID = 0
Description = en-US Could not find file 'C:\Program Files\Hewlett-Packard\HP Support
Framework\Logs\SystemInfoAA.xml'. mscorlib at System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options) at
System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
Int32 bufferSize) at System.IO.StreamReader..ctor(String path, Encoding encoding)
at System.IO.File.ReadAllText(String path, Encoding encoding) at n.a(Object
A_0, EventArgs A_1)
Error - 6/18/2010 12:44:43 PM | Computer Name = Owner-PC | Source = Hewlett-Packard | ID = 0
Description = en-US Could not find file 'C:\Program Files\Hewlett-Packard\HP Support
Framework\Logs\SystemInfoAA.xml'. mscorlib at System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options) at
System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
Int32 bufferSize) at System.IO.StreamReader..ctor(String path, Encoding encoding)
at System.IO.File.ReadAllText(String path, Encoding encoding) at n.a(Object
A_0, EventArgs A_1)
Error - 6/25/2010 1:05:15 PM | Computer Name = Owner-PC | Source = Hewlett-Packard | ID = 0
Description = en-US Could not find file 'C:\Program Files\Hewlett-Packard\HP Support
Framework\Logs\SystemInfoAA.xml'. mscorlib at System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options) at
System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
Int32 bufferSize) at System.IO.StreamReader..ctor(String path, Encoding encoding)
at System.IO.File.ReadAllText(String path, Encoding encoding) at n.a(Object
A_0, EventArgs A_1)
Error - 6/25/2010 1:05:15 PM | Computer Name = Owner-PC | Source = Hewlett-Packard | ID = 0
Description = en-US Could not find file 'C:\Program Files\Hewlett-Packard\HP Support
Framework\Logs\SystemInfoAA.xml'. mscorlib at System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options) at
System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
Int32 bufferSize) at System.IO.StreamReader..ctor(String path, Encoding encoding)
at System.IO.File.ReadAllText(String path, Encoding encoding) at n.a(Object
A_0, EventArgs A_1)
Error - 7/30/2010 12:11:45 PM | Computer Name = Owner-PC | Source = Hewlett-Packard | ID = 0
Description = en-US Could not find file 'C:\Program Files\Hewlett-Packard\HP Support
Framework\Logs\SystemInfoAA.xml'. mscorlib at System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options) at
System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
Int32 bufferSize) at System.IO.StreamReader..ctor(String path, Encoding encoding)
at System.IO.File.ReadAllText(String path, Encoding encoding) at n.a(Object
A_0, EventArgs A_1)
Error - 7/30/2010 12:11:46 PM | Computer Name = Owner-PC | Source = Hewlett-Packard | ID = 0
Description = en-US Could not find file 'C:\Program Files\Hewlett-Packard\HP Support
Framework\Logs\SystemInfoAA.xml'. mscorlib at System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options) at
System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
Int32 bufferSize) at System.IO.StreamReader..ctor(String path, Encoding encoding)
at System.IO.File.ReadAllText(String path, Encoding encoding) at n.a(Object
A_0, EventArgs A_1)
Error - 8/13/2010 1252 PM | Computer Name = Owner-PC | Source = Hewlett-Packard | ID = 0
Description = en-US Could not find file 'C:\Program Files\Hewlett-Packard\HP Support
Framework\Logs\SystemInfoAA.xml'. mscorlib at System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options) at
System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
Int32 bufferSize) at System.IO.StreamReader..ctor(String path, Encoding encoding)
at System.IO.File.ReadAllText(String path, Encoding encoding) at n.a(Object
A_0, EventArgs A_1)
[ System Events ]
Error - 8/5/2010 5:53:15 PM | Computer Name = Owner-PC | Source = DCOM | ID = 10010
Description =
Error - 8/6/2010 3:14:10 PM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
cdrom
Error - 8/8/2010 3:35:03 AM | Computer Name = Owner-PC | Source = DCOM | ID = 10010
Description =
Error - 8/8/2010 9:07:10 PM | Computer Name = Owner-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.
Error - 8/8/2010 9:07:11 PM | Computer Name = Owner-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.
Error - 8/8/2010 9:07:11 PM | Computer Name = Owner-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.
Error - 8/8/2010 9:07:12 PM | Computer Name = Owner-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.
Error - 8/8/2010 9:07:12 PM | Computer Name = Owner-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.
Error - 8/9/2010 5:08:17 PM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the eventlog service.
Error - 8/11/2010 10:32:41 AM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
cdrom
< End of report >
Last edited by racethetrain; 17-08-2010 at 08:38 PM.
-
Run MBRCheck again.
When it's done you'll see the following line:
Enter 'Y' and hit ENTER for more options, or 'N' to exit:
Pres the Y key and then press Enter
When the program asks you to Enter your choice, enter 2 and press the Enter key.
Next the program will ask you to Enter the physical disk number to fix (0-99, -1 to cancel):
Enter 0 (zero) and press the Enter key.
Next the program will show Available MBR codes:, followed by a list of operating systems.
Please enter 5 for Windows 7, and then press Enter.
Next the program will prompt for confirmation.
Type YES and hit Enter.
When it's done there should be a text file with the results on your desktop.
Please copy and paste it back here.
Then reboot, run MBRCheck again and post new log.
-
MBRCheck, version 1.2.3
(c) 2010, AD
Command-line:
Windows Version: Windows 7 Ultimate Edition
Windows Information: (build 7600), 32-bit
Base Board Manufacturer: Hewlett-Packard
BIOS Manufacturer: Hewlett-Packard
System Manufacturer: Hewlett-Packard
System Product Name: Compaq Mini 110c-1100
Logical Drives Mask: 0x0000001c
Kernel Drivers (total 206):
0x81A3B000 \SystemRoot\system32\ntkrnlpa.exe
0x81A04000 \SystemRoot\system32\halmacpi.dll
0x818F1000 \SystemRoot\system32\kdcom.dll
0x86007000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x8607F000 \SystemRoot\system32\PSHED.dll
0x86090000 \SystemRoot\system32\BOOTVID.dll
0x86098000 \SystemRoot\system32\CLFS.SYS
0x860DA000 \SystemRoot\system32\CI.dll
0x86185000 \SystemRoot\system32\drivers\Wdf01000.sys
0x86222000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x86230000 \SystemRoot\system32\DRIVERS\ACPI.sys
0x86278000 \SystemRoot\system32\DRIVERS\WMILIB.SYS
0x86281000 \SystemRoot\system32\DRIVERS\msisadrv.sys
0x86289000 \SystemRoot\system32\DRIVERS\pci.sys
0x862B3000 \SystemRoot\system32\DRIVERS\vdrvroot.sys
0x862BE000 \SystemRoot\System32\drivers\partmgr.sys
0x862CF000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x862D7000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x862E2000 \SystemRoot\system32\DRIVERS\volmgr.sys
0x862F2000 \SystemRoot\System32\drivers\volmgrx.sys
0x8633D000 \SystemRoot\System32\drivers\mountmgr.sys
0x86434000 \SystemRoot\system32\DRIVERS\iaStor.sys
0x8650E000 \SystemRoot\system32\DRIVERS\atapi.sys
0x86517000 \SystemRoot\system32\DRIVERS\ataport.SYS
0x8653A000 \SystemRoot\system32\DRIVERS\msahci.sys
0x86544000 \SystemRoot\system32\DRIVERS\PCIIDEX.SYS
0x86552000 \SystemRoot\system32\DRIVERS\amdxata.sys
0x8655B000 \SystemRoot\system32\drivers\fltmgr.sys
0x8658F000 \SystemRoot\system32\drivers\fileinfo.sys
0x865A0000 \SystemRoot\system32\drivers\NIS\1007000.01E\SYMEF A.SYS
0x8663D000 \SystemRoot\System32\Drivers\Ntfs.sys
0x8676C000 \SystemRoot\System32\Drivers\msrpc.sys
0x86797000 \SystemRoot\System32\Drivers\ksecdd.sys
0x86353000 \SystemRoot\System32\Drivers\cng.sys
0x867AA000 \SystemRoot\System32\drivers\pcw.sys
0x867B8000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x86832000 \SystemRoot\system32\drivers\ndis.sys
0x868E9000 \SystemRoot\system32\drivers\NETIO.SYS
0x86927000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x86A37000 \SystemRoot\System32\drivers\tcpip.sys
0x86B80000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x86BB1000 \SystemRoot\system32\DRIVERS\volsnap.sys
0x86BF0000 \SystemRoot\System32\Drivers\spldr.sys
0x86A00000 \SystemRoot\System32\drivers\rdyboost.sys
0x8694C000 \SystemRoot\System32\Drivers\mup.sys
0x86A2D000 \SystemRoot\System32\drivers\hwpolicy.sys
0x8695C000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x8698E000 \SystemRoot\system32\DRIVERS\disk.sys
0x8699F000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
0x869C4000 \SystemRoot\System32\Drivers\avgrkx86.sys
0x8A143000 \SystemRoot\System32\Drivers\Null.SYS
0x8A14A000 \SystemRoot\System32\Drivers\Beep.SYS
0x8A151000 \SystemRoot\System32\drivers\vga.sys
0x8A15D000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x8A17E000 \SystemRoot\System32\drivers\watchdog.sys
0x8A18B000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x8A193000 \SystemRoot\system32\drivers\rdpencdd.sys
0x8A19B000 \SystemRoot\system32\drivers\rdprefmp.sys
0x8A1A3000 \SystemRoot\System32\Drivers\Msfs.SYS
0x8A1AE000 \SystemRoot\System32\Drivers\Npfs.SYS
0x8A1BC000 \SystemRoot\system32\DRIVERS\tdx.sys
0x8A1D3000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x8A1DE000 \SystemRoot\System32\Drivers\aswTdi.SYS
0x8A000000 \SystemRoot\system32\drivers\NIS\1007000.01E\SYMTD I.SYS
0x86800000 \??\C:\Windows\system32\Drivers\SYMEVENT.SYS
0x867C1000 \SystemRoot\System32\Drivers\avgtdix.sys
0x86600000 \SystemRoot\System32\DRIVERS\netbt.sys
0x8AC13000 \SystemRoot\system32\drivers\afd.sys
0x8AC6D000 \SystemRoot\System32\Drivers\aswRdr.SYS
0x8AC72000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x8AC79000 \SystemRoot\system32\DRIVERS\pacer.sys
0x8AC98000 \SystemRoot\system32\DRIVERS\vwififlt.sys
0x8ACA9000 \SystemRoot\system32\DRIVERS\SymIMv.sys
0x8ACB2000 \SystemRoot\system32\DRIVERS\netbios.sys
0x8ACC0000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x8ACD3000 \SystemRoot\system32\DRIVERS\termdd.sys
0x8ACE3000 \SystemRoot\system32\drivers\NIS\1007000.01E\SRTSP X.SYS
0x8ACED000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x8AD2E000 \SystemRoot\system32\drivers\nsiproxy.sys
0x8AD38000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x8AD42000 \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20100224. 002\IDSvix86.sys
0x8AD9A000 \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
0x863B0000 \??\C:\Windows\system32\drivers\dtcdrom.sys
0x8AC00000 \SystemRoot\System32\drivers\discache.sys
0x8A124000 \SystemRoot\System32\Drivers\dfsc.sys
0x8D824000 \SystemRoot\system32\drivers\NIS\1007000.01E\ccHPx 86.sys
0x8D89F000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x8D8AD000 \SystemRoot\system32\drivers\NIS\1007000.01E\BHDrv x86.sys
0x8D8EF000 \SystemRoot\System32\Drivers\avgmfx86.sys
0x8D8F5000 \SystemRoot\System32\Drivers\avgldx86.sys
0x8D929000 \SystemRoot\System32\Drivers\aswSP.SYS
0x8D950000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x8D971000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x8F824000 \SystemRoot\system32\DRIVERS\igdkmd32.sys
0x8FD2D000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x8D983000 \SystemRoot\System32\drivers\dxgmms1.sys
0x8F800000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x9661F000 \SystemRoot\system32\DRIVERS\bcmwl6.sys
0x96886000 \SystemRoot\system32\DRIVERS\vwifibus.sys
0x96890000 \SystemRoot\system32\DRIVERS\L1C62x86.sys
0x968A0000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0x968AB000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x968F6000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x96905000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x9691D000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x9692A000 \SystemRoot\system32\DRIVERS\SynTP.sys
0x9695D000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x9695F000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x9696C000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x96970000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x96979000 \SystemRoot\system32\DRIVERS\CompositeBus.sys
0x96986000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x96998000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x969B0000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x969BB000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x969DD000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x96600000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x8FDE4000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x969F5000 \SystemRoot\system32\DRIVERS\rdpbus.sys
0x96617000 \SystemRoot\system32\DRIVERS\swenum.sys
0x8D9BC000 \SystemRoot\system32\DRIVERS\ks.sys
0x8D9F0000 \SystemRoot\system32\DRIVERS\umbus.sys
0x80E00000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x80E44000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x80E55000 \SystemRoot\system32\DRIVERS\stwrt.sys
0x80EBC000 \SystemRoot\system32\DRIVERS\portcls.sys
0x80EEB000 \SystemRoot\system32\DRIVERS\drmk.sys
0x80F04000 \SystemRoot\System32\Drivers\crashdmp.sys
0x80F11000 \SystemRoot\System32\Drivers\dump_iaStor.sys
0x80FEB000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x81410000 \SystemRoot\System32\win32k.sys
0x8D800000 \SystemRoot\System32\drivers\Dxapi.sys
0x8D80A000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x8A1E8000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x8D815000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x8A034000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x8A03F000 \SystemRoot\system32\DRIVERS\monitor.sys
0x81670000 \SystemRoot\System32\TSDDD.dll
0x8A04A000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x816A0000 \SystemRoot\System32\cdd.dll
0x8A061000 \SystemRoot\System32\Drivers\usbvideo.sys
0x816C0000 \SystemRoot\System32\ATMFD.DLL
0x8A085000 \SystemRoot\system32\drivers\luafv.sys
0x8A0A0000 \??\C:\Windows\system32\drivers\aswMonFlt.sys
0x80FFC000 \SystemRoot\System32\Drivers\aswFsBlk.SYS
0x8A0B7000 \SystemRoot\system32\drivers\WudfPf.sys
0x8A0D1000 \SystemRoot\system32\DRIVERS\lltdio.sys
0xA6C2C000 \SystemRoot\system32\DRIVERS\nwifi.sys
0xA6C72000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xA6C82000 \SystemRoot\system32\DRIVERS\rspndr.sys
0xA6C95000 \SystemRoot\system32\drivers\HTTP.sys
0xA6D1A000 \SystemRoot\system32\DRIVERS\bowser.sys
0xA6D33000 \SystemRoot\System32\drivers\mpsdrv.sys
0xA6D45000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xA6D68000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0xA6DA3000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0xAFC04000 \SystemRoot\system32\drivers\peauth.sys
0xAFC9B000 \SystemRoot\System32\Drivers\secdrv.SYS
0xAFCA5000 \SystemRoot\System32\DRIVERS\srvnet.sys
0xAFCC6000 \SystemRoot\System32\drivers\tcpipreg.sys
0xAFCD3000 \SystemRoot\System32\DRIVERS\srv2.sys
0xAFD22000 \SystemRoot\System32\DRIVERS\srv.sys
0xAFD73000 \SystemRoot\System32\drivers\rdpdr.sys
0xAFD98000 \SystemRoot\system32\drivers\tdtcp.sys
0xAFDA2000 \SystemRoot\System32\DRIVERS\tssecsrv.sys
0xAFDAF000 \SystemRoot\System32\Drivers\RDPWD.SYS
0x8361A000 \SystemRoot\system32\drivers\spsys.sys
0x77500000 \Windows\System32\ntdll.dll
0x47DA0000 \Windows\System32\smss.exe
0x77740000 \Windows\System32\apisetschema.dll
0x00C10000 \Windows\System32\autochk.exe
0x776A0000 \Windows\System32\clbcatq.dll
0x77690000 \Windows\System32\psapi.dll
0x77400000 \Windows\System32\wininet.dll
0x77320000 \Windows\System32\kernel32.dll
0x77680000 \Windows\System32\lpk.dll
0x77270000 \Windows\System32\rpcrt4.dll
0x77110000 \Windows\System32\ole32.dll
0x76F10000 \Windows\System32\iertutil.dll
0x76E70000 \Windows\System32\usp10.dll
0x77640000 \Windows\System32\ws2_32.dll
0x76D30000 \Windows\System32\urlmon.dll
0x76CE0000 \Windows\System32\gdi32.dll
0x76090000 \Windows\System32\shell32.dll
0x75FC0000 \Windows\System32\user32.dll
0x75F90000 \Windows\System32\imagehlp.dll
0x75DF0000 \Windows\System32\setupapi.dll
0x75DD0000 \Windows\System32\sechost.dll
0x75D30000 \Windows\System32\advapi32.dll
0x75CE0000 \Windows\System32\Wldap32.dll
0x75CD0000 \Windows\System32\normaliz.dll
0x75C50000 \Windows\System32\comdlg32.dll
0x75B80000 \Windows\System32\msctf.dll
0x75AF0000 \Windows\System32\oleaut32.dll
0x75AD0000 \Windows\System32\imm32.dll
0x75AC0000 \Windows\System32\nsi.dll
0x75A60000 \Windows\System32\shlwapi.dll
0x759B0000 \Windows\System32\msvcrt.dll
0x75950000 \Windows\System32\difxapi.dll
0x758C0000 \Windows\System32\comctl32.dll
0x75870000 \Windows\System32\KernelBase.dll
0x75840000 \Windows\System32\wintrust.dll
0x75720000 \Windows\System32\crypt32.dll
0x756F0000 \Windows\System32\cfgmgr32.dll
0x756D0000 \Windows\System32\devobj.dll
0x756C0000 \Windows\System32\msasn1.dll
Processes (total 76):
0 System Idle Process
4 System
312 C:\Windows\System32\smss.exe
416 csrss.exe
468 C:\Windows\System32\wininit.exe
476 csrss.exe
496 C:\Program Files\AVG\AVG9\avgchsvx.exe
524 C:\Windows\System32\winlogon.exe
536 C:\Program Files\AVG\AVG9\avgrsx.exe
596 C:\Program Files\AVG\AVG9\avgcsrvx.exe
656 C:\Windows\System32\services.exe
668 C:\Windows\System32\lsass.exe
676 C:\Windows\System32\lsm.exe
1024 C:\Windows\System32\svchost.exe
1124 C:\Windows\System32\svchost.exe
1224 C:\Windows\System32\svchost.exe
1292 C:\Windows\System32\svchost.exe
1332 C:\Windows\System32\svchost.exe
1372 C:\Windows\System32\DriverStore\FileRepository\stw rt.inf_x86_neutral_ee8b9ab8d1b9a68e\stacsv.exe
1456 C:\Windows\System32\audiodg.exe
1572 C:\Windows\System32\svchost.exe
1736 C:\Windows\System32\svchost.exe
1820 C:\Windows\System32\wlanext.exe
1828 C:\Windows\System32\conhost.exe
1840 C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
380 C:\Windows\System32\spoolsv.exe
908 C:\Windows\System32\svchost.exe
1884 C:\Windows\System32\DriverStore\FileRepository\stw rt.inf_x86_neutral_ee8b9ab8d1b9a68e\AEstSrv.exe
1672 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
1980 C:\Windows\System32\taskhost.exe
424 C:\Program Files\AVG\AVG9\avgwdsvc.exe
2080 C:\Windows\System32\dwm.exe
2088 C:\Program Files\Bonjour\mDNSResponder.exe
2176 C:\Windows\explorer.exe
2476 C:\Program Files\AVG\AVG9\avgam.exe
2508 C:\Program Files\AVG\AVG9\avgnsx.exe
2536 C:\Windows\System32\taskeng.exe
2572 C:\Program Files\DAEMON Tools Net\DTNetSrv.exe
2684 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
2732 C:\Program Files\IDT\WDM\sttray.exe
2748 C:\Program Files\HP\HPBTWD.exe
2836 C:\Program Files\Hewlett-Packard\HP QuickSync\QuickSync.exe
2876 C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
2916 C:\Program Files\Common Files\Java\Java Update\jusched.exe
2948 C:\Program Files\HP\HP Software Update\hpwuschd2.exe
2960 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
2988 C:\Program Files\Hewlett-Packard\HP QuickSync\jre\bin\javaw.exe
3064 C:\Program Files\iTunes\iTunesHelper.exe
3144 C:\Windows\System32\hkcmd.exe
3164 C:\Windows\System32\igfxpers.exe
3204 C:\Program Files\AVG\AVG9\avgtray.exe
3224 C:\Program Files\Norton Internet Security\Engine\16.7.0.30\ccSvcHst.exe
3268 C:\Program Files\Alwil Software\Avast5\AvastUI.exe
3464 C:\Windows\System32\svchost.exe
3504 C:\Windows\System32\igfxsrvc.exe
3620 C:\Windows\System32\svchost.exe
3964 C:\Program Files\AVG\AVG9\avgemc.exe
2844 C:\Program Files\AVG\AVG9\avgcsrvx.exe
4384 C:\Windows\System32\SearchIndexer.exe
4576 C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
4712 C:\Program Files\iPod\bin\iPodService.exe
4812 WmiPrvSE.exe
5256 C:\Program Files\Norton Internet Security\Engine\16.7.0.30\ccSvcHst.exe
5536 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
5544 C:\Program Files\AVG\AVG9\avgcsrvx.exe
5664 C:\Windows\System32\SearchProtocolHost.exe
5848 C:\Windows\System32\SearchFilterHost.exe
6100 C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
5924 C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
4432 C:\Windows\System32\sppsvc.exe
544 C:\Program Files\Windows Media Player\wmpnetwk.exe
5880 C:\Program Files\AVG\AVG9\avgupd.exe
3180 C:\Users\Owner\Downloads\MBRCheck.exe
3744 C:\Windows\System32\conhost.exe
5996 C:\Program Files\Mozilla Firefox\firefox.exe
4044 C:\Windows\System32\dllhost.exe
\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`0c800000 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000037`63500000 (NTFS)
PhysicalDrive0 Model Number: WDCWD2500BEVT-60ZCT1, Rev: 13.01A13
Size Device Name MBR Status
--------------------------------------------
232 GB \\.\PhysicalDrive0 Unknown MBR code
SHA1: F1A25A12D970D36E52B77D7FDA948E8EB3E290A6
Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:
Options:
[1] Dump the MBR of a physical disk to file.
[2] Restore the MBR of a physical disk with a standard boot code.
[3] Exit.
Enter your choice: Enter the physical disk number to fix (0-99, -1 to cancel): 0Available MBR codes:
[ 0] Default (Windows 7)
[ 1] Windows XP
[ 2] Windows Server 2003
[ 3] Windows Vista
[ 4] Windows 2008
[ 5] Windows 7
[-1] Cancel
Please select the MBR code to write to this drive: 5
Do you want to fix the MBR code? Type 'YES' and hit ENTER to continue: Yes
Successfully wrote new MBR code!
Please reboot your computer to complete the fix.
Done!
-
MBRCheck, version 1.2.3
(c) 2010, AD
Command-line:
Windows Version: Windows 7 Ultimate Edition
Windows Information: (build 7600), 32-bit
Base Board Manufacturer: Hewlett-Packard
BIOS Manufacturer: Hewlett-Packard
System Manufacturer: Hewlett-Packard
System Product Name: Compaq Mini 110c-1100
Logical Drives Mask: 0x0000001c
Kernel Drivers (total 207):
0x81A04000 \SystemRoot\system32\ntkrnlpa.exe
0x81E14000 \SystemRoot\system32\halmacpi.dll
0x818FA000 \SystemRoot\system32\kdcom.dll
0x86011000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x86089000 \SystemRoot\system32\PSHED.dll
0x8609A000 \SystemRoot\system32\BOOTVID.dll
0x860A2000 \SystemRoot\system32\CLFS.SYS
0x860E4000 \SystemRoot\system32\CI.dll
0x8618F000 \SystemRoot\system32\drivers\Wdf01000.sys
0x86000000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x86233000 \SystemRoot\system32\DRIVERS\ACPI.sys
0x8627B000 \SystemRoot\system32\DRIVERS\WMILIB.SYS
0x86284000 \SystemRoot\system32\DRIVERS\msisadrv.sys
0x8628C000 \SystemRoot\system32\DRIVERS\pci.sys
0x862B6000 \SystemRoot\system32\DRIVERS\vdrvroot.sys
0x862C1000 \SystemRoot\System32\drivers\partmgr.sys
0x862D2000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x862DA000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x862E5000 \SystemRoot\system32\DRIVERS\volmgr.sys
0x862F5000 \SystemRoot\System32\drivers\volmgrx.sys
0x86340000 \SystemRoot\System32\drivers\mountmgr.sys
0x8643B000 \SystemRoot\system32\DRIVERS\iaStor.sys
0x86515000 \SystemRoot\system32\DRIVERS\atapi.sys
0x8651E000 \SystemRoot\system32\DRIVERS\ataport.SYS
0x86541000 \SystemRoot\system32\DRIVERS\msahci.sys
0x8654B000 \SystemRoot\system32\DRIVERS\PCIIDEX.SYS
0x86559000 \SystemRoot\system32\DRIVERS\amdxata.sys
0x86562000 \SystemRoot\system32\drivers\fltmgr.sys
0x86596000 \SystemRoot\system32\drivers\fileinfo.sys
0x865A7000 \SystemRoot\system32\drivers\NIS\1007000.01E\SYMEF A.SYS
0x86607000 \SystemRoot\System32\Drivers\Ntfs.sys
0x86736000 \SystemRoot\System32\Drivers\msrpc.sys
0x86761000 \SystemRoot\System32\Drivers\ksecdd.sys
0x86774000 \SystemRoot\System32\Drivers\cng.sys
0x867D1000 \SystemRoot\System32\drivers\pcw.sys
0x867DF000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x86816000 \SystemRoot\system32\drivers\ndis.sys
0x868CD000 \SystemRoot\system32\drivers\NETIO.SYS
0x8690B000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x86A00000 \SystemRoot\System32\drivers\tcpip.sys
0x86B49000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x86B7A000 \SystemRoot\system32\DRIVERS\volsnap.sys
0x86BB9000 \SystemRoot\System32\Drivers\spldr.sys
0x86BC1000 \SystemRoot\System32\drivers\rdyboost.sys
0x86BEE000 \SystemRoot\System32\Drivers\mup.sys
0x86930000 \SystemRoot\System32\drivers\hwpolicy.sys
0x86938000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x8696A000 \SystemRoot\system32\DRIVERS\disk.sys
0x8697B000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
0x869A0000 \SystemRoot\System32\Drivers\avgrkx86.sys
0x8A148000 \SystemRoot\System32\Drivers\Null.SYS
0x8A14F000 \SystemRoot\System32\Drivers\Beep.SYS
0x8A156000 \SystemRoot\System32\drivers\vga.sys
0x8A162000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x8A183000 \SystemRoot\System32\drivers\watchdog.sys
0x8A190000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x8A198000 \SystemRoot\system32\drivers\rdpencdd.sys
0x8A1A0000 \SystemRoot\system32\drivers\rdprefmp.sys
0x8A1A8000 \SystemRoot\System32\Drivers\Msfs.SYS
0x8A1B3000 \SystemRoot\System32\Drivers\Npfs.SYS
0x8A1C1000 \SystemRoot\system32\DRIVERS\tdx.sys
0x8A1D8000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x8A1E3000 \SystemRoot\System32\Drivers\aswTdi.SYS
0x8A000000 \SystemRoot\system32\drivers\NIS\1007000.01E\SYMTD I.SYS
0x869B9000 \??\C:\Windows\system32\Drivers\SYMEVENT.SYS
0x86400000 \SystemRoot\System32\Drivers\avgtdix.sys
0x86356000 \SystemRoot\System32\DRIVERS\netbt.sys
0x86388000 \SystemRoot\system32\drivers\afd.sys
0x8A034000 \SystemRoot\System32\Drivers\aswRdr.SYS
0x8A129000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x869DE000 \SystemRoot\system32\DRIVERS\pacer.sys
0x8A130000 \SystemRoot\system32\DRIVERS\vwififlt.sys
0x8A1ED000 \SystemRoot\system32\DRIVERS\SymIMv.sys
0x86800000 \SystemRoot\system32\DRIVERS\netbios.sys
0x867E8000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x863E2000 \SystemRoot\system32\DRIVERS\termdd.sys
0x8A1F6000 \SystemRoot\system32\drivers\NIS\1007000.01E\SRTSP X.SYS
0x8A416000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x8A457000 \SystemRoot\system32\drivers\nsiproxy.sys
0x8A461000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x8A46B000 \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20100224. 002\IDSvix86.sys
0x8A4C3000 \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
0x8A521000 \??\C:\Windows\system32\drivers\dtcdrom.sys
0x8A556000 \SystemRoot\System32\drivers\discache.sys
0x8A562000 \SystemRoot\System32\Drivers\dfsc.sys
0x8A57A000 \SystemRoot\system32\drivers\NIS\1007000.01E\ccHPx 86.sys
0x8A400000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x8DA0E000 \SystemRoot\system32\drivers\NIS\1007000.01E\BHDrv x86.sys
0x8DA50000 \SystemRoot\System32\Drivers\avgmfx86.sys
0x8DA56000 \SystemRoot\System32\Drivers\avgldx86.sys
0x8DA8A000 \SystemRoot\System32\Drivers\aswSP.SYS
0x8DAB1000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x8DAD2000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x8EA16000 \SystemRoot\system32\DRIVERS\igdkmd32.sys
0x8EF1F000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x8DAE4000 \SystemRoot\System32\drivers\dxgmms1.sys
0x8EFD6000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x8F629000 \SystemRoot\system32\DRIVERS\bcmwl6.sys
0x8F890000 \SystemRoot\system32\DRIVERS\vwifibus.sys
0x8F89A000 \SystemRoot\system32\DRIVERS\L1C62x86.sys
0x8F8AA000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0x8F8B5000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x8F900000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x8F90F000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x8F927000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x8F934000 \SystemRoot\system32\DRIVERS\SynTP.sys
0x8F967000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x8F969000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x8F976000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x8F97A000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x8F983000 \SystemRoot\system32\DRIVERS\CompositeBus.sys
0x8F990000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x8F9A2000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x8F9BA000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x8F9C5000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x8F9E7000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x8F600000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x8DB1D000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x8F617000 \SystemRoot\system32\DRIVERS\rdpbus.sys
0x8F621000 \SystemRoot\system32\DRIVERS\swenum.sys
0x8DB34000 \SystemRoot\system32\DRIVERS\ks.sys
0x8EA00000 \SystemRoot\system32\DRIVERS\umbus.sys
0x8DB68000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x8DBAC000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x80C0E000 \SystemRoot\system32\DRIVERS\stwrt.sys
0x80C75000 \SystemRoot\system32\DRIVERS\portcls.sys
0x80CA4000 \SystemRoot\system32\DRIVERS\drmk.sys
0x80CBD000 \SystemRoot\System32\Drivers\crashdmp.sys
0x80CCA000 \SystemRoot\System32\Drivers\dump_iaStor.sys
0x80DA4000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x80E70000 \SystemRoot\System32\win32k.sys
0x80DB5000 \SystemRoot\System32\drivers\Dxapi.sys
0x80DBF000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x80DCA000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x80DDD000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x80DE4000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x80DEF000 \SystemRoot\system32\DRIVERS\monitor.sys
0x810D0000 \SystemRoot\System32\TSDDD.dll
0x81100000 \SystemRoot\System32\cdd.dll
0x8DBBD000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x8DBD4000 \SystemRoot\System32\Drivers\usbvideo.sys
0x81120000 \SystemRoot\System32\ATMFD.DLL
0x8A039000 \SystemRoot\system32\drivers\luafv.sys
0x8A054000 \??\C:\Windows\system32\drivers\aswMonFlt.sys
0x80DFA000 \SystemRoot\System32\Drivers\aswFsBlk.SYS
0x8A06B000 \SystemRoot\system32\drivers\WudfPf.sys
0x8A085000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x8A095000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x8A0DB000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x8A0EB000 \SystemRoot\system32\DRIVERS\rspndr.sys
0xAA01F000 \SystemRoot\system32\drivers\HTTP.sys
0xAA0A4000 \SystemRoot\system32\DRIVERS\bowser.sys
0xAA0BD000 \SystemRoot\System32\drivers\mpsdrv.sys
0xAA0CF000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xAA0F2000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0xAA12D000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0xAA160000 \SystemRoot\system32\drivers\peauth.sys
0xAA000000 \SystemRoot\System32\Drivers\secdrv.SYS
0x8A0FE000 \SystemRoot\System32\DRIVERS\srvnet.sys
0xAA00A000 \SystemRoot\System32\drivers\tcpipreg.sys
0xAF03B000 \SystemRoot\System32\DRIVERS\srv2.sys
0xAF08A000 \SystemRoot\System32\DRIVERS\srv.sys
0xAF0DB000 \SystemRoot\System32\drivers\rdpdr.sys
0xAF100000 \SystemRoot\system32\drivers\tdtcp.sys
0xAF10A000 \SystemRoot\System32\DRIVERS\tssecsrv.sys
0xAF117000 \SystemRoot\System32\Drivers\RDPWD.SYS
0xAF148000 \SystemRoot\system32\drivers\spsys.sys
0xAF1B2000 \SystemRoot\system32\DRIVERS\asyncmac.sys
0x77AD0000 \Windows\System32\ntdll.dll
0x47CB0000 \Windows\System32\smss.exe
0x77D10000 \Windows\System32\apisetschema.dll
0x003E0000 \Windows\System32\autochk.exe
0x77CC0000 \Windows\System32\ws2_32.dll
0x76E80000 \Windows\System32\shell32.dll
0x77C20000 \Windows\System32\advapi32.dll
0x76DB0000 \Windows\System32\user32.dll
0x76D20000 \Windows\System32\oleaut32.dll
0x76BE0000 \Windows\System32\urlmon.dll
0x76B80000 \Windows\System32\shlwapi.dll
0x77C10000 \Windows\System32\psapi.dll
0x769E0000 \Windows\System32\setupapi.dll
0x76880000 \Windows\System32\ole32.dll
0x76870000 \Windows\System32\nsi.dll
0x76790000 \Windows\System32\kernel32.dll
0x766F0000 \Windows\System32\usp10.dll
0x76690000 \Windows\System32\difxapi.dll
0x76490000 \Windows\System32\iertutil.dll
0x76470000 \Windows\System32\imm32.dll
0x763E0000 \Windows\System32\clbcatq.dll
0x763C0000 \Windows\System32\sechost.dll
0x763B0000 \Windows\System32\normaliz.dll
0x76360000 \Windows\System32\Wldap32.dll
0x76260000 \Windows\System32\wininet.dll
0x76210000 \Windows\System32\gdi32.dll
0x76190000 \Windows\System32\comdlg32.dll
0x76180000 \Windows\System32\lpk.dll
0x76150000 \Windows\System32\imagehlp.dll
0x760A0000 \Windows\System32\rpcrt4.dll
0x75FF0000 \Windows\System32\msvcrt.dll
0x75F20000 \Windows\System32\msctf.dll
0x75E90000 \Windows\System32\comctl32.dll
0x75E60000 \Windows\System32\wintrust.dll
0x75E40000 \Windows\System32\devobj.dll
0x75E10000 \Windows\System32\cfgmgr32.dll
0x75DC0000 \Windows\System32\KernelBase.dll
0x75CA0000 \Windows\System32\crypt32.dll
0x75C90000 \Windows\System32\msasn1.dll
Processes (total 76):
0 System Idle Process
4 System
312 C:\Windows\System32\smss.exe
416 csrss.exe
468 C:\Windows\System32\wininit.exe
476 csrss.exe
516 C:\Windows\System32\winlogon.exe
528 C:\Program Files\AVG\AVG9\avgchsvx.exe
556 C:\Program Files\AVG\AVG9\avgrsx.exe
584 C:\Program Files\AVG\AVG9\avgcsrvx.exe
648 C:\Windows\System32\services.exe
660 C:\Windows\System32\lsass.exe
668 C:\Windows\System32\lsm.exe
932 C:\Windows\System32\svchost.exe
1024 C:\Windows\System32\svchost.exe
1212 C:\Windows\System32\svchost.exe
1272 C:\Windows\System32\svchost.exe
1304 C:\Windows\System32\svchost.exe
1336 C:\Windows\System32\DriverStore\FileRepository\stw rt.inf_x86_neutral_ee8b9ab8d1b9a68e\stacsv.exe
1464 C:\Windows\System32\audiodg.exe
1528 C:\Windows\System32\svchost.exe
1668 C:\Windows\System32\svchost.exe
1800 C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
1808 C:\Windows\System32\wlanext.exe
1820 C:\Windows\System32\conhost.exe
1348 C:\Windows\System32\dwm.exe
1548 C:\Windows\explorer.exe
1608 C:\Windows\System32\spoolsv.exe
1748 C:\Windows\System32\svchost.exe
1772 C:\Windows\System32\taskhost.exe
2092 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
2108 C:\Program Files\IDT\WDM\sttray.exe
2180 C:\Program Files\HP\HPBTWD.exe
2208 C:\Program Files\Hewlett-Packard\HP QuickSync\QuickSync.exe
2244 C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
2256 C:\Program Files\Common Files\Java\Java Update\jusched.exe
2276 C:\Program Files\HP\HP Software Update\hpwuschd2.exe
2292 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
2400 C:\Program Files\iTunes\iTunesHelper.exe
2412 C:\Program Files\Hewlett-Packard\HP QuickSync\jre\bin\javaw.exe
2448 C:\Windows\System32\hkcmd.exe
2464 C:\Windows\System32\igfxpers.exe
2516 C:\Program Files\AVG\AVG9\avgtray.exe
2544 C:\Windows\System32\DriverStore\FileRepository\stw rt.inf_x86_neutral_ee8b9ab8d1b9a68e\AEstSrv.exe
2592 C:\Program Files\Alwil Software\Avast5\AvastUI.exe
2616 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
2672 C:\Program Files\AVG\AVG9\avgwdsvc.exe
2760 C:\Program Files\Bonjour\mDNSResponder.exe
2768 C:\Windows\System32\igfxsrvc.exe
3312 C:\Program Files\AVG\AVG9\avgam.exe
3336 C:\Program Files\DAEMON Tools Net\DTNetSrv.exe
3420 C:\Program Files\AVG\AVG9\avgnsx.exe
3796 C:\Windows\System32\taskeng.exe
3804 C:\Program Files\Norton Internet Security\Engine\16.7.0.30\ccSvcHst.exe
3920 C:\Windows\System32\svchost.exe
4008 C:\Windows\System32\svchost.exe
2168 C:\Program Files\AVG\AVG9\avgemc.exe
3636 C:\Program Files\AVG\AVG9\avgcsrvx.exe
4188 C:\Windows\System32\SearchIndexer.exe
4624 C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
4696 C:\Program Files\iPod\bin\iPodService.exe
4724 WmiPrvSE.exe
5064 C:\Program Files\Norton Internet Security\Engine\16.7.0.30\ccSvcHst.exe
5472 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
5532 C:\Program Files\AVG\AVG9\avgcsrvx.exe
6008 C:\Windows\System32\SearchProtocolHost.exe
6052 C:\Windows\System32\SearchFilterHost.exe
6120 C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
2820 C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
5424 C:\Windows\System32\sppsvc.exe
2196 C:\Program Files\Windows Media Player\wmpnetwk.exe
5880 dllhost.exe
2828 dllhost.exe
5952 C:\Users\Owner\Downloads\MBRCheck.exe
4536 C:\Windows\System32\conhost.exe
5912 C:\Windows\System32\dllhost.exe
\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`0c800000 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000037`63500000 (NTFS)
PhysicalDrive0 Model Number: WDCWD2500BEVT-60ZCT1, Rev: 13.01A13
Size Device Name MBR Status
--------------------------------------------
232 GB \\.\PhysicalDrive0 Unknown MBR code
SHA1: F1A25A12D970D36E52B77D7FDA948E8EB3E290A6
Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:
Options:
[1] Dump the MBR of a physical disk to file.
[2] Restore the MBR of a physical disk with a standard boot code.
[3] Exit.
Enter your choice:
-
Reboot and post new MBRCheck log.
Junior Member
