Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
Computer stuck in continuous reboot cycle.
Message
<blockquote data-quote="dpwyatt" data-source="post: 269894" data-attributes="member: 28173"><p>Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 21-09-2014 01</p><p>Ran by SYSTEM on REATOGO on 30-09-2014 03:31:29</p><p>Running from I:\</p><p>Platform: Microsoft Windows XP (X86) OS Language: English (United States)</p><p>Internet Explorer Version 8</p><p>Boot Mode: Recovery</p><p></p><p>The current controlset is ControlSet001</p><p><strong>ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.</strong></p><p></p><p>Tutorial for Farbar Recovery Scan Tool: <a href="http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/" target="_blank">http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/</a></p><p></p><p>==================== Registry (Whitelisted) ==================</p><p></p><p>(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)</p><p></p><p>HKLM\...\Run: [NeroFilterCheck] => C:\WINDOWS\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)</p><p>HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup</p><p>HKLM\...\Run: [nwiz] => nwiz.exe /install</p><p>HKLM\...\Run: [] => [X]</p><p>HKLM\...\Run: [CHotkey] => C:\Windows\zHotkey.exe [543232 2004-05-17] ()</p><p>HKLM\...\Run: [ShowWnd] => C:\Windows\ShowWnd.exe [36864 2003-09-19] ()</p><p>HKLM\...\Run: [SunKistEM] => C:\Program Files\Digital Media Reader\shwiconem.exe [135168 2004-03-11] (Alcor Micro, Corp.)</p><p>HKLM\...\Run: [Microsoft Works Update Detection] => C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe [50688 2003-06-07] (Microsoft® Corporation)</p><p>HKLM\...\Run: [ArcSoft Connection Service] => C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [72192 2008-01-16] (ArcSoft)</p><p>HKLM\...\Run: [PMBVolumeWatcher] => C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe [597792 2009-10-24] (Sony Corporation)</p><p>HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)</p><p>HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)</p><p>HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [866584 2006-11-03] (Microsoft Corporation)</p><p>HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k</p><p>HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-10-23] (Apple Inc.)</p><p>HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2014\avgui.exe [5188112 2014-08-25] (AVG Technologies CZ, s.r.o.)</p><p>HKLM\...\Run: [vProt] => C:\Program Files\AVG Web TuneUp\vprot.exe [2680344 2014-09-03] ()</p><p>HKLM\...\runonceex: [] => [X]</p><p>HKLM\...\Policies\Explorer: [NoCDBurning] 0</p><p>HKU\Default User\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)</p><p>HKU\Owner\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)</p><p>HKU\Owner\...\Run: [NETGEARGenie] => C:\Program Files\NETGEAR Genie\bin\NETGEARGenie.exe [1041736 2012-10-16] ()</p><p>HKU\Owner\...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_14_0_0_145_Plugin.exe -update plugin</p><p>Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk</p><p>ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Development Company, L.P.)</p><p>Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk</p><p>ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)</p><p>BootExecute: "autocheck autochk * "C:\PROGRA~1\AVG\AVG2014\avgrsx.exe /sync /restart</p><p></p><p>========================== Services (Whitelisted) =================</p><p></p><p>(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)</p><p></p><p>S4 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [104960 2008-01-16] (ArcSoft)</p><p>S2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3242000 2014-08-25] (AVG Technologies CZ, s.r.o.)</p><p>S2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [289328 2014-08-25] (AVG Technologies CZ, s.r.o.)</p><p>S4 getPlus(R) Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [33176 2009-03-03] (NOS Microsystems Ltd.)</p><p>S4 JavaQuickStarterService; C:\Program Files\Java\jre6\bin\jqs.exe [153376 2010-12-04] (Sun Microsystems, Inc.)</p><p>S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)</p><p>S2 NETGEARGenieDaemon; C:\Program Files\NETGEAR Genie\bin\NETGEARGenieDaemon.exe [195400 2012-09-25] (NETGEAR)</p><p>S2 vToolbarUpdater3.2.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe [1843736 2014-09-03] (AVG Secure Search)</p><p>S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [13592 2006-11-03] (Microsoft Corporation)</p><p></p><p>==================== Drivers (Whitelisted) ====================</p><p></p><p>(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)</p><p></p><p>S3 .afd; \* [167416 2013-05-28] ()</p><p>S3 Afc; C:\Windows\System32\drivers\Afc.sys [11776 2005-02-23] (Arcsoft, Inc.)</p><p>S1 archlp; C:\Windows\System32\Drivers\archlp.sys [10624 2008-01-25] ()</p><p>S2 ASCTRM; C:\Windows\System32\Drivers\ASCTRM.sys [8552 2003-01-03] (Windows (R) 2000 DDK provider)</p><p>S1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [121624 2014-06-30] (AVG Technologies CZ, s.r.o.)</p><p>S1 AVGIDSDriverl; C:\Windows\System32\DRIVERS\avgidsdriverlx.sys [191256 2014-07-21] (AVG Technologies CZ, s.r.o.)</p><p>S0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [147736 2014-06-17] (AVG Technologies CZ, s.r.o.)</p><p>S1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-17] (AVG Technologies CZ, s.r.o.)</p><p>S1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [188696 2014-06-17] (AVG Technologies CZ, s.r.o.)</p><p>S0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [241944 2014-06-17] (AVG Technologies CZ, s.r.o.)</p><p>S0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [98584 2014-08-06] (AVG Technologies CZ, s.r.o.)</p><p>S0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27416 2014-06-17] (AVG Technologies CZ, s.r.o.)</p><p>S1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [197400 2014-06-17] (AVG Technologies CZ, s.r.o.)</p><p>S1 avgtp; C:\WINDOWS\system32\drivers\avgtpx86.sys [42784 2014-09-03] (AVG Technologies)</p><p>S3 HPZid412; C:\Windows\System32\DRIVERS\HPZid412.sys [49664 2006-04-12] (HP)</p><p>S3 HPZipr12; C:\Windows\System32\DRIVERS\HPZipr12.sys [16496 2006-04-12] (HP)</p><p>S3 HPZius12; C:\Windows\System32\DRIVERS\HPZius12.sys [21568 2006-04-12] (HP)</p><p>S3 ltmodem5; C:\Windows\System32\DRIVERS\ltmdmnt.sys [606684 2008-04-14] (LT)</p><p>S3 ms_mpu401; C:\Windows\System32\drivers\msmpu401.sys [2944 2001-08-17] (Microsoft Corporation)</p><p>S2 NPF; C:\WINDOWS\system32\drivers\npf.sys [35088 2013-02-16] (CACE Technologies, Inc.)</p><p>S3 nvax; C:\Windows\System32\drivers\nvax.sys [36864 2003-09-02] (NVIDIA Corporation)</p><p>S3 NVENET; C:\Windows\System32\DRIVERS\NVENET.sys [72771 2003-08-15] (NVIDIA Corporation)</p><p>S3 nvnforce; C:\Windows\System32\drivers\nvapu.sys [312704 2003-09-02] (NVIDIA Corporation)</p><p>S0 nv_agp; C:\Windows\System32\DRIVERS\nv_agp.sys [18688 2003-03-19] (NVIDIA Corporation)</p><p>S3 rtl8139; C:\Windows\System32\DRIVERS\RTL8139.SYS [20992 2008-04-14] (Realtek Semiconductor Corporation)</p><p>S3 SunkFilt; C:\WINDOWS\System32\Drivers\sunkfilt.sys [40564 2004-03-22] (Alcor Micro Corp.)</p><p>S3 SunkFilt39; C:\WINDOWS\System32\Drivers\sunkfilt39.sys [42936 2004-03-22] (Alcor Micro Corp.)</p><p>S0 Achernar; System32\Drivers\Achernar.sys [X]</p><p>S3 AFGMp50; System32\Drivers\AFGMp50.sys [X]</p><p>S3 AFGSp50; System32\Drivers\AFGSp50.sys [X]</p><p>S4 IntelIde; No ImagePath</p><p>S5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)</p><p>S3 Sunkfiltp; \??\C:\WINDOWS\System32\Drivers\sunkfiltp.sys [X]</p><p>S3 udfpt; system32\drivers\udfpt.sys [X]</p><p>S3 usbbus; System32\DRIVERS\lgusbbus.sys [X]</p><p>S3 UsbDiag; System32\DRIVERS\lgusbdiag.sys [X]</p><p>S3 USBModem; System32\DRIVERS\lgusbmodem.sys [X]</p><p>S3 wanatw; System32\DRIVERS\wanatw4.sys [X]</p><p></p><p>==================== NetSvcs (Whitelisted) ===================</p><p></p><p></p><p>(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)</p><p></p><p></p><p>==================== One Month Created Files and Folders ========</p><p></p><p>(If an entry is included in the fixlist, the file\folder will be moved.)</p><p></p><p>2014-09-22 22:05 - 2014-09-29 17:04 - 00000000 ____D () C:\FRST</p><p>2014-09-12 17:59 - 2014-09-12 18:01 - 00000000 ____D () C:\Program Files\Mozilla Firefox</p><p></p><p>==================== One Month Modified Files and Folders =======</p><p></p><p>(If an entry is included in the fixlist, the file\folder will be moved.)</p><p></p><p>2014-09-29 17:04 - 2014-09-22 22:05 - 00000000 ____D () C:\FRST</p><p>2014-09-12 21:18 - 2009-03-03 20:36 - 02054640 _____ () C:\Windows\WindowsUpdate.log</p><p>2014-09-12 21:18 - 2003-01-03 09:00 - 00032582 _____ () C:\Windows\SchedLgU.Txt</p><p>2014-09-12 21:17 - 2003-01-03 00:52 - 00000268 _____ () C:\Windows\wiadebug.log</p><p>2014-09-12 21:16 - 2014-07-07 01:31 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVG2014</p><p>2014-09-12 21:11 - 2004-08-10 23:42 - 00000000 ____D () C:\Documents and Settings\Owner\Local Settings\Temp</p><p>2014-09-12 19:46 - 2014-07-07 00:54 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\MFAData</p><p>2014-09-12 19:46 - 2013-02-10 19:37 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service</p><p>2014-09-12 18:01 - 2014-09-12 17:59 - 00000000 ____D () C:\Program Files\Mozilla Firefox</p><p>2014-09-12 09:08 - 2013-09-26 09:03 - 00000000 ____D () C:\Windows\System32\MRT</p><p>2014-09-12 09:01 - 2009-08-13 20:16 - 98758480 ____C (Microsoft Corporation) C:\Windows\System32\MRT.exe</p><p>2014-09-11 20:52 - 2013-11-09 18:57 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe</p><p>2014-09-11 20:52 - 2013-03-16 09:27 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl</p><p>2014-09-11 19:52 - 2003-01-03 10:06 - 00003731 _____ () C:\Windows\System32\nvapps.xml</p><p>2014-09-11 19:50 - 2003-01-03 00:52 - 00000049 _____ () C:\Windows\wiaservc.log</p><p>2014-09-11 01:45 - 2013-08-14 08:04 - 00104830 _____ () C:\Windows\setupapi.log</p><p>2014-09-11 01:40 - 2003-01-03 07:42 - 00001158 _____ () C:\Windows\System32\wpa.dbl</p><p>2014-09-03 14:51 - 2014-07-09 00:00 - 00000000 ____D () C:\Program Files\AVG Web TuneUp</p><p>2014-09-03 14:50 - 2014-07-09 00:01 - 00042784 _____ (AVG Technologies) C:\Windows\System32\Drivers\avgtpx86.sys</p><p>2014-09-02 10:46 - 2014-07-07 01:34 - 00000702 _____ () C:\Documents and Settings\All Users\Desktop\AVG 2014.lnk</p><p></p><p>Some content of TEMP:</p><p>====================</p><p>C:\Documents and Settings\Owner\Local Settings\Temp\AutoRun.exe</p><p>C:\Documents and Settings\Owner\Local Settings\Temp\AutoRunGUI.dll</p><p>C:\Documents and Settings\Owner\Local Settings\Temp\drm_dyndata_7350007.dll</p><p>C:\Documents and Settings\Owner\Local Settings\Temp\EAInstall.dll</p><p>C:\Documents and Settings\Owner\Local Settings\Temp\eauninstall.exe</p><p>C:\Documents and Settings\Owner\Local Settings\Temp\Quarantine.exe</p><p>C:\Documents and Settings\Owner\Local Settings\Temp\The Sims Castaway Stories_uninst.exe</p><p>C:\Documents and Settings\Owner\Local Settings\Temp\uninst.dll</p><p>C:\Documents and Settings\Owner\Local Settings\Temp\VP6Install.exe</p><p>C:\Documents and Settings\Owner\Local Settings\Temp\VP6VFW.dll</p><p></p><p></p><p>==================== Known DLLs (Whitelisted) ============</p><p></p><p></p><p>==================== Bamital & volsnap Check =================</p><p></p><p>(There is no automatic fix for files that do not pass verification.)</p><p></p><p>C:\Windows\explorer.exe => MD5 is legit</p><p>C:\Windows\System32\winlogon.exe => MD5 is legit</p><p>C:\Windows\System32\svchost.exe => MD5 is legit</p><p>C:\Windows\System32\services.exe => MD5 is legit</p><p>C:\Windows\System32\User32.dll => MD5 is legit</p><p>C:\Windows\System32\userinit.exe => MD5 is legit</p><p>C:\Windows\System32\rpcss.dll => MD5 is legit</p><p>C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit</p><p></p><p>==================== Restore Points (XP) =====================</p><p></p><p>RP: -> 2014-09-12 09:00 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1426 </p><p></p><p>RP: -> 2014-09-12 02:54 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1425 </p><p></p><p>RP: -> 2014-09-11 02:38 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1424 </p><p></p><p>RP: -> 2014-09-09 04:51 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1423 </p><p></p><p>RP: -> 2014-09-08 04:39 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1422 </p><p></p><p>RP: -> 2014-09-07 03:51 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1421 </p><p></p><p>RP: -> 2014-09-06 02:39 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1420 </p><p></p><p>RP: -> 2014-09-05 02:10 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1419 </p><p></p><p>RP: -> 2014-09-04 01:59 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1418 </p><p></p><p>RP: -> 2014-09-03 01:19 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1417 </p><p></p><p>RP: -> 2014-08-31 15:45 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1416 </p><p></p><p>RP: -> 2014-08-28 09:03 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1415 </p><p></p><p>RP: -> 2014-08-26 23:57 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1414 </p><p></p><p>RP: -> 2014-08-25 21:24 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1413 </p><p></p><p>RP: -> 2014-08-24 08:56 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1412 </p><p></p><p>RP: -> 2014-08-23 00:34 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1411 </p><p></p><p>RP: -> 2014-08-21 22:13 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1410 </p><p></p><p>RP: -> 2014-08-20 21:26 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1409 </p><p></p><p>RP: -> 2014-08-19 20:26 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1408 </p><p></p><p>RP: -> 2014-08-18 19:14 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1407 </p><p></p><p>RP: -> 2014-08-17 18:37 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1406 </p><p></p><p>RP: -> 2014-08-16 18:32 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1405 </p><p></p><p>RP: -> 2014-08-15 18:05 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1404 </p><p></p><p>RP: -> 2014-08-14 08:56 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1403 </p><p></p><p>RP: -> 2014-08-14 01:26 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1402 </p><p></p><p>RP: -> 2014-08-12 09:50 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1401 </p><p></p><p>RP: -> 2014-08-11 09:02 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1400 </p><p></p><p>RP: -> 2014-08-10 08:02 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1399 </p><p></p><p>RP: -> 2014-08-09 07:05 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1398 </p><p></p><p>RP: -> 2014-08-08 01:02 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1397 </p><p></p><p>RP: -> 2014-08-07 00:03 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1396 </p><p></p><p>RP: -> 2014-08-05 22:54 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1395 </p><p></p><p>RP: -> 2014-08-04 22:43 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1394 </p><p></p><p>RP: -> 2014-08-03 22:09 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1393 </p><p></p><p>RP: -> 2014-08-03 17:43 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1392 </p><p></p><p>RP: -> 2014-08-02 17:42 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1391 </p><p></p><p>RP: -> 2014-08-01 16:58 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1390 </p><p></p><p>RP: -> 2014-08-01 16:46 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1389 </p><p></p><p>RP: -> 2014-08-01 05:47 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1388 </p><p></p><p>RP: -> 2014-07-31 04:54 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1387 </p><p></p><p>RP: -> 2014-07-30 04:48 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1386 </p><p></p><p>RP: -> 2014-07-29 03:49 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1385 </p><p></p><p>RP: -> 2014-07-28 03:37 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1384 </p><p></p><p>RP: -> 2014-07-27 02:49 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1383 </p><p></p><p>RP: -> 2014-07-26 01:49 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1382 </p><p></p><p>RP: -> 2014-07-25 00:49 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1381 </p><p></p><p>RP: -> 2014-07-24 00:38 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1380 </p><p></p><p>RP: -> 2014-07-22 23:50 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1379 </p><p></p><p>RP: -> 2014-07-21 23:39 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1378 </p><p></p><p>RP: -> 2014-07-20 22:51 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1377 </p><p></p><p>RP: -> 2014-07-19 21:51 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1376 </p><p></p><p>RP: -> 2014-07-18 20:51 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1375 </p><p></p><p>RP: -> 2014-07-17 19:51 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1374 </p><p></p><p>RP: -> 2014-07-16 18:52 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1373 </p><p></p><p>RP: -> 2014-07-15 18:09 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1372 </p><p></p><p>RP: -> 2014-07-13 04:04 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1371 </p><p></p><p>RP: -> 2014-07-12 03:48 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1370 </p><p></p><p>RP: -> 2014-07-11 02:04 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1369 </p><p></p><p>RP: -> 2014-07-10 01:50 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1368 </p><p></p><p>RP: -> 2014-07-09 00:57 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1367 </p><p></p><p>RP: -> 2014-07-08 02:25 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1366 </p><p></p><p>RP: -> 2014-07-07 01:31 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1365 </p><p></p><p>RP: -> 2014-07-07 01:30 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1364 </p><p></p><p>RP: -> 2014-07-06 22:12 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1363 </p><p></p><p>RP: -> 2014-07-04 05:56 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1362 </p><p></p><p>RP: -> 2014-07-03 08:25 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1361 </p><p></p><p>RP: -> 2014-07-02 08:24 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1360 </p><p></p><p>RP: -> 2014-07-01 02:51 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1359 </p><p></p><p>RP: -> 2014-06-30 05:05 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1358 </p><p></p><p>RP: -> 2014-06-29 04:53 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1357 </p><p></p><p>RP: -> 2014-06-28 03:53 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1356 </p><p></p><p>RP: -> 2014-06-27 02:51 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1355 </p><p></p><p>RP: -> 2014-06-27 00:53 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1354 </p><p></p><p>RP: -> 2014-06-26 00:22 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1353 </p><p></p><p>RP: -> 2014-06-23 09:27 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1352 </p><p></p><p>RP: -> 2014-06-22 08:53 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1351 </p><p></p><p>RP: -> 2014-06-20 08:04 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1350 </p><p></p><p>RP: -> 2014-06-17 03:06 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1349 </p><p></p><p>RP: -> 2014-06-16 17:31 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1348 </p><p></p><p>RP: -> 2014-06-15 17:19 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1347 </p><p></p><p></p><p>==================== Memory info =========================== </p><p></p><p>Percentage of memory in use: 61%</p><p>Total physical RAM: 447.48 MB</p><p>Available physical RAM: 171.14 MB</p><p>Total Pagefile: 363.32 MB</p><p>Available Pagefile: 269.15 MB</p><p>Total Virtual: 2047.88 MB</p><p>Available Virtual: 2000.05 MB</p><p></p><p>==================== Drives ================================</p><p></p><p>Drive b: (RAMDisk) (Fixed) (Total:0.06 GB) (Free:0.06 GB) NTFS</p><p>Drive c: () (Fixed) (Total:149.05 GB) (Free:91.3 GB) NTFS ==>[Drive with boot components (Windows XP)]</p><p>Drive i: (KINGSTON) (Removable) (Total:1.87 GB) (Free:0.11 GB) FAT</p><p>Drive x: (ReatogoPE) (CDROM) (Total:0.43 GB) (Free:0 GB) CDFS</p><p></p><p>==================== MBR & Partition Table ==================</p><p></p><p>========================================================</p><p>Disk: 0 (MBR Code: Windows XP) (Size: 149.1 GB) (Disk ID: BD01E960)</p><p>Partition 1: (Active) - (Size=149 GB) - (Type=07 NTFS)</p><p></p><p>========================================================</p><p>Disk: 5 (Size: 1.9 GB) (Disk ID: 2D55086E)</p><p>Partition 1: (Not Active) - (Size=1.9 GB) - (Type=06)</p><p></p><p>==================== End Of Log ============================</p></blockquote><p></p>
[QUOTE="dpwyatt, post: 269894, member: 28173"] Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 21-09-2014 01 Ran by SYSTEM on REATOGO on 30-09-2014 03:31:29 Running from I:\ Platform: Microsoft Windows XP (X86) OS Language: English (United States) Internet Explorer Version 8 Boot Mode: Recovery The current controlset is ControlSet001 [b]ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.[/b] Tutorial for Farbar Recovery Scan Tool: [url]http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/[/url] ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [NeroFilterCheck] => C:\WINDOWS\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh) HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup HKLM\...\Run: [nwiz] => nwiz.exe /install HKLM\...\Run: [] => [X] HKLM\...\Run: [CHotkey] => C:\Windows\zHotkey.exe [543232 2004-05-17] () HKLM\...\Run: [ShowWnd] => C:\Windows\ShowWnd.exe [36864 2003-09-19] () HKLM\...\Run: [SunKistEM] => C:\Program Files\Digital Media Reader\shwiconem.exe [135168 2004-03-11] (Alcor Micro, Corp.) HKLM\...\Run: [Microsoft Works Update Detection] => C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe [50688 2003-06-07] (Microsoft® Corporation) HKLM\...\Run: [ArcSoft Connection Service] => C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [72192 2008-01-16] (ArcSoft) HKLM\...\Run: [PMBVolumeWatcher] => C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe [597792 2009-10-24] (Sony Corporation) HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.) HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.) HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [866584 2006-11-03] (Microsoft Corporation) HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-10-23] (Apple Inc.) HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2014\avgui.exe [5188112 2014-08-25] (AVG Technologies CZ, s.r.o.) HKLM\...\Run: [vProt] => C:\Program Files\AVG Web TuneUp\vprot.exe [2680344 2014-09-03] () HKLM\...\runonceex: [] => [X] HKLM\...\Policies\Explorer: [NoCDBurning] 0 HKU\Default User\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation) HKU\Owner\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation) HKU\Owner\...\Run: [NETGEARGenie] => C:\Program Files\NETGEAR Genie\bin\NETGEARGenie.exe [1041736 2012-10-16] () HKU\Owner\...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_14_0_0_145_Plugin.exe -update plugin Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Development Company, L.P.) Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.) BootExecute: "autocheck autochk * "C:\PROGRA~1\AVG\AVG2014\avgrsx.exe /sync /restart ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S4 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [104960 2008-01-16] (ArcSoft) S2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3242000 2014-08-25] (AVG Technologies CZ, s.r.o.) S2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [289328 2014-08-25] (AVG Technologies CZ, s.r.o.) S4 getPlus(R) Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [33176 2009-03-03] (NOS Microsystems Ltd.) S4 JavaQuickStarterService; C:\Program Files\Java\jre6\bin\jqs.exe [153376 2010-12-04] (Sun Microsystems, Inc.) S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.) S2 NETGEARGenieDaemon; C:\Program Files\NETGEAR Genie\bin\NETGEARGenieDaemon.exe [195400 2012-09-25] (NETGEAR) S2 vToolbarUpdater3.2.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe [1843736 2014-09-03] (AVG Secure Search) S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [13592 2006-11-03] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 .afd; \* [167416 2013-05-28] () S3 Afc; C:\Windows\System32\drivers\Afc.sys [11776 2005-02-23] (Arcsoft, Inc.) S1 archlp; C:\Windows\System32\Drivers\archlp.sys [10624 2008-01-25] () S2 ASCTRM; C:\Windows\System32\Drivers\ASCTRM.sys [8552 2003-01-03] (Windows (R) 2000 DDK provider) S1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [121624 2014-06-30] (AVG Technologies CZ, s.r.o.) S1 AVGIDSDriverl; C:\Windows\System32\DRIVERS\avgidsdriverlx.sys [191256 2014-07-21] (AVG Technologies CZ, s.r.o.) S0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [147736 2014-06-17] (AVG Technologies CZ, s.r.o.) S1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-17] (AVG Technologies CZ, s.r.o.) S1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [188696 2014-06-17] (AVG Technologies CZ, s.r.o.) S0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [241944 2014-06-17] (AVG Technologies CZ, s.r.o.) S0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [98584 2014-08-06] (AVG Technologies CZ, s.r.o.) S0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27416 2014-06-17] (AVG Technologies CZ, s.r.o.) S1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [197400 2014-06-17] (AVG Technologies CZ, s.r.o.) S1 avgtp; C:\WINDOWS\system32\drivers\avgtpx86.sys [42784 2014-09-03] (AVG Technologies) S3 HPZid412; C:\Windows\System32\DRIVERS\HPZid412.sys [49664 2006-04-12] (HP) S3 HPZipr12; C:\Windows\System32\DRIVERS\HPZipr12.sys [16496 2006-04-12] (HP) S3 HPZius12; C:\Windows\System32\DRIVERS\HPZius12.sys [21568 2006-04-12] (HP) S3 ltmodem5; C:\Windows\System32\DRIVERS\ltmdmnt.sys [606684 2008-04-14] (LT) S3 ms_mpu401; C:\Windows\System32\drivers\msmpu401.sys [2944 2001-08-17] (Microsoft Corporation) S2 NPF; C:\WINDOWS\system32\drivers\npf.sys [35088 2013-02-16] (CACE Technologies, Inc.) S3 nvax; C:\Windows\System32\drivers\nvax.sys [36864 2003-09-02] (NVIDIA Corporation) S3 NVENET; C:\Windows\System32\DRIVERS\NVENET.sys [72771 2003-08-15] (NVIDIA Corporation) S3 nvnforce; C:\Windows\System32\drivers\nvapu.sys [312704 2003-09-02] (NVIDIA Corporation) S0 nv_agp; C:\Windows\System32\DRIVERS\nv_agp.sys [18688 2003-03-19] (NVIDIA Corporation) S3 rtl8139; C:\Windows\System32\DRIVERS\RTL8139.SYS [20992 2008-04-14] (Realtek Semiconductor Corporation) S3 SunkFilt; C:\WINDOWS\System32\Drivers\sunkfilt.sys [40564 2004-03-22] (Alcor Micro Corp.) S3 SunkFilt39; C:\WINDOWS\System32\Drivers\sunkfilt39.sys [42936 2004-03-22] (Alcor Micro Corp.) S0 Achernar; System32\Drivers\Achernar.sys [X] S3 AFGMp50; System32\Drivers\AFGMp50.sys [X] S3 AFGSp50; System32\Drivers\AFGSp50.sys [X] S4 IntelIde; No ImagePath S5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation) S3 Sunkfiltp; \??\C:\WINDOWS\System32\Drivers\sunkfiltp.sys [X] S3 udfpt; system32\drivers\udfpt.sys [X] S3 usbbus; System32\DRIVERS\lgusbbus.sys [X] S3 UsbDiag; System32\DRIVERS\lgusbdiag.sys [X] S3 USBModem; System32\DRIVERS\lgusbmodem.sys [X] S3 wanatw; System32\DRIVERS\wanatw4.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-09-22 22:05 - 2014-09-29 17:04 - 00000000 ____D () C:\FRST 2014-09-12 17:59 - 2014-09-12 18:01 - 00000000 ____D () C:\Program Files\Mozilla Firefox ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-09-29 17:04 - 2014-09-22 22:05 - 00000000 ____D () C:\FRST 2014-09-12 21:18 - 2009-03-03 20:36 - 02054640 _____ () C:\Windows\WindowsUpdate.log 2014-09-12 21:18 - 2003-01-03 09:00 - 00032582 _____ () C:\Windows\SchedLgU.Txt 2014-09-12 21:17 - 2003-01-03 00:52 - 00000268 _____ () C:\Windows\wiadebug.log 2014-09-12 21:16 - 2014-07-07 01:31 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVG2014 2014-09-12 21:11 - 2004-08-10 23:42 - 00000000 ____D () C:\Documents and Settings\Owner\Local Settings\Temp 2014-09-12 19:46 - 2014-07-07 00:54 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\MFAData 2014-09-12 19:46 - 2013-02-10 19:37 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2014-09-12 18:01 - 2014-09-12 17:59 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2014-09-12 09:08 - 2013-09-26 09:03 - 00000000 ____D () C:\Windows\System32\MRT 2014-09-12 09:01 - 2009-08-13 20:16 - 98758480 ____C (Microsoft Corporation) C:\Windows\System32\MRT.exe 2014-09-11 20:52 - 2013-11-09 18:57 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe 2014-09-11 20:52 - 2013-03-16 09:27 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl 2014-09-11 19:52 - 2003-01-03 10:06 - 00003731 _____ () C:\Windows\System32\nvapps.xml 2014-09-11 19:50 - 2003-01-03 00:52 - 00000049 _____ () C:\Windows\wiaservc.log 2014-09-11 01:45 - 2013-08-14 08:04 - 00104830 _____ () C:\Windows\setupapi.log 2014-09-11 01:40 - 2003-01-03 07:42 - 00001158 _____ () C:\Windows\System32\wpa.dbl 2014-09-03 14:51 - 2014-07-09 00:00 - 00000000 ____D () C:\Program Files\AVG Web TuneUp 2014-09-03 14:50 - 2014-07-09 00:01 - 00042784 _____ (AVG Technologies) C:\Windows\System32\Drivers\avgtpx86.sys 2014-09-02 10:46 - 2014-07-07 01:34 - 00000702 _____ () C:\Documents and Settings\All Users\Desktop\AVG 2014.lnk Some content of TEMP: ==================== C:\Documents and Settings\Owner\Local Settings\Temp\AutoRun.exe C:\Documents and Settings\Owner\Local Settings\Temp\AutoRunGUI.dll C:\Documents and Settings\Owner\Local Settings\Temp\drm_dyndata_7350007.dll C:\Documents and Settings\Owner\Local Settings\Temp\EAInstall.dll C:\Documents and Settings\Owner\Local Settings\Temp\eauninstall.exe C:\Documents and Settings\Owner\Local Settings\Temp\Quarantine.exe C:\Documents and Settings\Owner\Local Settings\Temp\The Sims Castaway Stories_uninst.exe C:\Documents and Settings\Owner\Local Settings\Temp\uninst.dll C:\Documents and Settings\Owner\Local Settings\Temp\VP6Install.exe C:\Documents and Settings\Owner\Local Settings\Temp\VP6VFW.dll ==================== Known DLLs (Whitelisted) ============ ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => MD5 is legit C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== Restore Points (XP) ===================== RP: -> 2014-09-12 09:00 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1426 RP: -> 2014-09-12 02:54 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1425 RP: -> 2014-09-11 02:38 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1424 RP: -> 2014-09-09 04:51 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1423 RP: -> 2014-09-08 04:39 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1422 RP: -> 2014-09-07 03:51 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1421 RP: -> 2014-09-06 02:39 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1420 RP: -> 2014-09-05 02:10 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1419 RP: -> 2014-09-04 01:59 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1418 RP: -> 2014-09-03 01:19 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1417 RP: -> 2014-08-31 15:45 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1416 RP: -> 2014-08-28 09:03 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1415 RP: -> 2014-08-26 23:57 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1414 RP: -> 2014-08-25 21:24 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1413 RP: -> 2014-08-24 08:56 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1412 RP: -> 2014-08-23 00:34 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1411 RP: -> 2014-08-21 22:13 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1410 RP: -> 2014-08-20 21:26 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1409 RP: -> 2014-08-19 20:26 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1408 RP: -> 2014-08-18 19:14 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1407 RP: -> 2014-08-17 18:37 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1406 RP: -> 2014-08-16 18:32 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1405 RP: -> 2014-08-15 18:05 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1404 RP: -> 2014-08-14 08:56 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1403 RP: -> 2014-08-14 01:26 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1402 RP: -> 2014-08-12 09:50 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1401 RP: -> 2014-08-11 09:02 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1400 RP: -> 2014-08-10 08:02 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1399 RP: -> 2014-08-09 07:05 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1398 RP: -> 2014-08-08 01:02 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1397 RP: -> 2014-08-07 00:03 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1396 RP: -> 2014-08-05 22:54 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1395 RP: -> 2014-08-04 22:43 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1394 RP: -> 2014-08-03 22:09 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1393 RP: -> 2014-08-03 17:43 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1392 RP: -> 2014-08-02 17:42 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1391 RP: -> 2014-08-01 16:58 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1390 RP: -> 2014-08-01 16:46 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1389 RP: -> 2014-08-01 05:47 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1388 RP: -> 2014-07-31 04:54 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1387 RP: -> 2014-07-30 04:48 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1386 RP: -> 2014-07-29 03:49 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1385 RP: -> 2014-07-28 03:37 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1384 RP: -> 2014-07-27 02:49 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1383 RP: -> 2014-07-26 01:49 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1382 RP: -> 2014-07-25 00:49 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1381 RP: -> 2014-07-24 00:38 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1380 RP: -> 2014-07-22 23:50 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1379 RP: -> 2014-07-21 23:39 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1378 RP: -> 2014-07-20 22:51 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1377 RP: -> 2014-07-19 21:51 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1376 RP: -> 2014-07-18 20:51 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1375 RP: -> 2014-07-17 19:51 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1374 RP: -> 2014-07-16 18:52 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1373 RP: -> 2014-07-15 18:09 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1372 RP: -> 2014-07-13 04:04 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1371 RP: -> 2014-07-12 03:48 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1370 RP: -> 2014-07-11 02:04 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1369 RP: -> 2014-07-10 01:50 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1368 RP: -> 2014-07-09 00:57 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1367 RP: -> 2014-07-08 02:25 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1366 RP: -> 2014-07-07 01:31 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1365 RP: -> 2014-07-07 01:30 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1364 RP: -> 2014-07-06 22:12 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1363 RP: -> 2014-07-04 05:56 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1362 RP: -> 2014-07-03 08:25 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1361 RP: -> 2014-07-02 08:24 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1360 RP: -> 2014-07-01 02:51 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1359 RP: -> 2014-06-30 05:05 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1358 RP: -> 2014-06-29 04:53 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1357 RP: -> 2014-06-28 03:53 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1356 RP: -> 2014-06-27 02:51 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1355 RP: -> 2014-06-27 00:53 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1354 RP: -> 2014-06-26 00:22 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1353 RP: -> 2014-06-23 09:27 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1352 RP: -> 2014-06-22 08:53 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1351 RP: -> 2014-06-20 08:04 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1350 RP: -> 2014-06-17 03:06 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1349 RP: -> 2014-06-16 17:31 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1348 RP: -> 2014-06-15 17:19 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1347 ==================== Memory info =========================== Percentage of memory in use: 61% Total physical RAM: 447.48 MB Available physical RAM: 171.14 MB Total Pagefile: 363.32 MB Available Pagefile: 269.15 MB Total Virtual: 2047.88 MB Available Virtual: 2000.05 MB ==================== Drives ================================ Drive b: (RAMDisk) (Fixed) (Total:0.06 GB) (Free:0.06 GB) NTFS Drive c: () (Fixed) (Total:149.05 GB) (Free:91.3 GB) NTFS ==>[Drive with boot components (Windows XP)] Drive i: (KINGSTON) (Removable) (Total:1.87 GB) (Free:0.11 GB) FAT Drive x: (ReatogoPE) (CDROM) (Total:0.43 GB) (Free:0 GB) CDFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows XP) (Size: 149.1 GB) (Disk ID: BD01E960) Partition 1: (Active) - (Size=149 GB) - (Type=07 NTFS) ======================================================== Disk: 5 (Size: 1.9 GB) (Disk ID: 2D55086E) Partition 1: (Not Active) - (Size=1.9 GB) - (Type=06) ==================== End Of Log ============================ [/QUOTE]
Insert quotes…
Verification
Post reply
Top
