Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Windows cannot access the specified device, etc.He [Solved]


  • This topic is locked This topic is locked

#1
crohm

crohm

    New Member

  • Member
  • Pip
  • 8 posts
Hello, I'd first off like to thank anybody who takes the time to help me!

My mom was working on the computer today and while browsing the internet, one of those pop-ups that indicate your computer has viruses popped up. She clicked on the pop up and installed that beautiful piece of malware.

Anyway, now I've had lots of computers that have had serious viruses before but this one takes the cake. Literally all .exe files will NOT run and display the "Windows cannot access the specified device, etc." message. CMD doesn't work, command.com doesn't work, .msc files will also display that message. Also, every time I open the folder, the desktop disappears and I have to re-select "Show desktop" from the taskbar. I'm seriously stumped here because it seems there is absolutely nothing I can do. Safe mode also doesn't change anything to my situation.

Thanks for your help,

Andrei

P.S. I forgot to mention the OS is Windows XP Home Edition. Also, the computer is a Dell mini thus no optical drive.

Edited by crohm, 31 May 2010 - 07:50 PM.

  • 0

Advertisements


#2
crohm

crohm

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
BUMP?
  • 0

#3
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi lets try this first

Note: If using Firefox right-click on any download links and choose Save As

Please download OTH to your desktop
Please download OTL to your desktop
Please download the attached file Scan.txt to your desktop

Double click the OTH file to run it and click Kill All Processes, your desktop will go blank.

Posted Image

Then select Start OTL. OTL will now run

  • Double-click on the Custom Scans box and a message box will popup asking if you want to load a custom scan from a file
    Select Scan.txt that you downloaded
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Click the Internet Explorer button, post these logs in your Virus Removal topic.

  • 0

#4
crohm

crohm

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
Hello, I'm sorry but I cannot locate the scan.txt link in your post..

Thanks for your time!
  • 0

#5
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Ah thats because some numpty forgot to upload it :)


  • 0

#6
crohm

crohm

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
Haha it happens!

Okay, I've attached the two files you asked me for to this message. It was quite a juggle since I don't have internet access on the laptop, so I had to move them to my usb key via the "Start Misc Program" function on the OT helper. :)

OTL logfile created on: 04/06/2010 3:34:02 PM - Run 1
OTL by OldTimer - Version 3.2.5.3 Folder = C:\Documents and Settings\Andrel\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

1,013.00 Mb Total Physical Memory | 754.00 Mb Available Physical Memory | 74.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 92.00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 139.24 Gb Total Space | 129.88 Gb Free Space | 93.28% Space Free | Partition Type: NTFS
Drive D: | 3.73 Gb Total Space | 1.89 Gb Free Space | 50.59% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ANDREI
Current User Name: Andrel
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/06/04 15:24:24 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Andrel\Desktop\OTL.scr
PRC - [2010/06/04 15:24:18 | 000,258,560 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Andrel\Desktop\OTH.scr


========== Modules (SafeList) ==========

MOD - [2010/06/04 15:24:24 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Andrel\Desktop\OTL.scr
MOD - [2008/04/14 08:00:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - [2009/06/03 16:46:38 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Stopped] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_DellSupportCenter) SupportSoft Sprocket Service (DellSupportCenter)


========== Driver Services (SafeList) ==========

DRV - [2009/11/17 12:41:00 | 005,954,048 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2009/11/17 12:40:48 | 000,134,144 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\OAO17Afx.sys -- (OAO17Afx)
DRV - [2009/11/17 12:40:46 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009/11/17 12:40:42 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2009/11/05 14:42:04 | 000,230,320 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2009/09/22 12:40:48 | 000,174,592 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009/08/19 06:37:38 | 006,301,696 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\igxpmp32.sys -- (ialm)
DRV - [2009/07/28 12:55:00 | 000,143,360 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2009/06/04 14:43:16 | 000,330,264 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\iaStor.sys -- (iaStor)
DRV - [2009/03/12 13:36:38 | 000,143,840 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV - [2009/01/06 19:53:10 | 001,391,104 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2008/11/04 22:24:58 | 000,014,248 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\EMSC.SYS -- (EMSC)
DRV - [2008/04/14 08:06:40 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/14 08:06:40 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2008/04/14 08:00:00 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2001/08/17 22:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 22:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 22:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 22:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 22:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 21:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 21:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 21:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 21:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 21:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 21:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 21:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 21:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 21:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 21:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www1.ca.dell....s...;l=en&s=gen
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Help_Page = http://support.dell....x...;l=en&s=gen
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www1.ca.dell....s...;l=en&s=gen
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = http://g.msn.com/USCON/23
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.bing.com/sphome.aspx
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://g.msn.com/USCON/23

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/23
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/USCON/23
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7.2
FF - prefs.js..extensions.enabledItems: [email protected]:2
FF - prefs.js..extensions.enabledItems: 5
FF - prefs.js..extensions.enabledItems: 3
FF - prefs.js..extensions.enabledItems: 1

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/04/09 08:54:52 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/04/09 08:54:52 | 000,000,000 | ---D | M]

[2010/01/28 18:56:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrel\Application Data\Mozilla\Extensions
[2010/05/23 17:56:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrel\Application Data\Mozilla\Firefox\Profiles\emnlfoht.default\extensions
[2010/01/28 18:59:33 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Andrel\Application Data\Mozilla\Firefox\Profiles\emnlfoht.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/03/29 13:32:39 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Andrel\Application Data\Mozilla\Firefox\Profiles\emnlfoht.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010/05/10 22:16:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrel\Application Data\Mozilla\Firefox\Profiles\emnlfoht.default\extensions\[email protected]
[2010/01/28 18:56:34 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/01/15 20:55:13 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2010/01/15 20:55:13 | 000,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2010/01/15 20:55:13 | 000,000,769 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2010/01/15 20:55:13 | 000,001,135 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2008/04/14 08:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [BTMeter] C:\Program Files\Battery Meter\BTMeter.exe (Dell)
O4 - HKLM..\Run: [CapsLKNotify] C:\Program Files\CapsLKNotify\CapsLKNotify.exe (Compal Electronics, Inc)
O4 - HKLM..\Run: [dellsupportcenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [WSED] C:\Program Files\WSED\WSED.exe (Dell)
O4 - HKCU..\Run: [Microsoft Windows logon process] C:\Documents and Settings\Andrel\Application Data\Microsoft\Windows\winlogon.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Live Security Suite = "C:\Program Files\Live Security Suite\LiveSS.exe" /s File not found
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: andbyout = C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Identities\andbyout.exe File not found
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: ofon = "C:\Documents and Settings\Andrel\Local Settings\Application Data\SupportSoft\dellsupportcenter\Andrel\data\0c81c9f4-8f7b-4bf0-a94b-3a18728e2b01\4562f09c-49dc-479c-b7f6-d5eef1d9c180.3\ofon.exe" ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Andrel\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Andrel\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O27 - HKLM IFEO\taskmgr.exe: Debugger - ? File not found
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/04/25 21:45:49 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: pb - (C:\Documents and Settings\Andrel\Application Data\Live Security Suite\db\pb.dll) - C:\Documents and Settings\Andrel\Application Data\Live Security Suite\db\pb.dll ()
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2008/04/25 21:45:17 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.siren - C:\WINDOWS\System32\sirenacm.dll (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (17465059307421696)

========== Files/Folders - Created Within 90 Days ==========

[2010/06/04 15:24:35 | 000,571,904 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Andrel\Desktop\OTL.scr
[2010/06/04 15:24:33 | 000,258,560 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Andrel\Desktop\OTH.scr
[2010/05/31 09:55:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2010/05/31 09:55:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2010/05/31 09:38:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andrel\Application Data\Live Security Suite
[2010/05/10 22:16:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andrel\Local Settings\Application Data\TVU Networks
[2010/05/10 22:16:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TVU Networks
[2010/05/10 22:16:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andrel\LocalLow
[2010/05/10 22:16:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\TVUAx
[2010/05/06 10:06:54 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010/05/03 21:06:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2010/05/03 17:40:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2010/04/16 10:27:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andrel\Application Data\FMZilla
[2010/04/16 10:27:59 | 000,000,000 | ---D | C] -- C:\downloads
[2010/04/16 10:27:48 | 000,000,000 | ---D | C] -- C:\Program Files\Free Music Zilla
[2010/03/29 13:33:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andrel\dwhelper
[2010/03/29 13:30:23 | 000,000,000 | ---D | C] -- C:\Program Files\FLV Player
[2010/03/29 13:29:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andrel\Desktop\english files
[2010/03/23 10:23:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andrel\Desktop\School
[2010/03/23 10:22:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andrel\Desktop\Organic II
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 90 Days ==========

[2010/06/04 15:24:54 | 000,065,024 | ---- | M] () -- C:\WINDOWS\System32\mbubbnhmu.dll
[2010/06/04 15:24:54 | 000,041,984 | ---- | M] () -- C:\WINDOWS\System32\fviaewc.dll
[2010/06/04 15:24:50 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/06/04 15:24:49 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/06/04 15:24:47 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/06/04 15:24:45 | 1062,580,224 | -HS- | M] () -- C:\hiberfil.sys
[2010/06/04 15:24:24 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Andrel\Desktop\OTL.scr
[2010/06/04 15:24:18 | 000,258,560 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Andrel\Desktop\OTH.scr
[2010/06/01 18:54:06 | 002,883,584 | -H-- | M] () -- C:\Documents and Settings\Andrel\NTUSER.DAT
[2010/06/01 18:54:06 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Andrel\ntuser.ini
[2010/06/01 18:52:40 | 000,065,024 | ---- | M] () -- C:\WINDOWS\System32\rfghmrpao.dll
[2010/06/01 18:52:40 | 000,041,984 | ---- | M] () -- C:\WINDOWS\System32\hpqdvemmw.dll
[2010/05/31 21:46:01 | 005,349,794 | -H-- | M] () -- C:\Documents and Settings\Andrel\Local Settings\Application Data\IconCache.db
[2010/05/31 21:36:36 | 000,065,024 | ---- | M] () -- C:\WINDOWS\System32\ftsbephe.dll
[2010/05/31 21:36:36 | 000,041,984 | ---- | M] () -- C:\WINDOWS\System32\vgthnguah.dll
[2010/05/31 21:06:00 | 000,065,024 | ---- | M] () -- C:\WINDOWS\System32\irswhphj.dll
[2010/05/31 21:06:00 | 000,041,984 | ---- | M] () -- C:\WINDOWS\System32\rtcrhqsgt.dll
[2010/05/31 11:26:02 | 000,065,024 | ---- | M] () -- C:\WINDOWS\System32\kwjcott.dll
[2010/05/31 11:26:02 | 000,041,984 | ---- | M] () -- C:\WINDOWS\System32\unpjbcok.dll
[2010/05/31 11:22:55 | 000,065,024 | ---- | M] () -- C:\WINDOWS\System32\lbouhgvgo.dll
[2010/05/31 11:22:55 | 000,041,984 | ---- | M] () -- C:\WINDOWS\System32\lnvmiaurb.dll
[2010/05/31 11:15:10 | 000,065,024 | ---- | M] () -- C:\WINDOWS\System32\shaiibdgq.dll
[2010/05/31 11:15:10 | 000,041,984 | ---- | M] () -- C:\WINDOWS\System32\mpwqawscfh.dll
[2010/05/31 11:14:35 | 000,029,184 | ---- | M] () -- C:\Documents and Settings\Andrel\My Documents\Statement of Merit Criteria.doc
[2010/05/31 11:14:30 | 000,013,170 | ---- | M] () -- C:\Documents and Settings\Andrel\Desktop\Bachelor.docx
[2010/05/31 09:38:20 | 000,065,024 | ---- | M] () -- C:\WINDOWS\System32\nvugbvocj.dll
[2010/05/31 09:38:20 | 000,041,984 | ---- | M] () -- C:\WINDOWS\System32\efqpwqo.dll
[2010/05/31 09:38:18 | 000,000,019 | ---- | M] () -- C:\WINDOWS\System32\pb.sys
[2010/05/31 09:38:12 | 000,001,633 | ---- | M] () -- C:\Documents and Settings\Andrel\Desktop\Live Security Suite.lnk
[2010/05/31 08:29:29 | 000,553,238 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/05/31 08:29:29 | 000,464,078 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/05/31 08:29:29 | 000,079,188 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/05/30 16:51:36 | 000,065,024 | ---- | M] () -- C:\Documents and Settings\Andrel\My Documents\Medical Transportation Benefits 1.doc
[2010/05/30 16:49:26 | 000,033,280 | ---- | M] () -- C:\Documents and Settings\Andrel\My Documents\Medical Transportation Contribution Agreement Reporting Requirements.doc
[2010/05/30 16:48:33 | 000,039,424 | ---- | M] () -- C:\Documents and Settings\Andrel\My Documents\Medical Transportation Benefits.doc
[2010/05/30 16:47:15 | 000,236,967 | ---- | M] () -- C:\Documents and Settings\Andrel\Desktop\2005_med-transp-frame-cadre-eng.pdf
[2010/05/30 16:21:48 | 000,026,624 | ---- | M] () -- C:\Documents and Settings\Andrel\My Documents\fed. health canada cv.doc
[2010/05/29 23:18:09 | 000,045,860 | ---- | M] () -- C:\Documents and Settings\Andrel\Desktop\piscina.docx
[2010/05/29 23:09:39 | 000,021,428 | ---- | M] () -- C:\Documents and Settings\Andrel\Desktop\21742846-0-1274184715.jpg
[2010/05/27 23:15:40 | 000,013,366 | ---- | M] () -- C:\Documents and Settings\Andrel\My Documents\fed. health canada cv.docx
[2010/05/24 19:36:37 | 000,012,508 | ---- | M] () -- C:\Documents and Settings\Andrel\My Documents\Statement of Merit Criteria.docx
[2010/05/22 23:00:00 | 000,038,400 | ---- | M] () -- C:\Documents and Settings\Andrel\Desktop\Calcul.xls
[2010/05/20 18:03:56 | 000,763,190 | ---- | M] () -- C:\Documents and Settings\Andrel\Desktop\Liliana letter of accomodation.scan0001.pdf
[2010/05/12 11:34:17 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/05/10 15:20:00 | 000,031,744 | ---- | M] () -- C:\Documents and Settings\Andrel\Desktop\final_essay.doc
[2010/05/10 15:19:53 | 000,016,047 | ---- | M] () -- C:\Documents and Settings\Andrel\Desktop\final_essay.docx
[2010/05/06 10:49:30 | 000,030,208 | ---- | M] () -- C:\Documents and Settings\Andrel\Desktop\outline.doc
[2010/05/03 20:26:41 | 000,045,056 | ---- | M] () -- C:\Documents and Settings\Andrel\Desktop\LILIANA_FLOREA_cv_fr.job.doc
[2010/05/03 18:01:26 | 017,564,108 | ---- | M] () -- C:\Documents and Settings\Andrel\Desktop\Alina apr.2010.zip
[2010/04/28 19:45:04 | 000,695,381 | ---- | M] () -- C:\Documents and Settings\Andrel\Desktop\Ebook_-_Self_Help_-_Tolle_Eckhart_The_Power_of_Now.pdf
[2010/04/16 10:27:48 | 000,000,739 | ---- | M] () -- C:\Documents and Settings\Andrel\Desktop\Free Music Zilla.lnk
[2010/04/12 12:56:34 | 000,033,792 | ---- | M] () -- C:\Documents and Settings\Andrel\Desktop\seminar3_eng.doc
[2010/04/12 09:48:29 | 000,046,705 | ---- | M] () -- C:\Documents and Settings\Andrel\Desktop\17868_431912320087_775075087_10895443_3891383_n.jpg
[2010/04/08 11:19:44 | 000,023,040 | ---- | M] () -- C:\Documents and Settings\Andrel\Desktop\Questionnaire.doc
[2010/03/30 00:20:51 | 000,018,055 | ---- | M] () -- C:\Documents and Settings\Andrel\My Documents\Accounting specialist Min Transp Dorval.docx
[2010/03/29 21:10:35 | 000,044,544 | ---- | M] () -- C:\Documents and Settings\Andrel\Desktop\LILIANA_FLOREA_cv_fr.2pg.doc
[2010/03/29 13:52:58 | 000,008,192 | ---- | M] () -- C:\Documents and Settings\Andrel\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/03/29 13:30:23 | 000,000,707 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\FLV Player.lnk
[2010/03/23 22:13:50 | 000,060,610 | ---- | M] () -- C:\Documents and Settings\Andrel\Desktop\221350.jpg
[2010/03/22 22:23:11 | 000,011,189 | ---- | M] () -- C:\Documents and Settings\Andrel\My Documents\Cover letter engl.Lili.docx
[2010/03/22 19:46:30 | 000,055,296 | ---- | M] () -- C:\Documents and Settings\Andrel\Desktop\Pasan Florea Liliana cv Engl.2010.doc
[2010/03/21 20:15:48 | 000,018,025 | ---- | M] () -- C:\Documents and Settings\Andrel\Desktop\16970_325288746039_781381039_4911140_4813718_n.jpg
[2010/03/14 19:50:50 | 013,571,664 | ---- | M] () -- C:\Documents and Settings\Andrel\Desktop\Carmen.zip
[2010/03/14 12:53:31 | 000,055,296 | ---- | M] () -- C:\Documents and Settings\Andrel\Desktop\Pasan Florea Liliana cv Eng.2010.doc
[2010/03/14 12:40:15 | 000,012,439 | ---- | M] () -- C:\Documents and Settings\Andrel\My Documents\Lili cover letter.docx
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/06/04 15:24:54 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\mbubbnhmu.dll
[2010/06/04 15:24:54 | 000,041,984 | ---- | C] () -- C:\WINDOWS\System32\fviaewc.dll
[2010/06/01 18:52:40 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\rfghmrpao.dll
[2010/06/01 18:52:40 | 000,041,984 | ---- | C] () -- C:\WINDOWS\System32\hpqdvemmw.dll
[2010/05/31 21:36:36 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\ftsbephe.dll
[2010/05/31 21:36:36 | 000,041,984 | ---- | C] () -- C:\WINDOWS\System32\vgthnguah.dll
[2010/05/31 21:36:26 | 1062,580,224 | -HS- | C] () -- C:\hiberfil.sys
[2010/05/31 21:06:00 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\irswhphj.dll
[2010/05/31 21:06:00 | 000,041,984 | ---- | C] () -- C:\WINDOWS\System32\rtcrhqsgt.dll
[2010/05/31 11:26:02 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\kwjcott.dll
[2010/05/31 11:26:02 | 000,041,984 | ---- | C] () -- C:\WINDOWS\System32\unpjbcok.dll
[2010/05/31 11:22:55 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\lbouhgvgo.dll
[2010/05/31 11:22:55 | 000,041,984 | ---- | C] () -- C:\WINDOWS\System32\lnvmiaurb.dll
[2010/05/31 11:15:10 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\shaiibdgq.dll
[2010/05/31 11:15:10 | 000,041,984 | ---- | C] () -- C:\WINDOWS\System32\mpwqawscfh.dll
[2010/05/31 11:14:30 | 000,013,170 | ---- | C] () -- C:\Documents and Settings\Andrel\Desktop\Bachelor.docx
[2010/05/31 09:38:20 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\nvugbvocj.dll
[2010/05/31 09:38:20 | 000,041,984 | ---- | C] () -- C:\WINDOWS\System32\efqpwqo.dll
[2010/05/31 09:38:18 | 000,000,019 | ---- | C] () -- C:\WINDOWS\System32\pb.sys
[2010/05/31 09:38:12 | 000,001,633 | ---- | C] () -- C:\Documents and Settings\Andrel\Desktop\Live Security Suite.lnk
[2010/05/30 16:51:36 | 000,065,024 | ---- | C] () -- C:\Documents and Settings\Andrel\My Documents\Medical Transportation Benefits 1.doc
[2010/05/30 16:49:26 | 000,033,280 | ---- | C] () -- C:\Documents and Settings\Andrel\My Documents\Medical Transportation Contribution Agreement Reporting Requirements.doc
[2010/05/30 16:48:32 | 000,039,424 | ---- | C] () -- C:\Documents and Settings\Andrel\My Documents\Medical Transportation Benefits.doc
[2010/05/30 16:47:14 | 000,236,967 | ---- | C] () -- C:\Documents and Settings\Andrel\Desktop\2005_med-transp-frame-cadre-eng.pdf
[2010/05/30 16:21:48 | 000,026,624 | ---- | C] () -- C:\Documents and Settings\Andrel\My Documents\fed. health canada cv.doc
[2010/05/30 16:20:53 | 000,029,184 | ---- | C] () -- C:\Documents and Settings\Andrel\My Documents\Statement of Merit Criteria.doc
[2010/05/29 23:18:09 | 000,045,860 | ---- | C] () -- C:\Documents and Settings\Andrel\Desktop\piscina.docx
[2010/05/29 23:10:56 | 000,021,428 | ---- | C] () -- C:\Documents and Settings\Andrel\Desktop\21742846-0-1274184715.jpg
[2010/05/27 23:15:40 | 000,013,366 | ---- | C] () -- C:\Documents and Settings\Andrel\My Documents\fed. health canada cv.docx
[2010/05/24 19:36:37 | 000,012,508 | ---- | C] () -- C:\Documents and Settings\Andrel\My Documents\Statement of Merit Criteria.docx
[2010/05/20 18:03:55 | 000,763,190 | ---- | C] () -- C:\Documents and Settings\Andrel\Desktop\Liliana letter of accomodation.scan0001.pdf
[2010/05/17 06:13:16 | 000,038,400 | ---- | C] () -- C:\Documents and Settings\Andrel\Desktop\Calcul.xls
[2010/05/10 15:19:59 | 000,031,744 | ---- | C] () -- C:\Documents and Settings\Andrel\Desktop\final_essay.doc
[2010/05/10 14:14:48 | 000,016,047 | ---- | C] () -- C:\Documents and Settings\Andrel\Desktop\final_essay.docx
[2010/05/06 10:49:30 | 000,030,208 | ---- | C] () -- C:\Documents and Settings\Andrel\Desktop\outline.doc
[2010/05/03 20:26:40 | 000,045,056 | ---- | C] () -- C:\Documents and Settings\Andrel\Desktop\LILIANA_FLOREA_cv_fr.job.doc
[2010/05/03 18:01:26 | 017,564,108 | ---- | C] () -- C:\Documents and Settings\Andrel\Desktop\Alina apr.2010.zip
[2010/04/28 19:45:02 | 000,695,381 | ---- | C] () -- C:\Documents and Settings\Andrel\Desktop\Ebook_-_Self_Help_-_Tolle_Eckhart_The_Power_of_Now.pdf
[2010/04/16 10:27:48 | 000,000,739 | ---- | C] () -- C:\Documents and Settings\Andrel\Desktop\Free Music Zilla.lnk
[2010/04/12 12:56:34 | 000,033,792 | ---- | C] () -- C:\Documents and Settings\Andrel\Desktop\seminar3_eng.doc
[2010/04/12 09:48:29 | 000,046,705 | ---- | C] () -- C:\Documents and Settings\Andrel\Desktop\17868_431912320087_775075087_10895443_3891383_n.jpg
[2010/04/08 11:19:44 | 000,023,040 | ---- | C] () -- C:\Documents and Settings\Andrel\Desktop\Questionnaire.doc
[2010/03/30 00:20:50 | 000,018,055 | ---- | C] () -- C:\Documents and Settings\Andrel\My Documents\Accounting specialist Min Transp Dorval.docx
[2010/03/29 21:10:35 | 000,044,544 | ---- | C] () -- C:\Documents and Settings\Andrel\Desktop\LILIANA_FLOREA_cv_fr.2pg.doc
[2010/03/29 13:30:23 | 000,000,707 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\FLV Player.lnk
[2010/03/23 22:13:50 | 000,060,610 | ---- | C] () -- C:\Documents and Settings\Andrel\Desktop\221350.jpg
[2010/03/22 22:23:11 | 000,011,189 | ---- | C] () -- C:\Documents and Settings\Andrel\My Documents\Cover letter engl.Lili.docx
[2010/03/21 20:15:48 | 000,018,025 | ---- | C] () -- C:\Documents and Settings\Andrel\Desktop\16970_325288746039_781381039_4911140_4813718_n.jpg
[2010/03/14 19:50:49 | 013,571,664 | ---- | C] () -- C:\Documents and Settings\Andrel\Desktop\Carmen.zip
[2010/03/14 12:45:22 | 000,055,296 | ---- | C] () -- C:\Documents and Settings\Andrel\Desktop\Pasan Florea Liliana cv Eng.2010.doc
[2010/03/14 00:53:20 | 000,012,439 | ---- | C] () -- C:\Documents and Settings\Andrel\My Documents\Lili cover letter.docx
[2010/03/10 22:12:02 | 000,055,296 | ---- | C] () -- C:\Documents and Settings\Andrel\Desktop\Pasan Florea Liliana cv Engl.2010.doc
[2010/01/19 07:19:52 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2010/01/19 07:15:07 | 000,001,196 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2010/01/19 06:06:59 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2010/01/19 05:43:38 | 000,577,536 | ---- | C] () -- C:\WINDOWS\System32\EMSC.DLL
[2010/01/19 05:42:41 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2010/01/19 05:42:40 | 000,753,664 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2008/04/25 21:42:57 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2007/09/27 12:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 12:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 12:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini

========== LOP Check ==========

[2010/01/19 05:49:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCDr
[2010/01/19 05:49:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2010/01/19 05:43:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Vista32
[2010/01/19 05:43:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Vista64
[2010/01/19 05:43:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Win732
[2010/01/19 05:43:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Win764
[2010/01/19 05:45:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\XP32
[2010/04/16 10:28:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrel\Application Data\FMZilla
[2010/05/31 11:15:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrel\Application Data\Live Security Suite
[2010/01/19 05:42:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrel\Application Data\Windows Desktop Search
[2010/01/28 18:54:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrel\Application Data\Windows Search

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2008/04/25 21:45:49 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/01/28 19:01:36 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2008/04/25 21:45:49 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/01/19 07:23:33 | 000,004,459 | RH-- | M] () -- C:\dell.sdr
[2010/06/04 15:24:45 | 1062,580,224 | -HS- | M] () -- C:\hiberfil.sys
[2008/04/25 21:45:49 | 000,000,000 | -H-- | M] () -- C:\IO.SYS
[2008/04/25 21:45:49 | 000,000,000 | -H-- | M] () -- C:\MSDOS.SYS
[2008/04/14 08:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/04/14 08:00:00 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/06/04 15:24:42 | 1598,029,824 | -HS- | M] () -- C:\pagefile.sys

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2008/04/25 09:37:49 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2008/04/25 09:37:49 | 001,064,960 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2008/04/25 09:37:49 | 000,901,120 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\drivers\*.sys /90 >

< >
< End of report >

Attached Files


Edited by Essexboy, 04 June 2010 - 02:01 PM.

  • 0

#7
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Here you go - including the fix this time :)



Copy the attached Fix.txt to a USB

  • Insert your USB drive with fix.txt on it
  • Start OTL
  • Drag and drop fix.txt into the Custom scans and fixes box
  • If you cannot drag and drop for some reason. Then press the Run Fix button and a dialogue box will pop up asking for the location - select the file on your USB drive
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot when it is done to normal mode if possible
  • Then post a new OTL log ( don't check the boxes beside LOP Check or Purity this time ) but do select All Users

  • 0

#8
crohm

crohm

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
Oh dear me, it works!! I can't thank you enough :) Here's the OTL log:

OTL logfile created on: 04/06/2010 4:25:57 PM - Run 2
OTL by OldTimer - Version 3.2.5.3 Folder = C:\Documents and Settings\Andrel\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

1,013.00 Mb Total Physical Memory | 625.00 Mb Available Physical Memory | 62.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 86.00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 139.24 Gb Total Space | 129.86 Gb Free Space | 93.26% Space Free | Partition Type: NTFS
Drive D: | 3.73 Gb Total Space | 1.89 Gb Free Space | 50.58% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ANDREI
Current User Name: Andrel
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/06/04 15:24:24 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Andrel\Desktop\OTL.scr
PRC - [2009/09/16 22:36:10 | 000,632,176 | ---- | M] (Dell) -- C:\Program Files\Battery Meter\BTMeter.exe
PRC - [2009/06/09 19:13:52 | 000,320,880 | ---- | M] (Compal Electronics, Inc) -- C:\Program Files\CapsLKNotify\CapsLKNotify.exe
PRC - [2009/06/03 16:46:38 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe
PRC - [2009/06/03 16:46:38 | 000,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
PRC - [2009/05/27 17:24:54 | 000,247,080 | ---- | M] (Dell) -- C:\Program Files\WSED\WSED.exe
PRC - [2008/05/27 00:19:14 | 000,123,904 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Desktop Search\WindowsSearch.exe
PRC - [2008/04/14 08:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (SafeList) ==========

MOD - [2010/06/04 15:24:24 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Andrel\Desktop\OTL.scr
MOD - [2008/04/14 08:00:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - [2009/06/03 16:46:38 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_DellSupportCenter) SupportSoft Sprocket Service (DellSupportCenter)


========== Driver Services (SafeList) ==========

DRV - [2009/11/17 12:41:00 | 005,954,048 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2009/11/17 12:40:48 | 000,134,144 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\OAO17Afx.sys -- (OAO17Afx)
DRV - [2009/11/17 12:40:46 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009/11/17 12:40:42 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2009/11/05 14:42:04 | 000,230,320 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2009/09/22 12:40:48 | 000,174,592 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009/08/19 06:37:38 | 006,301,696 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\igxpmp32.sys -- (ialm)
DRV - [2009/07/28 12:55:00 | 000,143,360 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2009/06/04 14:43:16 | 000,330,264 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\iaStor.sys -- (iaStor)
DRV - [2009/03/12 13:36:38 | 000,143,840 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV - [2009/01/06 19:53:10 | 001,391,104 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2008/11/04 22:24:58 | 000,014,248 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\EMSC.SYS -- (EMSC)
DRV - [2008/04/14 08:06:40 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/14 08:06:40 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2008/04/14 08:00:00 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2001/08/17 22:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 22:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 22:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 22:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 22:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 21:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 21:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 21:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 21:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 21:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 21:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 21:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 21:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 21:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 21:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www1.ca.dell....s...;l=en&s=gen
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Help_Page = http://support.dell....x...;l=en&s=gen
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www1.ca.dell....s...;l=en&s=gen
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = http://g.msn.com/USCON/23
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.bing.com/sphome.aspx
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://g.msn.com/USCON/23


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/23
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/USCON/23
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/23
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/USCON/23
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1502187387-3769697568-1661434012-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/23
IE - HKU\S-1-5-21-1502187387-3769697568-1661434012-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com
IE - HKU\S-1-5-21-1502187387-3769697568-1661434012-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/USCON/23
IE - HKU\S-1-5-21-1502187387-3769697568-1661434012-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7.2
FF - prefs.js..extensions.enabledItems: [email protected]:2
FF - prefs.js..extensions.enabledItems: 5
FF - prefs.js..extensions.enabledItems: 3
FF - prefs.js..extensions.enabledItems: 1

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/04/09 08:54:52 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/04/09 08:54:52 | 000,000,000 | ---D | M]

[2010/01/28 18:56:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrel\Application Data\Mozilla\Extensions
[2010/05/23 17:56:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrel\Application Data\Mozilla\Firefox\Profiles\emnlfoht.default\extensions
[2010/01/28 18:59:33 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Andrel\Application Data\Mozilla\Firefox\Profiles\emnlfoht.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/03/29 13:32:39 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Andrel\Application Data\Mozilla\Firefox\Profiles\emnlfoht.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010/05/10 22:16:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrel\Application Data\Mozilla\Firefox\Profiles\emnlfoht.default\extensions\[email protected]
[2010/01/28 18:56:34 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/01/15 20:55:13 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2010/01/15 20:55:13 | 000,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2010/01/15 20:55:13 | 000,000,769 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2010/01/15 20:55:13 | 000,001,135 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2008/04/14 08:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O4 - HKLM..\Run: [BTMeter] C:\Program Files\Battery Meter\BTMeter.exe (Dell)
O4 - HKLM..\Run: [CapsLKNotify] C:\Program Files\CapsLKNotify\CapsLKNotify.exe (Compal Electronics, Inc)
O4 - HKLM..\Run: [dellsupportcenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [WSED] C:\Program Files\WSED\WSED.exe (Dell)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1502187387-3769697568-1661434012-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Andrel\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Andrel\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/04/25 21:45:49 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: pb - (c:\documents and settings\andrel\application data\live security suite\db\pb.dll) - c:\documents and settings\andrel\application data\live security suite\db\pb.dll File not found
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/06/04 16:17:22 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/06/04 15:24:35 | 000,571,904 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Andrel\Desktop\OTL.scr
[2010/06/04 15:24:33 | 000,258,560 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Andrel\Desktop\OTH.scr
[2010/05/31 09:55:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2010/05/31 09:55:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2010/05/10 22:16:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andrel\Local Settings\Application Data\TVU Networks
[2010/05/10 22:16:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TVU Networks
[2010/05/10 22:16:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\TVUAx
[2010/05/06 10:06:54 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/06/04 16:20:18 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/06/04 16:20:15 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/06/04 16:20:12 | 1062,580,224 | -HS- | M] () -- C:\hiberfil.sys
[2010/06/04 16:17:36 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Andrel\ntuser.ini
[2010/06/04 16:17:35 | 002,883,584 | -H-- | M] () -- C:\Documents and Settings\Andrel\NTUSER.DAT
[2010/06/04 15:24:50 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/06/04 15:24:24 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Andrel\Desktop\OTL.scr
[2010/06/04 15:24:18 | 000,258,560 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Andrel\Desktop\OTH.scr
[2010/05/31 21:46:01 | 005,349,794 | -H-- | M] () -- C:\Documents and Settings\Andrel\Local Settings\Application Data\IconCache.db
[2010/05/31 11:14:35 | 000,029,184 | ---- | M] () -- C:\Documents and Settings\Andrel\My Documents\Statement of Merit Criteria.doc
[2010/05/31 11:14:30 | 000,013,170 | ---- | M] () -- C:\Documents and Settings\Andrel\Desktop\Bachelor.docx
[2010/05/31 08:29:29 | 000,553,238 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/05/31 08:29:29 | 000,464,078 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/05/31 08:29:29 | 000,079,188 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/05/30 16:51:36 | 000,065,024 | ---- | M] () -- C:\Documents and Settings\Andrel\My Documents\Medical Transportation Benefits 1.doc
[2010/05/30 16:49:26 | 000,033,280 | ---- | M] () -- C:\Documents and Settings\Andrel\My Documents\Medical Transportation Contribution Agreement Reporting Requirements.doc
[2010/05/30 16:48:33 | 000,039,424 | ---- | M] () -- C:\Documents and Settings\Andrel\My Documents\Medical Transportation Benefits.doc
[2010/05/30 16:47:15 | 000,236,967 | ---- | M] () -- C:\Documents and Settings\Andrel\Desktop\2005_med-transp-frame-cadre-eng.pdf
[2010/05/30 16:21:48 | 000,026,624 | ---- | M] () -- C:\Documents and Settings\Andrel\My Documents\fed. health canada cv.doc
[2010/05/29 23:18:09 | 000,045,860 | ---- | M] () -- C:\Documents and Settings\Andrel\Desktop\piscina.docx
[2010/05/29 23:09:39 | 000,021,428 | ---- | M] () -- C:\Documents and Settings\Andrel\Desktop\21742846-0-1274184715.jpg
[2010/05/27 23:15:40 | 000,013,366 | ---- | M] () -- C:\Documents and Settings\Andrel\My Documents\fed. health canada cv.docx
[2010/05/24 19:36:37 | 000,012,508 | ---- | M] () -- C:\Documents and Settings\Andrel\My Documents\Statement of Merit Criteria.docx
[2010/05/22 23:00:00 | 000,038,400 | ---- | M] () -- C:\Documents and Settings\Andrel\Desktop\Calcul.xls
[2010/05/20 18:03:56 | 000,763,190 | ---- | M] () -- C:\Documents and Settings\Andrel\Desktop\Liliana letter of accomodation.scan0001.pdf
[2010/05/12 11:34:17 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/05/10 15:20:00 | 000,031,744 | ---- | M] () -- C:\Documents and Settings\Andrel\Desktop\final_essay.doc
[2010/05/10 15:19:53 | 000,016,047 | ---- | M] () -- C:\Documents and Settings\Andrel\Desktop\final_essay.docx
[2010/05/06 10:49:30 | 000,030,208 | ---- | M] () -- C:\Documents and Settings\Andrel\Desktop\outline.doc
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/05/31 21:36:26 | 1062,580,224 | -HS- | C] () -- C:\hiberfil.sys
[2010/05/31 11:14:30 | 000,013,170 | ---- | C] () -- C:\Documents and Settings\Andrel\Desktop\Bachelor.docx
[2010/05/30 16:51:36 | 000,065,024 | ---- | C] () -- C:\Documents and Settings\Andrel\My Documents\Medical Transportation Benefits 1.doc
[2010/05/30 16:49:26 | 000,033,280 | ---- | C] () -- C:\Documents and Settings\Andrel\My Documents\Medical Transportation Contribution Agreement Reporting Requirements.doc
[2010/05/30 16:48:32 | 000,039,424 | ---- | C] () -- C:\Documents and Settings\Andrel\My Documents\Medical Transportation Benefits.doc
[2010/05/30 16:47:14 | 000,236,967 | ---- | C] () -- C:\Documents and Settings\Andrel\Desktop\2005_med-transp-frame-cadre-eng.pdf
[2010/05/30 16:21:48 | 000,026,624 | ---- | C] () -- C:\Documents and Settings\Andrel\My Documents\fed. health canada cv.doc
[2010/05/30 16:20:53 | 000,029,184 | ---- | C] () -- C:\Documents and Settings\Andrel\My Documents\Statement of Merit Criteria.doc
[2010/05/29 23:18:09 | 000,045,860 | ---- | C] () -- C:\Documents and Settings\Andrel\Desktop\piscina.docx
[2010/05/29 23:10:56 | 000,021,428 | ---- | C] () -- C:\Documents and Settings\Andrel\Desktop\21742846-0-1274184715.jpg
[2010/05/27 23:15:40 | 000,013,366 | ---- | C] () -- C:\Documents and Settings\Andrel\My Documents\fed. health canada cv.docx
[2010/05/24 19:36:37 | 000,012,508 | ---- | C] () -- C:\Documents and Settings\Andrel\My Documents\Statement of Merit Criteria.docx
[2010/05/20 18:03:55 | 000,763,190 | ---- | C] () -- C:\Documents and Settings\Andrel\Desktop\Liliana letter of accomodation.scan0001.pdf
[2010/05/17 06:13:16 | 000,038,400 | ---- | C] () -- C:\Documents and Settings\Andrel\Desktop\Calcul.xls
[2010/05/10 15:19:59 | 000,031,744 | ---- | C] () -- C:\Documents and Settings\Andrel\Desktop\final_essay.doc
[2010/05/10 14:14:48 | 000,016,047 | ---- | C] () -- C:\Documents and Settings\Andrel\Desktop\final_essay.docx
[2010/05/06 10:49:30 | 000,030,208 | ---- | C] () -- C:\Documents and Settings\Andrel\Desktop\outline.doc
[2010/01/19 07:19:52 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2010/01/19 07:15:07 | 000,001,196 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2010/01/19 06:06:59 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2010/01/19 05:43:38 | 000,577,536 | ---- | C] () -- C:\WINDOWS\System32\EMSC.DLL
[2010/01/19 05:42:41 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2010/01/19 05:42:40 | 000,753,664 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2008/04/25 21:42:57 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2007/09/27 12:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 12:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 12:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini

========== LOP Check ==========

[2010/01/19 05:42:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Windows Desktop Search
[2010/01/19 05:49:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCDr
[2010/01/19 05:49:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2010/01/19 05:43:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Vista32
[2010/01/19 05:43:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Vista64
[2010/01/19 05:43:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Win732
[2010/01/19 05:43:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Win764
[2010/01/19 05:45:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\XP32
[2010/04/16 10:28:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrel\Application Data\FMZilla
[2010/01/19 05:42:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrel\Application Data\Windows Desktop Search
[2010/01/28 18:54:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrel\Application Data\Windows Search
[2010/01/19 05:42:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\Windows Desktop Search

========== Purity Check ==========


< End of report >

Thanks again!!! :)

P.S. Out of curiosity, what was my computer afflicted with?

Edited by crohm, 04 June 2010 - 02:29 PM.

  • 0

#9
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Ooops missed one - on completion of these two runs can you let me know what problems remain :)

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
    O36 - AppCertDlls: pb - (c:\documents and settings\andrel\application data\live security suite\db\pb.dll) - c:\documents and settings\andrel\application data\live security suite\db\pb.dll File not found
    
    :Commands
    [resethosts]
    [purity]
    [emptytemp]
    [EMPTYFLASH]
    [CLEARALLRESTOREPOINTS] 
    [Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

THEN

Posted Image Please download Malwarebytes' Anti-Malware from Here.

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.
  • 0

#10
crohm

crohm

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
OTL logfile created on: 04/06/2010 4:45:35 PM - Run 3
OTL by OldTimer - Version 3.2.5.3 Folder = C:\Documents and Settings\Andrel\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

1,013.00 Mb Total Physical Memory | 599.00 Mb Available Physical Memory | 59.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 85.00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 139.24 Gb Total Space | 131.10 Gb Free Space | 94.15% Space Free | Partition Type: NTFS
Drive D: | 3.73 Gb Total Space | 1.89 Gb Free Space | 50.58% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ANDREI
Current User Name: Andrel
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/06/04 15:24:24 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Andrel\Desktop\OTL.scr
PRC - [2010/04/09 08:54:47 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009/09/16 22:36:10 | 000,632,176 | ---- | M] (Dell) -- C:\Program Files\Battery Meter\BTMeter.exe
PRC - [2009/06/09 19:13:52 | 000,320,880 | ---- | M] (Compal Electronics, Inc) -- C:\Program Files\CapsLKNotify\CapsLKNotify.exe
PRC - [2009/06/03 16:46:38 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe
PRC - [2009/06/03 16:46:38 | 000,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
PRC - [2009/05/27 17:24:54 | 000,247,080 | ---- | M] (Dell) -- C:\Program Files\WSED\WSED.exe
PRC - [2008/05/27 00:19:14 | 000,123,904 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Desktop Search\WindowsSearch.exe
PRC - [2008/04/14 08:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (SafeList) ==========

MOD - [2010/06/04 15:24:24 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Andrel\Desktop\OTL.scr
MOD - [2008/04/14 08:00:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - [2009/06/03 16:46:38 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_DellSupportCenter) SupportSoft Sprocket Service (DellSupportCenter)


========== Driver Services (SafeList) ==========

DRV - [2009/11/17 12:41:00 | 005,954,048 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2009/11/17 12:40:48 | 000,134,144 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\OAO17Afx.sys -- (OAO17Afx)
DRV - [2009/11/17 12:40:46 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009/11/17 12:40:42 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2009/11/05 14:42:04 | 000,230,320 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2009/09/22 12:40:48 | 000,174,592 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009/08/19 06:37:38 | 006,301,696 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\igxpmp32.sys -- (ialm)
DRV - [2009/07/28 12:55:00 | 000,143,360 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2009/06/04 14:43:16 | 000,330,264 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\iaStor.sys -- (iaStor)
DRV - [2009/03/12 13:36:38 | 000,143,840 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV - [2009/01/06 19:53:10 | 001,391,104 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2008/11/04 22:24:58 | 000,014,248 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\EMSC.SYS -- (EMSC)
DRV - [2008/04/14 08:06:40 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/14 08:06:40 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2008/04/14 08:00:00 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2001/08/17 22:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 22:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 22:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 22:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 22:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 21:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 21:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 21:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 21:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 21:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 21:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 21:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 21:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 21:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 21:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www1.ca.dell....s...;l=en&s=gen
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Help_Page = http://support.dell....x...;l=en&s=gen
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www1.ca.dell....s...;l=en&s=gen
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = http://g.msn.com/USCON/23
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.bing.com/sphome.aspx
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://g.msn.com/USCON/23

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/23
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/USCON/23
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7.2
FF - prefs.js..extensions.enabledItems: [email protected]:2
FF - prefs.js..extensions.enabledItems: 5
FF - prefs.js..extensions.enabledItems: 3
FF - prefs.js..extensions.enabledItems: 1

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/04/09 08:54:52 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/04/09 08:54:52 | 000,000,000 | ---D | M]

[2010/01/28 18:56:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrel\Application Data\Mozilla\Extensions
[2010/05/23 17:56:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrel\Application Data\Mozilla\Firefox\Profiles\emnlfoht.default\extensions
[2010/01/28 18:59:33 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Andrel\Application Data\Mozilla\Firefox\Profiles\emnlfoht.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/03/29 13:32:39 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Andrel\Application Data\Mozilla\Firefox\Profiles\emnlfoht.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010/05/10 22:16:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrel\Application Data\Mozilla\Firefox\Profiles\emnlfoht.default\extensions\[email protected]
[2010/01/28 18:56:34 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/01/15 20:55:13 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2010/01/15 20:55:13 | 000,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2010/01/15 20:55:13 | 000,000,769 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2010/01/15 20:55:13 | 000,001,135 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2010/06/04 16:35:04 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O4 - HKLM..\Run: [BTMeter] C:\Program Files\Battery Meter\BTMeter.exe (Dell)
O4 - HKLM..\Run: [CapsLKNotify] C:\Program Files\CapsLKNotify\CapsLKNotify.exe (Compal Electronics, Inc)
O4 - HKLM..\Run: [dellsupportcenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [WSED] C:\Program Files\WSED\WSED.exe (Dell)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Andrel\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Andrel\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/04/25 21:45:49 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: pb - (c:\documents and settings\andrel\application data\live security suite\db\pb.dll) - c:\documents and settings\andrel\application data\live security suite\db\pb.dll File not found
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 90 Days ==========

[2010/06/04 16:17:22 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/06/04 15:24:35 | 000,571,904 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Andrel\Desktop\OTL.scr
[2010/06/04 15:24:33 | 000,258,560 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Andrel\Desktop\OTH.scr
[2010/05/31 09:55:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2010/05/31 09:55:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2010/05/10 22:16:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andrel\Local Settings\Application Data\TVU Networks
[2010/05/10 22:16:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TVU Networks
[2010/05/10 22:16:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\TVUAx
[2010/05/06 10:06:54 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010/05/03 21:06:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2010/05/03 17:40:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2010/04/16 10:27:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andrel\Application Data\FMZilla
[2010/04/16 10:27:59 | 000,000,000 | ---D | C] -- C:\downloads
[2010/04/16 10:27:48 | 000,000,000 | ---D | C] -- C:\Program Files\Free Music Zilla
[2010/03/29 13:33:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andrel\dwhelper
[2010/03/29 13:30:23 | 000,000,000 | ---D | C] -- C:\Program Files\FLV Player
[2010/03/29 13:29:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andrel\Desktop\english files
[2010/03/23 10:23:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andrel\Desktop\School
[2010/03/23 10:22:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andrel\Desktop\Organic II

========== Files - Modified Within 90 Days ==========

[2010/06/04 16:42:21 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/06/04 16:42:18 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/06/04 16:42:16 | 1062,580,224 | -HS- | M] () -- C:\hiberfil.sys
[2010/06/04 16:40:18 | 002,883,584 | -H-- | M] () -- C:\Documents and Settings\Andrel\NTUSER.DAT
[2010/06/04 16:40:18 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Andrel\ntuser.ini
[2010/06/04 16:35:04 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2010/06/04 15:24:50 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/06/04 15:24:24 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Andrel\Desktop\OTL.scr
[2010/06/04 15:24:18 | 000,258,560 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Andrel\Desktop\OTH.scr
[2010/05/31 21:46:01 | 005,349,794 | -H-- | M] () -- C:\Documents and Settings\Andrel\Local Settings\Application Data\IconCache.db
[2010/05/31 11:14:35 | 000,029,184 | ---- | M] () -- C:\Documents and Settings\Andrel\My Documents\Statement of Merit Criteria.doc
[2010/05/31 11:14:30 | 000,013,170 | ---- | M] () -- C:\Documents and Settings\Andrel\Desktop\Bachelor.docx
[2010/05/31 08:29:29 | 000,553,238 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/05/31 08:29:29 | 000,464,078 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/05/31 08:29:29 | 000,079,188 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/05/30 16:51:36 | 000,065,024 | ---- | M] () -- C:\Documents and Settings\Andrel\My Documents\Medical Transportation Benefits 1.doc
[2010/05/30 16:49:26 | 000,033,280 | ---- | M] () -- C:\Documents and Settings\Andrel\My Documents\Medical Transportation Contribution Agreement Reporting Requirements.doc
[2010/05/30 16:48:33 | 000,039,424 | ---- | M] () -- C:\Documents and Settings\Andrel\My Documents\Medical Transportation Benefits.doc
[2010/05/30 16:47:15 | 000,236,967 | ---- | M] () -- C:\Documents and Settings\Andrel\Desktop\2005_med-transp-frame-cadre-eng.pdf
[2010/05/30 16:21:48 | 000,026,624 | ---- | M] () -- C:\Documents and Settings\Andrel\My Documents\fed. health canada cv.doc
[2010/05/29 23:18:09 | 000,045,860 | ---- | M] () -- C:\Documents and Settings\Andrel\Desktop\piscina.docx
[2010/05/29 23:09:39 | 000,021,428 | ---- | M] () -- C:\Documents and Settings\Andrel\Desktop\21742846-0-1274184715.jpg
[2010/05/27 23:15:40 | 000,013,366 | ---- | M] () -- C:\Documents and Settings\Andrel\My Documents\fed. health canada cv.docx
[2010/05/24 19:36:37 | 000,012,508 | ---- | M] () -- C:\Documents and Settings\Andrel\My Documents\Statement of Merit Criteria.docx
[2010/05/22 23:00:00 | 000,038,400 | ---- | M] () -- C:\Documents and Settings\Andrel\Desktop\Calcul.xls
[2010/05/20 18:03:56 | 000,763,190 | ---- | M] () -- C:\Documents and Settings\Andrel\Desktop\Liliana letter of accomodation.scan0001.pdf
[2010/05/12 11:34:17 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/05/10 15:20:00 | 000,031,744 | ---- | M] () -- C:\Documents and Settings\Andrel\Desktop\final_essay.doc
[2010/05/10 15:19:53 | 000,016,047 | ---- | M] () -- C:\Documents and Settings\Andrel\Desktop\final_essay.docx
[2010/05/06 10:49:30 | 000,030,208 | ---- | M] () -- C:\Documents and Settings\Andrel\Desktop\outline.doc
[2010/05/03 20:26:41 | 000,045,056 | ---- | M] () -- C:\Documents and Settings\Andrel\Desktop\LILIANA_FLOREA_cv_fr.job.doc
[2010/05/03 18:01:26 | 017,564,108 | ---- | M] () -- C:\Documents and Settings\Andrel\Desktop\Alina apr.2010.zip
[2010/04/28 19:45:04 | 000,695,381 | ---- | M] () -- C:\Documents and Settings\Andrel\Desktop\Ebook_-_Self_Help_-_Tolle_Eckhart_The_Power_of_Now.pdf
[2010/04/16 10:27:48 | 000,000,739 | ---- | M] () -- C:\Documents and Settings\Andrel\Desktop\Free Music Zilla.lnk
[2010/04/12 12:56:34 | 000,033,792 | ---- | M] () -- C:\Documents and Settings\Andrel\Desktop\seminar3_eng.doc
[2010/04/12 09:48:29 | 000,046,705 | ---- | M] () -- C:\Documents and Settings\Andrel\Desktop\17868_431912320087_775075087_10895443_3891383_n.jpg
[2010/04/08 11:19:44 | 000,023,040 | ---- | M] () -- C:\Documents and Settings\Andrel\Desktop\Questionnaire.doc
[2010/03/30 00:20:51 | 000,018,055 | ---- | M] () -- C:\Documents and Settings\Andrel\My Documents\Accounting specialist Min Transp Dorval.docx
[2010/03/29 21:10:35 | 000,044,544 | ---- | M] () -- C:\Documents and Settings\Andrel\Desktop\LILIANA_FLOREA_cv_fr.2pg.doc
[2010/03/29 13:52:58 | 000,008,192 | ---- | M] () -- C:\Documents and Settings\Andrel\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/03/29 13:30:23 | 000,000,707 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\FLV Player.lnk
[2010/03/23 22:13:50 | 000,060,610 | ---- | M] () -- C:\Documents and Settings\Andrel\Desktop\221350.jpg
[2010/03/22 22:23:11 | 000,011,189 | ---- | M] () -- C:\Documents and Settings\Andrel\My Documents\Cover letter engl.Lili.docx
[2010/03/22 19:46:30 | 000,055,296 | ---- | M] () -- C:\Documents and Settings\Andrel\Desktop\Pasan Florea Liliana cv Engl.2010.doc
[2010/03/21 20:15:48 | 000,018,025 | ---- | M] () -- C:\Documents and Settings\Andrel\Desktop\16970_325288746039_781381039_4911140_4813718_n.jpg
[2010/03/14 19:50:50 | 013,571,664 | ---- | M] () -- C:\Documents and Settings\Andrel\Desktop\Carmen.zip
[2010/03/14 12:53:31 | 000,055,296 | ---- | M] () -- C:\Documents and Settings\Andrel\Desktop\Pasan Florea Liliana cv Eng.2010.doc
[2010/03/14 12:40:15 | 000,012,439 | ---- | M] () -- C:\Documents and Settings\Andrel\My Documents\Lili cover letter.docx

========== Files Created - No Company Name ==========

[2010/05/31 21:36:26 | 1062,580,224 | -HS- | C] () -- C:\hiberfil.sys
[2010/05/31 11:14:30 | 000,013,170 | ---- | C] () -- C:\Documents and Settings\Andrel\Desktop\Bachelor.docx
[2010/05/30 16:51:36 | 000,065,024 | ---- | C] () -- C:\Documents and Settings\Andrel\My Documents\Medical Transportation Benefits 1.doc
[2010/05/30 16:49:26 | 000,033,280 | ---- | C] () -- C:\Documents and Settings\Andrel\My Documents\Medical Transportation Contribution Agreement Reporting Requirements.doc
[2010/05/30 16:48:32 | 000,039,424 | ---- | C] () -- C:\Documents and Settings\Andrel\My Documents\Medical Transportation Benefits.doc
[2010/05/30 16:47:14 | 000,236,967 | ---- | C] () -- C:\Documents and Settings\Andrel\Desktop\2005_med-transp-frame-cadre-eng.pdf
[2010/05/30 16:21:48 | 000,026,624 | ---- | C] () -- C:\Documents and Settings\Andrel\My Documents\fed. health canada cv.doc
[2010/05/30 16:20:53 | 000,029,184 | ---- | C] () -- C:\Documents and Settings\Andrel\My Documents\Statement of Merit Criteria.doc
[2010/05/29 23:18:09 | 000,045,860 | ---- | C] () -- C:\Documents and Settings\Andrel\Desktop\piscina.docx
[2010/05/29 23:10:56 | 000,021,428 | ---- | C] () -- C:\Documents and Settings\Andrel\Desktop\21742846-0-1274184715.jpg
[2010/05/27 23:15:40 | 000,013,366 | ---- | C] () -- C:\Documents and Settings\Andrel\My Documents\fed. health canada cv.docx
[2010/05/24 19:36:37 | 000,012,508 | ---- | C] () -- C:\Documents and Settings\Andrel\My Documents\Statement of Merit Criteria.docx
[2010/05/20 18:03:55 | 000,763,190 | ---- | C] () -- C:\Documents and Settings\Andrel\Desktop\Liliana letter of accomodation.scan0001.pdf
[2010/05/17 06:13:16 | 000,038,400 | ---- | C] () -- C:\Documents and Settings\Andrel\Desktop\Calcul.xls
[2010/05/10 15:19:59 | 000,031,744 | ---- | C] () -- C:\Documents and Settings\Andrel\Desktop\final_essay.doc
[2010/05/10 14:14:48 | 000,016,047 | ---- | C] () -- C:\Documents and Settings\Andrel\Desktop\final_essay.docx
[2010/05/06 10:49:30 | 000,030,208 | ---- | C] () -- C:\Documents and Settings\Andrel\Desktop\outline.doc
[2010/05/03 20:26:40 | 000,045,056 | ---- | C] () -- C:\Documents and Settings\Andrel\Desktop\LILIANA_FLOREA_cv_fr.job.doc
[2010/05/03 18:01:26 | 017,564,108 | ---- | C] () -- C:\Documents and Settings\Andrel\Desktop\Alina apr.2010.zip
[2010/04/28 19:45:02 | 000,695,381 | ---- | C] () -- C:\Documents and Settings\Andrel\Desktop\Ebook_-_Self_Help_-_Tolle_Eckhart_The_Power_of_Now.pdf
[2010/04/16 10:27:48 | 000,000,739 | ---- | C] () -- C:\Documents and Settings\Andrel\Desktop\Free Music Zilla.lnk
[2010/04/12 12:56:34 | 000,033,792 | ---- | C] () -- C:\Documents and Settings\Andrel\Desktop\seminar3_eng.doc
[2010/04/12 09:48:29 | 000,046,705 | ---- | C] () -- C:\Documents and Settings\Andrel\Desktop\17868_431912320087_775075087_10895443_3891383_n.jpg
[2010/04/08 11:19:44 | 000,023,040 | ---- | C] () -- C:\Documents and Settings\Andrel\Desktop\Questionnaire.doc
[2010/03/30 00:20:50 | 000,018,055 | ---- | C] () -- C:\Documents and Settings\Andrel\My Documents\Accounting specialist Min Transp Dorval.docx
[2010/03/29 21:10:35 | 000,044,544 | ---- | C] () -- C:\Documents and Settings\Andrel\Desktop\LILIANA_FLOREA_cv_fr.2pg.doc
[2010/03/29 13:30:23 | 000,000,707 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\FLV Player.lnk
[2010/03/23 22:13:50 | 000,060,610 | ---- | C] () -- C:\Documents and Settings\Andrel\Desktop\221350.jpg
[2010/03/22 22:23:11 | 000,011,189 | ---- | C] () -- C:\Documents and Settings\Andrel\My Documents\Cover letter engl.Lili.docx
[2010/03/21 20:15:48 | 000,018,025 | ---- | C] () -- C:\Documents and Settings\Andrel\Desktop\16970_325288746039_781381039_4911140_4813718_n.jpg
[2010/03/14 19:50:49 | 013,571,664 | ---- | C] () -- C:\Documents and Settings\Andrel\Desktop\Carmen.zip
[2010/03/14 12:45:22 | 000,055,296 | ---- | C] () -- C:\Documents and Settings\Andrel\Desktop\Pasan Florea Liliana cv Eng.2010.doc
[2010/03/14 00:53:20 | 000,012,439 | ---- | C] () -- C:\Documents and Settings\Andrel\My Documents\Lili cover letter.docx
[2010/03/10 22:12:02 | 000,055,296 | ---- | C] () -- C:\Documents and Settings\Andrel\Desktop\Pasan Florea Liliana cv Engl.2010.doc
[2010/01/19 07:19:52 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2010/01/19 07:15:07 | 000,001,196 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2010/01/19 06:06:59 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2010/01/19 05:43:38 | 000,577,536 | ---- | C] () -- C:\WINDOWS\System32\EMSC.DLL
[2010/01/19 05:42:41 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2010/01/19 05:42:40 | 000,753,664 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2008/04/25 21:42:57 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2007/09/27 12:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 12:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 12:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini

========== LOP Check ==========

[2010/01/19 05:49:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCDr
[2010/01/19 05:49:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2010/01/19 05:43:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Vista32
[2010/01/19 05:43:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Vista64
[2010/01/19 05:43:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Win732
[2010/01/19 05:43:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Win764
[2010/01/19 05:45:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\XP32
[2010/04/16 10:28:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrel\Application Data\FMZilla
[2010/01/19 05:42:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrel\Application Data\Windows Desktop Search
[2010/01/28 18:54:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrel\Application Data\Windows Search

========== Purity Check ==========


< End of report >

I'm going to install MBAM now.
  • 0

Advertisements


#11
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Good running better ?
  • 0

#12
crohm

crohm

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
Understatement of the year! It's actually running now which is great. Thanks a bunch, you're amazing :)
  • 0

#13
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Shucks :)
  • 0

#14
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
I will remove my tools now and give some recommendations, but I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :)

Run OTL and hit the cleanup button. It will remove all the programmes we have used plus itself. MBAM can be uninstalled via control panel add/remove along with ERUNT. But they may be useful tools to keep

We will now confirm that your hidden files are set to that, as some of the tools I use will change that
  • Click Start.
  • Open My Computer.
  • Select the Tools menu and click Folder Options.
  • Select the View Tab.
  • Under the Hidden files and folders heading select Do not show hidden files and folders.
  • Click Yes to confirm.
  • Click OK.

Posted Image Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version of Java components and upgrade the application. Beware it is NOT supported for use in 9x or ME and probably will not install in those systems

Upgrading Java:
  • Download the latest version of Java SE Runtime Environment (JRE)JRE 6 Update 20.
  • Click the "Download" button to the right.
  • Select your Platform and check the box that says: "I agree to the Java SE Runtime Environment 6 License Agreement.".
  • Click on Continue.
  • Click on the link to download Windows Offline Installation (jre-6u20-windows-i586-p.exe) and save it to your desktop. Do NOT use the Sun Download Manager..
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Control Panel, double-click on Add/Remove programs and remove all older versions of Java.
  • Check any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java version.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on the download to install the newest version.(Vista users, right click on the jre-6u20-windows-i586-p.exe and select "Run as an Administrator.")

XP
Now to get you off to a good start we will clean your restore points so that all the bad stuff is gone for good. Then if you need to restore at some stage you will be clean. There are several ways to reset your restore points, but this is my method:
  • Select Start > All Programs > Accessories > System tools > System Restore.
  • On the dialogue box that appears select Create a Restore Point
  • Click NEXT
  • Enter a name e.g. Clean
  • Click CREATE
You now have a clean restore point, to get rid of the bad ones:
  • Select Start > All Programs > Accessories > System tools > Disk Cleanup.
  • In the Drop down box that appears select your main drive e.g. C
  • Click OK
  • The System will do some calculation and the display a dialogue box with TABS
  • Select the More Options Tab.
  • At the bottom will be a system restore box with a CLEANUP button click this
  • Accept the Warning and select OK again, the program will close and you are done


SPRING CLEAN

Download TFC to your desktop
  • Open the file and close any other windows.
  • It will close all programs itself when run, make sure to let it run uninterrupted.
  • Click the Start button to begin the process. The program should not take long to finish its job
  • Once its finished it should reboot your machine, if not, do this yourself to ensure a complete clean

THEN

Download Flush Flash from Here and follow the easy to use instructions on the same page

NEXT

Download and run Puran Disc Defragmenter

Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes: It is critical to have both a firewall and anti virus to protect your system and to keep them updated.

To keep your operating system up to date visit

To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?
Keep safe :)
  • 0

#15
crohm

crohm

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
Thank you once again! I'll do this all ASAP. Thanks :)
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP