Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

System Restore, Startup Repair, Safe Mode aren't working


  • This topic is locked This topic is locked

#1
dantecantal

dantecantal

    Member

  • Member
  • PipPip
  • 58 posts
My computer was getting infected with fake anti-spyware programs. it then rebooted to startup repair. that didn't work. System Restore said it worked but when it rebooted, it went back to startup repair. Safe mode had the same results.

I booted from a cd and am now using a Reatogo desktop.

Any help would be much appreciated. Thank you.
  • 0

Advertisements


#2
dantecantal

dantecantal

    Member

  • Topic Starter
  • Member
  • PipPip
  • 58 posts
here's the otl log

OTL logfile created on: 12/5/2010 7:55:06 PM - Run
OTLPE by OldTimer - Version 3.1.43.0 Folder = X:\Programs\OTLPE
Windows Vista ™ Home Premium Service Pack 2 (Version = 6.0.6002) - Type = System
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 90.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 97.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 581.12 Gb Total Space | 157.25 Gb Free Space | 27.06% Space Free | Partition Type: NTFS
Drive K: | 15.00 Gb Total Space | 8.06 Gb Free Space | 53.76% Space Free | Partition Type: NTFS
Drive L: | 638.54 Gb Total Space | 332.54 Gb Free Space | 52.08% Space Free | Partition Type: NTFS
Drive X: | 434.99 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001

========== Win32 Services (SafeList) ==========

SRV - File not found [Auto] -- -- (SessionLauncher)
SRV - [2010/07/15 12:28:37 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2009/09/26 02:32:18 | 000,189,736 | ---- | M] (Seagate Technology LLC) [Auto] -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe -- (FreeAgentGoNext Service)
SRV - [2009/09/24 20:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/07/16 20:04:16 | 000,316,664 | ---- | M] (Valve Corporation) [On_Demand] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2009/01/28 02:39:02 | 000,185,640 | ---- | M] (TeamViewer GmbH) [Auto] -- C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe -- (TeamViewer4)
SRV - [2008/07/22 11:59:42 | 000,794,624 | ---- | M] () [On_Demand] -- C:\Program Files\TVersity\Media Server\MediaServer.exe -- (TVersityMediaServer)
SRV - [2008/06/08 08:56:07 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008/05/20 20:54:13 | 000,029,744 | ---- | M] (Google) [On_Demand] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-010708-104812)
SRV - [2008/05/20 20:40:29 | 000,072,704 | ---- | M] (Creative Labs) [Auto] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe -- (Creative Labs Licensing Service)
SRV - [2008/01/19 02:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/12/14 13:25:22 | 000,309,744 | ---- | M] (Sonic Solutions) [Auto] -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe -- (RoxLiveShare10)
SRV - [2007/12/14 13:25:20 | 000,166,384 | ---- | M] (Sonic Solutions) [Auto] -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe -- (RoxWatch10)
SRV - [2007/12/14 13:25:12 | 001,112,560 | ---- | M] (Sonic Solutions) [On_Demand] -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe -- (RoxMediaDB10)
SRV - [2007/10/03 14:45:02 | 000,358,936 | ---- | M] (Intel Corporation) [Auto] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2007/09/12 03:40:44 | 000,094,208 | ---- | M] (SigmaTel, Inc.) [Auto] -- C:\Windows\System32\stacsv.exe -- (STacSV)
SRV - [2007/01/04 16:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | Auto] -- -- (MCSTRM)
DRV - File not found [Kernel | On_Demand] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand] -- C:\Windows\System32\drivers\EagleNT.sys -- (EagleNT)
DRV - File not found [Kernel | On_Demand] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - File not found [Kernel | System] -- C:\Windows\System32\drivers\BrFiltLoo.sys -- (BrFiltLoo)
DRV - File not found [Kernel | Disabled] -- C:\Windows\System32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2010/07/15 12:28:40 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- C:\Windows\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010/07/15 12:28:01 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- C:\Windows\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010/06/04 10:44:45 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System] -- C:\Windows\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2009/07/06 19:57:04 | 000,049,904 | R--- | M] (Avanquest Software) [Kernel | On_Demand] -- C:\Windows\System32\drivers\BVRPMPR5.SYS -- (BVRPMPR5)
DRV - [2009/06/26 12:14:36 | 000,051,472 | ---- | M] () [File_System | Boot] -- C:\Windows\System32\drivers\mfx.sys -- (MFX)
DRV - [2009/04/11 01:32:56 | 000,226,280 | ---- | M] () [Kernel | Boot] -- C:\Windows\System32\drivers\volsnap.sys -- (volsnap)
DRV - [2009/04/10 23:42:56 | 000,073,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2009/04/10 23:42:54 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2008/06/03 08:22:56 | 003,695,104 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2008/06/03 08:22:56 | 003,695,104 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008/06/02 18:43:39 | 000,717,296 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2008/05/21 04:17:05 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/05/21 04:17:05 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/05/21 04:17:05 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2008/05/15 03:15:42 | 000,813,696 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\atinavrr.sys -- (ATIAVPCI)
DRV - [2008/03/14 01:04:29 | 000,046,652 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2007/12/11 03:43:48 | 000,308,248 | ---- | M] (Intel Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\iaStor.sys -- (iaStor)
DRV - [2007/09/12 03:44:34 | 000,228,224 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel®
DRV - [2007/09/12 03:40:48 | 000,326,656 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007/08/28 19:05:12 | 000,055,808 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\xusb21.sys -- (xusb21)
DRV - [2007/08/22 00:39:20 | 000,235,616 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\OEM05Vid.sys -- (OEM05Vid)
DRV - [2007/08/22 00:39:18 | 000,007,424 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\OEM05Vfx.sys -- (OEM05Vfx)
DRV - [2007/08/22 00:39:04 | 000,141,376 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\OEM05Afx.sys -- (OEM05Afx)
DRV - [2007/04/09 12:56:22 | 000,021,248 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2007/04/09 12:55:08 | 000,022,912 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2007/04/09 12:53:24 | 000,012,672 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2007/04/01 23:42:08 | 000,016,432 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\btwrchid.sys -- (btwrchid)
DRV - [2007/04/01 23:42:04 | 000,080,688 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\btwavdt.sys -- (btwavdt)
DRV - [2007/04/01 23:42:02 | 000,079,664 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\btwaudio.sys -- (btwaudio)
DRV - [2007/01/15 19:57:08 | 000,031,616 | ---- | M] () [Kernel | On_Demand] -- C:\Windows\System32\drivers\livecamv.sys -- (RLDesignVirtualAudioCableWdm)
DRV - [2006/11/02 04:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006/11/02 04:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006/11/02 04:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006/11/02 04:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006/11/02 04:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006/11/02 04:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006/11/02 04:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006/11/02 04:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006/11/02 04:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006/11/02 04:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 04:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 04:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006/11/02 04:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006/11/02 04:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 04:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 04:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006/11/02 04:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006/11/02 04:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 04:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006/11/02 04:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006/11/02 04:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006/11/02 04:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006/11/02 04:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006/11/02 04:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 04:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 04:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006/11/02 04:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 04:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006/11/02 04:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 04:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 04:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 04:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006/11/02 03:51:31 | 000,514,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\xnacc.sys -- (xnacc)
DRV - [2006/11/02 03:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 03:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 03:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 03:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 03:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 03:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 02:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 02:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel®
DRV - [2006/09/24 08:28:46 | 000,005,248 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Boot] -- C:\Windows\System32\speedfan.sys -- (speedfan)
DRV - [2005/08/17 10:45:00 | 000,058,352 | ---- | M] (MCCI) [Kernel | On_Demand] -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - [2005/01/18 05:31:30 | 000,049,536 | ---- | M] (Texas Instruments Incorporated) [Kernel | On_Demand] -- C:\Windows\System32\drivers\tiehdusb.sys -- (TIEHDUSB)
DRV - [1996/04/03 14:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot] -- C:\Windows\System32\giveio.sys -- (giveio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes]
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co...=us&ibd=0080521
IE - HKLM\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)


IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\Admin_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co...=us&ibd=0080521
IE - HKU\Admin_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Dante_Anthony_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co...=us&ibd=0080521
IE - HKU\Dante_Anthony_ON_C\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)
IE - HKU\Dante_Anthony_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Dante_Anthony_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local




FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2010/11/24 12:13:28 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files\Google\Google Gears\Firefox\ [2010/03/06 00:14:34 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Flock 2.5.2\extensions\\Components: C:\Program Files\Flock\components
FF - HKLM\software\mozilla\Flock 2.5.2\extensions\\Plugins: C:\Program Files\Flock\plugins
FF - HKLM\software\mozilla\Mozilla Firefox 3.1b1\extensions\\Components: C:\Program Files\Mozilla Firefox 3.1 Beta 1\components [2009/08/31 23:40:25 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.1b1\extensions\\Plugins: C:\Program Files\Mozilla Firefox 3.1 Beta 1\plugins [2009/08/31 23:40:25 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/10/09 09:07:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/10/09 09:07:18 | 000,000,000 | ---D | M]

[2010/11/01 21:55:31 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2007/04/16 12:07:12 | 000,180,293 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll
[2010/07/22 06:17:34 | 000,002,076 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google_search.xml

O1 HOSTS File: ([2010/12/05 12:44:42 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AIM Toolbar Loader) - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)
O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (AIM Toolbar) - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\Dante_Anthony_ON_C\..\Toolbar\WebBrowser: (AIM Toolbar) - {61539ECD-CC67-4437-A03C-9AACCBD14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Bluetooth HCI Monitor] C:\Windows\System32\HCIMNTR.DLL (Logitech Inc.)
O4 - HKLM..\Run: [DELL Webcam Manager] C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [MaxMenuMgr] C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe (Seagate LLC)
O4 - HKLM..\Run: [OEM05Mon.exe] C:\Windows\OEM05Mon.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O4 - HKLM..\Run: [supertintin_skype] C:\Program Files\Supertintin for Skype\supertintin_skype.exe (IMTiger Software Ltd.)
O4 - HKLM..\Run: [VolPanel] C:\Program Files\Creative\SBAudigy\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O4 - HKU\Admin_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\Dante_Anthony_ON_C..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe (Adobe Systems Incorporated)
O4 - HKU\Dante_Anthony_ON_C..\Run: [ooVoo.exe] C:\Program Files\ooVoo\oovoo.exe (ooVoo LLC)
O4 - HKU\Dante_Anthony_ON_C..\Run: [Orb] C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe (Orb Networks)
O4 - HKU\Dante_Anthony_ON_C..\Run: [Steam] C:\program files\steam\steam.exe (Valve Corporation)
O4 - HKU\Dante_Anthony_ON_C..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKLM..\RunOnce: [*Restore] C:\Windows\System32\rstrui.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowLegacyWebView = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowUnhashedWebView = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\Dante_Anthony_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\Dante_Anthony_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper20073151.dll (Installation Support)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - AppInit_DLLs: (C:\Windows\System32\avgrsstx.dll) - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - AppInit_DLLs: (C:\Windows\System32\avgrsstx.dll) - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010/08/31 14:55:50 | 000,000,067 | ---- | M] () - L:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/11/27 21:01:02 | 000,000,000 | ---D | C] -- C:\Windows\LastGood
[2010/11/19 05:19:19 | 000,000,000 | ---D | C] -- C:\Users\Dante Anthony\AppData\Roaming\MPEG Streamclip
[2010/11/19 05:04:55 | 000,000,000 | ---D | C] -- C:\Users\Dante Anthony\Desktop\cannedfood
[1 C:\Users\Dante Anthony\Documents\*.tmp files -> C:\Users\Dante Anthony\Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/12/05 16:07:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/12/05 11:28:30 | 000,019,968 | ---- | M] () -- C:\Users\Dante Anthony\Documents\joke.doc
[2010/12/04 20:59:59 | 000,000,434 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{0CEB73A9-51B8-4C90-8907-4B847E6DEC0C}.job
[2010/12/04 20:29:00 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/12/04 20:08:00 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3404729698-1243055473-1963908234-1001UA.job
[2010/12/04 19:31:56 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/12/04 19:31:56 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/12/04 13:08:00 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3404729698-1243055473-1963908234-1001Core.job
[2010/12/04 12:45:07 | 068,481,239 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2010/12/04 05:29:00 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/12/03 06:10:49 | 000,002,084 | ---- | M] () -- C:\Users\Dante Anthony\Desktop\Google Chrome.lnk
[2010/12/03 06:10:49 | 000,002,046 | ---- | M] () -- C:\Users\Dante Anthony\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/12/01 01:28:22 | 000,101,888 | ---- | M] () -- C:\Users\Dante Anthony\Documents\calpolypomonaapp.doc
[2010/12/01 01:24:12 | 000,222,720 | ---- | M] () -- C:\Users\Dante Anthony\Documents\calpolyapp.doc
[2010/12/01 00:19:10 | 000,024,064 | ---- | M] () -- C:\Users\Dante Anthony\Documents\personalstatement.doc
[2010/11/25 03:38:00 | 000,000,000 | ---- | M] () -- C:\Users\Dante Anthony\AppData\Local\prvlcl.dat
[2010/11/24 22:27:06 | 000,033,792 | ---- | M] () -- C:\Users\Dante Anthony\Documents\ps.doc
[2010/11/23 04:47:41 | 000,145,920 | ---- | M] () -- C:\Users\Dante Anthony\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/11/20 00:28:23 | 021,741,174 | ---- | M] () -- C:\Users\Dante Anthony\Desktop\cannedfoodfinal.wmv
[2010/11/19 09:48:02 | 000,598,350 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/11/19 09:48:02 | 000,101,988 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/11/19 07:32:34 | 030,667,498 | ---- | M] () -- C:\Users\Dante Anthony\Desktop\cannedfoodvid.wmv
[2010/11/19 06:50:09 | 044,025,480 | ---- | M] () -- C:\Users\Dante Anthony\Desktop\cannedfood.wmv
[2010/11/17 15:28:30 | 3219,046,400 | -HS- | M] () -- C:\hiberfil.sys
[2010/11/17 15:28:27 | 260,795,828 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/11/11 18:26:40 | 000,000,162 | -H-- | M] () -- C:\Users\Dante Anthony\Documents\~$ps.doc
[2010/11/06 21:56:06 | 000,022,016 | ---- | M] () -- C:\Users\Dante Anthony\Documents\la4-3.doc
[2010/11/06 00:31:54 | 000,002,140 | ---- | M] () -- C:\Windows\bthservsdp.dat
[1 C:\Users\Dante Anthony\Documents\*.tmp files -> C:\Users\Dante Anthony\Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/12/05 11:28:24 | 000,019,968 | ---- | C] () -- C:\Users\Dante Anthony\Documents\joke.doc
[2010/12/01 01:28:22 | 000,101,888 | ---- | C] () -- C:\Users\Dante Anthony\Documents\calpolypomonaapp.doc
[2010/12/01 01:24:12 | 000,222,720 | ---- | C] () -- C:\Users\Dante Anthony\Documents\calpolyapp.doc
[2010/11/23 12:45:57 | 000,024,064 | ---- | C] () -- C:\Users\Dante Anthony\Documents\personalstatement.doc
[2010/11/20 00:27:27 | 021,741,174 | ---- | C] () -- C:\Users\Dante Anthony\Desktop\cannedfoodfinal.wmv
[2010/11/19 07:28:11 | 030,667,498 | ---- | C] () -- C:\Users\Dante Anthony\Desktop\cannedfoodvid.wmv
[2010/11/19 06:49:14 | 044,025,480 | ---- | C] () -- C:\Users\Dante Anthony\Desktop\cannedfood.wmv
[2010/11/11 18:26:40 | 000,000,162 | -H-- | C] () -- C:\Users\Dante Anthony\Documents\~$ps.doc
[2010/11/06 21:56:06 | 000,022,016 | ---- | C] () -- C:\Users\Dante Anthony\Documents\la4-3.doc
[2010/08/10 20:07:28 | 000,000,186 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2010/06/21 00:55:59 | 000,344,064 | ---- | C] () -- C:\Windows\System32\xvid.dll
[2010/06/03 17:18:41 | 000,499,200 | ---- | C] () -- C:\Windows\System32\WZDPlay.dll
[2009/12/12 01:48:09 | 000,000,000 | ---- | C] () -- C:\Users\Dante Anthony\AppData\Local\prvlcl.dat
[2009/06/26 12:14:36 | 000,051,472 | ---- | C] () -- C:\Windows\System32\drivers\mfx.sys
[2009/06/07 19:58:16 | 000,129,024 | ---- | C] () -- C:\Windows\System32\AVERM.dll
[2009/06/07 19:58:16 | 000,028,672 | ---- | C] () -- C:\Windows\System32\AVEQT.dll
[2009/05/31 17:09:06 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/05/31 17:08:44 | 000,226,280 | ---- | C] () -- C:\Windows\System32\drivers\volsnap.sys
[2009/05/28 08:33:10 | 000,000,143 | ---- | C] () -- C:\Windows\GKLauncherInfo.ini
[2009/05/28 01:55:45 | 000,001,356 | ---- | C] () -- C:\Users\Dante Anthony\AppData\Local\d3d9caps.dat
[2009/03/08 00:28:25 | 000,022,328 | ---- | C] () -- C:\Users\Dante Anthony\AppData\Roaming\PnkBstrK.sys
[2009/02/25 22:54:12 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.INI
[2009/01/01 22:54:47 | 000,870,128 | ---- | C] () -- C:\Users\Dante Anthony\AppData\Roaming\mcs.rma
[2009/01/01 22:54:47 | 000,000,004 | ---- | C] () -- C:\Users\Dante Anthony\AppData\Roaming\323F99
[2008/10/07 12:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2008/10/07 12:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 12:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008/10/07 12:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008/10/07 12:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 12:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008/10/07 12:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008/10/07 12:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008/10/07 12:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008/10/07 12:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2008/09/01 16:25:03 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2008/07/25 17:12:48 | 000,000,021 | ---- | C] () -- C:\Windows\atid.ini
[2008/06/11 16:57:23 | 000,164,352 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2008/06/11 16:57:18 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2008/06/11 16:57:18 | 000,755,027 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2008/06/11 16:57:18 | 000,159,839 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2008/06/11 16:57:17 | 000,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2008/05/29 00:45:44 | 000,001,744 | ---- | C] () -- C:\Users\Dante Anthony\AppData\Roaming\wklnhst.dat
[2008/05/28 23:45:20 | 000,145,920 | ---- | C] () -- C:\Users\Dante Anthony\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/05/21 04:22:19 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2008/05/21 04:22:14 | 000,876,544 | ---- | C] () -- C:\Windows\System32\TEACico2.dll
[2008/05/20 20:47:08 | 000,031,616 | ---- | C] () -- C:\Windows\System32\drivers\livecamv.sys
[2008/05/20 20:41:03 | 000,000,628 | ---- | C] () -- C:\Windows\System32\PCI_VEN_1102&DEV_FF05&SUBSYS_00001102.ini
[2008/05/20 20:41:02 | 000,101,376 | ---- | C] () -- C:\Windows\System32\APOMngr.dll
[2008/05/20 20:41:02 | 000,066,560 | ---- | C] () -- C:\Windows\System32\CmdRtr.dll
[2007/11/26 23:56:28 | 000,151,415 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2007/02/13 10:14:18 | 000,389,120 | ---- | C] () -- C:\Windows\System32\btwhidcs.dll
[2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2003/05/13 15:41:58 | 000,049,152 | ---- | C] () -- C:\Windows\System32\cdlock.dll
[2003/01/07 17:05:08 | 000,002,695 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI
[2001/11/14 11:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll
[1996/04/03 14:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys

========== LOP Check ==========

[2008/07/25 17:38:43 | 000,000,000 | ---D | M] -- C:\Users\Dante Anthony\AppData\Roaming\acccore
[2010/03/30 00:24:37 | 000,000,000 | ---D | M] -- C:\Users\Dante Anthony\AppData\Roaming\Acoustica
[2010/03/30 00:33:48 | 000,000,000 | ---D | M] -- C:\Users\Dante Anthony\AppData\Roaming\Antares
[2009/12/28 20:27:53 | 000,000,000 | ---D | M] -- C:\Users\Dante Anthony\AppData\Roaming\AudioTuner
[2008/08/06 03:32:29 | 000,000,000 | ---D | M] -- C:\Users\Dante Anthony\AppData\Roaming\Azureus
[2009/04/08 20:41:10 | 000,000,000 | ---D | M] -- C:\Users\Dante Anthony\AppData\Roaming\Bump Technologies, Inc
[2009/04/14 01:53:13 | 000,000,000 | ---D | M] -- C:\Users\Dante Anthony\AppData\Roaming\Camfrog
[2008/11/01 10:46:03 | 000,000,000 | ---D | M] -- C:\Users\Dante Anthony\AppData\Roaming\cmw
[2010/08/26 22:56:43 | 000,000,000 | ---D | M] -- C:\Users\Dante Anthony\AppData\Roaming\D21DEA5E87B234AD11F4C3370E029158
[2008/06/02 18:43:33 | 000,000,000 | ---D | M] -- C:\Users\Dante Anthony\AppData\Roaming\DAEMON Tools
[2010/03/27 02:08:05 | 000,000,000 | ---D | M] -- C:\Users\Dante Anthony\AppData\Roaming\Facebook
[2008/10/30 01:05:38 | 000,000,000 | ---D | M] -- C:\Users\Dante Anthony\AppData\Roaming\FlashGet
[2009/09/18 00:37:30 | 000,000,000 | ---D | M] -- C:\Users\Dante Anthony\AppData\Roaming\Flock
[2009/09/04 16:33:31 | 000,000,000 | ---D | M] -- C:\Users\Dante Anthony\AppData\Roaming\FreeCall
[2009/06/07 19:58:02 | 000,000,000 | ---D | M] -- C:\Users\Dante Anthony\AppData\Roaming\GetRightToGo
[2008/06/17 20:32:16 | 000,000,000 | ---D | M] -- C:\Users\Dante Anthony\AppData\Roaming\GlobalSCAPE
[2009/10/20 23:39:46 | 000,000,000 | ---D | M] -- C:\Users\Dante Anthony\AppData\Roaming\ImgBurn
[2010/06/21 08:18:54 | 000,000,000 | ---D | M] -- C:\Users\Dante Anthony\AppData\Roaming\ImTOO Software Studio
[2009/11/27 22:13:15 | 000,000,000 | ---D | M] -- C:\Users\Dante Anthony\AppData\Roaming\Leadertech
[2010/10/06 13:10:36 | 000,000,000 | ---D | M] -- C:\Users\Dante Anthony\AppData\Roaming\LimeWire
[2010/08/31 14:53:21 | 000,000,000 | ---D | M] -- C:\Users\Dante Anthony\AppData\Roaming\Logs
[2010/09/22 01:33:48 | 000,000,000 | ---D | M] -- C:\Users\Dante Anthony\AppData\Roaming\ManyCam
[2010/11/19 05:19:19 | 000,000,000 | ---D | M] -- C:\Users\Dante Anthony\AppData\Roaming\MPEG Streamclip
[2010/01/13 23:16:25 | 000,000,000 | ---D | M] -- C:\Users\Dante Anthony\AppData\Roaming\ooVoo Details
[2010/06/12 11:42:33 | 000,000,000 | ---D | M] -- C:\Users\Dante Anthony\AppData\Roaming\oovooinstaller
[2010/01/30 14:18:36 | 000,000,000 | ---D | M] -- C:\Users\Dante Anthony\AppData\Roaming\QQ Games Plugin
[2008/08/13 15:20:57 | 000,000,000 | ---D | M] -- C:\Users\Dante Anthony\AppData\Roaming\SPORE Creature Creator
[2008/07/02 14:14:38 | 000,000,000 | ---D | M] -- C:\Users\Dante Anthony\AppData\Roaming\SporeCreatureCreator
[2009/11/08 22:40:38 | 000,000,000 | ---D | M] -- C:\Users\Dante Anthony\AppData\Roaming\Synthesia
[2009/02/03 01:22:34 | 000,000,000 | ---D | M] -- C:\Users\Dante Anthony\AppData\Roaming\TeamViewer
[2008/05/29 00:45:45 | 000,000,000 | ---D | M] -- C:\Users\Dante Anthony\AppData\Roaming\Template
[2008/09/16 18:57:31 | 000,000,000 | ---D | M] -- C:\Users\Dante Anthony\AppData\Roaming\tmp
[2008/06/02 18:52:43 | 000,000,000 | ---D | M] -- C:\Users\Dante Anthony\AppData\Roaming\Ubisoft
[2010/01/06 23:37:28 | 000,000,000 | ---D | M] -- C:\Users\Dante Anthony\AppData\Roaming\Unity
[2010/12/05 12:03:23 | 000,000,000 | ---D | M] -- C:\Users\Dante Anthony\AppData\Roaming\uTorrent
[2010/06/03 18:06:13 | 000,000,000 | ---D | M] -- C:\Users\Dante Anthony\AppData\Roaming\WarZone
[2010/11/06 00:31:55 | 000,032,590 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010/12/04 20:59:59 | 000,000,434 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{0CEB73A9-51B8-4C90-8907-4B847E6DEC0C}.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 64 bytes -> C:\Users\Dante Anthony\Desktop\Hulk.mov:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Dante Anthony\Desktop\CribSong.wav:TOC.WMV
< End of report >
  • 0

#3
Salagubang

Salagubang

    Trusted Helper

  • Malware Removal
  • 3,890 posts
Hi dantecantal,

Welcome to Geekstogo.

My name is Salagubang. Sorry for the delay, if you still need assistance I'll be glad helping you with this problem.

I am still a trainee so all my posts will be checked by an Expert. It's your advantage that there are two people looking at your log but responses may be a little delayed so please be patient.

  • Please read all of my response through at least once before attempting to follow the procedures described. I would recommend printing them out, if you can, as you can check off each step as you complete it. If there's anything you don't understand or isn't totally clear, please come back to me for clarification.
  • Please do not attach any log files to your replies unless I specifically ask you. Instead please copy and paste so as to include the log in your reply. You can do this in separate posts if it's easier for you
  • English is not my first language, so please do not use slang or idioms, as this makes it difficult to understand for me.

Lets start.

Restart your computer with Automatic Restart on System Failure disabled
  • You can do this by restarting your computer and continually tapping the F8 key until a menu appears.
    Use your up arrow key to highlight "Disable Automatic Restart on System Failure" then hit enter
    .

  • If windows failed to boot, windows will not restart and will show a blue screen indicating the source of the error as shown in the example below

    Posted Image
  • Copy the technical information (as shown in the above example enclosed in red boxes) and post it on your next response.

  • 0

#4
dantecantal

dantecantal

    Member

  • Topic Starter
  • Member
  • PipPip
  • 58 posts
0x0000007F (0x0000000D, 0x00000000, 0x00000000, 0x00000000)

nothing for box 3
  • 0

#5
Salagubang

Salagubang

    Trusted Helper

  • Malware Removal
  • 3,890 posts
Hi dantecantal,

I am reviewing your logs right now and will post a fix later. Please be patient. :D
  • 0

#6
Salagubang

Salagubang

    Trusted Helper

  • Malware Removal
  • 3,890 posts
Hi dantecantal,

Why didn't you complete with the clean-up here.


Start OTLPE as you did previously from CD
Download fix.txt
Attached File  fix.txt   402bytes   118 downloads

  • Start OTLPE
  • Drag and drop fix.txt into the Custom scans and fixes box
  • If you cannot drag and drop for some reason. Then press the Run Fix button and a dialogue box will pop up asking for the location - select the file on your USB drive
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot when it is done to normal mode if possible
  • Then post a new OTL log ( don't check the boxes beside LOP Check or Purity this time )

Edited by Salagubang, 06 December 2010 - 03:46 PM.

  • 0

#7
dantecantal

dantecantal

    Member

  • Topic Starter
  • Member
  • PipPip
  • 58 posts
the fix says it works and needs a reboot. how do i reboot it? it takes very long when i click restart or shutdown. and once it does shut down, i remove the cd. the cycle goes back again to startup repair. do i remove the cd? or do i just leave it in?
  • 0

#8
Salagubang

Salagubang

    Trusted Helper

  • Malware Removal
  • 3,890 posts
Yes you need to remove the CD. Is there an option to boot normally when you restart?
  • 0

#9
dantecantal

dantecantal

    Member

  • Topic Starter
  • Member
  • PipPip
  • 58 posts
it gives me 2 options.
launch startup repair
boot windows normally
when i choose to boot it normally, it flashes the blue screen then restarts.
  • 0

#10
Salagubang

Salagubang

    Trusted Helper

  • Malware Removal
  • 3,890 posts
Please go through start up repair. Lets see if it resolves the issue.
  • 0

Advertisements


#11
Salagubang

Salagubang

    Trusted Helper

  • Malware Removal
  • 3,890 posts
Hi dantecantal,

Boot again using your Reatogo CD.
Download the attached scan.txt
Attached File  scan.txt   394bytes   108 downloads
  • Double-click on the OTLPE icon.
  • Select the Windows folder of the infected drive if it asks for a location
  • When asked "Do you wish to load the remote registry", select Yes
  • When asked "Do you wish to load remote user profile(s) for scanning", select Yes
  • Ensure the box "Automatically Load All Remaining Users" is checked and press OK
  • OTL should now start.
  • Double click Custom scans and fixes box, a dialogue box will appear. Choose the scan.txt saved previously on your USB drive.
  • Press Run Scan to start the scan.
  • When finished, the file will be saved in drive C:\OTL.txt
  • Copy this file to your USB drive if you do not have internet connection on this system.
  • Right click the file and select send to : select the USB drive.
  • Confirm that it has copied to the USB drive by selecting it
  • You can backup any files that you wish from this OS
  • Please post the contents of the C:\OTL.txt file in your reply.

  • 0

#12
dantecantal

dantecantal

    Member

  • Topic Starter
  • Member
  • PipPip
  • 58 posts
the startup repair did not work.

OTL logfile created on: 12/7/2010 6:45:44 AM - Run
OTLPE by OldTimer - Version 3.1.43.0 Folder = X:\Programs\OTLPE
Windows Vista ™ Home Premium Service Pack 2 (Version = 6.0.6002) - Type = System
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 90.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 97.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 581.12 Gb Total Space | 157.08 Gb Free Space | 27.03% Space Free | Partition Type: NTFS
Drive I: | 15.00 Gb Total Space | 8.06 Gb Free Space | 53.76% Space Free | Partition Type: NTFS
Drive X: | 434.99 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001

========== Win32 Services (SafeList) ==========

SRV - File not found [Auto] -- -- (SessionLauncher)
SRV - [2010/07/15 12:28:37 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2009/09/26 02:32:18 | 000,189,736 | ---- | M] (Seagate Technology LLC) [Auto] -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe -- (FreeAgentGoNext Service)
SRV - [2009/09/24 20:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/07/16 20:04:16 | 000,316,664 | ---- | M] (Valve Corporation) [On_Demand] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2009/01/28 02:39:02 | 000,185,640 | ---- | M] (TeamViewer GmbH) [Auto] -- C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe -- (TeamViewer4)
SRV - [2008/07/22 11:59:42 | 000,794,624 | ---- | M] () [On_Demand] -- C:\Program Files\TVersity\Media Server\MediaServer.exe -- (TVersityMediaServer)
SRV - [2008/06/08 08:56:07 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008/05/20 20:54:13 | 000,029,744 | ---- | M] (Google) [On_Demand] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-010708-104812)
SRV - [2008/05/20 20:40:29 | 000,072,704 | ---- | M] (Creative Labs) [Auto] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe -- (Creative Labs Licensing Service)
SRV - [2008/01/19 02:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/12/14 13:25:22 | 000,309,744 | ---- | M] (Sonic Solutions) [Auto] -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe -- (RoxLiveShare10)
SRV - [2007/12/14 13:25:20 | 000,166,384 | ---- | M] (Sonic Solutions) [Auto] -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe -- (RoxWatch10)
SRV - [2007/12/14 13:25:12 | 001,112,560 | ---- | M] (Sonic Solutions) [On_Demand] -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe -- (RoxMediaDB10)
SRV - [2007/10/03 14:45:02 | 000,358,936 | ---- | M] (Intel Corporation) [Auto] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2007/09/12 03:40:44 | 000,094,208 | ---- | M] (SigmaTel, Inc.) [Auto] -- C:\Windows\System32\stacsv.exe -- (STacSV)
SRV - [2007/01/04 16:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | Auto] -- -- (MCSTRM)
DRV - File not found [Kernel | On_Demand] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand] -- C:\Windows\System32\drivers\EagleNT.sys -- (EagleNT)
DRV - File not found [Kernel | On_Demand] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - File not found [Kernel | System] -- C:\Windows\System32\drivers\BrFiltLoo.sys -- (BrFiltLoo)
DRV - File not found [Kernel | Disabled] -- C:\Windows\System32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2010/07/15 12:28:40 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- C:\Windows\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010/07/15 12:28:01 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- C:\Windows\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010/06/04 10:44:45 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System] -- C:\Windows\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2009/07/06 19:57:04 | 000,049,904 | R--- | M] (Avanquest Software) [Kernel | On_Demand] -- C:\Windows\System32\drivers\BVRPMPR5.SYS -- (BVRPMPR5)
DRV - [2009/04/11 01:32:56 | 000,226,280 | ---- | M] () [Kernel | Boot] -- C:\Windows\System32\drivers\volsnap.sys -- (volsnap)
DRV - [2009/04/10 23:42:56 | 000,073,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2009/04/10 23:42:54 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2008/06/03 08:22:56 | 003,695,104 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2008/06/03 08:22:56 | 003,695,104 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008/06/02 18:43:39 | 000,717,296 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2008/05/21 04:17:05 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/05/21 04:17:05 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/05/21 04:17:05 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2008/05/15 03:15:42 | 000,813,696 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\atinavrr.sys -- (ATIAVPCI)
DRV - [2008/03/14 01:04:29 | 000,046,652 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2007/12/11 03:43:48 | 000,308,248 | ---- | M] (Intel Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\iaStor.sys -- (iaStor)
DRV - [2007/09/12 03:44:34 | 000,228,224 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel®
DRV - [2007/09/12 03:40:48 | 000,326,656 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007/08/28 19:05:12 | 000,055,808 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\xusb21.sys -- (xusb21)
DRV - [2007/08/22 00:39:20 | 000,235,616 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\OEM05Vid.sys -- (OEM05Vid)
DRV - [2007/08/22 00:39:18 | 000,007,424 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\OEM05Vfx.sys -- (OEM05Vfx)
DRV - [2007/08/22 00:39:04 | 000,141,376 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\OEM05Afx.sys -- (OEM05Afx)
DRV - [2007/04/09 12:56:22 | 000,021,248 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2007/04/09 12:55:08 | 000,022,912 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2007/04/09 12:53:24 | 000,012,672 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2007/04/01 23:42:08 | 000,016,432 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\btwrchid.sys -- (btwrchid)
DRV - [2007/04/01 23:42:04 | 000,080,688 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\btwavdt.sys -- (btwavdt)
DRV - [2007/04/01 23:42:02 | 000,079,664 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\btwaudio.sys -- (btwaudio)
DRV - [2007/01/15 19:57:08 | 000,031,616 | ---- | M] () [Kernel | On_Demand] -- C:\Windows\System32\drivers\livecamv.sys -- (RLDesignVirtualAudioCableWdm)
DRV - [2006/11/02 04:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006/11/02 04:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006/11/02 04:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006/11/02 04:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006/11/02 04:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006/11/02 04:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006/11/02 04:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006/11/02 04:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006/11/02 04:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006/11/02 04:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 04:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 04:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006/11/02 04:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006/11/02 04:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 04:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 04:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006/11/02 04:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006/11/02 04:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 04:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006/11/02 04:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006/11/02 04:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006/11/02 04:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006/11/02 04:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006/11/02 04:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 04:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 04:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006/11/02 04:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 04:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006/11/02 04:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 04:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 04:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 04:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006/11/02 03:51:31 | 000,514,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\xnacc.sys -- (xnacc)
DRV - [2006/11/02 03:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 03:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 03:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 03:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 03:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 03:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 02:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 02:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel®
DRV - [2006/09/24 08:28:46 | 000,005,248 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Boot] -- C:\Windows\System32\speedfan.sys -- (speedfan)
DRV - [2005/08/17 10:45:00 | 000,058,352 | ---- | M] (MCCI) [Kernel | On_Demand] -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - [2005/01/18 05:31:30 | 000,049,536 | ---- | M] (Texas Instruments Incorporated) [Kernel | On_Demand] -- C:\Windows\System32\drivers\tiehdusb.sys -- (TIEHDUSB)
DRV - [1996/04/03 14:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot] -- C:\Windows\System32\giveio.sys -- (giveio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes]
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co...=us&ibd=0080521
IE - HKLM\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)


IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\Admin_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co...=us&ibd=0080521
IE - HKU\Admin_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Dante_Anthony_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co...=us&ibd=0080521
IE - HKU\Dante_Anthony_ON_C\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)
IE - HKU\Dante_Anthony_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Dante_Anthony_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local




FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2010/11/24 12:13:28 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files\Google\Google Gears\Firefox\ [2010/03/06 00:14:34 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Flock 2.5.2\extensions\\Components: C:\Program Files\Flock\components
FF - HKLM\software\mozilla\Flock 2.5.2\extensions\\Plugins: C:\Program Files\Flock\plugins
FF - HKLM\software\mozilla\Mozilla Firefox 3.1b1\extensions\\Components: C:\Program Files\Mozilla Firefox 3.1 Beta 1\components [2009/08/31 23:40:25 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.1b1\extensions\\Plugins: C:\Program Files\Mozilla Firefox 3.1 Beta 1\plugins [2009/08/31 23:40:25 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/10/09 09:07:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/10/09 09:07:18 | 000,000,000 | ---D | M]

[2010/11/01 21:55:31 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2007/04/16 12:07:12 | 000,180,293 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll
[2010/07/22 06:17:34 | 000,002,076 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google_search.xml

O1 HOSTS File: ([2010/12/06 21:21:09 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AIM Toolbar Loader) - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)
O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (AIM Toolbar) - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\Dante_Anthony_ON_C\..\Toolbar\WebBrowser: (AIM Toolbar) - {61539ECD-CC67-4437-A03C-9AACCBD14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Bluetooth HCI Monitor] C:\Windows\System32\HCIMNTR.DLL (Logitech Inc.)
O4 - HKLM..\Run: [DELL Webcam Manager] C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [MaxMenuMgr] C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe (Seagate LLC)
O4 - HKLM..\Run: [OEM05Mon.exe] C:\Windows\OEM05Mon.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O4 - HKLM..\Run: [supertintin_skype] C:\Program Files\Supertintin for Skype\supertintin_skype.exe (IMTiger Software Ltd.)
O4 - HKLM..\Run: [VolPanel] C:\Program Files\Creative\SBAudigy\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O4 - HKU\Admin_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\Dante_Anthony_ON_C..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe (Adobe Systems Incorporated)
O4 - HKU\Dante_Anthony_ON_C..\Run: [ooVoo.exe] C:\Program Files\ooVoo\oovoo.exe (ooVoo LLC)
O4 - HKU\Dante_Anthony_ON_C..\Run: [Orb] C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe (Orb Networks)
O4 - HKU\Dante_Anthony_ON_C..\Run: [Steam] C:\program files\steam\steam.exe (Valve Corporation)
O4 - HKU\Dante_Anthony_ON_C..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKLM..\RunOnce: [*Restore] C:\Windows\System32\rstrui.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowLegacyWebView = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowUnhashedWebView = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\Dante_Anthony_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\Dante_Anthony_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper20073151.dll (Installation Support)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - AppInit_DLLs: (C:\Windows\System32\avgrsstx.dll) - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - AppInit_DLLs: (C:\Windows\System32\avgrsstx.dll) - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.ac3acm - C:\Windows\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: VIDC.XVID - C:\Windows\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\Windows\System32\yv12vfw.dll (www.helixcommunity.org)

========== Files/Folders - Created Within 30 Days ==========

[2010/11/27 21:01:02 | 000,000,000 | ---D | C] -- C:\Windows\LastGood
[2010/11/19 05:19:19 | 000,000,000 | ---D | C] -- C:\Users\Dante Anthony\AppData\Roaming\MPEG Streamclip
[2010/11/19 05:04:55 | 000,000,000 | ---D | C] -- C:\Users\Dante Anthony\Desktop\cannedfood
[1 C:\Users\Dante Anthony\Documents\*.tmp files -> C:\Users\Dante Anthony\Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/12/07 00:43:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/12/06 21:21:09 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2010/12/05 11:28:30 | 000,019,968 | ---- | M] () -- C:\Users\Dante Anthony\Documents\joke.doc
[2010/12/04 20:59:59 | 000,000,434 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{0CEB73A9-51B8-4C90-8907-4B847E6DEC0C}.job
[2010/12/04 20:29:00 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/12/04 20:08:00 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3404729698-1243055473-1963908234-1001UA.job
[2010/12/04 19:31:56 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/12/04 19:31:56 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/12/04 13:08:00 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3404729698-1243055473-1963908234-1001Core.job
[2010/12/04 12:45:07 | 068,481,239 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2010/12/04 05:29:00 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/12/03 06:10:49 | 000,002,084 | ---- | M] () -- C:\Users\Dante Anthony\Desktop\Google Chrome.lnk
[2010/12/03 06:10:49 | 000,002,046 | ---- | M] () -- C:\Users\Dante Anthony\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/12/01 01:28:22 | 000,101,888 | ---- | M] () -- C:\Users\Dante Anthony\Documents\calpolypomonaapp.doc
[2010/12/01 01:24:12 | 000,222,720 | ---- | M] () -- C:\Users\Dante Anthony\Documents\calpolyapp.doc
[2010/12/01 00:19:10 | 000,024,064 | ---- | M] () -- C:\Users\Dante Anthony\Documents\personalstatement.doc
[2010/11/25 03:38:00 | 000,000,000 | ---- | M] () -- C:\Users\Dante Anthony\AppData\Local\prvlcl.dat
[2010/11/24 22:27:06 | 000,033,792 | ---- | M] () -- C:\Users\Dante Anthony\Documents\ps.doc
[2010/11/23 04:47:41 | 000,145,920 | ---- | M] () -- C:\Users\Dante Anthony\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/11/20 00:28:23 | 021,741,174 | ---- | M] () -- C:\Users\Dante Anthony\Desktop\cannedfoodfinal.wmv
[2010/11/19 09:48:02 | 000,598,350 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/11/19 09:48:02 | 000,101,988 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/11/19 07:32:34 | 030,667,498 | ---- | M] () -- C:\Users\Dante Anthony\Desktop\cannedfoodvid.wmv
[2010/11/19 06:50:09 | 044,025,480 | ---- | M] () -- C:\Users\Dante Anthony\Desktop\cannedfood.wmv
[2010/11/17 15:28:30 | 3219,046,400 | -HS- | M] () -- C:\hiberfil.sys
[2010/11/17 15:28:27 | 260,795,828 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/11/11 18:26:40 | 000,000,162 | -H-- | M] () -- C:\Users\Dante Anthony\Documents\~$ps.doc
[1 C:\Users\Dante Anthony\Documents\*.tmp files -> C:\Users\Dante Anthony\Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/12/05 11:28:24 | 000,019,968 | ---- | C] () -- C:\Users\Dante Anthony\Documents\joke.doc
[2010/12/01 01:28:22 | 000,101,888 | ---- | C] () -- C:\Users\Dante Anthony\Documents\calpolypomonaapp.doc
[2010/12/01 01:24:12 | 000,222,720 | ---- | C] () -- C:\Users\Dante Anthony\Documents\calpolyapp.doc
[2010/11/23 12:45:57 | 000,024,064 | ---- | C] () -- C:\Users\Dante Anthony\Documents\personalstatement.doc
[2010/11/20 00:27:27 | 021,741,174 | ---- | C] () -- C:\Users\Dante Anthony\Desktop\cannedfoodfinal.wmv
[2010/11/19 07:28:11 | 030,667,498 | ---- | C] () -- C:\Users\Dante Anthony\Desktop\cannedfoodvid.wmv
[2010/11/19 06:49:14 | 044,025,480 | ---- | C] () -- C:\Users\Dante Anthony\Desktop\cannedfood.wmv
[2010/11/11 18:26:40 | 000,000,162 | -H-- | C] () -- C:\Users\Dante Anthony\Documents\~$ps.doc
[2010/08/10 20:07:28 | 000,000,186 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2010/06/21 00:55:59 | 000,344,064 | ---- | C] () -- C:\Windows\System32\xvid.dll
[2010/06/03 17:18:41 | 000,499,200 | ---- | C] () -- C:\Windows\System32\WZDPlay.dll
[2009/12/12 01:48:09 | 000,000,000 | ---- | C] () -- C:\Users\Dante Anthony\AppData\Local\prvlcl.dat
[2009/06/07 19:58:16 | 000,129,024 | ---- | C] () -- C:\Windows\System32\AVERM.dll
[2009/06/07 19:58:16 | 000,028,672 | ---- | C] () -- C:\Windows\System32\AVEQT.dll
[2009/05/31 17:09:06 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/05/31 17:08:44 | 000,226,280 | ---- | C] () -- C:\Windows\System32\drivers\volsnap.sys
[2009/05/28 08:33:10 | 000,000,143 | ---- | C] () -- C:\Windows\GKLauncherInfo.ini
[2009/05/28 01:55:45 | 000,001,356 | ---- | C] () -- C:\Users\Dante Anthony\AppData\Local\d3d9caps.dat
[2009/03/08 00:28:25 | 000,022,328 | ---- | C] () -- C:\Users\Dante Anthony\AppData\Roaming\PnkBstrK.sys
[2009/02/25 22:54:12 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.INI
[2009/01/01 22:54:47 | 000,870,128 | ---- | C] () -- C:\Users\Dante Anthony\AppData\Roaming\mcs.rma
[2009/01/01 22:54:47 | 000,000,004 | ---- | C] () -- C:\Users\Dante Anthony\AppData\Roaming\323F99
[2008/10/07 12:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2008/10/07 12:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 12:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008/10/07 12:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008/10/07 12:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 12:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008/10/07 12:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008/10/07 12:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008/10/07 12:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008/10/07 12:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2008/09/01 16:25:03 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2008/07/25 17:12:48 | 000,000,021 | ---- | C] () -- C:\Windows\atid.ini
[2008/06/11 16:57:23 | 000,164,352 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2008/06/11 16:57:18 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2008/06/11 16:57:18 | 000,755,027 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2008/06/11 16:57:18 | 000,159,839 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2008/06/11 16:57:17 | 000,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2008/05/29 00:45:44 | 000,001,744 | ---- | C] () -- C:\Users\Dante Anthony\AppData\Roaming\wklnhst.dat
[2008/05/28 23:45:20 | 000,145,920 | ---- | C] () -- C:\Users\Dante Anthony\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/05/21 04:22:19 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2008/05/21 04:22:14 | 000,876,544 | ---- | C] () -- C:\Windows\System32\TEACico2.dll
[2008/05/20 20:47:08 | 000,031,616 | ---- | C] () -- C:\Windows\System32\drivers\livecamv.sys
[2008/05/20 20:41:03 | 000,000,628 | ---- | C] () -- C:\Windows\System32\PCI_VEN_1102&DEV_FF05&SUBSYS_00001102.ini
[2008/05/20 20:41:02 | 000,101,376 | ---- | C] () -- C:\Windows\System32\APOMngr.dll
[2008/05/20 20:41:02 | 000,066,560 | ---- | C] () -- C:\Windows\System32\CmdRtr.dll
[2007/11/26 23:56:28 | 000,151,415 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2007/02/13 10:14:18 | 000,389,120 | ---- | C] () -- C:\Windows\System32\btwhidcs.dll
[2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2003/05/13 15:41:58 | 000,049,152 | ---- | C] () -- C:\Windows\System32\cdlock.dll
[2003/01/07 17:05:08 | 000,002,695 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI
[2001/11/14 11:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll
[1996/04/03 14:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys

========== LOP Check ==========

[2008/07/25 17:38:43 | 000,000,000 | ---D | M] -- C:\Users\Dante Anthony\AppData\Roaming\acccore
[2010/03/30 00:24:37 | 000,000,000 | ---D | M] -- C:\Users\Dante Anthony\AppData\Roaming\Acoustica
[2010/03/30 00:33:48 | 000,000,000 | ---D | M] -- C:\Users\Dante Anthony\AppData\Roaming\Antares
[2009/12/28 20:27:53 | 000,000,000 | ---D | M] -- C:\Users\Dante Anthony\AppData\Roaming\AudioTuner
[2008/08/06 03:32:29 | 000,000,000 | ---D | M] -- C:\Users\Dante Anthony\AppData\Roaming\Azureus
[2009/04/08 20:41:10 | 000,000,000 | ---D | M] -- C:\Users\Dante Anthony\AppData\Roaming\Bump Technologies, Inc
[2009/04/14 01:53:13 | 000,000,000 | ---D | M] -- C:\Users\Dante Anthony\AppData\Roaming\Camfrog
[2008/11/01 10:46:03 | 000,000,000 | ---D | M] -- C:\Users\Dante Anthony\AppData\Roaming\cmw
[2010/08/26 22:56:43 | 000,000,000 | ---D | M] -- C:\Users\Dante Anthony\AppData\Roaming\D21DEA5E87B234AD11F4C3370E029158
[2008/06/02 18:43:33 | 000,000,000 | ---D | M] -- C:\Users\Dante Anthony\AppData\Roaming\DAEMON Tools
[2010/03/27 02:08:05 | 000,000,000 | ---D | M] -- C:\Users\Dante Anthony\AppData\Roaming\Facebook
[2008/10/30 01:05:38 | 000,000,000 | ---D | M] -- C:\Users\Dante Anthony\AppData\Roaming\FlashGet
[2009/09/18 00:37:30 | 000,000,000 | ---D | M] -- C:\Users\Dante Anthony\AppData\Roaming\Flock
[2009/09/04 16:33:31 | 000,000,000 | ---D | M] -- C:\Users\Dante Anthony\AppData\Roaming\FreeCall
[2009/06/07 19:58:02 | 000,000,000 | ---D | M] -- C:\Users\Dante Anthony\AppData\Roaming\GetRightToGo
[2008/06/17 20:32:16 | 000,000,000 | ---D | M] -- C:\Users\Dante Anthony\AppData\Roaming\GlobalSCAPE
[2009/10/20 23:39:46 | 000,000,000 | ---D | M] -- C:\Users\Dante Anthony\AppData\Roaming\ImgBurn
[2010/06/21 08:18:54 | 000,000,000 | ---D | M] -- C:\Users\Dante Anthony\AppData\Roaming\ImTOO Software Studio
[2009/11/27 22:13:15 | 000,000,000 | ---D | M] -- C:\Users\Dante Anthony\AppData\Roaming\Leadertech
[2010/10/06 13:10:36 | 000,000,000 | ---D | M] -- C:\Users\Dante Anthony\AppData\Roaming\LimeWire
[2010/08/31 14:53:21 | 000,000,000 | ---D | M] -- C:\Users\Dante Anthony\AppData\Roaming\Logs
[2010/09/22 01:33:48 | 000,000,000 | ---D | M] -- C:\Users\Dante Anthony\AppData\Roaming\ManyCam
[2010/11/19 05:19:19 | 000,000,000 | ---D | M] -- C:\Users\Dante Anthony\AppData\Roaming\MPEG Streamclip
[2010/01/13 23:16:25 | 000,000,000 | ---D | M] -- C:\Users\Dante Anthony\AppData\Roaming\ooVoo Details
[2010/06/12 11:42:33 | 000,000,000 | ---D | M] -- C:\Users\Dante Anthony\AppData\Roaming\oovooinstaller
[2010/01/30 14:18:36 | 000,000,000 | ---D | M] -- C:\Users\Dante Anthony\AppData\Roaming\QQ Games Plugin
[2008/08/13 15:20:57 | 000,000,000 | ---D | M] -- C:\Users\Dante Anthony\AppData\Roaming\SPORE Creature Creator
[2008/07/02 14:14:38 | 000,000,000 | ---D | M] -- C:\Users\Dante Anthony\AppData\Roaming\SporeCreatureCreator
[2009/11/08 22:40:38 | 000,000,000 | ---D | M] -- C:\Users\Dante Anthony\AppData\Roaming\Synthesia
[2009/02/03 01:22:34 | 000,000,000 | ---D | M] -- C:\Users\Dante Anthony\AppData\Roaming\TeamViewer
[2008/05/29 00:45:45 | 000,000,000 | ---D | M] -- C:\Users\Dante Anthony\AppData\Roaming\Template
[2008/09/16 18:57:31 | 000,000,000 | ---D | M] -- C:\Users\Dante Anthony\AppData\Roaming\tmp
[2008/06/02 18:52:43 | 000,000,000 | ---D | M] -- C:\Users\Dante Anthony\AppData\Roaming\Ubisoft
[2010/01/06 23:37:28 | 000,000,000 | ---D | M] -- C:\Users\Dante Anthony\AppData\Roaming\Unity
[2010/12/05 12:03:23 | 000,000,000 | ---D | M] -- C:\Users\Dante Anthony\AppData\Roaming\uTorrent
[2010/06/03 18:06:13 | 000,000,000 | ---D | M] -- C:\Users\Dante Anthony\AppData\Roaming\WarZone
[2010/11/06 00:31:55 | 000,032,590 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010/12/04 20:59:59 | 000,000,434 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{0CEB73A9-51B8-4C90-8907-4B847E6DEC0C}.job

========== Purity Check ==========



========== Custom Scans ==========



< MD5 for: EXPLORER.EXE >
[2008/10/29 01:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008/10/29 01:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008/10/29 22:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2008/05/21 04:10:25 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[2008/05/21 04:10:25 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[2009/04/11 01:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\ERDNT\cache\explorer.exe
[2009/04/11 01:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009/04/11 01:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008/10/27 21:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2006/11/02 04:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
[2008/01/19 02:33:10 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

< MD5 for: SVCHOST.EXE >
[2006/11/02 04:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6000.16386_none_b38497a50862ad11\svchost.exe
[2008/01/19 02:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\ERDNT\cache\svchost.exe
[2008/01/19 02:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008/01/19 02:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe

< MD5 for: USERINIT.EXE >
[2008/01/19 02:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\ERDNT\cache\userinit.exe
[2008/01/19 02:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008/01/19 02:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2006/11/02 04:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009/04/11 01:28:14 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\ERDNT\cache\winlogon.exe
[2009/04/11 01:28:14 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009/04/11 01:28:14 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2006/11/02 04:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008/01/19 02:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< %SYSTEMDRIVE%\*.* >
[2006/09/18 16:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2009/04/11 01:36:38 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2010/08/31 15:06:36 | 000,021,296 | ---- | M] () -- C:\ComboFix.txt
[2006/09/18 16:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2008/05/21 04:22:25 | 000,005,740 | RH-- | M] () -- C:\dell.sdr
[2010/11/17 15:28:30 | 3219,046,400 | -HS- | M] () -- C:\hiberfil.sys
[2009/06/01 20:43:33 | 000,001,876 | ---- | M] () -- C:\HijackThis.lnk
[2009/05/11 17:29:23 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/04/02 19:50:44 | 000,001,957 | -H-- | M] () -- C:\IPH.PH
[2009/09/19 17:38:02 | 003,256,793 | ---- | M] () -- C:\ituneslib.itl
[2009/05/11 17:29:23 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010/10/14 23:53:07 | 000,000,000 | ---- | M] () -- C:\OrbPVR.db
[2010/12/07 06:43:01 | 000,019,136 | ---- | M] () -- C:\OTL.Txt
[2010/07/17 23:07:56 | 000,552,960 | R--- | M] (OldTimer Tools) -- C:\OTLPE.exe
[2010/11/17 15:28:28 | 3532,881,920 | -HS- | M] () -- C:\pagefile.sys
[2009/06/03 01:12:46 | 264,759,878 | ---- | M] () -- C:\VirgieBday.avi
[2009/06/03 01:14:33 | 264,822,784 | ---- | M] () -- C:\VirgieBday.iso
[2010/07/23 02:01:20 | 000,000,150 | ---- | M] () -- C:\zrpt.xml

< %systemroot%\*. /mp /s >

< CREATERESTOREPOINT >

< %systemroot%\System32\config\*.sav >
[2006/11/02 05:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2006/11/02 05:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2006/11/02 05:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006/11/02 05:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006/11/02 05:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-11-28 02:01:23
< End of report >

Edited by dantecantal, 07 December 2010 - 09:21 AM.

  • 0

#13
Salagubang

Salagubang

    Trusted Helper

  • Malware Removal
  • 3,890 posts
Hi dantecantal,

Did you install/modified any of your hardware recently?
  • 0

#14
dantecantal

dantecantal

    Member

  • Topic Starter
  • Member
  • PipPip
  • 58 posts
i did not.
  • 0

#15
Salagubang

Salagubang

    Trusted Helper

  • Malware Removal
  • 3,890 posts
Hi dantecantal,

Start OTLPE as you did previously from CD
Copy the attached Fix.txt to a USB
Attached File  fix.txt   186bytes   135 downloads

  • Insert your USB drive with fix.txt on it
  • Start OTLPE
  • Drag and drop fix.txt into the Custom scans and fixes box
  • If you cannot drag and drop for some reason. Then press the Run Fix button and a dialogue box will pop up asking for the location - select the file on your USB drive
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot when it is done to normal mode if possible

Tell me how it goes.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP