Antimalware Doctor preventiing boot

UPDATE: I NOW HAVE an OSX install DVD. Here are the scan and the file:

OTL logfile created on: 4/18/2011 5:48:28 PM - Run
OTLPE by OldTimer - Version 3.1.46.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 6.0.2800.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 90.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): c:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 162.12 Gb Total Space | 11.93 Gb Free Space | 7.36% Space Free | Partition Type: NTFS
Drive D: | 3.73 Gb Total Space | 0.25 Gb Free Space | 6.68% Space Free | Partition Type: FAT32
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet004

========== Win32 Services (SafeList) ==========

SRV - [2011/02/12 19:22:38 | 000,288,112 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe -- (Adobe Version Cue CS4)
SRV - [2011/02/12 01:02:03 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/01/05 16:13:14 | 000,632,792 | ---- | M] (PC Tools) [Auto] -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc)
SRV - [2010/12/09 11:48:10 | 000,247,760 | ---- | M] (Threat Expert Ltd.) [Auto] -- C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)
SRV - [2010/12/02 12:33:12 | 000,070,928 | ---- | M] (PC Tools) [On_Demand] -- C:\Program Files\Spyware Doctor\TFEngine\TFService.exe -- (ThreatFire)
SRV - [2010/11/19 07:57:14 | 001,150,936 | ---- | M] (PC Tools) [On_Demand] -- C:\Program Files\Spyware Doctor\pctsSvc.exe -- (sdCoreService)
SRV - [2010/06/17 19:14:52 | 000,338,464 | ---- | M] (Soluto) [Auto] -- C:\Program Files\Soluto\SolutoService.exe -- (SolutoService)
SRV - [2010/03/15 15:02:36 | 000,366,840 | ---- | M] (PC Tools) [On_Demand] -- C:\Program Files\Spyware Doctor\pctsAuxs.exe -- (sdAuxService)
SRV - [2010/01/12 10:07:44 | 000,033,792 | ---- | M] (Palm) [Auto] -- C:\Program Files\Palm, Inc\novacom\x86\novacomd.exe -- (NovacomD)
SRV - [2009/11/15 01:40:46 | 000,136,504 | ---- | M] () [Auto] -- C:\WINDOWS\system32\AppleOSSMgr.exe -- (AppleOSSMgr)
SRV - [2009/11/15 01:40:46 | 000,099,640 | ---- | M] (Apple Inc.) [Auto] -- C:\WINDOWS\system32\AppleTimeSrv.exe -- (AppleTimeSrv)
SRV - [2009/10/21 21:27:32 | 000,025,824 | ---- | M] (Memeo) [Auto] -- C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe -- (MemeoBackgroundService)
SRV - [2009/09/29 09:17:50 | 000,013,088 | ---- | M] (Intuit Inc.) [On_Demand] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2007/10/22 10:41:28 | 000,417,792 | ---- | M] (mental images GmbH) [Auto] -- C:\spm\spmdib.exe -- (spmd)
SRV - [2006/12/19 18:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) [Auto] -- C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe -- (EpsonBidirectionalService)
SRV - [2006/11/03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2006/01/09 11:56:04 | 000,049,152 | ---- | M] () [Auto] -- C:\WINDOWS\System32\LxrSII1s.exe -- (LxrSII1s)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand] -- -- (cpuz132)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - [2010/12/02 12:33:12 | 000,069,392 | --S- | M] (PC Tools) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\TfSysMon.sys -- (TfSysMon)
DRV - [2010/12/02 12:33:12 | 000,051,984 | --S- | M] (PC Tools) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\TfFsMon.sys -- (TfFsMon)
DRV - [2010/12/02 12:33:12 | 000,033,552 | --S- | M] (PC Tools) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\TfNetMon.sys -- (TfNetMon)
DRV - [2010/11/25 11:43:00 | 000,239,168 | ---- | M] (PC Tools) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\PCTCore.sys -- (PCTCore)
DRV - [2010/11/25 11:42:10 | 000,070,536 | ---- | M] (PC Tools) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\pctplsg.sys -- (pctplsg)
DRV - [2010/11/17 11:19:50 | 000,249,616 | ---- | M] (PC Tools) [Kernel | System] -- C:\WINDOWS\system32\drivers\pctgntdi.sys -- (pctgntdi)
DRV - [2010/07/16 15:59:54 | 000,656,320 | ---- | M] (PC Tools) [File_System | Boot] -- C:\WINDOWS\system32\drivers\pctEFA.sys -- (pctEFA)
DRV - [2010/07/16 15:59:54 | 000,338,880 | ---- | M] (PC Tools) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\pctDS.sys -- (pctDS)
DRV - [2010/06/17 19:06:44 | 000,179,656 | ---- | M] (Soluto LTD.) [File_System | Boot] -- C:\WINDOWS\system32\drivers\PCGenFAM.sys -- (PCGenFAM)
DRV - [2009/11/15 01:40:46 | 000,005,760 | ---- | M] (Apple Inc.) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\KeyAgent.sys -- (KeyAgent)
DRV - [2009/10/16 09:36:53 | 000,029,696 | ---- | M] (Apple Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\applemtp.sys -- (applemtp)
DRV - [2009/10/16 09:36:53 | 000,010,496 | ---- | M] (Apple Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\applemtm.sys -- (applemtm)
DRV - [2009/10/16 09:36:50 | 000,023,552 | ---- | M] (Apple Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\KeyMagic.sys -- (KeyMagic)
DRV - [2009/08/18 17:32:00 | 005,884,416 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/10/14 23:26:12 | 000,016,694 | ---- | M] (PalmSource, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\PalmUSBD.sys -- (PalmUSBD)
DRV - [2008/09/19 04:04:00 | 000,290,432 | ---- | M] (Marvell) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2008/09/10 19:14:48 | 001,386,624 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2008/08/05 20:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2008/04/15 15:31:18 | 000,016,512 | ---- | M] (Apple Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\IRFilter.sys -- (IRRemoteFlt)
DRV - [2008/04/15 15:30:24 | 000,006,528 | ---- | M] (Apple Inc.) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\MacHALDriver.sys -- (MacHALDriver)
DRV - [2006/12/14 07:37:40 | 000,072,672 | ---- | M] () [Kernel | Auto] -- C:\WINDOWS\system32\drivers\LxrSII1d.sys -- (LxrSII1d)
DRV - [2006/11/02 07:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)
DRV - [2006/01/04 15:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2002/09/16 17:14:32 | 000,004,228 | ---- | M] (PowerQuest Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\PQNTDRV.sys -- (PQNTDrv)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\John_Kirincich_ON_C\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKU\John_Kirincich_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = https://old.fastmail.fm/mail/?MLS=MB-*;Ust=a0ccdd5c!a40741ae;SMB-CF=10100649;UDm=49;SMB-ST=comix;MSignal=MB-GF**182853
IE - HKU\John_Kirincich_ON_C\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
IE - HKU\John_Kirincich_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\John_Kirincich_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/11/21 15:50:45 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{cb84136f-9c44-433a-9048-c5cd9df1dc16}: C:\Program Files\Spyware Doctor\BDT\FireFox\ [2011/01/20 01:25:06 | 000,000,000 | ---D | M]

O1 HOSTS File: ([2011/04/13 17:01:11 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKU\John_Kirincich_ON_C\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe_ID0ENQBO] C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Apple_KbdMgr] C:\Program Files\Boot Camp\KbdMgr.exe (Apple Inc.)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [BrStsWnd] C:\Program Files\Brownie\BrstsWnd.exe (brother)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [IRW] C:\WINDOWS\system32\IRW.exe (Apple Inc.)
O4 - HKLM..\Run: [Memeo Backup] C:\Program Files\Memeo\AutoBackup\MemeoLauncher2.exe (Memeo Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [PCTools FGuard] C:\Program Files\Spyware Doctor\BDT\FGuard.exe (Threat Expert Ltd.)
O4 - HKLM..\Run: [RemoteControl] C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe (Cyberlink Corp.)
O4 - HKLM..\Run: [TkBellExe] C:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\John_Kirincich_ON_C..\Run: [LxrAutorun] C:\Documents and Settings\John Kirincich\Local Settings\Application Data\Lexar Media\LxrAutorun.exe ()
O4 - HKU\John_Kirincich_ON_C..\Run: [RegistryMechanic] C:\Program Files\Registry Mechanic\RegMech.exe (PC Tools)
O4 - HKU\.DEFAULT..\RunOnce: [RunNarrator] C:\WINDOWS\System32\narrator.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Chapura SyncManager.lnk = C:\Program Files\Chapura\Chapura SyncManager\SyncMgr.exe (Chapura®, Inc)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Evernote Clipper.lnk = C:\WINDOWS\Installer\{F761359C-9CED-45AE-9A51-9D6605CD55C4}\Evernote.ico ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\John_Kirincich_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\John_Kirincich_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: _NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Evernote 4.0 - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra Button: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.micr.../OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} http://www.fileplane..._2.3.10.115.cab (Reg Error: Key error.)
O16 - DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} http://www.linkedin....nderControl.cab (LinkedIn ContactFinderControl)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1223517678117 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFECAFE-0013-0001-0022-ABCDEFABCDEF} http://www.fultoncou...iator/jinit.exe (JInitiator 1.3.1.22)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcp.../PCPitStop2.cab (PCPitstop Exam)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.64.150 68.87.75.198
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Program Files\Soluto\soluto.exe /userinit) - C:\Program Files\Soluto\soluto.exe (Soluto)
O24 - Desktop WallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/10/08 21:25:49 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2008/03/13 18:34:24 | 000,579,088 | -H-- | M] (Ceedo Technologies Ltd.) - D:\AutoDetect.exe -- [ FAT32 ]
O32 - AutoRun File - [2008/03/13 18:34:22 | 000,620,040 | ---- | M] (Ceedo Technologies Ltd.) - D:\Autorun.exe -- [ FAT32 ]
O32 - AutoRun File - [2007/07/29 12:00:58 | 000,000,810 | RH-- | M] () - D:\Autorun.exe.manifest -- [ FAT32 ]
O32 - AutoRun File - [2008/04/01 15:43:14 | 000,000,758 | -H-- | M] () - D:\Autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2011/04/13 16:32:52 | 000,000,758 | ---- | M] () - D:\Autorun.txt -- [ FAT32 ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (sprestrt) - C:\WINDOWS\System32\sprestrt.exe (Microsoft Corporation)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
PhysicalDisk0 MBR saved to C:\Physical0MBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2011/04/16 15:08:45 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licwmi.dll
[2011/04/13 16:36:54 | 002,234,368 | R--- | C] (OldTimer Tools) -- C:\OTLPE.exe
[2011/04/13 16:33:26 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/04/09 22:19:30 | 000,000,000 | ---D | C] -- C:\.TemporaryItems
[2011/04/09 21:32:21 | 000,000,000 | ---D | C] -- C:\.Trashes
[2011/04/09 16:42:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2011/04/09 16:42:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2011/04/09 15:40:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2011/04/09 15:40:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe

========== Files - Modified Within 30 Days ==========

[2011/04/18 17:49:12 | 000,000,512 | ---- | M] () -- C:\Physical0MBR.bin
[2011/04/17 13:43:35 | 000,006,148 | ---- | M] () -- C:\WINDOWS\.DS_Store
[2011/04/17 13:41:29 | 000,006,148 | ---- | M] () -- C:\.DS_Store
[2011/04/17 08:39:45 | 000,000,210 | RHS- | M] () -- C:\boot.ini
[2011/04/17 08:36:50 | 000,000,318 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2011/04/17 08:36:47 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/04/16 21:07:41 | 006,651,032 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/04/16 21:07:29 | 000,000,304 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-2025429265-573735546-682003330-1003.job
[2011/04/16 21:07:29 | 000,000,296 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2025429265-573735546-682003330-1003.job
[2011/04/16 21:07:12 | 000,013,740 | ---- | M] () -- C:\WINDOWS\System32\wpa.old
[2011/04/16 17:26:00 | 000,000,440 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{F3F1BA74-B0A1-4A56-97FC-2E2D38CEBA21}.job
[2011/04/16 17:24:00 | 000,506,198 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/04/16 17:24:00 | 000,088,056 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/04/16 17:09:10 | 000,000,902 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/04/13 17:01:11 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2011/04/10 13:18:50 | 000,006,148 | ---- | M] () -- C:\Documents and Settings\John Kirincich\.DS_Store
[2011/04/09 23:07:44 | 000,006,148 | ---- | M] () -- C:\WINDOWS\System32\.DS_Store
[2011/04/09 23:01:46 | 000,006,148 | ---- | M] () -- C:\Documents and Settings\NetworkService\.DS_Store
[2011/04/09 23:01:41 | 000,006,148 | ---- | M] () -- C:\Documents and Settings\LocalService\.DS_Store
[2011/04/09 23:00:53 | 000,006,148 | ---- | M] () -- C:\Documents and Settings\All Users\.DS_Store
[2011/04/09 22:32:03 | 000,004,096 | ---- | M] () -- C:\._boot.ini
[2011/04/09 22:19:31 | 000,004,096 | ---- | M] () -- C:\._.TemporaryItems
[2011/04/09 22:02:00 | 000,006,148 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\.DS_Store
[2011/04/09 19:14:48 | 000,104,974 | ---- | M] () -- C:\Documents and Settings\John Kirincich\Desktop\GADC Notice of Exercise of Stock Option.pdf
[2011/04/09 18:56:50 | 001,567,177 | ---- | M] () -- C:\Documents and Settings\John Kirincich\Desktop\GADC Non Qualified Stock Option Agreement.pdf
[2011/04/09 18:37:51 | 004,350,658 | ---- | M] () -- C:\Documents and Settings\John Kirincich\Desktop\GADC Non Qualified Stock Option Plan of 2008.pdf
[2011/04/09 17:53:51 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/04/09 17:46:08 | 000,757,051 | ---- | M] () -- C:\Documents and Settings\John Kirincich\Desktop\GADC Investment Representation Statement (John Kirincich).pdf
[2011/04/09 17:33:20 | 001,120,437 | ---- | M] () -- C:\Documents and Settings\John Kirincich\Desktop\GADC Nondisclosure Noncircumvention Agreement.pdf
[2011/04/09 17:24:14 | 000,914,312 | ---- | M] () -- C:\Documents and Settings\John Kirincich\Desktop\GADC Management Job Offer Letter.pdf
[2011/04/09 15:11:08 | 000,000,462 | ---- | M] () -- C:\WINDOWS\tasks\RMSmartUpdate.job
[2011/04/09 13:44:49 | 000,000,215 | ---- | M] () -- C:\WINDOWS\Brownie.ini
[2011/04/09 00:23:43 | 000,002,349 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Evernote Clipper.lnk
[2011/04/09 00:22:49 | 000,000,898 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/04/09 00:20:56 | 001,050,912 | ---- | M] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/04/08 00:04:22 | 000,001,765 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\DivX Plus Converter.lnk
[2011/04/08 00:04:22 | 000,001,504 | ---- | M] () -- C:\Documents and Settings\John Kirincich\Desktop\DivX Movies.lnk
[2011/03/28 23:54:03 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/03/24 23:04:09 | 000,648,984 | ---- | M] () -- C:\WINDOWS\System32\drivers\Cat.DB

========== Files Created - No Company Name ==========

[2011/04/16 15:13:42 | 000,091,215 | ---- | C] () -- C:\WINDOWS\System32\actshell.htm
[2011/04/16 15:13:16 | 000,002,126 | ---- | C] () -- C:\WINDOWS\System32\wpa.dbl
[2011/04/15 22:28:54 | 000,000,512 | ---- | C] () -- C:\Physical0MBR.bin
[2011/04/09 23:07:02 | 000,006,148 | ---- | C] () -- C:\WINDOWS\System32\.DS_Store
[2011/04/09 22:32:03 | 000,004,096 | ---- | C] () -- C:\._boot.ini
[2011/04/09 22:19:31 | 000,004,096 | ---- | C] () -- C:\._.TemporaryItems
[2011/04/09 22:00:58 | 000,006,148 | ---- | C] () -- C:\Documents and Settings\NetworkService\.DS_Store
[2011/04/09 22:00:43 | 000,006,148 | ---- | C] () -- C:\Documents and Settings\LocalService\.DS_Store
[2011/04/09 21:59:08 | 000,006,148 | ---- | C] () -- C:\Documents and Settings\John Kirincich\Start Menu\Programs\.DS_Store
[2011/04/09 21:58:50 | 000,006,148 | ---- | C] () -- C:\Documents and Settings\John Kirincich\.DS_Store
[2011/04/09 21:58:27 | 000,006,148 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\.DS_Store
[2011/04/09 21:58:06 | 000,006,148 | ---- | C] () -- C:\Documents and Settings\All Users\.DS_Store
[2011/04/09 21:34:52 | 000,006,148 | ---- | C] () -- C:\WINDOWS\.DS_Store
[2011/04/09 21:32:48 | 000,006,148 | ---- | C] () -- C:\.DS_Store
[2011/04/09 19:14:48 | 000,104,974 | ---- | C] () -- C:\Documents and Settings\John Kirincich\Desktop\GADC Notice of Exercise of Stock Option.pdf
[2011/04/09 18:56:47 | 001,567,177 | ---- | C] () -- C:\Documents and Settings\John Kirincich\Desktop\GADC Non Qualified Stock Option Agreement.pdf
[2011/04/09 18:37:45 | 004,350,658 | ---- | C] () -- C:\Documents and Settings\John Kirincich\Desktop\GADC Non Qualified Stock Option Plan of 2008.pdf
[2011/04/09 17:46:07 | 000,757,051 | ---- | C] () -- C:\Documents and Settings\John Kirincich\Desktop\GADC Investment Representation Statement (John Kirincich).pdf
[2011/04/09 17:33:19 | 001,120,437 | ---- | C] () -- C:\Documents and Settings\John Kirincich\Desktop\GADC Nondisclosure Noncircumvention Agreement.pdf
[2011/04/09 17:24:13 | 000,914,312 | ---- | C] () -- C:\Documents and Settings\John Kirincich\Desktop\GADC Management Job Offer Letter.pdf
[2011/04/08 00:04:22 | 000,001,765 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\DivX Plus Converter.lnk
[2011/04/08 00:04:22 | 000,001,504 | ---- | C] () -- C:\Documents and Settings\John Kirincich\Desktop\DivX Movies.lnk
[2011/02/21 23:49:49 | 000,000,023 | ---- | C] () -- C:\WINDOWS\BorisFX Blue1 BCC4.ini
[2011/02/20 20:18:41 | 007,506,432 | ---- | C] () -- C:\WINDOWS\System32\BLUE1 Render Engine 8BPC.dll
[2011/02/20 20:18:40 | 001,131,520 | ---- | C] () -- C:\WINDOWS\System32\Boris GL Renderer.dll
[2011/02/20 20:18:40 | 000,817,664 | ---- | C] () -- C:\WINDOWS\System32\Boris GL Scene.dll
[2011/02/20 20:18:40 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\qtmlClient.dll
[2011/02/20 20:18:40 | 000,216,576 | ---- | C] () -- C:\WINDOWS\System32\Boris Utilities.dll
[2011/02/20 20:18:40 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\Boris Render Node.dll
[2011/02/19 02:03:15 | 000,252,080 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2011/02/19 02:03:07 | 000,252,080 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2011/02/19 02:03:07 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2011/02/17 22:11:29 | 000,003,607 | ---- | C] () -- C:\WINDOWS\BorisRED4.3.ini
[2011/02/17 21:56:39 | 011,930,624 | ---- | C] () -- C:\WINDOWS\System32\FEC5_AE_16Bit.dll
[2011/02/17 21:56:37 | 000,000,000 | ---- | C] () -- C:\WINDOWS\BorisFX FEC XML.ini
[2011/02/17 21:56:37 | 000,000,000 | ---- | C] () -- C:\WINDOWS\BorisFEC5.ini
[2011/02/17 21:56:33 | 011,886,592 | ---- | C] () -- C:\WINDOWS\System32\FEC5_AE_8Bit.dll
[2011/02/17 21:56:33 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\MSL_All-DLL80_x86.dll
[2011/02/17 19:59:43 | 007,034,368 | ---- | C] () -- C:\WINDOWS\System32\BCC5 Render Engine 8BPC.dll
[2011/02/14 14:22:18 | 000,003,871 | ---- | C] () -- C:\WINDOWS\ScriptVT1.1.ini
[2011/02/14 14:22:18 | 000,001,425 | ---- | C] () -- C:\WINDOWS\ScriptTG1.1.ini
[2011/02/14 14:22:18 | 000,001,425 | ---- | C] () -- C:\WINDOWS\ScriptRC1.1.ini
[2011/02/13 19:25:38 | 002,041,344 | ---- | C] () -- C:\Program Files\Common Files\Boris RED.msi
[2011/02/13 16:25:43 | 000,003,609 | ---- | C] () -- C:\WINDOWS\BorisBLUE2.5.ini
[2011/02/13 15:31:35 | 007,450,112 | ---- | C] () -- C:\WINDOWS\System32\FEC5 Render Engine 8BPC.dll
[2011/02/13 15:31:34 | 006,321,152 | ---- | C] () -- C:\WINDOWS\System32\FEC5 Render Engine 16BPC.dll
[2011/01/05 20:51:30 | 000,003,072 | ---- | C] () -- C:\Documents and Settings\John Kirincich\Cache.db
[2011/01/05 16:11:16 | 000,037,336 | ---- | C] () -- C:\WINDOWS\System32\CleanMFT32.exe
[2010/12/17 13:08:53 | 001,050,912 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/12/17 13:07:29 | 000,000,116 | ---- | C] () -- C:\Documents and Settings\John Kirincich\Adobe Encore_AME.pref
[2010/12/14 11:43:16 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2010/12/14 01:46:45 | 002,463,976 | ---- | C] () -- C:\WINDOWS\System32\NPSWF32.dll
[2010/11/24 20:19:07 | 000,038,480 | ---- | C] () -- C:\Documents and Settings\John Kirincich\Application Data\Comma Separated Values (DOS).ADR
[2010/10/23 14:37:29 | 000,096,578 | ---- | C] () -- C:\WINDOWS\hpqins16.dat
[2010/09/04 12:04:07 | 000,241,664 | ---- | C] () -- C:\Documents and Settings\NetworkService\s-1-5-20.rrr
[2010/09/03 17:04:47 | 000,036,962 | ---- | C] () -- C:\WINDOWS\System32\ActPanel.dll
[2010/08/22 13:51:57 | 000,245,760 | ---- | C] () -- C:\Documents and Settings\LocalService\s-1-5-19.rrr
[2010/08/18 11:26:11 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\John Kirincich\Local Settings\Application Data\packet
[2010/08/13 17:59:50 | 000,072,080 | ---- | C] () -- C:\Documents and Settings\John Kirincich\g2mdlhlpx.exe
[2010/01/25 22:39:11 | 000,000,346 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.351.32.bc
[2010/01/25 22:37:27 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010/01/12 12:03:34 | 002,292,678 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2009/12/23 00:25:24 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/11/15 01:40:46 | 000,136,504 | ---- | C] () -- C:\WINDOWS\System32\AppleOSSMgr.exe
[2009/10/25 17:02:01 | 000,767,952 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll.old
[2009/10/25 17:02:01 | 000,767,952 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll
[2009/10/08 14:08:40 | 000,000,013 | ---- | C] () -- C:\Documents and Settings\John Kirincich\BRW001DD90D42BC
[2009/10/08 14:06:14 | 000,000,010 | ---- | C] () -- C:\Documents and Settings\John Kirincich\BRW001D90D42BC
[2009/09/17 23:26:39 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\Hlinkprx.dll
[2009/09/13 19:22:06 | 000,057,896 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/08/03 16:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/08/03 16:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe
[2008/11/16 18:56:59 | 000,000,137 | ---- | C] () -- C:\Documents and Settings\John Kirincich\Local Settings\Application Data\fusioncache.dat
[2008/11/16 14:52:34 | 000,000,146 | ---- | C] () -- C:\WINDOWS\BRVIDEO.INI
[2008/11/16 14:52:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\brmx2001.ini
[2008/11/16 14:52:21 | 000,000,114 | ---- | C] () -- C:\WINDOWS\System32\brlmw03a.ini
[2008/11/16 14:52:20 | 000,009,853 | ---- | C] () -- C:\WINDOWS\HL-2170W.INI
[2008/11/16 14:52:15 | 000,000,426 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2008/11/16 14:52:15 | 000,000,034 | ---- | C] () -- C:\WINDOWS\System32\BD2170W.DAT
[2008/11/16 14:47:50 | 000,000,215 | ---- | C] () -- C:\WINDOWS\Brownie.ini
[2008/10/29 22:17:07 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\XSIChooser.exe
[2008/10/14 16:26:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QuickInstall.INI
[2008/10/13 23:33:46 | 000,027,136 | ---- | C] () -- C:\Documents and Settings\John Kirincich\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/10/11 01:12:13 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/10/10 10:37:01 | 000,000,052 | ---- | C] () -- C:\WINDOWS\System32\maxdvd2avi-ver.ini
[2008/10/10 02:30:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2008/10/10 02:28:32 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008/10/09 14:42:16 | 000,072,672 | ---- | C] () -- C:\WINDOWS\System32\drivers\LxrSII1d.sys
[2008/10/09 14:42:16 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\LxrSII1s.exe
[2008/10/08 21:45:41 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2008/10/08 21:44:36 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2008/10/08 21:28:00 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008/10/08 21:22:36 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/10/08 16:31:45 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008/10/08 16:30:20 | 006,651,032 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/10/07 09:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008/09/15 20:14:24 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/05/26 21:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/26 21:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2008/04/14 08:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2008/04/14 08:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2008/04/14 08:00:00 | 000,506,198 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2008/04/14 08:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2008/04/14 08:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2008/04/14 08:00:00 | 000,088,056 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2008/04/14 08:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2008/04/14 08:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2008/04/14 08:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2008/04/14 08:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2008/04/14 08:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2008/04/14 08:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2007/09/27 10:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 10:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 10:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2007/04/09 01:11:00 | 000,000,110 | ---- | C] () -- C:\WINDOWS\System32\E_ADDNET.DAT
[2007/03/16 17:00:00 | 000,003,403 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini

========== LOP Check ==========

[2010/11/16 18:52:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John Kirincich\Application Data\Acapela Group
[2011/01/02 01:40:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John Kirincich\Application Data\AnvSoft
[2010/09/19 01:48:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John Kirincich\Application Data\CanuckSoftware
[2010/10/12 11:57:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John Kirincich\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2009/09/27 23:59:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John Kirincich\Application Data\cYo
[2010/06/04 22:17:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John Kirincich\Application Data\DeviceDoctorSoftware
[2010/07/15 14:09:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John Kirincich\Application Data\EPSON
[2008/10/11 20:16:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John Kirincich\Application Data\HotSync
[2008/11/16 19:14:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John Kirincich\Application Data\Memeo
[2009/01/19 17:35:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John Kirincich\Application Data\PKWARE
[2011/01/20 00:58:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John Kirincich\Application Data\Registry Mechanic
[2010/06/20 20:44:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John Kirincich\Application Data\Soluto
[2010/09/05 13:33:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John Kirincich\Application Data\Stardock
[2010/12/02 23:37:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John Kirincich\Application Data\Unity
[2011/03/11 17:43:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John Kirincich\Application Data\uTorrent
[2010/06/04 21:55:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John Kirincich\Application Data\VersionTracker Pro
[2008/10/08 22:39:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John Kirincich\Application Data\Windows Desktop Search
[2008/10/09 14:28:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John Kirincich\Application Data\Windows Search
[2010/11/16 18:53:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John Kirincich\Application Data\Xtranormal
[2010/09/25 18:45:22 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2010/01/25 22:37:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\doubleTwist Corporation
[2010/06/04 22:08:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Driver Mender
[2010/01/22 19:00:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2010/07/15 13:42:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EPSON
[2008/10/11 20:16:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HotSync
[2010/06/04 22:01:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Innovative Solutions
[2008/11/16 19:15:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MemeoCommon
[2010/06/04 21:56:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCPitstop
[2009/01/19 17:35:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PKWARE
[2009/12/22 14:25:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap
[2010/11/23 02:57:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ResultBar
[2010/06/20 20:43:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Soluto
[2010/12/01 21:57:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Stardock
[2011/04/17 12:22:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2008/10/09 00:36:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2009/03/17 21:56:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2010/04/03 11:06:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/09/05 13:27:32 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{6AA53D5D-4235-46F9-BAB3-3C1AF08F4C1A}
[2009/09/12 10:53:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/04/19 22:22:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2011/04/09 15:11:08 | 000,000,462 | ---- | M] () -- C:\WINDOWS\Tasks\RMSmartUpdate.job
[2011/04/16 17:26:00 | 000,000,440 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{F3F1BA74-B0A1-4A56-97FC-2E2D38CEBA21}.job

========== Purity Check ==========

========== Custom Scans ==========

< MD5 for: NTOSKRNL.EXE >
[2008/04/14 08:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:ntoskrnl.exe
[2010/02/16 10:08:49 | 002,146,304 | ---- | M] (Microsoft Corporation) MD5=048DB3459FAB4CA741DCC84E1F374D65 -- C:\WINDOWS\$NtUninstallKB981852$\ntoskrnl.exe
[2009/12/09 00:52:36 | 002,189,312 | ---- | M] (Microsoft Corporation) MD5=05BE3D9A71972223AFF6A3C823BA51B1 -- C:\WINDOWS\$hf_mig$\KB977165\SP3QFE\ntoskrnl.exe
[2009/02/06 07:06:41 | 002,145,280 | ---- | M] (Microsoft Corporation) MD5=0CBA44D0938D57F334C0862424148B70 -- C:\WINDOWS\$NtUninstallKB971486$\ntoskrnl.exe
[2008/08/14 16:11:10 | 002,189,184 | ---- | M] (Microsoft Corporation) MD5=31914172342BFF330063F343AC6958FE -- C:\WINDOWS\$hf_mig$\KB956841\SP3QFE\ntoskrnl.exe
[2008/04/14 08:00:00 | 002,145,280 | ---- | M] (Microsoft Corporation) MD5=40F8880122A030A7E9E1FEDEA833B33D -- C:\WINDOWS\$NtUninstallKB956841$\ntoskrnl.exe
[2008/04/14 08:00:00 | 002,145,280 | ---- | M] (Microsoft Corporation) MD5=40F8880122A030A7E9E1FEDEA833B33D -- C:\WINDOWS\system32\ntoskrnl.exe
[2010/04/27 09:59:13 | 002,146,304 | ---- | M] (Microsoft Corporation) MD5=466A3E1239F4A9428797730E81A7A865 -- C:\WINDOWS\$NtUninstallKB2393802$\ntoskrnl.exe
[2010/12/09 09:38:47 | 002,192,768 | ---- | M] (Microsoft Corporation) MD5=64C1ADF6DF629F340C5A439FE0EF8ED1 -- C:\WINDOWS\system32\dllcache\ntoskrnl.exe
[2009/08/04 11:13:08 | 002,145,280 | ---- | M] (Microsoft Corporation) MD5=78FCC97CD878D4CF5B5D2158A5A7CF92 -- C:\WINDOWS\$NtUninstallKB977165$\ntoskrnl.exe
[2009/12/08 15:26:15 | 002,145,280 | ---- | M] (Microsoft Corporation) MD5=9696C553F994340CD6AA5C5A724C3A19 -- C:\WINDOWS\$NtUninstallKB979683$\ntoskrnl.exe
[2010/04/27 09:50:44 | 002,190,080 | ---- | M] (Microsoft Corporation) MD5=A2ABBEC40CDB57454645D06B7EBD22F5 -- C:\WINDOWS\$hf_mig$\KB981852\SP3QFE\ntoskrnl.exe
[2010/12/09 09:43:18 | 002,192,768 | ---- | M] (Microsoft Corporation) MD5=A531BBD3DE13121C1380ED7DC99082DB -- C:\WINDOWS\$hf_mig$\KB2393802\SP3QFE\ntoskrnl.exe
[2010/02/16 08:52:12 | 002,190,080 | ---- | M] (Microsoft Corporation) MD5=E1F653A542449D54FA2D27463D99B6B6 -- C:\WINDOWS\$hf_mig$\KB979683\SP3QFE\ntoskrnl.exe
[2009/02/07 22:35:26 | 002,189,184 | ---- | M] (Microsoft Corporation) MD5=EFE8EACE83EAAD5849A7A548FB75B584 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe
[2008/08/14 06:09:26 | 002,145,280 | ---- | M] (Microsoft Corporation) MD5=F6F8245B3A2E9CA834DD318E7AE0C6D0 -- C:\WINDOWS\$NtUninstallKB956572$\ntoskrnl.exe
[2009/08/04 09:56:10 | 002,189,312 | ---- | M] (Microsoft Corporation) MD5=FDE779EA1A564EBFE16F4E0F82B61BAD -- C:\WINDOWS\$hf_mig$\KB971486\SP3QFE\ntoskrnl.exe

< MD5 for: WIN32K.SYS >
[2009/02/09 07:13:27 | 001,846,784 | ---- | M] (Microsoft Corporation) MD5=16B961A0552BC09B9E3A338FC816FFE5 -- C:\WINDOWS\$NtUninstallKB968537$\win32k.sys
[2009/02/09 07:08:53 | 001,847,552 | ---- | M] (Microsoft Corporation) MD5=1D20198F208006C3BB5ACB50D32CFC66 -- C:\WINDOWS\$hf_mig$\KB958690\SP3QFE\win32k.sys
[2010/06/23 09:44:04 | 001,851,904 | ---- | M] (Microsoft Corporation) MD5=2F2D6B7515363E855EE44D88199ADD5F -- C:\WINDOWS\$NtUninstallKB981957$\win32k.sys
[2010/12/31 09:10:33 | 001,854,976 | ---- | M] (Microsoft Corporation) MD5=4F404415E13DDC541CB34294D266B65C -- C:\WINDOWS\system32\dllcache\win32k.sys
[2010/08/31 09:38:48 | 001,861,888 | ---- | M] (Microsoft Corporation) MD5=51420D569A883CC13D656783B2C86D8E -- C:\WINDOWS\$hf_mig$\KB981957\SP3QFE\win32k.sys
[2010/12/31 09:14:45 | 001,864,064 | ---- | M] (Microsoft Corporation) MD5=62FC2280FBEA1DCC64A276BCF71709D9 -- C:\WINDOWS\$hf_mig$\KB2479628\SP3QFE\win32k.sys
[2008/09/15 08:25:27 | 001,846,912 | ---- | M] (Microsoft Corporation) MD5=692E8FC363300FA7951594A1A7A1F193 -- C:\WINDOWS\$hf_mig$\KB954211\SP3QFE\win32k.sys
[2009/08/14 09:21:25 | 001,850,624 | ---- | M] (Microsoft Corporation) MD5=716ED09D8D9A9E1E4A03549B32B68186 -- C:\WINDOWS\$NtUninstallKB979559$\win32k.sys
[2009/04/17 06:50:18 | 001,847,808 | ---- | M] (Microsoft Corporation) MD5=7CEDA3396DECF312144BC788D699EE48 -- C:\WINDOWS\$hf_mig$\KB968537\SP3QFE\win32k.sys
[2010/05/02 02:34:15 | 001,860,352 | ---- | M] (Microsoft Corporation) MD5=A3D4A7B714D4A74B7CD4296302F1A9FA -- C:\WINDOWS\$hf_mig$\KB979559\SP3QFE\win32k.sys
[2010/08/31 09:42:52 | 001,852,800 | ---- | M] (Microsoft Corporation) MD5=A77B5764CD2106D36148CB5E5DDF6BC6 -- C:\WINDOWS\$NtUninstallKB2436673$\win32k.sys
[2009/04/17 08:26:40 | 001,847,168 | ---- | M] (Microsoft Corporation) MD5=B707EA8E261F47B51CAC6FB7AF7770F6 -- C:\WINDOWS\$NtUninstallKB969947$\win32k.sys
[2010/05/02 01:22:50 | 001,851,264 | ---- | M] (Microsoft Corporation) MD5=B9D41312F6D9FFA8D1D80488D9FDE849 -- C:\WINDOWS\$NtUninstallKB2160329$\win32k.sys
[2010/06/23 22:14:38 | 001,861,120 | ---- | M] (Microsoft Corporation) MD5=C0B2DA12C5CB448F9EA3AF16416745CB -- C:\WINDOWS\$hf_mig$\KB2160329\SP3QFE\win32k.sys
[2008/09/15 08:12:56 | 001,846,400 | ---- | M] (Microsoft Corporation) MD5=D21A189185D3A74512CC8E68F16E3FCF -- C:\WINDOWS\$NtUninstallKB958690$\win32k.sys
[2008/04/14 08:00:00 | 001,845,632 | ---- | M] (Microsoft Corporation) MD5=DE01D79A607C7B9AE7FF88E934D0FFB2 -- C:\WINDOWS\$NtUninstallKB954211$\win32k.sys
[2008/04/14 08:00:00 | 001,845,632 | ---- | M] (Microsoft Corporation) MD5=DE01D79A607C7B9AE7FF88E934D0FFB2 -- C:\WINDOWS\system32\win32k.sys
[2010/10/26 09:25:00 | 001,853,312 | ---- | M] (Microsoft Corporation) MD5=E40E572FD5DA970921A893B05FB217D9 -- C:\WINDOWS\$NtUninstallKB2479628$\win32k.sys
[2010/10/26 09:27:10 | 001,862,272 | ---- | M] (Microsoft Corporation) MD5=ED970A04FDAEAB9D9A5FA9B25E9196A8 -- C:\WINDOWS\$hf_mig$\KB2436673\SP3QFE\win32k.sys
[2009/08/14 08:19:38 | 001,859,712 | ---- | M] (Microsoft Corporation) MD5=F6B54A56F02D24BF43E72662D44A6B14 -- C:\WINDOWS\$hf_mig$\KB969947\SP3QFE\win32k.sys

========== Alternate Data Streams ==========

@Alternate Data Stream - 154 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 141 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:430C6D84
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8
< End of report >

Attached Files

Physical0MBR.bin.zip 579bytes 126 downloads

Edited by johnkirin, 18 April 2011 - 05:46 PM.

#46
johnkirin

Posted 17 April 2011 - 10:52 AM

Advertisements

#47
michaelg9

Posted 17 April 2011 - 11:18 AM

#48
johnkirin

Posted 17 April 2011 - 11:52 AM

Attached Files

#49
michaelg9

Posted 17 April 2011 - 01:13 PM

#50
johnkirin

Posted 17 April 2011 - 01:19 PM

#51
michaelg9

Posted 18 April 2011 - 08:15 AM

#52
johnkirin

Posted 18 April 2011 - 11:12 AM

Attached Files

#53
michaelg9

Posted 19 April 2011 - 06:25 AM

#54
johnkirin

Posted 19 April 2011 - 10:56 AM

Attached Files

#55
michaelg9

Posted 19 April 2011 - 12:08 PM

Advertisements

#56
johnkirin

Posted 19 April 2011 - 12:17 PM

#57
michaelg9

Posted 19 April 2011 - 04:47 PM

#58
johnkirin

Posted 19 April 2011 - 05:31 PM

#59
michaelg9

Posted 20 April 2011 - 03:22 PM

#60
johnkirin

Posted 20 April 2011 - 03:28 PM

Similar Topics

0 user(s) are reading this topic

As Featured On:

Forums

Downloads

Members

Connect With Us

Antimalware Doctor preventiing boot

#46 johnkirin Posted 17 April 2011 - 10:52 AM

Advertisements

#47 michaelg9 Posted 17 April 2011 - 11:18 AM

#48 johnkirin Posted 17 April 2011 - 11:52 AM

Attached Files

#49 michaelg9 Posted 17 April 2011 - 01:13 PM

#50 johnkirin Posted 17 April 2011 - 01:19 PM

#51 michaelg9 Posted 18 April 2011 - 08:15 AM

#52 johnkirin Posted 18 April 2011 - 11:12 AM

Attached Files

#53 michaelg9 Posted 19 April 2011 - 06:25 AM

#54 johnkirin Posted 19 April 2011 - 10:56 AM

Attached Files

#55 michaelg9 Posted 19 April 2011 - 12:08 PM

Advertisements

#56 johnkirin Posted 19 April 2011 - 12:17 PM

#57 michaelg9 Posted 19 April 2011 - 04:47 PM

#58 johnkirin Posted 19 April 2011 - 05:31 PM

#59 michaelg9 Posted 20 April 2011 - 03:22 PM

#60 johnkirin Posted 20 April 2011 - 03:28 PM

Similar Topics

0 user(s) are reading this topic

As Featured On:

Forums

Downloads

Members

Connect With Us

Sign In

#46
johnkirin

Posted 17 April 2011 - 10:52 AM

#47
michaelg9

Posted 17 April 2011 - 11:18 AM

#48
johnkirin

Posted 17 April 2011 - 11:52 AM

#49
michaelg9

Posted 17 April 2011 - 01:13 PM

#50
johnkirin

Posted 17 April 2011 - 01:19 PM

#51
michaelg9

Posted 18 April 2011 - 08:15 AM

#52
johnkirin

Posted 18 April 2011 - 11:12 AM

#53
michaelg9

Posted 19 April 2011 - 06:25 AM

#54
johnkirin

Posted 19 April 2011 - 10:56 AM

#55
michaelg9

Posted 19 April 2011 - 12:08 PM

#56
johnkirin

Posted 19 April 2011 - 12:17 PM

#57
michaelg9

Posted 19 April 2011 - 04:47 PM

#58
johnkirin

Posted 19 April 2011 - 05:31 PM

#59
michaelg9

Posted 20 April 2011 - 03:22 PM

#60
johnkirin

Posted 20 April 2011 - 03:28 PM