Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

BSOD every time PC boots

Started by Gwendolyn85 , May 01 2011 12:31 AM

Page 3 of 6
1
2
3
4
5

This topic is locked

#31
Essexboy

Posted 13 May 2011 - 12:21 PM

GeekU Moderator

Retired Staff
69,964 posts

Could you run a fresh OTL scan for me please whilst I get my recovery console instructions prepared

#32
Gwendolyn85

Posted 13 May 2011 - 01:43 PM

Member

Topic Starter
Member
42 posts

Sure, here it is:

OTL logfile created on: 5/13/2011 9:32:58 PM - Run
OTLPE by OldTimer - Version 3.1.46.0 Folder = X:

\Programs\OTLPE
Windows Vista ™ Home Basic (Version = 6.0.6000) -

Type = System
Internet Explorer (Version = 7.0.6000.17037)
Locale: 00000409 | Country: United States | Language: ENU

| Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available

Physical Memory | 86.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File |

97.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows |

%ProgramFiles% = C:\Program Files
Drive C: | 288.04 Gb Total Space | 174.88 Gb Free Space |

60.71% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 4.45 Gb Free Space |

44.50% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space |

0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off |

No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet004

========== Win32 Services (SafeList)

==========

SRV - File not found [On_Demand] -- -- (stllssvr)
SRV - [2011/04/24 17:56:40 | 000,655,624 | ---- | M]

(Acresso Software Inc.) [On_Demand] -- C:\Program Files

\Common Files\Macrovision Shared\FLEXnet Publisher

\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/04/18 13:25:10 | 000,042,184 | ---- | M]

(AVAST Software) [Auto] -- C:\Program Files\Alwil

Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/09/20 19:45:58 | 004,767,600 | ---- | M]

(Wacom Technology, Corp.) [Auto] -- C:\Program Files

\Tablet\Wacom\Wacom_Tablet.exe -- (TabletServiceWacom)
SRV - [2010/02/19 17:37:14 | 000,517,096 | ---- | M]

(Adobe Systems Incorporated) [On_Demand] -- C:\Program

Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe --

(SwitchBoard)
SRV - [2009/09/27 19:48:00 | 000,240,232 | ---- | M]

(NVIDIA Corporation) [Auto] -- C:\Program Files\NVIDIA

Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2008/02/15 12:36:06 | 000,265,912 | ---- | M]

(Microsoft Corporation) [Auto] -- C:\Program Files

\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/10/11 10:49:46 | 000,076,016 | ---- | M] ()

[On_Demand] -- C:\Program Files\DellAutomatedPCTuneUp

\brkrsvc.exe -- (DellAMBrokerService)
SRV - [2007/05/25 12:38:46 | 000,112,176 | ---- | M]

(SingleClick Systems) [Auto] -- C:\Program Files\Dell

Network Assistant\hnm_svc.exe -- (hnmsvc)
SRV - [2006/11/03 00:40:12 | 000,174,656 | ---- | M] ()

[Auto] -- C:\Windows\System32\PSIService.exe --

(ProtexisLicensing)

========== Driver Services (SafeList)

==========

DRV - File not found [Kernel | System] -- -- (SASKUTIL)
DRV - File not found [Kernel | On_Demand] -- --

(NwlnkFwd)
DRV - File not found [Kernel | On_Demand] -- --

(NwlnkFlt)
DRV - File not found [Kernel | On_Demand] -- -- (IpInIp)
DRV - [2011/04/18 13:17:46 | 000,441,176 | ---- | M]

(AVAST Software) [File_System | System] -- C:\Windows

\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/04/18 13:17:34 | 000,307,288 | ---- | M]

(AVAST Software) [Kernel | System] -- C:\Windows

\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/04/18 13:16:18 | 000,049,240 | ---- | M]

(AVAST Software) [Kernel | System] -- C:\Windows

\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/04/18 13:13:21 | 000,025,432 | ---- | M]

(AVAST Software) [Kernel | System] -- C:\Windows

\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/04/18 13:13:09 | 000,053,592 | ---- | M]

(AVAST Software) [File_System | Auto] -- C:\Windows

\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2011/04/18 13:12:58 | 000,019,544 | ---- | M]

(AVAST Software) [File_System | Auto] -- C:\Windows

\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/09/15 15:36:06 | 000,016,240 | ---- | M]

(Wacom Technology) [Kernel | On_Demand] -- C:\Windows

\System32\drivers\wacmoumonitor.sys -- (wacmoumonitor)
DRV - [2009/09/27 19:12:21 | 009,509,832 | ---- | M]

(NVIDIA Corporation) [Kernel | On_Demand] -- C:\Windows

\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009/09/21 18:29:22 | 000,014,120 | ---- | M]

(Wacom Technology) [Kernel | On_Demand] -- C:\Windows

\System32\drivers\wacomvhid.sys -- (wacomvhid)
DRV - [2008/01/20 03:07:58 | 000,033,292 | ---- | M]

(PowerISO Computing, Inc.) [Kernel | System] -- C:

\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2007/08/23 19:29:10 | 000,005,376 | --S- | M]

(Gteko Ltd.) [Kernel | Auto] -- C:\Windows

\System32\drivers\datunidr.sys -- (datunidr)
DRV - [2007/06/21 02:09:08 | 000,228,224 | ---- | M]

(Intel Corporation) [Kernel | On_Demand] -- C:\Windows

\System32\drivers\e1e6032.sys -- (e1express) Intel®
DRV - [2007/03/11 15:12:00 | 000,256,000 | ---- | M]

(Ralink Technology Inc.) [Kernel | On_Demand] -- C:

\Windows\System32\drivers\WUSB54GCx86.sys -- (netr73)
DRV - [2007/02/16 14:12:36 | 000,011,312 | ---- | M]

(Wacom Technology) [Kernel | On_Demand] -- C:\Windows

\System32\drivers\wacommousefilter.sys --

(wacommousefilter)
DRV - [2007/02/08 09:45:00 | 000,029,184 | ---- | M]

(Thesycon GmbH, Germany) [Kernel | On_Demand] -- C:

\Windows\System32\drivers\ActionReplayDS.sys --

(ActionReplayDS)
DRV - [2006/12/18 20:01:20 | 000,012,672 | ---- | M]

(SingleClick Systems) [Kernel | Auto] -- C:\Windows

\System32\drivers\packet.sys -- (Packet)
DRV - [2006/11/02 03:36:43 | 002,028,032 | ---- | M] (ATI

Technologies Inc.) [Kernel | On_Demand] -- C:\Windows

\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006/11/02 03:30:52 | 000,467,456 | ---- | M]

(Atheros Communications, Inc.) [Kernel | On_Demand] --

C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2006/10/05 17:07:28 | 000,004,736 | ---- | M]

(Gteko Ltd.) [Kernel | On_Demand] -- C:\Program Files

\DellAutomatedPCTuneUp\GTAction\triggers\PTproct.sys --

(PTproct)

========== Standard Registry (SafeList)

==========

========== Internet Explorer ==========

IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local

Page = %SystemRoot%\system32\blank.htm

IE - HKU\.DEFAULT\Software\Microsoft\Windows

\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\ECRISTY85_ON_C\Software\Microsoft\Internet

Explorer\Main,Default_Page_URL =

http://partnerpage.g...dell.com/en_us?

hl=en&client=dell-usuk&channel=us-smb&ibd=2080215
IE - HKU\Ecristy85_ON_C\Software\Microsoft\Internet

Explorer\Main,Start Page =

http://partnerpage.g...dell.com/en_us?

hl=en&client=dell-usuk&channel=us-smb&ibd=2080215
IE - HKU\Ecristy85_ON_C\Software\Microsoft\Internet

Explorer\Main,StartPageCache = 1
IE - HKU\Ecristy85_ON_C\Software\Microsoft\Windows

\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Ecristy85_ON_C\Software\Microsoft\Windows

\CurrentVersion\Internet Settings: "ProxyOverride" =

<local>

FF - HKLM\software\mozilla\Mozilla Firefox

3.6.16\extensions\\Components: C:\Program Files\Mozilla

Firefox\components [2011/03/25 07:00:41 | 000,000,000 |

---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox

3.6.16\extensions\\Plugins: C:\Program Files\Mozilla

Firefox\plugins [2011/05/09 22:05:29 | 000,000,000 | ---D

| M]

[2011/05/10 12:28:28 | 000,000,000 | ---D | M] (No name

found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/05/09 22:05:31 | 000,000,000 | ---D | M] (Java

Console) -- C:\Program Files\Mozilla Firefox\extensions

\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
[2011/03/25 07:35:50 | 000,000,000 | ---D | M] (The

Browser Highlighter) -- C:\Program Files\Mozilla Firefox

\extensions\[email protected]
[2008/01/23 02:20:30 | 000,491,520 | ---- | M] (BitComet)

-- C:\Program Files\Mozilla Firefox\plugins

\npBitCometAgent.dll
[2011/04/14 08:08:00 | 000,472,808 | ---- | M] (Sun

Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox

\plugins\npdeployJava1.dll

O1 HOSTS File: ([2011/05/09 21:55:08 | 000,000,098 | ----

| M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-

C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe

\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems

Incorporated)
O2 - BHO: (ATLAS Toolbar) - {3C6301ED-0F78-4AF2-8150-

D9C052361A8E} - C:\Program Files\ATLAS V14\ATLIECP.DLL

(FUJITSU LIMITED)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-

90988571CECB} - No CLSID value found.
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7

-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE

\BAE.dll (Dell Inc.)
O3 - HKLM\..\Toolbar: (Veoh Web Player Video Finder) -

{0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program

Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll (Veoh

Networks Inc)
O3 - HKLM\..\Toolbar: (ATLAS Toolbar) - {3C6301ED-0F78-

4AF2-8150-D9C052361A8E} - C:\Program Files\ATLAS

V14\ATLIECP.DLL (FUJITSU LIMITED)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files

\Common Files\Adobe\OOBE\PDApp\UWA

\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil

Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell

Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [ISUSScheduler] File not found
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:

\Program Files\Malwarebytes' Anti-Malware\mbam.exe

(Malwarebytes Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)]

C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

(Malwarebytes Corporation)
O4 - HKLM..\Run: [MSConfig] C:\Windows

\System32\msconfig.exe (Microsoft Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe

(Realtek Semiconductor)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common

Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems

Incorporated)
O4 - HKU\LocalService_ON_C..\Run: [WindowsWelcomeCenter]

C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\NetworkService_ON_C..\Run:

[WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll

(Microsoft Corporation)
O4 - HKU\Ecristy85_ON_C..\Run: [AdobeBridge] File not

found
O4 - Startup: Error locating startup folders.
O9 - Extra Button: ATLAS Translation - {B7707A72-4355-

11D4-82BD-00000EBBEF8D} - C:\Program Files\ATLAS

V14\atlscript.html ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 []

- C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer,

Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}

http://java.sun.com/...stall-1_6_0_25-

windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}

http://java.sun.com/...-1_6_0-windows-

i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}

http://java.sun.com/...stall-1_6_0_07-

windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}

http://java.sun.com/...stall-1_6_0_25-

windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}

http://java.sun.com/...stall-1_6_0_25-

windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}

http://platformdl.ad...Plus/1.6/gp.cab

(Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters:

DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-

A4D1-FBDDE494F8D1} - File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-

9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype

\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows

\explorer.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 |

---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 |

R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not

found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within

30 Days ==========

[2011/05/10 13:48:11 | 000,000,000 | ---D | C] -- C:

\Windows\Registration
[2011/05/10 12:41:48 | 000,000,000 | ---D | C] -- C:

\Users\Ecristy85\AppData\Local\Temp(23)
[2011/05/10 12:41:48 | 000,000,000 | ---D | C] -- C:

\Windows\temp
[2011/05/10 12:33:30 | 000,000,000 | ---D | C] -- C:

\Qoobox
[2011/05/10 09:04:42 | 000,000,000 | ---D | C] -- C:

\Windows\Sun
[2011/05/09 22:37:14 | 000,000,000 | ---D | C] -- C:

\found.000
[2011/05/09 22:28:47 | 000,000,000 | ---D | C] -- C:

\ProgramData\Microsoft\Windows\Start Menu\Programs\Puran

Defrag
[2011/05/09 22:28:47 | 000,000,000 | ---D | C] -- C:

\Program Files\Puran Defrag
[2011/05/09 22:27:46 | 002,733,484 | ---- | C] (Puran

Software )

-- C:\Users\Ecristy85\Desktop\PuranDefragSetup.exe
[2011/05/09 22:05:29 | 000,472,808 | ---- | C] (Sun

Microsystems, Inc.) -- C:\Windows

\System32\deployJava1.dll
[2011/05/09 22:05:29 | 000,157,472 | ---- | C] (Sun

Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011/05/09 22:05:28 | 000,145,184 | ---- | C] (Sun

Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011/05/09 22:05:28 | 000,145,184 | ---- | C] (Sun

Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2011/05/09 21:54:43 | 000,886,560 | ---- | C] (Sun

Microsystems, Inc.) -- C:\Users\Ecristy85\Desktop

\jxpiinstall.exe
[2011/05/09 21:53:51 | 000,580,608 | ---- | C] (OldTimer

Tools) -- C:\Users\Ecristy85\Desktop\OTL.exe
[2011/05/09 19:08:56 | 000,000,000 | ---D | C] -- C:

\Windows\System32\EventProviders
[2011/05/08 04:57:20 | 000,000,000 | ---D | C] -- C:

\Program Files\Project64 1.6
[2011/05/07 21:14:45 | 000,000,000 | ---D | C] -- C:

\Users\Ecristy85\AppData\Roaming

\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1
[2011/05/07 21:14:41 | 000,000,000 | ---D | C] -- C:

\Program Files\TweetDeck
[2011/05/07 17:46:38 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/05/07 16:52:58 | 000,441,176 | ---- | C] (AVAST

Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2011/05/06 12:19:16 | 000,100,480 | ---- | C] (GMER) --

C:\uxlyapog.sys
[2011/04/29 00:45:15 | 000,000,000 | ---D | C] -- C:

\Users\Ecristy85\Documents\Adobe Scripts
[2011/04/24 17:56:01 | 000,000,000 | ---D | C] -- C:

\ProgramData\Rosetta Stone
[2011/04/21 01:05:38 | 000,000,000 | ---D | C] -- C:

\Program Files\ScummVM
[2011/04/13 21:52:29 | 000,000,000 | ---D | C] -- C:

\Users\Ecristy85\Desktop\Legend of Zelda, The - The

Minish Cap

========== Files - Modified Within 30 Days

==========

[2011/05/13 21:38:24 | 000,162,058 | ---- | M] () -- C:

\ProgramData\nvModes.dat
[2011/05/13 21:38:22 | 000,162,058 | ---- | M] () -- C:

\ProgramData\nvModes.001
[2011/05/13 21:38:04 | 000,003,456 | -H-- | M] () -- C:

\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-

2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/05/13 21:38:04 | 000,003,456 | -H-- | M] () -- C:

\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-

2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/05/13 21:37:44 | 000,067,584 | --S- | M] () -- C:

\Windows\bootstat.dat
[2011/05/13 21:37:29 | 2145,570,816 | -HS- | M] () -- C:

\hiberfil.sys
[2011/05/10 13:42:23 | 000,000,000 | ---D | M] -- C:

\ProgramData\Microsoft\Windows\Start Menu\Programs\Puran

Defrag
[2011/05/10 11:33:19 | 000,009,160 | ---- | M] () -- C:

\Users\Ecristy85\AppData\Local\d3d9caps.dat
[2011/05/10 00:33:48 | 000,000,017 | ---- | M] () -- C:

\Windows\System32\npd6.d
[2011/05/09 22:29:19 | 000,000,012 | ---- | M] () -- C:

\Windows\bthservsdp.dat
[2011/05/09 22:28:13 | 002,733,484 | ---- | M] (Puran

Software )

-- C:\Users\Ecristy85\Desktop\PuranDefragSetup.exe
[2011/05/09 22:06:35 | 000,627,090 | ---- | M] () -- C:

\Windows\System32\perfh009.dat
[2011/05/09 22:06:35 | 000,110,236 | ---- | M] () -- C:

\Windows\System32\perfc009.dat
[2011/05/09 21:55:08 | 000,000,098 | ---- | M] () -- C:

\Windows\System32\drivers\etc\Hosts
[2011/05/09 21:54:49 | 000,886,560 | ---- | M] (Sun

Microsystems, Inc.) -- C:\Users\Ecristy85\Desktop

\jxpiinstall.exe
[2011/05/09 21:53:58 | 000,580,608 | ---- | M] (OldTimer

Tools) -- C:\Users\Ecristy85\Desktop\OTL.exe
[2011/05/08 20:05:11 | 000,079,360 | ---- | M] () -- C:

\Users\Ecristy85\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-

E0D61DEA3FDF.ini
[2011/05/07 21:14:42 | 000,000,776 | ---- | M] () -- C:

\ProgramData\Microsoft\Windows\Start Menu\Programs

\TweetDeck.lnk
[2011/05/07 16:52:58 | 000,002,577 | ---- | M] () -- C:

\Windows\System32\config.nt
[2011/05/07 14:45:22 | 003,834,248 | ---- | M] () -- C:

\Windows\System32\FNTCACHE.DAT
[2011/05/07 14:41:56 | 416,964,112 | ---- | M] () -- C:

\Windows\MEMORY.DMP
[2011/05/06 12:19:16 | 000,100,480 | ---- | M] (GMER) --

C:\uxlyapog.sys
[2011/04/21 01:14:41 | 000,000,296 | ---- | M] () -- C:

\Windows\scummvm.ini
[2011/04/18 13:25:12 | 000,040,112 | ---- | M] (AVAST

Software) -- C:\Windows\avastSS.scr
[2011/04/18 13:25:10 | 000,199,304 | ---- | M] (AVAST

Software) -- C:\Windows\System32\aswBoot.exe
[2011/04/18 13:17:46 | 000,441,176 | ---- | M] (AVAST

Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2011/04/18 13:17:34 | 000,307,288 | ---- | M] (AVAST

Software) -- C:\Windows\System32\drivers\aswSP.sys
[2011/04/18 13:16:18 | 000,049,240 | ---- | M] (AVAST

Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2011/04/18 13:13:21 | 000,025,432 | ---- | M] (AVAST

Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2011/04/18 13:13:09 | 000,053,592 | ---- | M] (AVAST

Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2011/04/18 13:12:58 | 000,019,544 | ---- | M] (AVAST

Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2011/04/14 08:08:11 | 000,157,472 | ---- | M] (Sun

Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011/04/14 08:08:10 | 000,145,184 | ---- | M] (Sun

Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011/04/14 08:08:09 | 000,145,184 | ---- | M] (Sun

Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2011/04/14 08:07:59 | 000,472,808 | ---- | M] (Sun

Microsystems, Inc.) -- C:\Windows

\System32\deployJava1.dll

========== Files Created - No Company Name

==========

[2011/05/11 14:54:37 | 2145,570,816 | -HS- | C] () -- C:

\hiberfil.sys
[2011/05/09 22:28:55 | 000,000,017 | ---- | C] () -- C:

\Windows\System32\npd6.d
[2011/05/07 21:14:42 | 000,000,776 | ---- | C] () -- C:

\ProgramData\Microsoft\Windows\Start Menu\Programs

\TweetDeck.lnk
[2011/04/21 01:05:40 | 000,000,296 | ---- | C] () -- C:

\Windows\scummvm.ini
[2011/04/10 02:31:26 | 000,005,394 | -HS- | C] () -- C:

\Users\Ecristy85\AppData\Local

\ir806823nm0e02u0748c4iw4onj73w34x6m56pw625
[2010/12/15 04:04:37 | 000,000,000 | ---- | C] () -- C:

\Windows\FlipBook.INI
[2010/12/08 04:22:46 | 000,015,802 | ---- | C] () -- C:

\Users\Ecristy85\AppData\Roaming\9998.D5C
[2010/10/01 21:24:52 | 000,162,058 | ---- | C] () -- C:

\ProgramData\nvModes.dat
[2010/10/01 21:24:52 | 000,162,058 | ---- | C] () -- C:

\ProgramData\nvModes.001
[2010/09/23 02:50:03 | 000,000,600 | ---- | C] () -- C:

\Users\Ecristy85\AppData\Local\PUTTY.RND
[2010/09/02 00:12:17 | 000,000,256 | -H-- | C] () -- C:

\Windows\System32\LTAW14FN.BIN
[2010/09/02 00:12:17 | 000,000,256 | -H-- | C] () -- C:

\Windows\System32\FJLTAFOU.BIN
[2010/07/10 02:54:04 | 000,165,376 | ---- | C] () -- C:

\Windows\System32\unrar.dll
[2010/07/10 02:54:03 | 000,000,038 | ---- | C] () -- C:

\Windows\avisplitter.ini
[2010/07/10 02:54:01 | 000,790,528 | ---- | C] () -- C:

\Windows\System32\xvidcore.dll
[2010/07/10 02:54:01 | 000,134,144 | ---- | C] () -- C:

\Windows\System32\xvidvfw.dll
[2010/07/10 02:54:00 | 000,108,032 | ---- | C] () -- C:

\Windows\System32\ff_vfw.dll
[2009/08/03 03:21:54 | 000,197,912 | ---- | C] () -- C:

\Windows\System32\physxcudart_20.dll
[2009/08/03 03:21:54 | 000,058,648 | ---- | C] () -- C:

\Windows\System32\AgCPanelTraditionalChinese.dll
[2009/08/03 03:21:54 | 000,058,648 | ---- | C] () -- C:

\Windows\System32\AgCPanelSwedish.dll
[2009/08/03 03:21:54 | 000,058,648 | ---- | C] () -- C:

\Windows\System32\AgCPanelSpanish.dll
[2009/08/03 03:21:54 | 000,058,648 | ---- | C] () -- C:

\Windows\System32\AgCPanelSimplifiedChinese.dll
[2009/08/03 03:21:54 | 000,058,648 | ---- | C] () -- C:

\Windows\System32\AgCPanelPortugese.dll
[2009/08/03 03:21:54 | 000,058,648 | ---- | C] () -- C:

\Windows\System32\AgCPanelKorean.dll
[2009/08/03 03:21:54 | 000,058,648 | ---- | C] () -- C:

\Windows\System32\AgCPanelJapanese.dll
[2009/08/03 03:21:52 | 000,058,648 | ---- | C] () -- C:

\Windows\System32\AgCPanelGerman.dll
[2009/08/03 03:21:52 | 000,058,648 | ---- | C] () -- C:

\Windows\System32\AgCPanelFrench.dll
[2009/04/25 00:15:29 | 000,000,056 | -H-- | C] () -- C:

\ProgramData\ezsidmv.dat
[2009/03/31 02:10:56 | 000,395,776 | ---- | C] () -- C:

\Windows\System32\libmplayer.dll
[2009/03/31 02:10:56 | 000,262,144 | ---- | C] () -- C:

\Windows\System32\TomsMoComp_ff.dll
[2009/03/31 02:10:56 | 000,112,640 | ---- | C] () -- C:

\Windows\System32\libmpeg2_ff.dll
[2009/03/31 02:10:55 | 002,255,360 | ---- | C] () -- C:

\Windows\System32\libavcodec.dll
[2009/03/17 02:47:13 | 000,000,069 | ---- | C] () -- C:

\Windows\NeroDigital.ini
[2009/03/17 02:05:06 | 000,000,022 | ---- | C] () -- C:

\Windows\pspvc_path.ini
[2009/01/27 02:32:49 | 000,000,094 | ---- | C] () -- C:

\Users\Ecristy85\AppData\Local\fusioncache.dat
[2008/09/23 00:56:25 | 000,127,767 | ---- | C] () -- C:

\Windows\hpgins24.dat.temp
[2008/09/23 00:56:25 | 000,000,308 | ---- | C] () -- C:

\Windows\hpgmdl24.dat.temp
[2008/09/22 23:42:08 | 000,127,762 | ---- | C] () -- C:

\Windows\hpgins24.dat
[2008/09/22 23:42:08 | 000,000,308 | ---- | C] () -- C:

\Windows\hpgmdl24.dat
[2008/08/23 02:32:45 | 000,921,600 | ---- | C] () -- C:

\Windows\System32\vorbisenc.dll
[2008/08/23 02:32:45 | 000,237,568 | ---- | C] () -- C:

\Windows\System32\OggDS.dll
[2008/08/23 02:32:45 | 000,188,416 | ---- | C] () -- C:

\Windows\System32\vorbis.dll
[2008/08/23 02:32:45 | 000,045,056 | ---- | C] () -- C:

\Windows\System32\ogg.dll
[2008/07/26 01:55:06 | 000,000,012 | ---- | C] () -- C:

\Windows\bthservsdp.dat
[2008/05/12 21:53:16 | 003,596,288 | ---- | C] () -- C:

\Windows\System32\qt-dx331.dll
[2008/05/12 21:50:08 | 000,831,488 | ---- | C] () -- C:

\Windows\System32\divx_xx0a.dll
[2008/05/12 21:49:02 | 000,012,288 | ---- | C] () -- C:

\Windows\System32\DivXWMPExtType.dll
[2008/04/19 02:11:21 | 000,022,328 | ---- | C] () -- C:

\Users\Ecristy85\AppData\Roaming\PnkBstrK.sys
[2008/03/23 17:51:51 | 000,000,120 | ---- | C] () -- C:

\Windows\wininit.ini
[2008/03/07 14:30:02 | 000,000,952 | -HS- | C] () -- C:

\Windows\System32\KGyGaAvL.sys
[2008/03/07 14:30:02 | 000,000,088 | RHS- | C] () -- C:

\Windows\System32\B23C669194.sys
[2008/02/26 02:50:03 | 000,000,000 | ---- | C] () -- C:

\Windows\nsreg.dat
[2008/02/26 01:09:41 | 000,001,361 | ---- | C] () -- C:

\Windows\System32\WLAN.INI
[2008/02/24 19:23:54 | 000,009,160 | ---- | C] () -- C:

\Users\Ecristy85\AppData\Local\d3d9caps.dat
[2008/02/23 16:54:00 | 000,079,360 | ---- | C] () -- C:

\Users\Ecristy85\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-

E0D61DEA3FDF.ini
[2008/02/15 12:41:57 | 001,238,832 | ---- | C] () -- C:

\Windows\System32\igmedkrn.dll
[2008/02/15 12:41:57 | 000,147,456 | ---- | C] () -- C:

\Windows\System32\igfxCoIn_v1322.dll
[2008/02/15 12:41:57 | 000,104,636 | ---- | C] () -- C:

\Windows\System32\igmedcompkrn.dll
[2008/02/15 12:41:56 | 000,249,856 | ---- | C] () -- C:

\Windows\System32\igfxTMM.dll
[2008/02/15 04:58:58 | 000,000,859 | ---- | C] () -- C:

\Windows\{0240BDFB-2995-4A3F-8C96-18D41282B716}

_WiseFW.ini
[2006/11/10 18:02:53 | 000,000,000 | ---- | C] () -- C:

\Windows\System32\atiicdxx.dat
[2006/11/03 00:40:12 | 000,174,656 | ---- | C] () -- C:

\Windows\System32\PSIService.exe
[2006/11/02 08:53:49 | 000,067,584 | --S- | C] () -- C:

\Windows\bootstat.dat
[2006/11/02 08:44:53 | 003,834,248 | ---- | C] () -- C:

\Windows\System32\FNTCACHE.DAT
[2006/11/02 06:33:01 | 000,627,090 | ---- | C] () -- C:

\Windows\System32\perfh009.dat
[2006/11/02 06:33:01 | 000,287,440 | ---- | C] () -- C:

\Windows\System32\perfi009.dat
[2006/11/02 06:33:01 | 000,110,236 | ---- | C] () -- C:

\Windows\System32\perfc009.dat
[2006/11/02 06:33:01 | 000,030,674 | ---- | C] () -- C:

\Windows\System32\perfd009.dat
[2006/11/02 06:25:44 | 000,159,744 | ---- | C] () -- C:

\Windows\System32\atitmmxx.dll
[2006/11/02 06:23:21 | 000,215,943 | ---- | C] () -- C:

\Windows\System32\dssec.dat
[2006/11/02 04:58:30 | 000,043,131 | ---- | C] () -- C:

\Windows\mib.bin
[2006/11/02 04:19:00 | 000,000,741 | ---- | C] () -- C:

\Windows\System32\NOISE.DAT
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:

\Windows\System32\pacerprf.ini
[2006/11/02 03:25:31 | 000,673,088 | ---- | C] () -- C:

\Windows\System32\mlang.dat
[2006/11/02 03:22:43 | 000,099,999 | ---- | C] () -- C:

\Windows\System32\StructuredQuerySchema.bin
[2006/11/02 03:22:43 | 000,018,271 | ---- | C] () -- C:

\Windows\System32\StructuredQuerySchemaTrivial.bin
[2006/03/18 09:16:04 | 000,540,178 | ---- | C] () -- C:

\Windows\System32\x264vfw.dll

========== LOP Check ==========

[2008/02/24 19:33:04 | 000,000,000 | ---D | M] -- C:

\Users\Ecristy85\AppData\Roaming\ACD Systems
[2010/02/23 02:44:18 | 000,000,000 | ---D | M] -- C:

\Users\Ecristy85\AppData\Roaming\calibre
[2010/09/15 03:50:35 | 000,000,000 | ---D | M] -- C:

\Users\Ecristy85\AppData\Roaming

\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/05/10 13:42:26 | 000,000,000 | ---D | M] -- C:

\Users\Ecristy85\AppData\Roaming\DAEMON Tools
[2010/05/15 00:54:52 | 000,000,000 | ---D | M] -- C:

\Users\Ecristy85\AppData\Roaming\Downloaded Installations
[2010/12/08 03:51:06 | 000,000,000 | ---D | M] -- C:

\Users\Ecristy85\AppData\Roaming\FileZilla
[2010/09/02 00:12:41 | 000,000,000 | ---D | M] -- C:

\Users\Ecristy85\AppData\Roaming\Fujitsu
[2011/05/10 13:42:26 | 000,000,000 | ---D | M] -- C:

\Users\Ecristy85\AppData\Roaming\GetRightToGo
[2008/09/26 14:22:54 | 000,000,000 | ---D | M] -- C:

\Users\Ecristy85\AppData\Roaming\Image Zone Express
[2011/03/12 20:08:46 | 000,000,000 | ---D | M] -- C:

\Users\Ecristy85\AppData\Roaming\Leawo
[2008/06/11 15:53:57 | 000,000,000 | ---D | M] -- C:

\Users\Ecristy85\AppData\Roaming\Lost Marble
[2010/05/07 01:05:49 | 000,000,000 | ---D | M] -- C:

\Users\Ecristy85\AppData\Roaming\LucasArts
[2011/01/07 16:30:28 | 000,000,000 | ---D | M] -- C:

\Users\Ecristy85\AppData\Roaming\mkvtoolnix
[2011/03/12 20:08:49 | 000,000,000 | ---D | M] -- C:

\Users\Ecristy85\AppData\Roaming\Moyea
[2011/05/10 13:42:30 | 000,000,000 | ---D | M] -- C:

\Users\Ecristy85\AppData\Roaming\Mp3tag
[2010/07/31 02:10:22 | 000,000,000 | ---D | M] -- C:

\Users\Ecristy85\AppData\Roaming\ONScripter-En
[2009/02/09 03:58:47 | 000,000,000 | ---D | M] -- C:

\Users\Ecristy85\AppData\Roaming\OpenOffice.org
[2011/03/25 04:24:33 | 000,000,000 | ---D | M] -- C:

\Users\Ecristy85\AppData\Roaming\Opera
[2008/09/22 23:56:53 | 000,000,000 | ---D | M] -- C:

\Users\Ecristy85\AppData\Roaming\Printer Info Cache
[2011/03/08 04:17:59 | 000,000,000 | ---D | M] -- C:

\Users\Ecristy85\AppData\Roaming\REMEMBER11
[2009/04/29 19:21:48 | 000,000,000 | ---D | M] -- C:

\Users\Ecristy85\AppData\Roaming\RenPy
[2011/05/10 13:42:30 | 000,000,000 | ---D | M] -- C:

\Users\Ecristy85\AppData\Roaming\ScummVM
[2010/09/22 00:11:15 | 000,000,000 | ---D | M] -- C:

\Users\Ecristy85\AppData\Roaming

\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2009/09/05 22:13:38 | 000,000,000 | ---D | M] -- C:

\Users\Ecristy85\AppData\Roaming\TAGIRI
[2011/05/07 21:14:45 | 000,000,000 | ---D | M] -- C:

\Users\Ecristy85\AppData\Roaming

\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1
[2011/05/10 13:42:30 | 000,000,000 | ---D | M] -- C:

\Users\Ecristy85\AppData\Roaming\uTorrent
[2008/02/24 19:32:34 | 000,000,000 | ---D | M] -- C:

\ProgramData\ACD Systems
[2010/12/03 19:24:03 | 000,000,000 | ---D | M] -- C:

\ProgramData\Alwil Software
[2008/02/23 16:48:13 | 000,000,000 | -HSD | M] -- C:

\ProgramData\Application Data
[2008/02/27 16:11:09 | 000,000,000 | -H-D | M] -- C:

\ProgramData\CanonBJ
[2008/02/23 16:48:13 | 000,000,000 | -HSD | M] -- C:

\ProgramData\Desktop
[2008/02/23 16:48:13 | 000,000,000 | -HSD | M] -- C:

\ProgramData\Documents
[2008/02/23 16:48:13 | 000,000,000 | -HSD | M] -- C:

\ProgramData\Favorites
[2009/08/20 02:38:42 | 000,000,000 | ---D | M] -- C:

\ProgramData\Higurashi-demo
[2011/02/28 22:03:19 | 000,000,000 | ---D | M] -- C:

\ProgramData\hJnFcPi05200
[2011/03/12 20:08:35 | 000,000,000 | ---D | M] -- C:

\ProgramData\Leawo
[2011/02/23 02:32:57 | 000,000,000 | ---D | M] -- C:

\ProgramData\ONScripter-828a2b
[2009/08/20 01:38:46 | 000,000,000 | ---D | M] -- C:

\ProgramData\ONScripter-En
[2010/08/10 14:18:27 | 000,000,000 | ---D | M] -- C:

\ProgramData\PopCap Games
[2010/09/15 03:42:47 | 000,000,000 | ---D | M] -- C:

\ProgramData\regid.1986-12.com.adobe
[2011/04/29 16:21:44 | 000,000,000 | ---D | M] -- C:

\ProgramData\Rosetta Stone
[2008/02/15 04:59:00 | 000,000,000 | ---D | M] -- C:

\ProgramData\SingleClick Systems
[2008/02/23 16:48:13 | 000,000,000 | -HSD | M] -- C:

\ProgramData\Start Menu
[2008/02/15 05:00:45 | 000,000,000 | ---D | M] -- C:

\ProgramData\SupportSoft
[2011/02/27 17:34:26 | 000,000,000 | ---D | M] -- C:

\ProgramData\TEMP
[2008/02/23 16:48:13 | 000,000,000 | -HSD | M] -- C:

\ProgramData\Templates
[2008/04/19 02:11:49 | 000,000,000 | ---D | M] -- C:

\ProgramData\Ubisoft
[2011/02/23 02:34:39 | 000,000,000 | ---D | M] -- C:

\ProgramData\Umineko4final
[2011/01/28 15:49:32 | 000,000,000 | ---D | M] -- C:

\ProgramData\Umineko6
[2011/05/09 22:29:21 | 000,032,576 | ---- | M] () -- C:

\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Alternate Data Streams

==========

@Alternate Data Stream - 113 bytes -> C:\ProgramData

\TEMP:62E2D794
< End of report >

#33
Essexboy

Posted 13 May 2011 - 02:08 PM

GeekU Moderator

Retired Staff
69,964 posts

Download the recovery console ISO from Here
Also download Imgburn from here and install

Once Imgburn is installed double click the ISO to burn to disc

Insert the disc and select start from the cd
Select Repair your computer.
Select the operating system you want to repair, and then click Next.
Select Startup repair

Allow it to do its thing and then try a reboot to normal windows

#34
Gwendolyn85

Posted 13 May 2011 - 08:20 PM

Member

Topic Starter
Member
42 posts

Ok I rebooted my pc with the new ISO cd in and followed the steps, but this message come sup "Startup Repair could not detect a problem"

#35
Essexboy

Posted 14 May 2011 - 05:27 AM

GeekU Moderator

Retired Staff
69,964 posts

Next option

Insert the disc and select start from the cd
Select Repair your computer.
Select the operating system you want to repair, and then click Next.
Select command prompt
Type in the following command

Bootrec.exe /FixMbr
Once finished type Exit

#36
Gwendolyn85

Posted 17 May 2011 - 02:51 PM

Member

Topic Starter
Member
42 posts

Sorry for the late reply, I've been up to my neck with school's finals; here's a screenshot of what happens when I typed Bootrec.exe /FixMbr

the sentence "The operation completed successfully" comes up instantly after I type and hit enter; I tried booting the PC normally but nothing changed.

#37
Essexboy

Posted 17 May 2011 - 02:54 PM

GeekU Moderator

Retired Staff
69,964 posts

No problem - are you able to access safe mode ?
Or at least the menu

#38
Gwendolyn85

Posted 17 May 2011 - 03:40 PM

Member

Topic Starter
Member
42 posts

Yeah I can access the menu; only if I choose safe mode (with or without networking) I still get a black screen with only the mouse cursor in it.

#39
Essexboy

Posted 18 May 2011 - 10:42 AM

GeekU Moderator

Retired Staff
69,964 posts

Is there an option entitled last known good ?

If so select that

#40
Gwendolyn85

Posted 18 May 2011 - 10:09 PM

Member

Topic Starter
Member
42 posts

No, there's only:

"safe mode"
"safe mode with networking"
safe mode with command prompt"
"start windows normally"

#41
Essexboy

Posted 19 May 2011 - 10:45 AM

GeekU Moderator

Retired Staff
69,964 posts

Could you run me a fresh OTL scan please form the CD and I will see if there are any drivers that appear corrupt..

#42
Gwendolyn85

Posted 19 May 2011 - 12:59 PM

Member

Topic Starter
Member
42 posts

Sure no problem, here it is:

OTL logfile created on: 5/19/2011 9:26:02 PM - Run
OTLPE by OldTimer - Version 3.1.46.0 Folder = X:\Programs\OTLPE
Windows Vista ™ Home Basic (Version = 6.0.6000) - Type = System
Internet Explorer (Version = 7.0.6000.17037)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 86.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 97.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 288.04 Gb Total Space | 175.86 Gb Free Space | 61.05% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 4.45 Gb Free Space | 44.50% Space Free | Partition Type: NTFS
Drive F: | 3.73 Gb Total Space | 2.08 Gb Free Space | 55.78% Space Free | Partition Type: FAT32
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet004

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand] -- -- (stllssvr)
SRV - [2011/04/24 17:56:40 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/04/18 13:25:10 | 000,042,184 | ---- | M] (AVAST Software) [Auto] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/09/20 19:45:58 | 004,767,600 | ---- | M] (Wacom Technology, Corp.) [Auto] -- C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe -- (TabletServiceWacom)
SRV - [2010/02/19 17:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/09/27 19:48:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) [Auto] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2008/02/15 12:36:06 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/10/11 10:49:46 | 000,076,016 | ---- | M] () [On_Demand] -- C:\Program Files\DellAutomatedPCTuneUp\brkrsvc.exe -- (DellAMBrokerService)
SRV - [2007/05/25 12:38:46 | 000,112,176 | ---- | M] (SingleClick Systems) [Auto] -- C:\Program Files\Dell Network Assistant\hnm_svc.exe -- (hnmsvc)
SRV - [2006/11/03 00:40:12 | 000,174,656 | ---- | M] () [Auto] -- C:\Windows\System32\PSIService.exe -- (ProtexisLicensing)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | System] -- -- (SASKUTIL)
DRV - File not found [Kernel | On_Demand] -- -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand] -- -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand] -- -- (IpInIp)
DRV - [2011/04/18 13:17:46 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/04/18 13:17:34 | 000,307,288 | ---- | M] (AVAST Software) [Kernel | System] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/04/18 13:16:18 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/04/18 13:13:21 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/04/18 13:13:09 | 000,053,592 | ---- | M] (AVAST Software) [File_System | Auto] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2011/04/18 13:12:58 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/09/15 15:36:06 | 000,016,240 | ---- | M] (Wacom Technology) [Kernel | On_Demand] -- C:\Windows\System32\drivers\wacmoumonitor.sys -- (wacmoumonitor)
DRV - [2009/09/27 19:12:21 | 009,509,832 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009/09/21 18:29:22 | 000,014,120 | ---- | M] (Wacom Technology) [Kernel | On_Demand] -- C:\Windows\System32\drivers\wacomvhid.sys -- (wacomvhid)
DRV - [2008/01/20 03:07:58 | 000,033,292 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2007/08/23 19:29:10 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto] -- C:\Windows\System32\drivers\datunidr.sys -- (datunidr)
DRV - [2007/06/21 02:09:08 | 000,228,224 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel®
DRV - [2007/03/11 15:12:00 | 000,256,000 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\WUSB54GCx86.sys -- (netr73)
DRV - [2007/02/16 14:12:36 | 000,011,312 | ---- | M] (Wacom Technology) [Kernel | On_Demand] -- C:\Windows\System32\drivers\wacommousefilter.sys -- (wacommousefilter)
DRV - [2007/02/08 09:45:00 | 000,029,184 | ---- | M] (Thesycon GmbH, Germany) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ActionReplayDS.sys -- (ActionReplayDS)
DRV - [2006/12/18 20:01:20 | 000,012,672 | ---- | M] (SingleClick Systems) [Kernel | Auto] -- C:\Windows\System32\drivers\packet.sys -- (Packet)
DRV - [2006/11/02 03:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006/11/02 03:30:52 | 000,467,456 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2006/10/05 17:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand] -- C:\Program Files\DellAutomatedPCTuneUp\GTAction\triggers\PTproct.sys -- (PTproct)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Ecristy85_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://partnerpage.g...smb&ibd=2080215
IE - HKU\Ecristy85_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page =
http://partnerpage.g...smb&ibd=2080215
IE - HKU\Ecristy85_ON_C\Software\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\Ecristy85_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Ecristy85_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/03/25 07:00:41 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/05/09 22:05:29 | 000,000,000 | ---D | M]
[2011/05/10 12:28:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/05/09 22:05:31 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
[2011/03/25 07:35:50 | 000,000,000 | ---D | M] (The Browser Highlighter) -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
[2008/01/23 02:20:30 | 000,491,520 | ---- | M] (BitComet) -- C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll
[2011/04/14 08:08:00 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2011/05/09 21:55:08 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (ATLAS Toolbar) - {3C6301ED-0F78-4AF2-8150-D9C052361A8E} - C:\Program Files\ATLAS V14\ATLIECP.DLL (FUJITSU
LIMITED)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O3 - HKLM\..\Toolbar: (Veoh Web Player Video Finder) - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\VeohNetworks\VeohWebPlayer\VeohIEToolbar.dll (Veoh Networks Inc)
O3 - HKLM\..\Toolbar: (ATLAS Toolbar) - {3C6301ED-0F78-4AF2-8150-D9C052361A8E} - C:\Program Files\ATLAS V14\ATLIECP.DLL (FUJITSU LIMITED)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [ISUSScheduler] File not found
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MSConfig] C:\Windows\System32\msconfig.exe (Microsoft Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKU\LocalService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\NetworkService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\Ecristy85_ON_C..\Run: [AdobeBridge] File not found
O4 - Startup: Error locating startup folders.
O9 - Extra Button: ATLAS Translation - {B7707A72-4355-11D4-82BD-00000EBBEF8D} - C:\Program Files\ATLAS V14\atlscript.html ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

Drivers32: msacm.ac3acm - C:\Windows\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3fhg - C:\Windows\System32\mp3fhg.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: VIDC.XVID - C:\Windows\System32\xvidvfw.dll ()
Drivers32: vidc.yv12 - C:\Windows\System32\yv12vfw.dll (www.helixcommunity.org)

MsConfig - StartUpReg: AdobeCS5ServiceManager - hkey= - key= - C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: AVG8_TRAY - hkey= - key= - File not found
MsConfig - StartUpReg: BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - hkey= - key= - C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe (Nero AG)
MsConfig - StartUpReg: DAEMON Tools Lite - hkey= - key= - C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
MsConfig - StartUpReg: esmwfrsv - hkey= - key= - File not found
MsConfig - StartUpReg: MsnMsgr - hkey= - key= - C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe (Microsoft Corporation)
MsConfig - StartUpReg: NBKeyScan - hkey= - key= - C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
MsConfig - StartUpReg: NeroFilterCheck - hkey= - key= - C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe (Nero AG)
MsConfig - StartUpReg: PDVDDXSrv - hkey= - key= - C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
MsConfig - StartUpReg: PWRISOVM.EXE - hkey= - key= - C:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - File not found
MsConfig - StartUpReg: Skype - hkey= - key= - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
MsConfig - StartUpReg: SUPERAntiSpyware - hkey= - key= - File not found
MsConfig - StartUpReg: VeohPlugin - hkey= - key= - C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe (Veoh Networks)
MsConfig - StartUpReg: Windows Defender - hkey= - key= - File not found
MsConfig - StartUpReg: WindowsWelcomeCenter - hkey= - key= - File not found
MsConfig - State: "services" - 2
MsConfig - State: "startup" - 2

SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: klmdb.sys - Driver
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: klmdb.sys - Driver
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5E424E23-FB11-EB9F-1A18-7F70242F17E4} - Java (Sun)
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {DAA94A2A-2A8D-4D3B-9DB8-56FBECED082D} - Microsoft .NET Framework 1.1 Security Update (KB953297)
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

========== Files/Folders - Created Within 30 Days ==========

[2011/05/10 13:48:11 | 000,000,000 | ---D | C] -- C:\Windows\Registration
[2011/05/10 12:41:48 | 000,000,000 | ---D | C] -- C:\Users\Ecristy85\AppData\Local\Temp(23)
[2011/05/10 12:41:48 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2011/05/10 12:33:30 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/05/10 09:04:42 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2011/05/09 22:37:14 | 000,000,000 | ---D | C] -- C:\found.000
[2011/05/09 22:28:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Puran Defrag
[2011/05/09 22:28:47 | 000,000,000 | ---D | C] -- C:\Program Files\Puran Defrag
[2011/05/09 22:27:46 | 002,733,484 | ---- | C] (Puran Software ) -- C:

\Users\Ecristy85\Desktop\PuranDefragSetup.exe
[2011/05/09 22:05:29 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2011/05/09 22:05:29 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011/05/09 22:05:28 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011/05/09 22:05:28 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2011/05/09 21:54:43 | 000,886,560 | ---- | C] (Sun Microsystems, Inc.) -- C:\Users\Ecristy85\Desktop\jxpiinstall.exe
[2011/05/09 21:53:51 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Ecristy85\Desktop\OTL.exe
[2011/05/09 19:08:56 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2011/05/08 04:57:20 | 000,000,000 | ---D | C] -- C:\Program Files\Project64 1.6
[2011/05/07 21:14:45 | 000,000,000 | ---D | C] -- C:\Users\Ecristy85\AppData\Roaming\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1
[2011/05/07 21:14:41 | 000,000,000 | ---D | C] -- C:\Program Files\TweetDeck
[2011/05/07 17:46:38 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/05/07 16:52:58 | 000,441,176 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2011/05/06 12:19:16 | 000,100,480 | ---- | C] (GMER) -- C:\uxlyapog.sys
[2011/04/29 00:45:15 | 000,000,000 | ---D | C] -- C:\Users\Ecristy85\Documents\Adobe Scripts
[2011/04/24 17:56:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Rosetta Stone
[2011/04/21 01:05:38 | 000,000,000 | ---D | C] -- C:\Program Files\ScummVM

========== Files - Modified Within 30 Days ==========

[2011/05/19 09:14:56 | 000,162,058 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2011/05/19 09:14:54 | 000,162,058 | ---- | M] () -- C:\ProgramData\nvModes.001
[2011/05/19 09:14:47 | 000,003,456 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/05/19 09:14:47 | 000,003,456 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/05/19 09:14:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/05/19 09:14:06 | 2145,570,816 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/10 13:42:23 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Puran Defrag
[2011/05/10 11:33:19 | 000,009,160 | ---- | M] () -- C:\Users\Ecristy85\AppData\Local\d3d9caps.dat
[2011/05/10 00:33:48 | 000,000,017 | ---- | M] () -- C:\Windows\System32\npd6.d
[2011/05/09 22:29:19 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011/05/09 22:28:13 | 002,733,484 | ---- | M] (Puran Software ) -- C:

\Users\Ecristy85\Desktop\PuranDefragSetup.exe
[2011/05/09 22:06:35 | 000,627,090 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/05/09 22:06:35 | 000,110,236 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/05/09 21:55:08 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2011/05/09 21:54:49 | 000,886,560 | ---- | M] (Sun Microsystems, Inc.) -- C:\Users\Ecristy85\Desktop\jxpiinstall.exe
[2011/05/09 21:53:58 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Ecristy85\Desktop\OTL.exe
[2011/05/08 20:05:11 | 000,079,360 | ---- | M] () -- C:\Users\Ecristy85\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/07 21:14:42 | 000,000,776 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TweetDeck.lnk
[2011/05/07 16:52:58 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2011/05/07 14:45:22 | 003,834,248 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/05/07 14:41:56 | 416,964,112 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/05/06 12:19:16 | 000,100,480 | ---- | M] (GMER) -- C:\uxlyapog.sys
[2011/04/21 01:14:41 | 000,000,296 | ---- | M] () -- C:\Windows\scummvm.ini

========== Files Created - No Company Name ==========

[2011/05/19 09:14:06 | 2145,570,816 | -HS- | C] () -- C:\hiberfil.sys
[2011/05/09 22:28:55 | 000,000,017 | ---- | C] () -- C:\Windows\System32\npd6.d
[2011/05/07 21:14:42 | 000,000,776 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TweetDeck.lnk
[2011/04/21 01:05:40 | 000,000,296 | ---- | C] () -- C:\Windows\scummvm.ini
[2011/04/10 02:31:26 | 000,005,394 | -HS- | C] () -- C:\Users\Ecristy85\AppData\Local\ir806823nm0e02u0748c4iw4onj73w34x6m56pw625
[2010/12/15 04:04:37 | 000,000,000 | ---- | C] () -- C:\Windows\FlipBook.INI
[2010/12/08 04:22:46 | 000,015,802 | ---- | C] () -- C:\Users\Ecristy85\AppData\Roaming\9998.D5C
[2010/10/01 21:24:52 | 000,162,058 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2010/10/01 21:24:52 | 000,162,058 | ---- | C] () -- C:\ProgramData\nvModes.001
[2010/09/23 02:50:03 | 000,000,600 | ---- | C] () -- C:\Users\Ecristy85\AppData\Local\PUTTY.RND
[2010/09/02 00:12:17 | 000,000,256 | -H-- | C] () -- C:\Windows\System32\LTAW14FN.BIN
[2010/09/02 00:12:17 | 000,000,256 | -H-- | C] () -- C:\Windows\System32\FJLTAFOU.BIN
[2010/07/10 02:54:04 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2010/07/10 02:54:03 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2010/07/10 02:54:01 | 000,790,528 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2010/07/10 02:54:01 | 000,134,144 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2010/07/10 02:54:00 | 000,108,032 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2009/08/03 03:21:54 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2009/08/03 03:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2009/08/03 03:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2009/08/03 03:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2009/08/03 03:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2009/08/03 03:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2009/08/03 03:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2009/08/03 03:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2009/08/03 03:21:52 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2009/08/03 03:21:52 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2009/04/25 00:15:29 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/03/31 02:10:56 | 000,395,776 | ---- | C] () -- C:\Windows\System32\libmplayer.dll
[2009/03/31 02:10:56 | 000,262,144 | ---- | C] () -- C:\Windows\System32\TomsMoComp_ff.dll
[2009/03/31 02:10:56 | 000,112,640 | ---- | C] () -- C:\Windows\System32\libmpeg2_ff.dll
[2009/03/31 02:10:55 | 002,255,360 | ---- | C] () -- C:\Windows\System32\libavcodec.dll
[2009/03/17 02:47:13 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2009/03/17 02:05:06 | 000,000,022 | ---- | C] () -- C:\Windows\pspvc_path.ini
[2009/01/27 02:32:49 | 000,000,094 | ---- | C] () -- C:\Users\Ecristy85\AppData\Local\fusioncache.dat
[2008/09/23 00:56:25 | 000,127,767 | ---- | C] () -- C:\Windows\hpgins24.dat.temp
[2008/09/23 00:56:25 | 000,000,308 | ---- | C] () -- C:\Windows\hpgmdl24.dat.temp
[2008/09/22 23:42:08 | 000,127,762 | ---- | C] () -- C:\Windows\hpgins24.dat
[2008/09/22 23:42:08 | 000,000,308 | ---- | C] () -- C:\Windows\hpgmdl24.dat
[2008/08/23 02:32:45 | 000,921,600 | ---- | C] () -- C:\Windows\System32\vorbisenc.dll
[2008/08/23 02:32:45 | 000,237,568 | ---- | C] () -- C:\Windows\System32\OggDS.dll
[2008/08/23 02:32:45 | 000,188,416 | ---- | C] () -- C:\Windows\System32\vorbis.dll
[2008/08/23 02:32:45 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ogg.dll
[2008/07/26 01:55:06 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2008/05/12 21:53:16 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2008/05/12 21:50:08 | 000,831,488 | ---- | C] () -- C:\Windows\System32\divx_xx0a.dll
[2008/05/12 21:49:02 | 000,012,288 | ---- | C] () -- C:\Windows\System32\DivXWMPExtType.dll
[2008/04/19 02:11:21 | 000,022,328 | ---- | C] () -- C:\Users\Ecristy85\AppData\Roaming\PnkBstrK.sys
[2008/03/23 17:51:51 | 000,000,120 | ---- | C] () -- C:\Windows\wininit.ini
[2008/03/07 14:30:02 | 000,000,952 | -HS- | C] () -- C:\Windows\System32\KGyGaAvL.sys
[2008/03/07 14:30:02 | 000,000,088 | RHS- | C] () -- C:\Windows\System32\B23C669194.sys
[2008/02/26 02:50:03 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2008/02/26 01:09:41 | 000,001,361 | ---- | C] () -- C:\Windows\System32\WLAN.INI
[2008/02/24 19:23:54 | 000,009,160 | ---- | C] () -- C:\Users\Ecristy85\AppData\Local\d3d9caps.dat
[2008/02/23 16:54:00 | 000,079,360 | ---- | C] () -- C:\Users\Ecristy85\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-

E0D61DEA3FDF.ini
[2008/02/15 12:41:57 | 001,238,832 | ---- | C] () -- C:\Windows\System32\igmedkrn.dll
[2008/02/15 12:41:57 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1322.dll
[2008/02/15 12:41:57 | 000,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll
[2008/02/15 12:41:56 | 000,249,856 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2008/02/15 04:58:58 | 000,000,859 | ---- | C] () -- C:\Windows\{0240BDFB-2995-4A3F-8C96-18D41282B716}_WiseFW.ini
[2006/11/10 18:02:53 | 000,000,000 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2006/11/03 00:40:12 | 000,174,656 | ---- | C] () -- C:\Windows\System32\PSIService.exe
[2006/11/02 08:53:49 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 08:44:53 | 003,834,248 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 06:33:01 | 000,627,090 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 06:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 06:33:01 | 000,110,236 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 06:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 06:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/02 06:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 04:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 04:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 03:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/11/02 03:22:43 | 000,099,999 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2006/11/02 03:22:43 | 000,018,271 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2006/03/18 09:16:04 | 000,540,178 | ---- | C] () -- C:\Windows\System32\x264vfw.dll

========== LOP Check ==========

[2008/02/24 19:33:04 | 000,000,000 | ---D | M] -- C:\Users\Ecristy85\AppData\Roaming\ACD Systems
[2010/02/23 02:44:18 | 000,000,000 | ---D | M] -- C:\Users\Ecristy85\AppData\Roaming\calibre
[2010/09/15 03:50:35 | 000,000,000 | ---D | M] -- C:\Users\Ecristy85\AppData\Roaming

\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/05/10 13:42:26 | 000,000,000 | ---D | M] -- C:\Users\Ecristy85\AppData\Roaming\DAEMON Tools
[2010/05/15 00:54:52 | 000,000,000 | ---D | M] -- C:\Users\Ecristy85\AppData\Roaming\Downloaded Installations
[2010/12/08 03:51:06 | 000,000,000 | ---D | M] -- C:\Users\Ecristy85\AppData\Roaming\FileZilla
[2010/09/02 00:12:41 | 000,000,000 | ---D | M] -- C:\Users\Ecristy85\AppData\Roaming\Fujitsu
[2011/05/10 13:42:26 | 000,000,000 | ---D | M] -- C:\Users\Ecristy85\AppData\Roaming\GetRightToGo
[2008/09/26 14:22:54 | 000,000,000 | ---D | M] -- C:\Users\Ecristy85\AppData\Roaming\Image Zone Express
[2011/03/12 20:08:46 | 000,000,000 | ---D | M] -- C:\Users\Ecristy85\AppData\Roaming\Leawo
[2008/06/11 15:53:57 | 000,000,000 | ---D | M] -- C:\Users\Ecristy85\AppData\Roaming\Lost Marble
[2010/05/07 01:05:49 | 000,000,000 | ---D | M] -- C:\Users\Ecristy85\AppData\Roaming\LucasArts
[2011/01/07 16:30:28 | 000,000,000 | ---D | M] -- C:\Users\Ecristy85\AppData\Roaming\mkvtoolnix
[2011/03/12 20:08:49 | 000,000,000 | ---D | M] -- C:\Users\Ecristy85\AppData\Roaming\Moyea
[2011/05/10 13:42:30 | 000,000,000 | ---D | M] -- C:\Users\Ecristy85\AppData\Roaming\Mp3tag
[2010/07/31 02:10:22 | 000,000,000 | ---D | M] -- C:\Users\Ecristy85\AppData\Roaming\ONScripter-En
[2009/02/09 03:58:47 | 000,000,000 | ---D | M] -- C:\Users\Ecristy85\AppData\Roaming\OpenOffice.org
[2011/03/25 04:24:33 | 000,000,000 | ---D | M] -- C:\Users\Ecristy85\AppData\Roaming\Opera
[2008/09/22 23:56:53 | 000,000,000 | ---D | M] -- C:\Users\Ecristy85\AppData\Roaming\Printer Info Cache
[2011/03/08 04:17:59 | 000,000,000 | ---D | M] -- C:\Users\Ecristy85\AppData\Roaming\REMEMBER11
[2009/04/29 19:21:48 | 000,000,000 | ---D | M] -- C:\Users\Ecristy85\AppData\Roaming\RenPy
[2011/05/10 13:42:30 | 000,000,000 | ---D | M] -- C:\Users\Ecristy85\AppData\Roaming\ScummVM
[2010/09/22 00:11:15 | 000,000,000 | ---D | M] -- C:\Users\Ecristy85\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2009/09/05 22:13:38 | 000,000,000 | ---D | M] -- C:\Users\Ecristy85\AppData\Roaming\TAGIRI
[2011/05/07 21:14:45 | 000,000,000 | ---D | M] -- C:\Users\Ecristy85\AppData\Roaming\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1
[2011/05/10 13:42:30 | 000,000,000 | ---D | M] -- C:\Users\Ecristy85\AppData\Roaming\uTorrent
[2008/02/24 19:32:34 | 000,000,000 | ---D | M] -- C:\ProgramData\ACD Systems
[2010/12/03 19:24:03 | 000,000,000 | ---D | M] -- C:\ProgramData\Alwil Software
[2008/02/23 16:48:13 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data
[2008/02/27 16:11:09 | 000,000,000 | -H-D | M] -- C:\ProgramData\CanonBJ
[2008/02/23 16:48:13 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
[2008/02/23 16:48:13 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents
[2008/02/23 16:48:13 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites
[2009/08/20 02:38:42 | 000,000,000 | ---D | M] -- C:\ProgramData\Higurashi-demo
[2011/02/28 22:03:19 | 000,000,000 | ---D | M] -- C:\ProgramData\hJnFcPi05200
[2011/03/12 20:08:35 | 000,000,000 | ---D | M] -- C:\ProgramData\Leawo
[2011/02/23 02:32:57 | 000,000,000 | ---D | M] -- C:\ProgramData\ONScripter-828a2b
[2009/08/20 01:38:46 | 000,000,000 | ---D | M] -- C:\ProgramData\ONScripter-En
[2010/08/10 14:18:27 | 000,000,000 | ---D | M] -- C:\ProgramData\PopCap Games
[2010/09/15 03:42:47 | 000,000,000 | ---D | M] -- C:\ProgramData\regid.1986-12.com.adobe
[2011/04/29 16:21:44 | 000,000,000 | ---D | M] -- C:\ProgramData\Rosetta Stone
[2008/02/15 04:59:00 | 000,000,000 | ---D | M] -- C:\ProgramData\SingleClick Systems
[2008/02/23 16:48:13 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu
[2008/02/15 05:00:45 | 000,000,000 | ---D | M] -- C:\ProgramData\SupportSoft
[2011/02/27 17:34:26 | 000,000,000 | ---D | M] -- C:\ProgramData\TEMP
[2008/02/23 16:48:13 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates
[2008/04/19 02:11:49 | 000,000,000 | ---D | M] -- C:\ProgramData\Ubisoft
[2011/02/23 02:34:39 | 000,000,000 | ---D | M] -- C:\ProgramData\Umineko4final
[2011/01/28 15:49:32 | 000,000,000 | ---D | M] -- C:\ProgramData\Umineko6
[2011/05/09 22:29:21 | 000,032,576 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >

< MD5 for: EXPLORER.EXE >
[2008/10/29 02:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\explorer.exe
[2008/10/29 02:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008/10/29 02:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008/10/29 23:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2008/02/15 12:35:43 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[2008/02/15 12:35:43 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[2008/10/27 22:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2006/11/02 05:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
[2008/01/19 03:33:10 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

< MD5 for: SVCHOST.EXE >
[2006/11/02 05:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\Windows\System32\svchost.exe
[2006/11/02 05:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6000.16386_none_b38497a50862ad11\svchost.exe
[2008/01/19 03:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe

< MD5 for: USERINIT.EXE >
[2008/01/19 03:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2006/11/02 05:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\System32\userinit.exe
[2006/11/02 05:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe

< MD5 for: VOLSNAP.INF >
[2006/11/02 06:25:18 | 000,001,790 | ---- | M] () MD5=E5EE5E075DAB1367001C467C70E8C580 -- C:\Windows\inf\volsnap.inf
[2006/11/02 02:35:04 | 000,001,790 | ---- | M] () MD5=E5EE5E075DAB1367001C467C70E8C580 -- C:\Windows\System32\DriverStore\FileRepository\volsnap.inf_7eb8cdb5\volsnap.inf

< MD5 for: VOLSNAP.INF_LOC >
[2006/11/02 08:38:54 | 000,000,198 | ---- | M] () MD5=F040058B592FE682204B2FC15DDEAC0D -- C:\Windows\System32\DriverStore\en-US\volsnap.inf_loc
[2006/11/02 08:38:54 | 000,000,198 | ---- | M] () MD5=F040058B592FE682204B2FC15DDEAC0D -- C:\Windows\winsxs\x86_volsnap.inf.resources_31bf3856ad364e35_6.0.6000.16386_en-us_112c68f98452eff6\volsnap.inf_loc

< MD5 for: VOLSNAP.PNF >
[2008/02/15 04:49:52 | 000,004,940 | ---- | M] () MD5=D798A5AB52391B0379BF9362C830216D -- C:\Windows\inf\volsnap.PNF
[2008/02/15 04:49:52 | 000,004,940 | ---- | M] () MD5=EC59A0A78096C0FC3DA8BB653D1FE54D -- C:\Windows\System32\DriverStore\FileRepository\volsnap.inf_7eb8cdb5\volsnap.PNF

< MD5 for: VOLSNAP.SYS >
[2006/11/02 05:51:18 | 000,208,488 | ---- | M] (Microsoft Corporation) MD5=11EF6C1CAEF76B685233450A126125D6 -- C:\Windows\System32\DriverStore\FileRepository\volume.inf_9320b452\volsnap.sys
[2008/02/26 18:29:01 | 000,211,000 | ---- | M] (Microsoft Corporation) MD5=327639D2EC931B057F3826A51ADC73E9 -- C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.0.6000.20709_none_146318401803edb5\volsnap.sys
[2008/02/26 18:29:01 | 000,211,000 | ---- | M] (Microsoft Corporation) MD5=80DC0C9BCB579ED9815001A4D37CBFD5 -- C:\Windows\System32\drivers\volsnap.sys
[2008/02/26 18:29:01 | 000,211,000 | ---- | M] (Microsoft Corporation) MD5=80DC0C9BCB579ED9815001A4D37CBFD5 -- C:\Windows\System32\DriverStore\FileRepository\volume.inf_f47b2c78\volsnap.sys
[2008/02/26 18:29:01 | 000,211,000 | ---- | M] (Microsoft Corporation) MD5=80DC0C9BCB579ED9815001A4D37CBFD5 -- C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.0.6000.16586_none_137ff950ff29e447\volsnap.sys
[2008/01/19 03:42:48 | 000,227,896 | ---- | M] (Microsoft Corporation) MD5=D8B4A53DD2769F226B3EB374374987C9 -- C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3x86_volume.inf_31bf3856ad364e35_6.0.6001.18000_none_15b6b780fc14facd\volsnap.sys

< MD5 for: VOLSNAP.SYS.MUI >
[2008/01/19 03:36:32 | 000,032,768 | ---- | M] (Microsoft Corporation) MD5=2A3DEAD70397152006B4E3CED20B41C4 -- C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_volume.inf.resources_31bf3856ad364e35_6.0.6001.18000_en-

us_7b264a38bff55d35\volsnap.sys.mui
[2006/11/02 08:38:59 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=F9B09F7E31E49004666C9B3EB0BEBD94 -- C:\Windows\System32\drivers\en-US\volsnap.sys.mui
[2006/11/02 08:38:59 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=F9B09F7E31E49004666C9B3EB0BEBD94 -- C:\Windows\winsxs\x86_volume.inf.resources_31bf3856ad364e35_6.0.6000.16386_en-us_78ef883cc30a4c61\volsnap.sys.mui

< MD5 for: WINLOGON.EXE >
[2006/11/02 05:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\System32\winlogon.exe
[2006/11/02 05:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008/01/19 03:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< %systemroot%\*. /mp /s >

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011/03/19 19:27:03 | 000,552,376 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011/03/19 19:27:03 | 000,552,376 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011/03/19 19:27:03 | 000,552,376 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2011/03/19 19:27:07 | 000,912,344 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2011/03/19 19:27:07 | 000,912,344 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2011/03/19 19:27:07 | 000,912,344 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\system32\ie4uinit.exe" -hide [2010/03/09 10:17:37 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\system32\ie4uinit.exe" -show [2010/03/09 10:17:37 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\system32\ie4uinit.exe" -reinstall [2010/03/09 10:17:37 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2010/03/09 12:56:18 | 000,634,648 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files\Opera\Opera.exe" /ShowIconsCommand [2011/03/25 07:15:57 | 000,943,472 | ---- | M] (Opera Software)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera.exe\InstallInfo\\HideIconsCommand: "C:\Program Files\Opera\Opera.exe" /HideIconsCommand [2011/03/25 07:15:57 | 000,943,472 | ---- | M] (Opera Software)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera.exe\InstallInfo\\ReinstallCommand: "C:\Program Files\Opera\Opera.exe" /ReInstallBrowser [2011/03/25 07:15:57 | 000,943,472 | ---- | M] (Opera Software)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera.exe\shell\open\command\\: "C:\Program Files\Opera\Opera.exe" [2011/03/25 07:15:57 | 000,943,472 | ---- | M] (Opera Software)

< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011/03/19 19:27:03 | 000,552,376 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011/03/19 19:27:03 | 000,552,376 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011/03/19 19:27:03 | 000,552,376 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2011/03/19 19:27:07 | 000,912,344 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2011/03/19 19:27:07 | 000,912,344 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2011/03/19 19:27:07 | 000,912,344 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\system32\ie4uinit.exe" -hide [2010/03/09 10:17:37 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows
\system32\ie4uinit.exe" -show [2010/03/09 10:17:37 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\system32\ie4uinit.exe" -reinstall [2010/03/09 10:17:37 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2010/03/09 12:56:18 | 000,634,648 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files\Opera\Opera.exe" /ShowIconsCommand [2011/03/25 07:15:57 | 000,943,472 | ---- | M] (Opera Software)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera.exe\InstallInfo\\HideIconsCommand: "C:\Program Files\Opera\Opera.exe" /HideIconsCommand [2011/03/25 07:15:57 | 000,943,472 | ---- | M] (Opera Software)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera.exe\InstallInfo\\ReinstallCommand: "C:\Program Files\Opera\Opera.exe" /ReInstallBrowser [2011/03/25 07:15:57 | 000,943,472 | ---- | M] (Opera Software)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera.exe\shell\open\command\\: "C:\Program Files\Opera\Opera.exe" [2011/03/25 07:15:57 | 000,943,472 | ---- | M] (Opera Software)

< CREATERESTOREPOINT >

========== Alternate Data Streams ==========

@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:62E2D794
< End of report >

#43
Essexboy

Posted 19 May 2011 - 01:22 PM

GeekU Moderator

Retired Staff
69,964 posts

OK I will slowly remove some elements. After this run let me know if you can reboot, if not I will then remove the Avast drivers as sometimes a system restore with these can cause the odd problem

Start OTLPE as you did previously from CD
Copy the attached Fix.txt to a USB

Insert your USB drive with fix.txt on it
Start OTLPE
Drag and drop fix.txt into the Custom scans and fixes box
If you cannot drag and drop for some reason. Then press the Run Fix button and a dialogue box will pop up asking for the location - select the file on your USB drive
Then click the Run Fix button at the top
Let the program run unhindered, reboot when it is done to normal mode if possible
Then post a new OTL log ( don't check the boxes beside LOP Check or Purity this time )

#44
Gwendolyn85

Posted 19 May 2011 - 02:17 PM

Member

Topic Starter
Member
42 posts

Gotcha, here's the OTL log after using the fix.txt:

========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Malwarebytes Anti-Malware (reboot) deleted successfully.
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Malwarebytes' Anti-Malware (reboot) deleted successfully.
File C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe not found.

OTLPE by OldTimer - Version 3.1.46.0 log created on 05192011_231327

I tried to reboot windows into normal mode and the black screen with a cursor still appears.