Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

hitman Pro 3 BSOD


  • This topic is locked This topic is locked

#16
rmuddana

rmuddana

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
And BTW, in the log you will find all the new files added last night starting with igfx* in the windows system 32 folder. I added these files hoping it would make it recover. Hope that helps.
  • 0

Advertisements


#17
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Did you see the Avenger fix on the previous page ?
  • 0

#18
rmuddana

rmuddana

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
Yes i did. Following the steps now.
  • 0

#19
rmuddana

rmuddana

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
Followed the steps. Avenger did restart the computer but there was no log created under 'C:\avenger.txt'. Not sure why.

Find attached the latest OTL log.

Thanks.

OTL logfile created on: 6/7/2011 2:21:20 PM - Run 2
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\Alexandra\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.18 Gb Available Physical Memory | 72.59% Memory free
3.13 Gb Paging File | 2.52 Gb Available in Paging File | 80.64% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222.94 Gb Total Space | 66.73 Gb Free Space | 29.93% Space Free | Partition Type: NTFS
Drive D: | 9.94 Gb Total Space | 0.84 Gb Free Space | 8.50% Space Free | Partition Type: NTFS

Computer Name: ALEXANDRA-PC | User Name: Alexandra | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/06/06 18:33:27 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Alexandra\Desktop\OTL.exe
PRC - [2010/03/19 17:27:46 | 005,248,312 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
PRC - [2008/12/11 04:49:07 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe


========== Modules (SafeList) ==========

MOD - [2011/06/06 18:33:27 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Alexandra\Desktop\OTL.exe
MOD - [2008/01/19 03:26:34 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/05/17 20:17:31 | 003,275,864 | ---- | M] () [Auto | Stopped] -- c:\Program Files\Common Files\Akamai\netsession_win_8832f4b.dll -- (Akamai)
SRV - [2011/05/03 16:40:06 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/07/06 18:39:04 | 003,039,536 | ---- | M] (HideMyIP) [On_Demand | Stopped] -- C:\Program Files\Hide My IP\HideMyIpSrv.exe -- (HideMyIpSRV)
SRV - [2010/01/26 12:41:08 | 000,652,800 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009/03/18 07:04:44 | 001,685,024 | ---- | M] (NanJing Nagasoft Co, LTD.) [Auto | Stopped] -- C:\Windows\System32\nagasoft\vjocx.dll -- (vvdsvc)
SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Stopped] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/10/15 17:13:58 | 000,439,632 | ---- | M] (RealVNC Ltd.) [Auto | Stopped] -- C:\Program Files\RealVNC\VNC4\WinVNC4.exe -- (WinVNC4)
SRV - [2008/01/19 03:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/19 03:36:49 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2008/01/19 03:36:15 | 000,167,936 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2008/01/11 05:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2007/10/31 12:40:08 | 000,125,440 | ---- | M] (ArcSoft, Inc.) [Auto | Stopped] -- C:\Program Files\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe -- (uCamMonitor)
SRV - [2007/09/29 00:11:44 | 000,292,128 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV - [2007/09/23 14:36:38 | 002,818,048 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe -- (VAIOMediaPlatform-IntegratedServer-AppServer)
SRV - [2007/09/20 21:52:32 | 000,079,136 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe -- (VcmXmlIfHelper)
SRV - [2007/08/28 19:27:12 | 000,131,072 | ---- | M] (Sony Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe -- (VzFw)
SRV - [2007/08/28 19:27:10 | 000,192,512 | ---- | M] (Sony Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc)
SRV - [2007/08/15 00:05:18 | 000,182,392 | ---- | M] (Sony Corporation) [Auto | Stopped] -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2007/08/09 03:51:32 | 000,499,712 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe -- (VAIOMediaPlatform-Mobile-Gateway)
SRV - [2007/08/09 03:51:30 | 001,089,536 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-UCLS-UPnP) VAIO Media Content Collection (UPnP)
SRV - [2007/08/09 03:51:30 | 001,089,536 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-IntegratedServer-UPnP) VAIO Media Integrated Server (UPnP)
SRV - [2007/08/09 03:51:30 | 000,397,312 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe -- (VAIOMediaPlatform-UCLS-HTTP) VAIO Media Content Collection (HTTP)
SRV - [2007/08/09 03:51:30 | 000,397,312 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe -- (VAIOMediaPlatform-IntegratedServer-HTTP) VAIO Media Integrated Server (HTTP)
SRV - [2007/06/28 11:53:04 | 000,073,728 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2007/06/28 11:52:48 | 000,274,432 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -- (Vcsw)
SRV - [2007/06/14 22:07:44 | 000,075,952 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\Image Converter 3\ICScsiSV.exe -- (ICScsiSV)
SRV - [2007/06/14 22:07:36 | 000,059,568 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\Image Converter 3\IcVzMon.exe -- (Image Converter video recording monitor for VAIO Entertainment)
SRV - [2007/04/19 08:43:42 | 000,537,520 | ---- | M] ( ) [Auto | Stopped] -- C:\Windows\System32\lxczcoms.exe -- (lxcz_device)
SRV - [2007/01/10 19:51:06 | 000,745,472 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe -- (VAIOMediaPlatform-UCLS-AppServer)
SRV - [2007/01/04 22:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Stopped] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2006/12/14 05:21:20 | 000,045,056 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)
SRV - [2006/12/14 05:02:08 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2006/12/14 04:46:16 | 000,057,344 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)


========== Driver Services (SafeList) ==========

DRV - [2010/03/10 08:17:26 | 000,024,216 | ---- | M] (Initio Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ivusb.sys -- (ivusb)
DRV - [2010/01/21 15:53:16 | 000,018,048 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010/01/21 01:59:58 | 000,020,864 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2010/01/21 01:59:58 | 000,019,840 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbgps.sys -- (UsbGps)
DRV - [2010/01/21 01:59:56 | 000,024,960 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2010/01/21 01:59:56 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2009/12/30 12:30:56 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2009/12/30 12:30:48 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2009/12/30 12:30:48 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2009/12/30 12:25:12 | 000,137,344 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2009/12/30 12:25:12 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2009/08/07 12:47:40 | 000,033,728 | ---- | M] (Cambridge Silicon Radio Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\jabradfuxp.sys -- (JabraDFU)
DRV - [2008/10/29 09:46:46 | 000,018,448 | ---- | M] (FarStone Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\fcdabus.sys -- (fcdabus)
DRV - [2008/10/21 14:54:08 | 000,086,800 | ---- | M] (FarStone Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\fvxscsi.sys -- (FVXSCSI)
DRV - [2008/08/26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008/08/04 04:20:12 | 000,904,192 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WPN111v.sys -- (WPN111)
DRV - [2008/01/19 02:14:59 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2008/01/19 01:53:22 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (winusb)
DRV - [2007/11/15 20:29:22 | 000,818,688 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ti21sony.sys -- (ti21sony)
DRV - [2007/10/29 22:30:30 | 000,017,920 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV - [2007/10/18 20:22:07 | 002,930,176 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2007/10/16 20:01:59 | 000,073,472 | ---- | M] (Ricoh) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\R5U870FLx86.sys -- (R5U870FLx86)
DRV - [2007/10/16 20:01:59 | 000,043,904 | ---- | M] (Ricoh) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\R5U870FUx86.sys -- (R5U870FUx86)
DRV - [2007/10/15 23:57:24 | 000,743,424 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2007/09/26 01:12:22 | 002,251,776 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Intel®
DRV - [2007/09/19 17:38:18 | 000,010,216 | ---- | M] (Sony Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\DMICall.sys -- (DMICall)
DRV - [2007/09/04 20:02:46 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/09/04 20:02:11 | 000,084,480 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2007/08/28 21:58:45 | 000,009,344 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SFEP.sys -- (SFEP)
DRV - [2007/08/24 07:44:54 | 000,101,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2007/05/26 04:03:06 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2007/04/17 23:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\regi.sys -- (regi)
DRV - [2007/02/27 14:31:28 | 000,021,504 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motmodem.sys -- (motmodem)
DRV - [2006/11/02 03:30:54 | 001,781,760 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel®
DRV - [2004/09/08 06:37:56 | 000,072,478 | ---- | M] (FarStone Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fvdscsi.sys -- (FVDSCSI)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.startsearcher.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.startsearcher.com
IE - HKLM\..\URLSearchHook: {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - C:\Program Files\4shared.com\tb4sha.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVDV.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - C:\Program Files\4shared.com\tb4sha.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVDV.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.defaultthis.engineName: "PageRage Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.condui...={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask"
FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-type: "${8}"
FF - prefs.js..browser.search.selectedEngine: "PageRage Customized Web Search"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: ""
FF - prefs.js..extensions.enabledItems: {09ec805c-cb2e-4d53-b0d3-a75a428b81c7}:2.5.6.0
FF - prefs.js..extensions.enabledItems: {d5bc46d8-67c7-11dc-8c1d-0097498c2b7a}:1.0.0.1
FF - prefs.js..extensions.enabledItems: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f}:2.5.6.0
FF - prefs.js..extensions.enabledItems: {EB132DB0-A4CA-11DF-9732-0E29E0D72085}:1.3
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.2.22
FF - prefs.js..extensions.enabledItems: {c2f463d5-3b9b-43f7-b099-82fdcd01962f}:2.4.0.4
FF - prefs.js..extensions.enabledItems: {F16F8660-32CC-4255-8631-B5D6064B49BF}:1.9.1
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.5.200812101546
FF - prefs.js..extensions.enabledItems: {7b13ec3e-999a-4b70-b9cb-2617b8323822}:2.5.8.6
FF - prefs.js..keyword.URL: "http://toolbar.ask.c...1&gct=&gc=1&q="


FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2008/12/12 21:49:34 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2009/12/30 05:32:02 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010/02/21 18:30:29 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{EB132DB0-A4CA-11DF-9732-0E29E0D72085}: C:\Program Files\Object\facetheme [2010/10/23 02:13:36 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.19\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/05/05 16:32:12 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.19\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/06/04 23:37:17 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Components: C:\ProgramData\Mozilla Firefox\components [2010/09/21 12:30:23 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Plugins: C:\ProgramData\Mozilla Firefox\plugins [2011/05/03 16:35:20 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010/02/21 18:30:30 | 000,000,000 | ---D | M]

[2008/12/09 10:22:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alexandra\AppData\Roaming\Mozilla\Extensions
[2011/06/03 23:29:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\0zbvev68.default\extensions
[2010/01/28 13:45:17 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\0zbvev68.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/08/06 00:09:20 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\Alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\0zbvev68.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}(127)
[2010/01/28 13:45:19 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\0zbvev68.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/05/19 13:43:02 | 000,000,000 | ---D | M] (Zynga Toolbar) -- C:\Users\Alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\0zbvev68.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2010/01/28 13:45:19 | 000,000,000 | ---D | M] (Softonic-Eng12 Toolbar) -- C:\Users\Alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\0zbvev68.default\extensions\{c2f463d5-3b9b-43f7-b099-82fdcd01962f}
[2010/03/11 06:16:45 | 000,000,000 | ---D | M] (DVDVideoSoft Toolbar) -- C:\Users\Alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\0zbvev68.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}
[2010/01/28 13:45:17 | 000,000,000 | ---D | M] (TVU Web Player) -- C:\Users\Alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\0zbvev68.default\extensions\[email protected]
[2009/03/29 08:26:55 | 000,000,682 | ---- | M] () -- C:\Users\Alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\0zbvev68.default\searchplugins\ask.xml
[2010/12/30 18:15:20 | 000,000,919 | ---- | M] () -- C:\Users\Alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\0zbvev68.default\searchplugins\conduit.xml
[2009/05/07 04:58:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/02/21 18:30:29 | 000,000,000 | ---D | M] (Firefox Synchronisation Extension) -- C:\PROGRAM FILES\NOKIA\NOKIA OVI SUITE\CONNECTORS\BOOKMARKS CONNECTOR\FIREFOXEXTENSION
[2010/10/23 02:13:36 | 000,000,000 | ---D | M] (FaceTheme - Change your Facebook layout!) -- C:\PROGRAM FILES\OBJECT\FACETHEME
File not found (No name found) -- C:\USERS\ALEXANDRA\APPDATA\LOCAL\{F16F8660-32CC-4255-8631-B5D6064B49BF}
File not found (No name found) -- C:\USERS\ALEXANDRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0ZBVEV68.DEFAULT\EXTENSIONS\{09EC805C-CB2E-4D53-B0D3-A75A428B81C7}
[2011/06/04 23:37:20 | 000,000,000 | ---D | M] (No name found) -- C:\USERS\ALEXANDRA\PROGRAM FILES\DNA
[2008/09/03 20:11:24 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll
[2011/05/28 13:06:29 | 000,001,919 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing-zugo.xml

O1 HOSTS File: ([2011/06/07 12:38:23 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
O2 - BHO: (4shared.com Toolbar) - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - C:\Program Files\4shared.com\tb4sha.dll (Conduit Ltd.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (DVDVideoSoft Toolbar) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVDV.dll (Conduit Ltd.)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - File not found
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (4shared.com Toolbar) - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - C:\Program Files\4shared.com\tb4sha.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (DVDVideoSoft Toolbar) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVDV.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (4shared.com Toolbar) - {09EC805C-CB2E-4D53-B0D3-A75A428B81C7} - C:\Program Files\4shared.com\tb4sha.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoft Toolbar) - {E9911EC6-1BCC-40B0-9993-E0EEA7F6953F} - C:\Program Files\DVDVideoSoft\tbDVDV.dll (Conduit Ltd.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [BlackBerryAutoUpdate] C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe (Research In Motion Limited)
O4 - HKLM..\Run: [HotKeysCmds] File not found
O4 - HKLM..\Run: [iCall Internet Phone] C:\Program Files\iCall\iCall.exe ()
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [lxczbmgr.exe] C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe (Lexmark International, Inc.)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\ramsddd.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [NokiaMusic FastStart] C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe (Nokia)
O4 - HKLM..\Run: [pdfw] C:\Program Files\Amic Utilities\PDF Writer Pro\pdfwload.exe (Bastea, Inc.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [sealmon.exe] C:\Program Files\Oracle\Information Rights Management\Desktop\sealmon.exe (Oracle Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UDC Integration] File not found
O4 - HKLM..\Run: [VirtualDrive Network Server] C:\vdn\Files\SqlServerIpconfig.exe (FarStone Technology Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Aim] C:\Program Files\AIM\aim.exe (AOL Inc.)
O4 - HKCU..\Run: [ATnotes.exe] C:\Program Files\ATnotes\ATnotes.exe (Thomas Ascher)
O4 - HKCU..\Run: [BitTorrent DNA] C:\Users\Alexandra\Program Files\DNA\btdna.exe (BitTorrent, Inc.)
O4 - HKCU..\Run: [googletalk] C:\Users\Alexandra\AppData\Roaming\Google\Google Talk\googletalk.exe (Google)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 7\PcSync2.exe (Nokia)
O4 - HKCU..\Run: [NokiaOviSuite2] C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia)
O4 - Startup: C:\Users\Alexandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Alexandra\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Alexandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PMB Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe (Sony Corporation)
O4 - Startup: C:\Users\Alexandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\qlock.lnk = C:\Program Files\Qlock\qlock.exe ()
O4 - Startup: C:\Users\Alexandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\YPOPs.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 64
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Transfer by Image Converter 3 - C:\Program Files\Sony\Image Converter 3\menu.htm ()
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\HMIPCore.dll (My Privacy Tools, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\HMIPCore.dll (My Privacy Tools, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\HMIPCore.dll (My Privacy Tools, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\HMIPCore.dll (My Privacy Tools, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\HMIPCore.dll (My Privacy Tools, Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} http://dl.tvunetworks.com/TVUAx.cab (CTVUAxCtrl Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {D4003189-95B1-4A2F-9A87-F2B03665960D} http://www.tvucricke...cx-en-black.cab (VodClient Control Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 167.206.245.130 167.206.245.129 0.0.0.0
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (acaptuser32.dll) - C:\Windows\System32\acaptuser32.dll (Adobe Systems, Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - C:\Windows\System32\VESWinlogon.dll (Sony Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008/04/30 01:47:13 | 000,000,000 | ---D | M] - D:\Autorun -- [ NTFS ]
O32 - AutoRun File - [2008/09/11 19:55:41 | 000,000,065 | ---- | M] () - D:\Autorun.inf -- [ NTFS ]
O33 - MountPoints2\{42a7ad61-c7ed-11dd-8fe8-001e3de12acf}\Shell - "" = AutoRun
O33 - MountPoints2\{42a7ad61-c7ed-11dd-8fe8-001e3de12acf}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{42a7ad63-c7ed-11dd-8fe8-001e3de12acf}\Shell - "" = AutoRun
O33 - MountPoints2\{42a7ad63-c7ed-11dd-8fe8-001e3de12acf}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{60a85bbb-c5f5-11dd-85ee-001dba3bac0c}\Shell - "" = AutoRun
O33 - MountPoints2\{60a85bbb-c5f5-11dd-85ee-001dba3bac0c}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{60a85bcf-c5f5-11dd-85ee-001dba3bac0c}\Shell - "" = AutoRun
O33 - MountPoints2\{60a85bcf-c5f5-11dd-85ee-001dba3bac0c}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{77e8631c-c7e8-11dd-8084-001dba3bac0c}\Shell - "" = AutoRun
O33 - MountPoints2\{77e8631c-c7e8-11dd-8084-001dba3bac0c}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{824b9ac9-dd4d-11dd-ae53-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{824b9ac9-dd4d-11dd-ae53-806e6f6e6963}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{acb3ca78-d81a-11dd-821d-001e3de12acf}\Shell - "" = AutoRun
O33 - MountPoints2\{acb3ca78-d81a-11dd-821d-001e3de12acf}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{ad792206-dadc-11dd-aa4c-001e3de12acf}\Shell - "" = AutoRun
O33 - MountPoints2\{ad792206-dadc-11dd-aa4c-001e3de12acf}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{bdf0caaa-cca9-11dd-83b4-001dba3bac0c}\Shell - "" = AutoRun
O33 - MountPoints2\{bdf0caaa-cca9-11dd-83b4-001dba3bac0c}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/06/07 12:38:19 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/06/06 18:33:26 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Users\Alexandra\Desktop\OTL.exe
[2011/06/04 18:28:59 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2011/06/04 14:57:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Hitman Pro
[2011/06/04 14:52:05 | 000,000,000 | ---D | C] -- C:\Users\Alexandra\AppData\Roaming\Opera
[2011/06/04 14:52:05 | 000,000,000 | ---D | C] -- C:\Users\Alexandra\AppData\Local\Opera
[2011/06/04 14:52:01 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
[2011/06/04 14:49:06 | 000,000,000 | ---D | C] -- C:\Users\Alexandra\AppData\Roaming\Avant Profiles
[2011/06/04 14:48:59 | 000,000,000 | ---D | C] -- C:\Program Files\Avant Browser
[2011/05/28 19:04:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer
[2011/05/28 19:03:53 | 000,000,000 | ---D | C] -- C:\Adobe
[2011/05/28 17:58:23 | 000,000,000 | ---D | C] -- C:\ProgramData\bM28601KcLfD28601
[2011/05/28 17:39:35 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2011/05/27 02:40:30 | 000,000,000 | ---D | C] -- C:\Users\Alexandra\Desktop\New Folder
[2011/05/20 23:48:22 | 000,000,000 | ---D | C] -- C:\Users\Alexandra\Desktop\Desktop1
[2011/05/16 00:15:58 | 000,000,000 | ---D | C] -- C:\hp12c-Classic-v4.2
[2011/05/14 00:18:08 | 000,000,000 | ---D | C] -- C:\Users\Alexandra\AppData\Roaming\HpUpdate
[2011/05/14 00:18:04 | 000,000,000 | ---D | C] -- C:\Windows\Hewlett-Packard
[2009/05/30 13:54:38 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\lxczserv.dll
[2009/05/30 13:54:38 | 000,991,232 | ---- | C] ( ) -- C:\Windows\System32\lxczusb1.dll
[2009/05/30 13:54:38 | 000,696,320 | ---- | C] ( ) -- C:\Windows\System32\lxczhbn3.dll
[2009/05/30 13:54:38 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\lxczcomc.dll
[2009/05/30 13:54:38 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\lxczpmui.dll
[2009/05/30 13:54:38 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\lxczlmpm.dll
[2009/05/30 13:54:38 | 000,537,520 | ---- | C] ( ) -- C:\Windows\System32\lxczcoms.exe
[2009/05/30 13:54:38 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\lxczcomm.dll
[2009/05/30 13:54:38 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\lxczinpa.dll
[2009/05/30 13:54:38 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\lxcziesc.dll
[2009/05/30 13:54:38 | 000,385,968 | ---- | C] ( ) -- C:\Windows\System32\lxczih.exe
[2009/05/30 13:54:38 | 000,381,872 | ---- | C] ( ) -- C:\Windows\System32\lxczcfg.exe
[2009/05/30 13:54:38 | 000,323,584 | ---- | C] ( ) -- C:\Windows\System32\LXCZhcp.dll
[2009/05/30 13:54:38 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\lxczprox.dll
[2009/05/30 13:54:38 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\lxczpplc.dll

========== Files - Modified Within 30 Days ==========

[2011/06/07 14:22:16 | 000,766,464 | ---- | M] () -- C:\Windows\System32\drivers\httjdbi.sys
[2011/06/07 13:56:04 | 000,001,356 | ---- | M] () -- C:\Users\Alexandra\AppData\Local\d3d9caps.dat
[2011/06/07 13:52:34 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/06/07 13:52:21 | 268,435,456 | -HS- | M] () -- C:\Windows\System32\temppf.sys
[2011/06/07 13:50:37 | 000,135,168 | ---- | M] () -- C:\zip.exe
[2011/06/07 13:50:37 | 000,061,440 | ---- | M] () -- C:\Windows\System32\drivers\ogwkdtb.sys
[2011/06/07 13:50:37 | 000,019,286 | ---- | M] () -- C:\cleanup.exe
[2011/06/07 13:50:37 | 000,000,574 | ---- | M] () -- C:\cleanup.bat
[2011/06/07 13:36:53 | 000,724,952 | ---- | M] () -- C:\Users\Alexandra\Desktop\avenger.zip
[2011/06/07 12:38:23 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2011/06/06 21:02:17 | 000,700,288 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/06/06 21:02:17 | 000,140,988 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/06/06 18:33:27 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Alexandra\Desktop\OTL.exe
[2011/06/04 19:40:51 | 000,000,426 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{7E7E64CB-B714-44CB-8064-85D510E98309}.job
[2011/06/04 00:43:50 | 000,202,097 | ---- | M] () -- C:\Users\Alexandra\Desktop\ravi dad cake order.jpg
[2011/05/27 13:58:00 | 140,771,328 | ---- | M] () -- C:\Windows\ocsetup_install_XPS-Viewer.etl
[2011/05/27 13:52:15 | 000,268,806 | ---- | M] () -- C:\Users\Alexandra\Desktop\credit scores.xps
[2011/05/27 13:51:11 | 000,291,887 | ---- | M] () -- C:\Users\Alexandra\Desktop\credit report.xps
[2011/05/23 17:30:00 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2496002819-1112554539-2415406514-1003UA.job
[2011/05/23 17:28:00 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/05/23 16:47:39 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/05/23 16:47:39 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/05/23 14:28:00 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/05/23 01:30:23 | 000,000,836 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011/05/23 00:03:22 | 000,000,911 | ---- | M] () -- C:\Users\Alexandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2011/05/21 22:30:00 | 000,000,872 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2496002819-1112554539-2415406514-1003Core.job
[2011/05/20 15:17:19 | 000,105,472 | ---- | M] () -- C:\Users\Alexandra\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/13 18:58:28 | 000,582,563 | ---- | M] () -- C:\Users\Alexandra\Documents\100_4083.jpg

========== Files Created - No Company Name ==========

[2011/06/07 13:50:37 | 000,135,168 | ---- | C] () -- C:\zip.exe
[2011/06/07 13:50:37 | 000,061,440 | ---- | C] () -- C:\Windows\System32\drivers\ogwkdtb.sys
[2011/06/07 13:50:37 | 000,019,286 | ---- | C] () -- C:\cleanup.exe
[2011/06/07 13:50:37 | 000,000,574 | ---- | C] () -- C:\cleanup.bat
[2011/06/07 13:38:34 | 000,731,136 | ---- | C] () -- C:\Users\Alexandra\Desktop\avenger.exe
[2011/06/07 13:36:51 | 000,724,952 | ---- | C] () -- C:\Users\Alexandra\Desktop\avenger.zip
[2011/06/06 21:02:01 | 000,027,024 | ---- | C] () -- C:\Windows\System32\igxpxs32.vp
[2011/06/06 21:02:01 | 000,002,096 | ---- | C] () -- C:\Windows\System32\igxpxk32.vp
[2011/06/04 19:40:47 | 268,435,456 | -HS- | C] () -- C:\Windows\System32\temppf.sys
[2011/06/04 00:43:49 | 000,202,097 | ---- | C] () -- C:\Users\Alexandra\Desktop\ravi dad cake order.jpg
[2011/05/27 13:52:13 | 000,268,806 | ---- | C] () -- C:\Users\Alexandra\Desktop\credit scores.xps
[2011/05/27 13:51:09 | 000,291,887 | ---- | C] () -- C:\Users\Alexandra\Desktop\credit report.xps
[2011/05/13 18:58:45 | 000,582,563 | ---- | C] () -- C:\Users\Alexandra\Documents\100_4083.jpg
[2010/08/19 01:09:42 | 000,177,699 | ---- | C] () -- C:\Windows\hpwins20.dat
[2010/08/19 01:09:42 | 000,002,428 | ---- | C] () -- C:\Windows\hpwmdl20.dat
[2010/07/24 15:40:56 | 000,766,464 | ---- | C] () -- C:\Windows\System32\drivers\httjdbi.sys
[2010/02/06 18:13:02 | 000,040,960 | ---- | C] () -- C:\Windows\IsWow64.dll
[2010/02/06 18:11:07 | 000,118,784 | ---- | C] () -- C:\Windows\System32\DVC.dll
[2010/02/06 18:11:07 | 000,045,056 | ---- | C] () -- C:\Windows\System32\Fsinst32.dll
[2010/02/06 18:11:07 | 000,005,120 | ---- | C] () -- C:\Windows\System32\Fsinst16.DLL
[2010/02/06 17:58:01 | 000,073,728 | ---- | C] () -- C:\Windows\XpIcfOpt.dll
[2010/02/06 17:47:42 | 000,000,010 | ---- | C] () -- C:\Windows\Wininit.ini
[2010/02/05 23:17:55 | 000,065,536 | ---- | C] () -- C:\Windows\System32\VDPersns.dat
[2010/02/05 23:16:26 | 000,014,496 | ---- | C] () -- C:\Windows\System32\VDI08X.dat
[2010/02/05 23:15:15 | 000,077,824 | ---- | C] () -- C:\Windows\System32\RDrv2KInterface.dll
[2010/02/05 23:15:15 | 000,053,248 | ---- | C] () -- C:\Windows\System32\RDrvNTInterface.dll
[2010/02/05 23:15:15 | 000,036,864 | ---- | C] () -- C:\Windows\System32\unVHDDrvExe.exe
[2010/02/05 23:15:15 | 000,036,864 | ---- | C] () -- C:\Windows\System32\inVHDDrvExe.exe
[2010/02/05 23:15:15 | 000,032,768 | ---- | C] () -- C:\Windows\System32\RDrv9xInterface.dll
[2010/02/05 23:15:15 | 000,028,672 | ---- | C] () -- C:\Windows\System32\RDrvInterface.dll
[2009/12/31 05:20:57 | 000,000,118 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2009/10/25 23:21:05 | 000,012,054 | R--- | C] () -- C:\Windows\hpwscr20.dat
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009/05/30 13:56:25 | 000,000,186 | ---- | C] () -- C:\Windows\Lexstat.ini
[2009/05/30 13:54:38 | 000,413,696 | ---- | C] () -- C:\Windows\System32\lxczutil.dll
[2009/05/30 13:54:38 | 000,274,432 | ---- | C] () -- C:\Windows\System32\LXCZinst.dll
[2009/05/10 07:11:56 | 000,121,305 | ---- | C] () -- C:\Windows\HPHins15.dat
[2009/05/10 07:11:56 | 000,002,885 | ---- | C] () -- C:\Windows\hphmdl15.dat
[2009/01/11 15:20:53 | 000,051,716 | ---- | C] () -- C:\Windows\System32\pdf995mon.dll
[2009/01/11 15:20:53 | 000,000,025 | ---- | C] () -- C:\Windows\wpd99.drv
[2009/01/01 00:14:06 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2008/12/29 23:51:13 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2008/12/29 23:51:13 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/12/09 10:15:25 | 000,012,288 | ---- | C] () -- C:\Windows\impborl.dll
[2008/12/09 09:50:06 | 000,105,472 | ---- | C] () -- C:\Users\Alexandra\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/12/09 08:03:23 | 000,001,356 | ---- | C] () -- C:\Users\Alexandra\AppData\Local\d3d9caps.dat
[2008/04/30 02:33:18 | 000,000,000 | ---- | C] () -- C:\Windows\VAIOUpdt.INI
[2008/04/30 02:14:56 | 000,019,968 | ---- | C] () -- C:\Windows\System32\Cpuinf32.dll
[2008/04/30 02:13:51 | 000,344,064 | ---- | C] () -- C:\Windows\System32\SSMSIppCustom.dll
[2008/03/04 12:52:34 | 000,286,720 | ---- | C] () -- C:\Windows\System32\libcurl.dll
[2007/12/20 18:17:28 | 000,000,836 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2007/12/20 16:59:41 | 000,000,034 | ---- | C] () -- C:\Windows\System32\elcric.dat
[2007/12/20 15:53:57 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1295.dll
[2007/12/20 15:53:56 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2007/12/20 15:53:56 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2007/12/20 15:53:56 | 000,144,773 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2007/12/19 22:32:50 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2007/10/31 03:39:54 | 000,059,904 | ---- | C] () -- C:\Windows\System32\zlib1.dll
[2007/10/30 14:44:52 | 000,393,216 | ---- | C] () -- C:\Windows\System32\btwhidcs.dll
[2007/05/17 07:58:10 | 000,143,360 | ---- | C] () -- C:\Windows\System32\libexpatw.dll
[2007/04/16 07:24:16 | 000,023,752 | ---- | C] () -- C:\Windows\System32\providers.bin
[2007/02/07 11:58:12 | 000,039,899 | ---- | C] () -- C:\Windows\System32\rtsicis.ini
[2007/01/22 02:49:34 | 000,344,064 | ---- | C] () -- C:\Windows\System32\lxczcoin.dll
[2006/11/02 08:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 08:47:37 | 000,401,872 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 08:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 06:33:01 | 000,700,288 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 06:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 06:33:01 | 000,140,988 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 06:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 06:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 04:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 04:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 03:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/06/07 07:23:04 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxczcnv7.dll
[2006/03/27 05:19:14 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxczvs.dll
[2006/03/07 05:59:04 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxczcnv6.dll
[2006/01/10 11:11:06 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxczcnv5.dll
[2006/01/10 11:11:06 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxczcnv4.dll
[2001/11/14 17:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll

========== LOP Check ==========

[2010/07/27 12:13:51 | 000,000,000 | ---D | M] -- C:\Users\Alexandra\AppData\Roaming\A7E4693D4C44B747BEBCADA266E14B8F
[2010/10/27 02:36:35 | 000,000,000 | ---D | M] -- C:\Users\Alexandra\AppData\Roaming\acccore
[2009/01/11 14:43:57 | 000,000,000 | ---D | M] -- C:\Users\Alexandra\AppData\Roaming\ACD Systems
[2011/06/05 16:36:15 | 000,000,000 | ---D | M] -- C:\Users\Alexandra\AppData\Roaming\BitTorrent
[2010/12/17 22:48:33 | 000,000,000 | ---D | M] -- C:\Users\Alexandra\AppData\Roaming\Dev-Cpp
[2010/07/14 05:59:51 | 000,000,000 | ---D | M] -- C:\Users\Alexandra\AppData\Roaming\DiskAid
[2011/06/04 23:37:18 | 000,000,000 | ---D | M] -- C:\Users\Alexandra\AppData\Roaming\DNA
[2011/06/03 16:17:52 | 000,000,000 | ---D | M] -- C:\Users\Alexandra\AppData\Roaming\Dropbox
[2010/02/06 18:18:10 | 000,000,000 | ---D | M] -- C:\Users\Alexandra\AppData\Roaming\FarStone
[2011/02/18 22:33:28 | 000,000,000 | ---D | M] -- C:\Users\Alexandra\AppData\Roaming\Image Zone Express
[2009/10/12 20:16:27 | 000,000,000 | ---D | M] -- C:\Users\Alexandra\AppData\Roaming\Jabra
[2011/04/16 18:43:23 | 000,000,000 | ---D | M] -- C:\Users\Alexandra\AppData\Roaming\LimeWire
[2011/04/16 18:12:34 | 000,000,000 | ---D | M] -- C:\Users\Alexandra\AppData\Roaming\MusicNet
[2010/03/10 20:28:13 | 000,000,000 | ---D | M] -- C:\Users\Alexandra\AppData\Roaming\Nokia
[2011/06/04 14:52:05 | 000,000,000 | ---D | M] -- C:\Users\Alexandra\AppData\Roaming\Opera
[2009/09/19 21:27:49 | 000,000,000 | ---D | M] -- C:\Users\Alexandra\AppData\Roaming\PC Suite
[2009/07/24 07:50:50 | 000,000,000 | ---D | M] -- C:\Users\Alexandra\AppData\Roaming\Printer Info Cache
[2011/06/04 23:37:18 | 000,000,000 | ---D | M] -- C:\Users\Alexandra\AppData\Roaming\Qlock
[2010/03/13 16:26:20 | 000,000,000 | ---D | M] -- C:\Users\Alexandra\AppData\Roaming\Research In Motion
[2011/02/26 10:39:41 | 000,000,000 | ---D | M] -- C:\Users\Alexandra\AppData\Roaming\WindSolutions
[2010/01/28 13:45:19 | 000,000,000 | ---D | M] -- C:\Users\Alexandra\AppData\Roaming\zweitgeist
[2011/05/23 01:30:23 | 000,032,598 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011/06/04 19:40:51 | 000,000,426 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{7E7E64CB-B714-44CB-8064-85D510E98309}.job

========== Purity Check ==========



< End of report >
ndows\System32\perfc009.dat
[2006/11/02 06:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 06:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 04:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 04:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 03:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/06/07 07:23:04 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxczcnv7.dll
[2006/03/27 05:19:14 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxczvs.dll
[2006/03/07 05:59:04 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxczcnv6.dll
[2006/01/10 11:11:06 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxczcnv5.dll
[2006/01/10 11:11:06 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxczcnv4.dll
[2001/11/14 17:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll

< End of report >

Attached Files

  • Attached File  OTL.Txt   98.19KB   75 downloads

  • 0

#20
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
We will try Avenger once more, it revealed two further files, if that fails we will try a clean boot

Copy all the text contained in the code box below to your Clipboard by highlighting it and pressing (Ctrl+C):

Begin copying here:

Files to delete:
C:\Windows\System32\drivers\ogwkdtb.sys
C:\Windows\System32\drivers\httjdbi.sys
C:\Windows\XpIcfOpt.dll


Note: the above code was created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system.


3. Now, open the avenger folder and start The Avenger program by clicking on its icon.
  • Right click on the window under Input script here:, and select Paste.
  • You can also Paste the text copied to the clipboard into this window by pressing (Ctrl+V), or click on the third button under the menu to paste it from the clipboard.
  • Click on Execute
  • Answer "Yes" twice when prompted.
4. The Avenger will automatically do the following:
  • It will Restart your computer. ( In cases where the code to execute contains "Drivers to Delete" or "Drivers to Disable", The Avenger will actually restart your system twice.)
  • After the restart, it creates a log file that should open with the results of Avenger’s actions. This log file will be located at C:\avenger.txt
  • The Avenger will also have backed up all the files, etc., that you asked it to delete, and will have zipped them and moved the zip archives to C:\avenger\backup.zip.
5. Please copy/paste the content of c:\avenger.txt into your reply
  • 0

#21
rmuddana

rmuddana

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
I ran it again with these 3 steps. It restarted but not log created. I believe its because when the computer restarts, it is going into the BSOD and restarts again at which i am given the choice to enter into safe mode. May be the log gets created only if the computer restarts properly.

Am attaching the updated OTL log, just in case.

Thanks.

Attached Files

  • Attached File  OTL.Txt   98.19KB   74 downloads

  • 0

#22
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK lets try a clean boot - if this gets you to the normal boot we will then troubleshoot from there


Step 1: Start the System Configuration Utility
1. Click Start, click Run, type msconfig, and then click OK.
2. The System Configuration Utility dialog box is displayed.

Step 2: Configure selective startup options
1. In the System Configuration Utility dialog box, click the General tab, and then click Selective Startup.
2. Click to clear the Load Startup Items check box. Verify that Load System Services and Use Original BOOT.INI are checked.
3. Click the Services tab.
4. Click to select the Hide All Microsoft Services check box.
5. Click Disable All, and then click OK.
When you are prompted, click Restart to restart the computer.

Step 3: Log on to Windows
If you are prompted, log on to Windows.
When you receive the following message, click to select the Don't show this message or launch the System Configuration Utility when Windows start check box, and then click OK.

You have used the System Configuration Utility to make changes to the way Windows starts.
The System Configuration Utility is currently in Diagnostic or Selective Startup mode, causing this message to be displayed and the utility to run every time Windows starts.


  • 0

#23
rmuddana

rmuddana

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
Quick question. When you say clean boot, does that mean my data is deleted? As i explained before, i am holding very important sensitive data and cannot afford to lose it.

Thanks
  • 0

#24
rmuddana

rmuddana

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
When i get into msconfig utility, the three checkboxes under selective startup are checked but i am able to change only the system services. I cannot change the remaining two check boxes. I am able to hide all microsoft services and Disable all. Restarted the machine and it went into the BSOD. Restarted again to get into Safemode with networking.
  • 0

#25
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
No it does not delete any data it just disables non MS services

But from that we have determined it is one of the MS services at fault

Run OTL again please but this time select all services and drivers - then we can see if one is missing

  • 0

Advertisements


#26
rmuddana

rmuddana

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
I ran OTL according to the above instructions. Find attached the logs

Attached Files


  • 0

#27
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
I must admit I was hoping to find a missing driver there - but none were apparent

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
    [2011/05/28 17:58:23 | 000,000,000 | ---D | C] -- C:\ProgramData\bM28601KcLfD28601
    [2011/05/28 17:39:35 | 000,000,000 | ---D | C] -- C:\Windows\Sun
    [2011/05/27 02:40:30 | 000,000,000 | ---D | C] -- C:\Users\Alexandra\Desktop\New Folder
    [2011/05/20 23:48:22 | 000,000,000 | ---D | C] -- C:\Users\Alexandra\Desktop\Desktop1
    [2011/06/07 17:40:44 | 000,766,464 | ---- | M] () -- C:\Windows\System32\drivers\httjdbi.sys
    [2011/06/07 15:02:44 | 000,061,440 | ---- | M] () -- C:\Windows\System32\drivers\rehqklls.sys
    [2011/06/07 14:36:30 | 000,061,440 | ---- | M] () -- C:\Windows\System32\drivers\xxmtrif.sys
    [2011/06/07 13:50:37 | 000,061,440 | ---- | M] () -- C:\Windows\System32\drivers\ogwkdtb.sys

    :Files
    ipconfig /flushdns /c
    C:\ProgramData\bM28601KcLfD28601

    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [EMPTYFLASH]
    [CREATERESTOREPOINT]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

THEN

Please RIGHT-CLICK HERE and Save As (in IE it's "Save Target As", in FF it's "Save Link As") to download Silent Runners.
  • Save it to the desktop.
  • Run Silent Runner's by doubleclicking the "Silent Runners" icon on your desktop.
  • You will receive a prompt:
    • Do you want to skip supplementary searches?
      click NO
  • If you receive an error just click OK and double-click it to run it again - sometimes it won't run as it's supposed to the first time but will in subsequent runs.
  • You will see a text file appear on the desktop - it's not done, let it run (it won't appear to be doing anything!)
  • Once you receive the prompt All Done!, open the text file on the desktop, copy that entire log, and paste it here.
*NOTE* If you receive any warning message about scripts, please choose to allow the script to run.
  • 0

#28
rmuddana

rmuddana

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
Thanks for those steps. I really needed the laptop working and reinstalled the operating system after backing up the data.

I sincerely appreciate all your advice and your efforts in trying to get the problem fixed. You are very helpful and this will probably be the first resource i will look out for all future issues.

Thanks!
  • 0

#29
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
I am sorry we could not resolve this. But thank you for the feedback
  • 0

#30
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP