[karkalec]

I originally posted in the Windows 7 OS forum before being referred here. Here are the details of my problem:

I'm running Windows 7 Home Premium SP1 on a Dell XPS 410 Desktop, dual core Pentium 2.4 ghz. Yesterday it started freezing and I got a Windows error message about my Nvidia drivers, then a BSOD. Restarted ok after that. This morning when I attempted to start it up it started but on the bootup screen there were little blue dots all over the normally black background on the initial bootup page, and on the next bootup screen little white exclamation marks all over it. I am also seeing typos in the menus on the screen, "Use!Up/Eown asrows to highlight desired item." for example. Then the bootup froze. I attempted a hard restart and it booted into Startup repair automatically which failed before the screen simply turned grey. Now I can't get it to start at all except in safe mode. I have uninstalled and reinstalled video drivers, also run system file checker from install disc and it found nothing. Here is my OTL log:

OTL logfile created on: 11/6/2011 10:34:25 AM - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Justin\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.49 Gb Available Physical Memory | 83.15% Memory free
5.99 Gb Paging File | 5.53 Gb Available in Paging File | 92.33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 139.73 Gb Total Space | 36.15 Gb Free Space | 25.87% Space Free | Partition Type: NTFS
Drive D: | 298.09 Gb Total Space | 234.92 Gb Free Space | 78.81% Space Free | Partition Type: NTFS
Drive I: | 7.45 Gb Total Space | 6.04 Gb Free Space | 81.02% Space Free | Partition Type: FAT32

Computer Name: JUSTIN-PC | User Name: Justin | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/11/06 10:33:02 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Justin\Desktop\OTL.exe
PRC - [2011/08/02 07:47:41 | 001,944,930 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IDMan.exe
PRC - [2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2010/03/15 10:28:22 | 000,141,824 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/10/15 03:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011/10/14 23:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011/08/10 18:10:57 | 003,246,040 | ---- | M] (Acronis) [Auto | Stopped] -- C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv)
SRV - [2011/04/16 19:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Unknown | Stopped] -- C:\Program Files\Norton 360\Engine\5.1.0.29\ccSvcHst.exe -- (N360)
SRV - [2010/12/11 09:54:42 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/11/23 08:00:58 | 000,804,528 | ---- | M] (Acronis) [Auto | Stopped] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2010/09/18 13:53:36 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/07/13 20:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 20:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - [2011/10/15 03:53:00 | 010,327,360 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2011/10/14 18:10:08 | 000,818,808 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20111014.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2011/08/17 20:33:36 | 000,368,248 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20111025.030\IDSvix86.sys -- (IDSVix86)
DRV - [2011/08/10 18:10:58 | 000,167,968 | ---- | M] (Acronis) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\afcdp.sys -- (afcdp)
DRV - [2011/08/10 18:10:54 | 000,752,128 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\tdrpm273.sys -- (tdrpman273) Acronis Try&Decide and Restore Points filter (build 273)
DRV - [2011/08/10 18:10:53 | 000,600,928 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\timntr.sys -- (timounter)
DRV - [2011/08/10 18:10:49 | 000,170,528 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\snapman.sys -- (snapman)
DRV - [2011/08/04 16:53:30 | 001,576,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20111026.002\NAVEX15.SYS -- (NAVEX15)
DRV - [2011/08/04 16:53:30 | 000,374,392 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2011/08/04 16:53:30 | 000,105,592 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011/08/04 16:53:30 | 000,086,136 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20111026.002\NAVENG.SYS -- (NAVENG)
DRV - [2011/08/04 16:31:12 | 000,126,584 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2011/07/08 16:44:30 | 000,299,640 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\system32\drivers\N360\0501000.01D\SYMNETS.SYS -- (SymNetS)
DRV - [2011/07/06 10:14:42 | 000,089,376 | ---- | M] (Tonec Inc.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\idmwfp.sys -- (IDMWFP)
DRV - [2011/03/30 22:00:09 | 000,516,216 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\system32\drivers\N360\0501000.01D\SRTSP.SYS -- (SRTSP)
DRV - [2011/03/30 22:00:09 | 000,050,168 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\system32\drivers\N360\0501000.01D\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2011/03/18 11:08:54 | 000,025,240 | ---- | M] (Almico Software) [Kernel | Boot | Stopped] -- C:\Windows\system32\speedfan.sys -- (speedfan)
DRV - [2011/03/14 21:31:23 | 000,744,568 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\system32\drivers\N360\0501000.01D\SYMEFA.SYS -- (SymEFA)
DRV - [2011/02/23 15:50:44 | 000,016,184 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV - [2011/01/27 01:47:10 | 000,340,088 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\N360\0501000.01D\SYMDS.SYS -- (SymDS)
DRV - [2010/11/20 05:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 04:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/15 20:45:33 | 000,136,312 | R--- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\system32\drivers\N360\0501000.01D\Ironx86.SYS -- (SymIRON)
DRV - [2010/07/22 06:37:29 | 000,108,480 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2009/07/13 17:13:47 | 000,266,752 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTBS23.SYS -- (VSTHWBS2)
DRV - [2009/06/05 18:12:34 | 000,219,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6232.sys -- (e1express) Intel®
DRV - [2009/04/22 12:46:42 | 003,482,112 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC)
DRV - [2009/02/08 21:42:42 | 000,099,968 | ---- | M] (Guillemot Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hxctlflt.sys -- (hxctlflt)
DRV - [2005/10/20 14:00:04 | 000,243,328 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RT2500.sys -- (RT2500)
DRV - [1996/04/03 14:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Stopped] -- C:\Windows\system32\giveio.sys -- (giveio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://tffgwannabe.l...antasy.nfl.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 03 05 20 1D D2 14 CC 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.defaulturl: "http://www.bing.com/...TDF&PC=WLEM&q="
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com/ig"
FF - prefs.js..extensions.enabledItems: [email protected]:6.7
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.1
FF - prefs.js..keyword.URL: "http://www.bing.com/...TDF&PC=WLEM&q="

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Justin\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Justin\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\IPSFFPlgn\ [2011/09/28 14:12:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\coFFPlgn_2011_7_2_3 [2011/11/05 19:48:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/09/29 18:55:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/08/28 09:51:23 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\Justin\AppData\Roaming\IDM\idmmzcc5 [2011/08/06 11:12:23 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\[email protected]: C:\Users\Justin\AppData\Roaming\IDM\idmmzcc5 [2011/08/06 11:12:23 | 000,000,000 | ---D | M]

[2010/12/11 07:19:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Justin\AppData\Roaming\Mozilla\Extensions
[2011/11/05 19:48:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\gsgggaiz.default\extensions
[2011/10/10 17:32:26 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\gsgggaiz.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2011/11/05 19:48:48 | 000,000,000 | ---D | M] (IDM CC) -- C:\Users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\gsgggaiz.default\extensions\[email protected]
[2011/01/18 17:35:35 | 000,001,867 | ---- | M] () -- C:\Users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\gsgggaiz.default\searchplugins\amazon-search-plus-us.xml
[2011/08/05 07:04:13 | 000,002,469 | ---- | M] () -- C:\Users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\gsgggaiz.default\searchplugins\safesearch.xml
[2011/06/19 22:16:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/06/19 22:16:14 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011/11/05 19:48:46 | 000,000,000 | ---D | M] (Norton Toolbar) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\COFFPLGN_2011_7_2_3
[2011/09/28 14:12:17 | 000,000,000 | ---D | M] (Symantec IPS) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\IPSFFPLGN
() (No name found) -- C:\USERS\JUSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GSGGGAIZ.DEFAULT\EXTENSIONS\[email protected]
[2011/09/29 18:55:48 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/05/04 03:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010/01/01 03:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Justin\AppData\Local\Google\Chrome\Application\13.0.782.215\pdf.dll
CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Users\Justin\AppData\Local\Google\Chrome\Application\13.0.782.215\gears.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Justin\AppData\Local\Google\Chrome\Application\13.0.782.215\gcswf32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.0.50917.0\npctrl.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Justin\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: AT_DaleChihulyV3 = C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnenonhiffdmndmgiinmldkabciohign\3_0\

O1 HOSTS File: ([2009/06/10 16:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\5.1.0.29\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\5.1.0.29\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\5.1.0.29\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\RunOnce: [GrpConv] C:\Windows\System32\grpconv.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://www.pcpitstop...t/PCPitStop.CAB (PCPitstop Utility)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {9732FB42-C321-11D1-836F-00A0C993F125} http://www.pcpitstop.com/mhLbl.cab (mhLabel Class)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{59EA9BCB-53A0-48EB-ACB8-3A89DC130BBD}: DhcpNameServer = 209.18.47.61 209.18.47.62 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (acaptuser32.dll) -C:\Windows\System32\acaptuser32.dll (Adobe Systems, Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 16:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\Menu.exe
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\cpysi.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/11/06 10:34:15 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Justin\Desktop\OTL.exe
[2011/11/06 09:49:53 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
[2011/11/06 09:49:52 | 000,000,000 | ---D | C] -- C:\Program Files\SpeedFan
[2011/11/06 09:21:10 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\ElevatedDiagnostics
[2011/11/05 13:53:54 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2011/11/04 17:51:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Techland
[2011/11/04 17:41:18 | 000,000,000 | ---D | C] -- C:\Program Files\Techland
[2011/10/26 19:20:24 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Roaming\Ashampoo
[2011/10/26 19:20:17 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\ashampoo
[2011/10/26 19:20:17 | 000,000,000 | ---D | C] -- C:\ProgramData\ashampoo
[2011/10/26 19:20:01 | 000,000,000 | ---D | C] -- C:\Program Files\Ashampoo
[2011/10/25 17:59:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2011/10/25 17:58:27 | 018,871,616 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll
[2011/10/25 17:58:27 | 017,248,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll
[2011/10/25 17:58:27 | 013,205,312 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvd3dum.dll
[2011/10/25 17:58:27 | 010,327,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys
[2011/10/25 17:58:27 | 005,578,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll
[2011/10/25 17:58:27 | 002,401,088 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll
[2011/10/25 17:58:27 | 002,099,520 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll
[2011/10/25 17:58:27 | 000,061,248 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll
[2011/10/25 17:56:26 | 112,898,640 | ---- | C] (NVIDIA Corporation) -- C:\Users\Justin\Desktop\285.62-desktop-win7-winvista-32bit-english-whql.exe
[2011/10/17 15:26:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011/10/17 15:25:58 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/10/17 15:25:58 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/10/17 15:24:09 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011/10/17 15:24:06 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011/10/11 18:33:40 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011/10/11 18:33:39 | 001,798,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2011/10/11 18:33:39 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011/10/11 18:33:39 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011/10/11 18:33:38 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011/10/11 15:36:08 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2011/10/11 15:36:08 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2011/10/11 15:36:01 | 002,334,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011/10/08 16:34:18 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\id Software
[2011/10/08 13:58:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bethesda Softworks
[2011/10/08 13:37:43 | 000,000,000 | ---D | C] -- C:\Program Files\Bethesda Softworks
[2010/11/07 13:04:15 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Justin\AppData\Roaming\pcouffin.sys
[2008/08/21 10:46:20 | 000,184,320 | ---- | C] ( ) -- C:\Windows\System32\rsnp2uvc.dll
[2007/07/04 14:28:52 | 000,176,128 | ---- | C] ( ) -- C:\Windows\System32\csnp2uvc.dll
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/11/06 10:33:02 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Justin\Desktop\OTL.exe
[2011/11/06 09:50:15 | 000,623,940 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/11/06 09:50:15 | 000,106,316 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/11/06 09:49:53 | 000,000,965 | ---- | M] () -- C:\Users\Justin\Desktop\SpeedFan.lnk
[2011/11/06 09:49:52 | 000,000,045 | ---- | M] () -- C:\Windows\System32\initdebug.nfo
[2011/11/06 09:49:24 | 002,108,256 | ---- | M] () -- C:\Users\Justin\Desktop\installspeedfan445.exe
[2011/11/06 09:37:50 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011/11/06 09:22:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/11/06 09:22:23 | 2414,284,800 | -HS- | M] () -- C:\hiberfil.sys
[2011/11/05 15:59:37 | 290,547,503 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/10/26 14:19:00 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2351278902-939780460-847043857-1001UA.job
[2011/10/26 13:48:41 | 000,013,440 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/10/26 13:48:41 | 000,013,440 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/10/26 13:41:27 | 000,000,202 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job
[2011/10/25 17:57:51 | 112,898,640 | ---- | M] (NVIDIA Corporation) -- C:\Users\Justin\Desktop\285.62-desktop-win7-winvista-32bit-english-whql.exe
[2011/10/25 17:19:00 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2351278902-939780460-847043857-1001Core.job
[2011/10/20 19:05:24 | 000,001,057 | ---- | M] () -- C:\Users\Justin\AppData\Roaming\vso_ts_preview.xml
[2011/10/15 03:53:00 | 018,871,616 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll
[2011/10/15 03:53:00 | 017,248,576 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll
[2011/10/15 03:53:00 | 013,205,312 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvd3dum.dll
[2011/10/15 03:53:00 | 010,327,360 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys
[2011/10/15 03:53:00 | 007,041,856 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvwgf2um.dll
[2011/10/15 03:53:00 | 006,350,144 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcpl.dll
[2011/10/15 03:53:00 | 005,578,560 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll
[2011/10/15 03:53:00 | 003,840,320 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvsvc.dll
[2011/10/15 03:53:00 | 002,458,432 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvapi.dll
[2011/10/15 03:53:00 | 002,401,088 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll
[2011/10/15 03:53:00 | 002,099,520 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll
[2011/10/15 03:53:00 | 000,919,872 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco32.dll
[2011/10/15 03:53:00 | 000,877,376 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvgenco32.dll
[2011/10/15 03:53:00 | 000,602,432 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\easyUpdatusAPIU.dll
[2011/10/15 03:53:00 | 000,203,072 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvmctray.dll
[2011/10/15 03:53:00 | 000,123,712 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvshext.dll
[2011/10/15 03:53:00 | 000,061,248 | ---- | M] (Khronos Group) -- C:\Windows\System32\OpenCL.dll
[2011/10/15 03:53:00 | 000,004,359 | ---- | M] () -- C:\Windows\System32\nvinfo.pb
[2011/10/14 23:54:52 | 000,321,856 | ---- | M] () -- C:\Windows\System32\nvStreaming.exe
[2011/10/12 12:19:25 | 000,413,424 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/11/06 09:49:53 | 000,000,965 | ---- | C] () -- C:\Users\Justin\Desktop\SpeedFan.lnk
[2011/11/06 09:49:52 | 000,000,045 | ---- | C] () -- C:\Windows\System32\initdebug.nfo
[2011/11/06 09:49:42 | 002,108,256 | ---- | C] () -- C:\Users\Justin\Desktop\installspeedfan445.exe
[2011/11/05 15:57:44 | 290,547,503 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011/10/29 07:42:12 | 084,993,592 | ---- | C] () -- C:\Users\Justin\Desktop\009.AVI
[2011/10/14 23:54:52 | 000,321,856 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe
[2011/05/26 20:01:02 | 000,029,008 | ---- | C] () -- C:\Windows\System32\SmartDefragBootTime.exe
[2011/05/26 20:01:02 | 000,016,184 | ---- | C] () -- C:\Windows\System32\drivers\SmartDefragDriver.sys
[2011/04/09 17:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2011/03/24 17:26:45 | 000,111,932 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
[2011/03/24 17:26:45 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat
[2011/03/24 17:26:45 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat
[2011/03/24 17:26:45 | 000,026,154 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat
[2011/03/24 17:26:45 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat
[2011/03/24 17:26:45 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat
[2011/03/24 17:26:45 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2011/03/24 17:26:45 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat
[2011/03/24 17:26:45 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat
[2011/03/24 17:26:45 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat
[2011/03/24 17:26:45 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
[2011/03/24 17:26:45 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
[2011/03/24 17:26:45 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
[2011/03/24 17:26:45 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
[2011/03/24 17:26:45 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
[2011/03/24 17:26:45 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat
[2011/03/24 17:26:45 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat
[2011/03/24 17:26:45 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
[2011/03/24 17:26:45 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2010/12/11 07:24:16 | 000,021,316 | ---- | C] () -- C:\Windows\System32\emptyregdb.dat
[2010/11/29 20:47:38 | 000,000,135 | ---- | C] () -- C:\Windows\AutoKMS.ini
[2010/11/07 13:04:15 | 000,087,608 | ---- | C] () -- C:\Users\Justin\AppData\Roaming\inst.exe
[2010/11/07 13:04:15 | 000,007,887 | ---- | C] () -- C:\Users\Justin\AppData\Roaming\pcouffin.cat
[2010/11/07 13:04:15 | 000,001,144 | ---- | C] () -- C:\Users\Justin\AppData\Roaming\pcouffin.inf
[2010/10/24 18:45:57 | 000,001,057 | ---- | C] () -- C:\Users\Justin\AppData\Roaming\vso_ts_preview.xml
[2010/09/17 19:59:33 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2010/09/17 19:59:32 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2010/09/17 19:59:31 | 000,790,528 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2010/09/17 19:59:30 | 000,134,144 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2010/09/17 19:59:30 | 000,108,032 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 14:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009/07/13 23:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 23:33:53 | 000,413,424 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/13 21:05:48 | 000,623,940 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/13 21:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/13 21:05:48 | 000,106,316 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/13 21:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/13 21:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/13 21:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/13 18:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 18:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/06/10 16:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2009/04/22 12:46:42 | 003,482,112 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2008/07/16 07:59:38 | 000,027,264 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys
[2006/05/19 08:39:58 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini
[2005/04/07 21:16:43 | 000,001,888 | -H-- | C] () -- C:\Users\Justin\AppData\Roaming\Justinlog.dat
[1996/04/03 14:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys

========== Alternate Data Streams ==========

@Alternate Data Stream - 172 bytes -> C:\ProgramData\TEMP:C97C8631
@Alternate Data Stream - 172 bytes -> C:\ProgramData\TEMP:8CE646EE

< End of report >

[Advertisements]

Hi, welcome to GeeksToGo! I'm havredave, and I'll do my best to help you fix whatever it is that ails your computer.

Just a few things before we begin, to ease the process on both of us:

• Please don't run any scanning or cleaning software without my direction, as it can make things worse and take longer in the long run.
  
• Please be patient. A good cleaning can take quite a while, and usually involves many steps before it is complete. I may not post back quickly, because I often have to research issues or run ideas by my peers for a more thorough fix. Also, I'm currently still in training, so there may be a longer than normal pause between my posts as I get expert feedback and permission to post each fix.
  
• You may wish to print out each instruction post in case you lose Internet connectivity (using safe mode, for example), so you can complete the fix.
  
• If you have any question on any step, or if something doesn't work as described, please stop and ask before we proceed. Better safe than sorry!
  
• Please paste your logs into your replies instead of attaching them. This makes it far easier to review. Feel free to use multiple replies if you need to.
  
• Please stick with me until I let you know we're finished. Even if the machine is running better, it doesn't mean it's clean.

As it's been a while since your scans were done, please do the following to generate some fresh ones for me:

First:

Download a new copy of OTL to your Desktop.

• Double click on the OTL icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
• Copy the text from the codeblock below (ctrl-c) and paste it (ctrl-v) into the Custom Scans/Fixes box.
  
  

  netsvcs
  %SYSTEMDRIVE%\*.exe
  %USERPROFILE%\..|smtmp;true;true;true /FP
  /md5start
  explorer.exe
  winlogon.exe
  Userinit.exe
  svchost.exe
  volsnap.sys
  /md5stop
  %systemroot%\*. /mp /s
  hklm\software\clients\startmenuinternet|command /rs
  hklm\software\clients\startmenuinternet|command /64 /rs
  CREATERESTOREPOINT
  

• Put a checkmark in the Scan All Users checkbox.
• Put checkmarks in the LOP Check and Purity Check checkboxes.
• Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  
• When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
• Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic

Next:

Download aswMBR.exe ( 511KB ) to your desktop.

Double click the aswMBR.exe to run it

If it asks you to download virus definitions, please say yes.

Click the "Scan" button to start scan. It could take a while, especially for the virus scan part. Do not let it fix anything, just do the scan.


On completion of the scan click save log, save it to your desktop and post in your next reply

[havredave]

Hi, welcome to GeeksToGo! I'm havredave, and I'll do my best to help you fix whatever it is that ails your computer.

Just a few things before we begin, to ease the process on both of us:

• Please don't run any scanning or cleaning software without my direction, as it can make things worse and take longer in the long run.
  
• Please be patient. A good cleaning can take quite a while, and usually involves many steps before it is complete. I may not post back quickly, because I often have to research issues or run ideas by my peers for a more thorough fix. Also, I'm currently still in training, so there may be a longer than normal pause between my posts as I get expert feedback and permission to post each fix.
  
• You may wish to print out each instruction post in case you lose Internet connectivity (using safe mode, for example), so you can complete the fix.
  
• If you have any question on any step, or if something doesn't work as described, please stop and ask before we proceed. Better safe than sorry!
  
• Please paste your logs into your replies instead of attaching them. This makes it far easier to review. Feel free to use multiple replies if you need to.
  
• Please stick with me until I let you know we're finished. Even if the machine is running better, it doesn't mean it's clean.

As it's been a while since your scans were done, please do the following to generate some fresh ones for me:

First:

Download a new copy of OTL to your Desktop.

• Double click on the OTL icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
• Copy the text from the codeblock below (ctrl-c) and paste it (ctrl-v) into the Custom Scans/Fixes box.
  
  

  netsvcs
  %SYSTEMDRIVE%\*.exe
  %USERPROFILE%\..|smtmp;true;true;true /FP
  /md5start
  explorer.exe
  winlogon.exe
  Userinit.exe
  svchost.exe
  volsnap.sys
  /md5stop
  %systemroot%\*. /mp /s
  hklm\software\clients\startmenuinternet|command /rs
  hklm\software\clients\startmenuinternet|command /64 /rs
  CREATERESTOREPOINT
  

• Put a checkmark in the Scan All Users checkbox.
• Put checkmarks in the LOP Check and Purity Check checkboxes.
• Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  
• When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
• Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic

Next:

Download aswMBR.exe ( 511KB ) to your desktop.

Double click the aswMBR.exe to run it

If it asks you to download virus definitions, please say yes.

Click the "Scan" button to start scan. It could take a while, especially for the virus scan part. Do not let it fix anything, just do the scan.


On completion of the scan click save log, save it to your desktop and post in your next reply

[havredave]

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.