Cannot boot PC & Blue screen

2 posters

GeekPolice :: GeekPolice tech support archive :: Technical Support

Cannot boot PC & Blue screen21st June 2010, 8:26 pm

Recently, I began getting blue screens and my computer crashed frequently. I was going to get help soon but today my computer shut down and will not allow me to sign into my account. I tried safe mode and every option I was given but could not find any way to get on. Can you please help me?
-Matthew

Re: Cannot boot PC & Blue screen21st June 2010, 11:21 pm

Hello, and welcome to GeekPolice.

Please note the following information about the malware forum:

Only Tech Officers, Global Moderators, Administrators, and Malware Advisors are allowed to give advice on removing malware from your computer.
From this point on, please do not make any more changes to your computer; such as install/uninstall programs, use special fix tools, delete files, edit the registry, etc. - unless advised by the staff I noted above.
Please do not ask for help elsewhere (in this site or other sites). Doing so can result in system changes, which may not show up in the logs you post.
If you have already asked for help somewhere, please post the link to the topic you were helped.
We try our best to reply quickly, but for any reason we do not reply in two days, do one of two things:

Reply to this topic with the word BUMP, or
see this topic.
Lastly, keep in mind that we are volunteers, so you do not have to pay for malware removal. Persist in this topic until its close, and your computer is declared clean.

We are going to be using a Windows Recovery Environment to help disinfect the system so it may boot again.

Download the OTLPE Network REATOGO Windows Recovery Environment.

Place a blank CD-R disc in to your CD burning drive.
Download OTLPENet.exe and double-click on it to burn to a CD using ISO Burner.
Reboot your system using the boot CD you just created.

Note : If you do not know how to set your computer to boot from CD follow the steps here
Your system should now display a REATOGO-X-PE desktop.
Double-click on the OTLPE icon.
When asked "Do you wish to load the remote registry", select Yes
When asked "Do you wish to load remote user profile(s) for scanning", select Yes
Ensure the box "Automatically Load All Remaining Users" is checked and press OK
OTL should now start. Change the following settings
- Change Drivers to Non-Microsoft
- Press Run Scan to start the scan.
- When finished, the file will be saved in drive C:\_OTL\MovedFiles
- Copy this file to your USB drive if you do not have internet connection on this system
- Please post the contents of the OTL.txt file in your reply.

Re: Cannot boot PC & Blue screen22nd June 2010, 1:30 am

Here you go hopefully I got this right.

OTL logfile created on: 6/21/2010 10:17:32 PM - Run
OTLPE by OldTimer - Version 3.1.39.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 90.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): C:\pagefile.sys 5000 5000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232.88 Gb Total Space | 64.24 Gb Free Space | 27.58% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive X: | 433.24 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO
Current User Name: SYSTEM
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
Using ControlSet: ControlSet003

========== Win32 Services (SafeList) ==========

SRV - [2010/05/14 11:00:26 | 000,249,136 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2010/04/27 17:16:24 | 000,188,136 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe -- (mfefire)
SRV - [2010/04/27 17:16:24 | 000,141,792 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe -- (mfevtp)
SRV - [2010/04/14 12:29:58 | 000,170,144 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe -- (McShield)
SRV - [2010/03/30 11:16:12 | 001,107,336 | ---- | M] (LogMeIn Inc.) [Auto] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2010/03/26 11:16:04 | 000,093,320 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2010/03/10 11:16:56 | 000,364,216 | ---- | M] (McAfee, Inc.) [On_Demand] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2010/03/01 10:48:16 | 001,029,456 | ---- | M] (Lavasoft) [Auto] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2009/12/14 21:08:40 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV - [2009/12/14 21:08:40 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV - [2009/12/14 21:08:40 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV - [2009/12/14 21:08:40 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV - [2009/12/14 21:08:40 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV - [2009/12/14 21:08:40 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2009/08/05 23:48:42 | 000,704,864 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2009/07/25 00:32:34 | 001,492,344 | ---- | M] (RealVNC Ltd.) [On_Demand] -- C:\Program Files\RealVNC\VNC4\WinVNC4.exe -- (WinVNC4)
SRV - [2009/07/13 09:28:31 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/06/16 21:27:32 | 000,368,644 | ---- | M] () [On_Demand] -- C:\Program Files\NCH Software\BroadCam\broadCam.exe -- (BroadCamService)
SRV - [2009/04/14 11:53:00 | 002,784,285 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc)
SRV - [2009/02/15 00:22:12 | 006,558,336 | ---- | M] () [On_Demand] -- C:\Nexon\V55\wamp\bin\mysql\mysql5.1.32\bin\mysqld.exe -- (wampmysqld)
SRV - [2009/01/30 13:07:00 | 005,795,840 | ---- | M] () [Auto] -- C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe -- (MySQL)
SRV - [2008/12/10 00:10:14 | 000,024,636 | ---- | M] (Apache Software Foundation) [On_Demand] -- C:\Nexon\V55\wamp\bin\apache\apache2.2.11\bin\httpd.exe -- (wampapache)
SRV - [2008/11/05 21:08:55 | 000,106,496 | ---- | M] (Acronis) [Auto] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2008/07/10 20:28:06 | 040,999,448 | ---- | M] (Microsoft Corporation) [Auto] -- c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe -- (MSSQL$SQLEXPRESS) SQL Server (SQLEXPRESS)
SRV - [2008/07/10 20:28:06 | 000,369,688 | ---- | M] (Microsoft Corporation) [Disabled] -- c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE -- (SQLAgent$SQLEXPRESS) SQL Server Agent (SQLEXPRESS)
SRV - [2008/07/10 20:28:04 | 000,047,128 | ---- | M] (Microsoft Corporation) [Disabled] -- c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE -- (MSSQLServerADHelper100)
SRV - [2008/07/10 02:49:44 | 000,098,840 | ---- | M] (Microsoft Corporation) [Auto] -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)
SRV - [2008/07/10 02:49:34 | 000,258,072 | ---- | M] (Microsoft Corporation) [Disabled] -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe -- (SQLBrowser)
SRV - [2005/09/23 08:01:16 | 002,799,808 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe -- (msvsmon80)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\Alan_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
IE - HKU\Alan_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Alan_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\ASPNET_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ca.msn.com/iat/us_ca.aspx
IE - HKU\ASPNET_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\ASPNET_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 70 05 C4 5F D2 4A CA 01 [binary data]
IE - HKU\ASPNET_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Secure Search"
FF - prefs.js..browser.search.selectedEngine: "Secure Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.bing.com/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2
FF - prefs.js..extensions.enabledItems: {59c81df5-4b7a-477b-912d-4e0fdf64e5f2}:0.9.86
FF - prefs.js..extensions.enabledItems: {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}:3.2
FF - prefs.js..extensions.enabledItems: {6F0976E6-26F3-4AFE-BBEC-9E99E27E4DF3}:1.3.1
FF - prefs.js..extensions.enabledItems: {0b457cAA-602d-484a-8fe7-c1d894a011ba}:0.80
FF - prefs.js..extensions.enabledItems: {81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}:6.6.5.0
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.1
FF - prefs.js..extensions.enabledItems: {64161300-e22b-11db-8314-0800200c9a66}:0.9.5
FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.2
FF - prefs.js..extensions.enabledItems: {c8f71e5b-88f8-42a7-98bb-e4c506161de9}:0.4
FF - prefs.js..extensions.enabledItems: {d122ad80-ff45-11dd-87af-0800200c9a66}:3.6.29.01.10
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=mcafee&p="

FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2010/06/05 11:17:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/05/21 15:27:05 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/04/04 10:08:21 | 000,000,000 | ---D | M]

[2010/06/08 16:37:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Application Data\Mozilla\Extensions
[2010/06/08 16:37:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2010/06/20 20:02:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Application Data\Mozilla\Firefox\Profiles\5mxin21v.default\extensions
[2009/10/31 11:17:30 | 000,000,000 | ---D | M] (FireShot) -- C:\Documents and Settings\Alan\Application Data\Mozilla\Firefox\Profiles\5mxin21v.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}
[2010/05/12 17:06:37 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Alan\Application Data\Mozilla\Firefox\Profiles\5mxin21v.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/12/17 17:24:15 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Documents and Settings\Alan\Application Data\Mozilla\Firefox\Profiles\5mxin21v.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
[2010/03/14 16:00:42 | 000,000,000 | ---D | M] (Speed Dial) -- C:\Documents and Settings\Alan\Application Data\Mozilla\Firefox\Profiles\5mxin21v.default\extensions\{64161300-e22b-11db-8314-0800200c9a66}
[2009/12/05 10:11:26 | 000,000,000 | ---D | M] (Fire.fm) -- C:\Documents and Settings\Alan\Application Data\Mozilla\Firefox\Profiles\5mxin21v.default\extensions\{6F0976E6-26F3-4AFE-BBEC-9E99E27E4DF3}
[2010/05/12 17:06:36 | 000,000,000 | ---D | M] (iMacros for Firefox) -- C:\Documents and Settings\Alan\Application Data\Mozilla\Firefox\Profiles\5mxin21v.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}
[2010/05/12 17:06:31 | 000,000,000 | ---D | M] (Easy Youtube Video Downloader) -- C:\Documents and Settings\Alan\Application Data\Mozilla\Firefox\Profiles\5mxin21v.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}
[2010/03/14 16:00:36 | 000,000,000 | ---D | M] (AmbientFox) -- C:\Documents and Settings\Alan\Application Data\Mozilla\Firefox\Profiles\5mxin21v.default\extensions\{c8f71e5b-88f8-42a7-98bb-e4c506161de9}
[2010/05/12 17:06:32 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Alan\Application Data\Mozilla\Firefox\Profiles\5mxin21v.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/01/30 12:40:25 | 000,000,000 | ---D | M] (Green Fox) -- C:\Documents and Settings\Alan\Application Data\Mozilla\Firefox\Profiles\5mxin21v.default\extensions\{d122ad80-ff45-11dd-87af-0800200c9a66}
[2009/10/13 18:22:25 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Alan\Application Data\Mozilla\Firefox\Profiles\5mxin21v.default\extensions\{dc572301-7619-498c-a57d-39143191b318}
[2010/04/08 17:24:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Application Data\Mozilla\Firefox\Profiles\5mxin21v.default\extensions\DTToolbar@toolbarnet.com
[2009/09/05 09:00:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Application Data\Mozilla\Firefox\Profiles\5mxin21v.default\extensions\redshift_V2@shift-themes.com
[2009/10/06 20:09:00 | 000,002,172 | ---- | M] () -- C:\Documents and Settings\Alan\Application Data\Mozilla\Firefox\Profiles\5mxin21v.default\searchplugins\bing.xml
[2010/06/20 20:02:15 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/04/27 17:16:24 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Mozilla Firefox\components\scriptff.dll
[2009/07/03 01:34:44 | 000,083,376 | ---- | M] (NHN USA Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npijjiautoinstallpluginff.dll
[2009/01/28 23:08:04 | 000,132,528 | ---- | M] (NHN USA Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npijjiCHPlugin.dll
[2008/09/10 03:39:42 | 000,075,184 | ---- | M] (NHN USA Inc. ) -- C:\Program Files\Mozilla Firefox\plugins\npijjiFFPlugin1.dll
[2010/02/06 19:12:50 | 000,238,776 | ---- | M] (Pando Networks) -- C:\Program Files\Mozilla Firefox\plugins\npPandoWebInst.dll
[2010/06/11 10:11:10 | 000,002,024 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\McSiteAdvisor.xml

O1 HOSTS File: ([2009/10/08 20:42:40 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll (TechSmith Corporation)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\McAfee\MSK\mskapbho.dll ()
O2 - BHO: (FGCatchUrl) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll (www.flashget.com)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\scriptSn.20100521152705.dll (McAfee, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (FlashGet GetFlash Class) - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll (www.flashget.com)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (Snagit) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 9\SnagitIEAddin.dll (TechSmith Corporation)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKU\Alan_ON_C\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\Alan_ON_C\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKU\Alan_ON_C\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKU\ASPNET_ON_C\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\ASPNET_ON_C\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
O4 - HKLM..\Run: [Flashget] C:\Program Files\FlashGet\FlashGet.exe (FlashGet.com)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [ULiRaid] C:\Program Files\ULiRaid\ULiRaid.exe (ULi Electronics Inc.)
O4 - HKU\Alan_ON_C..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\Alan_ON_C..\Run: [msupdate] C:\WINDOWS\System32\javaw.exe (Sun Microsystems, Inc.)
O4 - HKU\Alan_ON_C..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe ()
O4 - HKU\Alan_ON_C..\Run: [Steam] c:\program files\steamm\steam.exe (Valve Corporation)
O4 - Startup: C:\Documents and Settings\Alan\Start Menu\Programs\Startup\crisisx_updater.jar ()
O4 - Startup: C:\Documents and Settings\Alan\Start Menu\Programs\Startup\LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe (Lime Wire, LLC)
O4 - Startup: C:\Documents and Settings\Alan\Start Menu\Programs\Startup\TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe (AKSoftware)
O4 - Startup: C:\Documents and Settings\Alan\Start Menu\Programs\Startup\UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe ()
O4 - Startup: C:\Documents and Settings\Alan\Start Menu\Programs\Startup\Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe (Y'z@Home)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\Alan_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\Alan_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\Alan_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\Alan_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\Alan_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\DisableRegistryTools: = 0
O7 - HKU\ASPNET_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\ASPNET_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\systemprofile_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\JC_ALL.HTM ()
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\JC_LINK.HTM ()
O8 - Extra context menu item: &Google Search - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O8 - Extra context menu item: Backward Links - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O8 - Extra context menu item: Cached Snapshot of Page - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Similar Pages - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O8 - Extra context menu item: Translate into English - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe (FlashGet.com)
O9 - Extra 'Tools' menuitem : FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe (FlashGet.com)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} http://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab (System Requirements Lab Class)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab (DLM Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1224556723562 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab (PhotoPickConvert Class)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (wbsys.dll) - C:\WINDOWS\System32\wbsys.dll (Stardock.Net, Inc)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\WB: DllName - C:\Program Files\AlienGUIse\fastload.dll - C:\Program Files\AlienGUIse\fastload.dll (Stardock)
O24 - Desktop WallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/10/20 21:37:29 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{f09e7261-9ee8-11dd-b3e3-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{f09e7261-9ee8-11dd-b3e3-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{f09e7261-9ee8-11dd-b3e3-806d6172696f}\Shell\AutoRun\command - "" = D:\AUTORUN.EXE -- File not found
O34 - HKLM BootExecute: (autocheck autochk /p \??\C:) - File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/06/15 17:33:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alan\Application Data\Datel
[2010/06/15 17:32:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alan\Local Settings\Application Data\GameTuts
[2010/06/15 17:32:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alan\Application Data\GameTuts
[2010/06/15 17:31:54 | 016,726,528 | ---- | C] (GameTuts) -- C:\Documents and Settings\Alan\Desktop\Modio.exe
[2010/06/11 11:52:42 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\LocalService\IETldCache
[2010/06/11 10:21:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\BricoPacks
[2010/06/08 23:18:58 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2010/06/08 16:38:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alan\My Documents\LimeWire
[2010/06/08 16:37:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alan\Application Data\LimeWire
[2010/06/08 16:36:47 | 000,000,000 | ---D | C] -- C:\Program Files\LimeWire
[2010/06/05 14:57:10 | 000,000,000 | ---D | C] -- C:\Program Files\LastCo
[8 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/06/21 14:06:03 | 000,901,120 | ---- | M] () -- C:\Documents and Settings\Alan\Desktop\savegame.svg
[2010/06/21 13:57:53 | 000,069,632 | ---- | M] () -- C:\Documents and Settings\Alan\Desktop\mpdata_e00004ab5a6d4b0a
[2010/06/21 13:45:23 | 000,531,368 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/06/21 13:45:23 | 000,104,234 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/06/21 13:45:21 | 000,647,600 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/06/21 13:42:33 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/06/21 13:40:06 | 000,194,297 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010/06/21 13:39:52 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/06/21 13:39:50 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/06/21 13:39:48 | 3069,497,344 | -HS- | M] () -- C:\hiberfil.sys
[2010/06/21 11:37:47 | 000,000,213 | ---- | M] () -- C:\Documents and Settings\Alan\Desktop\Condition Zero.url
[2010/06/21 09:48:36 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010/06/18 21:31:06 | 000,061,440 | ---- | M] () -- C:\Documents and Settings\Alan\Desktop\R6_EquipEquipmentTemplate
[2010/06/18 04:05:23 | 002,149,344 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/06/18 00:23:39 | 001,142,784 | ---- | M] () -- C:\Documents and Settings\Alan\Desktop\Save_0___01C8F64E451C8C80
[2010/06/14 16:23:44 | 000,608,256 | ---- | M] () -- C:\Documents and Settings\Alan\Desktop\blackra1n.exe
[2010/06/11 15:33:19 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/06/11 11:51:38 | 000,139,152 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010/06/11 10:38:08 | 010,223,616 | -H-- | M] () -- C:\Documents and Settings\Alan\NTUSER.DAT
[2010/06/11 10:25:30 | 000,262,144 | -H-- | M] () -- C:\Documents and Settings\NetworkService\NTUSER.DAT
[2010/06/11 10:25:30 | 000,262,144 | -H-- | M] () -- C:\Documents and Settings\LocalService\NTUSER.DAT
[2010/06/11 10:24:42 | 000,064,949 | ---- | M] () -- C:\WINDOWS\BricoPackUninst.cmd
[2010/06/11 10:24:42 | 000,006,112 | ---- | M] () -- C:\WINDOWS\BricoPackFoldersDelete.cmd
[2010/06/11 10:24:34 | 005,760,054 | ---- | M] () -- C:\WINDOWS\BricoPack Wallpaper.bmp
[2010/06/11 10:24:34 | 000,000,833 | ---- | M] () -- C:\Documents and Settings\Alan\Start Menu\Programs\Startup\TransBar.lnk
[2010/06/11 10:24:33 | 000,000,867 | ---- | M] () -- C:\Documents and Settings\Alan\Start Menu\Programs\Startup\UberIcon.lnk
[2010/06/11 10:23:15 | 000,000,827 | ---- | M] () -- C:\Documents and Settings\Alan\Start Menu\Programs\Startup\Y'z Shadow.lnk
[2010/06/11 01:09:55 | 000,001,561 | ---- | M] () -- C:\Documents and Settings\Alan\Desktop\AlienGUIse.lnk
[2010/06/11 01:08:58 | 000,000,056 | ---- | M] () -- C:\WINDOWS\wb.ini
[2010/06/09 03:17:19 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/06/08 17:03:00 | 000,030,720 | ---- | M] () -- C:\Documents and Settings\Alan\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/06/08 16:38:09 | 000,001,541 | ---- | M] () -- C:\Documents and Settings\Alan\Start Menu\Programs\Startup\LimeWire On Startup.lnk
[2010/06/08 16:37:04 | 000,001,583 | ---- | M] () -- C:\Documents and Settings\Alan\Desktop\LimeWire 5.5.9.lnk
[2010/06/05 15:09:54 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\Alan\Desktop\Shortcut to LastCO.lnk
[2010/06/05 14:55:26 | 366,596,207 | ---- | M] () -- C:\Documents and Settings\Alan\Desktop\LastCO.exe
[2010/05/27 20:09:00 | 000,041,872 | ---- | M] () -- C:\WINDOWS\System32\xfcodec.dll
[8 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/06/21 14:06:03 | 000,901,120 | ---- | C] () -- C:\Documents and Settings\Alan\Desktop\savegame.svg
[2010/06/21 13:38:04 | 000,069,632 | ---- | C] () -- C:\Documents and Settings\Alan\Desktop\mpdata_e00004ab5a6d4b0a
[2010/06/21 11:37:47 | 000,000,213 | ---- | C] () -- C:\Documents and Settings\Alan\Desktop\Condition Zero.url
[2010/06/18 21:31:06 | 000,061,440 | ---- | C] () -- C:\Documents and Settings\Alan\Desktop\R6_EquipEquipmentTemplate
[2010/06/18 00:22:24 | 001,142,784 | ---- | C] () -- C:\Documents and Settings\Alan\Desktop\Save_0___01C8F64E451C8C80
[2010/06/14 16:23:59 | 000,001,108 | ---- | C] () -- C:\Documents and Settings\Alan\blackra1n.log
[2010/06/14 16:23:43 | 000,608,256 | ---- | C] () -- C:\Documents and Settings\Alan\Desktop\blackra1n.exe
[2010/06/11 10:29:22 | 000,000,827 | ---- | C] () -- C:\Documents and Settings\Alan\Start Menu\Programs\Startup\Y'z Shadow.lnk
[2010/06/11 10:29:18 | 000,000,833 | ---- | C] () -- C:\Documents and Settings\Alan\Start Menu\Programs\Startup\TransBar.lnk
[2010/06/11 10:29:15 | 000,000,867 | ---- | C] () -- C:\Documents and Settings\Alan\Start Menu\Programs\Startup\UberIcon.lnk
[2010/06/11 10:24:42 | 000,064,949 | ---- | C] () -- C:\WINDOWS\BricoPackUninst.cmd
[2010/06/11 10:24:34 | 005,760,054 | ---- | C] () -- C:\WINDOWS\BricoPack Wallpaper.bmp
[2010/06/11 10:21:45 | 000,006,112 | ---- | C] () -- C:\WINDOWS\BricoPackFoldersDelete.cmd
[2010/06/11 01:09:55 | 000,001,561 | ---- | C] () -- C:\Documents and Settings\Alan\Desktop\AlienGUIse.lnk
[2010/06/08 16:38:09 | 000,001,541 | ---- | C] () -- C:\Documents and Settings\Alan\Start Menu\Programs\Startup\LimeWire On Startup.lnk
[2010/06/08 16:37:04 | 000,001,583 | ---- | C] () -- C:\Documents and Settings\Alan\Desktop\LimeWire 5.5.9.lnk
[2010/06/05 15:09:54 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\Alan\Desktop\Shortcut to LastCO.lnk
[2010/06/05 14:47:40 | 366,596,207 | ---- | C] () -- C:\Documents and Settings\Alan\Desktop\LastCO.exe
[2010/05/27 20:09:00 | 000,041,872 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll
[2010/04/18 14:38:33 | 000,000,779 | ---- | C] () -- C:\WINDOWS\System32\msexcr.ini
[2010/04/01 19:42:48 | 000,021,859 | ---- | C] () -- C:\Documents and Settings\Alan\Application Data\update.jar
[2010/04/01 19:42:48 | 000,000,006 | ---- | C] () -- C:\Documents and Settings\Alan\_ntfs2.lock
[2010/03/28 00:12:24 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Alan\jagex__preferences3.dat
[2010/01/29 23:49:40 | 000,000,355 | ---- | C] () -- C:\Documents and Settings\Alan\Application Data\RSBot Accounts.ini
[2010/01/29 23:49:21 | 000,000,075 | ---- | C] () -- C:\Documents and Settings\Alan\jagex_runescape_preferences2.dat
[2009/12/19 23:15:19 | 000,000,056 | ---- | C] () -- C:\WINDOWS\wb.ini
[2009/10/11 20:23:20 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\ASPNET\ntuser.ini
[2009/10/11 20:23:17 | 000,786,432 | -H-- | C] () -- C:\Documents and Settings\ASPNET\NTUSER.DAT
[2009/10/11 20:23:17 | 000,008,192 | -H-- | C] () -- C:\Documents and Settings\ASPNET\ntuser.dat.LOG
[2009/08/13 10:55:48 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\VNCpm.dll
[2009/07/30 11:30:21 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Alan\Application Data\winscp.rnd
[2009/06/27 10:04:26 | 000,000,863 | ---- | C] () -- C:\Documents and Settings\Alan\.recently-used.xbel
[2009/06/13 18:10:28 | 000,000,262 | ---- | C] () -- C:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2009/04/29 22:25:15 | 000,262,144 | ---- | C] () -- C:\WINDOWS\system32\config\systemprofile\ntuser.dat
[2009/04/29 22:25:15 | 000,008,192 | -H-- | C] () -- C:\WINDOWS\system32\config\systemprofile\ntuser.dat.LOG
[2009/04/19 10:17:11 | 000,000,120 | ---- | C] () -- C:\Documents and Settings\Alan\.asadminpass
[2009/04/19 10:17:01 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\Alan\.asadmintruststore
[2009/04/13 14:42:31 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2009/04/13 14:42:31 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2009/04/13 14:42:31 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2009/03/15 10:00:43 | 001,073,152 | ---- | C] () -- C:\WINDOWS\System32\libmysql_c.dll
[2008/12/07 16:15:12 | 000,000,041 | ---- | C] () -- C:\Documents and Settings\Alan\jagex_runescape_preferences.dat
[2008/11/28 19:58:00 | 000,056,056 | ---- | C] () -- C:\WINDOWS\System32\DLAAPI_W.DLL
[2008/11/28 19:58:00 | 000,000,165 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2008/11/28 10:00:52 | 000,030,720 | ---- | C] () -- C:\Documents and Settings\Alan\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/11/16 00:40:26 | 000,139,152 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2008/11/09 16:55:28 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\Alan\Local Settings\Application Data\fusioncache.dat
[2008/11/05 21:08:51 | 000,037,888 | ---- | C] () -- C:\WINDOWS\System32\setupnt.dll
[2008/11/02 22:03:33 | 000,000,520 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/10/20 22:12:14 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2008/10/20 21:45:20 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\Alan\ntuser.ini
[2008/10/20 21:45:19 | 000,106,496 | -H-- | C] () -- C:\Documents and Settings\Alan\ntuser.dat.LOG
[2008/10/20 21:45:18 | 010,223,616 | -H-- | C] () -- C:\Documents and Settings\Alan\NTUSER.DAT
[2008/10/20 21:41:26 | 000,000,020 | -HS- | C] () -- C:\Documents and Settings\LocalService\ntuser.ini
[2008/10/20 21:41:25 | 000,262,144 | -H-- | C] () -- C:\Documents and Settings\LocalService\NTUSER.DAT
[2008/10/20 21:41:25 | 000,008,192 | -H-- | C] () -- C:\Documents and Settings\LocalService\ntuser.dat.LOG
[2008/10/20 21:41:18 | 000,000,020 | -HS- | C] () -- C:\Documents and Settings\NetworkService\ntuser.ini
[2008/10/20 21:41:17 | 000,008,192 | -H-- | C] () -- C:\Documents and Settings\NetworkService\ntuser.dat.LOG
[2008/10/20 21:41:16 | 000,262,144 | -H-- | C] () -- C:\Documents and Settings\NetworkService\NTUSER.DAT
[2008/10/07 10:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008/10/07 10:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008/05/17 03:31:00 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008/05/17 03:31:00 | 001,503,232 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008/05/17 03:31:00 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008/05/17 03:31:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008/05/17 03:31:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2007/09/27 10:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 10:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 10:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2006/11/09 17:07:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2006/09/17 00:36:50 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\CddbPlaylist2Roxio.dll
[2006/09/17 00:36:50 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\CddbFileTaggerRoxio.dll
[1999/01/22 17:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL

========== LOP Check ==========

[2009/03/24 18:51:41 | 000,000,000 | ---D | M] -- C:\WINDOWS\system32\config\systemprofile\Application Data\SACore
[2008/11/05 22:36:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Application Data\Acronis
[2009/11/01 15:25:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Application Data\DAEMON Tools Lite
[2010/06/15 17:33:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Application Data\Datel
[2009/09/25 10:22:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Application Data\FireShot
[2009/11/07 10:09:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Application Data\GameRanger
[2010/06/15 17:32:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Application Data\GameTuts
[2010/01/05 22:55:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Application Data\GetRightToGo
[2009/04/03 21:29:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Application Data\gtk-2.0
[2009/04/25 08:46:29 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Alan\Application Data\ijjigame
[2010/06/21 13:41:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Application Data\LimeWire
[2009/04/27 19:45:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Application Data\MySQL
[2009/06/16 21:27:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Application Data\NCH Swift Sound
[2008/12/28 17:28:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Application Data\Nexon
[2010/04/18 12:48:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Application Data\Octoshape
[2009/11/25 20:51:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Application Data\Publish Providers
[2009/06/17 21:09:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Application Data\Recordpad
[2009/11/25 20:49:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Application Data\Sony
[2009/12/17 19:45:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Application Data\Sony Creative Software
[2009/12/10 19:46:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Application Data\Subversion
[2009/12/22 23:50:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Application Data\TeamViewer
[2008/10/20 23:27:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Application Data\Windows Desktop Search
[2008/11/02 13:18:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Application Data\Windows Search
[2009/10/11 20:23:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ASPNET\Application Data\NCH Swift Sound
[2009/10/11 20:24:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ASPNET\Application Data\Recordpad
[2009/10/11 20:24:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ASPNET\Application Data\Windows Search
[2009/11/01 20:48:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\SACore
[2009/10/11 20:18:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\SACore
[2010/06/21 09:48:36 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job

========== Purity Check ==========

< End of report >

Re: Cannot boot PC & Blue screen22nd June 2010, 6:30 am

Please open OTLPE -- Click None and paste this in the Custom Scans box:

Code:

%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\*.exe /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.sys
%systemroot%\system32\drivers\*.dll
%systemroot%\system32\drivers\*.ini
%systemroot%\system32\drivers\*.exe
%SYSTEMDRIVE%\*.*
%PROGRAMFILES%\*.
%appdata%\*.*
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
disk.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
usbstor.sys
/md5stop

Then click Run Scan. It shall launch a log. Please post it in your next reply.

Re: Cannot boot PC & Blue screen22nd June 2010, 1:24 pm

Hopefully this is what you were looking for!

OTL logfile created on: 6/22/2010 10:14:30 AM - Run
OTLPE by OldTimer - Version 3.1.39.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 85.00% Memory free
3.00 Gb Paging File | 2.00 Gb Available in Paging File | 93.00% Paging File free
Paging file location(s): C:\pagefile.sys 5000 5000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232.88 Gb Total Space | 64.25 Gb Free Space | 27.59% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive X: | 433.24 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO
Current User Name: SYSTEM
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
Using ControlSet: ControlSet003

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2008/10/20 21:36:53 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

MsConfig - StartUpFolder: C:^Documents and Settings^Alan^Start Menu^Programs^Startup^Xfire.lnk - C:\Program Files\Xfire\xfire.exe - (Xfire Inc.)
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Snagit 9.lnk - C:\Program Files\TechSmith\Snagit 9\Snagit32.exe - (TechSmith Corporation)
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe - (Microsoft Corporation)
MsConfig - StartUpReg: AbyssWebServer - hkey= - key= - C:\Documents and Settings\Alan\Desktop\UberRO\Server\Abyss Web Server\abyssws.exe File not found
MsConfig - StartUpReg: Acronis Scheduler2 Service - hkey= - key= - C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
MsConfig - StartUpReg: Acronis True Image Monitor - hkey= - key= - C:\Program Files\Acronis\TrueImage\TrueImageMonitor.exe (Acronis)
MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: ctfmon.exe - hkey= - key= - File not found
MsConfig - StartUpReg: ISUSPM Startup - hkey= - key= - C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
MsConfig - StartUpReg: ISUSScheduler - hkey= - key= - C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
MsConfig - StartUpReg: itype - hkey= - key= - C:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
MsConfig - StartUpReg: mcagent_exe - hkey= - key= - C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
MsConfig - StartUpReg: NvCplDaemon - hkey= - key= - File not found
MsConfig - StartUpReg: NvMediaCenter - hkey= - key= - File not found
MsConfig - StartUpReg: nwiz - hkey= - key= - File not found
MsConfig - StartUpReg: RemoteControl - hkey= - key= - C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe (Cyberlink Corp.)
MsConfig - StartUpReg: RoxioDragToDisc - hkey= - key= - C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe (Roxio)
MsConfig - StartUpReg: SoundMan - hkey= - key= - C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
MsConfig - StartUpReg: Start WingMan Profiler - hkey= - key= - C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.)
MsConfig - StartUpReg: Steam - hkey= - key= - C:\Program Files\Steam\Steam.exe File not found
MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Documents and Settings\Alan\Desktop\UberScape\bin\jusched.exe File not found
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 1

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: Lavasoft Ad-Aware Service - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SafeBootMin: mcmscsvc - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SafeBootMin: MCODS - C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: Hamachi2Svc - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SafeBootNet: Lavasoft Ad-Aware Service - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SafeBootNet: McMPFSvc - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SafeBootNet: mcmscsvc - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SafeBootNet: MCODS - C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SafeBootNet: mfefire - C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.)
SafeBootNet: mfefirek - C:\WINDOWS\system32\drivers\mfefirek.sys (McAfee, Inc.)
SafeBootNet: mfefirek.sys - C:\WINDOWS\system32\drivers\mfefirek.sys (McAfee, Inc.)
SafeBootNet: mfehidk - C:\WINDOWS\system32\drivers\mfehidk.sys (McAfee, Inc.)
SafeBootNet: mfehidk.sys - C:\WINDOWS\system32\drivers\mfehidk.sys (McAfee, Inc.)
SafeBootNet: mfevtp - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe (McAfee, Inc.)
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {124D38C7-5BE5-4D4E-8D6D-9F10DC6B6D11} - Security Update for Microsoft Visual Studio 2005 Professional Edition - ENU (KB925674)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {3F86226E-5091-C316-DD80-94A4E80C6C43} - Microsoft Windows Media Player 6.4
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows script 5.7
ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Security Update for Windows XP (KB923789)
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {78DD9A0A-4AE1-46D0-B9A6-578EFCA47A3C} - Security Update for Microsoft Visual Studio 2005 Professional Edition - ENU (KB937060)
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} -
ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET Framework
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EF289A85-8E57-408d-BE47-73B55609861A} - RootsUpdate
ActiveX: {F1CBCD08-F451-C547-FA1A-09FF6C07B62C} - IE7 Uninstall Stub
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lhacm - C:\WINDOWS\System32\lhacm.acm (Microsoft Corporation)
Drivers32: msacm.siren - C:\WINDOWS\System32\sirenacm.dll (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - C:\WINDOWS\System32\frapsvid.dll (Beepa P/L)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.tscc - C:\WINDOWS\System32\tsccvid.dll (TechSmith Corporation)
Drivers32: VIDC.WMV3 - C:\WINDOWS\System32\wmv9vcm.dll (Microsoft Corporation)
Drivers32: VIDC.XFR1 - C:\WINDOWS\System32\xfcodec.dll ()

========== Custom Scans ==========

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2008/06/20 13:46:57 | 000,147,968 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dnsapi.dll
[2010/05/06 06:41:49 | 011,076,096 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\ieframe.dll
[2010/05/06 06:41:50 | 001,985,536 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\iertutil.dll
[2008/04/14 08:00:00 | 000,321,536 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\mstask.dll
[2008/04/14 08:00:00 | 000,067,072 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\ntdsapi.dll
[2008/06/17 15:02:19 | 012,873,216 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\shell32.dll
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\*.exe /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2008/10/20 17:13:21 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2008/10/20 17:13:21 | 001,089,536 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2008/10/20 17:13:21 | 000,909,312 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\*.sys >
[2008/04/14 08:00:00 | 000,009,029 | ---- | M] () -- C:\WINDOWS\system32\ansi.sys
[2008/04/14 08:00:00 | 000,027,097 | ---- | M] () -- C:\WINDOWS\system32\country.sys
[2010/02/03 15:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) -- C:\WINDOWS\system32\hamachi.sys
[2008/04/14 08:00:00 | 000,004,768 | ---- | M] () -- C:\WINDOWS\system32\himem.sys
[2008/04/14 08:00:00 | 000,042,809 | ---- | M] () -- C:\WINDOWS\system32\key01.sys
[2008/04/14 08:00:00 | 000,042,537 | ---- | M] () -- C:\WINDOWS\system32\keyboard.sys
[2005/01/04 05:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) -- C:\WINDOWS\system32\npptNT2.sys
[2008/04/14 08:00:00 | 000,027,866 | ---- | M] () -- C:\WINDOWS\system32\ntdos.sys
[2008/04/14 08:00:00 | 000,029,146 | ---- | M] () -- C:\WINDOWS\system32\ntdos404.sys
[2008/04/14 08:00:00 | 000,029,370 | ---- | M] () -- C:\WINDOWS\system32\ntdos411.sys
[2008/04/14 08:00:00 | 000,029,274 | ---- | M] () -- C:\WINDOWS\system32\ntdos412.sys
[2008/04/14 08:00:00 | 000,029,146 | ---- | M] () -- C:\WINDOWS\system32\ntdos804.sys
[2008/04/14 08:00:00 | 000,033,840 | ---- | M] () -- C:\WINDOWS\system32\ntio.sys
[2008/04/14 08:00:00 | 000,034,560 | ---- | M] () -- C:\WINDOWS\system32\ntio404.sys
[2008/04/14 08:00:00 | 000,035,648 | ---- | M] () -- C:\WINDOWS\system32\ntio411.sys
[2008/04/14 08:00:00 | 000,035,424 | ---- | M] () -- C:\WINDOWS\system32\ntio412.sys
[2008/04/14 08:00:00 | 000,034,560 | ---- | M] () -- C:\WINDOWS\system32\ntio804.sys
[2008/04/14 08:00:00 | 000,017,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\watchdog.sys
[2010/05/02 01:22:50 | 001,851,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\win32k.sys
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.dll >

< %systemroot%\system32\drivers\*.ini >

< %systemroot%\system32\drivers\*.exe >
[2005/04/27 09:15:30 | 000,034,307 | ---- | M] (Windows (R) 2000 DDK provider) -- C:\WINDOWS\system32\drivers\Install.EXE

< %SYSTEMDRIVE%\*.* >
[2009/07/20 13:44:32 | 000,004,002 | ---- | M] () -- C:\aaw7boot.log
[2008/10/20 21:37:29 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2009/10/12 21:21:10 | 000,001,050 | ---- | M] () -- C:\avenger.txt
[2009/06/05 22:56:04 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2009/11/01 15:35:35 | 000,000,293 | RHS- | M] () -- C:\boot.ini
[2004/08/03 23:00:00 | 000,260,272 | ---- | M] () -- C:\cmldr
[2009/10/08 21:27:44 | 000,016,853 | ---- | M] () -- C:\ComboFix.txt
[2008/10/20 21:37:29 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2009/10/31 21:59:37 | 000,000,210 | ---- | M] () -- C:\demo-stopwatch.csv
[2007/11/07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1028.txt
[2007/11/07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1031.txt
[2007/11/07 09:00:40 | 000,010,134 | ---- | M] () -- C:\eula.1033.txt
[2007/11/07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1036.txt
[2007/11/07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1040.txt
[2007/11/07 09:00:40 | 000,000,118 | ---- | M] () -- C:\eula.1041.txt
[2007/11/07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1042.txt
[2007/11/07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.2052.txt
[2007/11/07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.3082.txt
[2007/11/07 09:00:40 | 000,001,110 | ---- | M] () -- C:\globdata.ini
[2010/06/21 13:39:48 | 3069,497,344 | -HS- | M] () -- C:\hiberfil.sys
[2007/11/07 09:00:40 | 000,000,843 | ---- | M] () -- C:\install.ini
[2007/11/07 09:03:18 | 000,076,304 | ---- | M] (Microsoft Corporation) -- C:\install.res.1028.dll
[2007/11/07 09:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.1031.dll
[2007/11/07 09:03:18 | 000,091,152 | ---- | M] (Microsoft Corporation) -- C:\install.res.1033.dll
[2007/11/07 09:03:18 | 000,097,296 | ---- | M] (Microsoft Corporation) -- C:\install.res.1036.dll
[2007/11/07 09:03:18 | 000,095,248 | ---- | M] (Microsoft Corporation) -- C:\install.res.1040.dll
[2007/11/07 09:03:18 | 000,081,424 | ---- | M] (Microsoft Corporation) -- C:\install.res.1041.dll
[2007/11/07 09:03:18 | 000,079,888 | ---- | M] (Microsoft Corporation) -- C:\install.res.1042.dll
[2007/11/07 09:03:18 | 000,075,792 | ---- | M] (Microsoft Corporation) -- C:\install.res.2052.dll
[2007/11/07 09:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.3082.dll
[2008/10/20 21:37:29 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2009/10/06 22:32:17 | 000,006,639 | ---- | M] () -- C:\JavaRa.log
[2008/10/20 21:37:29 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2008/04/14 08:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/04/14 08:00:00 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/06/21 22:20:50 | 000,085,532 | ---- | M] () -- C:\OTL.Txt
[2010/06/21 13:39:46 | 947,912,703 | -HS- | M] () -- C:\pagefile.sys
[2009/02/13 18:56:08 | 000,000,204 | ---- | M] () -- C:\Plugins
[2008/11/17 08:42:35 | 000,000,232 | -H-- | M] () -- C:\sqmdata00.sqm
[2009/01/25 10:28:27 | 000,000,232 | -H-- | M] () -- C:\sqmdata01.sqm
[2008/11/17 08:42:35 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm
[2009/01/25 10:28:27 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt01.sqm
[2007/11/07 09:00:40 | 000,005,686 | ---- | M] () -- C:\vcredist.bmp
[2007/11/07 09:09:22 | 001,442,522 | ---- | M] () -- C:\VC_RED.cab
[2007/11/07 09:12:28 | 000,232,960 | ---- | M] () -- C:\VC_RED.MSI

< %PROGRAMFILES%\*. >
[2008/11/05 21:08:41 | 000,000,000 | ---D | M] -- C:\Program Files\Acronis
[2009/09/14 18:04:39 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2009/07/13 09:42:10 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe Media Player
[2009/11/01 15:35:27 | 000,000,000 | ---D | M] -- C:\Program Files\AGEIA Technologies
[2009/11/19 12:52:58 | 000,000,000 | ---D | M] -- C:\Program Files\AhnLab
[2010/06/11 01:09:18 | 000,000,000 | ---D | M] -- C:\Program Files\AlienGUIse
[2009/07/23 20:22:41 | 000,000,000 | ---D | M] -- C:\Program Files\Apple Software Update
[2009/07/23 20:23:27 | 000,000,000 | ---D | M] -- C:\Program Files\Bonjour
[2009/03/15 17:46:55 | 000,000,000 | ---D | M] -- C:\Program Files\BreakPoint Software
[2009/07/08 13:07:15 | 000,000,000 | ---D | M] -- C:\Program Files\CCleaner
[2009/02/13 18:32:44 | 000,000,000 | ---D | M] -- C:\Program Files\CE Remote Tools
[2009/08/14 05:22:01 | 000,000,000 | ---D | M] -- C:\Program Files\Circl Developement
[2009/06/07 00:24:00 | 000,000,000 | ---D | M] -- C:\Program Files\Citrix
[2010/06/11 11:14:41 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2008/10/20 21:33:38 | 000,000,000 | ---D | M] -- C:\Program Files\ComPlus Applications
[2010/01/26 23:10:36 | 000,000,000 | ---D | M] -- C:\Program Files\Conquer 2.0
[2008/11/28 20:03:12 | 000,000,000 | ---D | M] -- C:\Program Files\CyberLink
[2010/02/03 19:55:54 | 000,000,000 | ---D | M] -- C:\Program Files\DAEMON Tools Lite
[2010/02/03 19:55:54 | 000,000,000 | ---D | M] -- C:\Program Files\DAEMON Tools Toolbar
[2009/05/11 19:03:26 | 000,000,000 | ---D | M] -- C:\Program Files\DevServer
[2010/05/13 17:14:06 | 000,000,000 | ---D | M] -- C:\Program Files\Diablo II
[2008/10/20 22:13:42 | 000,000,000 | ---D | M] -- C:\Program Files\DIFX
[2009/06/16 21:10:27 | 000,000,000 | ---D | M] -- C:\Program Files\DivX
[2009/07/21 22:33:53 | 000,000,000 | ---D | M] -- C:\Program Files\EA GAMES
[2009/06/28 19:31:33 | 000,000,000 | ---D | M] -- C:\Program Files\EAGames
[2009/10/10 16:41:47 | 000,000,000 | ---D | M] -- C:\Program Files\ESET
[2009/04/17 17:01:20 | 000,000,000 | ---D | M] -- C:\Program Files\Firefox for Picky Fred
[2010/06/21 15:53:04 | 000,000,000 | ---D | M] -- C:\Program Files\FlashGet
[2010/03/13 15:12:05 | 000,000,000 | ---D | M] -- C:\Program Files\Foolish Entertainment
[2009/05/17 09:39:01 | 000,000,000 | ---D | M] -- C:\Program Files\Fx Vid Cap
[2009/10/31 11:16:37 | 000,000,000 | ---D | M] -- C:\Program Files\GameSpy Arcade
[2009/04/03 21:21:51 | 000,000,000 | ---D | M] -- C:\Program Files\GIMP
[2009/11/07 21:25:44 | 000,000,000 | ---D | M] -- C:\Program Files\GMOD10
[2008/11/03 00:25:28 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2009/04/27 20:17:59 | 000,000,000 | ---D | M] -- C:\Program Files\Gravity
[2010/01/19 21:47:58 | 000,000,000 | ---D | M] -- C:\Program Files\GuildWars
[2009/04/09 17:42:00 | 000,000,000 | ---D | M] -- C:\Program Files\HHD Software
[2009/02/13 18:44:08 | 000,000,000 | ---D | M] -- C:\Program Files\HTML Help Workshop
[2009/05/17 09:31:03 | 000,000,000 | ---D | M] -- C:\Program Files\HyperSnap 6
[2009/12/06 19:02:10 | 000,000,000 | ---D | M] -- C:\Program Files\ijji
[2010/02/03 19:15:02 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2010/06/09 03:13:00 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2009/07/23 20:23:49 | 000,000,000 | ---D | M] -- C:\Program Files\iPod
[2009/07/23 20:23:59 | 000,000,000 | ---D | M] -- C:\Program Files\iTunes
[2010/01/26 23:02:33 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2009/08/19 17:24:37 | 000,000,000 | ---D | M] -- C:\Program Files\JavaFX
[2010/06/05 15:08:01 | 000,000,000 | ---D | M] -- C:\Program Files\LastCo
[2009/07/24 09:48:13 | 000,000,000 | ---D | M] -- C:\Program Files\Lavasoft
[2009/07/23 20:28:34 | 000,000,000 | ---D | M] -- C:\Program Files\LibUSB-Win32
[2010/06/08 16:37:17 | 000,000,000 | ---D | M] -- C:\Program Files\LimeWire
[2008/11/02 21:42:37 | 000,000,000 | ---D | M] -- C:\Program Files\Logitech
[2010/04/01 19:23:12 | 000,000,000 | ---D | M] -- C:\Program Files\LogMeIn Hamachi
[2009/08/12 12:10:38 | 000,000,000 | ---D | M] -- C:\Program Files\Lunia
[2009/10/08 20:14:23 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/03/09 18:59:09 | 000,000,000 | ---D | M] -- C:\Program Files\Maple
[2010/05/08 10:46:33 | 000,000,000 | ---D | M] -- C:\Program Files\McAfee
[2010/05/08 11:24:00 | 000,000,000 | ---D | M] -- C:\Program Files\McAfee.com
[2008/10/20 22:48:21 | 000,000,000 | ---D | M] -- C:\Program Files\Messenger
[2010/01/19 21:28:22 | 000,000,000 | ---D | M] -- C:\Program Files\Messenger Plus! Live
[2009/03/13 16:47:02 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft
[2009/03/15 03:04:02 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2009/02/13 18:51:00 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Device Emulator
[2008/11/02 21:59:57 | 000,000,000 | ---D | M] -- C:\Program Files\microsoft frontpage
[2008/11/01 13:17:08 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft IntelliType Pro
[2009/02/13 18:31:20 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2009/11/10 17:53:18 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office Outlook Connector
[2009/03/15 10:29:44 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft SDKs
[2010/06/09 03:34:19 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
[2009/03/19 03:01:46 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft SQL Server
[2009/02/13 18:50:53 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft SQL Server 2005 Mobile Edition
[2009/03/13 16:45:20 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2009/03/13 16:46:18 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Sync Framework
[2008/11/05 23:21:21 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio
[2009/02/13 18:44:36 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio 8
[2009/03/15 10:36:18 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio 9.0
[2009/11/01 03:02:56 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works
[2009/02/13 18:54:07 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2010/06/11 10:26:17 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2010/04/04 10:08:29 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2009/02/13 18:44:18 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2009/05/04 16:57:12 | 000,000,000 | ---D | M] -- C:\Program Files\MSECACHE
[2009/05/11 19:02:19 | 000,000,000 | ---D | M] -- C:\Program Files\MSN
[2008/10/20 21:33:09 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Gaming Zone
[2009/03/15 10:45:51 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 6.0
[2009/03/15 16:57:35 | 000,000,000 | ---D | M] -- C:\Program Files\MySQL
[2009/04/27 19:31:50 | 000,000,000 | ---D | M] -- C:\Program Files\mysqlcc
[2009/06/16 21:27:51 | 000,000,000 | ---D | M] -- C:\Program Files\NCH Software
[2009/11/01 09:23:08 | 000,000,000 | ---D | M] -- C:\Program Files\NCH Swift Sound
[2010/01/26 23:09:13 | 000,000,000 | ---D | M] -- C:\Program Files\NetBeans 6.5.1
[2008/10/20 21:35:22 | 000,000,000 | ---D | M] -- C:\Program Files\NetMeeting
[2009/05/09 17:27:04 | 000,000,000 | ---D | M] -- C:\Program Files\No-IP
[2008/11/20 23:06:20 | 000,000,000 | ---D | M] -- C:\Program Files\NOS
[2008/10/20 21:33:21 | 000,000,000 | ---D | M] -- C:\Program Files\Online Services
[2010/06/11 10:26:17 | 000,000,000 | ---D | M] -- C:\Program Files\Outlook Express
[2009/02/13 18:56:04 | 000,000,000 | ---D | M] -- C:\Program Files\Pando Networks
[2010/01/05 22:58:34 | 000,000,000 | ---D | M] -- C:\Program Files\Perfectworld
[2009/07/23 20:27:22 | 000,000,000 | ---D | M] -- C:\Program Files\QuickFreedom
[2009/07/23 20:23:18 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2010/01/25 19:44:50 | 000,000,000 | ---D | M] -- C:\Program Files\Ragnarok
[2009/05/09 19:52:02 | 000,000,000 | ---D | M] -- C:\Program Files\RangeX-Gaming
[2009/08/13 10:55:38 | 000,000,000 | ---D | M] -- C:\Program Files\RealVNC
[2009/03/15 10:28:14 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2009/06/16 17:05:13 | 000,000,000 | ---D | M] -- C:\Program Files\RFA Explorer
[2008/11/28 19:58:14 | 000,000,000 | ---D | M] -- C:\Program Files\Roxio
[2010/04/05 15:11:50 | 000,000,000 | ---D | M] -- C:\Program Files\Sony
[2009/05/10 08:53:37 | 000,000,000 | ---D | M] -- C:\Program Files\Starcraft
[2010/06/21 13:42:59 | 000,000,000 | ---D | M] -- C:\Program Files\Steamm
[2009/08/19 17:23:36 | 000,000,000 | ---D | M] -- C:\Program Files\Sun
[2008/11/02 12:33:06 | 000,000,000 | ---D | M] -- C:\Program Files\SystemRequirementsLab
[2010/02/03 20:09:01 | 000,000,000 | ---D | M] -- C:\Program Files\Team JPN
[2008/11/08 23:30:50 | 000,000,000 | ---D | M] -- C:\Program Files\Teamspeak2_RC2
[2009/12/22 23:49:46 | 000,000,000 | ---D | M] -- C:\Program Files\TeamViewer
[2009/11/25 21:03:46 | 000,000,000 | ---D | M] -- C:\Program Files\TechSmith
[2009/12/10 19:40:24 | 000,000,000 | ---D | M] -- C:\Program Files\TortoiseSVN
[2009/11/02 08:50:19 | 000,000,000 | ---D | M] -- C:\Program Files\ULiRaid
[2009/10/10 14:05:02 | 000,000,000 | ---D | M] -- C:\Program Files\UltraVNC
[2008/10/20 21:45:27 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2009/07/03 09:15:33 | 000,000,000 | ---D | M] -- C:\Program Files\Valve Hammer Editor
[2009/06/13 18:11:06 | 000,000,000 | ---D | M] -- C:\Program Files\Ventrilo
[2009/10/09 03:02:14 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Desktop Search
[2009/05/04 16:54:47 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Installer Clean Up
[2009/11/10 17:47:49 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live
[2009/03/13 16:42:51 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live SkyDrive
[2008/10/20 23:10:56 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Connect 2
[2009/03/13 22:23:59 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2008/10/20 21:32:58 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2008/10/20 21:36:02 | 000,000,000 | -H-D | M] -- C:\Program Files\WindowsUpdate
[2009/04/13 09:33:25 | 000,000,000 | ---D | M] -- C:\Program Files\WinRAR
[2009/07/30 11:30:19 | 000,000,000 | ---D | M] -- C:\Program Files\WinSCP
[2010/05/23 16:41:27 | 000,000,000 | ---D | M] -- C:\Program Files\World of Warcraft
[2008/10/20 21:37:49 | 000,000,000 | ---D | M] -- C:\Program Files\xerox
[2010/06/04 12:10:46 | 000,000,000 | --SD | M] -- C:\Program Files\Xfire
[2010/01/26 23:06:10 | 000,000,000 | ---D | M] -- C:\Program Files\Yahoo!

Invalid Environment Variable: %appdata%\*.*

< MD5 for: AGP440.SYS >
[2008/04/14 08:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys

< MD5 for: ATAPI.SYS >
[2008/04/14 08:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008/04/14 08:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: DISK.SYS >
[2008/04/14 08:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:disk.sys
[2008/04/14 08:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\system32\drivers\disk.sys

< MD5 for: EVENTLOG.DLL >
[2008/04/14 08:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ERDNT\cache\eventlog.dll
[2008/04/14 08:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008/04/14 08:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: LOGEVENT.DLL >
[2008/04/14 08:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\logevent.dll

< MD5 for: NETLOGON.DLL >
[2008/04/14 08:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ERDNT\cache\netlogon.dll
[2008/04/14 08:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008/04/14 08:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2008/04/14 08:00:00 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ERDNT\cache\scecli.dll
[2008/04/14 08:00:00 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008/04/14 08:00:00 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: USBSTOR.SYS >
[2008/04/14 08:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:usbstor.sys
[2008/04/14 00:15:40 | 000,026,368 | ---- | M] (Microsoft Corporation) MD5=A32426D9B14A089EAA1D922E0C5801A9 -- C:\WINDOWS\system32\dllcache\usbstor.sys
[2008/04/14 00:15:40 | 000,026,368 | ---- | M] (Microsoft Corporation) MD5=A32426D9B14A089EAA1D922E0C5801A9 -- C:\WINDOWS\system32\drivers\USBSTOR.SYS

========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\WINDOWS\$hf_mig$\KB915865\KB915865] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\addins\addins] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP150.tmp\ZAP150.tmp] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP218.tmp\ZAP218.tmp] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3B2.tmp\ZAP3B2.tmp] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3C9.tmp\ZAP3C9.tmp] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPA.tmp\ZAPA.tmp] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\assembly\tmp\tmp] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Config\Config] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Connection Wizard\Connection Wizard] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\ime\chsime\applets\applets] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\ime\CHTIME\Applets\Applets] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\ime\imejp\applets\applets] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\ime\imejp98\imejp98] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\ime\imjp8_1\applets\applets] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\ime\imkr6_1\applets\applets] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\ime\imkr6_1\dicts\dicts] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\ime\shared\res\res] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Installer\$PatchCache$\Managed\00002109440090400000000000F01FEC\12.0.4518\12.0.4518] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Installer\$PatchCache$\Managed\00002109511090400000000000F01FEC\12.0.4518\12.0.4518] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Installer\$PatchCache$\Managed\00002109711090400000000000F01FEC\12.0.4518\12.0.4518] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Installer\$PatchCache$\Managed\00002109910090400000000000F01FEC\12.0.4518\12.0.4518] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Installer\$PatchCache$\Managed\00002109B10090400000000000F01FEC\12.0.4518\12.0.4518] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Installer\$PatchCache$\Managed\00002109F100A0C00000000000F01FEC\12.0.4518\12.0.4518] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Installer\$PatchCache$\Managed\00002109F100C0400000000000F01FEC\12.0.4518\12.0.4518] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Installer\$PatchCache$\Managed\0DC1503A46F231838AD88BCDDC8E8F7C\3.2.30729\3.2.30729] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Installer\$PatchCache$\Managed\D7314F9862C648A4DB8BE2A5B47BE100\1.0.0\1.0.0] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Installer\$PatchCache$\Managed\DC3BF90CC0D3D2F398A9A6D1762F70F3\2.2.30729\2.2.30729] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\java\classes\classes] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\java\trustlib\trustlib] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Temporary ASP.NET Files\Bind Logs\Bind Logs] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\msapps\msinfo\msinfo] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\pchealth\ERRORREP\ERRORREP] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\pchealth\helpctr\BATCH\BATCH] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\pchealth\helpctr\Config\CheckPoint\CheckPoint] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\pchealth\helpctr\HelpFiles\HelpFiles] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\pchealth\helpctr\InstalledSKUs\InstalledSKUs] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\pchealth\helpctr\System\News\News] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\pchealth\helpctr\System_OEM\System_OEM] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\pchealth\helpctr\Temp\Temp] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Registration\CRMLog\CRMLog] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SoftwareDistribution\AuthCabs\Downloaded\Downloaded] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SoftwareDistribution\Download\1201b6f74bae1015eceeea43baed9814\backup\backup] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SoftwareDistribution\Download\29851d78a712dd32528f7e769a84edaa\backup\backup] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SoftwareDistribution\Download\42bdf2dd6f3cb2280ad31b41b6c04cff\backup\backup] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SoftwareDistribution\Download\6a15037304f9f3eab5357ec4718f72a9\backup\backup] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SoftwareDistribution\Download\8cac00e8efc87d728c0261686f85c975\backup\backup] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SoftwareDistribution\Download\ad744bdeedce85bf37a096f34577ff3a\backup\backup] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Sun\Java\Deployment\Deployment] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SxsCaPendDel\SxsCaPendDel] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2] -> \Device\__max++>\^ -> Mount Point
< End of report >

Re: Cannot boot PC & Blue screen22nd June 2010, 6:46 pm

Please run OTLPE

Under the Custom Scans/Fixes box at the bottom, copy and paste in the following:

:otl
[C:\WINDOWS\$hf_mig$\KB915865\KB915865] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\addins\addins] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP150.tmp\ZAP150.tmp] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP218.tmp\ZAP218.tmp] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3B2.tmp\ZAP3B2.tmp] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3C9.tmp\ZAP3C9.tmp] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPA.tmp\ZAPA.tmp] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\assembly\tmp\tmp] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Config\Config] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Connection Wizard\Connection Wizard] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\ime\chsime\applets\applets] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\ime\CHTIME\Applets\Applets] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\ime\imejp\applets\applets] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\ime\imejp98\imejp98] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\ime\imjp8_1\applets\applets] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\ime\imkr6_1\applets\applets] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\ime\imkr6_1\dicts\dicts] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\ime\shared\res\res] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Installer\$PatchCache$\Managed\00002109440090400000000000F01FEC\12.0.4518\12.0.4518] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Installer\$PatchCache$\Managed\00002109511090400000000000F01FEC\12.0.4518\12.0.4518] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Installer\$PatchCache$\Managed\00002109711090400000000000F01FEC\12.0.4518\12.0.4518] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Installer\$PatchCache$\Managed\00002109910090400000000000F01FEC\12.0.4518\12.0.4518] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Installer\$PatchCache$\Managed\00002109B10090400000000000F01FEC\12.0.4518\12.0.4518] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Installer\$PatchCache$\Managed\00002109F100A0C00000000000F01FEC\12.0.4518\12.0.4518] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Installer\$PatchCache$\Managed\00002109F100C0400000000000F01FEC\12.0.4518\12.0.4518] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Installer\$PatchCache$\Managed\0DC1503A46F231838AD88BCDDC8E8F7C\3.2.30729\3.2.30729] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Installer\$PatchCache$\Managed\D7314F9862C648A4DB8BE2A5B47BE100\1.0.0\1.0.0] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Installer\$PatchCache$\Managed\DC3BF90CC0D3D2F398A9A6D1762F70F3\2.2.30729\2.2.30729] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\java\classes\classes] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\java\trustlib\trustlib] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Temporary ASP.NET Files\Bind Logs\Bind Logs] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\msapps\msinfo\msinfo] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\pchealth\ERRORREP\ERRORREP] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\pchealth\helpctr\BATCH\BATCH] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\pchealth\helpctr\Config\CheckPoint\CheckPoint] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\pchealth\helpctr\HelpFiles\HelpFiles] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\pchealth\helpctr\InstalledSKUs\InstalledSKUs] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\pchealth\helpctr\System\News\News] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\pchealth\helpctr\System_OEM\System_OEM] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\pchealth\helpctr\Temp\Temp] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Registration\CRMLog\CRMLog] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SoftwareDistribution\AuthCabs\Downloaded\Downloaded] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SoftwareDistribution\Download\1201b6f74bae1015eceeea43baed9814\backup\backup] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SoftwareDistribution\Download\29851d78a712dd32528f7e769a84edaa\backup\backup] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SoftwareDistribution\Download\42bdf2dd6f3cb2280ad31b41b6c04cff\backup\backup] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SoftwareDistribution\Download\6a15037304f9f3eab5357ec4718f72a9\backup\backup] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SoftwareDistribution\Download\8cac00e8efc87d728c0261686f85c975\backup\backup] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SoftwareDistribution\Download\ad744bdeedce85bf37a096f34577ff3a\backup\backup] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Sun\Java\Deployment\Deployment] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SxsCaPendDel\SxsCaPendDel] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2] -> \Device\__max++>\^ -> Mount Point

:commands
[emptytemp]
[reboot]
Then click the Run Fix button at the top.
Please do not exit the program. It might take a while to fix, but allow it to run. If it asks to reboot the computer, allow it to reboot. If the program freezes, and the computer fails to reboot - let me know.
Lastly, post the contents of the log. (Located at C:\_OTL\Moved Files)

Re: Cannot boot PC & Blue screen22nd June 2010, 7:48 pm

Here you go:
========== OTL ==========
Mount Point C:\WINDOWS\$hf_mig$\KB915865\KB915865 removed successfully!
Mount Point C:\WINDOWS\addins\addins removed successfully!
Mount Point C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP150.tmp\ZAP150.tmp removed successfully!
Mount Point C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP218.tmp\ZAP218.tmp removed successfully!
Mount Point C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3B2.tmp\ZAP3B2.tmp removed successfully!
Mount Point C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3C9.tmp\ZAP3C9.tmp removed successfully!
Mount Point C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPA.tmp\ZAPA.tmp removed successfully!
Mount Point C:\WINDOWS\assembly\tmp\tmp removed successfully!
Mount Point C:\WINDOWS\Config\Config removed successfully!
Mount Point C:\WINDOWS\Connection Wizard\Connection Wizard removed successfully!
Mount Point C:\WINDOWS\ime\chsime\applets\applets removed successfully!
Mount Point C:\WINDOWS\ime\CHTIME\Applets\Applets removed successfully!
Mount Point C:\WINDOWS\ime\imejp\applets\applets removed successfully!
Mount Point C:\WINDOWS\ime\imejp98\imejp98 removed successfully!
Mount Point C:\WINDOWS\ime\imjp8_1\applets\applets removed successfully!
Mount Point C:\WINDOWS\ime\imkr6_1\applets\applets removed successfully!
Mount Point C:\WINDOWS\ime\imkr6_1\dicts\dicts removed successfully!
Mount Point C:\WINDOWS\ime\shared\res\res removed successfully!
Mount Point C:\WINDOWS\Installer\$PatchCache$\Managed\00002109440090400000000000F01FEC\12.0.4518\12.0.4518 removed successfully!
Mount Point C:\WINDOWS\Installer\$PatchCache$\Managed\00002109511090400000000000F01FEC\12.0.4518\12.0.4518 removed successfully!
Mount Point C:\WINDOWS\Installer\$PatchCache$\Managed\00002109711090400000000000F01FEC\12.0.4518\12.0.4518 removed successfully!
Mount Point C:\WINDOWS\Installer\$PatchCache$\Managed\00002109910090400000000000F01FEC\12.0.4518\12.0.4518 removed successfully!
Mount Point C:\WINDOWS\Installer\$PatchCache$\Managed\00002109B10090400000000000F01FEC\12.0.4518\12.0.4518 removed successfully!
Mount Point C:\WINDOWS\Installer\$PatchCache$\Managed\00002109F100A0C00000000000F01FEC\12.0.4518\12.0.4518 removed successfully!
Mount Point C:\WINDOWS\Installer\$PatchCache$\Managed\00002109F100C0400000000000F01FEC\12.0.4518\12.0.4518 removed successfully!
Mount Point C:\WINDOWS\Installer\$PatchCache$\Managed\0DC1503A46F231838AD88BCDDC8E8F7C\3.2.30729\3.2.30729 removed successfully!
Mount Point C:\WINDOWS\Installer\$PatchCache$\Managed\D7314F9862C648A4DB8BE2A5B47BE100\1.0.0\1.0.0 removed successfully!
Mount Point C:\WINDOWS\Installer\$PatchCache$\Managed\DC3BF90CC0D3D2F398A9A6D1762F70F3\2.2.30729\2.2.30729 removed successfully!
Mount Point C:\WINDOWS\java\classes\classes removed successfully!
Mount Point C:\WINDOWS\java\trustlib\trustlib removed successfully!
Mount Point C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Temporary ASP.NET Files\Bind Logs\Bind Logs removed successfully!
Mount Point C:\WINDOWS\msapps\msinfo\msinfo removed successfully!
Mount Point C:\WINDOWS\pchealth\ERRORREP\ERRORREP removed successfully!
Mount Point C:\WINDOWS\pchealth\helpctr\BATCH\BATCH removed successfully!
Mount Point C:\WINDOWS\pchealth\helpctr\Config\CheckPoint\CheckPoint removed successfully!
Mount Point C:\WINDOWS\pchealth\helpctr\HelpFiles\HelpFiles removed successfully!
Mount Point C:\WINDOWS\pchealth\helpctr\InstalledSKUs\InstalledSKUs removed successfully!
Mount Point C:\WINDOWS\pchealth\helpctr\System\News\News removed successfully!
Mount Point C:\WINDOWS\pchealth\helpctr\System_OEM\System_OEM removed successfully!
Mount Point C:\WINDOWS\pchealth\helpctr\Temp\Temp removed successfully!
Mount Point C:\WINDOWS\Registration\CRMLog\CRMLog removed successfully!
Mount Point C:\WINDOWS\SoftwareDistribution\AuthCabs\Downloaded\Downloaded removed successfully!
Mount Point C:\WINDOWS\SoftwareDistribution\Download\1201b6f74bae1015eceeea43baed9814\backup\backup removed successfully!
Mount Point C:\WINDOWS\SoftwareDistribution\Download\29851d78a712dd32528f7e769a84edaa\backup\backup removed successfully!
Mount Point C:\WINDOWS\SoftwareDistribution\Download\42bdf2dd6f3cb2280ad31b41b6c04cff\backup\backup removed successfully!
Mount Point C:\WINDOWS\SoftwareDistribution\Download\6a15037304f9f3eab5357ec4718f72a9\backup\backup removed successfully!
Mount Point C:\WINDOWS\SoftwareDistribution\Download\8cac00e8efc87d728c0261686f85c975\backup\backup removed successfully!
Mount Point C:\WINDOWS\SoftwareDistribution\Download\ad744bdeedce85bf37a096f34577ff3a\backup\backup removed successfully!
Mount Point C:\WINDOWS\Sun\Java\Deployment\Deployment removed successfully!
Mount Point C:\WINDOWS\SxsCaPendDel\SxsCaPendDel removed successfully!
Mount Point C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2 removed successfully!
========== COMMANDS ==========

[EMPTYTEMP]

User: Alan
->Temp folder emptied: 22514060 bytes
->Temporary Internet Files folder emptied: 31088961 bytes
->Java cache emptied: 4823046 bytes
->FireFox cache emptied: 72350990 bytes
->Flash cache emptied: 64149 bytes

User: All Users

User: ASPNET
->Temp folder emptied: 707 bytes
->Temporary Internet Files folder emptied: 3084157 bytes
->FireFox cache emptied: 3653903 bytes
->Flash cache emptied: 405 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 32969 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 19743864 bytes
%systemroot%\System32 .tmp files removed: 2577 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 12839266 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 59314236 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes

Total Files Cleaned = 219.00 mb

OTLPE by OldTimer - Version 3.1.39.0 log created on 06222010_162436

Re: Cannot boot PC & Blue screen22nd June 2010, 7:56 pm

Now, please test your computer to see if it will boot yet.

Let me know if we have made progress.

Re: Cannot boot PC & Blue screen22nd June 2010, 7:59 pm

Yep it boots fine from what I can tell! A little slow but its always been like that. Is there anything else I need to do?

Re: Cannot boot PC & Blue screen22nd June 2010, 8:39 pm

Let's try some more malware cleaning while in Normal Mode.

Please visit this webpage for a tutorial on downloading and running ComboFix:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

See the area: Using ComboFix, and when done, post the log back here.

Re: Cannot boot PC & Blue screen22nd June 2010, 10:15 pm

Hopefully this is good, I received a error telling me to do a CHKDSK and all of a sudden my computer blue screened when combo fix said it was preparing the log file. If I messed up tell me and ill make sure to do it again. Here's the log:

ComboFix 10-06-22.02 - Alan 06/22/2010 17:10:30.3.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2927.2104 [GMT -4]
Running from: C:\Documents and Settings\Alan\Desktop\ComboFix.exe
AV: McAfee VirusScan *On-access scanning disabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Personal Firewall *disabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}
* Resident AV is active

.

((((((((((((((((((((((((( Files Created from 2010-05-22 to 2010-06-22 )))))))))))))))))))))))))))))))
.

2010-06-22 20:34:18 . 2010-06-22 20:34:18 -------- d-----w- C:\found.000
2010-06-22 20:25:29 . 2010-05-12 23:52:31 552960 ----a-r- C:\OTLPE.exe
2010-06-22 20:24:36 . 2010-06-22 20:24:36 -------- d-----w- C:\_OTL
2010-06-15 21:33:27 . 2010-06-15 21:33:27 -------- d-----w- C:\Documents and Settings\Alan\Application Data\Datel
2010-06-15 21:32:56 . 2010-06-15 21:32:56 -------- d-----w- C:\Documents and Settings\Alan\Local Settings\Application Data\GameTuts
2010-06-15 21:32:55 . 2010-06-15 21:32:55 -------- d-----w- C:\Documents and Settings\Alan\Application Data\GameTuts
2010-06-11 15:52:42 . 2010-06-11 15:52:42 -------- d-sh--w- C:\Documents and Settings\LocalService\IETldCache
2010-06-11 14:24:42 . 2010-06-11 14:24:42 64949 ----a-w- C:\WINDOWS\BricoPackUninst.cmd
2010-06-11 14:21:45 . 2010-06-11 14:24:42 6112 ----a-w- C:\WINDOWS\BricoPackFoldersDelete.cmd
2010-06-11 14:21:17 . 2010-06-11 14:21:17 -------- d-----w- C:\WINDOWS\BricoPacks
2010-06-09 03:18:58 . 2010-05-06 10:41:48 743424 -c----w- C:\WINDOWS\system32\dllcache\iedvtool.dll
2010-06-05 18:57:10 . 2010-06-05 19:08:01 -------- d-----w- C:\Program Files\LastCo
2010-06-02 20:37:35 . 2010-06-02 20:37:35 155360 ----a-w- C:\Documents and Settings\Alan\Application Data\GameRanger\GameRanger\Data\GameRanger.dll
2010-05-28 12:33:14 . 2010-05-28 12:33:14 503808 ----a-w- C:\Documents and Settings\Alan\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-3ad6330f-n\msvcp71.dll
2010-05-28 12:33:14 . 2010-05-28 12:33:14 499712 ----a-w- C:\Documents and Settings\Alan\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-3ad6330f-n\jmc.dll
2010-05-28 12:33:14 . 2010-05-28 12:33:14 348160 ----a-w- C:\Documents and Settings\Alan\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-3ad6330f-n\msvcr71.dll
2010-05-28 12:33:13 . 2010-05-28 12:33:13 61440 ----a-w- C:\Documents and Settings\Alan\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-6d70696c-n\decora-sse.dll
2010-05-28 12:33:13 . 2010-05-28 12:33:13 12800 ----a-w- C:\Documents and Settings\Alan\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-6d70696c-n\decora-d3d.dll
2010-05-28 00:09:00 . 2010-05-28 00:09:00 41872 ----a-w- C:\WINDOWS\system32\xfcodec.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-22 21:00:21 . 2010-04-05 01:41:30 -------- d-----w- C:\Program Files\FlashGet
2010-06-22 20:48:59 . 2010-06-08 20:37:20 -------- d-----w- C:\Documents and Settings\Alan\Application Data\LimeWire
2010-06-22 20:48:47 . 2009-11-28 22:32:42 -------- d-----w- C:\Program Files\Steamm
2010-06-13 15:56:23 . 2009-04-25 12:43:21 -------- d-----w- C:\Documents and Settings\Alan\Application Data\Xfire
2010-06-11 19:33:19 . 2008-11-02 16:33:08 1324 ----a-w- C:\WINDOWS\system32\d3d9caps.dat
2010-06-11 15:51:38 . 2008-11-16 04:40:26 139152 ----a-w- C:\WINDOWS\system32\drivers\PnkBstrK.sys
2010-06-11 15:51:31 . 2008-11-16 04:40:13 111928 ----a-w- C:\WINDOWS\system32\PnkBstrB.exe
2010-06-11 05:09:18 . 2009-12-20 03:15:17 -------- d-----w- C:\Program Files\AlienGUIse
2010-06-09 07:34:19 . 2009-03-13 20:47:07 -------- d-----w- C:\Program Files\Microsoft Silverlight
2010-06-09 07:15:33 . 2008-11-06 03:19:11 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2010-06-04 16:10:46 . 2009-04-25 12:43:17 -------- d-s---w- C:\Program Files\Xfire
2010-06-03 10:23:39 . 2009-10-31 17:10:28 1240800 ----a-w- C:\Documents and Settings\Alan\Application Data\GameRanger\GameRanger\GameRanger.exe
2010-05-23 20:41:27 . 2010-04-16 01:29:39 -------- d-----w- C:\Program Files\World of Warcraft
2010-05-13 21:14:06 . 2009-04-13 18:15:16 -------- d-----w- C:\Program Files\Diablo II
2010-05-13 21:13:39 . 2010-05-13 21:11:18 17934 ----a-w- C:\WINDOWS\DIIUnin.dat
2010-05-13 21:12:36 . 2009-04-13 18:42:31 21840 ----atw- C:\WINDOWS\system32\SIntfNT.dll
2010-05-13 21:12:36 . 2009-04-13 18:42:31 17212 ----atw- C:\WINDOWS\system32\SIntf32.dll
2010-05-13 21:12:36 . 2009-04-13 18:42:31 12067 ----atw- C:\WINDOWS\system32\SIntf16.dll
2010-05-13 21:11:11 . 2010-05-13 21:11:11 94208 ----a-w- C:\WINDOWS\DIIUnin.exe
2010-05-13 21:11:11 . 2010-05-13 21:11:11 2829 ----a-w- C:\WINDOWS\DIIUnin.pif
2010-05-08 15:24:00 . 2009-10-10 17:22:08 -------- d-----w- C:\Program Files\McAfee.com
2010-05-08 14:46:34 . 2009-06-07 04:11:55 -------- d-----w- C:\Documents and Settings\All Users\Application Data\McAfee
2010-05-08 14:46:33 . 2009-06-07 04:56:36 -------- d-----w- C:\Program Files\McAfee
2010-05-08 14:45:29 . 2009-10-10 17:22:08 -------- d-----w- C:\Program Files\Common Files\McAfee
2010-05-06 10:41:53 . 2008-04-14 12:00:00 907264 ----a-w- C:\WINDOWS\system32\wininet.dll
2010-05-02 05:22:50 . 2008-04-14 12:00:00 1851264 ----a-w- C:\WINDOWS\system32\win32k.sys
2010-04-27 21:16:24 . 2010-05-03 01:42:52 9344 ----a-w- C:\WINDOWS\system32\drivers\mfeclnk.sys
2010-04-27 21:16:24 . 2010-05-03 01:42:44 95568 ----a-w- C:\WINDOWS\system32\drivers\mfeapfk.sys
2010-04-27 21:16:24 . 2010-05-03 01:42:44 88480 ----a-w- C:\WINDOWS\system32\drivers\mfendisk.sys
2010-04-27 21:16:24 . 2010-05-03 01:42:44 83496 ----a-w- C:\WINDOWS\system32\drivers\mferkdet.sys
2010-04-27 21:16:24 . 2010-05-03 01:42:44 82952 ----a-w- C:\WINDOWS\system32\drivers\mfetdi2k.sys
2010-04-27 21:16:24 . 2010-05-03 01:42:44 55456 ----a-w- C:\WINDOWS\system32\drivers\cfwids.sys
2010-04-27 21:16:24 . 2010-05-03 01:42:44 312616 ----a-w- C:\WINDOWS\system32\drivers\mfefirek.sys
2010-04-27 21:16:24 . 2009-07-08 17:44:20 385880 ----a-w- C:\WINDOWS\system32\drivers\mfehidk.sys
2010-04-27 21:16:24 . 2009-06-07 04:57:03 51688 ----a-w- C:\WINDOWS\system32\drivers\mfebopk.sys
2010-04-27 21:16:24 . 2009-06-07 04:57:03 152320 ----a-w- C:\WINDOWS\system32\drivers\mfeavfk.sys
2010-04-22 01:02:29 . 2010-01-30 03:49:21 75 ----a-w- C:\Documents and Settings\Alan\jagex_runescape_preferences2.dat
2010-04-22 01:02:29 . 2008-12-07 20:15:12 41 -c--a-w- C:\Documents and Settings\Alan\jagex_runescape_preferences.dat
2010-04-20 05:30:08 . 2008-04-14 12:00:00 285696 ----a-w- C:\WINDOWS\system32\atmfd.dll
2010-04-18 16:48:57 . 2010-04-18 16:48:57 71960 ----a-w- C:\Documents and Settings\Alan\Application Data\Mozilla\Plugins\npoctoshape.dll
2010-04-07 22:36:58 . 2010-04-07 22:36:58 45056 ----a-r- C:\Documents and Settings\Alan\Application Data\Microsoft\Installer\{C19AB6C4-BBD0-49EF-927D-9C7CB80BC0B0}\MapleStory.exe1_C19AB6C4BBD049EF927D9C7CB80BC0B0.exe
2010-04-07 22:36:58 . 2010-04-07 22:36:58 45056 ----a-r- C:\Documents and Settings\Alan\Application Data\Microsoft\Installer\{C19AB6C4-BBD0-49EF-927D-9C7CB80BC0B0}\MapleStory.exe_C19AB6C4BBD049EF927D9C7CB80BC0B0.exe
2010-04-07 22:36:58 . 2010-04-07 22:36:58 10134 ----a-r- C:\Documents and Settings\Alan\Application Data\Microsoft\Installer\{C19AB6C4-BBD0-49EF-927D-9C7CB80BC0B0}\ARPPRODUCTICON.exe
2010-04-06 09:12:08 . 2010-05-12 21:06:36 114360 ----a-w- C:\Documents and Settings\Alan\Application Data\Mozilla\Firefox\Profiles\5mxin21v.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}\components\XpcomOpusConnector.dll
2010-04-05 01:58:21 . 2009-07-05 14:02:23 98304 -c--a-w- C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\npNxGameUS.dll
2010-04-05 01:58:21 . 2009-07-05 14:02:23 258352 -c--a-w- C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\unicows.dll
2010-04-05 01:58:21 . 2009-07-05 14:02:23 126976 ----a-w- C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\nxgameus.dll
2010-04-05 01:58:20 . 2009-07-05 14:02:23 401408 -c--a-w- C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGMResource.dll
2010-04-05 01:58:20 . 2009-07-05 14:02:22 765952 ----a-w- C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGMDll.dll
2010-04-05 01:58:20 . 2009-07-05 14:02:22 172032 ----a-w- C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe
2010-03-28 04:12:24 . 2010-03-28 04:12:24 0 ----a-w- C:\Documents and Settings\Alan\jagex__preferences3.dat
2010-03-25 15:27:46 . 2010-04-08 21:24:26 1107264 ----a-w- C:\Documents and Settings\Alan\Application Data\Mozilla\Firefox\Profiles\5mxin21v.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll
2010-04-27 21:16:24 . 2010-05-03 01:42:52 24376 ----a-w- C:\Program Files\mozilla firefox\components\Scriptff.dll
2009-01-27 01:34:38 . 2009-01-27 01:34:38 1044480 -c--a-w- C:\Program Files\mozilla firefox\plugins\libdivx.dll
2009-01-27 01:34:38 . 2009-01-27 01:34:38 200704 -c--a-w- C:\Program Files\mozilla firefox\plugins\ssldivx.dll
.

------- Sigcheck -------

[-] 2009-08-06 23:24:06 . 0B6DABD6FFF1AD42A3CD65A1C7EE8F35 . 68832 . . [7.4.7600.226 (winmain_wtr_wsus3sp2(wmbla).090806-1834)] . . C:\WINDOWS\system32\wuauclt.exe
[-] 2009-08-06 23:24:06 . 0B6DABD6FFF1AD42A3CD65A1C7EE8F35 . 68832 . . [7.4.7600.226 (winmain_wtr_wsus3sp2(wmbla).090806-1834)] . . C:\WINDOWS\system32\dllcache\wuauclt.exe
[7] 2008-10-16 19:09:44 . E654B78D2F1D791B30D0ED9A8195EC22 . 51224 . . [7.2.6001.788 (winmain_oob/wu_wsuswlc(wmbla).081016-1330)] . . C:\WINDOWS\ERDNT\cache\wuauclt.exe

[-] 2010-05-06 10:41:52 . 2FFDB270D0BC419421F3B3B2F7165790 . 6224896 . . [8.00.6001.18928 (longhorn_ie8_gdr.100503-1700)] . . C:\WINDOWS\system32\mshtml.dll
[-] 2010-05-06 10:41:52 . 2FFDB270D0BC419421F3B3B2F7165790 . 6224896 . . [8.00.6001.18928 (longhorn_ie8_gdr.100503-1700)] . . C:\WINDOWS\system32\dllcache\mshtml.dll
[7] 2010-05-06 10:36:26 . 9BE28F749A7FE7F8F177C6AA2E9DA609 . 5953024 . . [8.00.6001.23019 (longhorn_ie8_ldr.100503-1800)] . . C:\WINDOWS\$hf_mig$\KB982381-IE8\SP3QFE\mshtml.dll
[7] 2010-02-25 06:24:36 . 7054F6ADC9B670887659F1561603B0D0 . 5944832 . . [8.00.6001.18904 (longhorn_ie8_gdr.100222-1700)] . . C:\WINDOWS\ie8updates\KB982381-IE8\mshtml.dll
[7] 2010-02-25 06:19:43 . 974772C74DA7C7A8E7C813A9908A845F . 5946880 . . [8.00.6001.22995 (longhorn_ie8_ldr.100223-0100)] . . C:\WINDOWS\$hf_mig$\KB980182-IE8\SP3QFE\mshtml.dll
[7] 2009-12-21 19:14:04 . BE6EEBEF636773A8E7A82214E81C563A . 5942784 . . [8.00.6001.18876 (longhorn_ie8_gdr.091218-1700)] . . C:\WINDOWS\ie8updates\KB980182-IE8\mshtml.dll
[7] 2009-12-21 19:09:28 . E6B64C6C729BBC38AB7CC92CE33F97A5 . 5945856 . . [8.00.6001.22967 (longhorn_ie8_ldr.091219-0100)] . . C:\WINDOWS\$hf_mig$\KB978207-IE8\SP3QFE\mshtml.dll
[7] 2009-10-29 07:45:44 . C0F9AC6FAB2C788FFEE3E69585A0E93F . 5944320 . . [8.00.6001.22945 (longhorn_ie8_ldr.091027-0100)] . . C:\WINDOWS\$hf_mig$\KB976325-IE8\SP3QFE\mshtml.dll
[7] 2009-10-29 07:45:37 . CBB1EF54B86EDB78649909DD1699E5CA . 5940736 . . [8.00.6001.18854 (longhorn_ie8_gdr.091026-1700)] . . C:\WINDOWS\ie8updates\KB978207-IE8\mshtml.dll
[7] 2009-10-22 09:19:04 . CDA69BC1C23B0EA033B989F67CB722FF . 5939712 . . [8.00.6001.18852 (longhorn_ie8_gdr.091020-1827)] . . C:\WINDOWS\ie8updates\KB976325-IE8\mshtml.dll
[7] 2009-10-22 09:18:10 . A6CF28C6E0B6D10098AB601D85EE55E8 . 5943296 . . [8.00.6001.22942 (longhorn_ie8_ldr.091021-0230)] . . C:\WINDOWS\$hf_mig$\KB976749-IE8\SP3QFE\mshtml.dll
[7] 2009-08-29 08:08:20 . 0E49677EE57A928765FC47FFBACD5326 . 5940224 . . [8.00.6001.18828 (longhorn_ie8_gdr.090826-1700)] . . C:\WINDOWS\ie8updates\KB976749-IE8\mshtml.dll
[7] 2009-08-29 08:01:43 . B68F6E6C66D17D9EDABF3D5DA71046DA . 5942272 . . [8.00.6001.22918 (longhorn_ie8_ldr.090827-0100)] . . C:\WINDOWS\$hf_mig$\KB974455-IE8\SP3QFE\mshtml.dll
[7] 2009-07-19 13:18:59 . 5A32B43A48D6DCA339BF24105D9A028F . 5937152 . . [8.00.6001.18812 (longhorn_ie8_gdr.090717-2100)] . . C:\WINDOWS\ie8updates\KB974455-IE8\mshtml.dll
[7] 2009-07-19 13:17:52 . F25D866DD486AD30E05E5596CB363C3E . 5938176 . . [8.00.6001.22902 (longhorn_ie8_ldr.090718-0500)] . . C:\WINDOWS\$hf_mig$\KB972260-IE8\SP3QFE\mshtml.dll
[7] 2009-03-08 08:41:16 . D469A0EBA2EF5C6BEE8065B7E3196E5E . 5937152 . . [8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)] . . C:\WINDOWS\ie8updates\KB972260-IE8\mshtml.dll
[7] 2009-02-21 07:39:54 . 1BB754AB47B327DE8DBF2FA18C36357C . 3596800 . . [7.00.6000.21015 (vista_ldr.090218-1505)] . . C:\WINDOWS\$hf_mig$\KB963027-IE7\SP3QFE\mshtml.dll
[7] 2009-02-20 18:09:37 . C7C3E41CC2F6EB4A629FE2184136C098 . 3595264 . . [7.00.6000.16825 (vista_gdr.090218-1505)] . . C:\WINDOWS\ERDNT\cache\mshtml.dll
[7] 2009-02-20 18:09:37 . C7C3E41CC2F6EB4A629FE2184136C098 . 3595264 . . [7.00.6000.16825 (vista_gdr.090218-1505)] . . C:\WINDOWS\ie8\mshtml.dll
[7] 2009-01-17 02:35:14 . 3B413267DA8AE71C20E5EF3E54F74728 . 3594752 . . [7.00.6000.16809 (vista_gdr.090114-1504)] . . C:\WINDOWS\ie7updates\KB963027-IE7\mshtml.dll
[7] 2009-01-16 16:24:38 . CC9D001B7370B292C35B366CA05B12B4 . 3596288 . . [7.00.6000.20996 (vista_ldr.090114-1504)] . . C:\WINDOWS\$hf_mig$\KB961260-IE7\SP2QFE\mshtml.dll
[7] 2008-12-13 06:40:02 . 121EC39A64D64205A88C2C45B034B455 . 3593216 . . [7.00.6000.16788 (vista_gdr.081211-1619)] . . C:\WINDOWS\ie7updates\KB961260-IE7\mshtml.dll
[7] 2008-12-13 06:26:56 . C79FAD61CD4A26ED5AA8C16D991C6FBD . 3594752 . . [7.00.6000.20973 (vista_ldr.081211-1619)] . . C:\WINDOWS\$hf_mig$\KB960714-IE7\SP2QFE\mshtml.dll
[7] 2008-10-17 07:08:40 . EACAEDEF6FA2A969DE5B36190D45396F . 3593216 . . [7.00.6000.16762 (vista_gdr.081013-1507)] . . C:\WINDOWS\ie7updates\KB960714-IE7\mshtml.dll
[7] 2008-10-16 20:24:10 . B74F31A4BD83797D7A083F922169287D . 3595264 . . [7.00.6000.20935 (vista_ldr.081013-1507)] . . C:\WINDOWS\$hf_mig$\KB958215-IE7\SP2QFE\mshtml.dll
[7] 2008-08-27 08:24:32 . 1AD035E04A7068EC2820B055A3131ED8 . 3593216 . . [7.00.6000.16735 (vista_gdr.080820-1506)] . . C:\WINDOWS\ie7updates\KB958215-IE7\mshtml.dll
[7] 2008-08-26 09:08:43 . 25CC085720EE3617FD1F8AB9E2F7CAB2 . 3594752 . . [7.00.6000.20900 (vista_ldr.080820-1506)] . . C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\mshtml.dll
[7] 2008-08-20 05:30:53 . 507BDA42F7DB8209C0F0B3556A043491 . 3067904 . . [6.00.2900.5659 (xpsp_sp3_gdr.080819-1237)] . . C:\WINDOWS\SoftwareDistribution\Download\1185bc01976431096846a9c917b224df\sp3gdr\mshtml.dll
[7] 2008-08-20 04:58:54 . BD45470B132A0F98596277323D9F2E5A . 3067904 . . [6.00.2900.5659 (xpsp_sp3_qfe.080819-1352)] . . C:\WINDOWS\$hf_mig$\KB956390\SP3QFE\mshtml.dll
[7] 2008-08-20 04:58:54 . BD45470B132A0F98596277323D9F2E5A . 3067904 . . [6.00.2900.5659 (xpsp_sp3_qfe.080819-1352)] . . C:\WINDOWS\SoftwareDistribution\Download\1185bc01976431096846a9c917b224df\sp3qfe\mshtml.dll
[7] 2008-04-14 12:00:00 . A706E122B398FE1AB85CB9B75D044223 . 3066880 . . [6.00.2900.5512 (xpsp.080413-2105)] . . C:\WINDOWS\ie7\mshtml.dll
[7] 2007-08-13 22:54:12 . C6EC2493346ED8888A549F59210A8ED3 . 3578368 . . [7.00.5730.13 (longhorn(wmbla).070711-1130)] . . C:\WINDOWS\ie7updates\KB956390-IE7\mshtml.dll

[-] 2010-05-06 10:41:53 . DE6A3492ABC54F2327CAA43AD17CAD7B . 907264 . . [8.00.6001.18923 (longhorn_ie8_gdr.100419-1241)] . . C:\WINDOWS\system32\wininet.dll
[-] 2010-05-06 10:41:53 . DE6A3492ABC54F2327CAA43AD17CAD7B . 907264 . . [8.00.6001.18923 (longhorn_ie8_gdr.100419-1241)] . . C:\WINDOWS\system32\dllcache\wininet.dll
[7] 2010-05-06 10:36:27 . C1490F68B44AF8B781F52F12F564625D . 919040 . . [8.00.6001.23014 (longhorn_ie8_ldr.100419-1507)] . . C:\WINDOWS\$hf_mig$\KB982381-IE8\SP3QFE\wininet.dll
[7] 2010-02-25 06:24:37 . 7A42CFED96CDA7F2FB1A26D1F9F65775 . 916480 . . [8.00.6001.18904 (longhorn_ie8_gdr.100222-1700)] . . C:\WINDOWS\ie8updates\KB982381-IE8\wininet.dll
[7] 2010-02-25 06:19:44 . 4458D59F2B0369F4D3B137541D284041 . 919040 . . [8.00.6001.22995 (longhorn_ie8_ldr.100223-0100)] . . C:\WINDOWS\$hf_mig$\KB980182-IE8\SP3QFE\wininet.dll
[7] 2009-12-21 19:14:05 . FF4241C74E0C0A5AFFFE05F584213ECB . 916480 . . [8.00.6001.18876 (longhorn_ie8_gdr.091218-1700)] . . C:\WINDOWS\ie8updates\KB980182-IE8\wininet.dll
[7] 2009-12-21 19:09:28 . 5E1F666B8955FD77E65D65C4C4D882A3 . 916480 . . [8.00.6001.22967 (longhorn_ie8_ldr.091219-0100)] . . C:\WINDOWS\$hf_mig$\KB978207-IE8\SP3QFE\wininet.dll
[7] 2009-10-29 07:45:45 . 6AF52998B90F72FF2325D84D90EDA1CC . 916480 . . [8.00.6001.22945 (longhorn_ie8_ldr.091027-0100)] . . C:\WINDOWS\$hf_mig$\KB976325-IE8\SP3QFE\wininet.dll
[7] 2009-10-29 07:45:38 . 75240F6EDBCE7B85DF66874407D38A4F . 916480 . . [8.00.6001.18854 (longhorn_ie8_gdr.091026-1700)] . . C:\WINDOWS\ie8updates\KB978207-IE8\wininet.dll
[7] 2009-08-29 08:08:21 . CF0A5FE05BF614C24950D8FAEC1BC309 . 916480 . . [8.00.6001.18828 (longhorn_ie8_gdr.090826-1700)] . . C:\WINDOWS\ie8updates\KB976325-IE8\wininet.dll
[7] 2009-08-29 08:01:44 . 972B226BDAD71C55F3CC9A72BBF8F1C1 . 916480 . . [8.00.6001.22918 (longhorn_ie8_ldr.090827-0100)] . . C:\WINDOWS\$hf_mig$\KB974455-IE8\SP3QFE\wininet.dll
[7] 2009-07-03 17:09:28 . 7E8A47A2E6561274B83E257CE74803FD . 915456 . . [8.00.6001.18806 (longhorn_ie8_gdr.090701-1700)] . . C:\WINDOWS\ie8updates\KB974455-IE8\wininet.dll
[7] 2009-07-03 17:06:51 . 38114DAB42FB2EB84D1726C42B8D80C5 . 915456 . . [8.00.6001.22896 (longhorn_ie8_ldr.090702-0100)] . . C:\WINDOWS\$hf_mig$\KB972260-IE8\SP3QFE\wininet.dll
[7] 2009-03-08 08:34:58 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)] . . C:\WINDOWS\ie8updates\KB972260-IE8\wininet.dll
[7] 2009-03-03 00:18:25 . 28775945CCD53DEE280EF58DEA1A94C4 . 826368 . . [7.00.6000.16827 (vista_gdr.090226-1506)] . . C:\WINDOWS\ERDNT\cache\wininet.dll
[7] 2009-03-03 00:18:25 . 28775945CCD53DEE280EF58DEA1A94C4 . 826368 . . [7.00.6000.16827 (vista_gdr.090226-1506)] . . C:\WINDOWS\ie8\wininet.dll
[7] 2009-03-03 00:17:40 . C8667854873938CA13C986F16B0CD183 . 828416 . . [7.00.6000.21020 (vista_ldr.090226-1506)] . . C:\WINDOWS\$hf_mig$\KB963027-IE7\SP3QFE\wininet.dll
[7] 2008-12-20 23:56:00 . 044E0A4E9FE97C0FB9AFE9C89E2A82E6 . 827904 . . [7.00.6000.20978 (vista_ldr.081217-1620)] . . C:\WINDOWS\$hf_mig$\KB961260-IE7\SP2QFE\wininet.dll
[7] 2008-12-20 23:15:41 . A82935D32D0672E8FF4E91AE398E901C . 826368 . . [7.00.6000.16791 (vista_gdr.081217-1620)] . . C:\WINDOWS\ie7updates\KB963027-IE7\wininet.dll
[7] 2008-10-16 20:38:40 . 6741EAF7B7F110E803A6E38F6E5FA6B0 . 826368 . . [7.00.6000.16762 (vista_gdr.081013-1507)] . . C:\WINDOWS\ie7updates\KB961260-IE7\wininet.dll
[7] 2008-10-16 20:24:11 . 0D5B75171FF51775B630A431B6C667E8 . 827904 . . [7.00.6000.20935 (vista_ldr.081013-1507)] . . C:\WINDOWS\$hf_mig$\KB958215-IE7\SP2QFE\wininet.dll
[7] 2008-08-26 09:08:45 . 77C192FE56A70D7FA0247BA0A6201C32 . 827904 . . [7.00.6000.20900 (vista_ldr.080820-1506)] . . C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\wininet.dll
[7] 2008-08-26 07:24:31 . EF8EBA98145BFA44E80D17A3B3453300 . 826368 . . [7.00.6000.16735 (vista_gdr.080820-1506)] . . C:\WINDOWS\ie7updates\KB958215-IE7\wininet.dll
[7] 2008-08-20 05:30:51 . 9AF5F25124FBDC36E2B510729CBA2674 . 666112 . . [6.00.2900.5659 (xpsp_sp3_gdr.080819-1237)] . . C:\WINDOWS\SoftwareDistribution\Download\1185bc01976431096846a9c917b224df\sp3gdr\wininet.dll
[7] 2008-08-20 04:58:48 . 94418F53D2612C26DBADC04DAFBC197C . 666624 . . [6.00.2900.5659 (xpsp_sp3_qfe.080819-1352)] . . C:\WINDOWS\$hf_mig$\KB956390\SP3QFE\wininet.dll
[7] 2008-08-20 04:58:48 . 94418F53D2612C26DBADC04DAFBC197C . 666624 . . [6.00.2900.5659 (xpsp_sp3_qfe.080819-1352)] . . C:\WINDOWS\SoftwareDistribution\Download\1185bc01976431096846a9c917b224df\sp3qfe\wininet.dll
[7] 2008-04-14 12:00:00 . 7A4F775ABB2F1C97DEF3E73AFA2FAEDD . 666112 . . [6.00.2900.5512 (xpsp.080413-2105)] . . C:\WINDOWS\ie7\wininet.dll
[7] 2007-08-13 22:54:10 . A4A0FC92358F39538A6494C42EF99FE9 . 818688 . . [7.00.5730.13 (longhorn(wmbla).070711-1130)] . . C:\WINDOWS\ie7updates\KB956390-IE7\wininet.dll

[-] 2008-04-14 12:00:00 . 561A50497324F378E30F55D09B4E1258 . 975872 . . [6.00.2900.5512 (xpsp.080413-2105)] . . C:\WINDOWS\explorer.exe
[7] 2008-04-14 12:00:00 . 12896823FB95BFB3DC9B46BCAEDC9923 . 1033728 . . [6.00.2900.5512 (xpsp.080413-2105)] . . C:\WINDOWS\ERDNT\cache\explorer.exe
[-] 2008-04-14 12:00:00 . 561A50497324F378E30F55D09B4E1258 . 975872 . . [6.00.2900.5512 (xpsp.080413-2105)] . . C:\WINDOWS\system32\dllcache\explorer.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2009-08-13 23:55:46 85768 ----a-w- C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2009-08-13 23:55:46 85768 ----a-w- C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2009-08-13 23:55:46 85768 ----a-w- C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2009-08-13 23:55:46 85768 ----a-w- C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2009-08-13 23:55:46 85768 ----a-w- C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2009-08-13 23:55:46 85768 ----a-w- C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2009-08-13 23:55:46 85768 ----a-w- C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2009-08-13 23:55:46 85768 ----a-w- C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2009-08-13 23:55:46 85768 ----a-w- C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Pando Media Booster"="C:\Program Files\Pando Networks\Media Booster\PMB.exe" [2010-02-06 23:12:52 2937528]
"Steam"="c:\program files\steamm\steam.exe" [2010-05-08 14:50:53 1238352]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 11:57:08 369200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2008-09-18 04:55:00 13574144]
"AdobeCS4ServiceManager"="C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 11:58:34 611712]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2009-05-26 21:18:30 413696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2009-07-13 18:03:10 292128]
"Ad-Watch"="C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe" [2010-03-01 14:48:16 524632]
"ULiRaid"="C:\Program Files\ULiRaid\ULiRaid.exe" [2006-05-12 18:57:40 630784]
"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" [2010-01-11 20:21:52 246504]
"LogMeIn Hamachi Ui"="C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" [2010-03-30 15:16:16 1820040]
"Flashget"="C:\Program Files\FlashGet\FlashGet.exe" [2007-09-25 08:10:50 2007088]
"mcui_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe" [2010-04-02 03:05:04 1180976]

C:\Documents and Settings\Alan\Start Menu\Programs\Startup\
crisisx_updater.jar [2010-4-1 53790]
LimeWire On Startup.lnk - C:\Program Files\LimeWire\LimeWire.exe [2010-5-26 503808]
TransBar.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe [2005-6-1 65536]
UberIcon.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe [2006-5-21 180224]
Y'z Shadow.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe [2006-5-21 155648]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 02:41:34 304128]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WB]
2001-12-21 04:34:52 24576 ----a-w- C:\Program Files\AlienGUIse\fastload.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=C:\WINDOWS\system32\wbsys.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""

[HKLM\~\startupfolder\C:^Documents and Settings^Alan^Start Menu^Programs^Startup^Xfire.lnk]
path=C:\Documents and Settings\Alan\Start Menu\Programs\Startup\Xfire.lnk
backup=C:\WINDOWS\pss\Xfire.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Snagit 9.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Snagit 9.lnk
backup=C:\WINDOWS\pss\Snagit 9.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Search.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
backup=C:\WINDOWS\pss\Windows Search.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acronis Scheduler2 Service]
2008-11-06 01:08:55 65536 -c--a-w- C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acronis True Image Monitor]
2008-11-06 01:08:55 471637 -c--a-w- C:\Program Files\Acronis\TrueImage\TrueImageMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-06-12 07:38:00 34672 -c--a-w- C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 12:00:00 15360 ------w- C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
2004-07-27 21:50:42 221184 -c--a-w- C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2004-07-27 21:50:18 81920 -c--a-w- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\itype]
2007-08-31 19:13:41 988584 -c--a-w- C:\Program Files\Microsoft IntelliType Pro\itype.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mcagent_exe]
2010-04-02 03:05:04 1180976 ----a-w- C:\Program Files\McAfee.com\Agent\mcagent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2008-09-18 04:55:00 13574144 ----a-w- C:\WINDOWS\system32\nvcpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2008-09-18 04:55:00 86016 -c--a-w- C:\WINDOWS\system32\nvmctray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2008-09-18 04:55:00 1657376 -c--a-w- C:\WINDOWS\system32\nwiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2003-11-01 00:42:40 32768 -c----w- C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioDragToDisc]
2006-08-17 14:00:00 1116920 -c--a-w- C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
2004-07-27 22:01:36 68096 -c--a-w- C:\WINDOWS\SOUNDMAN.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Start WingMan Profiler]
2008-04-04 16:38:00 88584 -c--a-w- C:\Program Files\Logitech\Gaming Software\LWEMon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Program Files\\EA GAMES\\Battlefield 2\\BF2.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"C:\\Program Files\\Xfire\\xfire.exe"=
"C:\\Program Files\\Ventrilo\\Ventrilo.exe"=
"C:\\Documents and Settings\\All Users\\Application Data\\NexonUS\\NGM\\NGM.exe"=
"C:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"C:\\Program Files\\Steamm\\Steam.exe"=
"C:\\Program Files\\TeamViewer\\Version5\\TeamViewer.exe"=
"C:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"C:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"C:\\Program Files\\FlashGet\\flashget.exe"=
"C:\\Program Files\\World of Warcraft\\WoW-3.2.0-enUS-downloader.exe"=
"C:\\Program Files\\World of Warcraft\\Launcher.exe"=
"C:\\Program Files\\World of Warcraft\\WoW-3.2.0.10192-to-3.3.0.10958-enUS-downloader.exe"=
"C:\\Documents and Settings\\Alan\\Application Data\\Octoshape\\Octoshape Streaming Services\\OctoshapeClient.exe"=
"C:\\Program Files\\Common Files\\McAfee\\McSvcHost\\McSvHost.exe"=
"C:\\Program Files\\Steamm\\steamapps\\basketcase378\\garrysmod\\hl2.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\Steamm\\steamapps\\soarrin211\\condition zero\\hl.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"57640:TCP"= 57640:TCP:*:Disabled:Pando Media Booster
"57640:UDP"= 57640:UDP:*:Disabled:Pando Media Booster
"56630:TCP"= 56630:TCP:*:Disabled:Pando Media Booster
"56630:UDP"= 56630:UDP:*:Disabled:Pando Media Booster
"56494:TCP"= 56494:TCP:*:Disabled:Pando Media Booster
"56494:UDP"= 56494:UDP:*:Disabled:Pando Media Booster
"86:TCP"= 86:TCP:BroadCam Web Server
"5353:TCP"= 5353:TCP:Adobe CSI CS4
"58485:TCP"= 58485:TCP:Pando Media Booster
"58485:UDP"= 58485:UDP:Pando Media Booster
"58082:TCP"= 58082:TCP:Pando Media Booster
"58082:UDP"= 58082:UDP:Pando Media Booster

R0 JAHCI;JAHCI;C:\WINDOWS\system32\drivers\JAHCI.sys [11/5/2008 8:53:02 PM 33280]
R0 Lbd;Lbd;C:\WINDOWS\system32\drivers\Lbd.sys [7/24/2009 9:48:45 AM 64160]
R0 m5289;m5289;C:\WINDOWS\system32\drivers\m5289.sys [11/2/2009 8:50:08 AM 52480]
R1 mfetdi2k;McAfee Inc. mfetdi2k;C:\WINDOWS\system32\drivers\mfetdi2k.sys [5/2/2010 9:42:44 PM 82952]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [3/30/2010 11:16:12 AM 1107336]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [3/9/2009 3:06:55 PM 1029456]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\McAfee\SiteAdvisor\McSACore.exe [10/10/2009 1:24:28 PM 93320]
R2 McMPFSvc;McAfee Personal Firewall;"C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [5/2/2010 9:42:35 PM 271480]
R2 McNaiAnn;McAfee VirusScan Announcer;"C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [5/2/2010 9:42:35 PM 271480]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [5/2/2010 9:42:55 PM 188136]
R2 mfevtp;McAfee Validation Trust Protection Service;C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe [5/2/2010 9:42:45 PM 141792]
R3 cfwids;McAfee Inc. cfwids;C:\WINDOWS\system32\drivers\cfwids.sys [5/2/2010 9:42:44 PM 55456]
R3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.12.1;C:\WINDOWS\system32\drivers\libusb0.sys [7/23/2009 8:28:34 PM 28672]
R3 mfefirek;McAfee Inc. mfefirek;C:\WINDOWS\system32\drivers\mfefirek.sys [5/2/2010 9:42:44 PM 312616]
R3 mfendiskmp;mfendiskmp;C:\WINDOWS\system32\drivers\mfendisk.sys [5/2/2010 9:42:44 PM 88480]
R3 ULI5261XP;ULi M526X Ethernet NT Driver;C:\WINDOWS\system32\drivers\ULILAN51.SYS [10/20/2008 10:11:22 PM 28672]
S0 sptd;sptd;C:\WINDOWS\system32\drivers\sptd.sys [10/31/2009 11:23:09 PM 691696]
S3 BroadCamService;BroadCam Service;C:\Program Files\NCH Software\BroadCam\broadCam.exe [6/16/2009 9:27:32 PM 368644]
S3 GarenaPEngine;GarenaPEngine;\??\C:\DOCUME~1\Alan\LOCALS~1\Temp\UAK27D.tmp --> C:\DOCUME~1\Alan\LOCALS~1\Temp\UAK27D.tmp [?]
S3 mfendisk;McAfee Core NDIS Intermediate Filter;C:\WINDOWS\system32\drivers\mfendisk.sys [5/2/2010 9:42:44 PM 88480]
S3 mferkdet;McAfee Inc. mferkdet;C:\WINDOWS\system32\drivers\mferkdet.sys [5/2/2010 9:42:44 PM 83496]
S3 npggsvc;nProtect GameGuard Service;C:\WINDOWS\system32\GameMon.des -service --> C:\WINDOWS\system32\GameMon.des -service [?]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files\Microsoft SQL Server\100\Shared\sqladhlp.exe [7/10/2008 8:28:04 PM 47128]
S4 msvsmon80;Visual Studio 2005 Remote Debugger;C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe [9/23/2005 8:01:16 AM 2799808]
S4 RsFx0102;RsFx0102 Driver;C:\WINDOWS\system32\drivers\RsFx0102.sys [7/10/2008 2:49:14 AM 242712]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [7/10/2008 8:28:06 PM 369688]

--- Other Services/Drivers In Memory ---

*Deregistered* - mfeavfk01
.
Contents of the 'Scheduled Tasks' folder

2010-06-21 C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
- C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-03-09 19:06:56 . 2010-03-01 14:48:17]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.ca/
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s
IE: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm
IE: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm
IE: &Google Search - C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
IE: Backward Links - C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
IE: Cached Snapshot of Page - C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Similar Pages - C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
IE: Translate into English - C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
Trusted Zone: internet
Trusted Zone: mcafee.com
FF - ProfilePath - C:\Documents and Settings\Alan\Application Data\Mozilla\Firefox\Profiles\5mxin21v.default\
FF - prefs.js: browser.search.selectedEngine - Secure Search
FF - prefs.js: browser.startup.homepage - hxxp://www.bing.com/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mcafee&p=
FF - component: C:\Documents and Settings\Alan\Application Data\Mozilla\Firefox\Profiles\5mxin21v.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\platform\WINNT_x86-msvc\components\SSSLauncher.dll
FF - component: C:\Documents and Settings\Alan\Application Data\Mozilla\Firefox\Profiles\5mxin21v.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}\components\XpcomOpusConnector.dll
FF - component: C:\Program Files\McAfee\SiteAdvisor\components\McFFPlg.dll
FF - plugin: C:\Documents and Settings\Alan\Application Data\Mozilla\plugins\npoctoshape.dll
FF - plugin: C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\npNxGameUS.dll
FF - plugin: C:\Program Files\McAfee\Supportability\MVT\NPMVTPlugin.dll
FF - plugin: C:\Program Files\Microsoft\Office Live\npOLW.dll
FF - plugin: C:\Program Files\Mozilla Firefox\plugins\npijjiautoinstallpluginff.dll
FF - plugin: C:\Program Files\Mozilla Firefox\plugins\npijjiCHPlugin.dll
FF - plugin: C:\Program Files\Mozilla Firefox\plugins\npijjiFFPlugin1.dll
FF - plugin: C:\Program Files\Mozilla Firefox\plugins\npPandoWebInst.dll
FF - plugin: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - trueC:\Program Files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
C:\Program Files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
C:\Program Files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
C:\Program Files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
C:\Program Files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
C:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
C:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
C:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
.
- - - - ORPHANS REMOVED - - - -

WebBrowser-{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - (no file)
MSConfigStartUp-AbyssWebServer - C:\Documents and Settings\Alan\Desktop\UberRO\Server\Abyss Web Server\abyssws.exe
MSConfigStartUp-Steam - C:\Program Files\Steam\Steam.exe
MSConfigStartUp-SunJavaUpdateSched - C:\Documents and Settings\Alan\Desktop\UberScape\bin\jusched.exe

Last edited by mattferd on 22nd June 2010, 10:22 pm; edited 1 time in total (Reason for editing : Explaining my problem with ComboFix)

Re: Cannot boot PC & Blue screen23rd June 2010, 3:12 am

GMER

Note about this tool:

This program may freeze. Do not reboot the computer, unless it has been frozen for over 30 minutes.
This program may cause a blue screen of death. If it does, do not scan, and then reply to let me know.
No matter what is in the log, please post all the information/contents of the log.

Please download the GMER Rootkit Scanner. Unzip it to your Desktop.

Before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while the scan is being performed. Do not use your computer for anything else during the scan.

Double-click gmer.exe. The program will begin to run.

**Caution**
These types of scans can produce false positives. Do NOT take any action on any "<--- ROOKIT" entries unless advised!

If possible rootkit activity is found, you will be asked if you would like to perform a full scan.

Click NO
In the right panel, you will see a bunch of boxes that have been checked ... leave everything checked and ensure the Show all box is un-checked.
Now click the Scan button.
Once the scan is complete, you may receive another notice about rootkit activity.
Click OK.
GMER will produce a log. Click on the [Save..] button, and in the File name area, type in "GMER.txt"
Save it where you can easily find it, such as your desktop.

Post the contents of GMER.txt in your next reply.

Re: Cannot boot PC & Blue screen23rd June 2010, 11:11 pm

I recieved a blue screen after running it and it restarted my computer.

Re: Cannot boot PC & Blue screen24th June 2010, 2:57 am

Please download DeFogger to your desktop.
Once downloaded, double-click on the DeFogger icon to start the tool.
The application window will now appear. You should now click on the Disable button to disable your CD Emulation drivers
When it prompts you whether or not you want to continue, please click on the Yes button to continue
When the program has completed you will see a Finished! message. Click on the OK button to exit the program.
If CD Emulation programs are present and have been disabled, DeFogger will now ask you to reboot the machine. Please allow it to do so by clicking on the OK button.

====================

Please download 7-Zip and install it. If you already have it, no need to reinstall.

Then, download RootkitUnhooker and save the setup to your Desktop.

Right-click on the RootkitUnhooker setup and mouse-over 7-Zip then click Extract to "RKU***"
Once that is done, enter the folder, and double-click on the setup file. Navigate through setup and finish.
Once that is done, you will see another folder that was created inside the RKU folder. Enter that folder, and double-click on the randomly named file. (It will be alpha-numeric and have an EXE extension on it.)
It will initialize itself and load the scanner. It will also install its driver. Please wait for the interface to begin.
Once inside the interface, do not fix anything. Click on the Report tab.
Next, click on the Scan button and a popup will show. Make sure all are checked, then click on OK. It will begin scanning. When it gets to the Files tab, it will ask you what drives to scan. Just select C:\ and hit OK.
It will finish in about 5 minutes or a little longer depending on how badly infected the system is, or if your security software is enabled.
When finished, it will show the report in the Report tab. Please copy all of it, and post it in your next reply. Depending on how large the log is, you may have to use two or three posts to get all the information in.

Re: Cannot boot PC & Blue screen24th June 2010, 8:24 pm

This took a long time... It would have taken about 6-7 posts to post it so I think this is better for both of us if I send the log. ;)
Also at this point I'm thinking of just formating my computer and starting off fresh do you think this is a good alternative?

Last edited by mattferd on 24th June 2010, 8:26 pm; edited 2 times in total (Reason for editing : Adding log)

Re: Cannot boot PC & Blue screen24th June 2010, 9:14 pm

It's almost clean, actually.

Cannot boot PC & Blue screen Bf_new

Please download Malwarebytes Anti-Malware from Malwarebytes.org.
Alternate link: BleepingComputer.com.
(Note: if you already have the program installed, just follow the directions. No need to re-download or re-install!)

Double Click mbam-setup.exe to install the application.

(Note: if you already have the program installed, open Malwarebytes from the Start Menu or Desktop shortcut, click the Update tab, and click Check for Updates, before doing the scan as instructed below!)

Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select "Perform Full Scan", then click Scan.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. If you are prompted to restart, please allow it to restart your computer. Failure to do this, will cause the infection to still be active on the computer.
Please save the log to a location you will remember.
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
The log can also be found at C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt
Copy and paste the entire report in your next reply.

Re: Cannot boot PC & Blue screen25th June 2010, 2:04 am

Malwarebytes' Anti-Malware 1.41
Database version: 2775
Windows 5.1.2600 Service Pack 3

10/8/2009 8:24:03 PM
mbam-log-2009-10-08 (20-24-03).txt

Scan type: Quick Scan
Objects scanned: 28684
Time elapsed: 4 minute(s), 55 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Re: Cannot boot PC & Blue screen25th June 2010, 4:37 am

Please run a free online scan with the ESET Online Scanner

Tick the box next to YES, I accept the Terms of Use
Click Start
When asked, allow the ActiveX control to install
Click Start
Make sure that the options Remove found threats and the option Scan unwanted applications is checked
Click Scan (This scan can take several hours, so please be patient)
Once the scan is completed, you may close the window
Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
Copy and paste that log as a reply to this topic

Cannot boot PC & Blue screen

descriptionCannot boot PC & Blue screen21st June 2010, 8:26 pm

descriptionRe: Cannot boot PC & Blue screen21st June 2010, 11:21 pm

descriptionRe: Cannot boot PC & Blue screen22nd June 2010, 1:30 am

descriptionRe: Cannot boot PC & Blue screen22nd June 2010, 6:30 am

descriptionRe: Cannot boot PC & Blue screen22nd June 2010, 1:24 pm

descriptionRe: Cannot boot PC & Blue screen22nd June 2010, 6:46 pm

descriptionRe: Cannot boot PC & Blue screen22nd June 2010, 7:48 pm

descriptionRe: Cannot boot PC & Blue screen22nd June 2010, 7:56 pm

descriptionRe: Cannot boot PC & Blue screen22nd June 2010, 7:59 pm

descriptionRe: Cannot boot PC & Blue screen22nd June 2010, 8:39 pm

descriptionRe: Cannot boot PC & Blue screen22nd June 2010, 10:15 pm

descriptionRe: Cannot boot PC & Blue screen23rd June 2010, 3:12 am

descriptionRe: Cannot boot PC & Blue screen23rd June 2010, 11:11 pm

descriptionRe: Cannot boot PC & Blue screen24th June 2010, 2:57 am

descriptionRe: Cannot boot PC & Blue screen24th June 2010, 8:24 pm

descriptionRe: Cannot boot PC & Blue screen24th June 2010, 9:14 pm

descriptionRe: Cannot boot PC & Blue screen25th June 2010, 2:04 am

descriptionRe: Cannot boot PC & Blue screen25th June 2010, 4:37 am

descriptionRe: Cannot boot PC & Blue screen