Critical error Drive sector not found

2 posters

WiredWX Christian Hobby Weather Tools :: GeekPolice tech support archive :: Technical Support

Critical error Drive sector not found9th May 2012, 9:51 pm

Okay, so this seems to be a very common issue but since it appears the solution is specific per machine, I am making my own post and pasting what OTL gave me. (I did reply to another posting just now.) Please help! And please be very specific with your instructions...I am not a big computer person ):

This happened last night and I let Dr.CureIt or whatever scan overnight and while I was at work.

So here is what OTL.txt says (split up because it's too long for one post):

OTL logfile created on: 5/9/2012 4:11:16 PM - Run 1
OTL by OldTimer - Version 3.2.42.3 Folder = C:\Users\KIMBERLYTVAN\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.93 Gb Total Physical Memory | 2.30 Gb Available Physical Memory | 58.58% Memory free
7.87 Gb Paging File | 6.03 Gb Available in Paging File | 76.64% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451.07 Gb Total Space | 49.19 Gb Free Space | 10.91% Space Free | Partition Type: NTFS

Computer Name: KIMBERLYTVAN-PC | User Name: KIMBERLYTVAN | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/05/09 16:10:16 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\KIMBERLYTVAN\Downloads\OTL.exe
PRC - [2012/04/30 09:44:38 | 005,106,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
PRC - [2012/04/05 05:12:34 | 002,587,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
PRC - [2012/03/12 18:05:25 | 000,918,880 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe
PRC - [2012/03/12 18:05:24 | 000,982,880 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
PRC - [2012/03/01 13:57:36 | 000,232,616 | ---- | M] (Visicom Media Inc. (Powered by Panda Security)) -- C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe
PRC - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
PRC - [2011/03/28 11:21:16 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2010/10/08 10:01:14 | 000,010,408 | ---- | M] (Microsoft) -- C:\Program Files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifierService.exe
PRC - [2010/03/31 11:42:56 | 000,786,432 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe
PRC - [2010/03/25 17:08:06 | 001,573,376 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
PRC - [2010/03/04 12:28:08 | 000,658,656 | ---- | M] (SoftThinks) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
PRC - [2010/02/05 17:29:12 | 000,454,400 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgentUI.exe
PRC - [2010/02/05 17:28:26 | 000,742,144 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgent.exe
PRC - [2009/11/13 17:15:00 | 001,807,600 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
PRC - [2009/10/15 04:10:28 | 000,498,160 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
PRC - [2009/06/24 21:19:50 | 000,140,520 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2009/06/09 11:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe

========== Modules (No Company Name) ==========

MOD - [2012/04/12 16:08:35 | 014,339,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\43e23da6683962ea1168aaf007bbc35d\PresentationFramework.ni.dll
MOD - [2012/04/12 16:08:11 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\262285b3d0afafc5059f3fe9be69bff5\System.Windows.Forms.ni.dll
MOD - [2012/04/12 16:08:02 | 001,590,784 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\8177623eac8f15cf95b587625439eac7\System.Drawing.ni.dll
MOD - [2012/04/12 16:07:31 | 012,234,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\74d980e52c1791f1b8608d767a393144\PresentationCore.ni.dll
MOD - [2012/03/12 18:05:24 | 000,982,880 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
MOD - [2012/02/16 10:35:18 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\cb5bd98ffa4c82327b0e4db02bb58d2d\System.Management.ni.dll
MOD - [2012/02/16 09:35:17 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\74fcc0f56435d0396f9524cd4293d3e5\PresentationFramework.Aero.ni.dll
MOD - [2012/02/16 09:35:08 | 001,840,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\a595aa31f93ed043fd02ec9d8ff40b32\System.Web.Services.ni.dll
MOD - [2012/02/16 09:34:04 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\47b9e7f070271ff50f988f75ea68fa3e\WindowsBase.ni.dll
MOD - [2012/02/16 09:33:55 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\9866d1f6178e1cde25642f1ac293ff8d\System.Xml.ni.dll
MOD - [2012/02/16 09:33:49 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e620323cacb5b6bfd93fd28d263440e4\System.Configuration.ni.dll
MOD - [2012/02/16 09:33:46 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\faf4e8730ecbd07570111bb7c3b20565\System.ni.dll
MOD - [2011/12/03 23:30:40 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
MOD - [2011/06/24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010/03/31 11:42:56 | 000,786,432 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe
MOD - [2010/02/11 12:53:00 | 000,234,816 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STFiles.dll
MOD - [2010/02/11 12:53:00 | 000,128,320 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STLog.dll
MOD - [2010/02/11 12:53:00 | 000,121,152 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STNLS.dll
MOD - [2010/02/11 12:53:00 | 000,111,936 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STPE.dll
MOD - [2010/02/11 12:53:00 | 000,079,168 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\zlib1.dll
MOD - [2010/02/11 12:53:00 | 000,075,072 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STRegistry.dll
MOD - [2010/02/11 12:53:00 | 000,025,920 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STBRCCServCLR.dll
MOD - [2010/02/11 12:53:00 | 000,025,920 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftBRCCPiped.dll
MOD - [2010/02/11 12:53:00 | 000,025,920 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftBRCC.dll
MOD - [2010/02/11 12:52:00 | 001,123,648 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\libxml2.dll
MOD - [2009/11/13 17:15:00 | 001,807,600 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
MOD - [2009/11/13 17:15:00 | 000,275,696 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbShared.dll
MOD - [2009/11/13 17:15:00 | 000,152,816 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbShared.XmlSerializers.dll
MOD - [2009/11/13 17:15:00 | 000,095,472 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbUI.dll
MOD - [2009/11/13 17:15:00 | 000,017,648 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\CppUtils.dll
MOD - [2009/10/15 04:10:28 | 000,498,160 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
MOD - [2009/09/11 13:05:00 | 000,058,608 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\BalloonWindow.dll

========== Win32 Services (SafeList) ==========

SRV:64bit: - File not found [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe /McCoreSvc -- (McAfee SiteAdvisor Service)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/06/28 23:44:38 | 000,240,128 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\stacsv64.exe -- (STacSV)
SRV:64bit: - [2009/06/09 11:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV - [2012/05/04 18:08:53 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/04/30 09:44:38 | 005,106,744 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012/03/12 18:05:25 | 000,918,880 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe -- (vToolbarUpdater10.2.0)
SRV - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011/09/01 09:17:00 | 001,025,352 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2011/04/01 11:14:30 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/03/28 11:21:16 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2010/10/08 10:01:14 | 000,010,408 | ---- | M] (Microsoft) [Auto | Running] -- C:\Program Files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifierService.exe -- (AbsoluteNotifier)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/04 12:28:08 | 000,658,656 | ---- | M] (SoftThinks) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe -- (SftService)
SRV - [2010/02/05 17:28:26 | 000,742,144 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgent.exe -- (NACAgent)
SRV - [2010/01/06 01:21:41 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2009/06/28 23:44:38 | 000,240,128 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe -- (STacSV)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/05 19:07:28 | 000,250,616 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe -- (GameConsoleService)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/04/19 04:50:26 | 000,028,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2012/03/19 05:17:26 | 000,383,808 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/22 05:25:32 | 000,289,872 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2012/01/31 04:46:48 | 000,036,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2011/12/23 13:32:14 | 000,047,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2011/12/23 13:32:04 | 000,029,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avgidsfiltera.sys -- (AVGIDSFilter)
DRV:64bit: - [2011/12/23 13:31:58 | 000,124,496 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 08:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 06:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 04:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/17 19:34:58 | 000,025,072 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- c:\Program Files\Dell Support Center\pcdsrvc_x64.pkms -- (PCDSRVC{1E208CE0-FB7451FF-06020101}_0)
DRV:64bit: - [2010/08/25 20:36:04 | 010,611,552 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/04/19 21:47:42 | 000,050,688 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/09 04:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/06/28 23:44:38 | 000,487,424 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2009/06/25 23:23:30 | 000,272,432 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009/06/25 04:04:20 | 000,067,584 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimmpx64.sys -- (rimmptsk)
DRV:64bit: - [2009/06/25 03:38:52 | 000,057,856 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rixdpx64.sys -- (rismxdp)
DRV:64bit: - [2009/06/25 03:13:44 | 000,055,296 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimspx64.sys -- (rimsptsk)
DRV:64bit: - [2009/06/15 14:06:42 | 000,172,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2009/06/10 15:34:36 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink (TM)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/25 15:13:10 | 000,138,752 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel(R)
DRV:64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/05/13 19:51:40 | 005,435,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5v64.sys -- (NETw5v64) Intel(R)
DRV:64bit: - [2006/11/01 13:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE:64bit: - HKLM\..\SearchScopes\{9CC9D77A-A561-4F15-900E-F9FA22FEC12D}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{EFAF52A9-A8B5-4AC8-BF21-A0E68CA16FAE}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://mylifeisaverage.com/
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKCU\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://blekko.com/ws/?source=f45f13b3&tbp=rbox&toolbarid=blekkotb_005&u=201205093D7C4FA7AF6F5AA249E7A074&q={searchTerms}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADSA_en
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={C06B2A2C-181E-4CAC-91B3-AA588208BB8C}&mid=55d14e4fa16c47d18ea91a9c3903effb-e4de087072c1a852204d0a604feaf32f809e3ab2&lang=en&ds=AVG&pr=fr&d=2011-09-29 10:58:31&v=10.0.0.7&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{DF233F05-8B5D-4725-8711-10B0B312DD4E}: "URL" = http://search.yahoo.com/search?fr=mcafee&p={SearchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nbc.com/DirectPlayer: C:\Program Files (x86)\NBC Direct\npDirectPlayerMozilla.dll File not found
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll File not found
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\KIMBERLYTVAN\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\KIMBERLYTVAN\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2012/05/03 15:14:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files (x86)\McAfee\SiteAdvisor [2011/08/10 20:20:02 | 000,000,000 | -H-D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\10.2.0.3\ [2012/03/12 18:05:38 | 000,000,000 | -H-D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files (x86)\AVG\AVG2012\Firefox\DoNotTrack\ [2012/05/03 15:12:32 | 000,000,000 | ---D | M]

========== Chrome ==========

CHR - default_search_provider: AVG Secure Search (Enabled)
CHR - default_search_provider: search_url = http://isearch.avg.com/search?cid={C06B2A2C-181E-4CAC-91B3-AA588208BB8C}&mid=55d14e4fa16c47d18ea91a9c3903effb-e4de087072c1a852204d0a604feaf32f809e3ab2&lang=en&ds=AVG&pr=fr&d=2011-09-29 10:58:31&v=10.0.0.7&sap=dsp&q={searchTerms}
CHR - default_search_provider: suggest_url = http://clients5.google.com/complete/search?hl={language}&q={searchTerms}&client=ie8&inputencoding={inputEncoding}&outputencoding={outputEncoding}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\KIMBERLYTVAN\AppData\Local\Google\Chrome\Application\18.0.1025.162\gcswf32.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\KIMBERLYTVAN\AppData\Local\Google\Chrome\Application\18.0.1025.162\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\KIMBERLYTVAN\AppData\Local\Google\Chrome\Application\18.0.1025.162\pdf.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Users\KIMBERLYTVAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.31.137.7_0\McChPlg.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Users\KIMBERLYTVAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1804_0\plugins/avgnpss.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Users\KIMBERLYTVAN\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: SiteAdvisor = C:\Users\KIMBERLYTVAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.31.137.7_0\
CHR - Extension: AVG Safe Search = C:\Users\KIMBERLYTVAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\
CHR - Extension: Vuze Remote = C:\Users\KIMBERLYTVAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojpijjmpahflnipadmlpgbjmagmjchkk\2.3.4.2_0\

O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O2 - BHO: (I Want This) - {11111111-1111-1111-1111-110011221158} - C:\Program Files (x86)\I Want This\I Want This.dll (215 Apps)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll ()
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Vuze Remote Toolbar) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [Absolute Notifier] C:\Program Files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifier.exe (Absolute Software)
O4 - HKLM..\Run: [Anti-phishing Domain Advisor] C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe (Visicom Media Inc. (Powered by Panda Security))
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe ()
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter File not found
O4 - HKLM..\Run: [Desktop Disc Tool] c:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [NACAgentUI] C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgentUI.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [ROC_roc_dec12] C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe ()
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O4 - HKCU..\Run: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent File not found
O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O4:64bit: - HKLM..\RunOnce: [DSUpdateLauncher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe (Dell)
O4 - HKLM..\RunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe (Softthinks)
O4 - HKLM..\RunOnce: [STToasterLauncher] C:\Program Files (x86)\Dell DataSafe Local Backup\ToasterLauncher.exe ()
O4 - Startup: C:\Users\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html File not found
O9:64bit: - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class)
O16 - DPF: {4D2D3A17-9B46-483C-A5F4-1DC471080009} https://perfserv1.css.edu/auth/taweb.cab (Cisco NAC Web Agent Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6F6E0FA8-2656-43B3-B380-1B8553780D5F}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F0B785B6-7BA0-473A-8261-1BD19E97CF9F}: DhcpNameServer = 143.110.1.1
O18:64bit: - Protocol\Handler\cozi - No CLSID value found
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\cozi {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\10.2.0\ViProtocol.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{0f53bd0b-4891-11df-9edd-88b6adf45e06}\Shell - "" = AutoRun
O33 - MountPoints2\{0f53bd0b-4891-11df-9edd-88b6adf45e06}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: MCODS - Reg Error: Value error.
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PEVSystemStart - Service
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: procexp90.Sys - Driver
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: MCODS - Reg Error: Value error.
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PEVSystemStart - Service
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: procexp90.Sys - Driver
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: McMPFSvc - Service
SafeBootNet:64bit: MCODS - Reg Error: Value error.
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PEVSystemStart - Service
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: procexp90.Sys - Driver
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: GoToAssist - C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe (Citrix Online, a division of Citrix Systems, Inc.)
SafeBootNet: HelpSvc - Service
SafeBootNet: McMPFSvc - Service
SafeBootNet: MCODS - Reg Error: Value error.
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PEVSystemStart - Service
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: procexp90.Sys - Driver
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

Re: Critical error Drive sector not found9th May 2012, 9:52 pm

ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.bdmpeg - C:\Windows\SysWow64\bdmpega.acm ()
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.mpeg - C:\Windows\SysWow64\bdmpegv.dll ()
Drivers32: vidc.VP60 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/05/08 21:02:13 | 000,000,000 | ---D | C] -- C:\Users\KIMBERLYTVAN\DoctorWeb
[2012/05/08 20:39:51 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/05/08 20:39:51 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/05/08 20:39:50 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/05/08 20:39:38 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012/05/08 20:39:36 | 000,000,000 | --SD | C] -- C:\ComboFix
[2012/05/08 20:39:19 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2012/05/08 20:39:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
[2012/05/08 20:38:33 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/05/08 20:27:23 | 000,000,000 | ---D | C] -- C:\Users\KIMBERLYTVAN\AppData\Local\{C8D90844-7441-42B5-A438-C4376348BA36}
[2012/05/08 20:23:46 | 000,000,000 | ---D | C] -- C:\Users\KIMBERLYTVAN\AppData\Local\I Want This
[2012/05/08 20:23:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\I Want This
[2012/05/08 20:23:40 | 000,000,000 | ---D | C] -- C:\ProgramData\blekko toolbars
[2012/05/08 20:23:32 | 000,000,000 | ---D | C] -- C:\Users\KIMBERLYTVAN\AppData\Local\blekkotb_005
[2012/05/08 20:23:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Anti-phishing Domain Advisor
[2012/05/08 20:13:41 | 000,000,000 | -H-D | C] -- C:\Users\KIMBERLYTVAN\AppData\Roaming\SpeedyPC Software
[2012/05/08 20:13:41 | 000,000,000 | -H-D | C] -- C:\Users\KIMBERLYTVAN\AppData\Roaming\DriverCure
[2012/05/08 20:13:26 | 000,000,000 | -H-D | C] -- C:\Users\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedyPC Software
[2012/05/08 20:13:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\SpeedyPC Software
[2012/05/08 20:13:12 | 000,000,000 | -H-D | C] -- C:\ProgramData\SpeedyPC Software
[2012/05/08 20:13:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpeedyPC Software
[2012/05/08 19:55:20 | 000,000,000 | -H-D | C] -- C:\Users\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Data Recovery
[2012/05/07 20:09:41 | 000,000,000 | -H-D | C] -- C:\Users\KIMBERLYTVAN\AppData\Local\{7078AF30-E614-4123-AE51-3411820F957D}
[2012/05/07 20:09:29 | 000,000,000 | -H-D | C] -- C:\Users\KIMBERLYTVAN\AppData\Local\{40FC4707-6213-4BB3-8D51-5C4BEAFC3FF4}
[2012/05/06 19:58:56 | 000,000,000 | -H-D | C] -- C:\Users\KIMBERLYTVAN\AppData\Local\{B7E5F0E4-43C6-4A45-B751-AC46B3B829A5}
[2012/05/06 19:58:43 | 000,000,000 | -H-D | C] -- C:\Users\KIMBERLYTVAN\AppData\Local\{E7A13679-43FD-43EA-BBD2-2973ACB29C88}
[2012/05/06 10:13:43 | 000,000,000 | -H-D | C] -- C:\Users\KIMBERLYTVAN\AppData\Local\{4F4A2303-12C4-40DD-9642-73B9E69D7674}
[2012/05/06 10:13:31 | 000,000,000 | -H-D | C] -- C:\Users\KIMBERLYTVAN\AppData\Local\{C0ACF0B1-3CFC-46DA-B4D3-AE76020C2A0E}
[2012/05/05 19:39:35 | 000,000,000 | -H-D | C] -- C:\Users\KIMBERLYTVAN\AppData\Local\{75049E47-B78B-475D-BA21-B54570B0C025}
[2012/05/05 19:39:23 | 000,000,000 | -H-D | C] -- C:\Users\KIMBERLYTVAN\AppData\Local\{BFDE5F77-851A-4FAB-834E-2DB120FE0F48}
[2012/05/04 20:14:55 | 000,000,000 | -H-D | C] -- C:\Users\KIMBERLYTVAN\AppData\Local\{6028BECE-F2A1-4475-8D9C-5908CBDF4E49}
[2012/05/04 20:14:24 | 000,000,000 | -H-D | C] -- C:\Users\KIMBERLYTVAN\AppData\Local\{EE0EE131-964D-46EB-AB2D-E16D6104CDCC}
[2012/05/04 18:08:18 | 008,769,696 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2012/05/03 20:09:38 | 000,000,000 | -H-D | C] -- C:\Users\KIMBERLYTVAN\AppData\Local\{C8192F9E-C7AF-4000-A62E-BBBE2E793AB2}
[2012/05/03 20:09:14 | 000,000,000 | -H-D | C] -- C:\Users\KIMBERLYTVAN\AppData\Local\{1970E9F1-C3A1-4FD0-8C5A-89F31F865A6B}
[2012/05/03 15:14:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2012/05/02 20:41:16 | 000,000,000 | -H-D | C] -- C:\Users\KIMBERLYTVAN\AppData\Local\{D92573B0-DEA3-4C82-B28A-B0A2FDA00A6B}
[2012/05/02 20:41:04 | 000,000,000 | -H-D | C] -- C:\Users\KIMBERLYTVAN\AppData\Local\{2875A2DE-C0A1-4302-AD01-EEAA56FC57EC}
[2012/05/01 20:15:06 | 000,000,000 | -H-D | C] -- C:\Users\KIMBERLYTVAN\AppData\Local\{8B85F730-2385-4539-AB21-B6CC1F1E4487}
[2012/05/01 20:14:47 | 000,000,000 | -H-D | C] -- C:\Users\KIMBERLYTVAN\AppData\Local\{E0955366-AF20-4379-ADE1-1AB01F4C770C}
[2012/04/30 18:11:50 | 000,000,000 | -H-D | C] -- C:\Users\KIMBERLYTVAN\AppData\Local\{A55ECA6C-2869-48F7-8BAF-4976F4977C05}
[2012/04/30 18:11:31 | 000,000,000 | -H-D | C] -- C:\Users\KIMBERLYTVAN\AppData\Local\{61B9A365-C775-4B48-B05C-63ADB45956AD}
[2012/04/29 20:03:20 | 000,000,000 | -H-D | C] -- C:\Users\KIMBERLYTVAN\AppData\Local\{E582E7C2-F199-4E12-9966-972C4634B585}
[2012/04/29 20:03:07 | 000,000,000 | -H-D | C] -- C:\Users\KIMBERLYTVAN\AppData\Local\{F002D54E-78E5-46E9-8651-3D845DE11F50}
[2012/04/29 19:24:27 | 000,000,000 | -H-D | C] -- C:\Users\KIMBERLYTVAN\AppData\Roaming\Origin
[2012/04/29 19:24:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
[2012/04/29 19:24:15 | 000,000,000 | -H-D | C] -- C:\ProgramData\Origin
[2012/04/29 19:24:01 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Origin
[2012/04/28 20:07:28 | 000,000,000 | -H-D | C] -- C:\Users\KIMBERLYTVAN\AppData\Local\{03AC3D04-EE32-4612-9D23-C18D08128B06}
[2012/04/28 20:07:07 | 000,000,000 | -H-D | C] -- C:\Users\KIMBERLYTVAN\AppData\Local\{B0565550-B731-43D5-AF10-97B01227CD0C}
[2012/04/27 20:02:21 | 000,000,000 | -H-D | C] -- C:\Users\KIMBERLYTVAN\AppData\Local\{335AF0BF-8A20-40E0-8040-A818D11EF9CB}
[2012/04/27 20:02:08 | 000,000,000 | -H-D | C] -- C:\Users\KIMBERLYTVAN\AppData\Local\{E9D1F209-B6CD-4649-BCAC-4E1145AC9EF8}
[2012/04/26 21:07:34 | 000,000,000 | -H-D | C] -- C:\Users\KIMBERLYTVAN\AppData\Local\{225E7B75-6181-449B-BA41-3EF4C6F206FB}
[2012/04/26 21:07:15 | 000,000,000 | -H-D | C] -- C:\Users\KIMBERLYTVAN\AppData\Local\{E6691423-878E-4BB9-B7CB-37E17A05077E}
[2012/04/25 20:18:11 | 000,000,000 | -H-D | C] -- C:\Users\KIMBERLYTVAN\AppData\Local\{E2D67558-911A-4747-B60F-0F3DB7108E0C}
[2012/04/25 20:18:00 | 000,000,000 | -H-D | C] -- C:\Users\KIMBERLYTVAN\AppData\Local\{4A961426-00CE-485B-9D07-1C8876A1D043}
[2012/04/24 21:35:28 | 000,000,000 | -H-D | C] -- C:\Users\KIMBERLYTVAN\AppData\Local\{8DD7BAEF-F251-47A6-BFD2-C65ECA7A66AF}
[2012/04/24 21:35:17 | 000,000,000 | -H-D | C] -- C:\Users\KIMBERLYTVAN\AppData\Local\{72AF6AF2-53D0-4E91-9E40-57A8C855F832}
[2012/04/24 21:33:19 | 000,419,488 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/04/21 19:59:34 | 000,000,000 | -H-D | C] -- C:\Users\KIMBERLYTVAN\AppData\Local\{4B47827E-589C-4AE0-B3B3-1734698179BB}
[2012/04/21 19:59:15 | 000,000,000 | -H-D | C] -- C:\Users\KIMBERLYTVAN\AppData\Local\{0E22DE92-D024-42AC-A663-6E24AD96B8E3}
[2012/04/20 18:03:55 | 000,000,000 | -H-D | C] -- C:\Users\KIMBERLYTVAN\AppData\Local\{E564763D-3E32-4AD3-B6DD-A5AA7687FC18}
[2012/04/20 18:03:40 | 000,000,000 | -H-D | C] -- C:\Users\KIMBERLYTVAN\AppData\Local\{ADFEEDAC-F6FA-4F18-BB33-EDD4D64BA709}
[2012/04/19 20:13:24 | 000,000,000 | -H-D | C] -- C:\Users\KIMBERLYTVAN\AppData\Local\{EC4B7F77-B284-40BA-8C37-4615A4BF772A}
[2012/04/19 20:13:10 | 000,000,000 | -H-D | C] -- C:\Users\KIMBERLYTVAN\AppData\Local\{259BB9A2-E15E-46AD-9B6A-B80A92C654D9}
[2012/04/19 04:50:26 | 000,028,480 | ---- | C] (AVG Technologies CZ, s.r.o. ) -- C:\Windows\SysNative\drivers\avgidsha.sys
[2012/04/18 20:12:29 | 000,000,000 | -H-D | C] -- C:\Users\KIMBERLYTVAN\AppData\Local\{3539907D-92D1-4E2C-96DD-4116CAB01F67}
[2012/04/18 20:12:05 | 000,000,000 | -H-D | C] -- C:\Users\KIMBERLYTVAN\AppData\Local\{F4675BF5-71BC-406E-8DA9-FFDAE1CA1017}
[2012/04/17 20:30:44 | 000,000,000 | -H-D | C] -- C:\Users\KIMBERLYTVAN\AppData\Local\{73EFEBCB-3119-420D-AD07-62BAA22736F9}
[2012/04/17 20:30:32 | 000,000,000 | -H-D | C] -- C:\Users\KIMBERLYTVAN\AppData\Local\{02909FC5-A7F2-4B92-A0C9-A8B407654E57}
[2012/04/17 18:40:55 | 000,000,000 | -H-D | C] -- C:\Users\KIMBERLYTVAN\Documents\Electronic Arts
[2012/04/17 18:34:42 | 000,000,000 | -H-D | C] -- C:\ProgramData\Electronic Arts
[2012/04/17 18:18:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft WSE
[2012/04/17 18:17:36 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll
[2012/04/17 18:17:36 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2012/04/17 17:57:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Electronic Arts
[2012/04/16 19:19:27 | 000,000,000 | -H-D | C] -- C:\Users\KIMBERLYTVAN\AppData\Local\{854EB914-304F-4C45-B686-151E25AF5CE0}
[2012/04/16 19:19:07 | 000,000,000 | -H-D | C] -- C:\Users\KIMBERLYTVAN\AppData\Local\{6C29926A-EF31-4D13-A398-1671D1401743}
[2012/04/15 21:05:43 | 000,000,000 | -H-D | C] -- C:\Users\KIMBERLYTVAN\AppData\Local\{2F27B4A3-5DE4-4561-AB3F-6DDD46E8266C}
[2012/04/15 21:05:25 | 000,000,000 | -H-D | C] -- C:\Users\KIMBERLYTVAN\AppData\Local\{6EEE518A-52D7-4E56-9AAA-2402FD35F963}
[2012/04/14 20:05:51 | 000,000,000 | -H-D | C] -- C:\Users\KIMBERLYTVAN\AppData\Local\{7E3AD139-3890-4231-8B7F-28EC4CA3AC04}
[2012/04/14 20:05:31 | 000,000,000 | -H-D | C] -- C:\Users\KIMBERLYTVAN\AppData\Local\{ECFBB69D-D564-4AC0-B21A-54E8DD8C1130}
[2012/04/13 20:03:16 | 000,000,000 | -H-D | C] -- C:\Users\KIMBERLYTVAN\AppData\Local\{9BC427C5-3ACC-4332-9949-95EFE3A7E69A}
[2012/04/13 20:02:57 | 000,000,000 | -H-D | C] -- C:\Users\KIMBERLYTVAN\AppData\Local\{0578E287-FE61-4575-ACDD-1204E859C16B}
[2012/04/12 23:00:52 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2012/04/12 23:00:52 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2012/04/12 23:00:51 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012/04/12 19:59:25 | 000,000,000 | -H-D | C] -- C:\Users\KIMBERLYTVAN\AppData\Local\{CE90064A-2DDE-43F1-886C-83BD7997FF4D}
[2012/04/11 22:54:30 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/04/11 22:54:30 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/04/11 22:54:29 | 002,311,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/04/11 22:54:29 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/04/11 22:54:29 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/04/11 22:54:29 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/04/11 22:54:29 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/04/11 22:54:28 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/04/11 22:54:28 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/04/11 22:54:28 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/04/11 22:54:28 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/04/11 22:53:43 | 005,559,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012/04/11 22:53:43 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/04/11 22:53:43 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012/04/11 19:48:33 | 000,000,000 | -H-D | C] -- C:\Users\KIMBERLYTVAN\AppData\Local\{5778570B-3328-4F27-88C9-B2A9CFFEF343}
[2012/04/10 22:24:10 | 000,000,000 | -H-D | C] -- C:\Users\KIMBERLYTVAN\AppData\Local\{1E0EF140-70BB-48B7-B866-3875E40E7DD8}
[2012/04/10 10:23:45 | 000,000,000 | -H-D | C] -- C:\Users\KIMBERLYTVAN\AppData\Local\{80215034-AE11-4370-A4E8-04D01671C2D6}
[2012/04/09 20:00:56 | 000,000,000 | -H-D | C] -- C:\Users\KIMBERLYTVAN\AppData\Local\{A488FCA1-7FB1-41E0-A740-D925F501D1CB}

========== Files - Modified Within 30 Days ==========

[2012/05/09 16:13:29 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/05/09 16:13:29 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/05/09 16:08:09 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/05/09 16:03:52 | 000,000,506 | ---- | M] () -- C:\Windows\tasks\SpeedyPC Registration3.job
[2012/05/09 16:03:52 | 000,000,478 | ---- | M] () -- C:\Windows\tasks\SpeedyPC Update Version3.job
[2012/05/09 16:03:52 | 000,000,434 | ---- | M] () -- C:\Windows\tasks\SpeedyPC Pro.job
[2012/05/09 16:03:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/05/09 16:03:42 | 3168,419,840 | -HS- | M] () -- C:\hiberfil.sys
[2012/05/09 15:58:17 | 000,000,884 | -H-- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3570141970-2777158319-3988758674-1000Core.job
[2012/05/09 15:58:07 | 000,000,936 | -H-- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3570141970-2777158319-3988758674-1000UA.job
[2012/05/09 09:38:32 | 097,582,226 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2012/05/09 09:04:44 | 000,000,422 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2012/05/08 20:13:26 | 000,001,201 | -H-- | M] () -- C:\Users\KIMBERLYTVAN\Desktop\SpeedyPC Pro.lnk
[2012/05/08 20:10:21 | 000,000,480 | -H-- | M] () -- C:\ProgramData\xGU4MjfAjnsUkZ
[2012/05/08 20:00:56 | 000,000,176 | -H-- | M] () -- C:\ProgramData\-xGU4MjfAjnsUkZr
[2012/05/08 20:00:56 | 000,000,000 | -H-- | M] () -- C:\ProgramData\-xGU4MjfAjnsUkZ
[2012/05/08 19:55:23 | 000,000,681 | -H-- | M] () -- C:\Users\KIMBERLYTVAN\Application Data\Microsoft\Internet Explorer\Quick Launch\Data_Recovery.lnk
[2012/05/08 19:55:23 | 000,000,657 | -H-- | M] () -- C:\Users\KIMBERLYTVAN\Desktop\Data_Recovery.lnk
[2012/05/08 19:55:09 | 000,223,232 | -H-- | M] () -- C:\ProgramData\xGU4MjfAjnsUkZ.exe
[2012/05/08 11:04:36 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2012/05/04 18:08:52 | 000,419,488 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/05/04 18:08:52 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/05/04 18:08:18 | 008,769,696 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2012/05/02 17:51:49 | 000,522,208 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm
[2012/04/30 18:02:42 | 000,002,400 | -H-- | M] () -- C:\Users\KIMBERLYTVAN\Desktop\Google Chrome.lnk
[2012/04/19 04:50:26 | 000,028,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) -- C:\Windows\SysNative\drivers\avgidsha.sys
[2012/04/17 11:34:15 | 000,778,834 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/04/17 11:34:15 | 000,660,318 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/04/17 11:34:15 | 000,121,214 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

========== Files Created - No Company Name ==========

[2012/05/08 20:39:51 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/05/08 20:39:51 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/05/08 20:39:51 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/05/08 20:39:50 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/05/08 20:39:50 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/05/08 20:13:56 | 000,000,506 | ---- | C] () -- C:\Windows\tasks\SpeedyPC Registration3.job
[2012/05/08 20:13:26 | 000,001,201 | -H-- | C] () -- C:\Users\KIMBERLYTVAN\Desktop\SpeedyPC Pro.lnk
[2012/05/08 20:13:24 | 000,000,478 | ---- | C] () -- C:\Windows\tasks\SpeedyPC Update Version3.job
[2012/05/08 20:13:17 | 000,000,434 | ---- | C] () -- C:\Windows\tasks\SpeedyPC Pro.job
[2012/05/08 19:55:28 | 000,000,176 | -H-- | C] () -- C:\ProgramData\-xGU4MjfAjnsUkZr
[2012/05/08 19:55:27 | 000,000,000 | -H-- | C] () -- C:\ProgramData\-xGU4MjfAjnsUkZ
[2012/05/08 19:55:23 | 000,000,681 | -H-- | C] () -- C:\Users\KIMBERLYTVAN\Application Data\Microsoft\Internet Explorer\Quick Launch\Data_Recovery.lnk
[2012/05/08 19:55:23 | 000,000,657 | -H-- | C] () -- C:\Users\KIMBERLYTVAN\Desktop\Data_Recovery.lnk
[2012/05/08 19:55:13 | 000,000,480 | -H-- | C] () -- C:\ProgramData\xGU4MjfAjnsUkZ
[2012/05/08 19:55:09 | 000,223,232 | -H-- | C] () -- C:\ProgramData\xGU4MjfAjnsUkZ.exe
[2012/04/24 21:34:01 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2011/12/03 20:26:11 | 000,773,050 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/11/27 20:30:18 | 000,001,194 | -HS- | C] () -- C:\Users\KIMBERLYTVAN\AppData\Local\121518b2t827b281r656r4vbi8m1
[2011/11/27 20:30:18 | 000,001,194 | -HS- | C] () -- C:\ProgramData\121518b2t827b281r656r4vbi8m1
[2011/11/23 10:10:58 | 000,001,213 | -H-- | C] () -- C:\Users\KIMBERLYTVAN\AppData\Roaming\ahst.lni
[2011/08/02 22:15:58 | 000,000,580 | ---- | C] () -- C:\Windows\eReg.dat
[2010/08/25 20:34:30 | 000,982,240 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2010/08/25 20:34:30 | 000,439,308 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2010/08/25 20:34:30 | 000,092,356 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
[2010/08/25 19:52:00 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2010/08/25 19:52:00 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll

========== Custom Scans ==========

< %systemroot%\Fonts\*.com >
[2009/07/14 00:32:31 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2009/07/14 00:32:31 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2009/07/14 00:32:31 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2009/07/14 00:32:31 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2009/06/10 15:49:50 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >
[2011/05/13 15:42:24 | 000,302,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >
[2009/07/13 23:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini

< %APPDATA%\Update\*.* >

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2012/03/30 18:20:27 | 000,000,221 | -HS- | M] () -- C:\Users\KIMBERLYTVAN\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini

< %USERPROFILE%\Desktop\*.exe >

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %systemroot%\ADDINS\*.* >
[2009/06/10 16:20:04 | 000,000,802 | ---- | M] () -- C:\Windows\ADDINS\FXSEXT.ecf

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\*.exe >

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >
[2012/02/16 09:28:17 | 000,000,402 | -HS- | M] () -- C:\Users\KIMBERLYTVAN\Favorites\desktop.ini

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >
[2012/05/08 20:00:56 | 000,000,000 | -H-- | M] () -- C:\ProgramData\-xGU4MjfAjnsUkZ
[2012/05/08 20:00:56 | 000,000,176 | -H-- | M] () -- C:\ProgramData\-xGU4MjfAjnsUkZr
[2011/11/27 20:30:27 | 000,001,194 | -HS- | M] () -- C:\ProgramData\121518b2t827b281r656r4vbi8m1
[2010/10/08 10:01:06 | 000,000,003 | ---- | M] () -- C:\ProgramData\AbsoluteNotifier.txt
[2012/05/08 20:10:21 | 000,000,480 | -H-- | M] () -- C:\ProgramData\xGU4MjfAjnsUkZ
[2012/05/08 19:55:09 | 000,223,232 | -H-- | M] () -- C:\ProgramData\xGU4MjfAjnsUkZ.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\*.exe /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.sys >

< %systemroot%\system32\drivers\*.dll >

< %systemroot%\system32\drivers\*.ini >

< %systemroot%\system32\drivers\*.exe >

< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >

< %SYSTEMDRIVE%\*.* >
[2002/08/01 18:15:44 | 000,153,720 | ---- | M] () -- C:\00000000.016
[2002/08/01 18:15:44 | 000,229,144 | ---- | M] () -- C:\00000000.256
[2002/08/01 18:15:44 | 000,166,824 | ---- | M] () -- C:\00000001.016
[2002/08/01 18:15:44 | 000,308,280 | ---- | M] () -- C:\00000001.256
[2002/08/01 18:15:44 | 000,153,718 | ---- | M] () -- C:\00000002.016
[2002/08/01 18:15:44 | 000,308,278 | ---- | M] () -- C:\00000002.256
[2002/08/01 18:15:44 | 000,153,720 | ---- | M] () -- C:\00000003.016
[2002/08/01 18:15:44 | 000,308,276 | ---- | M] () -- C:\00000003.256
[2002/08/01 18:15:44 | 000,153,718 | ---- | M] () -- C:\00000004.016
[2002/08/01 18:15:44 | 000,308,278 | ---- | M] () -- C:\00000004.256
[2002/08/01 18:15:44 | 000,153,720 | ---- | M] () -- C:\00000005.016
[2002/08/01 18:15:44 | 000,308,276 | ---- | M] () -- C:\00000005.256
[2002/08/01 18:15:44 | 000,153,718 | ---- | M] () -- C:\00000006.016
[2002/08/01 18:15:44 | 000,308,278 | ---- | M] () -- C:\00000006.256
[2002/08/01 18:15:44 | 000,166,848 | ---- | M] () -- C:\00000007.016
[2002/08/01 18:15:44 | 000,308,280 | ---- | M] () -- C:\00000007.256
[2002/08/01 18:15:44 | 000,167,232 | ---- | M] () -- C:\00000008.016
[2002/08/01 18:15:44 | 000,227,788 | ---- | M] () -- C:\00000008.256
[2002/08/01 18:15:44 | 000,153,718 | ---- | M] () -- C:\00000009.016
[2002/08/01 18:15:44 | 000,308,278 | ---- | M] () -- C:\00000009.256
[2002/08/01 18:15:44 | 000,153,718 | ---- | M] () -- C:\0000000a.016
[2002/08/01 18:15:44 | 000,308,278 | ---- | M] () -- C:\0000000a.256
[2002/08/01 18:15:44 | 000,153,718 | ---- | M] () -- C:\0000000b.016
[2002/08/01 18:15:44 | 000,308,278 | ---- | M] () -- C:\0000000b.256
[2002/08/01 18:15:44 | 000,153,718 | ---- | M] () -- C:\0000000c.016
[2002/08/01 18:15:44 | 000,308,278 | ---- | M] () -- C:\0000000c.256
[2002/08/01 18:15:44 | 000,166,676 | ---- | M] () -- C:\0000000d.016
[2002/08/01 18:15:44 | 000,308,280 | ---- | M] () -- C:\0000000d.256
[2002/08/01 18:15:44 | 000,166,972 | ---- | M] () -- C:\0000000e.016
[2002/08/01 18:15:44 | 000,308,280 | ---- | M] () -- C:\0000000e.256
[2002/08/01 18:15:44 | 000,153,718 | ---- | M] () -- C:\0000000f.016
[2002/08/01 18:15:44 | 000,308,278 | ---- | M] () -- C:\0000000f.256
[2002/08/01 18:15:44 | 000,153,718 | ---- | M] () -- C:\00000010.016
[2002/08/01 18:15:44 | 000,308,278 | ---- | M] () -- C:\00000010.256
[2002/08/01 18:15:44 | 000,153,720 | ---- | M] () -- C:\00000011.016
[2002/08/01 18:15:44 | 000,308,276 | ---- | M] () -- C:\00000011.256
[2010/01/06 02:55:21 | 000,003,460 | RH-- | M] () -- C:\dell.sdr
[2000/12/06 21:16:32 | 000,835,628 | ---- | M] () -- C:\gimex.dll
[2012/05/09 16:03:42 | 3168,419,840 | -HS- | M] () -- C:\hiberfil.sys
[2000/12/06 21:16:32 | 000,137,728 | ---- | M] (Intel Corporation) -- C:\ijl10.dll
[2011/09/13 10:46:17 | 000,001,607 | ---- | M] () -- C:\MAKEMSI_VBSCA-Kaspersky Security Scan(1.0.0.500)-Tuesday.log
[2012/05/09 16:03:42 | 4224,561,152 | -HS- | M] () -- C:\pagefile.sys
[2010/02/10 01:01:29 | 000,000,204 | ---- | M] () -- C:\Plugins
[2002/08/01 15:36:46 | 003,682,546 | ---- | M] (Maxis, a brand of Electronic Arts) -- C:\Sims.exe

< %PROGRAMFILES%\*. >
[2010/10/25 11:48:01 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Absolute Software
[2012/02/09 20:33:32 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Adobe
[2011/08/27 19:41:31 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Apple Software Update
[2011/09/29 10:50:33 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\AVG
[2012/03/12 18:05:33 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\AVG Secure Search
[2011/03/01 13:33:43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\BandiMPEG1
[2011/08/27 19:46:32 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Bonjour
[2010/01/20 16:39:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Cisco
[2010/01/06 01:21:42 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Citrix
[2012/05/08 20:13:16 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files
[2011/02/28 20:47:50 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Conduit
[2011/02/28 20:47:45 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ConduitEngine
[2010/01/06 01:31:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Cozi Express
[2010/01/06 01:40:34 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Creative
[2010/01/06 01:39:23 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Creative Live! Cam
[2010/01/06 01:32:17 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\CyberLink
[2010/01/06 01:49:17 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Dell
[2012/05/09 16:04:46 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Dell DataSafe Local Backup
[2010/01/14 09:14:15 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Dell DataSafe Online
[2010/01/06 01:40:22 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Dell Webcam
[2012/04/29 19:24:05 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Electronic Arts
[2012/05/08 20:23:54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\I Want This
[2011/02/27 23:35:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ilivid
[2012/04/17 18:36:27 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
[2012/04/12 15:58:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Internet Explorer
[2010/11/07 20:34:00 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\iTunes
[2011/12/03 07:06:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Java
[2010/01/31 14:09:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\LFLInstall
[2011/08/26 12:24:56 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\McAfee
[2011/10/14 21:50:31 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft
[2010/01/06 01:24:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
[2010/01/06 01:20:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Office
[2012/02/16 00:31:18 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Silverlight
[2010/01/06 01:37:04 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2010/02/05 04:02:58 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Works
[2012/04/17 18:18:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft WSE
[2010/12/18 10:31:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft.NET
[2009/07/14 00:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSBuild
[2010/09/14 10:42:01 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\NBC Direct
[2012/04/29 19:24:14 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Origin
[2010/02/10 01:01:29 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Pando Networks
[2010/11/07 20:30:16 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\QuickTime
[2009/07/14 00:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Reference Assemblies
[2010/01/06 01:42:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Roxio
[2011/08/27 19:48:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Safari
[2012/05/08 20:13:12 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\SpeedyPC Software
[2009/07/13 23:57:06 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Uninstall Information
[2012/03/24 12:46:46 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Vuze
[2011/02/28 20:47:50 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Vuze_Remote
[2010/01/06 01:25:16 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\WildTangent
[2009/07/14 00:37:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Defender
[2012/05/08 20:39:15 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Live
[2011/11/15 00:16:12 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Mail
[2011/11/15 00:16:12 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Media Player
[2009/07/14 00:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows NT
[2011/11/15 00:16:12 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Photo Viewer
[2011/11/15 00:16:12 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Portable Devices
[2011/11/15 00:16:12 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Sidebar
[2011/11/14 02:31:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\WinRAR

< %appdata%\*.* >
[2011/11/23 10:10:59 | 000,001,213 | -H-- | M] () -- C:\Users\KIMBERLYTVAN\AppData\Roaming\ahst.lni
[2010/01/14 09:12:13 | 008,653,312 | -H-- | M] (Dell, Inc. ) -- C:\Users\KIMBERLYTVAN\AppData\Roaming\DataSafeDotNet.exe
[2010/01/22 22:23:16 | 000,002,164 | -H-- | M] () -- C:\Users\KIMBERLYTVAN\AppData\Roaming\install.dat

< MD5 for: AGP440.SYS >
[2009/07/13 20:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009/07/13 20:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009/07/13 20:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009/07/13 20:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/07/13 20:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/13 20:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/13 20:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009/07/13 20:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2009/07/13 20:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009/07/13 20:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009/07/13 20:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009/07/13 20:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: DISK.SYS >
[2009/07/13 20:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) MD5=9819EEE8B5EA3784EC4AF3B137A5244C -- C:\Windows\SysNative\drivers\disk.sys
[2009/07/13 20:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) MD5=9819EEE8B5EA3784EC4AF3B137A5244C -- C:\Windows\SysNative\DriverStore\FileRepository\disk.inf_amd64_neutral_10ce25bbc5a9cc43\disk.sys
[2009/07/13 20:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) MD5=9819EEE8B5EA3784EC4AF3B137A5244C -- C:\Windows\winsxs\amd64_disk.inf_31bf3856ad364e35_6.1.7600.16385_none_55bb738b8ddd8a01\disk.sys

< MD5 for: IASTORV.SYS >
[2010/11/20 08:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010/11/20 08:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011/03/11 01:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011/03/11 01:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011/03/11 01:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011/03/11 01:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011/03/11 01:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011/03/11 01:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009/07/13 20:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

< MD5 for: NETLOGON.DLL >
[2009/07/13 20:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010/11/20 08:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010/11/20 08:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010/11/20 07:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010/11/20 07:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009/07/13 20:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2009/07/13 20:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011/03/11 01:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011/03/11 01:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011/03/11 01:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011/03/11 01:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011/03/11 01:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011/03/11 01:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010/11/20 08:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010/11/20 08:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009/07/13 20:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009/07/13 20:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010/11/20 07:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010/11/20 07:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010/11/20 08:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010/11/20 08:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: USBSTOR.SYS >
[2009/07/13 19:06:34 | 000,089,600 | ---- | M] (Microsoft Corporation) MD5=080D3820DA6C046BE82FC8B45A893E83 -- C:\Windows\winsxs\amd64_usbstor.inf_31bf3856ad364e35_6.1.7600.16385_none_a47b405db18421ea\USBSTOR.SYS
[2011/03/10 23:21:50 | 000,091,648 | ---- | M] (Microsoft Corporation) MD5=36106AC439EDFBB7B8BDBF99079C7590 -- C:\Windows\winsxs\amd64_usbstor.inf_31bf3856ad364e35_6.1.7601.21680_none_a6e64054c7cca389\USBSTOR.SYS
[2011/03/10 23:29:51 | 000,091,136 | ---- | M] (Microsoft Corporation) MD5=3A6CB8C3B8904F01E73D10081B7D0EC7 -- C:\Windows\winsxs\amd64_usbstor.inf_31bf3856ad364e35_6.1.7600.20921_none_a541c506ca74a675\USBSTOR.SYS
[2010/11/20 05:44:05 | 000,091,648 | ---- | M] (Microsoft Corporation) MD5=D76510CFA0FC09023077F22C2F979D86 -- C:\Windows\SysNative\DriverStore\FileRepository\usbstor.inf_amd64_neutral_0725c2806a159a9d\USBSTOR.SYS
[2010/11/20 05:44:05 | 000,091,648 | ---- | M] (Microsoft Corporation) MD5=D76510CFA0FC09023077F22C2F979D86 -- C:\Windows\winsxs\amd64_usbstor.inf_31bf3856ad364e35_6.1.7601.17514_none_a6ac5425ae72a584\USBSTOR.SYS
[2011/03/10 23:31:17 | 000,091,136 | ---- | M] (Microsoft Corporation) MD5=F39983647BC1F3E6100778DDFE9DCE29 -- C:\Windows\winsxs\amd64_usbstor.inf_31bf3856ad364e35_6.1.7600.16778_none_a48918bfb179469a\USBSTOR.SYS
[2011/03/10 23:37:16 | 000,091,648 | ---- | M] (Microsoft Corporation) MD5=FED648B01349A3C8395A5169DB5FB7D6 -- C:\Windows\SysNative\drivers\USBSTOR.SYS
[2011/03/10 23:37:16 | 000,091,648 | ---- | M] (Microsoft Corporation) MD5=FED648B01349A3C8395A5169DB5FB7D6 -- C:\Windows\SysNative\DriverStore\FileRepository\usbstor.inf_amd64_neutral_26b33263a639795d\USBSTOR.SYS
[2011/03/10 23:37:16 | 000,091,648 | ---- | M] (Microsoft Corporation) MD5=FED648B01349A3C8395A5169DB5FB7D6 -- C:\Windows\winsxs\amd64_usbstor.inf_31bf3856ad364e35_6.1.7601.17577_none_a66e757baea0992f\USBSTOR.SYS

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

< End of report >

Re: Critical error Drive sector not found9th May 2012, 9:52 pm

Extra.Txt:

OTL Extras logfile created on: 5/9/2012 4:11:16 PM - Run 1
OTL by OldTimer - Version 3.2.42.3 Folder = C:\Users\KIMBERLYTVAN\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.93 Gb Total Physical Memory | 2.30 Gb Available Physical Memory | 58.58% Memory free
7.87 Gb Paging File | 6.03 Gb Available in Paging File | 76.64% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451.07 Gb Total Space | 49.19 Gb Free Space | 10.91% Space Free | Partition Type: NTFS

Computer Name: KIMBERLYTVAN-PC | User Name: KIMBERLYTVAN | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1E332BE4-6E0C-4E92-B183-8066282F809D}" = lport=2869 | protocol=6 | dir=in | app=system |
"{29DE23FE-545C-40E5-B3AE-E6A8172A2085}" = rport=138 | protocol=17 | dir=out | app=system |
"{2E6EEB69-B197-41C5-B852-BC9A1C9303E7}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{3E4B0929-6216-48F1-8756-38AF01952049}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{436E5489-06BF-48DB-B906-AE855402227A}" = lport=137 | protocol=17 | dir=in | app=system |
"{4C90A6F3-046E-4457-8700-CD6F2F730B84}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{545CC9C7-B8F3-41F1-8D8A-4EC3411B0588}" = lport=10243 | protocol=6 | dir=in | app=system |
"{5AF54884-7FBD-4520-8153-D9BAE574AA6C}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{64920052-9571-434E-90AD-FEE88F40F503}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{6D63645E-23F3-4348-849D-E7AE7753016A}" = lport=138 | protocol=17 | dir=in | app=system |
"{707F80C5-459B-4521-81AA-11A2DA43B910}" = lport=139 | protocol=6 | dir=in | app=system |
"{815F1572-AEE6-4992-891D-0B9033C7DEB8}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A5D77164-DF55-4CCA-9D36-55881F1E03B7}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A9CE26C5-ED47-4EE4-90F0-9659EC41BD19}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{AD3C16D9-531D-4009-84A5-4A18724DC54F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{CE41219C-B4EB-431A-84DD-4D55E7D137ED}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CF918A08-2351-4B34-AB11-E63CCE63C1E5}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D4238B78-BE7F-4B6E-AAF7-03A803830534}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D5880720-12AA-4DF4-9F0E-753BD07689C2}" = rport=10243 | protocol=6 | dir=out | app=system |
"{D62B6019-4D6A-4779-AB4D-51C764116B21}" = lport=445 | protocol=6 | dir=in | app=system |
"{DDE78A4D-4B27-4058-B18F-F3FDA5796DA8}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E539857B-0BC5-44AD-AD27-EFFF9EBE1E89}" = rport=139 | protocol=6 | dir=out | app=system |
"{E7981F1F-BACD-46FF-891F-5EEA71C70031}" = rport=137 | protocol=17 | dir=out | app=system |
"{F124093B-2278-409C-8D8C-DE5815DC4AF5}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F46D54CB-23C1-421C-A2D0-8A5B080753A8}" = rport=445 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00D7D5E7-2394-4703-B2D6-2A325434AA4F}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{056D5D56-639A-4DB1-B965-A3AF2D434DBD}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{0D1795B6-1A7E-418E-9739-765FAFA6F732}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{169AC5D6-2AF2-4C59-9D69-D6ACE6BDD08E}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgdiagex.exe |
"{172F5AEB-1D79-4AC4-BC19-23A680693535}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{1BDF768D-7707-4C20-A01B-B254CB5756B6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1F5C267F-7DD1-46BF-956D-3A0E9030D77D}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{233E79DE-E835-46EC-B272-C9A45279C696}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{24DC3026-5857-42BC-AF6F-263D17F96B12}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{2AB265BD-AEA7-40B7-85B7-7283B1B81B80}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{2CCD14DE-6007-40F5-9E11-9486A23DE30A}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{3B770D11-E76A-4E39-A51F-CEAB66432071}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3B8213A7-38B1-408B-957F-5CE8FCF6EB0D}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{3E515B38-B2D5-468B-9700-AF71E25C7ECB}" = protocol=17 | dir=in | app=c:\users\kimberlytvan\appdata\local\google\chrome\application\chrome.exe |
"{43001952-E321-4394-93A6-A1DC8EF8D051}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{43088BD2-21E2-456F-8F7B-0989C905F826}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{455567A1-CF24-4F29-B0B8-8262BA3C6918}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgmfapx.exe |
"{47271553-F004-4215-8441-8FB5F77A65E0}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{484105ED-868E-4B3A-8A1C-4294DA846CEB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{5ABEE0B3-7F8E-4775-8617-0E7C5CED1C2D}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgmfapx.exe |
"{6A61C929-3D13-42BD-AE4A-1DDEA6F22013}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgnsa.exe |
"{75DC9A5F-52A6-400E-917E-911F6F25E673}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{7B7E8AF4-6A52-49DE-9120-FE338EA9512C}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgemca.exe |
"{7F965EF0-A659-466E-8453-583310697C58}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd dx\pdvddxsrv.exe |
"{7FA1D862-BC25-4F04-A08E-E8EA159FD055}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{9087E4CC-7DB5-4C43-9027-0810FD9CFEA7}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{945CB090-FC82-490C-A112-B3479794B668}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{95431F2C-C574-45C0-8F3E-10A4027039A7}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgdiagex.exe |
"{96557200-C873-4DC4-B443-A721CBEE7A1F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{99EF6F82-FE73-42A3-A5BD-1441CB9207DC}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{A1E4EAB2-50F3-4040-BBA1-28B551298FC0}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{A4D7F05E-A750-49E8-A0A1-881E856D1E1F}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd dx\powerdvd.exe |
"{A6DA9511-6126-4411-8339-9CEA39D288BC}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A962874B-D45F-4FFD-A2FB-406236294AD3}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{AC0E7229-8B7B-4018-8480-15F1A1C1AEE3}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgemca.exe |
"{B5A37E3C-8D21-4872-AF74-898B2F8332CD}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{BBD96301-C1F8-4FC1-9769-F2B528BC88DB}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{C2BA6E12-846F-4923-BC7D-B4FA1A839D32}" = protocol=17 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{C7867EB5-E4AF-436A-A4F8-DE700F074B8C}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{CDEE835D-7935-4D35-A79B-79EF82305482}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D093C12C-0EA9-4314-A73B-EC94DFDEE0DA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D0CB996A-30DE-4BF2-B9E8-2CCE54AC6EAA}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{D3063F47-DB24-41F1-B3EE-1743ACD45D10}" = protocol=6 | dir=in | app=c:\users\kimberlytvan\appdata\local\google\chrome\application\chrome.exe |
"{D525A143-62D7-4A77-8C96-EE0CCE20FE0C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D8F97E8D-9B3A-4CFA-B4F5-98FB0C24B716}" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{E269255A-2ECC-47E7-9C02-C1348A263CD4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E46F18D0-E91A-4868-BAF5-8E90D91AD71E}" = protocol=6 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"{E4AB8ECE-1450-41C0-807D-4436EA43ABA8}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{E5AE3DE6-7AF2-4F7A-8042-AB3D4996638A}" = dir=in | app=c:\program files (x86)\common files\mcafee\mna\mcnasvc.exe |
"{E90C381B-5BAA-48FB-BDBF-9E017BE19724}" = protocol=6 | dir=out | app=system |
"{E9B705F7-94B8-4979-A83E-8194845E5D86}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{EA70BA4D-A887-4CDA-B721-CE629301E2EE}" = protocol=17 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"{F88E9E4A-E68F-42AE-8F42-A1C09009212C}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgnsa.exe |
"TCP Query User{158FEFF5-181D-42B5-99C2-CF9A4BA587B4}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |
"TCP Query User{261E1C6E-6895-441A-BE39-9F20A4FEFF67}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |
"TCP Query User{4CB8E29D-1F9D-4922-AC32-990616DC825B}C:\castledungeon\binaries\win32\udk.exe" = protocol=6 | dir=in | app=c:\castledungeon\binaries\win32\udk.exe |
"TCP Query User{C6CF74FC-8B8E-451A-A8B9-7AD10D183142}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{FFBA2FB5-202C-43CD-AF70-206C9C1E4B98}C:\program files (x86)\vuze\azureus.exe" = protocol=6 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"UDP Query User{4EAD48E5-1578-43BB-93D9-5D998FC78E3C}C:\program files (x86)\vuze\azureus.exe" = protocol=17 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"UDP Query User{55A83437-F893-449D-A721-9C080AC32D03}C:\castledungeon\binaries\win32\udk.exe" = protocol=17 | dir=in | app=c:\castledungeon\binaries\win32\udk.exe |
"UDP Query User{A3B37488-9BC9-4356-AAD6-ACFE2E343D0D}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |
"UDP Query User{C33E64BE-C2C2-4F60-97CC-81A534393672}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{E0C57938-5910-424E-A24F-C11CFCDBBE05}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0090A87C-3E0E-43D4-AA71-A71B06563A4A}" = Dell Support Center
"{015C5B35-B678-451C-9AEE-821E8D69621C}_is1" = PeerBlock 1.1 (r518)
"{0E543634-7E25-4B8F-8D5B-97880E5E5088}" = Bonjour
"{104FB32A-7CE3-4C4B-B2AA-70C613FF9DFA}" = iTunes
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{2CDD9D22-AD67-4588-93AD-147C979F6E7C}" = AVG 2012
"{33EB1061-ABF1-4470-A540-32E97A610536}" = Apple Mobile Device Support
"{3C5E60F1-0821-4B07-97EA-84EB5A927CF6}" = MobileMe Control Panel
"{74E52BA7-4698-4BE1-858C-8ED27E836570}" = AVG 2012
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{E60B7350-EA5F-41E0-9D6F-E508781E36D2}" = Dell Dock
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"AVG" = AVG 2012
"Dell Support Center" = Dell Support Center
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"SynTPDeinstKey" = Dell Touchpad
"UDK-a3a56d8c-efd6-4642-8b7f-69c9089a0be6" = CastleDungeonA1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{10798AE3-DCBB-43C3-9C93-C23512427E25}" = The Sims Deluxe Edition
"{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}" = Dell DataSafe Online
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 29
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2DA5F129-11AC-4F11-8188-B2F07EAAC20A}" = Cozi
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{42D68A86-DB1C-4256-B8C9-5D0D92919AF5}" = Banctec Service Agreement
"{449CE12D-E2C7-4B97-B19E-55D163EA9435}" = Bing Bar
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{604CD5A1-4520-4844-B064-A3D884B77E91}" = SpeedyPC Pro
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{6632ABC5-9AEE-4243-9086-FB358DB58147}" = Cisco NAC Agent
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD DX
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A3F9D74-BB80-4451-8CA1-4B3A857F1359}" = Apple Application Support
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{735619D4-B42A-437A-958C-199BFCAEDB38}" = Safari
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A33E7B0C-B99C-4EC9-B702-8A328B161AF9}" = Roxio Burn
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.1
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}" = Roxio Burn
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}" = The Sims™ 3 Generations
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{EBE939ED-4612-45FD-A39E-77AC199C4273}" = Absolute Notifier
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"8461-7759-5462-8226" = Vuze
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Anti-phishing Domain Advisor" = Anti-phishing Domain Advisor
"BandiMPEG1" = Bandisoft MPEG-1 Decoder
"conduitEngine" = Conduit Engine
"Dell Webcam Central" = Dell Webcam Central
"GoToAssist" = GoToAssist 8.0.0.514
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"I Want This" = I Want This
"Origin" = Origin
"Vuze_Remote Toolbar" = Vuze Remote Toolbar
"WildTangent dell Master Uninstall" = WildTangent Games
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.01 (32-bit)

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 5/11/2011 11:40:30 AM | Computer Name = KIMBERLYTVAN-PC | Source = MsiInstaller | ID = 1013
Description =

Error - 5/11/2011 11:40:31 AM | Computer Name = KIMBERLYTVAN-PC | Source = MsiInstaller | ID = 1013
Description =

Error - 5/12/2011 1:45:22 AM | Computer Name = KIMBERLYTVAN-PC | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 8.0.7600.16766,
time stamp: 0x4d65d5c3 Faulting module name: ntdll.dll, version: 6.1.7600.16695,
time stamp: 0x4cc7ab86 Exception code: 0xc0000374 Fault offset: 0x000cea27 Faulting
process id: 0x15f8 Faulting application start time: 0x01cc10667e6448e3 Faulting application
path: C:\Program Files (x86)\Internet Explorer\iexplore.exe Faulting module path:
C:\Windows\SysWOW64\ntdll.dll Report Id: 068032f9-7c5b-11e0-bd81-fc26089f1376

Error - 5/13/2011 1:42:53 AM | Computer Name = KIMBERLYTVAN-PC | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 8.0.7600.16766,
time stamp: 0x4d65d5c3 Faulting module name: ntdll.dll, version: 6.1.7600.16695,
time stamp: 0x4cc7ab86 Exception code: 0xc0000374 Fault offset: 0x000cea27 Faulting
process id: 0x1410 Faulting application start time: 0x01cc112f9a816549 Faulting application
path: C:\Program Files (x86)\Internet Explorer\iexplore.exe Faulting module path:
C:\Windows\SysWOW64\ntdll.dll Report Id: d828ec0a-7d23-11e0-b3ff-98f3501be87d

Error - 5/13/2011 11:56:23 AM | Computer Name = KIMBERLYTVAN-PC | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 8.0.7600.16766,
time stamp: 0x4d65d5c3 Faulting module name: ntdll.dll, version: 6.1.7600.16695,
time stamp: 0x4cc7ab86 Exception code: 0xc0000374 Fault offset: 0x000cea27 Faulting
process id: 0x168c Faulting application start time: 0x01cc118291c27d14 Faulting application
path: C:\Program Files (x86)\Internet Explorer\iexplore.exe Faulting module path:
C:\Windows\SysWOW64\ntdll.dll Report Id: 8cce3d7f-7d79-11e0-a5d8-fe78005f2877

Error - 5/14/2011 2:03:50 AM | Computer Name = KIMBERLYTVAN-PC | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 8.0.7600.16766,
time stamp: 0x4d65d5c3 Faulting module name: ntdll.dll, version: 6.1.7600.16695,
time stamp: 0x4cc7ab86 Exception code: 0xc0000374 Fault offset: 0x000cea27 Faulting
process id: 0xf2c Faulting application start time: 0x01cc11fc3f9995e8 Faulting application
path: C:\Program Files (x86)\Internet Explorer\iexplore.exe Faulting module path:
C:\Windows\SysWOW64\ntdll.dll Report Id: efbe0147-7def-11e0-b85c-eecc10e3db08

Error - 5/14/2011 1:17:04 PM | Computer Name = KIMBERLYTVAN-PC | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "c:\Program Files (x86)\Cozi
Express\CoziExpress.exe".Error in manifest or policy file "" on line . A component
version required by the application conflicts with another component version already
active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error - 5/14/2011 1:18:58 PM | Computer Name = KIMBERLYTVAN-PC | Source = SideBySide | ID = 16842787
Description = Activation context generation failed for "c:\program files (x86)\windows
live\photo gallery\MovieMaker.Exe".Error in manifest or policy file "c:\program
files (x86)\windows live\photo gallery\WLMFDS.DLL" on line 8. Component identity
found in manifest does not match the identity of the component requested. Reference
is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1". Definition
is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Please use
sxstrace.exe for detailed diagnosis.

Error - 5/14/2011 1:19:32 PM | Computer Name = KIMBERLYTVAN-PC | Source = SideBySide | ID = 16842811
Description = Activation context generation failed for "c:\program files (x86)\microsoft\search
enhancement pack\search helper\sepsearchhelperie.dll".Error in manifest or policy
file "c:\program files (x86)\microsoft\search enhancement pack\search helper\sepsearchhelperie.dll"
on line 2. Invalid Xml syntax.

Error - 5/14/2011 2:11:14 PM | Computer Name = KIMBERLYTVAN-PC | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 8.0.7600.16766,
time stamp: 0x4d65d5c3 Faulting module name: ntdll.dll, version: 6.1.7600.16695,
time stamp: 0x4cc7ab86 Exception code: 0xc0000374 Fault offset: 0x000cea27 Faulting
process id: 0xec8 Faulting application start time: 0x01cc1262305f26a7 Faulting application
path: C:\Program Files (x86)\internet explorer\iexplore.exe Faulting module path:
C:\Windows\SysWOW64\ntdll.dll Report Id: 8d8a0f8a-7e55-11e0-adb6-c9a4e9d5140b

[ Media Center Events ]
Error - 6/4/2011 7:33:33 AM | Computer Name = KIMBERLYTVAN-PC | Source = MCUpdate | ID = 0
Description = 6:33:26 AM - Failed to retrieve SportsV2 (Error: The underlying connection
was closed: Could not establish trust relationship for the SSL/TLS secure channel.)

Error - 6/9/2011 1:13:40 PM | Computer Name = KIMBERLYTVAN-PC | Source = MCUpdate | ID = 0
Description = 12:13:24 PM - Error connecting to the internet. 12:13:24 PM - Unable
to contact server..

Error - 6/9/2011 2:15:29 PM | Computer Name = KIMBERLYTVAN-PC | Source = MCUpdate | ID = 0
Description = 1:15:19 PM - Error connecting to the internet. 1:15:19 PM - Unable
to contact server..

Error - 6/9/2011 3:18:20 PM | Computer Name = KIMBERLYTVAN-PC | Source = MCUpdate | ID = 0
Description = 2:18:09 PM - Error connecting to the internet. 2:18:09 PM - Unable
to contact server..

Error - 6/23/2011 9:44:48 AM | Computer Name = KIMBERLYTVAN-PC | Source = MCUpdate | ID = 0
Description = 8:44:47 AM - Error connecting to the internet. 8:44:47 AM - Unable
to contact server..

Error - 6/23/2011 9:45:25 AM | Computer Name = KIMBERLYTVAN-PC | Source = MCUpdate | ID = 0
Description = 8:45:17 AM - Error connecting to the internet. 8:45:17 AM - Unable
to contact server..

Error - 6/24/2011 2:04:10 PM | Computer Name = KIMBERLYTVAN-PC | Source = MCUpdate | ID = 0
Description = 1:04:09 PM - Error connecting to the internet. 1:04:10 PM - Unable
to contact server..

Error - 7/18/2011 1:26:49 AM | Computer Name = KIMBERLYTVAN-PC | Source = MCUpdate | ID = 0
Description = 12:26:49 AM - Error connecting to the internet. 12:26:49 AM - Unable
to contact server..

Error - 7/18/2011 1:28:29 AM | Computer Name = KIMBERLYTVAN-PC | Source = MCUpdate | ID = 0
Description = 12:28:13 AM - Error connecting to the internet. 12:28:13 AM - Unable
to contact server..

Error - 7/23/2011 8:02:13 PM | Computer Name = KIMBERLYTVAN-PC | Source = MCUpdate | ID = 0
Description = 7:01:59 PM - Error connecting to the internet. 7:01:59 PM - Unable
to contact server..

[ OSession Events ]
Error - 12/3/2010 4:51:39 PM | Computer Name = KIMBERLYTVAN-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 7
seconds with 0 seconds of active time. This session ended with a crash.

Error - 1/7/2011 2:20:55 AM | Computer Name = KIMBERLYTVAN-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 9
seconds with 0 seconds of active time. This session ended with a crash.

Error - 1/7/2011 2:27:54 AM | Computer Name = KIMBERLYTVAN-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 7
seconds with 0 seconds of active time. This session ended with a crash.

Error - 1/7/2011 2:28:04 AM | Computer Name = KIMBERLYTVAN-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 7
seconds with 0 seconds of active time. This session ended with a crash.

Error - 2/14/2011 5:00:08 PM | Computer Name = KIMBERLYTVAN-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 17
seconds with 0 seconds of active time. This session ended with a crash.

Error - 2/28/2011 10:56:33 PM | Computer Name = KIMBERLYTVAN-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 8
seconds with 0 seconds of active time. This session ended with a crash.

Error - 6/2/2011 2:40:51 PM | Computer Name = KIMBERLYTVAN-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6550.5004, Microsoft Office Version: 12.0.6425.1000. This session lasted 15
seconds with 0 seconds of active time. This session ended with a crash.

Error - 8/11/2011 7:37:29 PM | Computer Name = KIMBERLYTVAN-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6557.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 39
seconds with 0 seconds of active time. This session ended with a crash.

Error - 8/13/2011 5:52:30 PM | Computer Name = KIMBERLYTVAN-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 30
seconds with 0 seconds of active time. This session ended with a crash.

Error - 10/7/2011 12:16:12 PM | Computer Name = KIMBERLYTVAN-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 11
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 5/9/2012 5:29:35 PM | Computer Name = KIMBERLYTVAN-PC | Source = Service Control Manager | ID = 7000
Description = The McAfee SiteAdvisor Service service failed to start due to the
following error: %%2

Error - 5/9/2012 5:29:35 PM | Computer Name = KIMBERLYTVAN-PC | Source = Service Control Manager | ID = 7000
Description = The McAfee SiteAdvisor Service service failed to start due to the
following error: %%2

Error - 5/9/2012 5:29:35 PM | Computer Name = KIMBERLYTVAN-PC | Source = Service Control Manager | ID = 7000
Description = The McAfee SiteAdvisor Service service failed to start due to the
following error: %%2

Error - 5/9/2012 5:29:35 PM | Computer Name = KIMBERLYTVAN-PC | Source = Service Control Manager | ID = 7000
Description = The McAfee SiteAdvisor Service service failed to start due to the
following error: %%2

Error - 5/9/2012 5:29:35 PM | Computer Name = KIMBERLYTVAN-PC | Source = Service Control Manager | ID = 7000
Description = The McAfee SiteAdvisor Service service failed to start due to the
following error: %%2

Error - 5/9/2012 5:29:35 PM | Computer Name = KIMBERLYTVAN-PC | Source = Service Control Manager | ID = 7000
Description = The McAfee SiteAdvisor Service service failed to start due to the
following error: %%2

Error - 5/9/2012 5:29:35 PM | Computer Name = KIMBERLYTVAN-PC | Source = Service Control Manager | ID = 7000
Description = The McAfee SiteAdvisor Service service failed to start due to the
following error: %%2

Error - 5/9/2012 5:29:35 PM | Computer Name = KIMBERLYTVAN-PC | Source = Service Control Manager | ID = 7000
Description = The McAfee SiteAdvisor Service service failed to start due to the
following error: %%2

Error - 5/9/2012 5:29:36 PM | Computer Name = KIMBERLYTVAN-PC | Source = Service Control Manager | ID = 7000
Description = The McAfee SiteAdvisor Service service failed to start due to the
following error: %%2

Error - 5/9/2012 5:29:36 PM | Computer Name = KIMBERLYTVAN-PC | Source = Service Control Manager | ID = 7000
Description = The McAfee SiteAdvisor Service service failed to start due to the
following error: %%2

< End of report >

Re: Critical error Drive sector not found9th May 2012, 10:59 pm

aswMBR.txt:

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-05-09 17:46:40
-----------------------------
17:46:40.713 OS Version: Windows x64 6.1.7601 Service Pack 1
17:46:40.713 Number of processors: 2 586 0x170A
17:46:40.713 ComputerName: KIMBERLYTVAN-PC UserName: KIMBERLYTVAN
17:46:44.831 Initialize success
17:49:24.156 AVAST engine defs: 12050901
17:50:18.756 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
17:50:18.756 Disk 0 Vendor: SAMSUNG_HM500JI 2AC101C4 Size: 476940MB BusType: 11
17:50:18.803 Disk 0 MBR read successfully
17:50:18.803 Disk 0 MBR scan
17:50:18.834 Disk 0 Windows VISTA default MBR code
17:50:18.834 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
17:50:18.850 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 15000 MB offset 80325
17:50:18.865 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 461899 MB offset 30800325
17:50:18.896 Disk 0 scanning C:\Windows\system32\drivers
17:50:32.578 Service scanning
17:51:01.672 Modules scanning
17:51:01.672 Disk 0 trace - called modules:
17:51:01.718 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
17:51:01.734 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004cbf060]
17:51:01.734 3 CLASSPNP.SYS[fffff8800197443f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80046fb060]
17:51:04.417 AVAST engine scan C:\Windows
17:51:07.865 AVAST engine scan C:\Windows\system32
17:54:23.353 AVAST engine scan C:\Windows\system32\drivers
17:54:38.088 AVAST engine scan C:\Users\KIMBERLYTVAN
17:57:30.181 Disk 0 MBR has been saved successfully to "C:\Users\KIMBERLYTVAN\Desktop\MBR.dat"
17:57:30.191 The log file has been saved successfully to "C:\Users\KIMBERLYTVAN\Desktop\aswMBR.txt"

Re: Critical error Drive sector not found9th May 2012, 11:02 pm

Security Check:

Results of screen317's Security Check version 0.99.32
Windows 7 x64 (UAC is enabled)
Internet Explorer 9
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Enabled!
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:
Java(TM) 6 Update 29
Java version out of date!
Adobe Reader 9 Adobe Reader out of date!
````````````````````````````````
Process Check:
objlist.exe by Laurent
AVG avgwdsvc.exe
AVG avgtray.exe
``````````End of Log````````````

Re: Critical error Drive sector not found9th May 2012, 11:14 pm

Oh and I don't know if it'll help but any info I can give you I figure will help:

So none of my documents or programs are showing up on my screen where they would normally since last night. I had a quick bar at the top that was appearing until I came back from work this afternoon to check on Dr.CureIt or whatever's progress which quarantined this fella: JS/Frame!exploit

Also, saving things on the desktop means I have to click on computer and search for "desktop" everytime. All my documents appear to still be there too but hidden. So when I search for one and click on it, it will appear normally-I opened up a word document so I'm not sure if it'll work for pictures, etc-but I'm unable to see it as I normally would. I also have to use search to open up Internet Explorer every time but it works like normal as far as I can tell except my favorites are cleared.

Re: Critical error Drive sector not found11th May 2012, 11:23 pm

48 hour bump ): help please

Re: Critical error Drive sector not found12th May 2012, 6:28 pm

Hello and welcome to GeekPolice.Net My name is Dave. I will be helping you out with your particular problem on your computer.

1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.
2. The fixes are specific to your problem and should only be used for this issue on this machine.
3. If you don't know or understand something, please don't hesitate to ask.
4. Please DO NOT run any other tools or scans while I am helping you.
5. It is important that you reply to this thread. Do not start a new topic.
6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
7. Absence of symptoms does not mean that everything is clear.

If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line.
*****************************************************************

Please download Unhide by Grinler from here and save it to your desktop.
Double click unhide.exe to run the tool.
It will take some time to go through all your files, so please be patient.
If this tool doesn´t fix the problem, please let me know.

*************************************************
If MBAM won't run in Normal mode please try running it in Safe Mode.

Critical error Drive sector not found Mbamicontw5

Please download Malwarebytes Anti-Malware from here.
Double Click mbam-setup.exe to install the application.

Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select "Perform Full Scan", then click Scan.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
Please save the log to a location you will remember.
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Copy and paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

Re: Critical error Drive sector not found13th May 2012, 2:30 pm

yay the unhide worked! they are visible on my desktop and in the start menu now. thank you so much! do you want me to paste the report from that here?

however during the unhide my antivirus (free AVG) found two trojans and i just put them in the vault. They are trojan horse generic28.acxy and idp.trojan.e34e916.

running MBAM right now without any problems so far. i'll let you know how that goes.

Re: Critical error Drive sector not found14th May 2012, 12:19 am

here's the log:

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.05.13.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
KIMBERLYTVAN :: KIMBERLYTVAN-PC [administrator]

5/13/2012 9:24:39 AM
mbam-log-2012-05-13 (19-06-49).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 423656
Time elapsed: 1 hour(s), 26 minute(s), 15 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 1
C:\Program Files (x86)\I Want This\I Want This.dll (Adware.GamePlayLabs) -> No action taken.

Registry Keys Detected: 33
HKCR\CLSID\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLabs) -> No action taken.
HKCR\TypeLib\{44444444-4444-4444-4444-440044224458} (Adware.GamePlayLabs) -> No action taken.
HKCR\Interface\{55555555-5555-5555-5555-550055225558} (Adware.GamePlayLabs) -> No action taken.
HKCR\CrossriderApp0002258.BHO.1 (Adware.GamePlayLabs) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLabs) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLabs) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLabs) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLabs) -> No action taken.
HKCR\CLSID\{22222222-2222-2222-2222-220022222258} (Adware.GamePlayLab) -> No action taken.
HKCR\CrossriderApp0002258.Sandbox.1 (Adware.GamePlayLab) -> No action taken.
HKCR\CrossriderApp0002258.Sandbox (Adware.GamePlayLab) -> No action taken.
HKCR\CLSID\{33333333-3333-3333-3333-330033223358} (Adware.GamePlayLab) -> No action taken.
HKCR\CrossriderApp0002258.FBApi.1 (Adware.GamePlayLab) -> No action taken.
HKCR\CrossriderApp0002258.FBApi (Adware.GamePlayLab) -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{65bcd620-07dd-012f-819f-073cf1b8f7c6} (Adware.GamePlayLab) -> No action taken.
HKCR\CrossriderApp0002258.BHO (Adware.GamePlayLab) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\I Want This (Adware.GamePlayLabs) -> No action taken.
HKCR\CrossriderApp0002258.BHO (PUP.CrossFire.Gen) -> No action taken.
HKCR\CrossriderApp0002258.BHO.1 (PUP.CrossFire.Gen) -> No action taken.
HKCR\CrossriderApp0002258.FBApi (PUP.CrossFire.Gen) -> No action taken.
HKCR\CrossriderApp0002258.FBApi.1 (PUP.CrossFire.Gen) -> No action taken.
HKCR\CrossriderApp0002258.Sandbox (PUP.CrossFire.Gen) -> No action taken.
HKCR\CrossriderApp0002258.Sandbox.1 (PUP.CrossFire.Gen) -> No action taken.
HKCU\Software\Cr_Installer\2258 (Adware.GamePlayLab) -> No action taken.
HKLM\SOFTWARE\Google\Chrome\Extensions\mpfapcdfbbledbojijcbcclmlieaoogk (PUP.GamesPlayLab) -> No action taken.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\mpfapcdfbbledbojijcbcclmlieaoogk (PUP.GamesPlayLab) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110011221158} (PUP.GamePlayLab) -> No action taken.
HKCR\CLSID\{11111111-1111-1111-1111-110011221158} (PUP.GamePlayLab) -> No action taken.
HKCR\TypeLib\{44444444-4444-4444-4444-440044224458} (PUP.GamePlayLab) -> No action taken.
HKCR\Interface\{55555555-5555-5555-5555-550055225558} (PUP.GamePlayLab) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110011221158} (PUP.GamePlayLab) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110011221158} (PUP.GamePlayLab) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011221158} (PUP.GamePlayLab) -> No action taken.

Registry Values Detected: 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\I Want This|Publisher (Adware.GamePlayLab) -> Data: 215 Apps -> No action taken.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 5
C:\Program Files (x86)\I Want This (Adware.GamePlayLab) -> No action taken.
C:\Users\KIMBERLYTVAN\Local Settings\Application Data\I Want This (Adware.GamePlayLab) -> No action taken.
C:\Users\KIMBERLYTVAN\Local Settings\Application Data\I Want This\Chrome (Adware.GamePlayLab) -> No action taken.
C:\Users\KIMBERLYTVAN\AppData\Local\I Want This (Adware.GamePlayLab) -> No action taken.
C:\Users\KIMBERLYTVAN\AppData\Local\I Want This\Chrome (Adware.GamePlayLab) -> No action taken.

Files Detected: 13
C:\Program Files (x86)\I Want This\I Want This.dll (Adware.GamePlayLabs) -> No action taken.
C:\Program Files (x86)\I Want This\I Want This.exe (Adware.GamePlayLabs) -> No action taken.
C:\Program Files (x86)\I Want This\I Want ThisGui.exe (Adware.GamePlayLabs) -> No action taken.
C:\Program Files (x86)\I Want This\Uninstall.exe (Adware.GamePlayLabs) -> No action taken.
C:\Users\KIMBERLYTVAN\AppData\Local\Temp\50or.exe (PUP.Adware.Agent) -> No action taken.
C:\Users\KIMBERLYTVAN\AppData\Local\Temp\uGPPyE5DFzGhJg.exe.tmp (Rogue.FakeAV) -> No action taken.
C:\Users\KIMBERLYTVAN\AppData\Roaming\ahst.lni (Malware.Trace) -> No action taken.
C:\Program Files (x86)\I Want This\I Want This.ini (Adware.GamePlayLab) -> No action taken.
C:\Program Files (x86)\I Want This\I Want This.ico (Adware.GamePlayLab) -> No action taken.
C:\Program Files (x86)\I Want This\I Want ThisInstaller.log (Adware.GamePlayLab) -> No action taken.
C:\Users\KIMBERLYTVAN\Local Settings\Application Data\I Want This\Chrome\I Want This.crx (Adware.GamePlayLab) -> No action taken.
C:\Users\KIMBERLYTVAN\AppData\Local\I Want This\Chrome\I Want This.crx (Adware.GamePlayLab) -> No action taken.
C:\Program Files (x86)\I Want This\I Want This.dll (PUP.GamePlayLab) -> No action taken.

(end)

Re: Critical error Drive sector not found14th May 2012, 12:21 am

whoops, that was the one right after the scan! here is the one after removal:

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.05.13.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
KIMBERLYTVAN :: KIMBERLYTVAN-PC [administrator]

5/13/2012 9:24:39 AM
mbam-log-2012-05-13 (09-24-39).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 423656
Time elapsed: 1 hour(s), 26 minute(s), 15 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 1
C:\Program Files (x86)\I Want This\I Want This.dll (Adware.GamePlayLabs) -> Delete on reboot.

Registry Keys Detected: 33
HKCR\CLSID\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLabs) -> Quarantined and deleted successfully.
HKCR\TypeLib\{44444444-4444-4444-4444-440044224458} (Adware.GamePlayLabs) -> Quarantined and deleted successfully.
HKCR\Interface\{55555555-5555-5555-5555-550055225558} (Adware.GamePlayLabs) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0002258.BHO.1 (Adware.GamePlayLabs) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLabs) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLabs) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLabs) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLabs) -> Quarantined and deleted successfully.
HKCR\CLSID\{22222222-2222-2222-2222-220022222258} (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0002258.Sandbox.1 (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0002258.Sandbox (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKCR\CLSID\{33333333-3333-3333-3333-330033223358} (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0002258.FBApi.1 (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0002258.FBApi (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{65bcd620-07dd-012f-819f-073cf1b8f7c6} (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0002258.BHO (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\I Want This (Adware.GamePlayLabs) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0002258.BHO (PUP.CrossFire.Gen) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0002258.BHO.1 (PUP.CrossFire.Gen) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0002258.FBApi (PUP.CrossFire.Gen) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0002258.FBApi.1 (PUP.CrossFire.Gen) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0002258.Sandbox (PUP.CrossFire.Gen) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0002258.Sandbox.1 (PUP.CrossFire.Gen) -> Quarantined and deleted successfully.
HKCU\Software\Cr_Installer\2258 (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\mpfapcdfbbledbojijcbcclmlieaoogk (PUP.GamesPlayLab) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\mpfapcdfbbledbojijcbcclmlieaoogk (PUP.GamesPlayLab) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110011221158} (PUP.GamePlayLab) -> Quarantined and deleted successfully.
HKCR\CLSID\{11111111-1111-1111-1111-110011221158} (PUP.GamePlayLab) -> Quarantined and deleted successfully.
HKCR\TypeLib\{44444444-4444-4444-4444-440044224458} (PUP.GamePlayLab) -> Quarantined and deleted successfully.
HKCR\Interface\{55555555-5555-5555-5555-550055225558} (PUP.GamePlayLab) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110011221158} (PUP.GamePlayLab) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110011221158} (PUP.GamePlayLab) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011221158} (PUP.GamePlayLab) -> Quarantined and deleted successfully.

Registry Values Detected: 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\I Want This|Publisher (Adware.GamePlayLab) -> Data: 215 Apps -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 5
C:\Program Files (x86)\I Want This (Adware.GamePlayLab) -> Delete on reboot.
C:\Users\KIMBERLYTVAN\Local Settings\Application Data\I Want This (Adware.GamePlayLab) -> Quarantined and deleted successfully.
C:\Users\KIMBERLYTVAN\Local Settings\Application Data\I Want This\Chrome (Adware.GamePlayLab) -> Quarantined and deleted successfully.
C:\Users\KIMBERLYTVAN\AppData\Local\I Want This (Adware.GamePlayLab) -> Quarantined and deleted successfully.
C:\Users\KIMBERLYTVAN\AppData\Local\I Want This\Chrome (Adware.GamePlayLab) -> Quarantined and deleted successfully.

Files Detected: 13
C:\Program Files (x86)\I Want This\I Want This.dll (Adware.GamePlayLabs) -> Delete on reboot.
C:\Program Files (x86)\I Want This\I Want This.exe (Adware.GamePlayLabs) -> Quarantined and deleted successfully.
C:\Program Files (x86)\I Want This\I Want ThisGui.exe (Adware.GamePlayLabs) -> Quarantined and deleted successfully.
C:\Program Files (x86)\I Want This\Uninstall.exe (Adware.GamePlayLabs) -> Quarantined and deleted successfully.
C:\Users\KIMBERLYTVAN\AppData\Local\Temp\50or.exe (PUP.Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\KIMBERLYTVAN\AppData\Local\Temp\uGPPyE5DFzGhJg.exe.tmp (Rogue.FakeAV) -> Quarantined and deleted successfully.
C:\Users\KIMBERLYTVAN\AppData\Roaming\ahst.lni (Malware.Trace) -> Quarantined and deleted successfully.
C:\Program Files (x86)\I Want This\I Want This.ini (Adware.GamePlayLab) -> Quarantined and deleted successfully.
C:\Program Files (x86)\I Want This\I Want This.ico (Adware.GamePlayLab) -> Quarantined and deleted successfully.
C:\Program Files (x86)\I Want This\I Want ThisInstaller.log (Adware.GamePlayLab) -> Quarantined and deleted successfully.
C:\Users\KIMBERLYTVAN\Local Settings\Application Data\I Want This\Chrome\I Want This.crx (Adware.GamePlayLab) -> Quarantined and deleted successfully.
C:\Users\KIMBERLYTVAN\AppData\Local\I Want This\Chrome\I Want This.crx (Adware.GamePlayLab) -> Quarantined and deleted successfully.
C:\Program Files (x86)\I Want This\I Want This.dll (PUP.GamePlayLab) -> Delete on reboot.

(end)

Re: Critical error Drive sector not found14th May 2012, 10:24 pm

Good job. Let's see what's left over.

SUPERAntiSpyware

If you already have SUPERAntiSpyware be sure to check for updates before scanning!

Download SuperAntispyware Free Edition (SAS)
* Double-click the icon on your desktop to run the installer.
* When asked to Update the program definitions, click Yes
* If you encounter any problems while downloading the updates, manually download and unzip them from here
* Next click the Preferences button.

•Under Start-Up Options uncheck Start SUPERAntiSpyware when Windows starts
* Click the Scanning Control tab.
* Under Scanner Options make sure only the following are checked:

•Close browsers before scanning
•Scan for tracking cookies
•Terminate memory threats before quarantining
•Please leave the others unchecked

•Click the Close button to leave the control center screen.

* On the main screen click Scan your computer
* On the left check the box for the drive you are scanning.
* On the right choose Perform Complete Scan
* Click Next to start the scan. Please be patient while it scans your computer.
* After the scan is complete a summary box will appear. Click OK
* Make sure everything in the white box has a check next to it, then click Next
* It will quarantine what it found and if it asks if you want to reboot, click Yes

•To retrieve the removal information please do the following:
•After reboot, double-click the SUPERAntiSpyware icon on your desktop.
•Click Preferences. Click the Statistics/Logs tab.

•Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.

•It will open in your default text editor (preferably Notepad).
•Save the notepad file to your desktop by clicking (in notepad) File > Save As...

* Save the log somewhere you can easily find it. (normally the desktop)
* Click close and close again to exit the program.
*Copy and Paste the log in your post.
**********************************************
Download Combofix from any of the links below, and save it to your DESKTOP.

Link 1
Link 2
Link 3

To prevent your anti-virus application interfering with ComboFix we need to disable it. See here for a tutorial regarding how to do so if you are unsure.

Close any open windows and double click ComboFix.exe to run it.

You will see the following image:

Critical error Drive sector not found NSIS_disclaimer_ENG

Click I Agree to start the program.

ComboFix will then extract the necessary files and you will see this:

Critical error Drive sector not found NSIS_extraction

Critical error Drive sector not found NSIS_extraction

As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. This will not occur in Windows Vista and 7

It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

If you did not have it installed, you will see the prompt below. Choose YES.

Critical error Drive sector not found RcAuto1

Critical error Drive sector not found RcAuto1

Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Critical error Drive sector not found Whatnext

Critical error Drive sector not found Whatnext

Click on Yes, to continue scanning for malware.

When finished, it will produce a report for you. Please post the contents of the log (C:\ComboFix.txt).

Leave your computer alone while ComboFix is running. ComboFix will restart your computer if malware is found; allow it to do so.

Note: Please Do NOT mouseclick combofix's window while its running because it may cause it to stall.

Re: Critical error Drive sector not found14th May 2012, 11:47 pm

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 05/14/2012 at 06:38 PM

Application Version : 5.0.1148

Core Rules Database Version : 8594
Trace Rules Database Version: 6406

Scan type : Quick Scan
Total Scan Time : 00:14:38

Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User

Memory items scanned : 593
Memory threats detected : 0
Registry items scanned : 54223
Registry threats detected : 0
File items scanned : 17332
File threats detected : 160

Adware.Tracking Cookie
C:\Users\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\kimberlytvan@atdmt[2].txt [ /atdmt ]
C:\Users\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\kimberlytvan@atdmt[3].txt [ /atdmt ]
C:\Users\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\GSYEU8ZQ.txt [ /microsoftwllivemkt.112.2o7.net ]
C:\Users\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\H4IIBHW1.txt [ /eaeacom.112.2o7.net ]
C:\Users\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\G0J8QGNF.txt [ /ads.pointroll.com ]
C:\Users\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\ZMIOLSSP.txt [ /ad.yieldmanager.com ]
C:\Users\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\PPKF12B7.txt [ /avgtechnologies.112.2o7.net ]
C:\Users\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\9YDXP06D.txt [ /ru4.com ]
C:\Users\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\WPHWQ25Q.txt [ /pointroll.com ]
C:\Users\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\77X84J01.txt [ /atdmt.com ]
C:\Users\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\CGAD11SN.txt [ /adxpose.com ]
C:\Users\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\G6XSOX3R.txt [ /media6degrees.com ]
C:\Users\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\7YWUMAHT.txt [ /mediaplex.com ]
C:\Users\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\1W8M1C5N.txt [ /msnportal.112.2o7.net ]
C:\Users\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\4JW5BYDS.txt [ /invitemedia.com ]
C:\Users\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\H2SR2P6G.txt [ /doubleclick.net ]
C:\Users\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\C46SH039.txt [ /apmebf.com ]
C:\Users\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\OJQESTTK.txt [ /zedo.com ]
C:\Users\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\IQI9371F.txt [ /lucidmedia.com ]
C:\Users\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\T19BHUJI.txt [ /imrworldwide.com ]
C:\Users\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\KBCEV27A.txt [ /c.atdmt.com ]
C:\USERS\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\3XHHVNGZ.txt [ Cookie:kimberlytvan@tribalfusion.com/ ]
C:\USERS\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\XD93OLWZ.txt [ Cookie:kimberlytvan@adinterax.com/ ]
C:\USERS\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\NI7MKZJJ.txt [ Cookie:kimberlytvan@questionmarket.com/ ]
C:\USERS\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\L6LMH6WR.txt [ Cookie:kimberlytvan@ads.pointroll.com/ ]
C:\USERS\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\OXD9TPAE.txt [ Cookie:kimberlytvan@d.mediaforge.com/ ]
C:\USERS\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\SWWZITQM.txt [ Cookie:kimberlytvan@amazon-adsystem.com/ ]
C:\USERS\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\JPLMY9XW.txt [ Cookie:kimberlytvan@ad.yieldmanager.com/ ]
C:\USERS\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZQVI522F.txt [ Cookie:kimberlytvan@azjmp.com/ ]
C:\USERS\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\3KJW25LT.txt [ Cookie:kimberlytvan@microsoftsto.112.2o7.net/ ]
.doubleclick.net [ C:\USERS\KIMBERLYTVAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adserver.adtechus.com [ C:\USERS\KIMBERLYTVAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\USERS\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\IM4EG3JQ.txt [ Cookie:kimberlytvan@hc2.humanclick.com/ ]
.invitemedia.com [ C:\USERS\KIMBERLYTVAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\KIMBERLYTVAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\KIMBERLYTVAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\KIMBERLYTVAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\KIMBERLYTVAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\KIMBERLYTVAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\KIMBERLYTVAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\KIMBERLYTVAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\USERS\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\57WLEE0L.txt [ Cookie:kimberlytvan@casalemedia.com/ ]
.media6degrees.com [ C:\USERS\KIMBERLYTVAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\KIMBERLYTVAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\KIMBERLYTVAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\KIMBERLYTVAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\USERS\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\NHN3T240.txt [ Cookie:kimberlytvan@intermundomedia.com/ ]
ad.yieldmanager.com [ C:\USERS\KIMBERLYTVAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\USERS\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\FEPMHUWA.txt [ Cookie:kimberlytvan@pointroll.com/ ]
.pro-market.net [ C:\USERS\KIMBERLYTVAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.apmebf.com [ C:\USERS\KIMBERLYTVAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\USERS\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\E7GKRMWR.txt [ Cookie:kimberlytvan@www.easyroommate.com/content/account/ ]
.atdmt.com [ C:\USERS\KIMBERLYTVAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\KIMBERLYTVAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\USERS\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\94ZISRUF.txt [ Cookie:kimberlytvan@atdmt.com/ ]
.advertising.com [ C:\USERS\KIMBERLYTVAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.apmebf.com [ C:\USERS\KIMBERLYTVAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\KIMBERLYTVAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\KIMBERLYTVAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\USERS\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\GHDZARMH.txt [ Cookie:kimberlytvan@ad.zanox.com/ ]
.ru4.com [ C:\USERS\KIMBERLYTVAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\KIMBERLYTVAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\KIMBERLYTVAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\KIMBERLYTVAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\KIMBERLYTVAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\KIMBERLYTVAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\USERS\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\0HFUCYQL.txt [ Cookie:kimberlytvan@adtech.de/ ]
.casalemedia.com [ C:\USERS\KIMBERLYTVAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\KIMBERLYTVAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\USERS\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\Z6E1501C.txt [ Cookie:kimberlytvan@fastclick.net/ ]
ad.yieldmanager.com [ C:\USERS\KIMBERLYTVAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tribalfusion.com [ C:\USERS\KIMBERLYTVAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\KIMBERLYTVAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\USERS\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\05ZEYG4I.txt [ Cookie:kimberlytvan@mediaplex.com/ ]
.advertising.com [ C:\USERS\KIMBERLYTVAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\KIMBERLYTVAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lucidmedia.com [ C:\USERS\KIMBERLYTVAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\USERS\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\B6W28A1R.txt [ Cookie:kimberlytvan@yieldmanager.net/ ]
.revsci.net [ C:\USERS\KIMBERLYTVAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\USERS\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\J7WKCD7X.txt [ Cookie:kimberlytvan@doubleclick.net/ ]
C:\USERS\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\O9RWKPN9.txt [ Cookie:kimberlytvan@apmebf.com/ ]
C:\USERS\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\2AO1U37F.txt [ Cookie:kimberlytvan@zedo.com/ ]
C:\USERS\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\TRERMVK0.txt [ Cookie:kimberlytvan@lfstmedia.com/ ]
C:\USERS\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\33YDMAWX.txt [ Cookie:kimberlytvan@adbrite.com/ ]
C:\USERS\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\6BNP2TQQ.txt [ Cookie:kimberlytvan@pro-market.net/ ]
C:\USERS\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\Y0FG4Y0Q.txt [ Cookie:kimberlytvan@specificclick.net/ ]
C:\USERS\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\897TVGF4.txt [ Cookie:kimberlytvan@h.atdmt.com/ ]
C:\USERS\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\SJ1FLN25.txt [ Cookie:kimberlytvan@revsci.net/ ]
C:\USERS\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\0890316D.txt [ Cookie:kimberlytvan@adserving.thingstocook.com/ ]
C:\USERS\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\8OFN7ZLC.txt [ Cookie:kimberlytvan@interclick.com/ ]
C:\USERS\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\O114IRVR.txt [ Cookie:kimberlytvan@dc.tremormedia.com/ ]
C:\USERS\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\XAID5I85.txt [ Cookie:kimberlytvan@statse.webtrendslive.com/ ]
.zedo.com [ C:\USERS\KIMBERLYTVAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\KIMBERLYTVAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.fastclick.net [ C:\USERS\KIMBERLYTVAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\KIMBERLYTVAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\USERS\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\4CKZ0ABZ.txt [ Cookie:kimberlytvan@hhm.rotator.hadj7.adjuggler.net/ ]
.interclick.com [ C:\USERS\KIMBERLYTVAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
statse.webtrendslive.com [ C:\USERS\KIMBERLYTVAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\USERS\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\9SZBC3HM.txt [ Cookie:kimberlytvan@s.clickability.com/ ]
C:\USERS\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\JEAUWJ05.txt [ Cookie:kimberlytvan@startribune.112.2o7.net/ ]
.interclick.com [ C:\USERS\KIMBERLYTVAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\KIMBERLYTVAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\KIMBERLYTVAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\USERS\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\NFVARK55.txt [ Cookie:kimberlytvan@dominionenterprises.112.2o7.net/ ]
ad.yieldmanager.com [ C:\USERS\KIMBERLYTVAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\KIMBERLYTVAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\USERS\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\MTRER4SY.txt [ Cookie:kimberlytvan@at.atwola.com/ ]
C:\USERS\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\UHA8RB90.txt [ Cookie:kimberlytvan@imrworldwide.com/cgi-bin ]
C:\USERS\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\UZV7PBI4.txt [ Cookie:kimberlytvan@kontera.com/ ]
C:\USERS\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\85UKL96D.txt [ Cookie:kimberlytvan@www.burstnet.com/ ]
C:\USERS\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\YUFEKJ5L.txt [ Cookie:kimberlytvan@insightexpressai.com/ ]
C:\USERS\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\WWEPMPPT.txt [ Cookie:kimberlytvan@dmtracker.com/ ]
C:\USERS\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\JPQWRXJU.txt [ Cookie:kimberlytvan@serving-sys.com/ ]
C:\USERS\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\J4SBW478.txt [ Cookie:kimberlytvan@c.atdmt.com/ ]
C:\USERS\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\JCBIPK9F.txt [ Cookie:kimberlytvan@eaeacom.112.2o7.net/ ]
C:\USERS\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\TXXSX6K9.txt [ Cookie:kimberlytvan@realmedia.com/ ]
C:\USERS\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\Z5SI24WD.txt [ Cookie:kimberlytvan@adserving.rtbmarketplace.com/ ]
C:\USERS\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\V4QABLQ0.txt [ Cookie:kimberlytvan@ar.atwola.com/ ]
C:\USERS\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\I57LAM5S.txt [ Cookie:kimberlytvan@clicksor.com/ ]
C:\USERS\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\IHYZ4C9U.txt [ Cookie:kimberlytvan@roommateclick.com/ ]
C:\USERS\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\S0LX63NB.txt [ Cookie:kimberlytvan@avgtechnologies.112.2o7.net/ ]
C:\USERS\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\V2KMH3HK.txt [ Cookie:kimberlytvan@xm.xtendmedia.com/ ]
C:\USERS\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\1J6DLWLG.txt [ Cookie:kimberlytvan@us.sitestat.com/future/ ]
C:\USERS\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\1BE16EXS.txt [ Cookie:kimberlytvan@a1.interclick.com/ ]
C:\USERS\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\5R4HQMMO.txt [ Cookie:kimberlytvan@bs.serving-sys.com/ ]
C:\USERS\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\XZ7ZBMUT.txt [ Cookie:kimberlytvan@statcounter.com/ ]
C:\USERS\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\GTWYPY0K.txt [ Cookie:kimberlytvan@us.sitestat.com/future/gamesradar/ ]
C:\USERS\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\TUBOPB1L.txt [ Cookie:kimberlytvan@adfarm1.adition.com/ ]
C:\USERS\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\413GK2D0.txt [ Cookie:kimberlytvan@www.googleadservices.com/pagead/conversion/1007751334/ ]
C:\USERS\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\R7MPVB5K.txt [ Cookie:kimberlytvan@legolas-media.com/ ]
C:\USERS\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\7OEMYSF5.txt [ Cookie:kimberlytvan@www.roommateclick.com/ ]
C:\USERS\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\I98IU9CG.txt [ Cookie:kimberlytvan@burstbeacon.com/ ]
C:\USERS\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\K9N3G2WJ.txt [ Cookie:kimberlytvan@warnerbros.112.2o7.net/ ]
C:\USERS\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\375IRIQF.txt [ Cookie:kimberlytvan@atwola.com/ ]
C:\USERS\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\5QEWKPW9.txt [ Cookie:kimberlytvan@apartmentfinder.com/ ]
C:\USERS\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\PDJG81BM.txt [ Cookie:kimberlytvan@find.apartmentlist.com/ ]
C:\USERS\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\JNY7U162.txt [ Cookie:kimberlytvan@homestore.122.2o7.net/ ]
C:\USERS\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\LSMAV2CP.txt [ Cookie:kimberlytvan@ox-d.mediadakine.com/ ]
C:\USERS\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZG9WHNXN.txt [ Cookie:kimberlytvan@content.yieldmanager.com/ ]
C:\USERS\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\UY9DZG1H.txt [ Cookie:kimberlytvan@www.googleadservices.com/pagead/conversion/1007571395/ ]
C:\USERS\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\IYBOJCDG.txt [ Cookie:kimberlytvan@www.googleadservices.com/pagead/conversion/1010167715/ ]
C:\USERS\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\03FWX3QX.txt [ Cookie:kimberlytvan@classifiedventures1.112.2o7.net/ ]
C:\USERS\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\LF6GMLDM.txt [ Cookie:kimberlytvan@tacoda.at.atwola.com/ ]
C:\USERS\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\AQGTGBWC.txt [ Cookie:kimberlytvan@www.googleadservices.com/pagead/conversion/1061460028/ ]
C:\USERS\KIMBERLYTVAN\Cookies\GSYEU8ZQ.txt [ Cookie:kimberlytvan@microsoftwllivemkt.112.2o7.net/ ]
C:\USERS\KIMBERLYTVAN\Cookies\H4IIBHW1.txt [ Cookie:kimberlytvan@eaeacom.112.2o7.net/ ]
C:\USERS\KIMBERLYTVAN\Cookies\G0J8QGNF.txt [ Cookie:kimberlytvan@ads.pointroll.com/ ]
C:\USERS\KIMBERLYTVAN\Cookies\ZMIOLSSP.txt [ Cookie:kimberlytvan@ad.yieldmanager.com/ ]
C:\USERS\KIMBERLYTVAN\Cookies\PPKF12B7.txt [ Cookie:kimberlytvan@avgtechnologies.112.2o7.net/ ]
C:\USERS\KIMBERLYTVAN\Cookies\kimberlytvan@atdmt[3].txt [ Cookie:kimberlytvan@atdmt.com/ ]
C:\USERS\KIMBERLYTVAN\Cookies\WPHWQ25Q.txt [ Cookie:kimberlytvan@pointroll.com/ ]
C:\USERS\KIMBERLYTVAN\Cookies\77X84J01.txt [ Cookie:kimberlytvan@atdmt.com/ ]
C:\USERS\KIMBERLYTVAN\Cookies\7YWUMAHT.txt [ Cookie:kimberlytvan@mediaplex.com/ ]
C:\USERS\KIMBERLYTVAN\Cookies\1W8M1C5N.txt [ Cookie:kimberlytvan@msnportal.112.2o7.net/ ]
C:\USERS\KIMBERLYTVAN\Cookies\H2SR2P6G.txt [ Cookie:kimberlytvan@doubleclick.net/ ]
C:\USERS\KIMBERLYTVAN\Cookies\C46SH039.txt [ Cookie:kimberlytvan@apmebf.com/ ]
C:\USERS\KIMBERLYTVAN\Cookies\OJQESTTK.txt [ Cookie:kimberlytvan@zedo.com/ ]
C:\USERS\KIMBERLYTVAN\Cookies\T19BHUJI.txt [ Cookie:kimberlytvan@imrworldwide.com/cgi-bin ]
C:\USERS\KIMBERLYTVAN\Cookies\KBCEV27A.txt [ Cookie:kimberlytvan@c.atdmt.com/ ]

Re: Critical error Drive sector not found15th May 2012, 12:42 am

ComboFix 12-05-14.03 - KIMBERLYTVAN 05/14/2012 18:51:29.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4029.2585 [GMT -5:00]
Running from: c:\users\KIMBERLYTVAN\Desktop\Scary Stuff\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\121518b2t827b281r656r4vbi8m1
c:\programdata\xGU4MjfAjnsUkZ
c:\users\KIMBERLYTVAN\AppData\Roaming\Install.dat
c:\users\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cloud AV 2012
.
.
((((((((((((((((((((((((( Files Created from 2012-04-15 to 2012-05-15 )))))))))))))))))))))))))))))))
.
.
2012-05-15 00:03 . 2012-05-15 00:03 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-05-14 23:20 . 2012-05-14 23:20 -------- d-----w- c:\users\KIMBERLYTVAN\AppData\Roaming\SUPERAntiSpyware.com
2012-05-14 23:19 . 2012-05-14 23:20 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-05-14 23:19 . 2012-05-14 23:19 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2012-05-13 14:23 . 2012-05-13 14:23 -------- d-----w- c:\users\KIMBERLYTVAN\AppData\Roaming\Malwarebytes
2012-05-13 14:23 . 2012-05-13 14:23 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-05-13 14:23 . 2012-05-13 14:23 -------- d-----w- c:\programdata\Malwarebytes
2012-05-13 14:23 . 2012-04-04 20:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-05-13 14:02 . 2012-03-03 06:35 1544704 ----a-w- c:\windows\system32\DWrite.dll
2012-05-13 14:02 . 2012-03-03 05:31 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll
2012-05-13 14:01 . 2012-03-31 06:05 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-13 14:01 . 2012-03-31 03:10 3146240 ----a-w- c:\windows\system32\win32k.sys
2012-05-13 14:01 . 2012-03-31 04:39 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-05-13 14:01 . 2012-03-31 04:39 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-05-13 14:01 . 2012-03-17 07:58 75120 ----a-w- c:\windows\system32\drivers\partmgr.sys
2012-05-13 14:01 . 2012-03-30 11:35 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-05-13 14:00 . 2012-03-31 05:42 1732096 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2012-05-13 14:00 . 2012-03-31 05:40 1367552 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2012-05-13 14:00 . 2012-03-31 04:29 936960 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2012-05-13 14:00 . 2012-03-31 05:40 1402880 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2012-05-13 14:00 . 2012-03-31 05:40 1393664 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2012-05-09 02:02 . 2012-05-09 02:52 -------- d-----w- c:\users\KIMBERLYTVAN\DoctorWeb
2012-05-09 01:39 . 2012-05-09 01:39 -------- d-----w- c:\program files\Windows Live
2012-05-09 01:28 . 2012-05-09 01:28 15712 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\17a919f81cd2d8305\MeshBetaRemover.exe
2012-05-09 01:28 . 2012-05-09 01:28 89944 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\a77002c1cd2d8304\DSETUP.dll
2012-05-09 01:28 . 2012-05-09 01:28 537432 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\a77002c1cd2d8304\DXSETUP.exe
2012-05-09 01:28 . 2012-05-09 01:28 1801048 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\a77002c1cd2d8304\dsetup32.dll
2012-05-09 01:23 . 2012-05-09 01:53 -------- d-----w- c:\programdata\blekko toolbars
2012-05-09 01:23 . 2012-05-09 01:23 -------- d-----w- c:\users\KIMBERLYTVAN\AppData\Local\blekkotb_005
2012-05-09 01:23 . 2012-05-09 01:23 -------- d-----w- c:\programdata\Anti-phishing Domain Advisor
2012-05-09 01:13 . 2012-05-09 01:13 -------- d-----w- c:\users\KIMBERLYTVAN\AppData\Roaming\SpeedyPC Software
2012-05-09 01:13 . 2012-05-09 01:13 -------- d-----w- c:\users\KIMBERLYTVAN\AppData\Roaming\DriverCure
2012-05-09 01:13 . 2012-05-09 01:13 -------- d-----w- c:\program files (x86)\Common Files\SpeedyPC Software
2012-05-09 01:13 . 2012-05-09 01:13 -------- d-----w- c:\programdata\SpeedyPC Software
2012-05-09 01:13 . 2012-05-09 01:13 -------- d-----w- c:\program files (x86)\SpeedyPC Software
2012-05-04 23:08 . 2012-05-04 23:08 8769696 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-04-30 00:24 . 2012-04-30 00:24 -------- d-----w- c:\users\KIMBERLYTVAN\AppData\Roaming\Origin
2012-04-30 00:24 . 2012-04-30 00:27 -------- d-----w- c:\programdata\Origin
2012-04-30 00:24 . 2012-04-30 00:24 -------- d-----w- c:\program files (x86)\Origin
2012-04-25 02:33 . 2012-05-04 23:08 419488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-04-19 09:50 . 2012-04-19 09:50 28480 ----a-w- c:\windows\system32\drivers\avgidsha.sys
2012-04-17 23:34 . 2012-04-30 00:24 -------- d-----w- c:\programdata\Electronic Arts
2012-04-17 23:18 . 2012-04-17 23:18 -------- d-----w- c:\program files (x86)\Microsoft WSE
2012-04-17 23:17 . 2006-09-28 21:05 3977496 ----a-w- c:\windows\system32\d3dx9_31.dll
2012-04-17 23:17 . 2006-09-28 21:05 2414360 ----a-w- c:\windows\SysWow64\d3dx9_31.dll
2012-04-17 22:57 . 2012-04-30 00:24 -------- d-----w- c:\program files (x86)\Electronic Arts
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-04 23:08 . 2011-11-10 04:16 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-03-30 04:36 . 2012-03-30 04:36 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2012-03-30 04:36 . 2012-03-30 04:36 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2012-03-30 04:36 . 2012-03-30 04:36 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2012-03-30 04:36 . 2012-03-30 04:36 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2012-03-30 04:36 . 2012-03-30 04:36 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2012-03-30 04:36 . 2012-03-30 04:36 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2012-03-30 04:36 . 2012-03-30 04:36 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2012-03-30 04:36 . 2012-03-30 04:36 367104 ----a-w- c:\windows\SysWow64\html.iec
2012-03-30 04:36 . 2012-03-30 04:36 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2012-03-30 04:36 . 2012-03-30 04:36 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-03-30 04:36 . 2012-03-30 04:36 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2012-03-30 04:36 . 2012-03-30 04:36 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2012-03-30 04:36 . 2012-03-30 04:36 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2012-03-30 04:36 . 2012-03-30 04:36 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2012-03-30 04:36 . 2012-03-30 04:36 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-03-30 04:36 . 2012-03-30 04:36 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2012-03-30 04:36 . 2012-03-30 04:36 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2012-03-30 04:36 . 2012-03-30 04:36 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-03-30 04:36 . 2012-03-30 04:36 222208 ----a-w- c:\windows\system32\msls31.dll
2012-03-30 04:36 . 2012-03-30 04:36 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-03-30 04:36 . 2012-03-30 04:36 12288 ----a-w- c:\windows\system32\mshta.exe
2012-03-30 04:36 . 2012-03-30 04:36 114176 ----a-w- c:\windows\system32\admparse.dll
2012-03-30 04:36 . 2012-03-30 04:36 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-03-30 04:36 . 2012-03-30 04:36 76800 ----a-w- c:\windows\system32\tdc.ocx
2012-03-30 04:36 . 2012-03-30 04:36 49664 ----a-w- c:\windows\system32\imgutil.dll
2012-03-30 04:36 . 2012-03-30 04:36 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-03-30 04:36 . 2012-03-30 04:36 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-03-30 04:36 . 2012-03-30 04:36 111616 ----a-w- c:\windows\system32\iesysprep.dll
2012-03-30 04:36 . 2012-03-30 04:36 85504 ----a-w- c:\windows\system32\iesetup.dll
2012-03-30 04:36 . 2012-03-30 04:36 448512 ----a-w- c:\windows\system32\html.iec
2012-03-30 04:36 . 2012-03-30 04:36 30720 ----a-w- c:\windows\system32\licmgr10.dll
2012-03-30 04:36 . 2012-03-30 04:36 165888 ----a-w- c:\windows\system32\iexpress.exe
2012-03-30 04:36 . 2012-03-30 04:36 160256 ----a-w- c:\windows\system32\wextract.exe
2012-03-30 04:36 . 2012-03-30 04:36 603648 ----a-w- c:\windows\system32\vbscript.dll
2012-03-19 10:17 . 2012-03-19 10:17 383808 ----a-w- c:\windows\system32\drivers\avgtdia.sys
2012-03-01 06:46 . 2012-04-13 04:00 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-03-01 06:38 . 2012-04-13 04:00 220672 ----a-w- c:\windows\system32\wintrust.dll
2012-03-01 06:33 . 2012-04-13 04:00 81408 ----a-w- c:\windows\system32\imagehlp.dll
2012-03-01 06:28 . 2012-04-13 04:00 5120 ----a-w- c:\windows\system32\wmi.dll
2012-03-01 05:37 . 2012-04-13 04:00 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-03-01 05:33 . 2012-04-13 04:00 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2012-03-01 05:29 . 2012-04-13 04:00 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2012-02-28 06:56 . 2012-04-12 03:54 2311168 ----a-w- c:\windows\system32\jscript9.dll
2012-02-28 06:49 . 2012-04-12 03:54 1390080 ----a-w- c:\windows\system32\wininet.dll
2012-02-28 06:48 . 2012-04-12 03:54 1493504 ----a-w- c:\windows\system32\inetcpl.cpl
2012-02-28 06:42 . 2012-04-12 03:54 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-02-28 01:18 . 2012-04-12 03:54 1799168 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-02-28 01:11 . 2012-04-12 03:54 1427456 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-02-28 01:11 . 2012-04-12 03:54 1127424 ----a-w- c:\windows\SysWow64\wininet.dll
2012-02-28 01:03 . 2012-04-12 03:54 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-02-22 10:25 . 2012-02-22 10:25 289872 ----a-w- c:\windows\system32\drivers\avgldx64.sys
2012-02-17 06:38 . 2012-03-13 21:14 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2012-02-17 05:34 . 2012-03-13 21:14 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2012-02-17 04:58 . 2012-03-13 21:14 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-02-17 04:57 . 2012-03-13 21:14 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files (x86)\Vuze_Remote\tbVuze.dll" [2010-12-09 3911776]
.
[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-12-09 18:51 3911776 ----a-w- c:\program files (x86)\ConduitEngine\ConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2012-03-12 23:05 1869152 ----a-w- c:\program files (x86)\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
2010-12-09 18:51 3911776 ----a-w- c:\program files (x86)\Vuze_Remote\tbVuze.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files (x86)\Vuze_Remote\tbVuze.dll" [2010-12-09 3911776]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files (x86)\ConduitEngine\ConduitEngine.dll" [2010-12-09 3911776]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll" [2012-03-12 1869152]
.
[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-05-01 4786048]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Dell DataSafe Online"="c:\program files (x86)\Dell DataSafe Online\DataSafeOnline.exe" [2009-11-13 1807600]
"PDVDDXSrv"="c:\program files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2009-06-25 140520]
"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2009-06-24 409744]
"Desktop Disc Tool"="c:\program files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" [2009-10-15 498160]
"NACAgentUI"="c:\program files (x86)\Cisco\Cisco NAC Agent\NACAgentUI.exe" [2010-02-05 454400]
"Absolute Notifier"="c:\program files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifier.exe" [2010-10-08 86184]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-09-08 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2010-09-24 421160]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-04-05 2587008]
"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2012-03-12 982880]
"ROC_roc_dec12"="c:\program files (x86)\AVG Secure Search\ROC_roc_dec12.exe" [2012-01-23 928096]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
"Anti-phishing Domain Advisor"="c:\programdata\Anti-phishing Domain Advisor\visicom_antiphishing.exe" [2012-03-01 232616]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"="c:\program files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe" [2010-02-11 165184]
.
c:\users\KIMBERLYTVAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-9-21 1316192]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-9-21 1316192]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [x]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-04 257696]
R3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [2011-09-01 1025352]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-04-01 183560]
R3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc_x64.pkms [2010-11-18 25072]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [x]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-08-11 140672]
S2 AbsoluteNotifier;Absolute Notifier;c:\program files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifierService.exe [2010-10-08 10408]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2012-04-30 5106744]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288]
S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2009-06-09 155648]
S2 NACAgent;Cisco NAC Agent;c:\program files (x86)\Cisco\Cisco NAC Agent\NACAgent.exe [2010-02-05 742144]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.exe [2010-03-04 658656]
S2 vToolbarUpdater10.2.0;vToolbarUpdater10.2.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe [2012-03-12 918880]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [x]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfiltera.sys [x]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [x]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x]
S3 NETw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\NETw5v64.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-05-15 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-25 23:08]
.
2012-05-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3570141970-2777158319-3988758674-1000Core.job
- c:\users\KIMBERLYTVAN\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-17 02:06]
.
2012-05-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3570141970-2777158319-3988758674-1000UA.job
- c:\users\KIMBERLYTVAN\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-17 02:06]
.
2012-05-08 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\Dell Support Center\uaclauncher.exe [2010-11-18 15:13]
.
2012-05-09 c:\windows\Tasks\SpeedyPC Pro.job
- c:\program files (x86)\SpeedyPC Software\SpeedyPC\SpeedyPC.exe [2011-10-09 01:19]
.
2012-05-14 c:\windows\Tasks\SpeedyPC Registration3.job
- c:\windows\system32\rundll32.exe [2009-07-13 01:14]
.
2012-05-09 c:\windows\Tasks\SpeedyPC Update Version3.job
- c:\program files (x86)\Common Files\SpeedyPC Software\UUS3\SpeedyPC_Update3.exe [2011-10-06 16:18]
.
2012-05-14 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\program files\Dell Support Center\pcdrcui.exe [2010-11-18 15:13]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickSet"="c:\program files\Dell\QuickSet\QuickSet.exe" [2009-07-02 3180624]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-26 161304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-26 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-26 415256]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-06-29 444416]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://mylifeisaverage.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
IE: {{68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - c:\program files (x86)\AVG\AVG2012\avgdtiex.dll
TCP: DhcpNameServer = 192.168.2.1
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\10.2.0\ViProtocol.dll
DPF: {4D2D3A17-9B46-483C-A5F4-1DC471080009} - hxxps://perfserv1.css.edu/auth/taweb.cab
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe
Wow6432Node-HKCU-Run-EA Core - c:\program files (x86)\Electronic Arts\EADM\Core.exe
Wow6432Node-HKLM-Run-DellSupportCenter - c:\program files (x86)\Dell Support Center\bin\sprtcmd.exe
Toolbar-Locked - (no file)
WebBrowser-{BA14329E-9550-4989-B3F2-9732E92D17CC} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-{F46BF5EA-0B4E-4A41-8C4B-3B127346E30F} - c:\users\KIMBERLYTVAN\AppData\Local\{2853BFD5-3865-45EB-A4E3-967D4A9B969A}\NBCDirectInstaller.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCDSRVC{1E208CE0-FB7451FF-06020101}_0]
"ImagePath"="\??\c:\program files\dell support center\pcdsrvc_x64.pkms"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-3570141970-2777158319-3988758674-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-3570141970-2777158319-3988758674-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DbgagD\1*]
"value"="?\0a\02\04\10\05*?"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE
c:\program files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe
.
**************************************************************************
.
Completion time: 2012-05-14 19:29:42 - machine was rebooted
ComboFix-quarantined-files.txt 2012-05-15 00:29
.
Pre-Run: 50,425,430,016 bytes free
Post-Run: 52,274,487,296 bytes free
.
- - End Of File - - 1544A41ABEAD1C67D9719ECC878DFC8F

Re: Critical error Drive sector not found15th May 2012, 1:28 am

Good job. We're making progress. Just a few more scans.

Please download Rooter and Save it to your desktop.

Double click it to start the tool.Vista and Windows7 run as administrator.
Click Scan.
Eventually, a Notepad file containing the report will open, also found at C:\Rooter.txt. Post that log in your next reply.

Re: Critical error Drive sector not found15th May 2012, 3:25 am

Um...I think I'm still running as administrator...because I've always only ever used "KIMBERLYTVAN" user. I just mention that because it says please run tool as administrator. I'm not quite sure how to changet hat either ): But here is the log when I ran it:

Rooter.exe (v1.0.2) by Eric_71
.
The token does not have the SeDebugPrivilege privilege ! (error:1300)
Can not acquire SeDebugPrivilege !
Please run the tool as administrator ..
.
Windows 7 Home Edition (6.1.7601) Service Pack 1
[32_bits] - Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
.
Error OpenService (wscsvc) : 6
Error OpenSCManager : 5
Error OpenService (MpsSvc) : 6
Windows Defender -> Enabled
User Account Control (UAC) -> Enabled
.
Internet Explorer 9.0.8112.16421
.
C:\ [Fixed-NTFS] .. ( Total:451 Go - Free:48 Go )
D:\ [CD_Rom]
.
Scan : 22:22.56
Path : C:\Users\KIMBERLYTVAN\Desktop\Scary Stuff\Rooter.exe
User : KIMBERLYTVAN ( Administrator -> YES )
.
----------------------\\ Processes
.
Locked [System Process] (0)
Locked System (4)
Locked smss.exe (264)
Locked avgrsa.exe (364)
Locked avgcsrva.exe (404)
Locked csrss.exe (624)
Locked wininit.exe (684)
Locked csrss.exe (724)
Locked services.exe (748)
Locked lsass.exe (764)
Locked lsm.exe (772)
Locked svchost.exe (892)
Locked svchost.exe (956)
Locked svchost.exe (1004)
Locked svchost.exe (356)
Locked svchost.exe (632)
Locked stacsv64.exe (628)
Locked winlogon.exe (880)
Locked svchost.exe (1228)
Locked DockLogin.exe (1308)
Locked svchost.exe (1456)
Locked spoolsv.exe (1564)
Locked svchost.exe (1596)
Locked SASCore64.exe (1680)
Locked AbsoluteNotifierService.exe (1712)
Locked AppleMobileDeviceService.exe (1764)
Locked avgwdsvc.exe (1804)
Locked mDNSResponder.exe (1840)
Locked svchost.exe (1876)
Locked NACAgent.exe (1916)
Locked SeaPort.EXE (2000)
Locked SftService.exe (1648)
Locked svchost.exe (1328)
Locked ToolbarUpdater.exe (1724)
Locked WLIDSVC.EXE (2100)
Locked avgidsagent.exe (2176)
Locked WLIDSVCM.EXE (2240)
Locked avgnsa.exe (2804)
Locked avgemca.exe (2820)
______ ???u?????? (2452)
______ ???u?????? (2552)
______ ???u?????? (2940)
Locked STService.exe (3228)
Locked svchost.exe (3372)
______ ???u?????? (3672)
______ ???u?????? (3688)
______ ???u?????? (3704)
______ ???u?????? (3716)
______ ???u?????? (3796)
______ C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe (3984)
______ C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe (4000)
______ C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe (4032)
Locked SynTPHelper.exe (4076)
______ ???u?????? (3148)
Locked SearchIndexer.exe (1164)
Locked NACAgentUI.exe (1432)
______ C:\Program Files (x86)\iTunes\iTunesHelper.exe (3264)
______ C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (2436)
______ C:\Program Files (x86)\Roxio\Roxio Burn\Roxio Burn.exe (4120)
______ C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (4136)
______ C:\Program Files (x86)\AVG Secure Search\vprot.exe (4160)
Locked wmpnetwk.exe (4200)
______ C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe (4284)
______ ???u?????? (4868)
Locked iPodService.exe (5004)
______ C:\Program Files (x86)\Internet Explorer\iexplore.exe (5016)
______ C:\Program Files (x86)\Internet Explorer\iexplore.exe (3592)
Locked svchost.exe (3280)
Locked dllhost.exe (5788)
______ ???u?????? (584)
______ C:\Users\KIMBERLYTVAN\Desktop\Scary Stuff\Rooter.exe (3384)
.
----------------------\\ Device\Harddisk0\
.
\Device\Harddisk0 [Sectors : 63 x 512 Bytes]
.
\Device\Harddisk0\Partition1 (Start_Offset:32256 | Length:41094144)
\Device\Harddisk0\Partition2 --[ MBR ]-- (Start_Offset:41126400 | Length:15728640000)
\Device\Harddisk0\Partition3 (Start_Offset:15769766400 | Length:484337047040)
.
----------------------\\ Scheduled Tasks
.
C:\Windows\Tasks\Adobe Flash Player Updater.job
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3570141970-2777158319-3988758674-1000Core.job
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3570141970-2777158319-3988758674-1000UA.job
C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
C:\Windows\Tasks\SA.DAT
C:\Windows\Tasks\SCHEDLGU.TXT
C:\Windows\Tasks\SpeedyPC Pro.job
C:\Windows\Tasks\SpeedyPC Registration3.job
C:\Windows\Tasks\SpeedyPC Update Version3.job
C:\Windows\Tasks\SystemToolsDailyTest.job
.
----------------------\\ Registry
.
.
----------------------\\ Files & Folders
.
----------------------\\ Scan completed at 22:23.00
.
C:\Rooter$\Rooter_2.txt - (14/05/2012 | 22:23.00)

Re: Critical error Drive sector not found15th May 2012, 6:35 pm

Any other issues before we run possibley our last scan?

I'd like to scan your machine with ESET OnlineScan

•Hold down Control and click on the following link to open ESET OnlineScan in a new window.
ESET OnlineScan
•Click the Critical error Drive sector not found EsetOnline

Critical error Drive sector not found EsetOnline

button.
•For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

Click on to download the ESET Smart Installer. Save it to your desktop.
Double click on the icon on your desktop.

•Check

Critical error Drive sector not found EsetAcceptTerms

•Click the Critical error Drive sector not found EsetStart

button.
•Accept any security warnings from your browser.
•Check Critical error Drive sector not found EsetScanArchives

•Push the Start button.
•ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
•When the scan completes, push Critical error Drive sector not found EsetListThreats

Critical error Drive sector not found EsetListThreats

•Push

Critical error Drive sector not found EsetExport

, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
•Push the Critical error Drive sector not found EsetBack

Critical error Drive sector not found EsetBack

button.
•Push Critical error Drive sector not found EsetFinish

A log file will be saved here: C:\Program Files\ESET\ESET Online Scanner\log.txt

Re: Critical error Drive sector not found15th May 2012, 9:48 pm

C:\Users\KIMBERLYTVAN\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\ec625cb-49f26698 multiple threats deleted - quarantined
C:\Users\KIMBERLYTVAN\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15\15505bcf-132a932d a variant of Java/TrojanDownloader.Agent.NDJ trojan deleted - quarantined
C:\Users\KIMBERLYTVAN\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19\6b527313-1e6b291e a variant of Java/TrojanDownloader.Agent.NDJ trojan deleted - quarantined
C:\Users\KIMBERLYTVAN\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2\12879fc2-1d78a23f a variant of Java/TrojanDownloader.OpenStream.NBF trojan deleted - quarantined
C:\Users\KIMBERLYTVAN\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20\270c07d4-478062c2 a variant of Java/TrojanDownloader.Agent.NDJ trojan deleted - quarantined
C:\Users\KIMBERLYTVAN\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20\319850d4-69fb93ae a variant of Java/TrojanDownloader.Agent.NDJ trojan deleted - quarantined
C:\Users\KIMBERLYTVAN\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23\1847f817-3104ef24 a variant of Java/TrojanDownloader.Agent.NDJ trojan deleted - quarantined
C:\Users\KIMBERLYTVAN\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30\320a219e-75b36131 a variant of Java/TrojanDownloader.OpenStream.NBF trojan deleted - quarantined
C:\Users\KIMBERLYTVAN\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\73af3104-28597737 a variant of Java/TrojanDownloader.OpenStream.NBF trojan deleted - quarantined
C:\Users\KIMBERLYTVAN\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\3eb5fd45-7c35f744 a variant of Java/TrojanDownloader.Agent.NDJ trojan deleted - quarantined
C:\Users\KIMBERLYTVAN\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\13c9a6b2-3ec98bd1 a variant of Java/TrojanDownloader.Agent.NDJ trojan deleted - quarantined
C:\Users\KIMBERLYTVAN\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51\2d80a0f3-2ecad2f2 a variant of Java/TrojanDownloader.OpenStream.NBF trojan deleted - quarantined
C:\Users\KIMBERLYTVAN\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57\7cea6c39-6a03998d a variant of Java/TrojanDownloader.Agent.NDJ trojan deleted - quarantined
C:\Users\KIMBERLYTVAN\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61\69928a3d-74a5b62e a variant of Java/TrojanDownloader.Agent.NDJ trojan deleted - quarantined
C:\Users\KIMBERLYTVAN\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63\375f92ff-57940206 multiple threats deleted - quarantined
C:\Users\KIMBERLYTVAN\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9\c393949-6a0be700 a variant of Java/TrojanDownloader.Agent.NDJ trojan deleted - quarantined
C:\Users\KIMBERLYTVAN\DoctorWeb\Quarantine\2339d6c9-20045540 a variant of Java/TrojanDownloader.OpenStream.NBF trojan deleted - quarantined
C:\Users\KIMBERLYTVAN\DoctorWeb\Quarantine\4ef73e33-10565300 a variant of Java/TrojanDownloader.OpenStream.NBF trojan deleted - quarantined
C:\Users\KIMBERLYTVAN\DoctorWeb\Quarantine\58fde3a4-64cae210 a variant of Java/TrojanDownloader.OpenStream.NBF trojan deleted - quarantined
C:\Users\KIMBERLYTVAN\DoctorWeb\Quarantine\Av-test0.txt Eicar test file cleaned by deleting - quarantined

Re: Critical error Drive sector not found15th May 2012, 9:50 pm

There haven't been any abnormalities that I've noticed anyways. Thank you for helping me.

Re: Critical error Drive sector not found16th May 2012, 12:44 am

There haven't been any abnormalities that I've noticed anyways. Thank you for helping me.

You're welcome. Now let's do some cleanup and we'll be finished.

Update Your Java (JRE)

Old versions of Java have vulnerabilities that malware can use to infect your system.

First Verify your Java Version

If there are any other version(s) installed then update now.

Get the new version (if needed)

If your version is out of date install the newest version of the Sun Java Runtime Environment.

Note: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.

Be sure to close ALL open web browsers before starting the installation.

Remove any old versions

1. Download JavaRa and unzip the file to your Desktop.
2. Open JavaRA.exe and choose Remove Older Versions
3. Once complete exit JavaRA.

Additional Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. To disable the JQS service if you don't want to use it, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and reboot your computer.
*************************************************
To uninstall ComboFix

Click the Start button. Click Run. For Vista: type in Run in the Start search, and click on Run in the results pane.
In the field, type in ComboFix /uninstall

Critical error Drive sector not found Combofix_uninstall_image

(Note: Make sure there's a space between the word ComboFix and the forward-slash.)

Then, press Enter, or click OK.
This will uninstall ComboFix, delete its folders and files, hides System files and folders, and resets System Restore.

*************************************************
To remove all of the tools we used and the files and folders they created do the following:
Double click OTL.exe.

Click the CleanUp button.
Select Yes when the "Begin cleanup Process?" prompt appears.
If you are prompted to Reboot during the cleanup, select Yes.
The tool will delete itself once it finishes.

Note: If any tool, file or folder (belonging to the program we have used) hasn't been deleted, please delete it manually.
****************************************************
Looking over your log it seems you don't have any evidence of a third party firewall.

Firewalls protect against hackers and malicious intruders. You need to download a free firewall from one of these reliable vendors.

Remember only install ONE firewall

1) Comodo Personal Firewall (Uncheck during installation "Install Comodo SafeSurf..", Make Comodo my default search provider" and "Make Comodo Search my homepage" and uncheck any HopSurf and/or Ask.com options if you choose this one)
2) Online Armor
3) Agnitum Outpost
4) PC Tools Firewall Plus

If you are using the built-in Windows XP firewall, it is not recommended as it does not block outgoing connections. This means that any malware on your computer is free to "phone home" for more instructions. Simply put, Windows XP contains a mediocre firewall. This firewall is NO replacement for a dedicated software solution. Remember to use only one firewall at the same time.
*****************************************************
Use the Secunia Software Inspector to check for out of date software.

•Click Start Now

•Check the box next to Enable thorough system inspection.

•Click Start

•Allow the scan to finish and scroll down to see if any updates are needed.
•Update anything listed.
.
----------

Go to Microsoft Windows Update and get all critical updates.

----------

I suggest using WOT - Web of Trust. WOT is a free Internet security addon for your browser. It will keep you safe from online scams, identity theft, spyware, spam, viruses and unreliable shopping sites. WOT warns you before you interact with a risky website. It's easy and it's free.

SpywareBlaster- Secure your Internet Explorer to make it harder for ActiveX programs to run on your computer. Also stop certain cookies from being added to your computer when running Mozilla based browsers like Firefox.
* Using SpywareBlaster to protect your computer from Spyware and Malware
* If you don't know what ActiveX controls are, see here

Protect yourself against spyware using the Immunize feature in Spybot - Search & Destroy. Guide: Use Spybot's Immunize Feature to prevent spyware infection in real-time. Note: To ensure you have the latest Immunizations always update Spybot - Search & Destroy before Immunizing. Spybot - Search & Destroy FAQ

Check out Keeping Yourself Safe On The Web for tips and free tools to help keep you safe in the future.

Also see Slow Computer? It may not be Malware for free cleaning/maintenance tools to help keep your computer running smoothly.
Safe Surfing!

Re: Critical error Drive sector not found16th May 2012, 1:53 am

Should I unistall aswMBR, Malwarebytes Anti-Malware, Rooter, Security Check, SpeedyPC Pro, SUPERAntiSpyware, and unhide too?

Thank you for all your help! You are awesome!

Re: Critical error Drive sector not found18th May 2012, 10:33 pm

num1shygirl wrote:

Should I unistall aswMBR, Malwarebytes Anti-Malware, Rooter, Security Check, SpeedyPC Pro, SUPERAntiSpyware, and unhide too?

Thank you for all your help! You are awesome!

You're welcome. You may keep MBAM and SAS, if you wish. Update them and run them on a regular basis to keep the bugs out. The rest can go.

Critical error Drive sector not found

descriptionCritical error Drive sector not found9th May 2012, 9:51 pm

descriptionRe: Critical error Drive sector not found9th May 2012, 9:52 pm

descriptionRe: Critical error Drive sector not found9th May 2012, 9:52 pm

descriptionRe: Critical error Drive sector not found9th May 2012, 10:59 pm

descriptionRe: Critical error Drive sector not found9th May 2012, 11:02 pm

descriptionRe: Critical error Drive sector not found9th May 2012, 11:14 pm

descriptionRe: Critical error Drive sector not found11th May 2012, 11:23 pm

descriptionRe: Critical error Drive sector not found12th May 2012, 6:28 pm

descriptionRe: Critical error Drive sector not found13th May 2012, 2:30 pm

descriptionRe: Critical error Drive sector not found14th May 2012, 12:19 am

descriptionRe: Critical error Drive sector not found14th May 2012, 12:21 am

descriptionRe: Critical error Drive sector not found14th May 2012, 10:24 pm

descriptionRe: Critical error Drive sector not found14th May 2012, 11:47 pm

descriptionRe: Critical error Drive sector not found15th May 2012, 12:42 am

descriptionRe: Critical error Drive sector not found15th May 2012, 1:28 am

descriptionRe: Critical error Drive sector not found15th May 2012, 3:25 am

descriptionRe: Critical error Drive sector not found15th May 2012, 6:35 pm

descriptionRe: Critical error Drive sector not found15th May 2012, 9:48 pm

descriptionRe: Critical error Drive sector not found15th May 2012, 9:50 pm

descriptionRe: Critical error Drive sector not found16th May 2012, 12:44 am

descriptionRe: Critical error Drive sector not found16th May 2012, 1:53 am

descriptionRe: Critical error Drive sector not found18th May 2012, 10:33 pm

descriptionRe: Critical error Drive sector not found