Jump to content

Build Theme!
  •  
  • Unreplied Topics
  • Downloads
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 93118 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

Can't Boot XP Pro SP3, but Recovery Console Installed

Started by Rich97702 , Mar 18 2010 08:55 AM

  • Please log in to reply
32 replies to this topic

#1 Rich97702

Rich97702

    New Member

  • Authentic Member
  • Pip
  • 14 posts

Posted 18 March 2010 - 08:55 AM

Hello,
I have a screen shot (via camera) of the BSOD I am getting when trying to boot (see attached- 640 x 284 jpg). This happens with all boot choices (F8). I can however open the XP Recovery Console, to the command prompt: C:\WINDOWS
I assume that's a good thing :unsure: but my knowledge of this console is nil. I DID run CHKDSK /p twice; 1st time it "fixed one or more" problems, 2nd time showed only allocation units etc.
I also swapped locations of the memory cards (2X1Gig), and tried each by itself, with no change.

The original BSOD (see attached- 610 x 290 jpg, - a screen shot found online) (after clicking on what I expected to be a fix-it video for my Toyota Tacoma) was slightly different than the one I get now.

Really hoping you can help.
Regardless, thanks so much for being here.
Rich Feldman

THE VICTIM:
Windows XP Pro SP3
Compaq Presario V2401CL laptop
2 gig of RAM
76 gig hard drive (about 12 gig free)

and as of yesterday, from which I write:

Windows 7 Home Premium (now w/latest updates)
HP G60-635DX Notebook

Attached Thumbnails

  • Original_BSOD.jpg
  • Current_BSOD.jpg

Edited by Rich97702, 18 March 2010 - 09:22 AM.

    Advertisements

Register to Remove

#2 paws

paws

    Tech Team

  • Administrator
  • 6,088 posts

Posted 19 March 2010 - 10:30 AM

Hi and welcome to the WTT forums. :welcome: Sorry to hear of the problems with your machine. Running chkdsk with the p switch was a good move, but it may be necessary to probe a little deeper. Try running chkdsk again but this time with the r switch chkdsk /r allow plenty of time for this to happen.... it may be necessary to run this again if the first run finds and fixes errors. Next have you installed or uninstalled any hardware of software or made any system alterations recently...? let us know how you go Regards paws
The help you receive here is free. If you wish to show your appreciation, then you may donate to help keep us online. http://www.whatthetech.com/donate

#3 Rich97702

Rich97702

    New Member

  • Authentic Member
  • Pip
  • 14 posts

Posted 19 March 2010 - 11:31 AM

Thank you Paws- chkdsk /r is running. No changes, but last night I did make a REATOGO disc and ran a scan using these instructions (from another post- I know :wacko: ) : __________________ You will find an icon on the desktop called OTLPE > Double-click on the OTLPE icon. When asked "Do you wish to load the remote registry", select Yes When asked "Do you wish to load remote user profile(s) for scanning", select Yes Ensure the box "Automatically Load All Remaining Users" is checked and press OK OTL should now start. Change the following settings * Change Drivers to SafeList Press Run Scan to start the scan. ____________________ It was sure nice to see that all my files, 9 years worth, are intact! First good sign in 6 days. Scan results are available. Will run chkdisc 2x if necessary and will post back shortly. Rich

#4 Rich97702

Rich97702

    New Member

  • Authentic Member
  • Pip
  • 14 posts

Posted 19 March 2010 - 03:38 PM

chkdsk ran fine but fixed nothing (see screen shot).

I include below the aforementioned OTL logfile, in case it helps. If not- ignore.

OTL logfile created on: 3/18/2010 9:20:07 AM - Run
OTLPE by OldTimer - Version 3.1.37.1 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 84.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 97.00% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.53 Gb Total Space | 15.17 Gb Free Space | 20.35% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive X: | 276.80 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO
Current User Name: SYSTEM
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
Using ControlSet: ControlSet003

========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled] -- -- (Symantec Core LC)
SRV - File not found [Disabled] -- -- (NMIndexingService)
SRV - File not found [Disabled] -- -- (Nero BackItUp Scheduler 3)
SRV - File not found [Disabled] -- -- (MaxBackServiceInt)
SRV - File not found [Disabled] -- -- (LiveUpdate)
SRV - File not found [Disabled] -- -- (Iomega Activity Disk2)
SRV - File not found [On_Demand] -- -- (getPlus® Helper) getPlus®
SRV - File not found [Disabled] -- -- (CarboniteService)
SRV - File not found [Disabled] -- -- (Bonjour Service)
SRV - File not found [Disabled] -- -- (Automatic LiveUpdate Scheduler)
SRV - File not found [Disabled] -- -- (Adobe Version Cue CS3)
SRV - [2010/01/14 19:08:13 | 000,070,928 | ---- | M] (PC Tools) [Auto] -- C:\Program Files\ThreatFire\TFService.exe -- (ThreatFire)
SRV - [2009/12/10 23:18:26 | 000,045,056 | ---- | M] (Intuit) [Auto] -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2009/10/20 01:37:53 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008/08/09 00:10:46 | 000,061,440 | ---- | M] (Intuit Inc.) [On_Demand] -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2008/07/26 12:25:36 | 000,150,040 | ---- | M] (Logitech Inc.) [Disabled] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2008/07/26 12:23:42 | 000,186,904 | ---- | M] (Logitech Inc.) [Disabled] -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe -- (LVCOMSer)
SRV - [2008/07/07 19:26:02 | 000,355,584 | ---- | M] (TuneUp Software GmbH) [Disabled] -- C:\WINDOWS\system32\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2008/06/01 12:10:50 | 000,145,504 | ---- | M] (B.H.A Corporation) [Auto] -- C:\WINDOWS\System32\bgsvcgen.exe -- (bgsvcgen)
SRV - [2008/05/29 12:28:54 | 000,028,416 | ---- | M] (TuneUp Software GmbH) [Auto] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)
SRV - [2008/04/13 20:12:36 | 000,033,280 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\snmp.exe -- (SNMP)
SRV - [2008/04/13 20:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (W3SVC)
SRV - [2008/04/13 20:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (SMTPSVC) Simple Mail Transfer Protocol (SMTP)
SRV - [2008/04/13 20:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (MSFtpsvc)
SRV - [2008/04/13 20:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (IISADMIN)
SRV - [2008/04/13 20:12:02 | 000,105,472 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\p2pgasvc.dll -- (p2pgasvc)
SRV - [2008/04/13 20:11:55 | 000,035,328 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\iprip.dll -- (Iprip)
SRV - [2007/05/28 12:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Disabled] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2006/01/06 15:07:26 | 000,077,824 | ---- | M] (HP) [Disabled] -- C:\WINDOWS\system32\hphipm11.exe -- (Pml Driver HPH11)
SRV - [2004/08/04 04:00:00 | 000,019,456 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\tcpsvcs.exe -- (SimpTcp)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | System] -- -- (tzraqlo)
DRV - File not found [Unknown (0) | On_Demand] -- -- (TfKbMon)
DRV - File not found [Kernel | On_Demand] -- -- (portio)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand] -- -- (HSF_DPV)
DRV - File not found [Kernel | System] -- -- (eabfiltr)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - File not found [Kernel | On_Demand] -- -- (catchme)
DRV - File not found [Kernel | System] -- -- (Beep)
DRV - File not found [Kernel | On_Demand] -- -- (Ad-Watch Connect Filter)
DRV - [2010/01/14 19:08:30 | 000,059,664 | ---- | M] (PC Tools) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\TfSysMon.sys -- (TfSysMon)
DRV - [2010/01/14 19:08:29 | 000,033,552 | ---- | M] (PC Tools) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\TfNetMon.sys -- (TfNetMon)
DRV - [2010/01/14 19:08:28 | 000,051,984 | ---- | M] (PC Tools) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\TfFsMon.sys -- (TfFsMon)
DRV - [2009/12/03 20:13:56 | 000,019,160 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMDrvService)
DRV - [2009/09/08 21:10:53 | 000,721,904 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2009/05/09 04:14:20 | 000,014,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nuidfltr.sys -- (NuidFltr)
DRV - [2008/10/30 17:10:48 | 000,117,120 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2008/10/23 05:58:36 | 001,391,104 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2008/08/21 00:52:41 | 003,299,840 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008/07/28 21:19:28 | 000,116,736 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mcdbus.sys -- (mcdbus)
DRV - [2008/07/26 12:25:02 | 000,025,624 | ---- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2008/06/20 07:08:27 | 000,225,856 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2008/06/01 12:10:50 | 000,033,408 | ---- | M] (B.H.A Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\CDRBSDRV.SYS -- (cdrbsdrv)
DRV - [2008/05/08 10:02:52 | 000,203,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\rmcast.sys -- (RMCAST)
DRV - [2008/05/02 02:12:04 | 000,042,512 | ---- | M] (CACE Technologies) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2008/04/13 15:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/04/13 14:40:30 | 000,096,512 | ---- | M] () [Kernel | Boot] -- C:\WINDOWS\system32\drivers\atapi.sys -- (atapi)
DRV - [2008/04/13 14:39:44 | 000,092,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mqac.sys -- (MQAC)
DRV - [2007/12/06 21:41:42 | 000,220,032 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2007/05/03 16:37:08 | 000,022,152 | ---- | M] (Maxtor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mxopswd.sys -- (MXOPSWD)
DRV - [2006/09/28 00:44:46 | 000,079,393 | ---- | M] (Roland Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Rdwm1027.sys -- (RDID1027)
DRV - [2006/08/18 12:07:28 | 000,010,344 | ---- | M] (Symantec Corporation) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\symlcbrd.sys -- (symlcbrd)
DRV - [2006/07/06 17:44:00 | 000,168,448 | ---- | M] (Texas Instruments) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2006/06/19 02:37:34 | 000,036,864 | ---- | M] (Advanced Micro Devices) [Kernel | System] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2006/01/06 15:07:27 | 000,050,276 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hphs2k11.sys -- (Dot4Storage HPH11) Storage Class Driver for IEEE-1284.4 (HPH11)
DRV - [2006/01/06 15:07:27 | 000,018,928 | ---- | M] (HP) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hphius11.sys -- (Dot4Usb HPH11)
DRV - [2006/01/06 15:07:27 | 000,016,112 | ---- | M] (HP) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hphipr11.sys -- (Dot4Print HPH11)
DRV - [2006/01/06 15:07:26 | 000,050,896 | ---- | M] (HP) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hphid411.sys -- (Dot4 HPH11)
DRV - [2005/09/01 17:11:52 | 000,016,768 | ---- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\LVPrcMon.sys -- (LVPrcMon)
DRV - [2005/09/01 15:27:45 | 000,014,080 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\lvuvcflt.sys -- (FilterService)
DRV - [2005/09/01 15:24:44 | 001,081,856 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC) QuickCam for Notebooks Pro(UVC)
DRV - [2005/09/01 15:20:51 | 000,022,528 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2005/07/01 13:15:06 | 000,025,344 | R--- | M] (Iomega) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\IABFilt.sys -- (IABFilt)
DRV - [2005/04/20 20:46:42 | 000,350,080 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\camc6hal.sys -- (CAMCHALA)
DRV - [2005/04/20 20:45:48 | 000,038,016 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\camc6aud.sys -- (CAMCAUD)
DRV - [2005/01/18 12:52:16 | 000,055,320 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2004/12/15 11:18:30 | 000,200,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HSFHWATI.sys -- (HSFHWATI)
DRV - [2004/12/15 11:18:28 | 000,703,232 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2004/12/15 11:18:26 | 001,038,208 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2004/10/15 16:50:20 | 000,015,295 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\BrScnUsb.sys -- (BrScnUsb)
DRV - [2004/03/25 04:04:00 | 000,100,603 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\dla\tfsnudfa.sys -- (tfsnudfa)
DRV - [2004/03/25 04:04:00 | 000,098,650 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\dla\tfsnudf.sys -- (tfsnudf)
DRV - [2004/03/25 04:04:00 | 000,085,978 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\dla\tfsnifs.sys -- (tfsnifs)
DRV - [2004/03/25 04:04:00 | 000,034,843 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\dla\tfsncofs.sys -- (tfsncofs)
DRV - [2004/03/25 04:04:00 | 000,025,691 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\dla\tfsnboio.sys -- (tfsnboio)
DRV - [2004/03/25 04:04:00 | 000,014,235 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\dla\tfsnopio.sys -- (tfsnopio)
DRV - [2004/03/25 04:04:00 | 000,006,363 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\dla\tfsnpool.sys -- (tfsnpool)
DRV - [2004/03/25 04:04:00 | 000,004,123 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\dla\tfsndrct.sys -- (tfsndrct)
DRV - [2004/03/25 04:04:00 | 000,002,239 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\dla\tfsndres.sys -- (tfsndres)
DRV - [2004/02/27 05:56:00 | 000,040,480 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\drivers\drvnddm.sys -- (drvnddm)
DRV - [2004/02/25 00:23:32 | 000,125,184 | ---- | M] (Plextor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Xstream.sys -- (WISTechVIDCAP)
DRV - [2004/02/13 06:21:00 | 000,086,160 | ---- | M] (Sonic Solutions) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\drvmcdb.sys -- (drvmcdb)
DRV - [2004/01/21 23:55:12 | 000,013,184 | ---- | M] (Plextor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\XLoader.sys -- (XLoader) PLEXTOR EZ-USB FX2 FIRMWARE LOADER (XLoader.sys)
DRV - [2004/01/14 22:18:16 | 000,005,621 | ---- | M] (Sonic Solutions) [File_System | System] -- C:\WINDOWS\system32\drivers\sscdbhk5.sys -- (sscdbhk5)
DRV - [2004/01/14 22:18:04 | 000,023,219 | ---- | M] (Sonic Solutions) [File_System | System] -- C:\WINDOWS\system32\drivers\ssrtln.sys -- (ssrtln)
DRV - [2003/12/19 05:00:00 | 000,006,656 | ---- | M] (Sonic Solutions) [Kernel | System] -- C:\WINDOWS\system32\drivers\cinemsup.sys -- (Cinemsup)
DRV - [2003/09/19 05:47:00 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\pfc.sys -- (Pfc)
DRV - [2001/08/17 15:10:28 | 000,035,913 | ---- | M] (SMC) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\smcirda.sys -- (SMCIRDA)
DRV - [2001/08/17 11:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\aliide.sys -- (AliIde)
DRV - [2001/04/16 13:16:58 | 000,951,284 | ---- | M] (Roland) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\vsc.sys -- (vsc32)
DRV - [2001/04/13 22:16:38 | 000,187,992 | ---- | M] (Roland) [Kernel | Auto] -- C:\Program Files\Roland\Virtual Sound Canvas DXi\RVIEg01.sys -- (RVIEG01)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...m...tf8&oe=utf8
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\LocalService_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityrespo...er/fix_homepage

IE - HKU\NetworkService_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityrespo...er/fix_homepage

IE - HKU\Richard_Feldman_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\Richard_Feldman_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\Richard_Feldman_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...m...tf8&oe=utf8
IE - HKU\Richard_Feldman_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\Richard_Feldman_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Richard_Feldman_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaulturl: "http://www.google.co...-8&oe=UTF-8&q="
FF - prefs.js..browser.search.selectedEngine: "Google"

FF - HKLM\software\mozilla\Mozilla Firefox 3.0.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/02/18 03:24:31 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/03/06 11:33:24 | 000,000,000 | ---D | M]

[2009/12/24 22:28:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions
[2008/03/30 12:09:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\b6vpx9pk.default\extensions
[2010/03/13 17:09:57 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/02/23 00:13:59 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2008/07/01 02:02:00 | 000,663,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\npOGAPlugin.dll
[2007/03/09 19:16:44 | 000,189,496 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll

Hosts file not found
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\Adobe Contribute CS3\contributeieplugin.dll File not found
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll File not found
O3 - HKU\Administrator_ON_C\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\Richard_Feldman_ON_C\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\Richard_Feldman_ON_C\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\Richard_Feldman_ON_C\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\Richard_Feldman_ON_C\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe File not found
O4 - HKLM..\Run: [Intuit SyncManager] C:\Program Files\Common Files\Intuit\Sync\IntuitSyncManager.exe (Intuit Inc. All rights reserved.)
O4 - HKLM..\Run: [ThreatFire] C:\Program Files\ThreatFire\TFTray.exe (PC Tools)
O4 - HKU\Administrator_ON_C..\RunOnce: [NeroHomeFirstStart] C:\Program Files\Common Files\Nero\Lib\NMFirstStart.exe File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Google Calendar Sync.lnk = C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe (Google)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\LaunchU3.exe.lnk = C:\WINDOWS\Installer\{D8E363A7-88B7-446D-B2C0-E26CE4DC8E54}\_294823.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLegacyLogonScripts = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogoffScripts = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideStartupScripts = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\Administrator_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\Administrator_ON_C\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKU\LocalService_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\LocalService_ON_C\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\NetworkService_ON_C\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Richard_Feldman_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\Richard_Feldman_ON_C\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\Richard_Feldman_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 177
O7 - HKU\Richard_Feldman_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKU\Richard_Feldman_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsNetHood = 1
O7 - HKU\Richard_Feldman_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoUserNameInStartMenu = 1
O7 - HKU\Richard_Feldman_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogOff = 0
O7 - HKU\Richard_Feldman_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MaxRecentDocs = 3
O7 - HKU\Richard_Feldman_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLegacyLogonScripts = 0
O7 - HKU\Richard_Feldman_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogoffScripts = 0
O7 - HKU\Richard_Feldman_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1
O7 - HKU\Richard_Feldman_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 1
O7 - HKU\Richard_Feldman_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideStartupScripts = 0
O7 - HKU\systemprofile_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\systemprofile_ON_C\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll File not found
O9 - Extra 'Tools' menuitem : ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll File not found
O9 - Extra 'Tools' menuitem : ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll File not found
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O16 - DPF: {03B39B10-9AB9-4DBB-8189-7F76E0CE5F3F} https://favorites.li...?v=13,0,1609,00 (FavImport Class)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.micr.../OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {14C1B87C-3342-445F-9B5E-365FF330A3AC} http://h50203.www5.h...DataManager.CAB (Hewlett-Packard Online Support Services)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} http://h50203.www5.h...DataManager.CAB (Hewlett-Packard Online Support Services)
O16 - DPF: {5C709EEC-DDE1-4738-8E57-7564E2637891} https://merchantacco...ncCom1_2009.cab (QBMASSyncCom1_2009.UserControl1)
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} http://h20270.www2.h...ctDetection.cab (HpProductDetection Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1187565712125 (MUWebControl Class)
O16 - DPF: {788539E8-002D-4E59-9089-40B694A99C9A} https://merchantacco...ncCom2_2008.cab (QBMASSyncCom2_2008.UserControl1)
O16 - DPF: {7DD82D6B-3553-470B-8D1E-D5C7086478A7} https://merchantacco...ncCom2_2005.cab (QBMASSyncCom2_2005.UserControl1)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {8BC53B30-32E4-4ED3-BEF9-DB761DB77453} http://u3.sandisk.co...LPInstaller.CAB (CInstallLPCtrl Object)
O16 - DPF: {9B17FE0E-51F2-4692-8B32-8EFB805FC0E7} http://h30155.www3.h...edsolutions.cab (HPObjectInstaller Class)
O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0)
O16 - DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_02)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_09)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_10)
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_11)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_04)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {DE22A7AB-A739-4C58-AD52-21F9CD6306B7} http://download.micr...04/clearadj.cab (CTAdjust Class)
O16 - DPF: {F21AC8A4-4322-11D6-8EBE-0001023D1A2A} https://merchantacco...RecurPayCom.cab (IntuitRecurPayCom.UserControl1)
O16 - DPF: {F8A9F96F-8375-4596-BD89-EEAE2781D810} https://merchantacco...MASSyncCom1.cab (QBMASSyncCom1.UserControl1)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 216.228.160.3 216.228.160.4
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\intu-help-qb2 {84D77A00-41B5-4b8b-8ADF-86486D72E749} - C:\Program Files\Intuit\QuickBooks 2006\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll File not found
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\dimsntfy: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O24 - Desktop Components:0 () - file:///C:/DOCUME~1/RICHAR~1/LOCALS~1/Temp/msohtmlclip1/01/clip_image001.png
O24 - Desktop Components:1 (My Current Home Page) - About:Home
O24 - Desktop WallPaper: B:\Documents and Settings\Default User\My Documents\Clipboard02.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (C:\WINDOWS\system32\geBsrOHx) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{48708b76-688a-11dd-a9b0-0014a56f3b32}\Shell\AutoRun\command - "" = J:\LaunchU3.exe -- File not found
O33 - MountPoints2\P\Shell - "" = AutoRun
O33 - MountPoints2\P\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\P\Shell\AutoRun\command - "" = P:\Autoplay.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/03/13 17:35:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\tmp
[2010/03/06 20:07:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Richard Feldman\My Documents\Joe's Rental
[2010/03/03 19:12:13 | 000,000,000 | ---D | C] -- C:\Program Files\webserver
[2010/03/03 19:06:44 | 000,206,848 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Documents and Settings\Richard Feldman\Local Settings\Application Data\rdr_1267657585.exe.exe
[2010/02/26 19:07:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Richard Feldman\My Documents\Bend Jazz Trio pdfs
[2010/02/23 00:13:23 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2010/02/22 19:19:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Richard Feldman\Local Settings\Application Data\Temp
[2010/02/19 03:32:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Richard Feldman\My Documents\Flute Wedgehead
[2010/02/18 13:49:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Richard Feldman\Application Data\MusE
[2010/02/18 13:45:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Richard Feldman\Local Settings\Application Data\MusE
[2010/02/18 13:44:53 | 000,000,000 | ---D | C] -- C:\Program Files\MuseScore 0.9
[2010/02/18 03:35:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Richard Feldman\My Documents\JBL
[2010/02/18 01:10:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Richard Feldman\Desktop\Deco Tunes
[2008/01/28 10:37:36 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Richard Feldman\Application Data\pcouffin.sys
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/03/13 18:16:57 | 000,000,308 | -H-- | M] () -- C:\WINDOWS\tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job
[2010/03/13 18:16:51 | 000,000,308 | -H-- | M] () -- C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
[2010/03/13 18:16:17 | 000,084,480 | ---- | M] () -- C:\Documents and Settings\Richard Feldman\Desktop\video-plugin.40030.exe
[2010/03/13 16:38:14 | 000,045,080 | ---- | M] () -- C:\Documents and Settings\Richard Feldman\Application Data\wklnhst.dat
[2010/03/11 12:45:51 | 000,000,125 | ---- | M] () -- C:\Documents and Settings\Richard Feldman\Desktop\Google - Compare mortgages.URL
[2010/03/11 03:55:51 | 000,002,521 | ---- | M] () -- C:\Documents and Settings\Richard Feldman\Desktop\Office Outlook 2007.lnk
[2010/03/11 03:48:37 | 000,000,432 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.ics
[2010/03/11 03:48:32 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/03/11 03:47:55 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/03/11 03:47:54 | 000,044,964 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap
[2010/03/11 03:46:30 | 020,185,088 | ---- | M] () -- C:\Documents and Settings\Richard Feldman\ntuser.dat
[2010/03/11 03:46:30 | 000,262,144 | ---- | M] () -- C:\Documents and Settings\NetworkService\NTUSER.DAT
[2010/03/11 03:46:30 | 000,233,472 | ---- | M] () -- C:\Documents and Settings\LocalService\ntuser.dat
[2010/03/11 03:46:21 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Richard Feldman\ntuser.ini
[2010/03/11 03:44:57 | 017,800,048 | -H-- | M] () -- C:\Documents and Settings\Richard Feldman\Local Settings\Application Data\IconCache.db
[2010/03/10 22:08:57 | 000,000,066 | ---- | M] () -- C:\WINDOWS\BBW_INFO.INI
[2010/03/10 15:39:00 | 000,004,362 | ---- | M] () -- C:\Documents and Settings\Richard Feldman\My Documents\So Help Me Jesus word perfect.wpd
[2010/03/10 15:39:00 | 000,003,349 | ---- | M] () -- C:\Documents and Settings\Richard Feldman\My Documents\So Help Me Jesus msword.doc
[2010/03/05 21:38:44 | 000,065,536 | ---- | M] () -- C:\Documents and Settings\Richard Feldman\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/03/03 19:29:51 | 001,786,064 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/03/03 19:06:30 | 000,206,848 | ---- | M] (Realtek Semiconductor Corporation) -- C:\Documents and Settings\Richard Feldman\Local Settings\Application Data\rdr_1267657585.exe.exe
[2010/02/28 17:45:29 | 000,000,170 | ---- | M] () -- C:\Documents and Settings\Richard Feldman\Application Data\default.rss
[2010/02/28 17:45:28 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010/02/26 21:50:56 | 000,154,016 | ---- | M] () -- C:\Documents and Settings\Richard Feldman\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/02/26 20:18:50 | 000,000,426 | ---- | M] () -- C:\WINDOWS\BRWMARK.INI
[2010/02/25 20:32:15 | 000,026,420 | ---- | M] () -- C:\Documents and Settings\Richard Feldman\My Documents\Love Dance Concert Eb TENOR.pdf
[2010/02/25 20:29:16 | 000,026,051 | ---- | M] () -- C:\Documents and Settings\Richard Feldman\My Documents\Love Dance Concert Bb TENOR.pdf
[2010/02/25 20:23:47 | 000,025,664 | ---- | M] () -- C:\Documents and Settings\Richard Feldman\My Documents\Love Dance Concert Bb.pdf
[2010/02/25 19:58:59 | 000,000,966 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-438389835-3352072604-3910823140-1005Core1cab6767fbe6be4.job
[2010/02/24 09:12:31 | 260,482,833 | ---- | M] () -- C:\Documents and Settings\Richard Feldman\My Documents\plating_in_the_small_shop.wmv
[2010/02/24 06:35:21 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/02/22 23:56:08 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\lvuvc.hs
[2010/02/21 14:22:56 | 000,000,054 | ---- | M] () -- C:\Documents and Settings\Richard Feldman\My Documents\Greg Byers Music.URL
[2010/02/19 21:25:40 | 024,360,054 | ---- | M] () -- C:\Documents and Settings\Richard Feldman\My Documents\Bach-Calicchio-Schilke.bmp
[2010/02/19 21:25:40 | 000,191,821 | ---- | M] () -- C:\Documents and Settings\Richard Feldman\My Documents\Bach-Calicchio-Schilke.jpg
[2010/02/19 19:51:41 | 000,375,218 | ---- | M] () -- C:\Documents and Settings\Richard Feldman\Desktop\checklist.pdf
[2010/02/19 15:09:45 | 000,038,477 | ---- | M] () -- C:\Documents and Settings\Richard Feldman\Application Data\Comma Separated Values (DOS).ADR
[2010/02/18 21:43:38 | 000,000,069 | ---- | M] () -- C:\Documents and Settings\Richard Feldman\Desktop\Mosaic Records - Jazz Video Cafe.URL
[2010/02/18 21:42:19 | 030,710,818 | ---- | M] () -- C:\Documents and Settings\Richard Feldman\My Documents\video.flv
[2010/02/18 13:51:28 | 000,000,731 | ---- | M] () -- C:\Documents and Settings\Richard Feldman\Desktop\MuseScore.lnk
[2010/02/18 13:32:02 | 000,000,080 | ---- | M] () -- C:\Documents and Settings\Richard Feldman\My Documents\104 sheets found for love dance Wikifonia.URL
[2010/02/18 03:29:59 | 000,629,532 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/02/18 03:29:59 | 000,519,498 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/02/18 03:29:59 | 000,097,938 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/02/17 21:41:33 | 000,237,568 | ---- | M] () -- C:\WINDOWS\System32\rmc_rtspdl.dll
[2010/02/17 21:41:33 | 000,156,672 | ---- | M] (Radioactive) -- C:\WINDOWS\System32\rmc_fixasf.exe
[2010/02/17 21:41:26 | 000,323,584 | ---- | M] (Stefan Toengi) -- C:\WINDOWS\System32\AUDIOGENIE2.DLL
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/03/13 18:16:47 | 000,000,308 | -H-- | C] () -- C:\WINDOWS\tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job
[2010/03/13 18:16:37 | 000,000,308 | -H-- | C] () -- C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
[2010/03/13 18:16:18 | 000,084,480 | ---- | C] () -- C:\Documents and Settings\Richard Feldman\Desktop\video-plugin.40030.exe
[2010/03/11 12:45:51 | 000,000,125 | ---- | C] () -- C:\Documents and Settings\Richard Feldman\Desktop\Google - Compare mortgages.URL
[2010/03/10 15:39:00 | 000,004,362 | ---- | C] () -- C:\Documents and Settings\Richard Feldman\My Documents\So Help Me Jesus word perfect.wpd
[2010/03/10 15:39:00 | 000,003,349 | ---- | C] () -- C:\Documents and Settings\Richard Feldman\My Documents\So Help Me Jesus msword.doc
[2010/03/04 23:59:07 | 260,482,833 | ---- | C] () -- C:\Documents and Settings\Richard Feldman\My Documents\plating_in_the_small_shop.wmv
[2010/02/25 20:32:15 | 000,026,420 | ---- | C] () -- C:\Documents and Settings\Richard Feldman\My Documents\Love Dance Concert Eb TENOR.pdf
[2010/02/25 20:29:16 | 000,026,051 | ---- | C] () -- C:\Documents and Settings\Richard Feldman\My Documents\Love Dance Concert Bb TENOR.pdf
[2010/02/25 20:23:47 | 000,025,664 | ---- | C] () -- C:\Documents and Settings\Richard Feldman\My Documents\Love Dance Concert Bb.pdf
[2010/02/25 19:58:59 | 000,000,966 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-438389835-3352072604-3910823140-1005Core1cab6767fbe6be4.job
[2010/02/21 14:22:56 | 000,000,054 | ---- | C] () -- C:\Documents and Settings\Richard Feldman\My Documents\Greg Byers Music.URL
[2010/02/19 21:25:40 | 024,360,054 | ---- | C] () -- C:\Documents and Settings\Richard Feldman\My Documents\Bach-Calicchio-Schilke.bmp
[2010/02/19 21:25:40 | 000,191,821 | ---- | C] () -- C:\Documents and Settings\Richard Feldman\My Documents\Bach-Calicchio-Schilke.jpg
[2010/02/19 19:51:35 | 000,375,218 | ---- | C] () -- C:\Documents and Settings\Richard Feldman\Desktop\checklist.pdf
[2010/02/19 15:09:45 | 000,038,477 | ---- | C] () -- C:\Documents and Settings\Richard Feldman\Application Data\Comma Separated Values (DOS).ADR
[2010/02/18 21:43:38 | 000,000,069 | ---- | C] () -- C:\Documents and Settings\Richard Feldman\Desktop\Mosaic Records - Jazz Video Cafe.URL
[2010/02/18 21:42:04 | 030,710,818 | ---- | C] () -- C:\Documents and Settings\Richard Feldman\My Documents\video.flv
[2010/02/18 13:51:28 | 000,000,731 | ---- | C] () -- C:\Documents and Settings\Richard Feldman\Desktop\MuseScore.lnk
[2010/02/18 13:32:02 | 000,000,080 | ---- | C] () -- C:\Documents and Settings\Richard Feldman\My Documents\104 sheets found for love dance Wikifonia.URL
[2010/02/12 21:42:29 | 000,011,966 | ---- | C] () -- C:\Documents and Settings\Richard Feldman\Application Data\Comma Separated Values (Windows).CAL
[2010/01/28 23:20:16 | 000,000,760 | ---- | C] () -- C:\Documents and Settings\Richard Feldman\Application Data\setup_ldm.iss
[2010/01/02 14:16:14 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Richard Feldman\Application Data\downloads.m3u
[2009/12/25 01:39:38 | 000,000,170 | ---- | C] () -- C:\Documents and Settings\Richard Feldman\Application Data\default.rss
[2009/12/25 00:46:13 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009/12/13 00:14:03 | 000,006,794 | ---- | C] () -- C:\Documents and Settings\Richard Feldman\Application Data\SAS7_000.DAT
[2009/11/16 19:55:42 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2009/11/16 19:55:37 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/11/16 19:55:37 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009/10/21 01:58:45 | 000,065,536 | ---- | C] () -- C:\Documents and Settings\Richard Feldman\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/05/17 13:17:47 | 000,000,165 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2009/05/15 11:53:54 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\rmc_rtspdl.dll
[2009/05/13 20:57:29 | 001,238,872 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2009/03/19 11:43:42 | 000,000,090 | ---- | C] () -- C:\WINDOWS\QBChanUtil_Trigger.ini
[2009/02/21 11:25:20 | 000,691,592 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/02/06 00:45:49 | 000,007,909 | ---- | C] () -- C:\WINDOWS\System32\ftpctrs.ini
[2009/01/28 21:58:05 | 000,023,938 | ---- | C] () -- C:\Documents and Settings\Richard Feldman\Application Data\Comma Separated Values (Windows).ADR
[2009/01/20 17:14:46 | 000,010,238 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2009/01/10 15:26:16 | 000,000,719 | R--- | C] () -- C:\WINDOWS\System32\InstExec.ini
[2009/01/01 21:19:05 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2009/01/01 21:19:05 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2009/01/01 21:19:05 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2009/01/01 21:19:05 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2009/01/01 21:19:05 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2009/01/01 21:19:05 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2008/12/02 20:18:15 | 000,000,426 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2008/12/02 20:15:47 | 000,000,114 | ---- | C] () -- C:\WINDOWS\System32\BRLMW03A.INI
[2008/12/02 19:57:34 | 000,031,567 | ---- | C] () -- C:\WINDOWS\maxlink.ini
[2008/11/05 14:21:31 | 000,010,886 | ---- | C] () -- C:\WINDOWS\System32\RdCi1027.dll
[2008/11/01 21:52:04 | 000,000,114 | ---- | C] () -- C:\WINDOWS\CDPlayer.ini
[2008/11/01 12:04:54 | 000,003,082 | ---- | C] () -- C:\WINDOWS\System32\affv6628p5now.sys
[2008/09/28 12:42:36 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\CommonDL.dll
[2008/09/28 12:42:36 | 000,002,412 | ---- | C] () -- C:\WINDOWS\System32\lgAxconfig.ini
[2008/07/26 12:25:02 | 000,025,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2008/07/21 22:18:52 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\hpodinet.dll
[2008/06/04 22:30:49 | 002,463,976 | ---- | C] () -- C:\WINDOWS\System32\NPSWF32.dll
[2008/06/01 12:06:57 | 000,000,680 | ---- | C] () -- C:\Documents and Settings\Richard Feldman\Application Data\coreavc.ini
[2008/05/30 16:28:00 | 000,000,088 | RHS- | C] () -- C:\WINDOWS\System32\D79608E7A2.sys
[2008/05/30 16:27:58 | 000,002,828 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2008/05/29 02:02:43 | 000,096,512 | ---- | C] () -- C:\WINDOWS\System32\drivers\atapi.sys
[2008/05/23 23:32:39 | 000,408,576 | ---- | C] () -- C:\WINDOWS\System32\Smab.dll
[2008/05/23 23:32:34 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2008/05/04 23:46:06 | 000,000,039 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2008/05/01 20:20:42 | 000,011,138 | ---- | C] () -- C:\WINDOWS\msvrc20.dll
[2008/04/18 18:53:03 | 000,383,238 | ---- | C] () -- C:\WINDOWS\System32\libmp3lame-0.dll
[2008/04/14 12:52:07 | 000,021,791 | ---- | C] () -- C:\WINDOWS\System32\smtpctrs.ini
[2008/04/14 12:52:06 | 000,001,037 | ---- | C] () -- C:\WINDOWS\System32\ntfsdrct.ini
[2008/04/14 12:51:33 | 000,038,576 | ---- | C] () -- C:\WINDOWS\System32\w3ctrs.ini
[2008/04/14 12:51:33 | 000,010,225 | ---- | C] () -- C:\WINDOWS\System32\axperf.ini
[2008/04/14 12:51:30 | 000,011,435 | ---- | C] () -- C:\WINDOWS\System32\infoctrs.ini
[2008/03/30 20:52:27 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\wklnhst.dat
[2008/03/28 20:46:27 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/01/28 10:42:38 | 000,000,668 | ---- | C] () -- C:\Documents and Settings\Richard Feldman\Application Data\vso_ts_preview.xml
[2008/01/28 10:38:33 | 000,000,034 | ---- | C] () -- C:\Documents and Settings\Richard Feldman\Application Data\pcouffin.log
[2008/01/28 10:37:37 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Richard Feldman\Application Data\pcouffin.cat
[2008/01/28 10:37:36 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Richard Feldman\Application Data\pcouffin.inf
[2008/01/27 23:14:13 | 000,009,728 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2008/01/27 22:48:19 | 000,338,944 | ---- | C] () -- C:\WINDOWS\System32\lffpx7.dll
[2008/01/27 22:48:19 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\lfkodak.dll
[2008/01/27 00:44:05 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\cdTextCtl.dll
[2007/09/12 21:24:27 | 000,001,538 | ---- | C] () -- C:\Documents and Settings\Richard Feldman\Application Data\HPCOM_48BitScanUpdate.log
[2007/09/12 21:24:27 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini
[2007/09/02 13:29:07 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MSDraw.ini
[2007/06/28 06:54:10 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2007/06/28 06:52:18 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2007/06/21 11:06:41 | 000,000,000 | ---- | C] () -- C:\WINDOWS\muveeapp.INI
[2007/04/22 02:00:36 | 000,000,035 | ---- | C] () -- C:\WINDOWS\Studio.INI
[2007/03/18 13:24:40 | 000,000,000 | ---- | C] () -- C:\WINDOWS\frontpg.ini
[2007/03/15 20:19:56 | 000,004,262 | ---- | C] () -- C:\WINDOWS\ATM.INI
[2007/03/15 20:18:33 | 000,027,648 | ---- | C] () -- C:\WINDOWS\PFPICK.DLL
[2007/03/15 20:15:38 | 000,000,032 | ---- | C] () -- C:\WINDOWS\KPCMS.INI
[2007/03/13 13:29:44 | 000,000,138 | ---- | C] () -- C:\Documents and Settings\Richard Feldman\Local Settings\Application Data\fusioncache.dat
[2007/02/27 20:19:24 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2007/01/14 14:21:59 | 000,000,567 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/12/12 22:22:28 | 000,000,162 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/12/12 22:21:11 | 000,000,256 | ---- | C] () -- C:\WINDOWS\Sierra.ini
[2006/11/15 19:44:30 | 000,000,066 | ---- | C] () -- C:\WINDOWS\BBW_INFO.INI
[2006/05/10 12:23:09 | 000,020,992 | ---- | C] () -- C:\WINDOWS\exeshl.dll
[2006/04/16 12:21:44 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2006/04/16 00:27:46 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\Msvcrt10.dll
[2006/03/23 00:33:23 | 000,290,919 | ---- | C] () -- C:\WINDOWS\System32\pythoncom21.dll
[2006/03/23 00:33:23 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\PyWinTypes21.dll
[2006/03/23 00:29:12 | 000,096,768 | ---- | C] () -- C:\WINDOWS\SlantAdj.dll
[2006/03/23 00:29:12 | 000,000,072 | R--- | C] () -- C:\WINDOWS\System32\epDPE.ini
[2006/03/22 23:17:09 | 000,000,029 | ---- | C] () -- C:\WINDOWS\DEBUGSM.INI
[2006/03/22 19:36:00 | 000,000,196 | ---- | C] () -- C:\WINDOWS\EPSON 1260_1660 Installer.ini
[2006/03/22 16:43:04 | 000,000,034 | ---- | C] () -- C:\WINDOWS\hpfsched.ini
[2006/03/12 14:46:08 | 000,045,080 | ---- | C] () -- C:\Documents and Settings\Richard Feldman\Application Data\wklnhst.dat
[2005/09/15 10:40:22 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2005/09/01 17:11:52 | 000,016,768 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPrcMon.sys
[2005/04/29 05:01:09 | 000,028,510 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2005/04/21 14:51:26 | 000,000,020 | ---- | C] () -- C:\WINDOWS\GraphEdit.INI
[2004/08/07 09:19:16 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/08/07 09:12:40 | 000,000,831 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/04 04:00:00 | 000,007,532 | ---- | C] () -- C:\WINDOWS\System32\NT47AEX.DLL
[2004/08/04 04:00:00 | 000,007,532 | ---- | C] () -- C:\WINDOWS\System32\BUGXJM42.DLL
[2004/01/13 14:46:34 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\tifmicon.dll
[2003/12/19 05:00:00 | 000,013,387 | ---- | C] () -- C:\WINDOWS\System32\CinemSup.sys
[2002/09/06 14:36:16 | 000,233,472 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2002/05/15 00:58:38 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\v2k2_dec.dll
[1999/11/11 05:39:00 | 000,481,792 | ---- | C] () -- C:\WINDOWS\System32\RFFTW2dll.dll
[1999/01/27 17:39:06 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll
[1997/06/18 03:00:00 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL
[1997/06/18 03:00:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL
[1997/06/13 11:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll

========== LOP Check ==========

[2008/03/28 22:05:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Grisoft
[2008/03/28 04:03:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\VersionTracker Pro
[2010/02/09 20:56:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\PeerNetworking
[2008/06/15 02:00:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard Feldman\Application Data\.myibay
[2008/11/09 22:04:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard Feldman\Application Data\ACD Systems
[2008/07/05 23:58:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard Feldman\Application Data\Acoustica
[2008/03/10 00:39:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard Feldman\Application Data\albumart
[2008/12/30 12:11:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard Feldman\Application Data\Ashampoo
[2009/04/30 21:36:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard Feldman\Application Data\biu software
[2008/06/01 15:07:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard Feldman\Application Data\BSplayer PRO
[2009/09/08 22:13:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard Feldman\Application Data\DAEMON Tools Lite
[2008/03/03 02:04:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard Feldman\Application Data\dBpoweramp
[2006/03/23 01:04:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard Feldman\Application Data\EPSON
[2010/02/10 02:12:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard Feldman\Application Data\FoxyTunes
[2008/04/30 18:56:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard Feldman\Application Data\gtk-2.0
[2006/11/16 19:50:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard Feldman\Application Data\ieSpell
[2007/08/18 11:01:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard Feldman\Application Data\Image Zone Express
[2009/11/06 22:00:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard Feldman\Application Data\ImgBurn
[2009/03/27 13:48:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard Feldman\Application Data\IObit
[2008/06/12 10:59:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard Feldman\Application Data\IrfanView
[2006/03/20 12:19:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard Feldman\Application Data\Leadertech
[2008/06/01 12:33:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard Feldman\Application Data\LEAPS
[2007/10/22 10:40:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard Feldman\Application Data\Movies Extractor Scout
[2006/03/15 19:42:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard Feldman\Application Data\MSNInstaller
[2010/02/18 13:49:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard Feldman\Application Data\MusE
[2008/10/30 14:25:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard Feldman\Application Data\Netscape
[2009/12/12 23:31:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard Feldman\Application Data\Nuance
[2008/08/05 17:11:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard Feldman\Application Data\Orbit
[2008/03/18 03:52:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard Feldman\Application Data\PCF-VLC
[2008/04/06 12:25:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard Feldman\Application Data\PCToolsFirewallPlus
[2009/01/11 16:01:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard Feldman\Application Data\Pegasys Inc
[2008/10/30 13:56:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard Feldman\Application Data\Photodex
[2007/08/18 11:01:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard Feldman\Application Data\Printer Info Cache
[2008/06/06 15:10:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard Feldman\Application Data\Renegade Minds
[2008/12/03 01:05:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard Feldman\Application Data\ScanSoft
[2010/01/24 23:38:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard Feldman\Application Data\SendSpace Wizard
[2006/06/08 00:12:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard Feldman\Application Data\Snapfish
[2006/03/20 20:46:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard Feldman\Application Data\Template
[2008/05/04 15:42:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard Feldman\Application Data\TuneUp Software
[2008/12/16 23:28:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard Feldman\Application Data\Uniblue
[2010/03/09 12:02:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard Feldman\Application Data\uTorrent
[2008/03/05 11:34:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard Feldman\Application Data\Vso
[2009/01/28 21:27:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard Feldman\Application Data\Windows Live Writer
[2009/01/29 03:54:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard Feldman\Application Data\Windows Search
[2010/01/27 12:04:18 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\OGALogon.job
[2009/10/10 01:39:22 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\SmartDefrag.job
[2010/03/13 18:16:51 | 000,000,308 | -H-- | M] () -- C:\WINDOWS\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
[2010/03/13 18:16:57 | 000,000,308 | -H-- | M] () -- C:\WINDOWS\Tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Richard Feldman\My Documents\ADD- Scott Benedict.jpg:Roxio EMC Stream
< End of report >

Attached Thumbnails

  • chkdsk_r__3_19_10.jpg

Edited by Rich97702, 19 March 2010 - 03:47 PM.

#5 paws

paws

    Tech Team

  • Administrator
  • 6,088 posts

Posted 19 March 2010 - 04:52 PM

Before you do anything else check your back up/copy/archive, make sure its 100% up to date accurate, reproducible and kept safe on removable media. Don't forget to include all your downloaded executables, drivers, especially your network adapters drivers, serial keys including the one for Windows itself, and put all your aplication installation CD/DVD including the Windows disc, in a safe and handy place. Only when you are satisfied you have backed up everything that's important to you should you attempt any further steps........ You could try a repair installation of Windows (non destructive)...usually! and see if this does the trick...if successful be prepared to do a fair few Windows updates! Regards paws
The help you receive here is free. If you wish to show your appreciation, then you may donate to help keep us online. http://www.whatthetech.com/donate

#6 Rich97702

Rich97702

    New Member

  • Authentic Member
  • Pip
  • 14 posts

Posted 19 March 2010 - 05:13 PM

I have no windows discs

Before you do anything else check your back up/copy/archive, make sure its 100% up to date accurate, reproducible...

I will need instructions for this.

#7 paws

paws

    Tech Team

  • Administrator
  • 6,088 posts

Posted 20 March 2010 - 03:31 AM

If for example your backup/copy /archive is kept on an external hard drive then check that it's complete, accurate and reproducible....I.E that you are able to copy it across, if it should become necessary (if your existing machine still won't boot then use another machine to check ...also.......check the dates (file dates) to make sure that its bang up to date...... if you eventually need to format and reinstall then its wise to ensure that everything that is important to you is correctly backed up... You will need the Microsoft XP installation disc, so have a really good search for it, if no joy then go to the retailer form whom you purchased the computer for it..... if no joy with them then go to the computer's manufacturer (you will need to be prepared to pay for them, as a final last resort borrow the correct one from a chum...however if you use it and have to enter the Windows Product key (25 alpha-numerics in 5 groups of 5) then only use the one you are licenced to use. Regards paws

Edited by paws, 20 March 2010 - 03:36 AM.

The help you receive here is free. If you wish to show your appreciation, then you may donate to help keep us online. http://www.whatthetech.com/donate

#8 ken545

ken545

    Forum God

  • Retired Classroom Teacher
  • 23,225 posts
  • Interests:Fighting Malware and cooking some great Italian and TexMex food
  • MVP

Posted 21 March 2010 - 05:21 AM

Hello Paws,

I was looking over Richs OTLPE log and saw a few entries, two I believe should be removed but not related to not booting, but this one needs to be fixed but not sure how to fix it without getting into windows .

O30 - LSA: Authentication Packages - (C:\WINDOWS\system32\geBsrOHx) - File not found

If we could get regedit to run it should be this

REGEDIT4

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"=hex(7):6d,73,76,31,5f,30,00,00


Copy the entire contents inside the Quote box and Paste it into Notepad ( this will only work with Notepad ) name the file Regfix.reg and in the drop down box, save it as All Files. Save it to your desktop. Then Rightclick on the Regfix.reg file and click on Merge, when it asks you to merge with the Registry, say yes.

If you saved the file correctly it should look like this Posted Image

 
 
The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.
donate.gif
 
Find us on Facebook
Please LIKE and SHARE
 
 
Just a reminder that threads will be closed if no reply in 3 days.

#9 paws

paws

    Tech Team

  • Administrator
  • 6,088 posts

Posted 21 March 2010 - 05:40 AM

Much obliged Ken, If I can get his Windows up and running (without a format and reinstall) I'll turn to you and perhaps transfer back to your SpyBot thread ...I'm hopeful that a non destructive reinstall of Windows (Repair) may do the trick.

Edited by paws, 21 March 2010 - 05:45 AM.

The help you receive here is free. If you wish to show your appreciation, then you may donate to help keep us online. http://www.whatthetech.com/donate

#10 ken545

ken545

    Forum God

  • Retired Classroom Teacher
  • 23,225 posts
  • Interests:Fighting Malware and cooking some great Italian and TexMex food
  • MVP

Posted 21 March 2010 - 05:47 AM

Thanks Paws, There really is nothing I can do for Rich until he can boot into windows

 
 
The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.
donate.gif
 
Find us on Facebook
Please LIKE and SHARE
 
 
Just a reminder that threads will be closed if no reply in 3 days.

    Advertisements

Register to Remove

#11 paws

paws

    Tech Team

  • Administrator
  • 6,088 posts

Posted 21 March 2010 - 06:18 AM

Yes Ken, I'll focus all efforts to get him back into Windows so you can then work your magic!
The help you receive here is free. If you wish to show your appreciation, then you may donate to help keep us online. http://www.whatthetech.com/donate

#12 paws

paws

    Tech Team

  • Administrator
  • 6,088 posts

Posted 21 March 2010 - 08:45 AM

Rich97702 Post back when you have checked your backup and have located the Microsoft Windows Installation disc. Regards paws
The help you receive here is free. If you wish to show your appreciation, then you may donate to help keep us online. http://www.whatthetech.com/donate

#13 Rich97702

Rich97702

    New Member

  • Authentic Member
  • Pip
  • 14 posts

Posted 21 March 2010 - 05:06 PM

Will do paws- Thank you. I won't disappear! :thumbup: Rich

#14 Rich97702

Rich97702

    New Member

  • Authentic Member
  • Pip
  • 14 posts

Posted 23 March 2010 - 11:25 PM

Hi Paws- Can you tell me if this disk will do what we need it to?

Attached Images

  • xp_student.jpg

#15 paws

paws

    Tech Team

  • Administrator
  • 6,088 posts

Posted 24 March 2010 - 03:03 AM

Hi, 1 this does not look like the disc that was used to install the version of Windows XP Pro that is currently on your machine, can you confirm please? 2 We can attempt to use this disc for the purposes of accessing the Recovery Console, if we can get in there then we have a chance of doing some good! 3 However if it becomes necessary to do a reinstall of Windows then this disc must only be used if it is legitimate, and you are licensed to use it...can you confirm please? 4 Have you completed the check of your backup/copy/archive to make sure that it is good, up to date, accurate, reproducible and contains everything that is important to you....that is, anything that might cause a problem or difficulty if it was permanently lost....... I would hate you to lose the final draft of your PHd thesis...! or the book that you have been researching and writing for the last 5 years! Please post back with the answers 1 through 4 and we can then proceed. Regards paws
The help you receive here is free. If you wish to show your appreciation, then you may donate to help keep us online. http://www.whatthetech.com/donate

Related Topics

Back to Notebooks · Next Unread Topic →

1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

  1. What the Tech
  2. Hardware
  3. Notebooks
  4. Privacy Policy
  5. Terms of Use ·