Inactive Having the restart in one minute issue with Vista

Status
Not open for further replies.
M

matt k

Having problem with Vista restarting. I see other people have same problem and I have already copied and pasted the log. Waiting to hear from you to go further.


Scan result of Farbar Recovery Scan Tool (FRST written by farbar) Version: 16-04-2012
Ran by SYSTEM at 14-08-2012 13:08:23
Running from K:\
Windows Vista (TM) Home Premium Service Pack 1 (X86) OS Language: English(US)
The current controlset is ControlSet004

========================== Registry (Whitelisted) =============

HKLM\...\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [630784 2007-02-01] (Motorola Inc.)
HKLM\...\Run: [eRecoveryService] [x]
HKLM\...\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume [439568 2010-05-10] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" [x]
HKLM\...\Run: [ddoctorv2] "C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe" /P ddoctorv2 [202560 2008-04-24] (SupportSoft, Inc.)
HKLM\...\Run: [] [x]
HKLM\...\Run: [GIDDesktop] C:\Program Files\SFT\GuardedID\gidd.exe /s [395528 2011-07-05] (StrikeForce Technologies Inc.)
HKLM\...\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe [141848 2008-02-11] (Intel Corporation)
HKLM\...\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe [166424 2008-02-11] (Intel Corporation)
HKLM\...\Run: [Persistence] C:\Windows\system32\igfxpers.exe [133656 2008-02-11] (Intel Corporation)
HKLM\...\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [843712 2012-04-03] (Adobe Systems Incorporated)
HKLM\...\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [931200 2012-03-26] (Microsoft Corporation)
HKLM\...\Run: [DATAMNGR] C:\PROGRA~1\SEARCH~1\Datamngr\DATAMN~1.EXE [1823672 2012-05-20] (Bandoo Media, inc)
HKLM\...\Run: [HostManager] C:\Program Files\Common Files\AOL\1343774815\ee\AOLSoftware.exe [41800 2010-03-07] (AOL Inc.)
HKU\Default\...\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter [x]
HKU\Default User\...\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter [x]
HKU\Dinni2\...\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter [x]
HKU\Guest\...\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter [x]
HKU\RETAIL1\...\Run: [Acer Tour Reminder] [x]
HKU\RETAIL1\...\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe [125952 2008-01-18] (Microsoft Corporation)
HKU\RETAIL1\...\Run: [ComcastAntispyClient] "C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntispy.exe" /hide [1589208 2009-08-19] ()
HKU\RETAIL1\...\Run: [DriverUpdaterPro] C:\Program Files\iXi Tools\Driver Updater Pro\DriverUpdaterPro.exe -t [2539008 2008-10-22] (iXi Tools)
HKU\RETAIL1\...\Run: [SearchEngineProtection] C:\Program Files\Gamesbar\SearchEngineProtection.exe [591248 2011-03-03] (Oberon Media )
HKU\RETAIL1\...\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-18] (Microsoft Corporation)
HKU\RETAIL1\...\Run: [AOL Fast Start] "C:\Program Files\AOL Desktop 9.7\AOL.EXE" -b [42320 2012-04-20] (AOL Inc.)
Winlogon\Notify\DfLogon: LogonDll.dll [X]
Winlogon\Notify\igfxcui: igfxdev.dll (Intel Corporation)
Tcpip\Parameters: [DhcpNameServer] 71.3.0.116 76.2.127.122
AppInit_DLLs: C:\PROGRA~1\SEARCH~1\Datamngr\datamngr.dll C:\PROGRA~1\SEARCH~1\Datamngr\IEBHO.dll

================================ Services (Whitelisted) ==================

4 Acer HomeMedia Connect Service; "C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe" [269448 2007-06-21] (CyberLink)
4 Acer TV Share Service; "C:\Program Files\Acer Arcade Live\Acer TV Share\Kernel\DMSTV\CLMSServer.exe" [269432 2007-06-20] (CyberLink)
4 AcerMemUsageCheckService; C:\Acer\Empowering Technology\ePerformance\MemCheck.exe [28672 2007-04-16] ()
3 AdobeFlashPlayerUpdateSvc; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [250056 2012-08-02] (Adobe Systems Incorporated)
2 AMD External Events Utility; C:\Windows\System32\atiesrxx.exe [176128 2011-04-19] (AMD)
2 AntiSpywareService; C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe [616408 2009-06-17] ()
4 Apple Mobile Device; "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe" [110592 2008-02-18] (Apple, Inc.)
2 ComcastSecureBackupSharebackup; "C:\Program Files\SecureBackupShare\ComcastSecureBackupSharebackup.exe" [15592 2010-12-14] (Secure Backup and Share)
2 eRecoveryService; C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [53248 2007-06-29] (Acer Inc.)
2 gupdate; "C:\Program Files\Google\Update\GoogleUpdate.exe" /svc [136176 2012-04-24] (Google Inc.)
3 gupdatem; "C:\Program Files\Google\Update\GoogleUpdate.exe" /medsvc [136176 2012-04-24] (Google Inc.)
2 IDVaultSvc; "C:\Program Files\Constant Guard Protection Suite\IDVaultSvc.exe" [66160 2012-07-18] (White Sky, Inc.)
2 ITMRTSVC; "C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe" [283912 2007-09-26] (CA, Inc.)
2 MsMpSvc; "C:\Program Files\Microsoft Security Client\MsMpEng.exe" [11552 2012-03-26] (Microsoft Corporation)
2 N360; "C:\Program Files\Norton Security Suite\Engine\5.2.2.3\ccSvcHst.exe" /s "N360" /m "C:\Program Files\Norton Security Suite\Engine\5.2.2.3\diMaster.dll" /prefetch:1 [262584 2011-03-31] (Symantec Corporation)
3 NisSrv; "C:\Program Files\Microsoft Security Client\NisSrv.exe" [214952 2012-03-26] (Microsoft Corporation)
2 RichVideo; "C:\Program Files\CyberLink\Shared Files\RichVideo.exe" [262247 2006-07-19] ()
2 sprtsvc_ddoctorv2; "C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe" /service /P ddoctorv2 [202560 2008-04-24] (SupportSoft, Inc.)
3 Symantec RemoteAssist; "C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe" [394704 2008-01-29] (Symantec, Inc.)
2 CLTNetCnService; "c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon [x]
3 HitmanPro36Crusader; "C:\virus\HitmanPro36.exe" /crusader [x]

========================== Drivers (Whitelisted) =============

3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [7772160 2011-04-19] (ATI Technologies Inc.)
3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [243712 2011-04-19] (Advanced Micro Devices, Inc.)
3 atikmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [7772160 2011-04-19] (ATI Technologies Inc.)
1 BHDrvx86; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20120711.002\BHDrvx86.sys [821920 2012-06-18] (Symantec Corporation)
1 ComcastSecureBackupShareFilter; C:\Windows\System32\DRIVERS\ComcastSecureBackupShare.sys [54776 2010-12-14] (Mozy, Inc.)
1 eeCtrl; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [376480 2012-05-30] (Symantec Corporation)
1 GIDv2; C:\Windows\System32\Drivers\GIDv2.sys [25232 2011-07-05] (StrikeForce Technologies, Inc.)
3 hitmanpro36; \??\C:\Windows\system32\drivers\hitmanpro36.sys [27424 2012-08-14] ()
2 int15; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys [76584 2006-12-07] ()
0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [171064 2012-03-20] (Microsoft Corporation)
4 Mraid35x; C:\Windows\System32\drivers\mraid35x.sys [33384 2006-11-02] (LSI Logic Corporation)
3 MSHUSBVideo; C:\Windows\System32\Drivers\nx6000.sys [30560 2009-07-24] (Microsoft Corporation)
3 NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120806.002\NAVENG.SYS [87928 2012-05-15] (Symantec Corporation)
3 NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120806.002\NAVEX15.SYS [1589752 2012-05-15] (Symantec Corporation)
3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [74112 2012-03-20] (Microsoft Corporation)
3 NTIDrvr; C:\Windows\System32\DRIVERS\NTIDrvr.sys [6144 2007-07-16] (NewTech Infosystems, Inc.)
3 NuidFltr; C:\Windows\System32\DRIVERS\NuidFltr.sys [14736 2009-05-08] (Microsoft Corporation)
3 OmniTV; C:\Windows\System32\DRIVERS\OmniTV.sys [243584 2007-08-06] (YUAN High-Tech Development Co. Ltd.)
3 RTL8169; C:\Windows\System32\DRIVERS\Rtlh86.sys [259176 2010-06-23] (Realtek )
3 smserial; C:\Windows\System32\DRIVERS\smserial.sys [982272 2007-02-01] (Motorola Inc.)
3 SRTSP; C:\Windows\System32\Drivers\N360\0502020.003\SRTSP.SYS [516216 2011-03-30] (Symantec Corporation)
1 SRTSPX; C:\Windows\System32\drivers\N360\0502020.003\SRTSPX.SYS [50168 2011-03-30] (Symantec Corporation)
0 SymDS; C:\Windows\System32\drivers\N360\0502020.003\SYMDS.SYS [340088 2011-01-26] (Symantec Corporation)
0 SymEFA; C:\Windows\System32\drivers\N360\0502020.003\SYMEFA.SYS [744568 2011-03-14] (Symantec Corporation)
3 SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [126584 2011-06-06] (Symantec Corporation)
1 SymIRON; C:\Windows\System32\drivers\N360\0502020.003\Ironx86.SYS [136312 2010-11-15] (Symantec Corporation)
1 SYMTDIv; C:\Windows\System32\Drivers\N360\0502020.003\SYMTDIV.SYS [331384 2011-04-20] (Symantec Corporation)
3 TrueSight; \??\c:\windows\system32\drivers\TrueSight.sys [14080 2012-08-13] ()
4 UlSata; C:\Windows\System32\drivers\ulsata.sys [98408 2006-11-02] (Promise Technology, Inc.)
4 ulsata2; C:\Windows\System32\drivers\ulsata2.sys [115816 2006-11-02] (Promise Technology, Inc.)
3 wanatw; C:\Windows\System32\DRIVERS\wanatw4.sys [33588 2006-11-29] (America Online, Inc.)
4 blbdrive; C:\Windows\System32\drivers\blbdrive.sys [x]
1 IDSVix86; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120727.001\IDSvix86.sys [x]
3 IpInIp; C:\Windows\System32\DRIVERS\ipinip.sys [x]
3 NwlnkFlt; C:\Windows\System32\DRIVERS\nwlnkflt.sys [x]
3 NwlnkFwd; C:\Windows\System32\DRIVERS\nwlnkfwd.sys [x]

========================== NetSvcs (Whitelisted) ===========

============ One Month Created Files and Folders ==============

2012-08-14 08:32 - 2008-06-03 14:56 - 0000000 ____D C:\Users\Dinni2\AppData\Roaming\ID Vault
2012-08-14 08:31 - 2012-08-14 04:24 - 0072152 ____A C:\Users\Dinni2\AppData\Local\GDIPFONTCACHEV1.DAT
2012-08-14 08:31 - 2008-03-10 19:17 - 0000000 ____D C:\Users\Dinni2\AppData\Local\SupportSoft
2012-08-14 08:31 - - 0000000 ____D C:\Users\Dinni2\AppData\Local\AOL
2012-08-14 08:30 - 2012-08-14 08:31 - 0000000 ____D C:\Users\Dinni2\AppData\LocalLow
2012-08-14 08:30 - 2012-08-14 04:24 - 0000000 ____D C:\Users\Dinni2\AppData\Local\VirtualStore
2012-08-14 08:30 - - 0000174 __ASH C:\Users\Dinni2\Start Menu\Programs\Startup\desktop.ini
2012-08-14 08:30 - - 0000174 __ASH C:\Users\Dinni2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
2012-08-14 04:24 - 2012-08-14 08:32 - 0000000 __SHD C:\Users\Dinni2\AppData\Local\Temporary Internet Files
2012-08-14 04:24 - 2012-08-14 08:32 - 0000000 ____D C:\Users\Dinni2\AppData\Roaming\Mozilla
2012-08-14 04:24 - 2012-08-14 08:32 - 0000000 ____D C:\Users\Dinni2\AppData\Roaming\Macromedia
2012-08-14 04:24 - 2012-08-14 08:32 - 0000000 ____D C:\Users\Dinni2\AppData\Local\Apple Computer
2012-08-14 04:24 - 2012-08-14 08:31 - 0000000 __SHD C:\Users\Dinni2\AppData\Local\History
2012-08-14 04:24 - 2012-08-14 08:31 - 0000000 ____D C:\Users\Dinni2\AppData\Local\Microsoft Help
2012-08-14 04:24 - 2012-08-14 08:30 - 0000000 __SHD C:\Users\Dinni2\PrintHood
2012-08-14 04:24 - 2012-08-14 08:30 - 0000000 __SHD C:\Users\Dinni2\My Documents
2012-08-14 04:24 - 2012-08-14 08:30 - 0000000 __SHD C:\Users\Dinni2\Documents\My Music
2012-08-14 04:24 - 2012-08-14 04:26 - 0000020 ___SH C:\Users\Dinni2\ntuser.ini
2012-08-14 04:24 - 2012-08-14 04:24 - 0000000 __SHD C:\Users\Dinni2\Templates
2012-08-14 04:24 - 2012-08-14 04:24 - 0000000 __SHD C:\Users\Dinni2\Start Menu
2012-08-14 04:24 - 2012-08-14 04:24 - 0000000 __SHD C:\Users\Dinni2\NetHood
2012-08-14 04:24 - 2012-08-14 04:24 - 0000000 __SHD C:\Users\Dinni2\Documents\My Videos
2012-08-14 04:24 - 2012-08-14 04:24 - 0000000 __SHD C:\Users\Dinni2\Documents\My Pictures
2012-08-14 04:24 - 2009-10-24 19:02 - 0000000 ____D C:\Users\Dinni2\AppData\Roaming\Media Center Programs
2012-08-14 04:24 - 2008-06-23 17:24 - 0000000 ____D C:\users\Dinni2
2012-08-14 04:24 - 2008-03-11 11:54 - 0000000 ____D C:\Users\Dinni2\AppData\Roaming\CallingID
2012-08-14 04:24 - - 0000000 ____D C:\Users\Dinni2\AppData\Roaming\Apple Computer
2012-08-14 04:08 - 2012-08-13 08:35 - 0000262 ____A C:\rkill.log
2012-08-13 12:09 - 2009-04-10 22:32 - 0014080 ____A C:\Windows\System32\Drivers\TrueSight.sys
2012-08-13 10:03 - 2012-08-13 10:04 - 0000020 __ASH C:\Users\Guest\ntuser.ini
2012-08-13 10:03 - 2012-08-13 10:03 - 0000000 __SHD C:\Users\Guest\Templates
2012-08-13 10:03 - 2012-08-13 10:03 - 0000000 __SHD C:\Users\Guest\Start Menu
2012-08-13 10:03 - 2012-08-13 10:03 - 0000000 __SHD C:\Users\Guest\NetHood
2012-08-13 10:03 - 2012-08-13 10:03 - 0000000 __SHD C:\Users\Guest\Documents\My Videos
2012-08-13 10:03 - 2012-08-13 10:03 - 0000000 __SHD C:\Users\Guest\Documents\My Pictures
2012-08-13 10:03 - 2012-08-13 10:03 - 0000000 __SHD C:\Users\Guest\AppData\Local\History
2012-08-13 10:03 - 2009-10-24 19:02 - 0000000 ____D C:\Users\Guest\AppData\Roaming\Media Center Programs
2012-08-13 10:03 - 2008-06-03 14:56 - 0000000 ____D C:\Users\Guest\AppData\Roaming\Macromedia
2012-08-13 10:03 - 2008-03-11 11:54 - 0000000 ____D C:\Users\Guest\AppData\Roaming\CallingID
2012-08-13 10:03 - 2008-02-01 12:59 - 0000000 ____D C:\users\Guest
2012-08-13 10:03 - 2006-11-02 03:18 - 0000000 ____D C:\Users\Guest\AppData\Roaming\Mozilla
2012-08-13 10:03 - 2006-11-02 03:18 - 0000000 ____D C:\Users\Guest\AppData\Local\Microsoft Help
2012-08-13 10:03 - 2006-11-02 02:23 - 0000000 __SHD C:\Users\Guest\PrintHood
2012-08-13 10:03 - 2006-11-02 02:23 - 0000000 __SHD C:\Users\Guest\My Documents
2012-08-13 10:03 - 2006-11-02 02:23 - 0000000 __SHD C:\Users\Guest\AppData\Local\Temporary Internet Files
2012-08-13 10:03 - - 0000000 __SHD C:\Users\Guest\Documents\My Music
2012-08-13 10:03 - - 0000000 ____D C:\Users\Guest\AppData\Roaming\Apple Computer
2012-08-13 10:03 - - 0000000 ____D C:\Users\Guest\AppData\Local\Apple Computer
2012-08-13 09:48 - 2006-11-02 01:04 - 0043480 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\pjyceruq.sys
2012-08-13 09:42 - 2008-11-20 11:19 - 0043480 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\pylbnchy.sys
2012-08-13 08:58 - 2012-08-13 08:51 - 0004278 ____A C:\Windows\System32\.crusader
2012-08-13 08:58 - 2008-01-18 23:33 - 0012872 ____A (SurfRight B.V.) C:\Windows\System32\bootdelete.exe
2012-08-13 08:51 - 2009-04-10 20:42 - 0027424 ____A C:\Windows\System32\Drivers\hitmanpro36.sys
2012-08-13 08:51 - 2007-01-11 01:50 - 0000000 __SHD C:\Windows\System32\%APPDATA%
2012-08-13 08:35 - 2012-08-14 08:32 - 0121472 ____A C:\TDSSKiller.2.7.29.0_13.08.2012_12.35.12_log.txt
2012-08-13 08:35 - 2012-05-16 12:24 - 0000000 ____D C:\Users\All Users\HitmanPro
2012-08-13 08:35 - 2012-05-16 12:24 - 0000000 ____D C:\ProgramData\HitmanPro
2012-08-13 07:49 - 2012-08-13 07:45 - 0138264 ____A C:\Windows\Minidump\Mini081312-02.dmp
2012-08-13 07:45 - 2012-08-11 13:14 - 0138264 ____A C:\Windows\Minidump\Mini081312-01.dmp
2012-08-11 13:14 - 2012-08-11 04:29 - 0138264 ____A C:\Windows\Minidump\Mini081112-02.dmp
2012-08-11 04:29 - 2012-08-10 11:30 - 0138264 ____A C:\Windows\Minidump\Mini081112-01.dmp
2012-08-10 11:30 - 2012-08-10 11:24 - 0138264 ____A C:\Windows\Minidump\Mini081012-03.dmp
2012-08-10 11:24 - 2012-08-10 11:20 - 0138264 ____A C:\Windows\Minidump\Mini081012-02.dmp
2012-08-10 11:20 - 2012-08-07 16:42 - 0138264 ____A C:\Windows\Minidump\Mini081012-01.dmp
2012-08-07 16:42 - 2012-08-06 17:06 - 0138264 ____A C:\Windows\Minidump\Mini080712-01.dmp
2012-08-06 17:06 - 2012-08-06 15:14 - 0138264 ____A C:\Windows\Minidump\Mini080612-06.dmp
2012-08-06 15:14 - 2012-08-06 14:44 - 0138264 ____A C:\Windows\Minidump\Mini080612-05.dmp
2012-08-06 14:44 - 2012-08-06 14:41 - 0138264 ____A C:\Windows\Minidump\Mini080612-04.dmp
2012-08-06 14:41 - 2012-08-06 10:35 - 0138264 ____A C:\Windows\Minidump\Mini080612-03.dmp
2012-08-06 10:35 - 2012-08-06 10:31 - 0138264 ____A C:\Windows\Minidump\Mini080612-02.dmp
2012-08-06 10:31 - - 0138264 ____A C:\Windows\Minidump\Mini080612-01.dmp
2012-08-02 16:21 - 2011-12-05 15:14 - 0001895 ____A C:\Users\RETAIL1\Documents\Dinni's Resume Sales and CS.txt
2012-07-31 15:23 - 2012-07-01 17:05 - 0290432 ____A C:\Users\RETAIL1\Documents\2012-07-21_17-58-33_215.jpg
2012-07-31 14:50 - 2012-04-24 07:16 - 0000802 ____A C:\Users\Public\Desktop\AOL Desktop 9.7.lnk
2012-07-31 14:50 - 2010-07-13 13:35 - 0058696 ____A (AOL Inc.) C:\Windows\System32\AOLParconLink.exe
2012-07-31 14:46 - 2012-07-31 14:50 - 0000000 ____D C:\Program Files\Common Files\aolshare
2012-07-31 14:46 - 2012-07-31 14:46 - 0000000 ____D C:\Program Files\AOL Desktop 9.7
2012-07-31 14:46 - 2012-04-24 07:15 - 0000000 ____D C:\Program Files\AOL
2012-07-30 07:07 - 2010-07-14 07:48 - 2878546 ____A C:\Users\RETAIL1\Documents\The_Front_Fell_Off.wmv
2012-07-30 06:58 - 2012-03-08 16:58 - 0974803 ____A C:\Users\RETAIL1\Documents\photo.jpg
2012-07-27 03:59 - 2012-07-27 03:59 - 0073814 ____A C:\Users\RETAIL1\Documents\livingsocial_voucher_100089817278.zip
2012-07-27 03:59 - 2012-02-14 09:38 - 0000000 ____D C:\Users\RETAIL1\Documents\livingsocial_voucher_100089817278
2012-07-23 17:27 - 2008-05-17 10:09 - 0172996 ____A C:\Users\RETAIL1\Documents\FormRequest.pdf


============ 3 Months Modified Files and Folders ===============

2012-08-14 13:08 - 2012-08-14 13:08 - 0000000 ____D C:\FRST
2012-08-14 09:03 - 2012-04-24 07:16 - 0000884 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2012-08-14 09:03 - 2009-09-10 17:45 - 0279552 ____A (Microsoft Corporation) C:\Windows\System32\services.exe
2012-08-14 09:02 - 2011-08-22 07:32 - 0000400 ____A C:\Windows\Tasks\DriverCure Startup.job
2012-08-14 09:01 - 2006-11-02 05:01 - 0000006 ___AH C:\Windows\Tasks\SA.DAT
2012-08-14 09:01 - 2006-11-02 04:47 - 0003168 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2012-08-14 09:01 - 2006-11-02 04:47 - 0003168 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2012-08-14 08:53 - 2006-11-02 05:01 - 0032656 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2012-08-14 08:33 - 2006-11-02 04:47 - 0299432 ____A C:\Windows\System32\FNTCACHE.DAT
2012-08-14 08:32 - 2012-08-14 08:32 - 0000000 ____D C:\Users\Dinni2\AppData\Roaming\ID Vault
2012-08-14 08:32 - 2012-08-14 08:31 - 0000000 ____D C:\Users\Dinni2\AppData\Local\AOL
2012-08-14 08:31 - 2012-08-14 08:31 - 0072152 ____A C:\Users\Dinni2\AppData\Local\GDIPFONTCACHEV1.DAT
2012-08-14 08:31 - 2012-08-14 08:31 - 0000000 ____D C:\Users\Dinni2\AppData\Local\SupportSoft
2012-08-14 08:31 - 2012-08-14 08:30 - 0000000 ____D C:\Users\Dinni2\AppData\LocalLow
2012-08-14 08:31 - 2012-08-14 08:30 - 0000000 ____D C:\Users\Dinni2\AppData\Local\VirtualStore
2012-08-14 08:30 - 2012-08-14 08:30 - 0000174 __ASH C:\Users\Dinni2\Start Menu\Programs\Startup\desktop.ini
2012-08-14 08:30 - 2012-08-14 08:30 - 0000174 __ASH C:\Users\Dinni2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
2012-08-14 08:30 - 2012-08-14 04:24 - 0000000 ____D C:\users\Dinni2
2012-08-14 08:28 - 2012-08-13 08:51 - 0027424 ____A C:\Windows\System32\Drivers\hitmanpro36.sys
2012-08-14 08:27 - 2011-08-16 22:04 - 4072746 ____A C:\Windows\ntbtlog.txt
2012-08-14 04:24 - 2012-08-14 04:24 - 0000020 ___SH C:\Users\Dinni2\ntuser.ini
2012-08-14 04:24 - 2012-08-14 04:24 - 0000000 __SHD C:\Users\Dinni2\Templates
2012-08-14 04:24 - 2012-08-14 04:24 - 0000000 __SHD C:\Users\Dinni2\Start Menu
2012-08-14 04:24 - 2012-08-14 04:24 - 0000000 __SHD C:\Users\Dinni2\PrintHood
2012-08-14 04:24 - 2012-08-14 04:24 - 0000000 __SHD C:\Users\Dinni2\NetHood
2012-08-14 04:24 - 2012-08-14 04:24 - 0000000 __SHD C:\Users\Dinni2\My Documents
2012-08-14 04:24 - 2012-08-14 04:24 - 0000000 __SHD C:\Users\Dinni2\Documents\My Videos
2012-08-14 04:24 - 2012-08-14 04:24 - 0000000 __SHD C:\Users\Dinni2\Documents\My Pictures
2012-08-14 04:24 - 2012-08-14 04:24 - 0000000 __SHD C:\Users\Dinni2\Documents\My Music
2012-08-14 04:24 - 2012-08-14 04:24 - 0000000 __SHD C:\Users\Dinni2\AppData\Local\Temporary Internet Files
2012-08-14 04:24 - 2012-08-14 04:24 - 0000000 __SHD C:\Users\Dinni2\AppData\Local\History
2012-08-14 04:24 - 2007-08-28 00:04 - 0000000 __SHD C:\$RECYCLE.BIN
2012-08-14 04:08 - 2012-08-14 04:08 - 0000262 ____A C:\rkill.log
2012-08-13 12:09 - 2012-08-13 12:09 - 0014080 ____A C:\Windows\System32\Drivers\TrueSight.sys
2012-08-13 10:03 - 2012-08-13 10:03 - 0000020 __ASH C:\Users\Guest\ntuser.ini
2012-08-13 10:03 - 2012-08-13 10:03 - 0000000 __SHD C:\Users\Guest\Templates
2012-08-13 10:03 - 2012-08-13 10:03 - 0000000 __SHD C:\Users\Guest\Start Menu
2012-08-13 10:03 - 2012-08-13 10:03 - 0000000 __SHD C:\Users\Guest\PrintHood
2012-08-13 10:03 - 2012-08-13 10:03 - 0000000 __SHD C:\Users\Guest\NetHood
2012-08-13 10:03 - 2012-08-13 10:03 - 0000000 __SHD C:\Users\Guest\My Documents
2012-08-13 10:03 - 2012-08-13 10:03 - 0000000 __SHD C:\Users\Guest\Documents\My Videos
2012-08-13 10:03 - 2012-08-13 10:03 - 0000000 __SHD C:\Users\Guest\Documents\My Pictures
2012-08-13 10:03 - 2012-08-13 10:03 - 0000000 __SHD C:\Users\Guest\Documents\My Music
2012-08-13 10:03 - 2012-08-13 10:03 - 0000000 __SHD C:\Users\Guest\AppData\Local\Temporary Internet Files
2012-08-13 10:03 - 2012-08-13 10:03 - 0000000 __SHD C:\Users\Guest\AppData\Local\History
2012-08-13 10:03 - 2012-08-13 10:03 - 0000000 ____D C:\users\Guest
2012-08-13 10:00 - 2007-08-27 23:57 - 1460985 ____A C:\Windows\WindowsUpdate.log
2012-08-13 09:48 - 2012-08-13 09:48 - 0043480 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\pjyceruq.sys
2012-08-13 09:42 - 2012-08-13 09:42 - 0043480 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\pylbnchy.sys
2012-08-13 09:04 - 2011-06-06 13:53 - 0000000 ____D C:\Users\RETAIL1\AppData\Roaming\ID Vault
2012-08-13 09:02 - 2011-06-18 13:12 - 0002215 ____A C:\Windows\setupact.log
2012-08-13 08:58 - 2012-08-13 08:58 - 0012872 ____A (SurfRight B.V.) C:\Windows\System32\bootdelete.exe
2012-08-13 08:58 - 2012-08-13 08:58 - 0004278 ____A C:\Windows\System32\.crusader
2012-08-13 08:58 - 2012-08-13 08:35 - 0000000 ____D C:\Users\All Users\HitmanPro
2012-08-13 08:58 - 2012-08-13 08:35 - 0000000 ____D C:\ProgramData\HitmanPro
2012-08-13 08:51 - 2012-08-13 08:51 - 0000000 __SHD C:\Windows\System32\%APPDATA%
2012-08-13 08:49 - 2006-11-02 02:33 - 0706586 ____A C:\Windows\System32\PerfStringBackup.INI
2012-08-13 08:35 - 2012-08-13 08:35 - 0121472 ____A C:\TDSSKiller.2.7.29.0_13.08.2012_12.35.12_log.txt
2012-08-13 07:56 - 2011-06-06 14:26 - 0212492 ____A C:\Windows\PFRO.log
2012-08-13 07:49 - 2012-08-13 07:49 - 0138264 ____A C:\Windows\Minidump\Mini081312-02.dmp
2012-08-13 07:49 - 2011-08-16 22:04 - 204433079 ____A C:\Windows\MEMORY.DMP
2012-08-13 07:49 - 2008-02-04 12:53 - 0000000 ____D C:\Windows\Minidump
2012-08-13 07:45 - 2012-08-13 07:45 - 0138264 ____A C:\Windows\Minidump\Mini081312-01.dmp
2012-08-12 16:20 - 2012-06-12 11:02 - 0000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2012-08-11 13:14 - 2012-08-11 13:14 - 0138264 ____A C:\Windows\Minidump\Mini081112-02.dmp
2012-08-11 04:29 - 2012-08-11 04:29 - 0138264 ____A C:\Windows\Minidump\Mini081112-01.dmp
2012-08-10 11:30 - 2012-08-10 11:30 - 0138264 ____A C:\Windows\Minidump\Mini081012-03.dmp
2012-08-10 11:24 - 2012-08-10 11:24 - 0138264 ____A C:\Windows\Minidump\Mini081012-02.dmp
2012-08-10 11:20 - 2012-08-10 11:20 - 0138264 ____A C:\Windows\Minidump\Mini081012-01.dmp
2012-08-07 16:42 - 2012-08-07 16:42 - 0138264 ____A C:\Windows\Minidump\Mini080712-01.dmp
2012-08-06 17:06 - 2012-08-06 17:06 - 0138264 ____A C:\Windows\Minidump\Mini080612-06.dmp
2012-08-06 15:14 - 2012-08-06 15:14 - 0138264 ____A C:\Windows\Minidump\Mini080612-05.dmp
2012-08-06 14:44 - 2012-08-06 14:44 - 0138264 ____A C:\Windows\Minidump\Mini080612-04.dmp
2012-08-06 14:41 - 2012-08-06 14:41 - 0138264 ____A C:\Windows\Minidump\Mini080612-03.dmp
2012-08-06 10:35 - 2012-08-06 10:35 - 0138264 ____A C:\Windows\Minidump\Mini080612-02.dmp
2012-08-06 10:31 - 2012-08-06 10:31 - 0138264 ____A C:\Windows\Minidump\Mini080612-01.dmp
2012-08-06 10:25 - 2011-08-22 07:32 - 0000384 ____A C:\Windows\Tasks\DriverCure.job
2012-08-06 09:29 - 2012-04-24 07:16 - 0000888 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2012-08-05 14:31 - 2010-12-14 08:06 - 0003252 ____A C:\Windows\ComcastSecureBackupShare.blk
2012-08-05 14:31 - 2010-12-14 08:06 - 0001018 ____A C:\Windows\ComcastSecureBackupShare.flt
2012-08-05 14:00 - 2011-08-22 07:32 - 0000448 ____A C:\Windows\Tasks\ParetoLogic Registration3.job
2012-08-05 05:51 - 2011-05-02 14:09 - 0000364 ____A C:\Windows\Tasks\TuneUpMedic_scan_schedule_task_2e0da760-b404-4c61-bc24-7c8925590629.job
2012-08-05 00:04 - 2011-08-22 07:32 - 0000000 ____D C:\Users\All Users\DriverCure
2012-08-05 00:04 - 2011-08-22 07:32 - 0000000 ____D C:\ProgramData\DriverCure
2012-08-04 23:00 - 2011-05-02 14:08 - 0000000 ____D C:\Program Files\TuneUpMedic
2012-08-02 16:33 - 2008-02-05 08:18 - 0027914 ____A C:\Users\RETAIL1\AppData\Roaming\wklnhst.dat
2012-08-02 16:24 - 2012-08-02 16:21 - 0001895 ____A C:\Users\RETAIL1\Documents\Dinni's Resume Sales and CS.txt
2012-08-02 14:15 - 2012-06-12 11:02 - 0426184 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2012-08-02 14:15 - 2011-05-16 13:20 - 0070344 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2012-08-02 00:36 - 2012-04-24 07:17 - 0001935 ____A C:\Users\Public\Desktop\Google Chrome.lnk
2012-07-31 15:23 - 2012-07-31 15:23 - 0290432 ____A C:\Users\RETAIL1\Documents\2012-07-21_17-58-33_215.jpg
2012-07-31 14:51 - 2012-07-31 14:46 - 0000000 ____D C:\Program Files\AOL Desktop 9.7
2012-07-31 14:51 - 2012-01-01 07:11 - 0091904 ____A C:\install.log
2012-07-31 14:51 - 2008-02-04 12:50 - 0000000 ____D C:\Users\RETAIL1\AppData\Roaming\AOL
2012-07-31 14:50 - 2012-07-31 14:50 - 0000802 ____A C:\Users\Public\Desktop\AOL Desktop 9.7.lnk
2012-07-31 14:50 - 2012-07-31 14:46 - 0000000 ____D C:\Program Files\Common Files\aolshare
2012-07-31 14:50 - 2008-02-04 12:48 - 0000000 ____D C:\Users\All Users\AOL
2012-07-31 14:50 - 2008-02-04 12:48 - 0000000 ____D C:\ProgramData\AOL
2012-07-31 14:50 - 2008-02-04 12:48 - 0000000 ____D C:\Program Files\Common Files\aol
2012-07-31 14:46 - 2012-07-31 14:46 - 0000000 ____D C:\Program Files\AOL
2012-07-31 04:18 - 2011-08-22 07:32 - 0000422 ____A C:\Windows\Tasks\ParetoLogic Update Version3.job
2012-07-30 10:36 - 2012-01-08 16:11 - 0002010 ____A C:\Users\Public\Desktop\Constant Guard.lnk
2012-07-30 10:36 - 2011-06-16 06:28 - 0002028 ____A C:\Users\All Users\Start Menu\Programs\Startup\Constant Guard.lnk
2012-07-30 10:36 - 2011-06-06 13:52 - 0000000 ____D C:\Program Files\Constant Guard Protection Suite
2012-07-30 10:31 - 2012-02-16 00:28 - 0002214 ____A C:\Users\Public\Desktop\Norton Security Suite.lnk
2012-07-30 10:31 - 2011-06-06 13:55 - 0000000 ____D C:\Windows\System32\Drivers\N360
2012-07-30 10:28 - 2008-02-04 12:50 - 0000000 ____D C:\Users\RETAIL1\AppData\Local\AOL
2012-07-30 10:25 - 2012-04-15 07:44 - 0000010 ____A C:\Windows\msoffice.ini
2012-07-30 10:25 - 2008-02-04 12:49 - 0000000 ____D C:\Users\Public\Documents\AOL Downloads
2012-07-30 07:07 - 2012-07-30 07:07 - 2878546 ____A C:\Users\RETAIL1\Documents\The_Front_Fell_Off.wmv
2012-07-30 06:58 - 2012-07-30 06:58 - 0974803 ____A C:\Users\RETAIL1\Documents\photo.jpg
2012-07-29 18:55 - 2011-06-07 19:30 - 0000000 ____D C:\Users\RETAIL1\AppData\Local\CrashDumps
2012-07-27 03:59 - 2012-07-27 03:59 - 0073814 ____A C:\Users\RETAIL1\Documents\livingsocial_voucher_100089817278.zip
2012-07-27 03:59 - 2012-07-27 03:59 - 0000000 ____D C:\Users\RETAIL1\Documents\livingsocial_voucher_100089817278
2012-07-23 17:27 - 2012-07-23 17:27 - 0172996 ____A C:\Users\RETAIL1\Documents\FormRequest.pdf
2012-07-11 23:43 - 2006-11-02 03:18 - 0000000 ____D C:\Windows\rescache
2012-07-11 23:08 - 2007-07-16 22:24 - 0000000 ____D C:\Users\All Users\Microsoft Help
2012-07-11 23:08 - 2007-07-16 22:24 - 0000000 ____D C:\ProgramData\Microsoft Help
2012-07-11 23:03 - 2006-11-02 02:24 - 57442464 ____A (Microsoft Corporation) C:\Windows\System32\mrt.exe
2012-07-05 17:48 - 2012-07-05 17:47 - 0000000 ____D C:\Users\RETAIL1\Documents\IMG_0428
2012-07-05 17:47 - 2012-07-05 17:47 - 6626335 ____A C:\Users\RETAIL1\Documents\IMG_0428.zip
2012-07-03 16:16 - 2012-07-03 16:16 - 0033623 ____A C:\Users\RETAIL1\Documents\JULY2012SALESSCHEDULE(2).pdf
2012-07-03 16:13 - 2012-07-03 16:13 - 8316085 ____A C:\Users\RETAIL1\Documents\IMG_0410.zip
2012-07-03 16:13 - 2012-07-03 16:13 - 0000000 ____D C:\Users\RETAIL1\Documents\IMG_0410
2012-07-01 17:05 - 2012-07-01 17:04 - 1070379 ____A C:\Users\RETAIL1\Documents\2012-06-29_08-53-20_735.jpg
2012-06-21 09:03 - 2010-09-22 17:25 - 0000000 ____D C:\Users\RETAIL1\Documents\Divorce and Marriage License
2012-06-21 09:00 - 2008-05-21 17:20 - 0017920 ____A C:\Users\RETAIL1\Documents\Corkie.wps
2012-06-21 08:43 - 2008-04-22 05:56 - 0010240 ____A C:\Users\RETAIL1\Documents\FAX COVER.wps
2012-06-13 23:42 - 2006-11-02 03:18 - 0000000 ____D C:\Windows\Microsoft.NET
2012-06-13 05:40 - 2012-07-11 23:08 - 2047488 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-06-11 18:49 - 2012-06-11 12:58 - 0353687 ____A C:\Users\RETAIL1\Documents\IMG_7299.jpg
2012-06-09 05:26 - 2012-06-09 05:25 - 2216924 ____A C:\Users\RETAIL1\Documents\IMG_4239.jpg
2012-06-08 09:47 - 2012-07-11 00:30 - 11586048 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2012-06-06 17:23 - 2012-06-06 17:23 - 0012173 ____A C:\Users\RETAIL1\Documents\Senior Discounts List.html
2012-06-05 18:05 - 2012-06-05 18:05 - 5807359 ____A C:\Users\RETAIL1\Documents\image001.zip
2012-06-05 18:05 - 2012-06-05 18:05 - 0000000 ____D C:\Users\RETAIL1\Documents\image001
2012-06-05 08:47 - 2012-07-11 00:30 - 1401856 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll
2012-06-05 08:47 - 2012-07-11 00:30 - 1248768 ____A (Microsoft Corporation) C:\Windows\System32\msxml3.dll
2012-06-04 07:26 - 2012-07-11 00:30 - 0440704 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2012-06-03 07:15 - 2012-06-03 07:15 - 0000000 ____D C:\Program Files\Common Files\Software Update Utility
2012-06-03 07:13 - 2012-06-03 07:13 - 0000000 ____D C:\Users\All Users\AOL OCP
2012-06-03 07:13 - 2012-06-03 07:13 - 0000000 ____D C:\ProgramData\AOL OCP
2012-06-03 07:01 - 2012-07-31 14:50 - 0058696 ____A (AOL Inc.) C:\Windows\System32\AOLParconLink.exe
2012-06-03 06:02 - 2012-06-03 06:01 - 0000000 ____D C:\Users\RETAIL1\AppData\Local\{23DDB18A-E790-4F4C-BDE2-9B1013BE5166}
2012-06-03 06:01 - 2012-06-03 06:01 - 0000000 ____D C:\Users\RETAIL1\AppData\Local\{FC1AF112-BEB8-40C7-B118-38A3CAB5ACF2}
2012-06-02 18:01 - 2012-06-02 18:01 - 0000963 ____A C:\Users\RETAIL1\Desktop\Retry AOL Desktop Installation.lnk
2012-06-02 17:59 - 2008-02-04 12:43 - 0000000 ____D C:\Users\All Users\AOL Downloads
2012-06-02 17:59 - 2008-02-04 12:43 - 0000000 ____D C:\ProgramData\AOL Downloads
2012-06-02 17:47 - 2006-11-02 02:23 - 0000144 ____A C:\Windows\win.ini
2012-06-02 14:19 - 2012-07-01 13:13 - 1933848 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2012-06-02 14:19 - 2012-07-01 13:13 - 0577048 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2012-06-02 14:19 - 2012-07-01 13:13 - 0053784 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2012-06-02 14:19 - 2012-07-01 13:13 - 0045080 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll
2012-06-02 14:19 - 2012-07-01 13:13 - 0035864 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll
2012-06-02 14:12 - 2012-07-01 13:13 - 2422272 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2012-06-02 14:12 - 2012-07-01 13:13 - 0088576 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2012-06-02 11:19 - 2012-07-01 13:13 - 0171904 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2012-06-02 11:12 - 2012-07-01 13:13 - 0033792 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2012-06-02 01:07 - 2012-07-11 23:02 - 12314624 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-06-02 00:43 - 2012-07-11 23:02 - 9737728 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-06-02 00:33 - 2012-07-11 23:02 - 1800192 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-06-02 00:26 - 2012-07-11 23:02 - 1103872 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-06-02 00:25 - 2012-07-11 23:02 - 1427968 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-06-02 00:25 - 2012-07-11 23:02 - 1129472 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-06-02 00:23 - 2012-07-11 23:02 - 0231936 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-06-02 00:21 - 2012-07-11 23:02 - 0065024 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-06-02 00:20 - 2012-07-11 23:02 - 0142848 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-06-02 00:19 - 2012-07-11 23:02 - 1793024 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-06-02 00:19 - 2012-07-11 23:02 - 0716800 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-06-02 00:17 - 2012-07-11 23:02 - 0073216 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-06-02 00:16 - 2012-07-11 23:02 - 2382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-06-02 00:14 - 2012-07-11 23:02 - 0176640 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-06-01 16:04 - 2012-07-11 00:30 - 0278528 ____A (Microsoft Corporation) C:\Windows\System32\schannel.dll
2012-06-01 16:03 - 2012-07-11 00:30 - 0204288 ____A (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
2012-05-29 18:15 - 2012-05-29 18:15 - 0096441 ____A C:\Users\RETAIL1\Documents\Plan%20598.pdf
2012-05-29 16:16 - 2012-05-29 16:16 - 0857566 ____A C:\Users\RETAIL1\Documents\2012-05-29_19-53-16_407.jpg
2012-05-26 18:25 - 2012-05-26 18:19 - 0000000 ____D C:\Program Files\iLivid
2012-05-26 18:24 - 2012-05-26 18:17 - 0000000 ____D C:\Program Files\Searchqu Toolbar
2012-05-26 18:24 - 2007-10-03 04:55 - 0000000 ____D C:\Users\RETAIL1\AppData\LocalLow
2012-05-26 18:20 - 2012-05-26 18:20 - 0000000 ____D C:\Users\RETAIL1\AppData\Local\Ilivid Player
2012-05-26 18:17 - 2012-05-26 18:17 - 0000000 ____D C:\Users\All Users\boost_interprocess
2012-05-26 18:17 - 2012-05-26 18:17 - 0000000 ____D C:\ProgramData\boost_interprocess
2012-05-26 18:16 - 2012-05-26 18:16 - 0000000 ____D C:\Users\RETAIL1\AppData\Local\Conduit
2012-05-26 18:16 - 2012-05-26 18:16 - 0000000 ____D C:\Program Files\Produtools_Manuals_2.1
2012-05-26 18:16 - 2012-05-26 18:16 - 0000000 ____D C:\Program Files\Conduit
2012-05-25 14:39 - 2012-05-25 14:39 - 1197988 ____A C:\Users\RETAIL1\Documents\2012-05-25_12-12-34_155.jpg
2012-05-25 14:37 - 2012-05-25 14:37 - 1460977 ____A C:\Users\RETAIL1\Documents\2012-05-25_12-12-40_329.jpg
2012-05-25 14:36 - 2012-05-25 14:36 - 1162160 ____A C:\Users\RETAIL1\Documents\2012-05-25_14-12-38_90.jpg
2012-05-24 16:28 - 2012-05-24 16:28 - 1324958 ____A C:\Users\RETAIL1\Documents\2012-05-24_15-48-54_388.jpg
2012-05-24 16:27 - 2012-05-24 16:27 - 0802208 ____A C:\Users\RETAIL1\Documents\2012-05-24_15-49-45_862.jpg
2012-05-24 16:27 - 2012-05-24 16:27 - 0118538 ____A C:\Users\RETAIL1\Documents\IMG951063.jpg
2012-05-20 14:13 - 2012-05-20 14:13 - 0037576 ____A C:\Users\RETAIL1\Documents\.facebook_2085943802.jpg
2012-05-20 09:50 - 2012-05-20 09:50 - 0000000 ____D C:\Users\RETAIL1\Documents\hotel012
2012-05-20 09:50 - 2012-05-20 09:49 - 14810692 ____A C:\Users\RETAIL1\Documents\hotel012.zip
2012-05-20 09:43 - 2012-05-20 09:43 - 0866806 ____A C:\Users\RETAIL1\Documents\2012-05-20_10-32-42_438.jpg
2012-05-20 03:57 - 2009-12-29 19:40 - 0000000 ____D C:\Program Files\Microsoft Silverlight
2012-05-17 17:54 - 2012-05-17 17:54 - 1121116 ____A C:\Users\RETAIL1\Documents\sean 3.jpg
2012-05-17 17:54 - 2012-05-17 17:54 - 1119590 ____A C:\Users\RETAIL1\Documents\sean 2.jpg
2012-05-17 17:53 - 2012-05-17 17:53 - 1221353 ____A C:\Users\RETAIL1\Documents\Sean 1.jpg

========================= Known DLLs (Whitelisted) ============


========================= Bamital & volsnap Check ============

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

========================= Memory info ======================

Percentage of memory in use: 14%
Total physical RAM: 3061.57 MB
Available physical RAM: 2619.59 MB
Total Pagefile: 2834.22 MB
Available Pagefile: 2687.99 MB
Total Virtual: 2047.88 MB
Available Virtual: 1974.32 MB

======================= Partitions =========================

1 Drive c: (ACER) (Fixed) (Total:228.13 GB) (Free:151.63 GB) NTFS ==>[Drive with boot components (obtanied from BCD)]
2 Drive d: (DATA) (Fixed) (Total:227.87 GB) (Free:208.33 GB) NTFS
3 Drive e: (FRMCFRE_EN_DVD) (CDROM) (Total:2.87 GB) (Free:0 GB) UDF
4 Drive f: (PQSERVICE) (Fixed) (Total:9.76 GB) (Free:2.47 GB) NTFS ==>[System with boot components (obtained from reading drive)]
9 Drive k: (ADATA UFD) (Removable) (Total:7.59 GB) (Free:7.31 GB) FAT32
10 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

Disk ### Status Size Free Dyn Gpt
-------- ---------- ------- ------- --- ---
Disk 0 Online 466 GB 0 B
Disk 1 No Media 0 B 0 B
Disk 2 No Media 0 B 0 B
Disk 3 No Media 0 B 0 B
Disk 4 No Media 0 B 0 B
Disk 5 Online 7788 MB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 OEM 10 GB 32 KB
Partition 2 Primary 228 GB 10 GB
Partition 3 Primary 228 GB 238 GB

======================================================================================================

Disk: 0
Partition 1
Type : 27
Hidden: Yes
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 8 F PQSERVICE NTFS Partition 10 GB Healthy Hidden

======================================================================================================

Disk: 0
Partition 2
Type : 06
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 C ACER NTFS Partition 228 GB Healthy

======================================================================================================

Disk: 0
Partition 3
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 D DATA NTFS Partition 228 GB Healthy

======================================================================================================

Partitions of Disk 5:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 7783 MB 5340 KB

======================================================================================================

Disk: 5
Partition 1
Type : 0C
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 7 K ADATA UFD FAT32 Removable 7783 MB Healthy

======================================================================================================

==========================================================

Last Boot: 2012-08-13 08:59

======================= End Of Log ==========================
 
Welcome aboard
yahooo.gif


Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

===========================================

I don't see anything malicious there.

Please give me more info about what exactly happened.
 
The computer will not run for more than 2 minutes tops in either normal or safe mode. It keeps saying windows has encountered a critical error and will shut down in one minute. This began after downloading new AOL version.
 
Download attached fixlist.txt file and save it to the very same USB flash drive you've been using. Plug the drive back in.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

On Vista or Windows 7: Now please enter System Recovery Options.
On Windows XP: Now please boot into the UBCD.
Run FRST/FRST64 and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

See if you can boot normally.
 

Attachments

  • fixlist.txt
    27 bytes · Views: 1
Status
Not open for further replies.

Similar threads

E
Solved Svchost.exe launching multiple iexplore.exe - unknown cause
Replies
23
Views
3K
Broni
Broni
Nicki
Solved Must have picked up something... some COVID computer variant???
Replies
9
Views
3K
Broni
Broni
wshknwntlprtmn
  • Locked
Inactive Not sure what's going on here....
Replies
12
Views
2K
Broni
Broni

Latest posts

Back