Solved LSASS.exe Application Error

Status
Not open for further replies.
J

jayrez

Posts: 47   +0
So basically I cannot boot up my pc at all. I get this Application Error that doesnt allow me to boot, not even in safe mode/ Last good configuration etc. So I was wondering if I could take the hard drive out of my computer and put it in my friends computer (He has the exact same computer) and run some scans on it to get the virus out. Would i be able to do this without infecting his computer?
Also im not so good with this stuff, do most Desktop PCs have the ability to hold two hard drives at a time?

Thanks :)
 
Welcome aboard
yahooo.gif


Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running tools or applying updates other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

===================================================================

Let's see, if we can look at your computer booting from an external source.

Please download OTLPE (filesize 120,9 MB)

  • When downloaded double click on OTLPENet.exe and make sure there is a blank CD in your CD drive. This will automatically create a bootable CD.
  • Reboot your system using the boot CD you just created.
    • Note : If you do not know how to set your computer to boot from CD follow the steps HERE
  • Your system should now display a REATOGO-X-PE desktop.
  • Depending on your type of internet connection, you should be able to get online as well so you can access this topic more easily.
  • Double-click on the OTLPE icon.
  • When asked Do you wish to load the remote registry, select Yes
  • When asked Do you wish to load remote user profile(s) for scanning, select Yes
  • Ensure the box Automatically Load All Remaining Users" is checked and press OK
  • OTL should now start.
  • Press Run Scan to start the scan.
  • When finished, the file will be saved in drive C:\OTL.txt
  • Copy this file to your USB drive if you do not have internet connection on this system
  • Please post the contents of the OTL.txt file in your reply.
 
  • Like
Reactions: fadzli
Ok i am downloading the file now, so if i am hearing you correctly it will automatically turn the blank disk into a boot disk? I dont have to copy the file or anything?
 
Here is the OTP log. The characters are over the character max so I will post the attachement.
 

Attachments

  • OTL.txt
    131.3 KB · Views: 0
Please, observe forum's rules...
Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
Attached logs won't be reviewed.
 
Truly sorry about that.

-----------OTL LOGS PT 1-----

OTL logfile created on: 6/18/2011 2:08:45 PM - Run
OTLPE by OldTimer - Version 3.1.46.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

510.00 Mb Total Physical Memory | 302.00 Mb Available Physical Memory | 59.00% Memory free
462.00 Mb Paging File | 345.00 Mb Available in Paging File | 75.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 71.46 Gb Total Space | 27.44 Gb Free Space | 38.41% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet003

========== Win32 Services (SafeList) ==========

SRV - File not found [Auto] -- -- (RoxLiveShare9)
SRV - File not found [On_Demand] -- -- (AppMgmt)
SRV - [2011/03/18 11:11:02 | 000,947,528 | ---- | M] () [On_Demand] -- C:\Program Files\AVG\AVG8\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2009/11/25 18:46:28 | 000,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto] -- C:\Program Files\AVG\AVG8\avgemc.exe -- (avg8emc)
SRV - [2009/11/25 18:46:25 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto] -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd)
SRV - [2008/06/27 19:24:34 | 000,467,028 | ---- | M] (Atheros) [Auto] -- C:\WINDOWS\system32\acs.exe -- (ACS)
SRV - [2008/02/27 14:54:52 | 000,360,547 | ---- | M] (Atheros Communications, Inc.) [On_Demand] -- C:\Program Files\NETGEAR\WN111v2\jswpsapi.exe -- (jswpsapi)
SRV - [2005/06/21 16:19:38 | 000,491,520 | ---- | M] () [On_Demand] -- C:\WINDOWS\System32\dlcccoms.exe -- (dlcc_device)
SRV - [2004/03/18 19:55:48 | 000,065,536 | ---- | M] (HP) [On_Demand] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (wanatw) WAN Miniport (ATW)
DRV - File not found [Kernel | On_Demand] -- -- (RimUsb)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | Boot] -- -- (nielprt)
DRV - File not found [Kernel | On_Demand] -- -- (NielGfx)
DRV - File not found [Kernel | On_Demand] -- -- (MEMSWEEP2)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - File not found [Kernel | On_Demand] -- -- (bvrp_pci)
DRV - [2010/05/26 13:45:04 | 000,018,816 | ---- | M] (Sophos Plc) [Kernel | System] -- C:\WINDOWS\system32\SAVRKBootTasks.sys -- (SAVRKBootTasks)
DRV - [2009/12/07 07:24:56 | 000,401,016 | R--- | M] (Ploytec GmbH) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\psabusbu.sys -- (PRESONUS_AUDIOBOX_USB)
DRV - [2009/12/07 07:24:56 | 000,040,568 | R--- | M] (Ploytec GmbH) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\psabusba.sys -- (PRESONUS_AUDIOBOX_WDM)
DRV - [2009/12/07 07:24:56 | 000,031,864 | R--- | M] (Ploytec GmbH) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\psabusbm.sys -- (PRESONUS_AUDIOBOX_MIDI)
DRV - [2009/11/25 18:47:24 | 000,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2009/11/25 18:47:23 | 000,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2009/11/25 18:47:23 | 000,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2009/03/18 19:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2008/10/01 19:45:52 | 000,057,440 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\jswscimd.sys -- (JSWSCIMD)
DRV - [2008/09/30 06:24:36 | 000,453,120 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\WN111v2.sys -- (WN111v2)
DRV - [2007/12/14 07:31:00 | 000,057,408 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wsimd.sys -- (WSIMD)
DRV - [2004/09/17 16:02:54 | 000,732,928 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt)
DRV - [2003/11/17 23:59:20 | 000,212,224 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2003/11/17 23:58:02 | 000,680,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2003/11/17 23:56:26 | 001,042,432 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2003/07/24 15:10:34 | 000,017,149 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand] -- C:\WINDOWS\system32\DNINDIS5.sys -- (DNINDIS5)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
IE - HKLM\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.com/customize/ie/defaults/cs/msgr7/*http://www.yahoo.com/ext/search/search.html
IE - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ddr&s={searchTerms}&f=4


IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell4me.com/myway
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 36 AE 3A 04 E0 FD D8 46 91 AE 5E 70 C8 31 61 B1 [binary data]
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8592

IE - HKU\Administrator.D9KV7191_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
IE - HKU\Administrator.D9KV7191_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
IE - HKU\Administrator.D9KV7191_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Guest_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.myspace.com/
IE - HKU\Guest_ON_C\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - Reg Error: Key error. File not found
IE - HKU\Guest_ON_C\..\URLSearchHook: {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - Reg Error: Key error. File not found
IE - HKU\Guest_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\JESSY_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
IE - HKU\JESSY_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\JESSY_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://my.weatherstudio.com/?src_id=352
IE - HKU\JESSY_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\JESSY_ON_C\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\JESSY_ON_C\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - Reg Error: Key error. File not found
IE - HKU\JESSY_ON_C\..\URLSearchHook: {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - Reg Error: Key error. File not found
IE - HKU\JESSY_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Lindsay_Dawedeit_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ieaddons.com/en/students
IE - HKU\Lindsay_Dawedeit_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://m.www.yahoo.com/ [binary data]
IE - HKU\Lindsay_Dawedeit_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\Lindsay_Dawedeit_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\Lindsay_Dawedeit_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.oovoostart.com/?cfg=2-201-0-33NUP&engine_id=1&provider_id=1&product_id=201&country=US
IE - HKU\Lindsay_Dawedeit_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.com/
IE - HKU\Lindsay_Dawedeit_ON_C\Software\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 36 AE 3A 04 E0 FD D8 46 91 AE 5E 70 C8 31 61 B1 [binary data]
IE - HKU\Lindsay_Dawedeit_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Lindsay_Dawedeit_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local
IE - HKU\Lindsay_Dawedeit_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = socks=127.0.0.1:4021

IE - HKU\LocalService_ON_C\Software\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 36 AE 3A 04 E0 FD D8 46 91 AE 5E 70 C8 31 61 B1 [binary data]

IE - HKU\NetworkService_ON_C\Software\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 36 AE 3A 04 E0 FD D8 46 91 AE 5E 70 C8 31 61 B1 [binary data]


FF - HKLM\software\mozilla\Firefox\extensions\\{6E19037A-12E3-4295-8915-ED48BC341614}: C:\Program Files\OpinionSquare

[2011/01/10 10:15:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/01/10 21:55:57 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{AF8637B0-18E3-44D3-86B7-55E09D9C4261}
[2011/04/01 15:22:56 | 000,024,238 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\nphtml5.dll
[2010/12/13 08:36:54 | 000,002,035 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fcmdSrchddr.xml

Hosts file not found
O2 - BHO: (no name) - {043AAE36-FDE0-46D8-91AE-5E70C83161B1} - C:\WINDOWS\system32\atmlib32.dll ()
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {59c6f12b-f004-43e5-9997-08f2123119b6} - No CLSID value found.
O2 - BHO: (Facetheme) - {66D8FBA6-D90F-40A9-AC55-84896F79CA69} - C:\Program Files\Object\bho_project.dll (Facetheme.com)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.)
O2 - BHO: (no name) - {EA5CA8B6-9B9C-4994-A7A1-947B6C631BE7} - No CLSID value found.
O2 - BHO: (a4c3abe4) - {EAABFF34-C018-1663-DAE5-EADDB0233338} - C:\WINDOWS\system32\kbdhu132.dll (Dmitry Streblechenko)
O3 - HKLM\..\Toolbar: (no name) - {59c6f12b-f004-43e5-9997-08f2123119b6} - No CLSID value found.
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O3 - HKU\Guest_ON_C\..\Toolbar\WebBrowser: (no name) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - No CLSID value found.
O3 - HKU\Guest_ON_C\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\JESSY_ON_C\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O3 - HKU\Lindsay_Dawedeit_ON_C\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\Lindsay_Dawedeit_ON_C\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [DLCCCATS] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCCtime.DLL ()
O4 - HKLM..\Run: [dlccmon.exe] C:\Program Files\Dell Photo AIO Printer 924\dlccmon.exe (Dell)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKU\.DEFAULT..\Run: [samybfke] File not found
O4 - HKU\Administrator.D9KV7191_ON_C..\Run: [DellSupport] C:\Program Files\Dell Support\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\Guest_ON_C..\Run: [DellSupport] C:\Program Files\Dell Support\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\Guest_ON_C..\Run: [DellSupport-] C:\Program Files\Dell Support\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\Guest_ON_C..\Run: [MySpaceIM] C:\Documents and Settings\Guest\Application Data\MySpace\IM\bin\MySpaceIM.exe ()
O4 - HKU\Guest_ON_C..\Run: [OE_OEM] File not found
O4 - HKU\Guest_ON_C..\Run: [Yahoo! Pager] File not found
O4 - HKU\JESSY_ON_C..\Run: [MySpaceIM] File not found
O4 - HKU\JESSY_ON_C..\Run: [OE_OEM] File not found
O4 - HKU\JESSY_ON_C..\Run: [swg] File not found
O4 - HKU\JESSY_ON_C..\Run: [Yahoo! Pager] File not found
O4 - HKU\Administrator.D9KV7191_ON_C..\RunOnce: [avg_spchecker] C:\Program Files\AVG\AVG8\Notification\SPChecker.exe ()
O4 - HKU\Administrator.D9KV7191_ON_C..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil10c.exe (Adobe Systems, Inc.)
O4 - HKU\Guest_ON_C..\RunOnce: [avg_spchecker] C:\Program Files\AVG\AVG8\Notification\SPChecker.exe ()
O4 - HKU\JESSY_ON_C..\RunOnce: [avg_spchecker] C:\Program Files\AVG\AVG8\Notification\SPChecker.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NETGEAR WN111v2 Smart Wizard.lnk = C:\Program Files\NETGEAR\WN111v2\WN111V2.exe (NETGEAR)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Administrator.D9KV7191_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Guest_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\JESSY_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Lindsay_Dawedeit_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {55027008-315F-4F45-BBC3-8BE119764741} http://www.slide.com/uploader/SlideImageUploader.cab (Slide Image Uploader Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.254.254 192.168.254.254
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (C:\WINDOWS\system32\kbdic32.dll) - C:\WINDOWS\system32\kbdic32.dll (Dmitry Streblechenko)
O20 - AppInit_DLLs: (C:\WINDOWS\system32\kbdhu132.dll) - C:\WINDOWS\system32\kbdhu132.dll (Dmitry Streblechenko)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 15:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
------OTL LOG PART 2-----

========== Files/Folders - Created Within 30 Days ==========

[2011/06/12 00:51:01 | 000,775,168 | ---- | C] (AIDEX Team) -- C:\WINDOWS\System32\atmlib32.exe
[2011/06/12 00:50:55 | 000,775,168 | ---- | C] (AIDEX Team) -- C:\WINDOWS\System32\CNCFLjJP32.exe
[2011/06/12 00:50:42 | 000,775,168 | ---- | C] (AIDEX Team) -- C:\WINDOWS\System32\ialmrnt532.exe
[2011/06/12 00:50:37 | 000,175,616 | ---- | C] (Dmitry Streblechenko) -- C:\WINDOWS\System32\kbdhu132.dll
[2011/06/12 00:50:29 | 000,775,168 | ---- | C] (AIDEX Team) -- C:\WINDOWS\System32\ialmuCHT32.exe
[2011/06/12 00:50:20 | 000,175,616 | ---- | C] (Dmitry Streblechenko) -- C:\WINDOWS\System32\kbdic32.dll
[2011/06/12 00:49:58 | 000,775,168 | ---- | C] (AIDEX Team) -- C:\WINDOWS\System32\ipxrip32.exe
[2011/06/12 00:49:54 | 000,775,168 | ---- | C] (AIDEX Team) -- C:\WINDOWS\System32\msvfw3232.exe
[2011/06/12 00:49:52 | 000,775,168 | ---- | C] (AIDEX Team) -- C:\WINDOWS\System32\iprop32.exe
[2011/06/12 00:49:25 | 000,775,168 | ---- | C] (AIDEX Team) -- C:\Documents and Settings\Lindsay Dawedeit\0.9559369606395516.exe
[2011/06/12 00:49:25 | 000,775,168 | ---- | C] (AIDEX Team) -- C:\Documents and Settings\Lindsay Dawedeit\0.9001891160520191.exe
[2011/06/12 00:49:25 | 000,775,168 | ---- | C] (AIDEX Team) -- C:\Documents and Settings\Lindsay Dawedeit\0.43833626772242584.exe
[2011/06/12 00:49:23 | 000,775,168 | ---- | C] (AIDEX Team) -- C:\Documents and Settings\Lindsay Dawedeit\0.3058821869240973.exe
[2011/06/11 19:01:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lindsay Dawedeit\Application Data\WinRAR
[2011/06/11 05:10:02 | 000,000,000 | ---D | C] -- C:\Program Files\DBO_CT_TW
[2011/06/11 05:09:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\DragonBall Online
[2011/06/11 01:09:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lindsay Dawedeit\Application Data\uTorrent
[2011/06/11 00:45:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lindsay Dawedeit\Application Data\Sun
[2011/06/10 23:21:59 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Lindsay Dawedeit\Recent
[2011/06/10 23:07:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lindsay Dawedeit\Application Data\Macromedia
[2011/06/10 22:58:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lindsay Dawedeit\Application Data\Adobe
[2011/05/26 14:47:49 | 000,000,000 | -HSD | C] -- C:\found.000
[2011/05/25 17:05:07 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2011/05/25 02:36:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\My PSP Files
[2011/05/25 02:27:03 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe Download Assistant
[2011/05/25 02:25:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2011/05/24 20:18:37 | 000,000,000 | ---D | C] -- C:\Program Files\Antares
[2011/05/24 19:57:42 | 000,000,000 | ---D | C] -- C:\Program Files\Antares Audio Technologies
[2006/10/05 20:36:25 | 000,774,144 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\RngInterstitial.dll
[9 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\Lindsay Dawedeit\Desktop\*.tmp files -> C:\Documents and Settings\Lindsay Dawedeit\Desktop\*.tmp -> ]
[1 C:\Documents and Settings\Lindsay Dawedeit\*.tmp files -> C:\Documents and Settings\Lindsay Dawedeit\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/06/18 15:57:56 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/06/13 02:32:01 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/06/13 02:32:01 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/06/12 20:22:02 | 077,415,208 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2011/06/12 00:50:57 | 000,000,097 | ---- | M] () -- C:\WINDOWS\System32\773778630
[2011/06/12 00:50:37 | 000,175,616 | ---- | M] (Dmitry Streblechenko) -- C:\WINDOWS\System32\kbdhu132.dll
[2011/06/12 00:50:22 | 000,175,616 | ---- | M] (Dmitry Streblechenko) -- C:\WINDOWS\System32\kbdic32.dll
[2011/06/12 00:49:49 | 000,775,168 | ---- | M] (AIDEX Team) -- C:\WINDOWS\System32\ipxrip32.exe
[2011/06/12 00:49:49 | 000,775,168 | ---- | M] (AIDEX Team) -- C:\WINDOWS\System32\ialmrnt532.exe
[2011/06/12 00:49:49 | 000,775,168 | ---- | M] (AIDEX Team) -- C:\Documents and Settings\Lindsay Dawedeit\0.9001891160520191.exe
[2011/06/12 00:49:47 | 000,350,720 | ---- | M] () -- C:\WINDOWS\System32\atmlib32.dll
[2011/06/12 00:49:45 | 000,775,168 | ---- | M] (AIDEX Team) -- C:\WINDOWS\System32\iprop32.exe
[2011/06/12 00:49:45 | 000,775,168 | ---- | M] (AIDEX Team) -- C:\Documents and Settings\Lindsay Dawedeit\0.43833626772242584.exe
[2011/06/12 00:49:43 | 000,775,168 | ---- | M] (AIDEX Team) -- C:\WINDOWS\System32\msvfw3232.exe
[2011/06/12 00:49:43 | 000,775,168 | ---- | M] (AIDEX Team) -- C:\WINDOWS\System32\ialmuCHT32.exe
[2011/06/12 00:49:43 | 000,775,168 | ---- | M] (AIDEX Team) -- C:\WINDOWS\System32\CNCFLjJP32.exe
[2011/06/12 00:49:43 | 000,775,168 | ---- | M] (AIDEX Team) -- C:\WINDOWS\System32\atmlib32.exe
[2011/06/12 00:49:43 | 000,775,168 | ---- | M] (AIDEX Team) -- C:\Documents and Settings\Lindsay Dawedeit\0.9559369606395516.exe
[2011/06/12 00:49:43 | 000,775,168 | ---- | M] (AIDEX Team) -- C:\Documents and Settings\Lindsay Dawedeit\0.3058821869240973.exe
[2011/06/11 05:10:02 | 000,001,399 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\¤CÀs¯]Online.lnk
[2011/06/11 05:10:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\DragonBall Online
[2011/06/11 04:28:18 | 000,004,500 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Gokubasedgod.bmp
[2011/06/11 01:09:38 | 000,114,636 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\DBO_CT_TW_Setup.exe.torrent
[2011/06/10 23:28:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\CCleaner
[2011/06/10 18:17:19 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/06/10 18:15:46 | 000,000,300 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2863605548-1053128589-1952253785-1006.job
[2011/06/10 18:05:55 | 000,001,294 | -HS- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\Local Settings\Application Data\ep6kkw8xbk0184big1gr3105moca8yr5263
[2011/06/10 17:52:28 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/06/08 20:06:00 | 000,000,308 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-2863605548-1053128589-1952253785-1006.job
[2011/06/04 04:20:21 | 046,296,620 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\DO DO X2 - instrumental.wav
[2011/06/04 01:24:21 | 000,011,290 | -HS- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\Local Settings\Application Data\io2j138s300jt5
[2011/06/04 00:37:31 | 003,455,269 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\JayRez- Far Away .mp3
[2011/06/03 20:35:45 | 000,242,262 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\my last pic.BMP
[2011/06/03 20:18:01 | 003,692,948 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 2.wav
[2011/06/03 20:18:01 | 000,057,776 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 2.pk
[2011/06/03 20:17:59 | 003,080,590 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 2 (2).wav
[2011/06/03 20:17:59 | 000,048,208 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 2 (2).pk
[2011/06/03 20:17:57 | 002,124,644 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 3.wav
[2011/06/03 20:17:57 | 000,033,272 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 3.pk
[2011/06/03 20:17:56 | 000,028,240 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 3 (2).pk
[2011/06/03 20:17:55 | 001,802,388 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 3 (2).wav
[2011/06/03 20:17:54 | 000,032,704 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 4.pk
[2011/06/03 20:17:53 | 002,088,172 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 4.wav
[2011/06/03 20:16:54 | 076,151,852 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Mix Down.wav
[2011/06/03 20:16:54 | 000,343,276 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Mix Down.pk
[2011/06/03 20:16:42 | 000,039,760 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 2 (3).pk
[2011/06/03 20:16:41 | 005,079,364 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 2 (3).wav
[2011/06/03 20:16:39 | 005,079,364 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 3 (3).wav
[2011/06/03 20:16:39 | 000,039,760 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 3 (3).pk
[2011/06/03 20:16:37 | 076,151,852 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Mix Down (2).wav
[2011/06/03 20:16:37 | 000,343,276 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Mix Down (2).pk
[2011/06/03 20:16:25 | 007,322,348 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 2 (4).wav
[2011/06/03 20:16:25 | 000,057,280 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 2 (4).pk
[2011/06/03 20:16:23 | 000,057,280 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 3 (4).pk
[2011/06/03 20:16:22 | 007,322,348 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 3 (4).wav
[2011/06/03 20:16:21 | 000,055,184 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 3 (5).pk
[2011/06/03 20:16:20 | 007,053,876 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 3 (5).wav
[2011/06/03 20:16:18 | 007,053,876 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 2 (5).wav
[2011/06/03 20:16:18 | 000,055,184 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 2 (5).pk
[2011/06/03 20:16:16 | 000,343,276 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Mix Down (3).pk
[2011/06/03 20:16:15 | 076,151,852 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Mix Down (3).wav
[2011/06/03 20:16:03 | 002,319,788 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 3 (6).wav
[2011/06/03 20:16:03 | 000,018,200 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 3 (6).pk
[2011/06/03 20:16:02 | 002,960,148 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 2 (7).wav
[2011/06/03 20:16:02 | 000,023,200 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 2 (7).pk
[2011/06/03 20:16:00 | 007,046,008 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 2 (8).wav
[2011/06/03 20:16:00 | 000,055,120 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 2 (8).pk
[2011/06/03 20:15:57 | 005,073,336 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 2 (9).wav
[2011/06/03 20:15:57 | 000,039,712 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 2 (9).pk
[2011/06/03 20:15:56 | 000,039,712 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 3 (10).pk
[2011/06/03 20:15:55 | 005,073,336 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 3 (10).wav
[2011/06/03 20:15:54 | 000,025,008 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 3 (7).pk
[2011/06/03 20:15:53 | 003,191,444 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 3 (7).wav
[2011/06/03 20:15:52 | 003,191,444 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 2 (6).wav
[2011/06/03 20:15:52 | 000,025,008 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 2 (6).pk
[2011/06/03 20:15:50 | 002,960,148 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 3 (8).wav
[2011/06/03 20:15:50 | 000,023,200 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 3 (8).pk
[2011/06/03 20:15:48 | 007,046,008 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 3 (9).wav
[2011/06/03 20:15:48 | 000,055,120 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 3 (9).pk
[2011/06/03 20:15:35 | 076,151,852 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Mix Down (4).wav
[2011/06/03 20:15:35 | 000,343,276 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Mix Down (4).pk
[2011/06/03 20:15:21 | 000,031,848 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 2 (10).pk
[2011/06/03 20:15:20 | 004,067,328 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 2 (10).wav
[2011/06/03 20:15:19 | 004,067,328 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 3 (11).wav
[2011/06/03 20:15:19 | 000,031,848 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 3 (11).pk
[2011/06/03 20:15:17 | 076,151,852 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Mix Down (5).wav
[2011/06/03 20:15:17 | 000,343,276 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Mix Down (5).pk
[2011/06/03 20:15:02 | 003,652,492 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 2 (11).wav
[2011/06/03 20:15:02 | 000,028,608 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 2 (11).pk
[2011/06/03 20:15:00 | 003,652,492 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 3 (12).wav
[2011/06/03 20:15:00 | 000,028,608 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 3 (12).pk
[2011/06/03 14:31:10 | 006,907,218 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Tyga Ft. Chris Richardson - Far Away (Instrumental with Hook).mp3
[2011/06/01 19:11:52 | 002,640,631 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Mac Miller-Donald Trump.mp3
[2011/05/28 20:21:03 | 000,008,790 | -HS- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\Local Settings\Application Data\245337r41f060nm5sc34053da45p08wb8sf13d412u
[2011/05/27 13:45:57 | 000,013,340 | -HS- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\Local Settings\Application Data\232r7u660p253f31dil511257hxrt
[2011/05/25 21:41:03 | 000,070,304 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\phpjVTrPqPM.jpg
[2011/05/25 21:19:42 | 000,044,594 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\phpRG6OfsPM.jpg
[2011/05/25 20:47:22 | 050,593,864 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\JayRez- My Last (cover).wav
[2011/05/25 20:28:51 | 000,020,231 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\Desktop\My last CEP Session.ses
[2011/05/25 20:28:49 | 000,380,452 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\Desktop\Mix Down.pk
[2011/05/25 20:28:48 | 088,842,284 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\Desktop\Mix Down.wav
[2011/05/25 20:28:34 | 002,708,886 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\Desktop\Verse 1 (1.1).wav
[2011/05/25 20:28:34 | 000,042,400 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\Desktop\Verse 1 (1.1).pk
[2011/05/25 20:28:32 | 003,027,498 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\Desktop\Verse 1 (1).wav
[2011/05/25 20:28:32 | 000,047,376 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\Desktop\Verse 1 (1).pk
[2011/05/25 20:28:25 | 000,194,162 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\Desktop\Verse 1 (2) Verse 2 (3).wav
[2011/05/25 20:28:23 | 000,384,784 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\Desktop\Mix Down (2).pk
[2011/05/25 20:28:22 | 090,322,940 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\Desktop\Mix Down (2).wav
[2011/05/25 20:28:08 | 000,114,232 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\Desktop\Verse 1 (1.2).pk
[2011/05/25 20:28:07 | 007,306,106 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\Desktop\Verse 1 (1.2).wav
[2011/05/25 20:28:06 | 000,114,232 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\Desktop\Verse 1 (2) Verse 2.pk
[2011/05/25 20:28:05 | 007,306,106 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\Desktop\Verse 1 (2) Verse 2.wav
[2011/05/25 20:28:03 | 000,112,232 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\Desktop\Verse 1 (1.3).pk
[2011/05/25 20:28:02 | 007,178,102 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\Desktop\Verse 1 (1.3).wav
[2011/05/25 20:28:01 | 000,112,232 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\Desktop\Verse 1 (2) Verse 2 (2).pk
[2011/05/25 20:28:00 | 007,178,102 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\Desktop\Verse 1 (2) Verse 2 (2).wav
[2011/05/25 20:27:58 | 000,384,784 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\Desktop\Mix Down (3).pk
[2011/05/25 20:27:57 | 090,322,940 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\Desktop\Mix Down (3).wav
[2011/05/25 20:27:40 | 000,479,399 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\Desktop\Verse 1 (1.4).mp3
[2011/05/25 20:27:38 | 000,479,399 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\Desktop\Verse 1 (2) Verse 2 (4).mp3
[2011/05/25 20:27:31 | 004,097,254 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\Desktop\JayRez- My Last (Cover).mp3
[2011/05/25 19:44:05 | 007,233,580 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\Desktop\My last CEP Session-Verse 1 (2) Verse 2 (4).wav
[2011/05/25 19:44:05 | 000,113,104 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\Desktop\My last CEP Session-Verse 1 (2) Verse 2 (4).pk
[2011/05/25 19:44:03 | 001,662,908 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\Desktop\My last CEP Session-Verse 1 (2) Verse 2 (2.1).wav
[2011/05/25 19:44:03 | 000,026,064 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\Desktop\My last CEP Session-Verse 1 (2) Verse 2 (2.1).pk
[2011/05/25 19:44:02 | 000,050,768 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\Desktop\My last CEP Session-Verse 1 (1.2).pk
[2011/05/25 19:44:01 | 003,244,296 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\Desktop\My last CEP Session-Verse 1 (1.2).wav
[2011/05/25 19:44:00 | 000,031,200 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\Desktop\My last CEP Session-Verse 1 (2) Verse 2 (3).pk
[2011/05/25 19:43:59 | 001,991,952 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\Desktop\My last CEP Session-Verse 1 (2) Verse 2 (3).wav
[2011/05/25 19:00:31 | 090,322,940 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\Desktop\My last CEP Session-Mix Down (2).wav
[2011/05/25 19:00:31 | 000,384,784 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\Desktop\My last CEP Session-Mix Down (2).pk
[2011/05/25 17:07:24 | 000,013,468 | -HS- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\Local Settings\Application Data\t2342bpnbb47w8
[2011/05/25 00:18:41 | 000,990,563 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Mixdown (2).mp3
[2011/05/25 00:09:15 | 000,328,934 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 2 (2).mp3
[2011/05/25 00:09:12 | 000,483,579 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 3.mp3
[2011/05/25 00:09:04 | 000,000,836 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Mixdown.mp3
[2011/05/25 00:08:51 | 000,506,567 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 3 (2).mp3
[2011/05/24 23:35:12 | 004,180,459 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\My Last (Good D.I.Y Acapella) - Big Sean ft. Chris Brown.mp3
[2011/05/24 18:54:03 | 000,636,970 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\Desktop\My last CEP Session-Track 5.mp3
[2011/05/24 18:20:47 | 000,538,331 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\Desktop\My last CEP Session-Track 4.mp3
[2011/05/24 18:20:39 | 000,612,310 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\Desktop\My last CEP Session-Verse 1 (2) Verse 2 (2).mp3
[2011/05/24 17:44:58 | 000,606,877 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\Desktop\My last CEP Session-Verse 1 (2) Verse 2.mp3
[2011/05/24 17:43:56 | 000,603,951 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\Desktop\My last CEP Session-Track 2.mp3
[2011/05/21 19:35:10 | 008,059,088 | ---- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\My Last (Hook).mp3
[9 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\Lindsay Dawedeit\Desktop\*.tmp files -> C:\Documents and Settings\Lindsay Dawedeit\Desktop\*.tmp -> ]
[1 C:\Documents and Settings\Lindsay Dawedeit\*.tmp files -> C:\Documents and Settings\Lindsay Dawedeit\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/06/12 00:49:52 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\773778630
[2011/06/12 00:49:45 | 000,350,720 | ---- | C] () -- C:\WINDOWS\System32\atmlib32.dll
[2011/06/11 05:10:01 | 000,001,399 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\¤CÀs¯]Online.lnk
[2011/06/11 04:26:09 | 000,004,500 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Gokubasedgod.bmp
[2011/06/11 01:09:32 | 000,114,636 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\DBO_CT_TW_Setup.exe.torrent
[2011/06/10 18:05:22 | 000,001,294 | -HS- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\Local Settings\Application Data\ep6kkw8xbk0184big1gr3105moca8yr5263
[2011/06/04 04:20:13 | 046,296,620 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\DO DO X2 - instrumental.wav
[2011/06/03 23:41:10 | 000,011,290 | -HS- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\Local Settings\Application Data\io2j138s300jt5
[2011/06/03 20:29:13 | 000,242,262 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\my last pic.BMP
[2011/06/03 20:18:01 | 000,057,776 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 2.pk
[2011/06/03 20:18:00 | 003,692,948 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 2.wav
[2011/06/03 20:17:59 | 000,048,208 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 2 (2).pk
[2011/06/03 20:17:58 | 003,080,590 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 2 (2).wav
[2011/06/03 20:17:57 | 000,033,272 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 3.pk
[2011/06/03 20:17:56 | 002,124,644 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 3.wav
[2011/06/03 20:17:55 | 001,802,388 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 3 (2).wav
[2011/06/03 20:17:55 | 000,028,240 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 3 (2).pk
[2011/06/03 20:17:54 | 000,032,704 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 4.pk
[2011/06/03 20:17:53 | 002,088,172 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 4.wav
[2011/06/03 20:16:54 | 000,343,276 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Mix Down.pk
[2011/06/03 20:16:42 | 076,151,852 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Mix Down.wav
[2011/06/03 20:16:41 | 000,039,760 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 2 (3).pk
[2011/06/03 20:16:40 | 005,079,364 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 2 (3).wav
[2011/06/03 20:16:39 | 000,039,760 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 3 (3).pk
[2011/06/03 20:16:38 | 005,079,364 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 3 (3).wav
[2011/06/03 20:16:37 | 000,343,276 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Mix Down (2).pk
[2011/06/03 20:16:25 | 076,151,852 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Mix Down (2).wav
[2011/06/03 20:16:25 | 000,057,280 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 2 (4).pk
[2011/06/03 20:16:23 | 007,322,348 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 2 (4).wav
[2011/06/03 20:16:23 | 000,057,280 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 3 (4).pk
[2011/06/03 20:16:21 | 007,322,348 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 3 (4).wav
[2011/06/03 20:16:20 | 000,055,184 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 3 (5).pk
[2011/06/03 20:16:19 | 007,053,876 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 3 (5).wav
[2011/06/03 20:16:18 | 000,055,184 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 2 (5).pk
[2011/06/03 20:16:17 | 007,053,876 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 2 (5).wav
[2011/06/03 20:16:16 | 000,343,276 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Mix Down (3).pk
[2011/06/03 20:16:04 | 076,151,852 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Mix Down (3).wav
[2011/06/03 20:16:03 | 000,018,200 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 3 (6).pk
[2011/06/03 20:16:02 | 002,319,788 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 3 (6).wav
[2011/06/03 20:16:02 | 000,023,200 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 2 (7).pk
[2011/06/03 20:16:01 | 002,960,148 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 2 (7).wav
[2011/06/03 20:16:00 | 000,055,120 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 2 (8).pk
[2011/06/03 20:15:58 | 007,046,008 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 2 (8).wav
[2011/06/03 20:15:57 | 000,039,712 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 2 (9).pk
[2011/06/03 20:15:56 | 005,073,336 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 2 (9).wav
[2011/06/03 20:15:55 | 000,039,712 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 3 (10).pk
[2011/06/03 20:15:54 | 005,073,336 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 3 (10).wav
[2011/06/03 20:15:54 | 000,025,008 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 3 (7).pk
[2011/06/03 20:15:53 | 003,191,444 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 3 (7).wav
[2011/06/03 20:15:52 | 000,025,008 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 2 (6).pk
[2011/06/03 20:15:51 | 003,191,444 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 2 (6).wav
[2011/06/03 20:15:50 | 000,023,200 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 3 (8).pk
[2011/06/03 20:15:49 | 002,960,148 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 3 (8).wav
[2011/06/03 20:15:48 | 000,055,120 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 3 (9).pk
[2011/06/03 20:15:44 | 007,046,008 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 3 (9).wav
[2011/06/03 20:15:35 | 000,343,276 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Mix Down (4).pk
[2011/06/03 20:15:21 | 076,151,852 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Mix Down (4).wav
[2011/06/03 20:15:20 | 004,067,328 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 2 (10).wav
[2011/06/03 20:15:20 | 000,031,848 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 2 (10).pk
[2011/06/03 20:15:19 | 000,031,848 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 3 (11).pk
[2011/06/03 20:15:18 | 004,067,328 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 3 (11).wav
[2011/06/03 20:15:17 | 000,343,276 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Mix Down (5).pk
[2011/06/03 20:15:03 | 076,151,852 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Mix Down (5).wav
[2011/06/03 20:15:02 | 000,028,608 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 2 (11).pk
[2011/06/03 20:15:01 | 003,652,492 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 2 (11).wav
[2011/06/03 20:15:00 | 000,028,608 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 3 (12).pk
[2011/06/03 20:14:58 | 003,652,492 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 3 (12).wav
[2011/06/03 20:14:28 | 003,455,269 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\JayRez- Far Away .mp3
[2011/06/03 14:31:10 | 006,907,218 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Tyga Ft. Chris Richardson - Far Away (Instrumental with Hook).mp3
[2011/06/01 19:11:52 | 002,640,631 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Mac Miller-Donald Trump.mp3
[2011/05/28 20:13:39 | 000,008,790 | -HS- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\Local Settings\Application Data\245337r41f060nm5sc34053da45p08wb8sf13d412u
[2011/05/27 07:45:03 | 000,013,340 | -HS- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\Local Settings\Application Data\232r7u660p253f31dil511257hxrt
[2011/05/25 21:29:28 | 000,070,304 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\phpjVTrPqPM.jpg
[2011/05/25 21:06:33 | 000,044,594 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\phpRG6OfsPM.jpg
[2011/05/25 21:01:25 | 002,472,360 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\Desktop\100_0104.JPG
[2011/05/25 20:40:22 | 050,593,864 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\JayRez- My Last (cover).wav
[2011/05/25 20:28:48 | 000,380,452 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\Desktop\Mix Down.pk
[2011/05/25 20:28:35 | 088,842,284 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\Desktop\Mix Down.wav
[2011/05/25 20:28:34 | 000,042,400 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\Desktop\Verse 1 (1.1).pk
[2011/05/25 20:28:33 | 002,708,886 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\Desktop\Verse 1 (1.1).wav
[2011/05/25 20:28:32 | 000,047,376 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\Desktop\Verse 1 (1).pk
[2011/05/25 20:28:31 | 003,027,498 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\Desktop\Verse 1 (1).wav
[2011/05/25 20:28:25 | 000,194,162 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\Desktop\Verse 1 (2) Verse 2 (3).wav
[2011/05/25 20:28:23 | 000,384,784 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\Desktop\Mix Down (2).pk
[2011/05/25 20:28:08 | 090,322,940 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\Desktop\Mix Down (2).wav
[2011/05/25 20:28:07 | 000,114,232 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\Desktop\Verse 1 (1.2).pk
[2011/05/25 20:28:06 | 007,306,106 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\Desktop\Verse 1 (1.2).wav
[2011/05/25 20:28:05 | 000,114,232 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\Desktop\Verse 1 (2) Verse 2.pk
[2011/05/25 20:28:03 | 007,306,106 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\Desktop\Verse 1 (2) Verse 2.wav
[2011/05/25 20:28:03 | 000,112,232 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\Desktop\Verse 1 (1.3).pk
[2011/05/25 20:28:02 | 007,178,102 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\Desktop\Verse 1 (1.3).wav
[2011/05/25 20:28:01 | 000,112,232 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\Desktop\Verse 1 (2) Verse 2 (2).pk
[2011/05/25 20:27:59 | 007,178,102 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\Desktop\Verse 1 (2) Verse 2 (2).wav
[2011/05/25 20:27:57 | 000,384,784 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\Desktop\Mix Down (3).pk
[2011/05/25 20:27:41 | 090,322,940 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\Desktop\Mix Down (3).wav
[2011/05/25 20:27:39 | 000,479,399 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\Desktop\Verse 1 (1.4).mp3
[2011/05/25 20:27:36 | 000,479,399 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\Desktop\Verse 1 (2) Verse 2 (4).mp3
[2011/05/25 20:27:16 | 004,097,254 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\Desktop\JayRez- My Last (Cover).mp3
[2011/05/25 19:44:05 | 000,113,104 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\Desktop\My last CEP Session-Verse 1 (2) Verse 2 (4).pk
[2011/05/25 19:44:04 | 007,233,580 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\Desktop\My last CEP Session-Verse 1 (2) Verse 2 (4).wav
[2011/05/25 19:44:03 | 000,026,064 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\Desktop\My last CEP Session-Verse 1 (2) Verse 2 (2.1).pk
[2011/05/25 19:44:02 | 001,662,908 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\Desktop\My last CEP Session-Verse 1 (2) Verse 2 (2.1).wav
[2011/05/25 19:44:02 | 000,050,768 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\Desktop\My last CEP Session-Verse 1 (1.2).pk
[2011/05/25 19:44:01 | 003,244,296 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\Desktop\My last CEP Session-Verse 1 (1.2).wav
[2011/05/25 19:43:59 | 001,991,952 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\Desktop\My last CEP Session-Verse 1 (2) Verse 2 (3).wav
[2011/05/25 19:43:59 | 000,031,200 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\Desktop\My last CEP Session-Verse 1 (2) Verse 2 (3).pk
[2011/05/25 19:00:31 | 000,384,784 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\Desktop\My last CEP Session-Mix Down (2).pk
[2011/05/25 19:00:01 | 090,322,940 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\Desktop\My last CEP Session-Mix Down (2).wav
[2011/05/25 04:02:07 | 000,013,468 | -HS- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\Local Settings\Application Data\t2342bpnbb47w8
[2011/05/25 02:26:49 | 000,001,204 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\Desktop\hosts
[2011/05/25 00:18:34 | 000,990,563 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Mixdown (2).mp3
[2011/05/25 00:09:13 | 000,328,934 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 2 (2).mp3
[2011/05/25 00:09:10 | 000,483,579 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 3.mp3
[2011/05/25 00:09:03 | 000,000,836 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Mixdown.mp3
[2011/05/25 00:08:47 | 000,506,567 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Track 3 (2).mp3
[2011/05/24 23:35:12 | 004,180,459 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\My Last (Good D.I.Y Acapella) - Big Sean ft. Chris Brown.mp3
[2011/05/24 20:17:50 | 006,703,756 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Setup.exe
[2011/05/24 20:17:50 | 000,015,609 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\H2O.nfo
[2011/05/24 20:17:50 | 000,002,255 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\Heaven.nfo
[2011/05/24 20:17:50 | 000,000,575 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\file_id.diz
[2011/05/24 18:35:30 | 000,636,970 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\Desktop\My last CEP Session-Track 5.mp3
[2011/05/24 18:20:45 | 000,538,331 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\Desktop\My last CEP Session-Track 4.mp3
[2011/05/24 18:20:30 | 000,612,310 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\Desktop\My last CEP Session-Verse 1 (2) Verse 2 (2).mp3
[2011/05/24 17:44:57 | 000,606,877 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\Desktop\My last CEP Session-Verse 1 (2) Verse 2.mp3
[2011/05/23 20:00:52 | 000,603,951 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\Desktop\My last CEP Session-Track 2.mp3
[2011/05/23 00:55:16 | 000,020,231 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\Desktop\My last CEP Session.ses
[2011/05/21 19:35:10 | 008,059,088 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\My Documents\My Last (Hook).mp3
[2011/05/15 16:56:35 | 000,013,472 | -HS- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\Local Settings\Application Data\d870p7ai35kvn85p1f03nwq3rkvtxt777r6wb20b7gs
[2011/05/04 22:49:05 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2011/04/15 20:24:48 | 000,013,518 | -HS- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\Local Settings\Application Data\kb1ct45l884db54a8j0jvs53mpyp5v727vs2666h
[2011/03/29 10:31:57 | 000,012,784 | -HS- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\Local Settings\Application Data\75ay16jj8e5
[2011/03/17 23:38:01 | 000,012,602 | -HS- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\Local Settings\Application Data\(+.X)+.,-V),X
[2011/03/09 19:02:48 | 000,002,496 | ---- | C] () -- C:\WINDOWS\System32\AVRedirector.ini
[2011/03/09 19:02:48 | 000,001,248 | ---- | C] () -- C:\WINDOWS\System32\AVRedirectorOff.ini
[2011/03/01 01:09:50 | 000,638,976 | ---- | C] () -- C:\WINDOWS\System32\dlccpmui.dll
[2011/03/01 01:09:50 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\dlccinsr.dll
[2011/03/01 01:09:49 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\dlccins.dll
[2011/03/01 01:09:48 | 000,372,736 | ---- | C] () -- C:\WINDOWS\System32\dlccih.exe
[2011/03/01 01:09:48 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\dlccvs.dll
[2011/03/01 01:09:47 | 000,368,640 | ---- | C] () -- C:\WINDOWS\System32\dlcccfg.exe
[2011/03/01 01:09:47 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\dlccpplc.dll
[2011/03/01 01:09:46 | 000,483,328 | ---- | C] () -- C:\WINDOWS\System32\dlcclmpm.dll
[2011/03/01 01:09:46 | 000,413,696 | ---- | C] () -- C:\WINDOWS\System32\dlcccomm.dll
[2011/03/01 01:09:45 | 001,134,592 | ---- | C] () -- C:\WINDOWS\System32\dlccusb1.dll
[2011/03/01 01:09:44 | 000,770,048 | ---- | C] () -- C:\WINDOWS\System32\dlcchbn3.dll
[2011/03/01 01:09:43 | 000,491,520 | ---- | C] () -- C:\WINDOWS\System32\dlcccoms.exe
[2011/03/01 01:09:42 | 000,704,512 | ---- | C] () -- C:\WINDOWS\System32\dlcccomc.dll
[2011/03/01 01:09:42 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\dlccprox.dll
[2011/03/01 01:09:41 | 001,183,744 | ---- | C] () -- C:\WINDOWS\System32\dlccserv.dll
[2011/03/01 01:09:39 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\dlcccu.dll
[2011/03/01 01:09:39 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\dlcccur.dll
[2011/03/01 01:09:38 | 000,430,080 | ---- | C] () -- C:\WINDOWS\System32\dlccutil.dll
[2011/03/01 01:09:33 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\dlccinsb.dll
[2011/03/01 01:09:33 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\dlcccub.dll
[2011/03/01 01:09:29 | 000,131,072 | ---- | C] () -- C:\WINDOWS\System32\dlccjswr.dll
[2011/03/01 01:09:23 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\dlcccfg.dll
[2011/02/20 18:43:09 | 000,013,974 | -HS- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\Local Settings\Application Data\mt1g23v02b57q6ihcw1k2qu8485u81yu7lpn7536y43s
[2011/01/21 20:32:52 | 000,011,230 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\all
[2011/01/05 22:31:47 | 000,000,117 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\jagex_runescape_preferences2.dat
[2011/01/05 22:28:26 | 000,000,034 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\jagex_runescape_preferences.dat
[2009/12/29 23:01:40 | 000,000,256 | ---- | C] () -- C:\WINDOWS\System32\pool.bin
[2009/11/25 15:20:56 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2008/06/27 19:18:04 | 000,262,216 | ---- | C] () -- C:\WINDOWS\System32\IPTests.dll
[2007/06/26 01:03:50 | 000,005,632 | ---- | C] () -- C:\Documents and Settings\Guest\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/04/16 03:13:23 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Guest\Local Settings\Application Data\fusioncache.dat
[2007/04/03 23:56:04 | 000,000,023 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\presets.ini
[2007/01/14 19:54:46 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2007/01/05 21:09:50 | 000,002,301 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2006/12/07 00:01:09 | 000,033,280 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/11/01 01:06:23 | 000,104,279 | ---- | C] () -- C:\WINDOWS\hpoins04.dat.temp
[2006/11/01 01:06:23 | 000,017,176 | ---- | C] () -- C:\WINDOWS\hpomdl04.dat.temp
[2006/10/25 17:10:41 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\JESSY\Local Settings\Application Data\fusioncache.dat
[2006/10/25 11:32:54 | 000,104,279 | ---- | C] () -- C:\WINDOWS\hpoins04.dat
[2006/10/25 11:32:54 | 000,017,176 | ---- | C] () -- C:\WINDOWS\hpomdl04.dat
[2006/10/05 21:16:33 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2006/10/05 20:05:35 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\JESSY\Application Data\PFP120JPR.{PB
[2006/10/05 20:05:35 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\JESSY\Application Data\PFP120JCM.{PB
[2006/05/24 02:01:14 | 000,000,436 | -H-- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\IPH.BAK
[2006/05/23 19:08:15 | 000,000,028 | ---- | C] () -- C:\WINDOWS\atid.ini
[2006/02/27 18:18:44 | 000,000,056 | RHS- | C] () -- C:\WINDOWS\System32\4A454A7968.sys
[2006/02/25 19:15:23 | 000,000,297 | ---- | C] () -- C:\WINDOWS\EReg072.dat
[2006/01/21 19:56:10 | 000,002,620 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2006/01/18 21:21:48 | 000,000,139 | ---- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\Local Settings\Application Data\fusioncache.dat
[2006/01/09 23:29:01 | 000,000,130 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/01/09 23:12:29 | 000,481,280 | ---- | C] () -- C:\WINDOWS\System32\aswBoot.exe
[2005/12/25 22:09:12 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2005/12/19 00:15:58 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/12/19 00:11:01 | 000,149,504 | ---- | C] () -- C:\WINDOWS\UNWISE.EXE
[2005/12/19 00:05:43 | 000,000,460 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2005/12/19 00:04:15 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2005/12/18 23:43:26 | 000,049,152 | ---- | C] () -- C:\WINDOWS\setpwrcg.exe
[2005/12/18 23:43:10 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
[2005/12/18 23:43:08 | 000,000,392 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004/08/10 15:12:05 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/10 15:07:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/10 15:02:15 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/10 15:01:18 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/10 14:57:52 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/10 14:57:15 | 000,278,152 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/10 14:51:21 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/10 14:51:20 | 000,467,868 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/10 14:51:20 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/10 14:51:20 | 000,080,238 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/10 14:51:20 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/10 14:51:18 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/10 14:51:17 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/10 14:51:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/10 14:51:12 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/10 14:51:11 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/10 14:51:05 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/10 14:50:56 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/04/18 19:43:46 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2004/04/18 19:43:44 | 000,651,264 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll

========== LOP Check ==========

[2006/10/08 19:38:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JESSY\Application Data\EA
[2006/09/29 03:09:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JESSY\Application Data\FilmLoop
[2006/10/05 20:42:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JESSY\Application Data\Smilebox
[2011/06/13 03:17:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lindsay Dawedeit\Application Data\uTorrent

========== Purity Check ==========


< End of report >
 
Do this on the computer you are posting from:
Copy the text in the codebox below:


Code: 
:OTL
SRV - File not found [Auto] -- -- (RoxLiveShare9)
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8592
IE - HKU\Guest_ON_C\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - Reg Error: Key error. File not found
IE - HKU\Guest_ON_C\..\URLSearchHook: {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - Reg Error: Key error. File not found
IE - HKU\JESSY_ON_C\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\JESSY_ON_C\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - Reg Error: Key error. File not found
IE - HKU\JESSY_ON_C\..\URLSearchHook: {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - Reg Error: Key error. File not found
IE - HKU\Lindsay_Dawedeit_ON_C\Software\Microsoft\Windows\CurrentVersion\Interne t Settings: "ProxyOverride" = local
IE - HKU\Lindsay_Dawedeit_ON_C\Software\Microsoft\Windows\CurrentVersion\Interne t Settings: "ProxyServer" = socks=127.0.0.1:4021
O2 - BHO: (no name) - {59c6f12b-f004-43e5-9997-08f2123119b6} - No CLSID value found.
O2 - BHO: (no name) - {EA5CA8B6-9B9C-4994-A7A1-947B6C631BE7} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {59c6f12b-f004-43e5-9997-08f2123119b6} - No CLSID value found.
O3 - HKU\Guest_ON_C\..\Toolbar\WebBrowser: (no name) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - No CLSID value found.
O3 - HKU\Guest_ON_C\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\JESSY_ON_C\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O3 - HKU\Lindsay_Dawedeit_ON_C\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKU\.DEFAULT..\Run: [samybfke] File not found
O4 - HKU\Guest_ON_C..\Run: [MySpaceIM] C:\Documents and Settings\Guest\Application Data\MySpace\IM\bin\MySpaceIM.exe ()
O4 - HKU\Guest_ON_C..\Run: [OE_OEM] File not found
O4 - HKU\Guest_ON_C..\Run: [Yahoo! Pager] File not found
O4 - HKU\JESSY_ON_C..\Run: [MySpaceIM] File not found
O4 - HKU\JESSY_ON_C..\Run: [OE_OEM] File not found
O4 - HKU\JESSY_ON_C..\Run: [swg] File not found
O4 - HKU\JESSY_ON_C..\Run: [Yahoo! Pager] File not found
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get.../ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jin...ndows-i586.cab (Reg Error: Key error.)
O20 - AppInit_DLLs: (C:\WINDOWS\system32\kbdic32.dll) - C:\WINDOWS\system32\kbdic32.dll (Dmitry Streblechenko)
O20 - AppInit_DLLs: (C:\WINDOWS\system32\kbdhu132.dll) - C:\WINDOWS\system32\kbdhu132.dll (Dmitry Streblechenko)
[2011/06/12 00:50:37 | 000,175,616 | ---- | C] (Dmitry Streblechenko) -- C:\WINDOWS\System32\kbdhu132.dll
[2011/06/12 00:50:20 | 000,175,616 | ---- | C] (Dmitry Streblechenko) -- C:\WINDOWS\System32\kbdic32.dll
[2011/06/12 00:51:01 | 000,775,168 | ---- | C] (AIDEX Team) -- C:\WINDOWS\System32\atmlib32.exe
[2011/06/12 00:50:55 | 000,775,168 | ---- | C] (AIDEX Team) -- C:\WINDOWS\System32\CNCFLjJP32.exe
[2011/06/12 00:50:42 | 000,775,168 | ---- | C] (AIDEX Team) -- C:\WINDOWS\System32\ialmrnt532.exe
[2011/06/12 00:50:37 | 000,175,616 | ---- | C] (Dmitry Streblechenko) -- C:\WINDOWS\System32\kbdhu132.dll
[2011/06/12 00:50:29 | 000,775,168 | ---- | C] (AIDEX Team) -- C:\WINDOWS\System32\ialmuCHT32.exe
[2011/06/12 00:50:20 | 000,175,616 | ---- | C] (Dmitry Streblechenko) -- C:\WINDOWS\System32\kbdic32.dll
[2011/06/12 00:49:58 | 000,775,168 | ---- | C] (AIDEX Team) -- C:\WINDOWS\System32\ipxrip32.exe
[2011/06/12 00:49:54 | 000,775,168 | ---- | C] (AIDEX Team) -- C:\WINDOWS\System32\msvfw3232.exe
[2011/06/12 00:49:52 | 000,775,168 | ---- | C] (AIDEX Team) -- C:\WINDOWS\System32\iprop32.exe
[2011/06/12 00:49:25 | 000,775,168 | ---- | C] (AIDEX Team) -- C:\Documents and Settings\Lindsay Dawedeit\0.9559369606395516.exe
[2011/06/12 00:49:25 | 000,775,168 | ---- | C] (AIDEX Team) -- C:\Documents and Settings\Lindsay Dawedeit\0.9001891160520191.exe
[2011/06/12 00:49:25 | 000,775,168 | ---- | C] (AIDEX Team) -- C:\Documents and Settings\Lindsay Dawedeit\0.43833626772242584.exe
[2011/06/12 00:49:23 | 000,775,168 | ---- | C] (AIDEX Team) -- C:\Documents and Settings\Lindsay Dawedeit\0.3058821869240973.exe
[2011/06/10 18:05:55 | 000,001,294 | -HS- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\Local Settings\Application Data\ep6kkw8xbk0184big1gr3105moca8yr5263
[2011/06/04 01:24:21 | 000,011,290 | -HS- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\Local Settings\Application Data\io2j138s300jt5
[2011/05/28 20:21:03 | 000,008,790 | -HS- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\Local Settings\Application Data\245337r41f060nm5sc34053da45p08wb8sf13d412u
[2011/05/27 13:45:57 | 000,013,340 | -HS- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\Local Settings\Application Data\232r7u660p253f31dil511257hxrt
[2011/05/25 17:07:24 | 000,013,468 | -HS- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\Local Settings\Application Data\t2342bpnbb47w8
[2011/05/15 16:56:35 | 000,013,472 | -HS- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\Local Settings\Application Data\d870p7ai35kvn85p1f03nwq3rkvtxt777r6wb20b7gs
[2011/04/15 20:24:48 | 000,013,518 | -HS- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\Local Settings\Application Data\kb1ct45l884db54a8j0jvs53mpyp5v727vs2666h
[2011/03/29 10:31:57 | 000,012,784 | -HS- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\Local Settings\Application Data\75ay16jj8e5
[2011/03/17 23:38:01 | 000,012,602 | -HS- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\Local Settings\Application Data\(+.X)+.,-V),X
[2011/02/20 18:43:09 | 000,013,974 | -HS- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\Local Settings\Application Data\mt1g23v02b57q6ihcw1k2qu8485u81yu7lpn7536y43s
[2006/02/27 18:18:44 | 000,000,056 | RHS- | C] () -- C:\WINDOWS\System32\4A454A7968.sys


:Services

:Reg

:Files

:Commands
[purity]

Open Notepad and paste it.
Save the document as Fix.txt on to a USB flash drive


On the infected computer the following...

Run OTLPE

  • Insert USB stick and find the file Fix.txt. Drag the file Fix.txt and drop it under the Custom Scans/Fixes box at the bottom.
    • (The content of Fix.txt should appear in the box)
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Post the log produced (you'll need to transfer it with USB stick)
  • Attempt to reboot normally into Windows.
 
Ok running fix as we speak, when you mean to reboot the pc the first time you mean to reboot using the boot disk correct?
 
No, remove CD and see, if the computer will boot normally.
It IS severely infected.
 
Ok i see aha.

And one last question, is the fix supposed to take quite a while, because my OTLPE window is just frozen and stuck on processing the first one. Just making sure i didnt do anything incorrectly.
 
Alright so 25 mins later and its still stuck in the same spot. Should i reboot the disk and try again?
 
Ok so i rebooted it and retried the fix, gave it some time and its still just stuck on frozen. Any alternative methods that you would suggest?
 
Did you notice at what point it's getting stuck?


Try Avira AntiVir Rescue System

Using another working computer...
1. Download the Avira AntiVir Rescue System: http://www.free-av.com/en/tools/12/avira_antivir_rescue_system.html
2. Place a blank CD in your burner and double-click on the downloaded file.
3. The program will automatically burn the CD for you.
4. Place the burned CD into the affected computer and start the computer with the CD in the CD tray.
5. On the bottom left side of the screen there are 2 flags. Using your mouse click on the British flag to use English.
6. Click on the Configuration button.

- Select Scan all files
- Select Try to repair infected files and Rename files, if they cannot be removed
- Select Scan for dialers
- Select Scan for joke programs (Jokes)
- Select Scan for games
- Select Scan for spyware (SPR)

7. Click on Virus scanner
8. Click on Start scanner at the bottom of the screen.

9. Let Avira finish it's scan and then remove any threats found and then exit out of the scanner.
10. Take the CD out of the CD/DVD tray and then restart the computer.

If needed see this Tutorial for the Avira Rescue CD: http://forum.avira.com/wbb/index.php?page=Thread&threadID=82163
 
It getting stuck right at
Processing IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

And ok I will definitely do that... Thanks. Ill update you once finished.
 
Let's re-try with those "IE" lines removed.

New code:

Code: 
:OTL
SRV - File not found [Auto] -- -- (RoxLiveShare9)
O2 - BHO: (no name) - {59c6f12b-f004-43e5-9997-08f2123119b6} - No CLSID value found.
O2 - BHO: (no name) - {EA5CA8B6-9B9C-4994-A7A1-947B6C631BE7} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {59c6f12b-f004-43e5-9997-08f2123119b6} - No CLSID value found.
O3 - HKU\Guest_ON_C\..\Toolbar\WebBrowser: (no name) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - No CLSID value found.
O3 - HKU\Guest_ON_C\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\JESSY_ON_C\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O3 - HKU\Lindsay_Dawedeit_ON_C\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKU\.DEFAULT..\Run: [samybfke] File not found
O4 - HKU\Guest_ON_C..\Run: [MySpaceIM] C:\Documents and Settings\Guest\Application Data\MySpace\IM\bin\MySpaceIM.exe ()
O4 - HKU\Guest_ON_C..\Run: [OE_OEM] File not found
O4 - HKU\Guest_ON_C..\Run: [Yahoo! Pager] File not found
O4 - HKU\JESSY_ON_C..\Run: [MySpaceIM] File not found
O4 - HKU\JESSY_ON_C..\Run: [OE_OEM] File not found
O4 - HKU\JESSY_ON_C..\Run: [swg] File not found
O4 - HKU\JESSY_ON_C..\Run: [Yahoo! Pager] File not found
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get.../ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jin...ndows-i586.cab (Reg Error: Key error.)
O20 - AppInit_DLLs: (C:\WINDOWS\system32\kbdic32.dll) - C:\WINDOWS\system32\kbdic32.dll (Dmitry Streblechenko)
O20 - AppInit_DLLs: (C:\WINDOWS\system32\kbdhu132.dll) - C:\WINDOWS\system32\kbdhu132.dll (Dmitry Streblechenko)
[2011/06/12 00:50:37 | 000,175,616 | ---- | C] (Dmitry Streblechenko) -- C:\WINDOWS\System32\kbdhu132.dll
[2011/06/12 00:50:20 | 000,175,616 | ---- | C] (Dmitry Streblechenko) -- C:\WINDOWS\System32\kbdic32.dll
[2011/06/12 00:51:01 | 000,775,168 | ---- | C] (AIDEX Team) -- C:\WINDOWS\System32\atmlib32.exe
[2011/06/12 00:50:55 | 000,775,168 | ---- | C] (AIDEX Team) -- C:\WINDOWS\System32\CNCFLjJP32.exe
[2011/06/12 00:50:42 | 000,775,168 | ---- | C] (AIDEX Team) -- C:\WINDOWS\System32\ialmrnt532.exe
[2011/06/12 00:50:37 | 000,175,616 | ---- | C] (Dmitry Streblechenko) -- C:\WINDOWS\System32\kbdhu132.dll
[2011/06/12 00:50:29 | 000,775,168 | ---- | C] (AIDEX Team) -- C:\WINDOWS\System32\ialmuCHT32.exe
[2011/06/12 00:50:20 | 000,175,616 | ---- | C] (Dmitry Streblechenko) -- C:\WINDOWS\System32\kbdic32.dll
[2011/06/12 00:49:58 | 000,775,168 | ---- | C] (AIDEX Team) -- C:\WINDOWS\System32\ipxrip32.exe
[2011/06/12 00:49:54 | 000,775,168 | ---- | C] (AIDEX Team) -- C:\WINDOWS\System32\msvfw3232.exe
[2011/06/12 00:49:52 | 000,775,168 | ---- | C] (AIDEX Team) -- C:\WINDOWS\System32\iprop32.exe
[2011/06/12 00:49:25 | 000,775,168 | ---- | C] (AIDEX Team) -- C:\Documents and Settings\Lindsay Dawedeit\0.9559369606395516.exe
[2011/06/12 00:49:25 | 000,775,168 | ---- | C] (AIDEX Team) -- C:\Documents and Settings\Lindsay Dawedeit\0.9001891160520191.exe
[2011/06/12 00:49:25 | 000,775,168 | ---- | C] (AIDEX Team) -- C:\Documents and Settings\Lindsay Dawedeit\0.43833626772242584.exe
[2011/06/12 00:49:23 | 000,775,168 | ---- | C] (AIDEX Team) -- C:\Documents and Settings\Lindsay Dawedeit\0.3058821869240973.exe
[2011/06/10 18:05:55 | 000,001,294 | -HS- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\Local Settings\Application Data\ep6kkw8xbk0184big1gr3105moca8yr5263
[2011/06/04 01:24:21 | 000,011,290 | -HS- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\Local Settings\Application Data\io2j138s300jt5
[2011/05/28 20:21:03 | 000,008,790 | -HS- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\Local Settings\Application Data\245337r41f060nm5sc34053da45p08wb8sf13d412u
[2011/05/27 13:45:57 | 000,013,340 | -HS- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\Local Settings\Application Data\232r7u660p253f31dil511257hxrt
[2011/05/25 17:07:24 | 000,013,468 | -HS- | M] () -- C:\Documents and Settings\Lindsay Dawedeit\Local Settings\Application Data\t2342bpnbb47w8
[2011/05/15 16:56:35 | 000,013,472 | -HS- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\Local Settings\Application Data\d870p7ai35kvn85p1f03nwq3rkvtxt777r6wb20b7gs
[2011/04/15 20:24:48 | 000,013,518 | -HS- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\Local Settings\Application Data\kb1ct45l884db54a8j0jvs53mpyp5v727vs2666h
[2011/03/29 10:31:57 | 000,012,784 | -HS- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\Local Settings\Application Data\75ay16jj8e5
[2011/03/17 23:38:01 | 000,012,602 | -HS- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\Local Settings\Application Data\(+.X)+.,-V),X
[2011/02/20 18:43:09 | 000,013,974 | -HS- | C] () -- C:\Documents and Settings\Lindsay Dawedeit\Local Settings\Application Data\mt1g23v02b57q6ihcw1k2qu8485u81yu7lpn7536y43s
[2006/02/27 18:18:44 | 000,000,056 | RHS- | C] () -- C:\WINDOWS\System32\4A454A7968.sys


:Services

:Reg

:Files

:Commands
[purity]
 
Wow thank you so much, i tried it with the new code and it worked perfectly, took about 5 sesonds aha. And i rebooted my computer and it started up and went straight to my desktop.
So now what do you suggest I do?
 
Ok so here is what was happening. Everything was running fine as I was following the 7 Step Virus removal thread. I finished both the Virus and Malwarebytes scan and it was getting late so I went to sleep. I booted my computer today and the screen resolution was all the way down and for some reason my graphics card wasnt working. I kept getting a code 10.So i started Internet explorer to try to find a way to fix that, and all the sudden I kept getting all these random errors saying there is a problem with one of the disk drives and it is reccomended that I reboot the computer. And a random program pops up called "Windows XP Repair" or something (Cant exactly remember). And it said I have problems to fix so I selected fix and half of them fixed, and the other half didnt. They werent like viruses but it said they were problems with my hard drive and RAM and such. I was really confused because I have never seen that program before. So then after that I rebooted and it took an extremely long time to startup and get to the Desktop. Like 40 mins or so. And the desktops not even loaded fully, non of my items have shown up yet.


***UPDATE*

ok the desktop loaded and it took me straight back to "Windows XP Repair"
I try to open task manager and it says that task manager has been disabled by my administrator. Which is not true. I am going to do some research on this program..
 
Status
Not open for further replies.

Similar threads

E
I have been taken over by a software called Astanda using XML to Log everything and roaming to an SQL server.
Replies
0
Views
466
eriksnyman1
E
bruno167573
What should i do?
Replies
3
Views
97
bruno167573
bruno167573
Squid Surprise
Threadripper 7980x Build - occasional black screen?
Replies
5
Views
169
Squid Surprise
Squid Surprise

Latest posts

Back