[Closed] Computer goes into restart cycle

Status
Not open for further replies.
N

nwaters31

Posts: 6   +0
Ever since I installed Microsoft Security Essentials on my partner's laptop when I startup it says "windows has encountered a critical error and must restart in one minute. Please save your work". I cannot get it to cancel the auto shutdown even with "shutdown -a" in cmd. I tried using kaspersky disc 10 and it found several Trojans and 1 virus but on restarting the problem still remained.
 
Hello, and welcome to TechSpot.


rulesx.png
Please see here for the board rules and other FAQ.

Please feel free to introduce yourself, after you follow the steps below to get started.

Information
  • From this point on, please do not make any more changes to your computer; such as install/uninstall programs, use special fix tools, delete files, edit the registry, etc. - unless advised by a malware removal helper.
  • Please do not ask for help elsewhere (in this site or other sites). Doing so can result in system changes, which may not show up in the logs you post.
  • If you have already asked for help somewhere, please post the link to the topic you were helped.
  • We try our best to reply quickly, but for any reason we do not reply in two days, please reply to this topic with the word BUMP!
  • Lastly, keep in mind that we are volunteers, so you do not have to pay for malware removal. Persist in this topic until its close, and your computer is declared clean.

Download Farbar Recovery Scan Tool and save it to a flash drive.


Depending on your type of system, you will have to select 32-bit or 64-bit accordingly. How do I tell?

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Choose your language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.
To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Choose your language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.
On the System Recovery Options menu you will get the following options:
    • Startup Repair
      System Restore
      Windows Complete PC Restore
      Windows Memory Diagnostic Tool
      Command Prompt
  • Select Command Prompt
  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst.exe and press Enter
    Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to the disclaimer.
  • Place a check next to List Drivers MD5 as well as the default check marks that are already there
  • Press Scan button. It will do its scan and save a log on your flash drive.
  • Close out of the message after that, then type in the text services.exe in to the "Search:" text box. Then, press the Search file(s) button, just as below:
    frst2.jpg

    When done searching, FRST makes a log, Search.txt, on the C:\ drive or on your flash drive.
  • Type exit in the Command Prompt window and reboot the computer normally
  • FRST will make a log (FRST.txt) on the flash drive and also the search.txt logfile, please copy and paste the logs in your reply.
 
***FRST Log***
Scan result of Farbar Recovery Scan Tool (FRST written by Farbar) Version: 21-08-2012 02
Ran by SYSTEM at 22-08-2012 09:36:04
Running from G:\
Windows Vista (TM) Home Premium (X86) OS Language: English(US)
The current controlset is ControlSet001

========================== Registry (Whitelisted) =============

HKLM\...\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe [102400 2007-09-15] (Synaptics, Inc.)
HKLM\...\Run: [RtHDVCpl] RtHDVCpl.exe [x]
HKLM\...\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [174616 2007-07-24] (Intel Corporation)
HKLM\...\Run: [OnScreenDisplay] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe [554320 2007-09-04] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe" [51048 2007-08-24] (Symantec Corporation)
HKLM\...\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart [86016 2007-09-19] (NVIDIA Corporation)
HKLM\...\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup [8497696 2007-09-19] (NVIDIA Corporation)
HKLM\...\Run: [] [x]
HKLM\...\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [931200 2012-03-25] (Microsoft Corporation)
HKU\Anton\...\Run: [Ekapx] C:\Users\Anton\AppData\Roaming\Hasyo\qomai.exe [x]
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
AppInit_DLLs:
IMEO: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\AcroRd32.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\agent.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\blasterball3-wt.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\chuzzle-wt.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\diner dash-wt.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\dpexpimp.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\dpfplogonmanager.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\dpproperties.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\dpregapp.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\dprunhlp.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\excel.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\fate-wt.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\golf-wt.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\granny-wt.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\hpwucli.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\insaniquariumdeluxe-wt.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\isuspm.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\itunes.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\jewelquest-wt.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\jqsolitaire-wt.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\mahjong-wt.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\maze-wt.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\mga-wt.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\msaccess.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\msoxmled.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\mspub.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\mstore.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\onplay.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\otto-wt.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\outlook.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\penguins-wt.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\polar-wt.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\powerpnt.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\presentationhost.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\qp.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\qpmanager.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\racing-wt.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\regmech.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\ricochet-wt.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\slingo-wt.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\ssp-wt.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\tradewinds-wt.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\unins000.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\virtualvillagers-wt.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\winbej2-wt.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\winword.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\wonders-wt.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\zuma-wt.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
Lsa: [Notification Packages] scecli
DPPWDFLT

================================ Services (Whitelisted) ==================

2 Eventlog; C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [21504 2008-01-18] (Microsoft Corporation)
2 gupdate1ca536734e0efb0; "C:\Program Files\Google\Update\GoogleUpdate.exe" /svc [133104 2009-10-22] (Google Inc.)
2 MsMpSvc; "C:\Program Files\Microsoft Security Client\MsMpEng.exe" [11552 2012-03-25] (Microsoft Corporation)
3 MSSQL$MSSMLBIZ; "C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sMSSMLBIZ [29293408 2010-12-10] (Microsoft Corporation)
3 NisSrv; "C:\Program Files\Microsoft Security Client\NisSrv.exe" [214952 2012-03-25] (Microsoft Corporation)
2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [66872 2011-08-17] ()
2 PnkBstrB; C:\Windows\system32\PnkBstrB.exe [103736 2011-08-17] ()
2 Protector by IB Updater; C:\Program Files\Protector by IB\ExtensionUpdaterService.exe [183808 2012-04-02] ()
4 QPCapSvc; "C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe" [271760 2007-09-30] ()
4 QPSched; "C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe" [112016 2007-09-30] ()
2 RichVideo; "C:\Program Files\CyberLink\Shared Files\RichVideo.exe" [272024 2007-01-09] ()
3 Symantec Core LC; C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe [1245064 2008-10-24] ()
2 TuneUp.UtilitiesSvc; "C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe" [1528672 2012-05-29] (TuneUp Software)
2 ccEvtMgr; "c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon [x]
2 ccSetMgr; "c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon [x]
2 CLTNetCnService; "c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon [x]
3 comHost; "c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe" [x]
4 HP Health Check Service; "c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe" [x]
2 LiveUpdate Notice; "c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon [x]

========================== Drivers (Whitelisted) =============

3 ATSWPDRV; C:\Windows\System32\DRIVERS\ATSwpDrv.sys [146560 2007-08-28] (AuthenTec, Inc.)
3 HpqRemHid; C:\Windows\System32\DRIVERS\HpqRemHid.sys [7168 2007-07-11] (Hewlett-Packard Development Company, L.P.)
3 IDSvix86; \??\C:\PROGRA~2\Symantec\DEFINI~1\SymcData\ipsdefs\20070823.002\IDSvix86.sys [180272 2007-08-15] (Symantec Corporation)
0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [171064 2012-03-20] (Microsoft Corporation)
3 SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [123952 2008-10-24] (Symantec Corporation)
3 SymIM; C:\Windows\System32\DRIVERS\SymIM.sys [31280 2007-08-09] (Symantec Corporation)
3 SymIMMP; C:\Windows\System32\DRIVERS\SymIM.sys [31280 2007-08-09] (Symantec Corporation)
3 SYMREDRV; C:\Windows\System32\Drivers\SYMREDRV.SYS [22320 2007-08-13] (Symantec Corporation)
1 SYMTDI; C:\Windows\System32\Drivers\SYMTDI.SYS [188464 2007-08-13] (Symantec Corporation)
3 TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys [10064 2012-05-07] (TuneUp Software)
2 {22D78859-9CE9-4B77-BF18-AC83E81A9263}; \??\C:\Program Files\HP\QuickPlay\000.fcl [39408 2007-09-30] (Cyberlink Corp.)
4 blbdrive; C:\Windows\system32\drivers\blbdrive.sys [x]
2 CO_Mon; \??\C:\Windows\system32\drivers\CO_Mon.sys [x]
3 IpInIp; C:\Windows\System32\DRIVERS\ipinip.sys [x]
3 NwlnkFlt; C:\Windows\System32\DRIVERS\nwlnkflt.sys [x]
3 NwlnkFwd; C:\Windows\System32\DRIVERS\nwlnkfwd.sys [x]

========================== NetSvcs (Whitelisted) ===========


============ One Month Created Files and Folders ==============

2012-08-21 05:40 - 2012-08-21 07:32 - 00000000 ___AD C:\Kaspersky Rescue Disk 10.0
2012-08-20 19:47 - 2012-08-20 19:30 - 14229744 ____N (DT Soft Ltd) C:\Users\Anton\Desktop\DTLite4454-0315.exe
2012-08-20 19:45 - 2012-08-20 19:42 - 274393088 ____N C:\Users\Anton\Desktop\kav_rescue_10.iso
2012-08-20 19:44 - 2012-08-20 19:44 - 00000728 ____A C:\Users\Anton\Desktop\shutdown (2).lnk
2012-08-20 19:23 - 2012-08-20 19:24 - 00000728 ____A C:\Users\Anton\Desktop\shutdown.lnk
2012-08-20 19:20 - 2012-08-20 19:20 - 00000174 ____A C:\Users\Anton\Desktop\New Shortcut.lnk
2012-08-20 19:02 - 2012-08-20 19:02 - 00000000 ____D C:\Users\Anton\My Documents\My Weblog Posts
2012-08-20 19:02 - 2012-08-20 19:02 - 00000000 ____D C:\Users\Anton\Documents\My Weblog Posts
2012-08-20 19:02 - 2012-08-20 19:02 - 00000000 ____D C:\Users\Anton\Application Data\Windows Live Writer
2012-08-20 19:02 - 2012-08-20 19:02 - 00000000 ____D C:\Users\Anton\AppData\Roaming\Windows Live Writer
2012-08-20 18:43 - 2012-08-20 18:43 - 00001945 ____A C:\Windows\epplauncher.mif
2012-08-20 18:42 - 2012-08-20 18:43 - 00000000 ____D C:\Program Files\Microsoft Security Client
2012-08-20 18:41 - 2012-08-20 18:42 - 00981754 ____A C:\Users\All Users\LUUNINSTALL.LIVEUPDATE
2012-08-20 18:41 - 2012-08-20 18:42 - 00981754 ____A C:\Users\All Users\Application Data\LUUNINSTALL.LIVEUPDATE
2012-08-20 18:39 - 2012-08-20 18:40 - 10288512 ____A (Microsoft Corporation) C:\Users\Anton\Downloads\mseinstall (1).exe
2012-08-20 18:35 - 2012-08-20 18:35 - 12621696 ____A (Microsoft Corporation) C:\Users\Anton\Downloads\mseinstall.exe
2012-08-20 04:29 - 2012-08-20 05:15 - 00000000 ____D C:\Users\Anton\Desktop\Exam Revision
2012-08-19 19:15 - 2012-08-19 19:15 - 00001865 ____A C:\Users\Public\Desktop\TuneUp Utilities 2012.lnk
2012-08-19 19:15 - 2012-08-19 19:15 - 00001865 ____A C:\Users\All Users\Desktop\TuneUp Utilities 2012.lnk
2012-08-19 19:15 - 2012-05-29 03:16 - 00031584 ____A (TuneUp Software) C:\Windows\System32\TURegOpt.exe
2012-08-19 19:15 - 2012-05-29 03:16 - 00021344 ____A (TuneUp Software) C:\Windows\System32\authuitu.dll
2012-08-19 19:14 - 2012-08-19 19:15 - 00000000 ____D C:\Program Files\TuneUp Utilities 2012
2012-08-19 19:14 - 2012-08-19 19:14 - 00000000 ____D C:\Users\Anton\Application Data\TuneUp Software
2012-08-19 19:14 - 2012-08-19 19:14 - 00000000 ____D C:\Users\Anton\AppData\Roaming\TuneUp Software
2012-08-19 19:13 - 2012-08-19 19:15 - 00000000 ____D C:\Users\All Users\TuneUp Software
2012-08-19 19:13 - 2012-08-19 19:15 - 00000000 ____D C:\Users\All Users\Application Data\TuneUp Software
2012-08-19 19:13 - 2012-08-19 19:13 - 00000000 __SHD C:\Users\All Users\Application Data\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2012-08-19 19:13 - 2012-08-19 19:13 - 00000000 __SHD C:\Users\All Users\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2012-08-19 19:10 - 2012-08-19 19:10 - 27930544 ____A (TuneUp Software) C:\Users\Anton\Downloads\TuneUpUtilities2012_en-US.exe
2012-08-19 19:10 - 2012-08-19 19:10 - 00001894 ____A C:\Users\Public\Desktop\Adobe Reader X.lnk
2012-08-19 19:10 - 2012-08-19 19:10 - 00001894 ____A C:\Users\All Users\Desktop\Adobe Reader X.lnk
2012-08-19 19:10 - 2012-08-19 19:10 - 00000000 ____D C:\Program Files\Common Files\Adobe
2012-08-19 19:02 - 2012-08-19 19:03 - 54476696 ____A (Adobe Systems Incorporated) C:\Users\Anton\Downloads\AdbeRdr1013_en_US.exe
2012-08-18 21:32 - 2012-08-18 21:32 - 12430576 ____A C:\Users\Anton\Downloads\E4E1.tmp
2012-08-18 01:25 - 2012-08-18 01:25 - 00000000 ____D C:\Users\Anton\Downloads\Rocky IV
2012-08-18 01:23 - 2012-08-18 01:23 - 00028508 ____A C:\Users\Anton\Downloads\[isoHunt] Rocky IV.torrent
2012-08-12 06:22 - 2012-08-12 06:22 - 00007223 ____A C:\Users\Anton\Downloads\[isoHunt] The.Office.6x22.(HDTV-2HD)[VTV].torrent
2012-08-12 02:56 - 2012-08-12 06:00 - 183543738 ____A C:\Users\Anton\Downloads\The.Office.S06E22.HDTV.XviD-2HD.[VTV].avi
2012-08-12 02:52 - 2012-08-12 02:58 - 00000000 ____D C:\Users\Anton\Downloads\The Office US - The Complete Season 7 [HDTV]
2012-08-12 02:52 - 2012-08-12 02:52 - 00007243 ____A C:\Users\Anton\Downloads\[isoHunt] The.Office.S06E22.HDTV.XviD-2HD.[VTV].avi.torrent
2012-08-12 02:51 - 2012-08-12 02:51 - 00025720 ____A C:\Users\Anton\Downloads\[isoHunt] The Office US - The Complete Season 7 [HDTV].torrent
2012-08-12 02:34 - 2012-08-12 02:36 - 00000000 ____D C:\Users\Anton\Downloads\Contraband.2012.DVDRip.XViD-NYDIC
2012-08-12 02:33 - 2012-08-12 02:33 - 00057584 ____A C:\Users\Anton\Downloads\[isoHunt] b3c62d331bffd81e9422284d5a0bcbd9a451eb6e.torrent
2012-08-10 09:27 - 2012-08-10 09:27 - 00000000 ____D C:\Program Files\Oracle
2012-08-10 09:26 - 2012-07-05 04:36 - 00227760 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe
2012-08-10 09:25 - 2012-08-10 09:25 - 00174064 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe
2012-08-10 09:25 - 2012-08-10 09:25 - 00174064 ____A (Oracle Corporation) C:\Windows\System32\java.exe
2012-08-10 09:23 - 2012-08-10 09:23 - 00893936 ____A (Oracle Corporation) C:\Users\Anton\Downloads\chromeinstall-7u5.exe
2012-08-09 01:03 - 2012-08-09 02:11 - 00000000 ____D C:\Users\Anton\Downloads\Colditz-AC3-5,1-DVDRip[Eng]2005
2012-08-09 00:59 - 2012-08-09 00:59 - 00018657 ____A C:\Users\Anton\Downloads\[isoHunt] Colditz-AC3-5,1-DVDRip[Eng]2005.torrent
2012-08-03 20:41 - 2012-08-03 20:43 - 00000000 ____D C:\Users\Anton\Downloads\The Office Season 2
2012-08-03 03:29 - 2012-08-03 03:29 - 00426184 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2012-08-03 03:29 - 2012-08-03 03:29 - 00070344 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2012-08-03 01:25 - 2012-08-03 01:25 - 00000000 ____D C:\Users\Anton\Downloads\The Office Season 1
2012-08-01 18:54 - 2012-08-01 19:02 - 183292780 ____A C:\Users\Anton\Downloads\The.Office.S08E15.HDTV.XviD-LOL.[VTV].avi
2012-08-01 18:53 - 2012-08-01 19:00 - 00000000 ____D C:\Users\Anton\Downloads\The Office S08E14 REPACK HDTV XviD-2HD[ettv]
2012-08-01 18:41 - 2012-08-01 18:52 - 161865412 ____A C:\Users\Anton\Downloads\The.Office.S08E24.HDTV.x264-LOL.[VTV].mp4
2012-08-01 18:41 - 2012-08-01 18:50 - 181691335 ____A C:\Users\Anton\Downloads\The.Office.S08E22.HDTV.x264-LOL.[VTV].mp4
2012-08-01 18:41 - 2012-08-01 18:50 - 168553581 ____A C:\Users\Anton\Downloads\The.Office.S08E23.HDTV.x264-LOL.[VTV].mp4
2012-08-01 18:13 - 2012-08-01 18:19 - 179694184 ____A C:\Users\Anton\Downloads\The.Office.S08E21.HDTV.x264-LOL.[VTV].mp4
2012-08-01 18:04 - 2012-08-02 16:35 - 00000000 ____D C:\Users\Anton\Downloads\The Office S08E19 HDTV XviD-2HD[ettv]
2012-08-01 18:04 - 2012-08-01 18:17 - 188600132 ____A C:\Users\Anton\Downloads\The Office Episode 20.mp4
2012-08-01 18:03 - 2012-08-02 16:33 - 00000000 ____D C:\Users\Anton\Downloads\The Office US S08E17 HDTV XviD-2HD[ettv]
2012-08-01 17:26 - 2012-08-02 16:34 - 00000000 ____D C:\Users\Anton\Downloads\The Office S08E18 HDTV XviD-2HD[ettv]
2012-08-01 17:25 - 2012-08-01 17:38 - 00000000 ____D C:\Users\Anton\Downloads\The Office US S08E16 HDTV XviD-2HD[ettv]
2012-07-31 20:46 - 2012-07-31 20:46 - 00015652 ____A C:\Users\Anton\Downloads\The.Office.US.S08E16.HDTV.XviD-2HD_[www.NewTorrents.info].torrent
2012-07-31 20:45 - 2012-07-31 20:45 - 00292688 ____A (Premium) C:\Users\Anton\Downloads\DownloadSetup (1).exe
2012-07-31 20:42 - 2012-08-10 09:19 - 00000000 ____D C:\Users\Anton\Desktop\Essay 2
2012-07-31 14:59 - 2012-07-31 15:08 - 182819188 ____A C:\Users\Anton\Downloads\The.Office.S08E13.HDTV.XviD-LOL.[VTV].avi
2012-07-31 14:58 - 2012-07-31 15:09 - 183572480 ____A C:\Users\Anton\Downloads\The.Office.S08E12.HDTV.XviD-LOL.[VTV].avi
2012-07-31 14:57 - 2012-07-31 15:03 - 183489168 ____A C:\Users\Anton\Downloads\The.Office.S08E11.HDTV.XviD-LOL.[VTV].avi
2012-07-30 19:49 - 2012-07-30 20:03 - 182619500 ____A C:\Users\Anton\Downloads\The.Office.S08E09.HDTV.XviD-2HD.[VTV].avi
2012-07-30 19:49 - 2012-07-30 20:00 - 183495174 ____A C:\Users\Anton\Downloads\The.Office.S08E10.HDTV.XviD-LOL.[VTV].avi
2012-07-30 19:48 - 2012-07-30 20:00 - 183560192 ____A C:\Users\Anton\Downloads\The.Office.S08E08.HDTV.XviD-LOL.[VTV].avi
2012-07-30 18:33 - 2012-07-30 18:41 - 182990426 ____A C:\Users\Anton\Downloads\The.Office.S08E07.HDTV.XviD-LOL.[VTV].avi
2012-07-30 18:32 - 2012-07-30 18:43 - 183501592 ____A C:\Users\Anton\Downloads\The.Office.S08E05.HDTV.XviD-LOL.[VTV].avi
2012-07-30 18:32 - 2012-07-30 18:42 - 183551314 ____A C:\Users\Anton\Downloads\The.Office.S08E06.HDTV.XviD-LOL.[VTV].avi
2012-07-29 21:30 - 2012-07-29 21:48 - 00000000 ____D C:\Users\Anton\Downloads\The Office S08E04 HDTV XviD-LOL
2012-07-29 21:26 - 2012-07-29 21:30 - 183062774 ____A C:\Users\Anton\Downloads\The.Office.S08E03.HDTV.XviD-LOL.[VTV].avi
2012-07-29 01:58 - 2012-07-29 02:04 - 183584342 ____A C:\Users\Anton\Downloads\The.Office.S08E02.HDTV.XviD-LOL.[VTV].avi
2012-07-29 01:53 - 2012-07-29 02:00 - 183574086 ____A C:\Users\Anton\Downloads\The.Office.S08E01.HDTV.XviD-LOL.[VTV].avi
2012-07-27 01:36 - 2012-08-05 22:38 - 00000000 ____D C:\Users\Anton\Application Data\Olekyq
2012-07-27 01:36 - 2012-08-05 22:38 - 00000000 ____D C:\Users\Anton\AppData\Roaming\Olekyq
2012-07-27 01:36 - 2012-07-27 01:36 - 00000000 ____D C:\Users\Anton\Application Data\Yqoqve
2012-07-27 01:36 - 2012-07-27 01:36 - 00000000 ____D C:\Users\Anton\AppData\Roaming\Yqoqve
2012-07-26 04:47 - 2012-08-02 18:59 - 00012320 ____A C:\Users\Anton\My Documents\WIGHT2012.TAX
2012-07-26 04:47 - 2012-08-02 18:59 - 00012320 ____A C:\Users\Anton\Documents\WIGHT2012.TAX
2012-07-26 04:47 - 2012-07-31 22:11 - 00011408 ____A C:\Users\Anton\My Documents\WIGHT2012.BAK
2012-07-26 04:47 - 2012-07-31 22:11 - 00011408 ____A C:\Users\Anton\Documents\WIGHT2012.BAK
2012-07-26 04:37 - 2012-07-26 04:37 - 00000400 ____A C:\Users\Anton\My Documents\ANTHONY2012.TAX
2012-07-26 04:37 - 2012-07-26 04:37 - 00000400 ____A C:\Users\Anton\Documents\ANTHONY2012.TAX
2012-07-26 04:21 - 2012-07-26 04:21 - 00001422 ____A C:\Users\Anton\Desktop\e-tax 2012.lnk
2012-07-26 04:21 - 2012-07-26 04:21 - 00000627 ____A C:\Users\Anton\Desktop\e-tax 2012_uninstall.lnk
2012-07-26 04:21 - 2012-07-26 04:21 - 00000000 ____D C:\Users\Anton\Local Settings\etax2012
2012-07-26 04:21 - 2012-07-26 04:21 - 00000000 ____D C:\Users\Anton\Local Settings\Application Data\etax2012
2012-07-26 04:21 - 2012-07-26 04:21 - 00000000 ____D C:\Users\Anton\AppData\Local\etax2012
2012-07-26 04:20 - 2012-07-26 04:21 - 00000000 ____D C:\Users\Anton\Desktop\help
2012-07-26 04:18 - 2012-07-26 04:18 - 09369600 ____A C:\Users\Anton\Downloads\etax2012_1.msi
2012-07-25 03:27 - 2012-07-25 03:29 - 00000000 ____D C:\Users\Anton\Downloads\Independence Day Special Edition dvd rip xvd.Rets
2012-07-25 03:19 - 2012-07-25 03:31 - 324136329 ____A C:\Users\Anton\Downloads\[clips4sale.com]071812VF_DoublePop.wmv
2012-07-24 03:20 - 2012-07-24 03:23 - 00000000 ____D C:\Users\Anton\Downloads\Iron Man 2[2010]DvDrip[Eng]-FXG
2012-07-24 03:19 - 2012-07-24 03:31 - 00000000 ____D C:\Users\Anton\Downloads\Planet Of The Apes 2001 DVDRip XviD-iNNERCORE (Kingdom-Release)
2012-07-23 05:02 - 2012-07-23 05:02 - 00047104 ____A C:\Users\Anton\Downloads\20680-b16-Australia (Australia).xls
2012-07-23 00:16 - 2012-07-23 00:42 - 00000000 ____D C:\Users\Anton\Downloads\Scream 4


============ 3 Months Modified Files ========================

2012-08-20 22:57 - 2008-12-16 01:42 - 00027335 ____A C:\Users\Anton\Application Data\nvModes.001
2012-08-20 22:57 - 2008-12-16 01:42 - 00027335 ____A C:\Users\Anton\AppData\Roaming\nvModes.001
2012-08-20 22:56 - 2009-10-22 14:39 - 00000882 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2012-08-20 22:56 - 2008-12-20 05:44 - 00279040 ____A (Microsoft Corporation) C:\Windows\System32\services.exe
2012-08-20 22:55 - 2006-11-02 05:01 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-08-20 22:55 - 2006-11-02 04:47 - 00003168 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2012-08-20 22:55 - 2006-11-02 04:47 - 00003168 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2012-08-20 19:44 - 2012-08-20 19:44 - 00000728 ____A C:\Users\Anton\Desktop\shutdown (2).lnk
2012-08-20 19:42 - 2012-08-20 19:45 - 274393088 ____N C:\Users\Anton\Desktop\kav_rescue_10.iso
2012-08-20 19:30 - 2012-08-20 19:47 - 14229744 ____N (DT Soft Ltd) C:\Users\Anton\Desktop\DTLite4454-0315.exe
2012-08-20 19:24 - 2012-08-20 19:23 - 00000728 ____A C:\Users\Anton\Desktop\shutdown.lnk
2012-08-20 19:20 - 2012-08-20 19:20 - 00000174 ____A C:\Users\Anton\Desktop\New Shortcut.lnk
2012-08-20 19:18 - 2008-12-16 01:48 - 00148480 ____A C:\Users\Anton\Local Settings\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-08-20 19:18 - 2008-12-16 01:48 - 00148480 ____A C:\Users\Anton\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-08-20 19:18 - 2008-12-16 01:48 - 00148480 ____A C:\Users\Anton\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-08-20 19:12 - 2008-12-17 16:29 - 00000836 ____A C:\Windows\bthservsdp.dat
2012-08-20 19:12 - 2006-11-02 05:01 - 00032630 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2012-08-20 18:55 - 2008-10-24 07:55 - 00080230 ____A C:\Windows\PFRO.log
2012-08-20 18:44 - 2008-10-24 09:48 - 01980948 ____A C:\Windows\WindowsUpdate.log
2012-08-20 18:43 - 2012-08-20 18:43 - 00001945 ____A C:\Windows\epplauncher.mif
2012-08-20 18:42 - 2012-08-20 18:41 - 00981754 ____A C:\Users\All Users\LUUNINSTALL.LIVEUPDATE
2012-08-20 18:42 - 2012-08-20 18:41 - 00981754 ____A C:\Users\All Users\Application Data\LUUNINSTALL.LIVEUPDATE
2012-08-20 18:42 - 2006-11-02 02:33 - 00789240 ____A C:\Windows\System32\PerfStringBackup.INI
2012-08-20 18:40 - 2012-08-20 18:39 - 10288512 ____A (Microsoft Corporation) C:\Users\Anton\Downloads\mseinstall (1).exe
2012-08-20 18:35 - 2012-08-20 18:35 - 12621696 ____A (Microsoft Corporation) C:\Users\Anton\Downloads\mseinstall.exe
2012-08-20 18:32 - 2009-10-22 14:39 - 00000886 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2012-08-20 18:26 - 2008-10-24 09:59 - 00004549 ____A C:\Windows\HPQLB.LOG
2012-08-20 17:47 - 2008-11-14 04:13 - 00107216 ____A C:\Users\Anton\Local Settings\GDIPFONTCACHEV1.DAT
2012-08-20 17:47 - 2008-11-14 04:13 - 00107216 ____A C:\Users\Anton\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2012-08-20 17:47 - 2008-11-14 04:13 - 00107216 ____A C:\Users\Anton\AppData\Local\GDIPFONTCACHEV1.DAT
2012-08-20 17:46 - 2008-10-24 09:59 - 00000163 ____A C:\Users\Public\Documents\hpqp.ini
2012-08-20 17:46 - 2008-10-24 09:59 - 00000163 ____A C:\Users\All Users\Documents\hpqp.ini
2012-08-20 01:36 - 2006-11-02 04:47 - 00389320 ____A C:\Windows\System32\FNTCACHE.DAT
2012-08-19 19:15 - 2012-08-19 19:15 - 00001865 ____A C:\Users\Public\Desktop\TuneUp Utilities 2012.lnk
2012-08-19 19:15 - 2012-08-19 19:15 - 00001865 ____A C:\Users\All Users\Desktop\TuneUp Utilities 2012.lnk
2012-08-19 19:10 - 2012-08-19 19:10 - 27930544 ____A (TuneUp Software) C:\Users\Anton\Downloads\TuneUpUtilities2012_en-US.exe
2012-08-19 19:10 - 2012-08-19 19:10 - 00001894 ____A C:\Users\Public\Desktop\Adobe Reader X.lnk
2012-08-19 19:10 - 2012-08-19 19:10 - 00001894 ____A C:\Users\All Users\Desktop\Adobe Reader X.lnk
2012-08-19 19:03 - 2012-08-19 19:02 - 54476696 ____A (Adobe Systems Incorporated) C:\Users\Anton\Downloads\AdbeRdr1013_en_US.exe
2012-08-19 18:51 - 2008-12-16 01:42 - 00027335 ____A C:\Users\Anton\Application Data\nvModes.dat
2012-08-19 18:51 - 2008-12-16 01:42 - 00027335 ____A C:\Users\Anton\AppData\Roaming\nvModes.dat
2012-08-18 21:32 - 2012-08-18 21:32 - 12430576 ____A C:\Users\Anton\Downloads\E4E1.tmp
2012-08-18 01:23 - 2012-08-18 01:23 - 00028508 ____A C:\Users\Anton\Downloads\[isoHunt] Rocky IV.torrent
2012-08-12 06:22 - 2012-08-12 06:22 - 00007223 ____A C:\Users\Anton\Downloads\[isoHunt] The.Office.6x22.(HDTV-2HD)[VTV].torrent
2012-08-12 06:00 - 2012-08-12 02:56 - 183543738 ____A C:\Users\Anton\Downloads\The.Office.S06E22.HDTV.XviD-2HD.[VTV].avi
2012-08-12 02:52 - 2012-08-12 02:52 - 00007243 ____A C:\Users\Anton\Downloads\[isoHunt] The.Office.S06E22.HDTV.XviD-2HD.[VTV].avi.torrent
2012-08-12 02:51 - 2012-08-12 02:51 - 00025720 ____A C:\Users\Anton\Downloads\[isoHunt] The Office US - The Complete Season 7 [HDTV].torrent
2012-08-12 02:33 - 2012-08-12 02:33 - 00057584 ____A C:\Users\Anton\Downloads\[isoHunt] b3c62d331bffd81e9422284d5a0bcbd9a451eb6e.torrent
2012-08-10 09:32 - 2012-05-06 23:26 - 00000117 ____A C:\Users\Anton\webct_upload_applet.properties
2012-08-10 09:25 - 2012-08-10 09:25 - 00174064 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe
2012-08-10 09:25 - 2012-08-10 09:25 - 00174064 ____A (Oracle Corporation) C:\Windows\System32\java.exe
2012-08-10 09:23 - 2012-08-10 09:23 - 00893936 ____A (Oracle Corporation) C:\Users\Anton\Downloads\chromeinstall-7u5.exe
2012-08-09 00:59 - 2012-08-09 00:59 - 00018657 ____A C:\Users\Anton\Downloads\[isoHunt] Colditz-AC3-5,1-DVDRip[Eng]2005.torrent
2012-08-03 14:50 - 2008-12-17 16:28 - 00007592 ____A C:\Users\Anton\Local Settings\d3d9caps.dat
2012-08-03 14:50 - 2008-12-17 16:28 - 00007592 ____A C:\Users\Anton\Local Settings\Application Data\d3d9caps.dat
2012-08-03 14:50 - 2008-12-17 16:28 - 00007592 ____A C:\Users\Anton\AppData\Local\d3d9caps.dat
2012-08-03 03:29 - 2012-08-03 03:29 - 00426184 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2012-08-03 03:29 - 2012-08-03 03:29 - 00070344 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2012-08-02 18:59 - 2012-07-26 04:47 - 00012320 ____A C:\Users\Anton\My Documents\WIGHT2012.TAX
2012-08-02 18:59 - 2012-07-26 04:47 - 00012320 ____A C:\Users\Anton\Documents\WIGHT2012.TAX
2012-08-01 19:02 - 2012-08-01 18:54 - 183292780 ____A C:\Users\Anton\Downloads\The.Office.S08E15.HDTV.XviD-LOL.[VTV].avi
2012-08-01 18:52 - 2012-08-01 18:41 - 161865412 ____A C:\Users\Anton\Downloads\The.Office.S08E24.HDTV.x264-LOL.[VTV].mp4
2012-08-01 18:50 - 2012-08-01 18:41 - 181691335 ____A C:\Users\Anton\Downloads\The.Office.S08E22.HDTV.x264-LOL.[VTV].mp4
2012-08-01 18:50 - 2012-08-01 18:41 - 168553581 ____A C:\Users\Anton\Downloads\The.Office.S08E23.HDTV.x264-LOL.[VTV].mp4
2012-08-01 18:19 - 2012-08-01 18:13 - 179694184 ____A C:\Users\Anton\Downloads\The.Office.S08E21.HDTV.x264-LOL.[VTV].mp4
2012-08-01 18:17 - 2012-08-01 18:04 - 188600132 ____A C:\Users\Anton\Downloads\The Office Episode 20.mp4
2012-07-31 22:11 - 2012-07-26 04:47 - 00011408 ____A C:\Users\Anton\My Documents\WIGHT2012.BAK
2012-07-31 22:11 - 2012-07-26 04:47 - 00011408 ____A C:\Users\Anton\Documents\WIGHT2012.BAK
2012-07-31 20:46 - 2012-07-31 20:46 - 00015652 ____A C:\Users\Anton\Downloads\The.Office.US.S08E16.HDTV.XviD-2HD_[www.NewTorrents.info].torrent
2012-07-31 20:45 - 2012-07-31 20:45 - 00292688 ____A (Premium) C:\Users\Anton\Downloads\DownloadSetup (1).exe
2012-07-31 15:09 - 2012-07-31 14:58 - 183572480 ____A C:\Users\Anton\Downloads\The.Office.S08E12.HDTV.XviD-LOL.[VTV].avi
2012-07-31 15:08 - 2012-07-31 14:59 - 182819188 ____A C:\Users\Anton\Downloads\The.Office.S08E13.HDTV.XviD-LOL.[VTV].avi
2012-07-31 15:03 - 2012-07-31 14:57 - 183489168 ____A C:\Users\Anton\Downloads\The.Office.S08E11.HDTV.XviD-LOL.[VTV].avi
2012-07-30 20:03 - 2012-07-30 19:49 - 182619500 ____A C:\Users\Anton\Downloads\The.Office.S08E09.HDTV.XviD-2HD.[VTV].avi
2012-07-30 20:00 - 2012-07-30 19:49 - 183495174 ____A C:\Users\Anton\Downloads\The.Office.S08E10.HDTV.XviD-LOL.[VTV].avi
2012-07-30 20:00 - 2012-07-30 19:48 - 183560192 ____A C:\Users\Anton\Downloads\The.Office.S08E08.HDTV.XviD-LOL.[VTV].avi
2012-07-30 18:43 - 2012-07-30 18:32 - 183501592 ____A C:\Users\Anton\Downloads\The.Office.S08E05.HDTV.XviD-LOL.[VTV].avi
2012-07-30 18:42 - 2012-07-30 18:32 - 183551314 ____A C:\Users\Anton\Downloads\The.Office.S08E06.HDTV.XviD-LOL.[VTV].avi
2012-07-30 18:41 - 2012-07-30 18:33 - 182990426 ____A C:\Users\Anton\Downloads\The.Office.S08E07.HDTV.XviD-LOL.[VTV].avi
2012-07-29 21:30 - 2012-07-29 21:26 - 183062774 ____A C:\Users\Anton\Downloads\The.Office.S08E03.HDTV.XviD-LOL.[VTV].avi
2012-07-29 02:04 - 2012-07-29 01:58 - 183584342 ____A C:\Users\Anton\Downloads\The.Office.S08E02.HDTV.XviD-LOL.[VTV].avi
2012-07-29 02:00 - 2012-07-29 01:53 - 183574086 ____A C:\Users\Anton\Downloads\The.Office.S08E01.HDTV.XviD-LOL.[VTV].avi
2012-07-26 04:37 - 2012-07-26 04:37 - 00000400 ____A C:\Users\Anton\My Documents\ANTHONY2012.TAX
2012-07-26 04:37 - 2012-07-26 04:37 - 00000400 ____A C:\Users\Anton\Documents\ANTHONY2012.TAX
2012-07-26 04:21 - 2012-07-26 04:21 - 00001422 ____A C:\Users\Anton\Desktop\e-tax 2012.lnk
2012-07-26 04:21 - 2012-07-26 04:21 - 00000627 ____A C:\Users\Anton\Desktop\e-tax 2012_uninstall.lnk
2012-07-26 04:18 - 2012-07-26 04:18 - 09369600 ____A C:\Users\Anton\Downloads\etax2012_1.msi
2012-07-25 03:31 - 2012-07-25 03:19 - 324136329 ____A C:\Users\Anton\Downloads\[clips4sale.com]071812VF_DoublePop.wmv
2012-07-23 09:35 - 2006-11-02 02:23 - 00000219 ____A C:\Windows\win.ini
2012-07-23 09:32 - 2006-11-02 02:24 - 57442464 ____A (Microsoft Corporation) C:\Windows\System32\mrt.exe
2012-07-23 05:02 - 2012-07-23 05:02 - 00047104 ____A C:\Users\Anton\Downloads\20680-b16-Australia (Australia).xls
2012-07-09 04:29 - 2006-11-02 04:52 - 00033707 ____A C:\Windows\setupact.log
2012-07-09 04:24 - 2012-07-09 04:24 - 02428362 ____A (A-PDF.com ) C:\Users\Anton\Downloads\a-pdf-mg.exe
2012-07-05 04:36 - 2012-08-10 09:26 - 00227760 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe
2012-07-05 04:36 - 2012-07-22 18:43 - 00772544 ____A (Oracle Corporation) C:\Windows\System32\npdeployJava1.dll
2012-07-05 04:36 - 2012-04-12 22:41 - 00687544 ____A (Oracle Corporation) C:\Windows\System32\deployJava1.dll
2012-06-28 03:11 - 2012-06-28 03:11 - 00001728 ____A C:\Users\Public\Desktop\QuickTime Player.lnk
2012-06-28 03:11 - 2012-06-28 03:11 - 00001728 ____A C:\Users\All Users\Desktop\QuickTime Player.lnk
2012-06-28 03:08 - 2012-06-28 03:06 - 39401336 ____A (Apple Inc.) C:\Users\Anton\Downloads\QuickTimeInstaller.exe
2012-06-27 00:38 - 2012-06-27 00:38 - 00006865 ____A C:\Users\Anton\Desktop\Institute of Public Affairs Australia.htm
2012-06-13 05:07 - 2012-06-13 04:49 - 736284672 ____A C:\Users\Anton\Downloads\Hard Target(Van Damme)[1993]DvDrip[Eng]-prithwi.avi
2012-06-12 15:01 - 2012-06-12 15:01 - 00082420 ____A C:\Users\Anton\Desktop\Police Health Online.htm
2012-06-11 00:42 - 2012-06-11 00:42 - 00089883 ____A C:\Users\Anton\Desktop\Assessment Processes.htm
2012-06-11 00:23 - 2012-06-11 00:23 - 00138176 ____A C:\Windows\Minidump\Mini061112-01.dmp
2012-06-11 00:23 - 2012-06-11 00:22 - 314165493 ____A C:\Windows\MEMORY.DMP
2012-06-07 17:50 - 2012-06-07 17:50 - 00730624 ____A C:\Users\Anton\Desktop\etaxHelp.exe
2012-06-07 17:50 - 2012-06-07 17:50 - 00044544 ____A C:\Users\Anton\Desktop\VMem.dll
2012-06-07 17:47 - 2012-06-07 17:47 - 04606976 ____A C:\Users\Anton\Desktop\etax2012.exe
2012-06-07 17:37 - 2012-06-07 17:37 - 03623365 ____A C:\Users\Anton\Desktop\PrintScreen.rav
2012-06-03 22:36 - 2012-06-03 22:36 - 00357474 ____A C:\Users\Anton\Desktop\PrintScreen_InformationOnly.rav
2012-05-31 00:59 - 2012-05-31 00:58 - 00100499 ____A C:\Users\Anton\Desktop\Unibooks - Home.htm
2012-05-30 18:55 - 2009-10-23 01:43 - 00237072 ____N (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
2012-05-29 03:16 - 2012-08-19 19:15 - 00031584 ____A (TuneUp Software) C:\Windows\System32\TURegOpt.exe
2012-05-29 03:16 - 2012-08-19 19:15 - 00021344 ____A (TuneUp Software) C:\Windows\System32\authuitu.dll


ZeroAccess:
C:\Windows\Installer\{a54a366c-6e87-0d6e-91c4-600c59fb6d64}
C:\Windows\Installer\{a54a366c-6e87-0d6e-91c4-600c59fb6d64}\@
C:\Windows\Installer\{a54a366c-6e87-0d6e-91c4-600c59fb6d64}\L
C:\Windows\Installer\{a54a366c-6e87-0d6e-91c4-600c59fb6d64}\U
C:\Windows\Installer\{a54a366c-6e87-0d6e-91c4-600c59fb6d64}\U\00000001.@

ZeroAccess:
C:\Users\Anton\AppData\Local\{a54a366c-6e87-0d6e-91c4-600c59fb6d64}
C:\Users\Anton\AppData\Local\{a54a366c-6e87-0d6e-91c4-600c59fb6d64}\@
C:\Users\Anton\AppData\Local\{a54a366c-6e87-0d6e-91c4-600c59fb6d64}\L
C:\Users\Anton\AppData\Local\{a54a366c-6e87-0d6e-91c4-600c59fb6d64}\U
C:\Users\Anton\AppData\Local\{a54a366c-6e87-0d6e-91c4-600c59fb6d64}\U\00000001.@

========================= Known DLLs (Whitelisted) ============


========================= Bamital & volsnap Check ============

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe
[2008-12-20 05:44] - [2012-08-20 22:56] - 0279040 ____A (Microsoft Corporation) 60FAB074393CB3F0331DFB86891A7F91

C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

========================= Memory info ======================

Percentage of memory in use: 17%
Total physical RAM: 3069.81 MB
Available physical RAM: 2531.37 MB
Total Pagefile: 2786.24 MB
Available Pagefile: 2600.94 MB
Total Virtual: 2047.88 MB
Available Virtual: 1983.55 MB

======================= Partitions =========================

1 Drive c: (OS) (Fixed) (Total:222.35 GB) (Free:17.3 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
2 Drive d: (DATA) (Fixed) (Total:232.88 GB) (Free:80 GB) NTFS
3 Drive e: (HP_RECOVERY) (Fixed) (Total:10.53 GB) (Free:2.42 GB) NTFS ==>[System with boot components (obtained from reading drive)]
5 Drive g: () (Removable) (Total:0.12 GB) (Free:0.12 GB) FAT
6 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

Disk ### Status Size Free Dyn Gpt
-------- ---------- ------- ------- --- ---
Disk 0 Online 233 GB 1528 KB
Disk 1 Online 233 GB 1528 KB
Disk 2 Online 124 MB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 222 GB 32 KB
Partition 2 Primary 11 GB 222 GB

==================================================================================

Disk: 0
Partition 1
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 0 C OS NTFS Partition 222 GB Healthy

==================================================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 E HP_RECOVERY NTFS Partition 11 GB Healthy

==================================================================================

Partitions of Disk 1:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 233 GB 32 KB

==================================================================================

Disk: 1
Partition 1
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 D DATA NTFS Partition 233 GB Healthy

==================================================================================

Partitions of Disk 2:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 124 MB 16 KB

==================================================================================

Disk: 2
Partition 1
Type : 06
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 0 G FAT Removable 124 MB Healthy

==================================================================================

Last Boot: 2012-08-20 18:44

======================= End Of Log ==========================


***Search Log***

Farbar Recovery Scan Tool Version: 21-08-2012 02
Ran by SYSTEM at 2012-08-22 09:38:35
Running from G:\

================== Search: "services.exe" ===================

C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe
[2008-12-20 05:44] - [2008-01-18 23:33] - 0279040 ____A (Microsoft Corporation) 2B336AB6286D6C81FA02CBAB914E3C6C

C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6000.16386_none_cd28fe6bd05df036\services.exe
[2006-11-02 00:35] - [2006-11-02 01:45] - 0279552 ____A (Microsoft Corporation) 329CF3C97CE4C19375C8ABCABAE258B0

C:\Windows\System32\services.exe
[2008-12-20 05:44] - [2012-08-20 22:56] - 0279040 ____A (Microsoft Corporation) 60FAB074393CB3F0331DFB86891A7F91

C:\Windows\SoftwareDistribution\Download\cde11068f5b77b180111333ef9781925\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe
[2009-10-24 05:08] - [2009-04-10 22:27] - 0279552 ____A (Microsoft Corporation) D4E6D91C1349B7BFB3599A6ADA56851B

=== End Of Search ===
 
FRST Fixlist

Please run the following:

Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy. Right-click in the open notepad and select Paste). Save it on the flashdrive as fixlist.txt

start
HKU\Anton\...\Run: [Ekapx] C:\Users\Anton\AppData\Roaming\Hasyo\qomai.exe [x]
C:\Windows\Installer\{a54a366c-6e87-0d6e-91c4-600c59fb6d64}
C:\Users\Anton\AppData\Local\{a54a366c-6e87-0d6e-91c4-600c59fb6d64}
Replace: C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6000.16386_none_cd28fe6bd05df036\services.exe C:\Windows\System32\services.exe
end
Click to expand...

NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system

Now, please enter System Recovery Options then select Command Prompt.

Run FRST and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

Now restart, let it boot normally and tell me how it went.
 
Just did the first part and tried to turn on the laptop but the screen is just staying black now and it stops making any noise after about 5 seconds.
 
Turn the computer off for a while, then try again. Let me know if it works.

If not, do you have the OEM discs?
 
  • Download OTLPENet.exe to your desktop
  • Download Farbar Recovery Scan Tool and save it to a flash drive.
  • Ensure that you have a blank CD in the drive
  • Double click OTLPENet.exe and this will then open imgburn to burn the file to CD
  • Reboot your system using the boot CD you just created.
Note : If you do not know how to set your computer to boot from CD follow the steps here
  • As the CD needs to detect your hardware and load the operating system, I would recommend a nice cup of tea whilst it loads
    smiley.gif
  • Your system should now display a Reatogo desktop.
Note : as you are running from CD it is not exactly speedy
  • Insert the flash drive with FRST on it
  • Locate the flash drive and run FSRT
  • The tool will start to run.
FRST2.gif

  • When the tool opens click Yes to disclaimer.
  • Press Scan button. It will do its scan and save a log on your flash drive.
  • Close out of the message after that, then type in the text services.exe in to the "Search:" text box. Then, press the Search file(s) button, just as below:
    frst2.jpg

    When done searching, FRST makes a log, Search.txt, on the C:\ drive or on your flash drive.
  • Type exit in the Command Prompt window and reboot the computer normally
  • FRST will make a log (FRST.txt) on the flash drive and also the search.txt logfile, please copy and paste the logs in your reply.
 
I tried it but the screen stays completely black and nothing happens. I think the only way to solve this is buying a new laptop thanks for your help though.
 
Status
Not open for further replies.

Similar threads

Cal Jeffrey
New York intends to have electric air taxis by 2025
2
Replies
27
Views
838
Q Wales
Q Wales
Cal Jeffrey
The MyHouse Doom 2 mod is a masterpiece of creepy map editing
Replies
4
Views
779
loki1944
L
Devwa
Solved Windows has encountered a critical problem and will restart. (different type)
2
Replies
31
Views
6K
Broni
Broni

Latest posts

Back