WiredWX Hobby Weather ToolsLog in

 


multiple issues part 2

2 posters

descriptionmultiple issues part 2 Emptywindows log in error at start up multiple issues part 1

more_horiz
hi im not sure if this is the right forum to post in but heres my problem.
my computer will not install updates it tries but when it reboots it has to about and undo all. i ran the otl program here is the results
OTL logfile created on: 7/31/2010 3:20:39 PM - Run 1
OTL by OldTimer - Version 3.2.9.0 Folder = C:\Users\linda\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18882)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 51.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 67.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 103.38 Gb Total Space | 73.35 Gb Free Space | 70.96% Space Free | Partition Type: NTFS
Drive D: | 7.17 Gb Total Space | 0.72 Gb Free Space | 10.01% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 1.24 Gb Total Space | 1.21 Gb Free Space | 97.33% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: LINDA-PC
Current User Name: linda
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/07/31 15:19:23 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\linda\Desktop\OTL.com
PRC - [2010/07/27 21:57:05 | 000,142,336 | ---- | M] () -- C:\Program Files\ZooskMessenger\ZooskMessenger.exe
PRC - [2010/06/15 20:37:43 | 000,231,888 | ---- | M] (Adobe Systems, Inc.) -- C:\WINDOWS\System32\Macromed\Flash\FlashUtil10h_ActiveX.exe
PRC - [2010/05/14 11:00:26 | 000,316,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
PRC - [2010/05/14 11:00:26 | 000,249,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2010/01/15 07:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009/12/10 09:32:26 | 002,797,096 | ---- | M] (Singlesnet.com) -- C:\Program Files\Singlesnet\Singlesnet\Singlesnet.exe
PRC - [2009/12/08 22:29:44 | 000,240,992 | ---- | M] (Microsoft Corp.) -- C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe
PRC - [2009/12/07 20:32:06 | 000,285,296 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2009/08/18 12:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2009/08/18 12:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2009/01/12 21:47:17 | 001,006,264 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2009/01/12 21:31:04 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/09/10 16:01:28 | 000,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
PRC - [2007/03/28 19:45:38 | 000,118,877 | ---- | M] () -- C:\Program Files\Hp\QuickPlay\Kernel\TV\CLSched.exe
PRC - [2007/03/28 19:45:34 | 000,270,431 | ---- | M] () -- C:\Program Files\Hp\QuickPlay\Kernel\TV\CLCapSvc.exe


========== Modules (SafeList) ==========

MOD - [2010/07/31 15:19:23 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\linda\Desktop\OTL.com
MOD - [2006/11/02 04:44:49 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msscript.ocx
MOD - [2006/11/02 04:38:57 | 001,648,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/05/14 11:00:26 | 000,249,136 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2010/01/15 07:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/08/18 12:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2009/01/12 21:47:17 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/09/10 16:01:28 | 000,611,664 | ---- | M] (Lavasoft) [Auto | Start_Pending] -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe -- (aawservice)
SRV - [2007/03/28 19:45:38 | 000,118,877 | ---- | M] () [Auto | Running] -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe -- (CLSched) CyberLink Task Scheduler (CTS)
SRV - [2007/03/28 19:45:34 | 000,270,431 | ---- | M] () [Auto | Running] -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe -- (CLCapSvc) CyberLink Background Capture Service (CBCS)
SRV - [2006/06/26 12:50:08 | 000,126,976 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Stopped] -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe -- (AddFiltr)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\usbaapl.sys -- (USBAAPL)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\System32\DRIVERS\UIUSYS.SYS -- (UIUSys)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2009/08/04 19:49:54 | 000,053,280 | ---- | M] (COMODO Security Solutions Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\cfrpd.sys -- (CFRPD)
DRV - [2009/01/12 21:14:11 | 000,113,664 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\rmcast.sys -- (RMCAST) RMCAST (Pgm)
DRV - [2008/08/10 20:00:38 | 000,059,904 | ---- | M] (DEVGURU Co,LTD.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\PTDUWWAN.sys -- (PTDUWWAN)
DRV - [2008/08/10 20:00:32 | 000,039,936 | ---- | M] (DEVGURU Co,LTD.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\PTDUVsp.sys -- (PTDUVsp)
DRV - [2008/08/10 20:00:30 | 000,041,344 | ---- | M] (DEVGURU Co,LTD.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\PTDUMdm.sys -- (PTDUMdm)
DRV - [2008/08/10 20:00:28 | 000,033,024 | ---- | M] (DEVGURU Co,LTD.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\PTDUBus.sys -- (PTDUBus)
DRV - [2008/03/04 10:32:00 | 000,188,416 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2007/11/07 00:05:00 | 008,231,584 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2007/02/21 19:24:48 | 000,159,232 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\CHDART.sys -- (HdAudAddService)
DRV - [2007/01/12 22:59:02 | 000,181,432 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2007/01/03 10:43:12 | 000,534,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\BCMWL6.SYS -- (BCM43XX)
DRV - [2007/01/03 10:43:12 | 000,534,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\BCMWL6.SYS -- (BCM43XV)
DRV - [2007/01/02 05:45:30 | 000,080,688 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\btwavdt.sys -- (btwavdt)
DRV - [2007/01/02 05:45:30 | 000,078,128 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\btwaudio.sys -- (btwaudio)
DRV - [2007/01/02 05:45:30 | 000,016,560 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\btwrchid.sys -- (btwrchid)
DRV - [2006/12/07 10:05:58 | 000,985,600 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2006/12/07 10:04:36 | 000,207,360 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2006/12/07 10:04:26 | 000,659,968 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2006/11/28 11:44:52 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2006/11/15 12:16:24 | 000,032,256 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2006/11/15 07:42:46 | 000,043,520 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/11/15 05:35:20 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2006/11/02 04:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006/11/02 04:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006/11/02 04:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006/11/02 04:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006/11/02 04:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006/11/02 04:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006/11/02 04:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006/11/02 04:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006/11/02 04:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006/11/02 04:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 04:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 04:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006/11/02 04:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006/11/02 04:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 04:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 04:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006/11/02 04:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006/11/02 04:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 04:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006/11/02 04:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006/11/02 04:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006/11/02 04:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006/11/02 04:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006/11/02 04:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 04:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 04:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006/11/02 04:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 04:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006/11/02 04:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 04:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 04:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 04:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006/11/02 04:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2006/11/02 04:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2006/11/02 04:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2006/11/02 03:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 03:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 03:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 03:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 03:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 03:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 02:41:49 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL)
DRV - [2006/11/02 02:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 02:30:56 | 000,429,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\nvm60x32.sys -- (NVENETFD)
DRV - [2006/11/02 02:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2006/10/18 21:10:57 | 001,380,864 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\igdkmd32.sys -- (ialm)
DRV - [2006/09/15 03:44:18 | 000,011,520 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2006/06/28 11:57:00 | 000,008,192 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\eabfiltr.sys -- (eabfiltr)
DRV - [2006/06/28 11:54:00 | 000,009,472 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\CPQBttn.sys -- (HBtnKey)
DRV - [2005/08/17 08:46:26 | 000,093,872 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2005/08/17 08:46:20 | 000,008,272 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2005/08/17 08:45:00 | 000,058,352 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=73&bd=Pavilion&pf=laptop
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=73&bd=Pavilion&pf=laptop

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=73&bd=Pavilion&pf=laptop
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010/07/20 20:11:08 | 000,000,000 | ---D | M]

[2010/02/13 14:57:21 | 000,000,000 | ---D | M] -- C:\Users\linda\AppData\Roaming\Mozilla\Extensions
[2010/02/13 14:57:21 | 000,000,000 | ---D | M] -- C:\Users\linda\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org

O1 HOSTS File: ([2006/09/18 16:41:30 | 000,000,761 | ---- | M]) - C:\WINDOWS\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (MSN Toolbar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll (Microsoft Corporation)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [COMODO System Cleaner] C:\Program Files\COMODO\COMODO System Cleaner\CSC.EXE (COMODO)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [Microsoft Default Manager] C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe (Microsoft Corporation)
O4 - HKLM..\Run: [MSN Toolbar] C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe (Microsoft Corp.)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [Singlesnet] C:\Program Files\Singlesnet\Singlesnet\Singlesnet.exe (Singlesnet.com)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Users\linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ZooskMessenger.lnk = C:\Program Files\ZooskMessenger\ZooskMessenger.exe ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll (Google Inc.)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: movie25.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\linda\Pictures\2009-03-03 all\all 064.JPG
O24 - Desktop BackupWallPaper: C:\Users\linda\Pictures\2009-03-03 all\all 064.JPG
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/06/18 19:18:10 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2005/09/11 10:18:54 | 000,000,340 | -HS- | M] () - D:\AUTOMODE -- [ NTFS ]
O33 - MountPoints2\{7ad6edf8-dbbe-11de-94c1-0016d3949463}\Shell\AutoRun\command - "" = wscript.exe \SMRTNTKY\script.js
O33 - MountPoints2\{7ad6edfc-dbbe-11de-94c1-0016d3949463}\Shell - "" = AutoRun
O33 - MountPoints2\{7ad6edfc-dbbe-11de-94c1-0016d3949463}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -- File not found
O33 - MountPoints2\{ed65a84b-e68f-11dd-bd97-0016d3a7773b}\Shell\AutoRun\command - "" = F:\Autorun.exe -- File not found
O33 - MountPoints2\{ed65a84b-e68f-11dd-bd97-0016d3a7773b}\Shell\Shell00\Command - "" = F:\Autorun.exe -- File not found
O33 - MountPoints2\{ed65a84b-e68f-11dd-bd97-0016d3a7773b}\Shell\Shell01\Command - "" = F:\Autorun.exe -- File not found
O33 - MountPoints2\{ed65a84b-e68f-11dd-bd97-0016d3a7773b}\Shell\Shell02\Command - "" = F:\Autorun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\Windows\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found


SafeBootMin: aawservice - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe (Lavasoft)
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: aawservice - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe (Lavasoft)
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - Reg Error: Value error.
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32: msacm.l3acm - C:\WINDOWS\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - File not found
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2010/07/31 15:19:13 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Users\linda\Desktop\OTL.com
[2010/07/27 21:57:50 | 000,000,000 | ---D | C] -- C:\Program Files\ZooskMessenger
[2010/07/20 19:27:45 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2010/07/19 19:41:59 | 000,000,000 | ---D | C] -- C:\Users\linda\AppData\Local\WindowsUpdate
[2010/07/10 13:44:13 | 000,000,000 | ---D | C] -- C:\Users\linda\AppData\Roaming\ComodoGroup
[2010/07/10 00:09:57 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO
[2010/07/09 23:34:56 | 000,000,000 | ---D | C] -- C:\ProgramData\382E5
[2010/07/07 00:58:34 | 000,000,000 | ---D | C] -- C:\ProgramData\{65893B95-F47B-4483-B883-86BA181E9B54}
[2010/07/05 21:29:46 | 000,000,000 | ---D | C] -- C:\Users\linda\AppData\Local\Yahoo!
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/07/31 15:24:59 | 002,359,296 | -HS- | M] () -- C:\Users\linda\ntuser.dat
[2010/07/31 15:19:23 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\linda\Desktop\OTL.com
[2010/07/31 15:01:29 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/07/31 15:01:29 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/07/31 12:03:22 | 000,000,146 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini
[2010/07/31 12:02:51 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/07/31 12:02:06 | 000,000,808 | ---- | M] () -- C:\Users\linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ZooskMessenger.lnk
[2010/07/31 12:02:03 | 000,041,662 | ---- | M] () -- C:\Users\linda\AppData\Roaming\nvModes.001
[2010/07/31 12:01:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/07/31 11:59:08 | 002,262,616 | -H-- | M] () -- C:\Users\linda\AppData\Local\IconCache.db
[2010/07/31 08:51:09 | 000,618,648 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/07/31 08:51:09 | 000,104,024 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/07/31 08:51:08 | 000,716,948 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/07/29 21:00:23 | 000,000,680 | ---- | M] () -- C:\Users\linda\AppData\Local\d3d9caps.dat
[2010/07/27 21:57:56 | 000,000,772 | ---- | M] () -- C:\Users\Public\Desktop\ZooskMessenger.lnk
[2010/07/25 17:17:54 | 000,000,166 | ---- | M] () -- C:\Users\linda\AppData\Roaming\wklnhst.dat
[2010/07/25 17:17:53 | 000,031,744 | ---- | M] () -- C:\Users\linda\Documents\kennie.xlr
[2010/07/25 11:05:05 | 000,092,504 | ---- | M] () -- C:\Users\linda\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/07/25 11:04:41 | 000,352,656 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/07/23 22:37:17 | 000,000,322 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForlinda.job
[2010/07/19 18:28:48 | 000,000,008 | ---- | M] () -- C:\Windows\crpf.bin
[2010/07/19 18:26:13 | 000,013,514 | ---- | M] () -- C:\Windows\csdf_sdum.dat
[2010/07/19 18:26:00 | 000,000,004 | ---- | M] () -- C:\Windows\crpf_sdum.bin
[2010/07/18 20:33:03 | 000,000,474 | ---- | M] () -- C:\Windows\tasks\Norton Security Scan for linda.job
[2010/07/10 11:10:05 | 000,000,924 | ---- | M] () -- C:\Users\linda\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2010/07/10 11:10:05 | 000,000,900 | ---- | M] () -- C:\Users\Public\Desktop\Yahoo! Messenger.lnk
[2010/07/10 01:12:22 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010/07/10 00:10:01 | 000,000,937 | ---- | M] () -- C:\Users\Public\Desktop\COMODO System Cleaner.lnk
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/07/27 21:57:56 | 000,000,772 | ---- | C] () -- C:\Users\Public\Desktop\ZooskMessenger.lnk
[2010/07/25 17:06:56 | 000,031,744 | ---- | C] () -- C:\Users\linda\Documents\kennie.xlr
[2010/07/19 18:26:00 | 000,013,514 | ---- | C] () -- C:\Windows\csdf_sdum.dat
[2010/07/19 18:26:00 | 000,000,008 | ---- | C] () -- C:\Windows\crpf.bin
[2010/07/19 18:26:00 | 000,000,004 | ---- | C] () -- C:\Windows\crpf_sdum.bin
[2010/07/10 11:10:05 | 000,000,924 | ---- | C] () -- C:\Users\linda\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2010/07/10 11:10:05 | 000,000,900 | ---- | C] () -- C:\Users\Public\Desktop\Yahoo! Messenger.lnk
[2010/07/10 09:44:51 | 000,000,680 | ---- | C] () -- C:\Users\linda\AppData\Local\d3d9caps.dat
[2010/07/10 00:10:01 | 000,000,937 | ---- | C] () -- C:\Users\Public\Desktop\COMODO System Cleaner.lnk
[2007/06/18 16:54:32 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2007/02/27 15:43:02 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2006/12/20 14:00:12 | 000,389,120 | ---- | C] () -- C:\Windows\System32\btwhidcs.dll
[2006/12/14 01:01:36 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
[2006/12/14 01:01:36 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll
[2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 05:25:21 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/03/09 19:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2001/11/14 14:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll

========== Custom Scans ==========


< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2009/03/08 06:31:42 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\System32\dxtmsft.dll
[2009/03/08 06:31:37 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\System32\dxtrans.dll
[2010/01/02 01:32:32 | 000,184,320 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\System32\iepeers.dll
[2006/11/02 04:47:18 | 000,228,968 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\System32\rsaenh.dll
[2009/01/12 21:16:50 | 000,223,232 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\System32\SLC.dll
[2009/03/08 06:33:04 | 000,420,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\System32\vbscript.dll

< %systemroot%\system32\*.exe /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[1 C:\Windows\system32\drivers\*.tmp files -> C:\Windows\system32\drivers\*.tmp -> ]

< %systemroot%\System32\config\*.sav >
[2006/11/02 05:34:05 | 000,008,192 | ---- | M] () -- C:\WINDOWS\System32\config\COMPONENTS.SAV
[2006/11/02 05:34:05 | 000,020,480 | ---- | M] () -- C:\WINDOWS\System32\config\DEFAULT.SAV
[2006/11/02 05:34:05 | 000,008,192 | ---- | M] () -- C:\WINDOWS\System32\config\SECURITY.SAV
[2006/11/02 05:34:08 | 010,133,504 | ---- | M] () -- C:\WINDOWS\System32\config\SOFTWARE.SAV
[2006/11/02 05:34:08 | 001,826,816 | ---- | M] () -- C:\WINDOWS\System32\config\SYSTEM.SAV

< %systemroot%\system32\*.sys >
[2006/11/02 02:09:42 | 000,009,029 | ---- | M] () -- C:\WINDOWS\System32\ANSI.SYS
[2009/01/12 21:19:25 | 000,224,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\clfs.sys
[2006/11/02 02:09:45 | 000,027,097 | ---- | M] () -- C:\WINDOWS\System32\country.sys
[2006/11/02 02:09:41 | 000,004,768 | ---- | M] () -- C:\WINDOWS\System32\HIMEM.SYS
[2006/11/02 02:09:44 | 000,042,809 | ---- | M] () -- C:\WINDOWS\System32\KEY01.SYS
[2006/11/02 02:09:44 | 000,042,537 | ---- | M] () -- C:\WINDOWS\System32\KEYBOARD.SYS
[2006/11/02 02:09:29 | 000,027,866 | ---- | M] () -- C:\WINDOWS\System32\NTDOS.SYS
[2006/11/02 02:09:35 | 000,029,146 | ---- | M] () -- C:\WINDOWS\System32\NTDOS404.SYS
[2006/11/02 02:09:38 | 000,029,370 | ---- | M] () -- C:\WINDOWS\System32\NTDOS411.SYS
[2006/11/02 02:09:40 | 000,029,274 | ---- | M] () -- C:\WINDOWS\System32\NTDOS412.SYS
[2006/11/02 02:09:31 | 000,029,146 | ---- | M] () -- C:\WINDOWS\System32\NTDOS804.SYS
[2006/11/02 02:09:20 | 000,033,952 | ---- | M] () -- C:\WINDOWS\System32\NTIO.SYS
[2006/11/02 02:09:23 | 000,034,672 | ---- | M] () -- C:\WINDOWS\System32\NTIO404.SYS
[2006/11/02 02:09:24 | 000,035,776 | ---- | M] () -- C:\WINDOWS\System32\NTIO411.SYS
[2006/11/02 02:09:26 | 000,035,536 | ---- | M] () -- C:\WINDOWS\System32\NTIO412.SYS
[2006/11/02 02:09:22 | 000,034,672 | ---- | M] () -- C:\WINDOWS\System32\NTIO804.SYS
[2009/08/14 09:01:34 | 002,031,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\win32k.sys

< %systemroot%\system32\drivers\*.dll >

< %systemroot%\system32\drivers\*.ini >

< %systemroot%\system32\drivers\*.exe >
[2006/11/28 11:44:58 | 000,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\drivers\XAudio.exe
[1 C:\Windows\system32\drivers\*.tmp files -> C:\Windows\system32\drivers\*.tmp -> ]

< %SYSTEMDRIVE%\*.* >
[2006/11/02 04:46:02 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\$$DeleteMe.CbsMsg.dll.01c97544fc367e68.001e
[2006/11/02 04:46:03 | 000,204,800 | ---- | M] (Microsoft Corporation) -- C:\$$DeleteMe.dhcpcsvc.dll.01c97544f85f6688.0010
[2006/11/02 04:46:03 | 000,120,320 | ---- | M] (Microsoft Corporation) -- C:\$$DeleteMe.dhcpcsvc6.dll.01c97544f88a3f48.0012
[2006/11/02 04:46:04 | 000,162,816 | ---- | M] (Microsoft Corporation) -- C:\$$DeleteMe.dnsapi.dll.01c97544f6ba1328.000a
[2006/11/02 04:46:04 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\$$DeleteMe.dnsrslvr.dll.01c97544f6ba1328.000b
[2006/11/02 04:46:04 | 000,256,512 | ---- | M] (Microsoft Corporation) -- C:\$$DeleteMe.dpx.dll.01c97544fba2e928.0019
[2006/11/02 04:46:05 | 000,266,752 | ---- | M] (Microsoft Corporation) -- C:\$$DeleteMe.iertutil.dll.01c9754501f32ec8.0023
[2006/11/02 04:46:05 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\$$DeleteMe.imagehlp.dll.01c97544f58bc488.0007
[2006/11/02 04:46:05 | 000,113,664 | ---- | M] (Microsoft Corporation) -- C:\$$DeleteMe.loadperf.dll.01c97544fb3c8e08.0018
[2006/11/02 04:46:10 | 000,123,904 | ---- | M] (Microsoft Corporation) -- C:\$$DeleteMe.msvfw32.dll.01c97544f85d0528.000f
[2006/11/02 04:46:11 | 001,337,344 | ---- | M] (Microsoft Corporation) -- C:\$$DeleteMe.msxml6.dll.01c97544f4a27dc8.0002
[2006/11/02 04:41:09 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\$$DeleteMe.msxml6r.dll.01c97544f4a27dc8.0001
[2006/11/02 04:46:11 | 000,797,696 | ---- | M] (Microsoft Corporation) -- C:\$$DeleteMe.NaturalLanguage6.dll.01c97544fe1c16e8.0020
[2006/11/02 04:46:11 | 004,874,240 | ---- | M] (Microsoft Corporation) -- C:\$$DeleteMe.NlsData0009.dll.01c97544ffa99c88.0021
[2006/11/02 03:22:05 | 002,628,608 | ---- | M] (Microsoft Corporation) -- C:\$$DeleteMe.NlsLexicons0009.dll.01c97544fd731548.001f
[2006/11/02 04:46:12 | 000,558,080 | ---- | M] (Microsoft Corporation) -- C:\$$DeleteMe.oleaut32.dll.01c97544f6d1e0e8.000c
[2006/11/02 04:45:32 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\$$DeleteMe.poqexec.exe.01c97544f5504228.0004
[2006/11/02 04:46:12 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\$$DeleteMe.printcom.dll.01c97544f7a0f888.000d
[2006/11/02 04:46:12 | 000,749,568 | ---- | M] (Microsoft Corporation) -- C:\$$DeleteMe.qmgr.dll.01c97544f47080e8.0000
[2006/11/02 04:46:12 | 001,327,104 | ---- | M] (Microsoft Corporation) -- C:\$$DeleteMe.quartz.dll.01c97544f55e8a68.0005
[2006/11/02 04:46:12 | 000,789,504 | ---- | M] (Microsoft Corporation) -- C:\$$DeleteMe.rpcrt4.dll.01c97544f5efbe48.0008
[2006/11/02 04:46:12 | 000,269,312 | ---- | M] (Microsoft Corporation) -- C:\$$DeleteMe.schannel.dll.01c97544f868ec08.0011
[2006/11/02 04:46:12 | 000,595,456 | ---- | M] (Microsoft Corporation) -- C:\$$DeleteMe.schedsvc.dll.01c97544fbbf79a8.001a
[2006/11/02 04:46:13 | 001,584,128 | ---- | M] (Microsoft Corporation) -- C:\$$DeleteMe.setupapi.dll.01c97544fbcdc1e8.001b
[2006/11/02 04:46:13 | 011,314,688 | ---- | M] (Microsoft Corporation) -- C:\$$DeleteMe.shell32.dll.01c97544f8a93128.0013
[2006/11/02 04:46:13 | 000,221,184 | ---- | M] (Microsoft Corporation) -- C:\$$DeleteMe.SLC.dll.01c97544f95e19a8.0014
[2006/11/02 04:45:45 | 002,592,256 | ---- | M] (Microsoft Corporation) -- C:\$$DeleteMe.SLsvc.exe.01c97544f9679f28.0015
[2006/11/02 07:36:17 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\$$DeleteMe.srclient.dll.01c97544fbd4e608.001c
[2006/11/02 04:45:49 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\$$DeleteMe.TrustedInstaller.exe.01c97544fc31bba8.001d
[2006/11/02 04:46:13 | 000,221,184 | ---- | M] (Microsoft Corporation) -- C:\$$DeleteMe.umpnpmgr.dll.01c97544fb330888.0017
[2006/11/02 04:46:13 | 001,149,952 | ---- | M] (Microsoft Corporation) -- C:\$$DeleteMe.urlmon.dll.01c9754501e4e688.0022
[2006/11/02 04:46:13 | 000,633,856 | ---- | M] (Microsoft Corporation) -- C:\$$DeleteMe.user32.dll.01c97544f4de0028.0003
[2006/11/02 04:46:13 | 000,439,808 | ---- | M] (Microsoft Corporation) -- C:\$$DeleteMe.win32spl.dll.01c97544f7a0f888.000e
[2006/11/02 04:46:14 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\$$DeleteMe.wininet.dll.01c97545020fbf48.0024
[2006/11/02 07:35:57 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\$$DeleteMe.WMASF.DLL.01c97544f9f8d308.0016
[2006/11/02 04:44:15 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\$$DeleteMe.wmi.dll.01c97544f5896328.0006
[2006/11/02 07:35:57 | 002,433,536 | ---- | M] (Microsoft Corporation) -- C:\$$DeleteMe.WMVCORE.DLL.01c97544f68f3a68.0009
[2007/06/18 19:18:10 | 000,000,074 | ---- | M] () -- C:\autoexec.bat
[2006/11/02 04:53:57 | 000,438,840 | RHS- | M] () -- C:\bootmgr
[2006/09/18 16:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2010/07/31 12:00:37 | 2392,850,432 | -HS- | M] () -- C:\pagefile.sys
[2009/03/19 18:03:12 | 000,000,594 | ---- | M] () -- C:\updatedatfix.log

< %PROGRAMFILES%\*. >
[2007/06/18 18:55:12 | 000,000,000 | ---D | M] -- C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[2010/07/17 11:41:57 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2010/03/10 22:29:49 | 000,000,000 | ---D | M] -- C:\Program Files\Apple Software Update
[2010/07/29 18:56:54 | 000,000,000 | ---D | M] -- C:\Program Files\Ask.com
[2009/05/01 20:35:54 | 000,000,000 | ---D | M] -- C:\Program Files\att-prt22
[2009/05/01 20:44:25 | 000,000,000 | ---D | M] -- C:\Program Files\ATT-PRT22-WISE
[2010/06/11 20:57:23 | 000,000,000 | ---D | M] -- C:\Program Files\AVS4YOU
[2010/07/29 20:57:54 | 000,000,000 | ---D | M] -- C:\Program Files\BearShare Applications
[2010/01/27 23:23:05 | 000,000,000 | ---D | M] -- C:\Program Files\BFG
[2010/03/10 22:31:21 | 000,000,000 | ---D | M] -- C:\Program Files\Bonjour
[2010/06/11 20:55:39 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2010/07/10 00:09:57 | 000,000,000 | ---D | M] -- C:\Program Files\COMODO
[2009/03/16 20:21:56 | 000,000,000 | ---D | M] -- C:\Program Files\CONEXANT
[2007/06/18 19:09:11 | 000,000,000 | ---D | M] -- C:\Program Files\earthlink totalaccess
[2009/12/07 20:31:06 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2009/03/13 22:15:31 | 000,000,000 | ---D | M] -- C:\Program Files\Hewlett-Packard
[2010/01/27 23:58:05 | 000,000,000 | ---D | M] -- C:\Program Files\Hidden Expedition Titanic
[2009/03/19 18:03:01 | 000,000,000 | ---D | M] -- C:\Program Files\Hp
[2007/06/18 19:16:08 | 000,000,000 | ---D | M] -- C:\Program Files\HP Games
[2007/06/18 19:26:02 | 000,000,000 | ---D | M] -- C:\Program Files\HPQ
[2010/02/23 21:02:11 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2010/01/24 16:14:55 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2010/03/10 22:32:12 | 000,000,000 | ---D | M] -- C:\Program Files\iPod
[2010/03/10 22:33:40 | 000,000,000 | ---D | M] -- C:\Program Files\iTunes
[2010/04/04 16:17:37 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2009/01/15 22:17:08 | 000,000,000 | ---D | M] -- C:\Program Files\Lavasoft
[2010/07/29 18:58:17 | 000,000,000 | ---D | M] -- C:\Program Files\LimeWire
[2010/02/23 19:02:26 | 000,000,000 | ---D | M] -- C:\Program Files\McAfee Security Scan
[2010/03/07 19:25:38 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft
[2010/07/20 19:27:45 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2006/11/02 07:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Games
[2007/06/18 18:53:34 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2010/07/25 10:52:23 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works
[2007/06/18 18:53:16 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2006/11/02 07:42:32 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2009/05/29 20:25:54 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2006/11/02 07:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2010/03/07 19:26:35 | 000,000,000 | ---D | M] -- C:\Program Files\MSN
[2009/06/11 22:14:32 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Games
[2010/03/07 19:25:34 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Toolbar
[2010/03/07 19:26:24 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Toolbar Installer
[2009/01/12 21:11:04 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
[2007/06/18 19:17:33 | 000,000,000 | ---D | M] -- C:\Program Files\muvee Technologies
[2010/02/06 19:50:34 | 000,000,000 | ---D | M] -- C:\Program Files\Mystery Case Files - Huntsville
[2007/06/18 18:56:08 | 000,000,000 | ---D | M] -- C:\Program Files\NetWaiting
[2010/02/02 22:02:09 | 000,000,000 | ---D | M] -- C:\Program Files\Norton Security Scan
[2010/02/02 22:02:07 | 000,000,000 | ---D | M] -- C:\Program Files\NortonInstaller
[2009/06/11 21:04:58 | 000,000,000 | ---D | M] -- C:\Program Files\Oberon Media
[2007/06/18 19:10:25 | 000,000,000 | ---D | M] -- C:\Program Files\Online Services
[2009/08/05 16:11:31 | 000,000,000 | ---D | M] -- C:\Program Files\OXXOGames
[2009/08/09 14:23:23 | 000,000,000 | ---D | M] -- C:\Program Files\PANTECH
[2010/03/10 22:31:01 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2007/06/18 19:24:36 | 000,000,000 | ---D | M] -- C:\Program Files\Real
[2006/11/02 07:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2007/06/18 19:24:42 | 000,000,000 | ---D | M] -- C:\Program Files\Rhapsody
[2007/06/18 18:36:06 | 000,000,000 | ---D | M] -- C:\Program Files\Roxio
[2009/08/09 15:17:17 | 000,000,000 | ---D | M] -- C:\Program Files\Selectsoft
[2010/05/29 00:06:39 | 000,000,000 | ---D | M] -- C:\Program Files\Singlesnet
[2010/02/28 14:52:31 | 000,000,000 | ---D | M] -- C:\Program Files\Spybot - Search & Destroy
[2007/06/18 18:12:00 | 000,000,000 | ---D | M] -- C:\Program Files\Synaptics
[2006/11/02 08:01:55 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2010/07/09 23:51:17 | 000,000,000 | ---D | M] -- C:\Program Files\Viva Media
[2009/09/20 19:03:11 | 000,000,000 | ---D | M] -- C:\Program Files\Viva Media Game Center
[2009/01/18 18:51:28 | 000,000,000 | ---D | M] -- C:\Program Files\Vongo
[2008/08/05 16:47:39 | 000,000,000 | ---D | M] -- C:\Program Files\WIDCOMM
[2009/01/18 19:11:29 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Calendar
[2009/01/15 23:36:54 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Defender
[2006/11/02 07:42:32 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Journal
[2010/03/07 19:48:48 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Mail
[2010/01/24 16:14:42 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2006/11/02 07:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2006/11/02 07:42:32 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Photo Gallery
[2009/01/15 23:36:44 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Sidebar
[2010/05/11 23:18:24 | 000,000,000 | ---D | M] -- C:\Program Files\Yahoo!
[2010/07/27 21:57:56 | 000,000,000 | ---D | M] -- C:\Program Files\ZooskMessenger

< %appdata%\*.* >
[2010/07/31 12:02:03 | 000,041,662 | ---- | M] () -- C:\Users\linda\AppData\Roaming\nvModes.001
[2010/04/04 18:39:28 | 000,041,662 | ---- | M] () -- C:\Users\linda\AppData\Roaming\nvModes.dat
[2010/07/25 17:17:54 | 000,000,166 | ---- | M] () -- C:\Users\linda\AppData\Roaming\wklnhst.dat


< MD5 for: AGP440.SYS >
[2007/06/18 19:28:17 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=313FF294978EA6AF715722D708FB249F -- C:\WINDOWS\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.20494_none_b858f78adaed51b3\AGP440.sys
[2007/06/18 19:28:18 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=CE71AFD6738AA025D742CDBCFBDC8B9C -- C:\WINDOWS\System32\DriverStore\FileRepository\machine.inf_f2490cb0\AGP440.sys
[2007/06/18 19:28:18 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=CE71AFD6738AA025D742CDBCFBDC8B9C -- C:\WINDOWS\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.16399_none_b7d45c31c1cb309c\AGP440.sys
[2006/11/02 04:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\WINDOWS\System32\drivers\AGP440.sys
[2006/11/02 04:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\WINDOWS\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

< MD5 for: ATAPI.SYS >
[2006/11/02 04:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\WINDOWS\System32\drivers\atapi.sys
[2006/11/02 04:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\WINDOWS\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2009/01/12 21:31:45 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\WINDOWS\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2009/01/12 21:31:45 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\WINDOWS\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2006/11/02 04:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\WINDOWS\System32\cngaudit.dll
[2006/11/02 04:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\WINDOWS\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: DISK.SYS >
[2006/11/02 04:49:51 | 000,052,840 | ---- | M] (Microsoft Corporation) MD5=841AF4C4D41D3E3B2F244E976B0F7963 -- C:\WINDOWS\System32\drivers\disk.sys
[2006/11/02 04:49:51 | 000,052,840 | ---- | M] (Microsoft Corporation) MD5=841AF4C4D41D3E3B2F244E976B0F7963 -- C:\WINDOWS\System32\DriverStore\FileRepository\disk.inf_e0b0b355\disk.sys

< MD5 for: IASTORV.SYS >
[2006/11/02 04:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\WINDOWS\System32\drivers\iaStorV.sys
[2006/11/02 04:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\WINDOWS\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

< MD5 for: NETLOGON.DLL >
[2006/11/02 04:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\WINDOWS\System32\netlogon.dll
[2006/11/02 04:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\WINDOWS\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2006/11/02 04:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\WINDOWS\System32\drivers\nvstor.sys
[2006/11/02 04:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\WINDOWS\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys

< MD5 for: SCECLI.DLL >
[2006/11/02 04:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\WINDOWS\System32\scecli.dll
[2006/11/02 04:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\WINDOWS\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll

< MD5 for: USBSTOR.SYS >
[2009/01/12 21:46:33 | 000,055,296 | ---- | M] (Microsoft Corporation) MD5=7887CE56934E7F104E98C975F47353C5 -- C:\WINDOWS\System32\drivers\USBSTOR.SYS
[2009/01/12 21:46:33 | 000,055,296 | ---- | M] (Microsoft Corporation) MD5=7887CE56934E7F104E98C975F47353C5 -- C:\WINDOWS\System32\DriverStore\FileRepository\usbstor.inf_8416e98e\USBSTOR.SYS
[2009/01/12 21:46:33 | 000,055,296 | ---- | M] (Microsoft Corporation) MD5=7887CE56934E7F104E98C975F47353C5 -- C:\WINDOWS\winsxs\x86_usbstor.inf_31bf3856ad364e35_6.0.6000.16478_none_465c5f209ade1e53\USBSTOR.SYS
[2009/01/12 21:46:33 | 000,055,296 | ---- | M] (Microsoft Corporation) MD5=7DA1833F2B2500C755AB6C81C5ABFC88 -- C:\WINDOWS\winsxs\x86_usbstor.inf_31bf3856ad364e35_6.0.6000.20588_none_46db2bffb403da0e\USBSTOR.SYS
[2006/11/02 03:55:05 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=FDBAABF07244C60B0F4E0A6E71A107C6 -- C:\WINDOWS\System32\DriverStore\FileRepository\usbstor.inf_bb2778a0\USBSTOR.SYS

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-07-31 16:22:02

========== Alternate Data Streams ==========

@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:33A7CC67
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:EAB5D262
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:8C35AEA7
< End of report >
OTL Extras logfile created on: 7/31/2010 3:20:39 PM - Run 1
OTL by OldTimer - Version 3.2.9.0 Folder = C:\Users\linda\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18882)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 51.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 67.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 103.38 Gb Total Space | 73.35 Gb Free Space | 70.96% Space Free | Partition Type: NTFS
Drive D: | 7.17 Gb Total Space | 0.72 Gb Free Space | 10.01% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 1.24 Gb Total Space | 1.21 Gb Free Space | 97.33% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

descriptionmultiple issues part 2 Emptymultiple issues part 2

more_horiz
Computer Name: LINDA-PC
Current User Name: linda
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" = C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink -- (EarthLink, Inc.)


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{15F1EBF9-7F9A-4035-9DFE-2D04C2E3947C}" = lport=138 | protocol=17 | dir=in | app=system |
"{1BC7F9C8-1956-49CF-BD9E-28ADC4F51FF5}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{228F7FBA-CA6F-4154-97E6-2F55C1CE3B3D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{22A13A5E-F8D4-4AB9-9AB3-7C3D49A188F6}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{23A92B86-EF36-4CBA-83B4-622550FF55C1}" = lport=10243 | protocol=6 | dir=in | app=system |
"{2E6F94AE-C295-484D-9DA0-7EC33B28ACA7}" = lport=2869 | protocol=6 | dir=in | app=system |
"{37D37057-5199-4494-9D54-3FC3E9A6D8CD}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe |
"{4144D10F-240B-4479-ABAD-E6D5F1B970FC}" = lport=2869 | protocol=6 | dir=in | app=system |
"{444E854C-76DC-4638-8A25-446401E3684D}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe |
"{5F0D21F3-26E4-4616-B57A-5CE91DC79C8A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{61191D85-4EC7-4D7B-B3D6-07DEB12CE797}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{6543999F-1ADB-4D72-9FC9-373018A01E69}" = rport=138 | protocol=17 | dir=out | app=system |
"{77513A0B-C922-482C-AD9F-C797D49AB484}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{784A8546-C1F7-4F91-860E-C0EA20F2D36A}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe |
"{7DFC632B-C221-4CA6-B1FE-6FD88F9E6FF8}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe |
"{96C77996-2F76-4465-8525-7C2BA511CF9D}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{A671E89E-7EF1-4CB1-A227-95CE12B25754}" = rport=137 | protocol=17 | dir=out | app=system |
"{B0E49B69-1D6C-4832-8F16-FA56F3D40C8F}" = lport=137 | protocol=17 | dir=in | app=system |
"{B8D7D875-A4D3-4AA7-8278-592C8A74DD12}" = rport=139 | protocol=6 | dir=out | app=system |
"{B97C663C-921B-4DE4-897A-AB0FB0BAC2D8}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{BE4ECA12-9E73-4FAB-A0BE-E3A35159B2C9}" = lport=445 | protocol=6 | dir=in | app=system |
"{C7F7383A-2F6F-4672-829E-64D2A8F9D84C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{CB0556A0-CC8E-4154-BF3B-32A5142F58D2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{D105A96F-A5A2-47A2-81F3-508847453C8B}" = rport=10243 | protocol=6 | dir=out | app=system |
"{D7B97C7D-A9F3-40F6-B3C8-93C7B8BFAD86}" = lport=2869 | protocol=6 | dir=in | app=system |
"{D96C69A4-FE19-4A02-8799-1CB1E62CBC69}" = rport=445 | protocol=6 | dir=out | app=system |
"{DB8E7825-6D87-4153-9B65-F5EAD4F6AC32}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{E19BB598-15A0-4B44-9F64-310B598B58E2}" = lport=139 | protocol=6 | dir=in | app=system |
"{E8E3A9C2-2A7E-4380-8294-D6E734157007}" = rport=2869 | protocol=6 | dir=out | app=system |
"{F2E6E32F-0056-4CAF-9141-5920D8BB22F6}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03937102-D399-4D15-B74C-0ECA253FE035}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{09D90C8B-63FF-4138-986D-7A6EB7CB466D}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{0A2907F2-2F75-489B-AAC0-0C4BC96DAA85}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{0A8FDF8C-0C8F-4877-816B-9EDB3ACEEDAB}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
"{0BD2C9D1-F4A1-4D7E-BF73-BEA58746E4A0}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{13CE7F09-9D08-4BBD-9B1E-882ACC698775}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{154EA595-D3AC-44EF-B4B3-A39706386480}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmplayer.exe |
"{17B78449-8DA5-4C80-810F-6AC4BDA15E72}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
"{18DC480A-2EE4-4E18-8A84-6B749883C2BD}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmpnetwk.exe |
"{1CBE5B7E-9C5F-4D37-9F8B-2EAAB3128609}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{271CB2C8-AD74-494F-AB8B-9FC5377DFAA7}" = dir=in | app=c:\program files\hp\quickplay\qpservice.exe |
"{27E746DC-18E9-4F4A-BAB0-62EA7A2C079B}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{282AAFF9-0459-4F92-876F-8679B95B9A9A}" = dir=in | app=c:\program files\hp\quickplay\qp.exe |
"{2AF7E942-7CEB-4931-AB6B-2FBE44E67C35}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{2E2B4B7C-8ACC-4060-A040-31E1B1EAC995}" = protocol=6 | dir=out | app=c:\windows\system32\wudfhost.exe |
"{30D2238B-C1EE-4552-AC1A-DE094612C271}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{39F92367-FC69-443B-AA66-59D134921F5C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{3A941E05-5289-47EC-967A-106392450BAC}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{3D79AAB8-C9A2-416F-BE0D-00D1AA2D7838}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmpnetwk.exe |
"{3E520652-29C6-49B4-A709-58C124540097}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{3EE7134D-8589-41AE-A10C-31BCEB768DF8}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{433F6424-3AA1-4670-BBBE-1E1D2C5766E6}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe |
"{4E85F3CA-F03C-472E-A355-8633292ABD84}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmpnetwk.exe |
"{54973449-C946-4F50-8B10-8F0527F508C0}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{599B1C39-D05C-4A5D-9FA1-CB9BE5A81693}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
"{72BD159C-48BE-4265-BBCD-2B07B82B334D}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{75B226BC-446E-49ED-B74A-6AB6F6D77040}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
"{7CF7F55E-AB57-4A45-938E-193373F85259}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{848BD9DA-4760-42A9-93CD-45FD380E681A}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{8BF6FE1B-1A82-4B8D-B046-72994F8BEEF6}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{8ED9A2D0-FD49-4541-A5A7-7E2A80B6B6D3}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{8EE1CE6E-AA8E-43AD-BB6A-E0E61BCCF153}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{917CA940-73E8-4BF1-A6B0-50C1705D99F7}" = protocol=6 | dir=out | app=system |
"{BA23AC27-C246-4FBB-8AEB-76C71A44D3C3}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{BC12EE39-F709-4932-ADBC-722AF04B5AC7}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{DAFD722F-2D17-4F7B-9844-F8CDD5B23F7E}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{DC65660D-E32D-430E-8CE1-BB2D83F8D82E}" = protocol=6 | dir=out | app=system |
"{DE368681-1D60-4EE8-B793-2C85321503B6}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{EE0C67A2-CB0B-4B13-9473-F720B71D42ED}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmplayer.exe |
"{FB3DE2A4-648B-4F02-8062-D6147C05B8BF}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{FC981C92-6BB1-44CA-9114-DFCDF477DF95}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe |
"{FFD1DF0B-7FA2-4E4D-8B8F-486D0F7F564F}" = protocol=6 | dir=in | app=c:\program files\windows media player\wmpnetwk.exe |
"TCP Query User{55838EC0-36BD-4A96-94E9-991C8342F927}C:\program files\limewire\limewire.exe" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"TCP Query User{8BF999A4-3E11-484F-AB30-3F50C05CA047}C:\program files\bearshare applications\bearshare\bearshare.exe" = protocol=6 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe |
"TCP Query User{DF7ECA0F-65DC-4449-B29C-753B329849DD}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{22D98336-801B-4648-BE85-BC9CF8C2FF80}C:\program files\limewire\limewire.exe" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"UDP Query User{325820AA-D072-465C-B1AE-0BDF7AE6B3C2}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{A47713B5-C28D-4F4B-ACB8-25E2F44B0455}C:\program files\bearshare applications\bearshare\bearshare.exe" = protocol=17 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = MSN Toolbar
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{0BFC200F-C45D-4271-AF34-4CA969225DEB}" = muvee autoProducer 6.0
"{0CFD3BAF-9F4D-4D70-BD0B-638EA2504C25}" = PSSWCORE
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{0DFB3DE8-65B9-44FF-AA0A-3BECC5A2BFD1}" = Adobe Flash Player 10 Plugin
"{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}" = Roxio Creator EasyArchive
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{2656D0AB-9EA4-4C58-A117-635F3CED8B93}" = Microsoft UI Engine
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 19
"{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}" = Rhapsody Player Engine
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
"{33C65B6A-5D73-4E3E-A1F9-127C27BD3F72}" = Roxio MyDVD Basic v9
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.10 B9
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Roxio Activation Module
"{39523EA4-F914-4447-A551-2513766095F5}" = ESU for Microsoft Vista
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{3FFB3B34-D639-4384-9AE9-DDE58430D86F}" = MSCU for Microsoft Vista
"{40F7AED3-0C7D-4582-99F6-484A515C73F2}" = HP Easy Setup - Frontend
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP QuickPlay 3.2
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4F535C04-86BE-47D1-98C6-8AB26D28482B}" = Singlesnet
"{59046D29-2E6B-4224-BF0D-64F3E7A93F7B}" = LightScribe System Software 1.10.19.1
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{61BEA823-ECAF-49F1-8378-A59B3B8AD247}" = Microsoft Default Manager
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{66CFECBB-36FE-EE88-5623-BC7A29A91C3C}" = Zoosk Messenger
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{81063354-9060-42B2-A000-1EBE96778AA9}" = iTunes
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{8C838521-15F3-41E0-B240-62627E935BE3}" = HP User Guides 0083
"{8CEA85DE-955B-4BF4-87F2-0BAA62821633}" = HP Photosmart Essential2.5
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9061CEF2-51F5-42C9-8A70-9ED351C6597A}" = HP Help and Support
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{A13E07E1-A423-44FB-9DEE-B24C75C1BAF2}" = HP Integrated Module with Bluetooth wireless technology
"{A65F7CF8-6F76-40CE-B44D-D5A89D9881C7}" = MSN Toolbar Platform
"{AB5E289E-76BF-4251-9F3F-9B763F681AE0}" = HP Customer Experience Enhancements
"{AC76BA86-7AD7-1033-7B44-A80000000002}" = Adobe Reader 8
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{C13AF9C7-8E06-4354-B629-DF6192CE4A66}" = PANTECH UM175 Driver
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator Basic v9
"{CBAE4F50-9FC9-4557-AB36-9826DF3C103C}" = HP Wireless Assistant
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}" = HP Active Support Library
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E25EB359-C7A3-4E0F-B06C-D6A539AD353E}" = COMODO System Cleaner
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F6B29003-A078-4491-AFBE-62EFB6CFFE19}" = HP Total Care Advisor
"{FAB0C302-CB18-4A7A-BA03-C3DC23101A68}" = HP Active Support Library 32 bit components
"{FE57DE70-95DE-4B64-9266-84DA811053DB}" = HP Update
"3003 Crystal Mazes" = 3003 Crystal Mazes
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"ATT-PRT22" = ATT-PRT22
"AVS Audio Converter 6.2_is1" = AVS Audio Converter version 6.2
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"CNXT_AUDIO_HDA" = Conexant HD Audio
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_5045&SUBSYS_103C30B7" = HDAUDIO Soft Data Fax Modem with SmartCP
"com.zoosk.Desktop.096E6A67431258A508A2446A847B240591D2C99B.1" = Zoosk Messenger
"Hidden Expedition Titanic" = Hidden Expedition Titanic (remove only)
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Photosmart Essential" = HP Photosmart Essential 2.0
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MSNINST" = MSN
"Mystery Case Files - Huntsville" = Mystery Case Files - Huntsville (remove only)
"NSS" = Norton Security Scan
"NVIDIA Drivers" = NVIDIA Drivers
"Rhapsody" = Rhapsody
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WildTangent hplaptop Master Uninstall" = My HP Games
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.9.2

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 7/30/2010 8:04:35 PM | Computer Name = linda-PC | Source = MsiInstaller | ID = 1024
Description =

Error - 7/30/2010 8:09:36 PM | Computer Name = linda-PC | Source = MsiInstaller | ID = 11606
Description =

Error - 7/30/2010 8:09:36 PM | Computer Name = linda-PC | Source = MsiInstaller | ID = 11606
Description =

Error - 7/30/2010 8:09:36 PM | Computer Name = linda-PC | Source = MsiInstaller | ID = 1024
Description =

Error - 7/30/2010 8:10:45 PM | Computer Name = linda-PC | Source = Application Hang | ID = 1002
Description = The program YahooMessenger.exe version 10.0.0.1270 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 114 Start Time: 01cb303cdfba216c Termination Time: 1264

Error - 7/31/2010 9:45:21 AM | Computer Name = linda-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 7/31/2010 12:15:16 PM | Computer Name = linda-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 7/31/2010 12:59:03 PM | Computer Name = linda-PC | Source = Application Error | ID = 1000
Description = Faulting application YahooMessenger.exe, version 10.0.0.1270, time
stamp 0x4c053ffe, faulting module kernel32.dll, version 6.0.6000.16820, time stamp
0x49952034, exception code 0xc0000005, fault offset 0x00044fae, process id 0x7b4,
application start time 0x01cb30cb523fa310.

Error - 7/31/2010 1:11:03 PM | Computer Name = linda-PC | Source = Application Error | ID = 1000
Description = Faulting application YahooMessenger.exe, version 10.0.0.1270, time
stamp 0x4c053ffe, faulting module ymsdk.dll_unloaded, version 0.0.0.0, time stamp
0x4c0540c3, exception code 0xc0000005, fault offset 0x6109427d, process id 0x244,
application start time 0x01cb30d211dfb040.

Error - 7/31/2010 1:27:51 PM | Computer Name = linda-PC | Source = Application Error | ID = 1000
Description = Faulting application YahooMessenger.exe, version 10.0.0.1270, time
stamp 0x4c053ffe, faulting module kernel32.dll, version 6.0.6000.16820, time stamp
0x49952034, exception code 0xe06d7363, fault offset 0x0001b09e, process id 0x1298,
application start time 0x01cb30d363ad0b60.

[ System Events ]
Error - 7/31/2010 12:22:02 PM | Computer Name = linda-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 7/31/2010 12:22:02 PM | Computer Name = linda-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 7/31/2010 12:22:02 PM | Computer Name = linda-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 7/31/2010 12:22:02 PM | Computer Name = linda-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 7/31/2010 12:22:02 PM | Computer Name = linda-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 7/31/2010 12:22:02 PM | Computer Name = linda-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 7/31/2010 12:25:18 PM | Computer Name = linda-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =

Error - 7/31/2010 1:03:11 PM | Computer Name = linda-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 7/31/2010 1:06:33 PM | Computer Name = linda-PC | Source = ipnathlp | ID = 31004
Description = The DNS proxy agent was unable to allocate 0 bytes of memory. This
may indicate that the system is low on virtual memory, or that the memory manager
has encountered an internal error.

Error - 7/31/2010 1:06:36 PM | Computer Name = linda-PC | Source = ipnathlp | ID = 31004
Description = The DNS proxy agent was unable to allocate 0 bytes of memory. This
may indicate that the system is low on virtual memory, or that the memory manager
has encountered an internal error.


< End of report >

It is also very slow starting up I will run that program also
thanks for any help you can give me

descriptionmultiple issues part 2 EmptyRe: multiple issues part 2

more_horiz
Hello, and welcome to GeekPolice.

Please note the following information about the malware forum:
  • Only Tech Officers, Global Moderators, Administrators, and Malware Advisors are allowed to give advice on removing malware from your computer.
  • From this point on, please do not make any more changes to your computer; such as install/uninstall programs, use special fix tools, delete files, edit the registry, etc. - unless advised by the staff I noted above.
  • Please do not ask for help elsewhere (in this site or other sites). Doing so can result in system changes, which may not show up in the logs you post.
  • If you have already asked for help somewhere, please post the link to the topic you were helped.
  • We try our best to reply quickly, but for any reason we do not reply in two days, do one of two things:

    Reply to this topic with the word BUMP, or
    see this topic.

  • Lastly, keep in mind that we are volunteers, so you do not have to pay for malware removal. Persist in this topic until its close, and your computer is declared clean.





Please visit this webpage for a tutorial on downloading and running ComboFix:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

See the area: Using ComboFix, and when done, post the log back here.

descriptionmultiple issues part 2 EmptyRe: multiple issues part 2

more_horiz
here is the new log

ComboFix 10-08-03.01 - linda 08/03/2010 21:18:42.2.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1033.18.1982.1235 [GMT -5:00]
Running from: c:\users\linda\Desktop\ComboFix.exe
SP: Spybot - Search and Destroy *disabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((( Files Created from 2010-07-04 to 2010-08-04 )))))))))))))))))))))))))))))))
.

2010-08-04 02:43 . 2010-08-04 02:43 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-08-02 22:50 . 2010-02-20 23:54 24064 ----a-w- c:\windows\system32\nshhttp.dll
2010-08-02 22:50 . 2010-02-20 23:51 31232 ----a-w- c:\windows\system32\httpapi.dll
2010-08-02 22:50 . 2010-02-20 21:30 396800 ----a-w- c:\windows\system32\drivers\http.sys
2010-07-28 02:57 . 2010-07-28 02:57 -------- d-----w- c:\program files\ZooskMessenger
2010-07-21 00:27 . 2010-07-21 00:27 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
2010-07-21 00:27 . 2010-07-21 00:27 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2010-07-20 00:41 . 2010-07-20 00:41 -------- d-----w- c:\users\linda\AppData\Local\WindowsUpdate
2010-07-19 23:26 . 2010-07-19 23:28 8 ----a-w- c:\windows\crpf.bin
2010-07-19 23:26 . 2010-07-19 23:26 13514 ----a-w- c:\windows\csdf_sdum.dat
2010-07-19 23:26 . 2010-07-19 23:26 4 ----a-w- c:\windows\crpf_sdum.bin
2010-07-10 18:44 . 2010-07-10 18:44 -------- d-----w- c:\users\linda\AppData\Roaming\ComodoGroup
2010-07-10 14:44 . 2010-08-04 00:38 680 ----a-w- c:\users\linda\AppData\Local\d3d9caps.dat
2010-07-10 05:09 . 2010-07-10 05:09 -------- d-----w- c:\program files\COMODO
2010-07-10 04:34 . 2010-07-10 04:34 -------- d-----w- c:\programdata\382E5
2010-07-07 05:58 . 2010-07-07 05:58 -------- dc----w- c:\programdata\{65893B95-F47B-4483-B883-86BA181E9B54}
2010-07-06 02:29 . 2010-07-06 02:29 -------- d-----w- c:\users\linda\AppData\Local\Yahoo!

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-02 23:03 . 2009-01-10 05:10 93072 ----a-w- c:\users\linda\AppData\Local\GDIPFONTCACHEV1.DAT
2010-08-01 18:14 . 2010-03-11 03:27 -------- d-----w- c:\program files\Common Files\Apple
2010-07-30 01:57 . 2010-06-09 04:29 -------- d-----w- c:\program files\BearShare Applications
2010-07-29 23:58 . 2009-03-19 23:10 -------- d-----w- c:\program files\LimeWire
2010-07-29 23:56 . 2010-06-09 04:23 -------- d-----w- c:\program files\Ask.com
2010-07-26 22:59 . 2007-06-18 23:51 -------- d-----w- c:\programdata\Microsoft Help
2010-07-25 22:17 . 2009-09-25 03:21 166 ----a-w- c:\users\linda\AppData\Roaming\wklnhst.dat
2010-07-25 15:52 . 2007-06-18 23:50 -------- d-----w- c:\program files\Microsoft Works
2010-07-17 16:41 . 2010-05-11 23:59 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-07-10 06:12 . 2007-06-18 23:04 12 ----a-w- c:\windows\bthservsdp.dat
2010-07-10 04:51 . 2009-09-21 00:03 -------- d-----w- c:\program files\Viva Media
2010-07-08 23:49 . 2010-05-29 05:07 -------- d-----w- c:\users\linda\AppData\Roaming\Singlesnet
2010-07-08 04:34 . 2009-09-21 00:04 -------- d-----w- c:\programdata\AlawarWrapper
2010-06-17 01:31 . 2007-06-18 23:57 -------- d-----w- c:\programdata\CyberLink
2010-06-12 01:58 . 2010-06-12 01:58 -------- d-----w- c:\programdata\AVS4YOU
2010-06-12 01:57 . 2010-06-12 01:57 -------- d-----w- c:\users\linda\AppData\Roaming\AVS4YOU
2010-06-12 01:57 . 2010-06-12 01:55 -------- d-----w- c:\program files\Common Files\AVSMedia
2010-06-12 01:57 . 2010-06-12 01:55 -------- d-----w- c:\program files\AVS4YOU
2010-05-21 19:14 . 2009-11-11 01:00 221568 ------w- c:\windows\system32\MpSigStub.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-10-18 455968]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-09-18 39408]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2006-11-02 125440]
"Messenger (Yahoo!)"="c:\progra~1\Yahoo!\MESSEN~1\YahooMessenger.exe" [2010-06-01 5252408]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 201728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2009-01-13 1006264]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-01-13 827392]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2007-03-29 176128]
"QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2006-11-06 159744]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-10-09 75008]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-10-03 480560]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-11-07 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-11-07 8534560]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-11-07 81920]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"MSN Toolbar"="c:\program files\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe" [2009-12-09 240992]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-07-17 288080]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-11 417792]
"COMODO System Cleaner"="c:\program files\COMODO\COMODO System Cleaner\CSC.EXE" [2009-08-13 6985992]

c:\users\linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
ZooskMessenger.lnk - c:\program files\ZooskMessenger\ZooskMessenger.exe [2010-7-27 142336]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Reader Synchronizer.lnk - c:\program files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe [2006-10-23 734872]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
R3 PTDUBus;PANTECH UM175 Composite Device Driver ;c:\windows\system32\DRIVERS\PTDUBus.sys [2008-08-11 33024]
R3 PTDUMdm;PANTECH UM175 Drivers;c:\windows\system32\DRIVERS\PTDUMdm.sys [2008-08-11 41344]
R3 PTDUVsp;PANTECH UM175 Diagnostic Port;c:\windows\system32\DRIVERS\PTDUVsp.sys [2008-08-11 39936]
R3 PTDUWWAN;PANTECH UM175 WWAN Driver;c:\windows\system32\DRIVERS\PTDUWWAN.sys [2008-08-11 59904]
S0 CFRPD;CFRPD;c:\windows\System32\drivers\cfrpd.sys [2009-08-05 53280]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-10-18 20:25 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder

2010-07-24 c:\windows\Tasks\HPCeeScheduleForlinda.job
- c:\program files\hewlett-packard\sdp\ceement\HPCEE.exe [2007-06-18 21:23]

2010-07-19 c:\windows\Tasks\Norton Security Scan for linda.job
- c:\program files\Norton Security Scan\Engine\2.7.0.52\Nss.exe [2010-02-03 17:54]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://msn.com/
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=73&bd=Pavilion&pf=laptop
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
Trusted Zone: movie25.com
.
- - - - ORPHANS REMOVED - - - -

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKCU-Run-Singlesnet - c:\program files\Singlesnet\Singlesnet\Singlesnet.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-03 21:44
Windows 6.0.6000 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'Explorer.exe'(4468)
c:\program files\Hewlett-Packard\HP Advisor\Pillars\Market\MLDeskBand.dll
.
Completion time: 2010-08-03 22:01:29
ComboFix-quarantined-files.txt 2010-08-04 03:01

Pre-Run: 71,171,141,632 bytes free
Post-Run: 70,181,634,048 bytes free

- - End Of File - - 4D86B39E17328F6D52AA445A8467DF50

descriptionmultiple issues part 2 EmptyRe: multiple issues part 2

more_horiz
Re-running ComboFix to remove infections:

  • Close any open browsers.
  • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  • Open notepad and copy/paste the text in the codebox below into it:

    Code:

    DirLook::
    c:\programdata\382E5

    FileLook::
    c:\windows\crpf.bin
    c:\windows\csdf_sdum.dat
    c:\windows\crpf_sdum.bin
  • Save this as CFScript.txt, in the same location as ComboFix.exe

    multiple issues part 2 2v3rg44

  • Referring to the picture above, drag CFScript into ComboFix.exe
  • When finished, it shall produce a log for you at C:\ComboFix.txt
  • Please post the contents of the log in your next reply.

descriptionmultiple issues part 2 EmptyRe: multiple issues part 2

more_horiz
ComboFix 10-08-03.01 - linda 08/04/2010 21:54:01.3.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1033.18.1982.1275 [GMT -5:00]
Running from: c:\users\linda\Desktop\ComboFix.exe
SP: Spybot - Search and Destroy *disabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((( Files Created from 2010-07-05 to 2010-08-05 )))))))))))))))))))))))))))))))
.

2010-08-05 03:14 . 2010-08-05 03:14 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp
2010-08-05 03:14 . 2010-08-05 03:14 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-08-05 03:14 . 2010-08-05 03:14 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-08-05 02:48 . 2010-08-05 02:50 -------- d-----w- C:\32788R22FWJFW
2010-08-02 22:50 . 2010-02-20 23:54 24064 ----a-w- c:\windows\system32\nshhttp.dll
2010-08-02 22:50 . 2010-02-20 23:51 31232 ----a-w- c:\windows\system32\httpapi.dll
2010-08-02 22:50 . 2010-02-20 21:30 396800 ----a-w- c:\windows\system32\drivers\http.sys
2010-07-28 02:57 . 2010-07-28 02:57 -------- d-----w- c:\program files\ZooskMessenger
2010-07-21 00:27 . 2010-07-21 00:27 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
2010-07-21 00:27 . 2010-07-21 00:27 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2010-07-20 00:41 . 2010-07-20 00:41 -------- d-----w- c:\users\linda\AppData\Local\WindowsUpdate
2010-07-19 23:26 . 2010-07-19 23:28 8 ----a-w- c:\windows\crpf.bin
2010-07-19 23:26 . 2010-07-19 23:26 13514 ----a-w- c:\windows\csdf_sdum.dat
2010-07-19 23:26 . 2010-07-19 23:26 4 ----a-w- c:\windows\crpf_sdum.bin
2010-07-10 18:44 . 2010-07-10 18:44 -------- d-----w- c:\users\linda\AppData\Roaming\ComodoGroup
2010-07-10 14:44 . 2010-08-04 00:38 680 ----a-w- c:\users\linda\AppData\Local\d3d9caps.dat
2010-07-10 05:09 . 2010-07-10 05:09 -------- d-----w- c:\program files\COMODO
2010-07-10 04:34 . 2010-07-10 04:34 -------- d-----w- c:\programdata\382E5
2010-07-07 05:58 . 2010-07-07 05:58 -------- dc----w- c:\programdata\{65893B95-F47B-4483-B883-86BA181E9B54}

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-02 23:03 . 2009-01-10 05:10 93072 ----a-w- c:\users\linda\AppData\Local\GDIPFONTCACHEV1.DAT
2010-08-01 18:14 . 2010-03-11 03:27 -------- d-----w- c:\program files\Common Files\Apple
2010-07-30 01:57 . 2010-06-09 04:29 -------- d-----w- c:\program files\BearShare Applications
2010-07-29 23:58 . 2009-03-19 23:10 -------- d-----w- c:\program files\LimeWire
2010-07-29 23:56 . 2010-06-09 04:23 -------- d-----w- c:\program files\Ask.com
2010-07-26 22:59 . 2007-06-18 23:51 -------- d-----w- c:\programdata\Microsoft Help
2010-07-25 22:17 . 2009-09-25 03:21 166 ----a-w- c:\users\linda\AppData\Roaming\wklnhst.dat
2010-07-25 15:52 . 2007-06-18 23:50 -------- d-----w- c:\program files\Microsoft Works
2010-07-17 16:41 . 2010-05-11 23:59 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-07-10 06:12 . 2007-06-18 23:04 12 ----a-w- c:\windows\bthservsdp.dat
2010-07-10 04:51 . 2009-09-21 00:03 -------- d-----w- c:\program files\Viva Media
2010-07-08 23:49 . 2010-05-29 05:07 -------- d-----w- c:\users\linda\AppData\Roaming\Singlesnet
2010-07-08 04:34 . 2009-09-21 00:04 -------- d-----w- c:\programdata\AlawarWrapper
2010-06-17 01:31 . 2007-06-18 23:57 -------- d-----w- c:\programdata\CyberLink
2010-06-12 01:58 . 2010-06-12 01:58 -------- d-----w- c:\programdata\AVS4YOU
2010-06-12 01:57 . 2010-06-12 01:57 -------- d-----w- c:\users\linda\AppData\Roaming\AVS4YOU
2010-06-12 01:57 . 2010-06-12 01:55 -------- d-----w- c:\program files\Common Files\AVSMedia
2010-06-12 01:57 . 2010-06-12 01:55 -------- d-----w- c:\program files\AVS4YOU
2010-05-21 19:14 . 2009-11-11 01:00 221568 ------w- c:\windows\system32\MpSigStub.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-10-18 455968]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-09-18 39408]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2006-11-02 125440]
"Messenger (Yahoo!)"="c:\progra~1\Yahoo!\MESSEN~1\YahooMessenger.exe" [2010-06-01 5252408]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 201728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2009-01-13 1006264]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-01-13 827392]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2007-03-29 176128]
"QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2006-11-06 159744]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-10-09 75008]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-10-03 480560]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-11-07 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-11-07 8534560]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-11-07 81920]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"MSN Toolbar"="c:\program files\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe" [2009-12-09 240992]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-07-17 288080]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-11 417792]
"COMODO System Cleaner"="c:\program files\COMODO\COMODO System Cleaner\CSC.EXE" [2009-08-13 6985992]

c:\users\linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
ZooskMessenger.lnk - c:\program files\ZooskMessenger\ZooskMessenger.exe [2010-7-27 142336]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Reader Synchronizer.lnk - c:\program files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe [2006-10-23 734872]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
R3 PTDUBus;PANTECH UM175 Composite Device Driver ;c:\windows\system32\DRIVERS\PTDUBus.sys [2008-08-11 33024]
R3 PTDUMdm;PANTECH UM175 Drivers;c:\windows\system32\DRIVERS\PTDUMdm.sys [2008-08-11 41344]
R3 PTDUVsp;PANTECH UM175 Diagnostic Port;c:\windows\system32\DRIVERS\PTDUVsp.sys [2008-08-11 39936]
R3 PTDUWWAN;PANTECH UM175 WWAN Driver;c:\windows\system32\DRIVERS\PTDUWWAN.sys [2008-08-11 59904]
S0 CFRPD;CFRPD;c:\windows\System32\drivers\cfrpd.sys [2009-08-05 53280]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-10-18 20:25 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder

2010-07-24 c:\windows\Tasks\HPCeeScheduleForlinda.job
- c:\program files\hewlett-packard\sdp\ceement\HPCEE.exe [2007-06-18 21:23]

2010-07-19 c:\windows\Tasks\Norton Security Scan for linda.job
- c:\program files\Norton Security Scan\Engine\2.7.0.52\Nss.exe [2010-02-03 17:54]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://msn.com/
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=73&bd=Pavilion&pf=laptop
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
Trusted Zone: movie25.com
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-04 22:15
Windows 6.0.6000 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'Explorer.exe'(5540)
c:\program files\Hewlett-Packard\HP Advisor\Pillars\Market\MLDeskBand.dll
.
Completion time: 2010-08-04 22:32:58
ComboFix-quarantined-files.txt 2010-08-05 03:32
ComboFix2.txt 2010-08-04 03:01

Pre-Run: 69,098,180,608 bytes free
Post-Run: 68,487,413,760 bytes free

- - End Of File - - 8A9EC985EA61942B4317480D50E2EFA4

descriptionmultiple issues part 2 EmptyRe: multiple issues part 2

more_horiz
Please retry running the CFScript, it did not seem to execute properly.

descriptionmultiple issues part 2 EmptyRe: multiple issues part 2

more_horiz
ComboFix 10-08-03.01 - linda 08/05/2010 22:38:25.4.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1033.18.1982.1003 [GMT -5:00]
Running from: c:\users\linda\Desktop\ComboFix.exe
Command switches used :: c:\users\linda\Desktop\CFScript.txt
SP: Spybot - Search and Destroy *disabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((( Files Created from 2010-07-06 to 2010-08-06 )))))))))))))))))))))))))))))))
.

2010-08-06 04:01 . 2010-08-06 04:01 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp
2010-08-06 04:01 . 2010-08-06 04:01 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-08-06 04:01 . 2010-08-06 04:01 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-08-06 03:32 . 2010-08-06 03:32 -------- d-----w- C:\32788R22FWJFW
2010-08-02 22:50 . 2010-02-20 23:54 24064 ----a-w- c:\windows\system32\nshhttp.dll
2010-08-02 22:50 . 2010-02-20 23:51 31232 ----a-w- c:\windows\system32\httpapi.dll
2010-08-02 22:50 . 2010-02-20 21:30 396800 ----a-w- c:\windows\system32\drivers\http.sys
2010-07-28 02:57 . 2010-07-28 02:57 -------- d-----w- c:\program files\ZooskMessenger
2010-07-21 00:27 . 2010-07-21 00:27 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
2010-07-21 00:27 . 2010-07-21 00:27 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2010-07-20 00:41 . 2010-07-20 00:41 -------- d-----w- c:\users\linda\AppData\Local\WindowsUpdate
2010-07-19 23:26 . 2010-07-19 23:28 8 ----a-w- c:\windows\crpf.bin
2010-07-19 23:26 . 2010-07-19 23:26 13514 ----a-w- c:\windows\csdf_sdum.dat
2010-07-19 23:26 . 2010-07-19 23:26 4 ----a-w- c:\windows\crpf_sdum.bin
2010-07-10 18:44 . 2010-07-10 18:44 -------- d-----w- c:\users\linda\AppData\Roaming\ComodoGroup
2010-07-10 14:44 . 2010-08-04 00:38 680 ----a-w- c:\users\linda\AppData\Local\d3d9caps.dat
2010-07-10 05:09 . 2010-07-10 05:09 -------- d-----w- c:\program files\COMODO
2010-07-10 04:34 . 2010-07-10 04:34 -------- d-----w- c:\programdata\382E5
2010-07-07 05:58 . 2010-07-07 05:58 -------- dc----w- c:\programdata\{65893B95-F47B-4483-B883-86BA181E9B54}

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-02 23:03 . 2009-01-10 05:10 93072 ----a-w- c:\users\linda\AppData\Local\GDIPFONTCACHEV1.DAT
2010-08-01 18:14 . 2010-03-11 03:27 -------- d-----w- c:\program files\Common Files\Apple
2010-07-30 01:57 . 2010-06-09 04:29 -------- d-----w- c:\program files\BearShare Applications
2010-07-29 23:58 . 2009-03-19 23:10 -------- d-----w- c:\program files\LimeWire
2010-07-29 23:56 . 2010-06-09 04:23 -------- d-----w- c:\program files\Ask.com
2010-07-26 22:59 . 2007-06-18 23:51 -------- d-----w- c:\programdata\Microsoft Help
2010-07-25 22:17 . 2009-09-25 03:21 166 ----a-w- c:\users\linda\AppData\Roaming\wklnhst.dat
2010-07-25 15:52 . 2007-06-18 23:50 -------- d-----w- c:\program files\Microsoft Works
2010-07-17 16:41 . 2010-05-11 23:59 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-07-10 06:12 . 2007-06-18 23:04 12 ----a-w- c:\windows\bthservsdp.dat
2010-07-10 04:51 . 2009-09-21 00:03 -------- d-----w- c:\program files\Viva Media
2010-07-08 23:49 . 2010-05-29 05:07 -------- d-----w- c:\users\linda\AppData\Roaming\Singlesnet
2010-07-08 04:34 . 2009-09-21 00:04 -------- d-----w- c:\programdata\AlawarWrapper
2010-06-17 01:31 . 2007-06-18 23:57 -------- d-----w- c:\programdata\CyberLink
2010-06-12 01:58 . 2010-06-12 01:58 -------- d-----w- c:\programdata\AVS4YOU
2010-06-12 01:57 . 2010-06-12 01:57 -------- d-----w- c:\users\linda\AppData\Roaming\AVS4YOU
2010-06-12 01:57 . 2010-06-12 01:55 -------- d-----w- c:\program files\Common Files\AVSMedia
2010-06-12 01:57 . 2010-06-12 01:55 -------- d-----w- c:\program files\AVS4YOU
2010-05-21 19:14 . 2009-11-11 01:00 221568 ------w- c:\windows\system32\MpSigStub.exe
.

(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.

--- c:\windows\crpf.bin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File size: 8
Created time: 2010-07-19 23:26
Modified time: 2010-07-19 23:28
MD5: 33CDECCCCEBE80329F1FDBEE7F5874CB
SHA1: 3DA89EE273BE13437E7ECF760F3FBD4DC0E8D1FE


--- c:\windows\crpf_sdum.bin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File size: 4
Created time: 2010-07-19 23:26
Modified time: 2010-07-19 23:26
MD5: F1D3FF8443297732862DF21DC4E57262
SHA1: 9069CA78E7450A285173431B3E52C5C25299E473


--- c:\windows\csdf_sdum.dat ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File size: 13514
Created time: 2010-07-19 23:26
Modified time: 2010-07-19 23:26
MD5: CB8169184168BA2F098F2445B8039CE5
SHA1: 23635EAD6091C829FCDF6715DC9FB80C0696D849

---- Directory of c:\programdata\382E5 ----

2010-07-10 04:34 . 2010-06-09 04:39 3172 ----a-w- c:\programdata\382E5\{D2A99A9D-A9AD-4606-BC67-2722D769F613}.swf


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-10-18 455968]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-09-18 39408]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2006-11-02 125440]
"Messenger (Yahoo!)"="c:\progra~1\Yahoo!\MESSEN~1\YahooMessenger.exe" [2010-06-01 5252408]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 201728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2009-01-13 1006264]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-01-13 827392]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2007-03-29 176128]
"QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2006-11-06 159744]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-10-09 75008]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-10-03 480560]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-11-07 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-11-07 8534560]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-11-07 81920]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"MSN Toolbar"="c:\program files\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe" [2009-12-09 240992]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-07-17 288080]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-11 417792]
"COMODO System Cleaner"="c:\program files\COMODO\COMODO System Cleaner\CSC.EXE" [2009-08-13 6985992]

c:\users\linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
ZooskMessenger.lnk - c:\program files\ZooskMessenger\ZooskMessenger.exe [2010-7-27 142336]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Reader Synchronizer.lnk - c:\program files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe [2006-10-23 734872]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
R3 PTDUBus;PANTECH UM175 Composite Device Driver ;c:\windows\system32\DRIVERS\PTDUBus.sys [2008-08-11 33024]
R3 PTDUMdm;PANTECH UM175 Drivers;c:\windows\system32\DRIVERS\PTDUMdm.sys [2008-08-11 41344]
R3 PTDUVsp;PANTECH UM175 Diagnostic Port;c:\windows\system32\DRIVERS\PTDUVsp.sys [2008-08-11 39936]
R3 PTDUWWAN;PANTECH UM175 WWAN Driver;c:\windows\system32\DRIVERS\PTDUWWAN.sys [2008-08-11 59904]
S0 CFRPD;CFRPD;c:\windows\System32\drivers\cfrpd.sys [2009-08-05 53280]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-10-18 20:25 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder

2010-07-24 c:\windows\Tasks\HPCeeScheduleForlinda.job
- c:\program files\hewlett-packard\sdp\ceement\HPCEE.exe [2007-06-18 21:23]

2010-07-19 c:\windows\Tasks\Norton Security Scan for linda.job
- c:\program files\Norton Security Scan\Engine\2.7.0.52\Nss.exe [2010-02-03 17:54]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://msn.com/
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=73&bd=Pavilion&pf=laptop
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
Trusted Zone: movie25.com
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-05 23:03
Windows 6.0.6000 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'Explorer.exe'(1624)
c:\program files\Hewlett-Packard\HP Advisor\Pillars\Market\MLDeskBand.dll
.
Completion time: 2010-08-05 23:16:09
ComboFix-quarantined-files.txt 2010-08-06 04:16
ComboFix2.txt 2010-08-05 03:32
ComboFix3.txt 2010-08-04 03:01

Pre-Run: 67,820,425,216 bytes free
Post-Run: 67,648,983,040 bytes free

- - End Of File - - D7E548D38D85E4564D2B976629362451

descriptionmultiple issues part 2 EmptyRe: multiple issues part 2

more_horiz

descriptionmultiple issues part 2 EmptyRe: multiple issues part 2

more_horiz
when I start my computer is says it needs to run scan disk to repair issues it freezes up on the first one. it reboots itself alot and is now very slow to start and shut down

descriptionmultiple issues part 2 EmptyRe: multiple issues part 2

more_horiz
Has Scan Disk ever run completely, or have you skipped it?

descriptionmultiple issues part 2 EmptyRe: multiple issues part 2

more_horiz
it finally ran this morning it has been freezing up

descriptionmultiple issues part 2 EmptyRe: multiple issues part 2

more_horiz
What are the results of the completed scan? Did it help or not help?

descriptionmultiple issues part 2 EmptyRe: multiple issues part 2

more_horiz
it helped some but its still taking forever to shut down. and my internet freezes up on this computer only

descriptionmultiple issues part 2 EmptyRe: multiple issues part 2

more_horiz
Let's look rather deep here...

Please download SpiderKill and save it to your Desktop.
  • Right-click on SpiderKill.zip and click Extract All. Follow the prompts and read carefully, to save it to your Desktop.
  • Double-click on the SpiderKill folder, and then double-click on SpiderKill.bat and follow all the prompts in the program.
  • Within a minute, it will save its log titled SpiderKill.txt. Please post that in your next reply. You may have to use two or three posts to be able to fit the information in.

descriptionmultiple issues part 2 EmptyRe: multiple issues part 2

more_horiz
privacy_tip Permissions in this forum:
You cannot reply to topics in this forum