multiple issues part 2

View previous topic View next topic Go down

windows log in error at start up multiple issues part 1

Post by lcisbell on Sun 01 Aug 2010, 8:04 am

hi im not sure if this is the right forum to post in but heres my problem.
my computer will not install updates it tries but when it reboots it has to about and undo all. i ran the otl program here is the results
OTL logfile created on: 7/31/2010 3:20:39 PM - Run 1
OTL by OldTimer - Version 3.2.9.0 Folder = C:\Users\linda\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18882)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 51.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 67.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 103.38 Gb Total Space | 73.35 Gb Free Space | 70.96% Space Free | Partition Type: NTFS
Drive D: | 7.17 Gb Total Space | 0.72 Gb Free Space | 10.01% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 1.24 Gb Total Space | 1.21 Gb Free Space | 97.33% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: LINDA-PC
Current User Name: linda
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/07/31 15:19:23 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\linda\Desktop\OTL.com
PRC - [2010/07/27 21:57:05 | 000,142,336 | ---- | M] () -- C:\Program Files\ZooskMessenger\ZooskMessenger.exe
PRC - [2010/06/15 20:37:43 | 000,231,888 | ---- | M] (Adobe Systems, Inc.) -- C:\WINDOWS\System32\Macromed\Flash\FlashUtil10h_ActiveX.exe
PRC - [2010/05/14 11:00:26 | 000,316,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
PRC - [2010/05/14 11:00:26 | 000,249,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2010/01/15 07:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009/12/10 09:32:26 | 002,797,096 | ---- | M] (Singlesnet.com) -- C:\Program Files\Singlesnet\Singlesnet\Singlesnet.exe
PRC - [2009/12/08 22:29:44 | 000,240,992 | ---- | M] (Microsoft Corp.) -- C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe
PRC - [2009/12/07 20:32:06 | 000,285,296 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2009/08/18 12:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2009/08/18 12:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2009/01/12 21:47:17 | 001,006,264 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2009/01/12 21:31:04 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/09/10 16:01:28 | 000,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
PRC - [2007/03/28 19:45:38 | 000,118,877 | ---- | M] () -- C:\Program Files\Hp\QuickPlay\Kernel\TV\CLSched.exe
PRC - [2007/03/28 19:45:34 | 000,270,431 | ---- | M] () -- C:\Program Files\Hp\QuickPlay\Kernel\TV\CLCapSvc.exe


========== Modules (SafeList) ==========

MOD - [2010/07/31 15:19:23 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\linda\Desktop\OTL.com
MOD - [2006/11/02 04:44:49 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msscript.ocx
MOD - [2006/11/02 04:38:57 | 001,648,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/05/14 11:00:26 | 000,249,136 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2010/01/15 07:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/08/18 12:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2009/01/12 21:47:17 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/09/10 16:01:28 | 000,611,664 | ---- | M] (Lavasoft) [Auto | Start_Pending] -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe -- (aawservice)
SRV - [2007/03/28 19:45:38 | 000,118,877 | ---- | M] () [Auto | Running] -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe -- (CLSched) CyberLink Task Scheduler (CTS)
SRV - [2007/03/28 19:45:34 | 000,270,431 | ---- | M] () [Auto | Running] -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe -- (CLCapSvc) CyberLink Background Capture Service (CBCS)
SRV - [2006/06/26 12:50:08 | 000,126,976 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Stopped] -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe -- (AddFiltr)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\usbaapl.sys -- (USBAAPL)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\System32\DRIVERS\UIUSYS.SYS -- (UIUSys)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2009/08/04 19:49:54 | 000,053,280 | ---- | M] (COMODO Security Solutions Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\cfrpd.sys -- (CFRPD)
DRV - [2009/01/12 21:14:11 | 000,113,664 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\rmcast.sys -- (RMCAST) RMCAST (Pgm)
DRV - [2008/08/10 20:00:38 | 000,059,904 | ---- | M] (DEVGURU Co,LTD.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\PTDUWWAN.sys -- (PTDUWWAN)
DRV - [2008/08/10 20:00:32 | 000,039,936 | ---- | M] (DEVGURU Co,LTD.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\PTDUVsp.sys -- (PTDUVsp)
DRV - [2008/08/10 20:00:30 | 000,041,344 | ---- | M] (DEVGURU Co,LTD.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\PTDUMdm.sys -- (PTDUMdm)
DRV - [2008/08/10 20:00:28 | 000,033,024 | ---- | M] (DEVGURU Co,LTD.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\PTDUBus.sys -- (PTDUBus)
DRV - [2008/03/04 10:32:00 | 000,188,416 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2007/11/07 00:05:00 | 008,231,584 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2007/02/21 19:24:48 | 000,159,232 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\CHDART.sys -- (HdAudAddService)
DRV - [2007/01/12 22:59:02 | 000,181,432 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2007/01/03 10:43:12 | 000,534,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\BCMWL6.SYS -- (BCM43XX)
DRV - [2007/01/03 10:43:12 | 000,534,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\BCMWL6.SYS -- (BCM43XV)
DRV - [2007/01/02 05:45:30 | 000,080,688 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\btwavdt.sys -- (btwavdt)
DRV - [2007/01/02 05:45:30 | 000,078,128 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\btwaudio.sys -- (btwaudio)
DRV - [2007/01/02 05:45:30 | 000,016,560 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\btwrchid.sys -- (btwrchid)
DRV - [2006/12/07 10:05:58 | 000,985,600 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2006/12/07 10:04:36 | 000,207,360 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2006/12/07 10:04:26 | 000,659,968 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2006/11/28 11:44:52 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2006/11/15 12:16:24 | 000,032,256 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2006/11/15 07:42:46 | 000,043,520 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/11/15 05:35:20 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2006/11/02 04:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006/11/02 04:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006/11/02 04:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006/11/02 04:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006/11/02 04:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006/11/02 04:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006/11/02 04:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006/11/02 04:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006/11/02 04:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006/11/02 04:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 04:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 04:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006/11/02 04:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006/11/02 04:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 04:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 04:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006/11/02 04:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006/11/02 04:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 04:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006/11/02 04:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006/11/02 04:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006/11/02 04:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006/11/02 04:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006/11/02 04:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 04:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 04:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006/11/02 04:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 04:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006/11/02 04:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 04:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 04:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 04:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006/11/02 04:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2006/11/02 04:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2006/11/02 04:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2006/11/02 03:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 03:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 03:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 03:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 03:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 03:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 02:41:49 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL)
DRV - [2006/11/02 02:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 02:30:56 | 000,429,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\nvm60x32.sys -- (NVENETFD)
DRV - [2006/11/02 02:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2006/10/18 21:10:57 | 001,380,864 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\igdkmd32.sys -- (ialm)
DRV - [2006/09/15 03:44:18 | 000,011,520 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2006/06/28 11:57:00 | 000,008,192 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\eabfiltr.sys -- (eabfiltr)
DRV - [2006/06/28 11:54:00 | 000,009,472 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\CPQBttn.sys -- (HBtnKey)
DRV - [2005/08/17 08:46:26 | 000,093,872 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2005/08/17 08:46:20 | 000,008,272 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2005/08/17 08:45:00 | 000,058,352 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010/07/20 20:11:08 | 000,000,000 | ---D | M]

[2010/02/13 14:57:21 | 000,000,000 | ---D | M] -- C:\Users\linda\AppData\Roaming\Mozilla\Extensions
[2010/02/13 14:57:21 | 000,000,000 | ---D | M] -- C:\Users\linda\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org

O1 HOSTS File: ([2006/09/18 16:41:30 | 000,000,761 | ---- | M]) - C:\WINDOWS\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (MSN Toolbar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll (Microsoft Corporation)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [COMODO System Cleaner] C:\Program Files\COMODO\COMODO System Cleaner\CSC.EXE (COMODO)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [Microsoft Default Manager] C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe (Microsoft Corporation)
O4 - HKLM..\Run: [MSN Toolbar] C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe (Microsoft Corp.)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [Singlesnet] C:\Program Files\Singlesnet\Singlesnet\Singlesnet.exe (Singlesnet.com)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Users\linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ZooskMessenger.lnk = C:\Program Files\ZooskMessenger\ZooskMessenger.exe ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll (Google Inc.)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: movie25.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_19)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\linda\Pictures\2009-03-03 all\all 064.JPG
O24 - Desktop BackupWallPaper: C:\Users\linda\Pictures\2009-03-03 all\all 064.JPG
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/06/18 19:18:10 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2005/09/11 10:18:54 | 000,000,340 | -HS- | M] () - D:\AUTOMODE -- [ NTFS ]
O33 - MountPoints2\{7ad6edf8-dbbe-11de-94c1-0016d3949463}\Shell\AutoRun\command - "" = wscript.exe \SMRTNTKY\script.js
O33 - MountPoints2\{7ad6edfc-dbbe-11de-94c1-0016d3949463}\Shell - "" = AutoRun
O33 - MountPoints2\{7ad6edfc-dbbe-11de-94c1-0016d3949463}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -- File not found
O33 - MountPoints2\{ed65a84b-e68f-11dd-bd97-0016d3a7773b}\Shell\AutoRun\command - "" = F:\Autorun.exe -- File not found
O33 - MountPoints2\{ed65a84b-e68f-11dd-bd97-0016d3a7773b}\Shell\Shell00\Command - "" = F:\Autorun.exe -- File not found
O33 - MountPoints2\{ed65a84b-e68f-11dd-bd97-0016d3a7773b}\Shell\Shell01\Command - "" = F:\Autorun.exe -- File not found
O33 - MountPoints2\{ed65a84b-e68f-11dd-bd97-0016d3a7773b}\Shell\Shell02\Command - "" = F:\Autorun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\Windows\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found


SafeBootMin: aawservice - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe (Lavasoft)
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: aawservice - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe (Lavasoft)
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - Reg Error: Value error.
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32: msacm.l3acm - C:\WINDOWS\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - File not found
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2010/07/31 15:19:13 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Users\linda\Desktop\OTL.com
[2010/07/27 21:57:50 | 000,000,000 | ---D | C] -- C:\Program Files\ZooskMessenger
[2010/07/20 19:27:45 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2010/07/19 19:41:59 | 000,000,000 | ---D | C] -- C:\Users\linda\AppData\Local\WindowsUpdate
[2010/07/10 13:44:13 | 000,000,000 | ---D | C] -- C:\Users\linda\AppData\Roaming\ComodoGroup
[2010/07/10 00:09:57 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO
[2010/07/09 23:34:56 | 000,000,000 | ---D | C] -- C:\ProgramData\382E5
[2010/07/07 00:58:34 | 000,000,000 | ---D | C] -- C:\ProgramData\{65893B95-F47B-4483-B883-86BA181E9B54}
[2010/07/05 21:29:46 | 000,000,000 | ---D | C] -- C:\Users\linda\AppData\Local\Yahoo!
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/07/31 15:24:59 | 002,359,296 | -HS- | M] () -- C:\Users\linda\ntuser.dat
[2010/07/31 15:19:23 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\linda\Desktop\OTL.com
[2010/07/31 15:01:29 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/07/31 15:01:29 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/07/31 12:03:22 | 000,000,146 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini
[2010/07/31 12:02:51 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/07/31 12:02:06 | 000,000,808 | ---- | M] () -- C:\Users\linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ZooskMessenger.lnk
[2010/07/31 12:02:03 | 000,041,662 | ---- | M] () -- C:\Users\linda\AppData\Roaming\nvModes.001
[2010/07/31 12:01:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/07/31 11:59:08 | 002,262,616 | -H-- | M] () -- C:\Users\linda\AppData\Local\IconCache.db
[2010/07/31 08:51:09 | 000,618,648 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/07/31 08:51:09 | 000,104,024 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/07/31 08:51:08 | 000,716,948 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/07/29 21:00:23 | 000,000,680 | ---- | M] () -- C:\Users\linda\AppData\Local\d3d9caps.dat
[2010/07/27 21:57:56 | 000,000,772 | ---- | M] () -- C:\Users\Public\Desktop\ZooskMessenger.lnk
[2010/07/25 17:17:54 | 000,000,166 | ---- | M] () -- C:\Users\linda\AppData\Roaming\wklnhst.dat
[2010/07/25 17:17:53 | 000,031,744 | ---- | M] () -- C:\Users\linda\Documents\kennie.xlr
[2010/07/25 11:05:05 | 000,092,504 | ---- | M] () -- C:\Users\linda\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/07/25 11:04:41 | 000,352,656 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/07/23 22:37:17 | 000,000,322 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForlinda.job
[2010/07/19 18:28:48 | 000,000,008 | ---- | M] () -- C:\Windows\crpf.bin
[2010/07/19 18:26:13 | 000,013,514 | ---- | M] () -- C:\Windows\csdf_sdum.dat
[2010/07/19 18:26:00 | 000,000,004 | ---- | M] () -- C:\Windows\crpf_sdum.bin
[2010/07/18 20:33:03 | 000,000,474 | ---- | M] () -- C:\Windows\tasks\Norton Security Scan for linda.job
[2010/07/10 11:10:05 | 000,000,924 | ---- | M] () -- C:\Users\linda\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2010/07/10 11:10:05 | 000,000,900 | ---- | M] () -- C:\Users\Public\Desktop\Yahoo! Messenger.lnk
[2010/07/10 01:12:22 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010/07/10 00:10:01 | 000,000,937 | ---- | M] () -- C:\Users\Public\Desktop\COMODO System Cleaner.lnk
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/07/27 21:57:56 | 000,000,772 | ---- | C] () -- C:\Users\Public\Desktop\ZooskMessenger.lnk
[2010/07/25 17:06:56 | 000,031,744 | ---- | C] () -- C:\Users\linda\Documents\kennie.xlr
[2010/07/19 18:26:00 | 000,013,514 | ---- | C] () -- C:\Windows\csdf_sdum.dat
[2010/07/19 18:26:00 | 000,000,008 | ---- | C] () -- C:\Windows\crpf.bin
[2010/07/19 18:26:00 | 000,000,004 | ---- | C] () -- C:\Windows\crpf_sdum.bin
[2010/07/10 11:10:05 | 000,000,924 | ---- | C] () -- C:\Users\linda\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2010/07/10 11:10:05 | 000,000,900 | ---- | C] () -- C:\Users\Public\Desktop\Yahoo! Messenger.lnk
[2010/07/10 09:44:51 | 000,000,680 | ---- | C] () -- C:\Users\linda\AppData\Local\d3d9caps.dat
[2010/07/10 00:10:01 | 000,000,937 | ---- | C] () -- C:\Users\Public\Desktop\COMODO System Cleaner.lnk
[2007/06/18 16:54:32 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2007/02/27 15:43:02 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2006/12/20 14:00:12 | 000,389,120 | ---- | C] () -- C:\Windows\System32\btwhidcs.dll
[2006/12/14 01:01:36 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
[2006/12/14 01:01:36 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll
[2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 05:25:21 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/03/09 19:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2001/11/14 14:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll

========== Custom Scans ==========


< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2009/03/08 06:31:42 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\System32\dxtmsft.dll
[2009/03/08 06:31:37 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\System32\dxtrans.dll
[2010/01/02 01:32:32 | 000,184,320 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\System32\iepeers.dll
[2006/11/02 04:47:18 | 000,228,968 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\System32\rsaenh.dll
[2009/01/12 21:16:50 | 000,223,232 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\System32\SLC.dll
[2009/03/08 06:33:04 | 000,420,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\System32\vbscript.dll

< %systemroot%\system32\*.exe /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[1 C:\Windows\system32\drivers\*.tmp files -> C:\Windows\system32\drivers\*.tmp -> ]

< %systemroot%\System32\config\*.sav >
[2006/11/02 05:34:05 | 000,008,192 | ---- | M] () -- C:\WINDOWS\System32\config\COMPONENTS.SAV
[2006/11/02 05:34:05 | 000,020,480 | ---- | M] () -- C:\WINDOWS\System32\config\DEFAULT.SAV
[2006/11/02 05:34:05 | 000,008,192 | ---- | M] () -- C:\WINDOWS\System32\config\SECURITY.SAV
[2006/11/02 05:34:08 | 010,133,504 | ---- | M] () -- C:\WINDOWS\System32\config\SOFTWARE.SAV
[2006/11/02 05:34:08 | 001,826,816 | ---- | M] () -- C:\WINDOWS\System32\config\SYSTEM.SAV

< %systemroot%\system32\*.sys >
[2006/11/02 02:09:42 | 000,009,029 | ---- | M] () -- C:\WINDOWS\System32\ANSI.SYS
[2009/01/12 21:19:25 | 000,224,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\clfs.sys
[2006/11/02 02:09:45 | 000,027,097 | ---- | M] () -- C:\WINDOWS\System32\country.sys
[2006/11/02 02:09:41 | 000,004,768 | ---- | M] () -- C:\WINDOWS\System32\HIMEM.SYS
[2006/11/02 02:09:44 | 000,042,809 | ---- | M] () -- C:\WINDOWS\System32\KEY01.SYS
[2006/11/02 02:09:44 | 000,042,537 | ---- | M] () -- C:\WINDOWS\System32\KEYBOARD.SYS
[2006/11/02 02:09:29 | 000,027,866 | ---- | M] () -- C:\WINDOWS\System32\NTDOS.SYS
[2006/11/02 02:09:35 | 000,029,146 | ---- | M] () -- C:\WINDOWS\System32\NTDOS404.SYS
[2006/11/02 02:09:38 | 000,029,370 | ---- | M] () -- C:\WINDOWS\System32\NTDOS411.SYS
[2006/11/02 02:09:40 | 000,029,274 | ---- | M] () -- C:\WINDOWS\System32\NTDOS412.SYS
[2006/11/02 02:09:31 | 000,029,146 | ---- | M] () -- C:\WINDOWS\System32\NTDOS804.SYS
[2006/11/02 02:09:20 | 000,033,952 | ---- | M] () -- C:\WINDOWS\System32\NTIO.SYS
[2006/11/02 02:09:23 | 000,034,672 | ---- | M] () -- C:\WINDOWS\System32\NTIO404.SYS
[2006/11/02 02:09:24 | 000,035,776 | ---- | M] () -- C:\WINDOWS\System32\NTIO411.SYS
[2006/11/02 02:09:26 | 000,035,536 | ---- | M] () -- C:\WINDOWS\System32\NTIO412.SYS
[2006/11/02 02:09:22 | 000,034,672 | ---- | M] () -- C:\WINDOWS\System32\NTIO804.SYS
[2009/08/14 09:01:34 | 002,031,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\win32k.sys

< %systemroot%\system32\drivers\*.dll >

< %systemroot%\system32\drivers\*.ini >

< %systemroot%\system32\drivers\*.exe >
[2006/11/28 11:44:58 | 000,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\drivers\XAudio.exe
[1 C:\Windows\system32\drivers\*.tmp files -> C:\Windows\system32\drivers\*.tmp -> ]

< %SYSTEMDRIVE%\*.* >
[2006/11/02 04:46:02 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\$$DeleteMe.CbsMsg.dll.01c97544fc367e68.001e
[2006/11/02 04:46:03 | 000,204,800 | ---- | M] (Microsoft Corporation) -- C:\$$DeleteMe.dhcpcsvc.dll.01c97544f85f6688.0010
[2006/11/02 04:46:03 | 000,120,320 | ---- | M] (Microsoft Corporation) -- C:\$$DeleteMe.dhcpcsvc6.dll.01c97544f88a3f48.0012
[2006/11/02 04:46:04 | 000,162,816 | ---- | M] (Microsoft Corporation) -- C:\$$DeleteMe.dnsapi.dll.01c97544f6ba1328.000a
[2006/11/02 04:46:04 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\$$DeleteMe.dnsrslvr.dll.01c97544f6ba1328.000b
[2006/11/02 04:46:04 | 000,256,512 | ---- | M] (Microsoft Corporation) -- C:\$$DeleteMe.dpx.dll.01c97544fba2e928.0019
[2006/11/02 04:46:05 | 000,266,752 | ---- | M] (Microsoft Corporation) -- C:\$$DeleteMe.iertutil.dll.01c9754501f32ec8.0023
[2006/11/02 04:46:05 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\$$DeleteMe.imagehlp.dll.01c97544f58bc488.0007
[2006/11/02 04:46:05 | 000,113,664 | ---- | M] (Microsoft Corporation) -- C:\$$DeleteMe.loadperf.dll.01c97544fb3c8e08.0018
[2006/11/02 04:46:10 | 000,123,904 | ---- | M] (Microsoft Corporation) -- C:\$$DeleteMe.msvfw32.dll.01c97544f85d0528.000f
[2006/11/02 04:46:11 | 001,337,344 | ---- | M] (Microsoft Corporation) -- C:\$$DeleteMe.msxml6.dll.01c97544f4a27dc8.0002
[2006/11/02 04:41:09 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\$$DeleteMe.msxml6r.dll.01c97544f4a27dc8.0001
[2006/11/02 04:46:11 | 000,797,696 | ---- | M] (Microsoft Corporation) -- C:\$$DeleteMe.NaturalLanguage6.dll.01c97544fe1c16e8.0020
[2006/11/02 04:46:11 | 004,874,240 | ---- | M] (Microsoft Corporation) -- C:\$$DeleteMe.NlsData0009.dll.01c97544ffa99c88.0021
[2006/11/02 03:22:05 | 002,628,608 | ---- | M] (Microsoft Corporation) -- C:\$$DeleteMe.NlsLexicons0009.dll.01c97544fd731548.001f
[2006/11/02 04:46:12 | 000,558,080 | ---- | M] (Microsoft Corporation) -- C:\$$DeleteMe.oleaut32.dll.01c97544f6d1e0e8.000c
[2006/11/02 04:45:32 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\$$DeleteMe.poqexec.exe.01c97544f5504228.0004
[2006/11/02 04:46:12 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\$$DeleteMe.printcom.dll.01c97544f7a0f888.000d
[2006/11/02 04:46:12 | 000,749,568 | ---- | M] (Microsoft Corporation) -- C:\$$DeleteMe.qmgr.dll.01c97544f47080e8.0000
[2006/11/02 04:46:12 | 001,327,104 | ---- | M] (Microsoft Corporation) -- C:\$$DeleteMe.quartz.dll.01c97544f55e8a68.0005
[2006/11/02 04:46:12 | 000,789,504 | ---- | M] (Microsoft Corporation) -- C:\$$DeleteMe.rpcrt4.dll.01c97544f5efbe48.0008
[2006/11/02 04:46:12 | 000,269,312 | ---- | M] (Microsoft Corporation) -- C:\$$DeleteMe.schannel.dll.01c97544f868ec08.0011
[2006/11/02 04:46:12 | 000,595,456 | ---- | M] (Microsoft Corporation) -- C:\$$DeleteMe.schedsvc.dll.01c97544fbbf79a8.001a
[2006/11/02 04:46:13 | 001,584,128 | ---- | M] (Microsoft Corporation) -- C:\$$DeleteMe.setupapi.dll.01c97544fbcdc1e8.001b
[2006/11/02 04:46:13 | 011,314,688 | ---- | M] (Microsoft Corporation) -- C:\$$DeleteMe.shell32.dll.01c97544f8a93128.0013
[2006/11/02 04:46:13 | 000,221,184 | ---- | M] (Microsoft Corporation) -- C:\$$DeleteMe.SLC.dll.01c97544f95e19a8.0014
[2006/11/02 04:45:45 | 002,592,256 | ---- | M] (Microsoft Corporation) -- C:\$$DeleteMe.SLsvc.exe.01c97544f9679f28.0015
[2006/11/02 07:36:17 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\$$DeleteMe.srclient.dll.01c97544fbd4e608.001c
[2006/11/02 04:45:49 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\$$DeleteMe.TrustedInstaller.exe.01c97544fc31bba8.001d
[2006/11/02 04:46:13 | 000,221,184 | ---- | M] (Microsoft Corporation) -- C:\$$DeleteMe.umpnpmgr.dll.01c97544fb330888.0017
[2006/11/02 04:46:13 | 001,149,952 | ---- | M] (Microsoft Corporation) -- C:\$$DeleteMe.urlmon.dll.01c9754501e4e688.0022
[2006/11/02 04:46:13 | 000,633,856 | ---- | M] (Microsoft Corporation) -- C:\$$DeleteMe.user32.dll.01c97544f4de0028.0003
[2006/11/02 04:46:13 | 000,439,808 | ---- | M] (Microsoft Corporation) -- C:\$$DeleteMe.win32spl.dll.01c97544f7a0f888.000e
[2006/11/02 04:46:14 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\$$DeleteMe.wininet.dll.01c97545020fbf48.0024
[2006/11/02 07:35:57 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\$$DeleteMe.WMASF.DLL.01c97544f9f8d308.0016
[2006/11/02 04:44:15 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\$$DeleteMe.wmi.dll.01c97544f5896328.0006
[2006/11/02 07:35:57 | 002,433,536 | ---- | M] (Microsoft Corporation) -- C:\$$DeleteMe.WMVCORE.DLL.01c97544f68f3a68.0009
[2007/06/18 19:18:10 | 000,000,074 | ---- | M] () -- C:\autoexec.bat
[2006/11/02 04:53:57 | 000,438,840 | RHS- | M] () -- C:\bootmgr
[2006/09/18 16:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2010/07/31 12:00:37 | 2392,850,432 | -HS- | M] () -- C:\pagefile.sys
[2009/03/19 18:03:12 | 000,000,594 | ---- | M] () -- C:\updatedatfix.log

< %PROGRAMFILES%\*. >
[2007/06/18 18:55:12 | 000,000,000 | ---D | M] -- C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[2010/07/17 11:41:57 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2010/03/10 22:29:49 | 000,000,000 | ---D | M] -- C:\Program Files\Apple Software Update
[2010/07/29 18:56:54 | 000,000,000 | ---D | M] -- C:\Program Files\Ask.com
[2009/05/01 20:35:54 | 000,000,000 | ---D | M] -- C:\Program Files\att-prt22
[2009/05/01 20:44:25 | 000,000,000 | ---D | M] -- C:\Program Files\ATT-PRT22-WISE
[2010/06/11 20:57:23 | 000,000,000 | ---D | M] -- C:\Program Files\AVS4YOU
[2010/07/29 20:57:54 | 000,000,000 | ---D | M] -- C:\Program Files\BearShare Applications
[2010/01/27 23:23:05 | 000,000,000 | ---D | M] -- C:\Program Files\BFG
[2010/03/10 22:31:21 | 000,000,000 | ---D | M] -- C:\Program Files\Bonjour
[2010/06/11 20:55:39 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2010/07/10 00:09:57 | 000,000,000 | ---D | M] -- C:\Program Files\COMODO
[2009/03/16 20:21:56 | 000,000,000 | ---D | M] -- C:\Program Files\CONEXANT
[2007/06/18 19:09:11 | 000,000,000 | ---D | M] -- C:\Program Files\earthlink totalaccess
[2009/12/07 20:31:06 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2009/03/13 22:15:31 | 000,000,000 | ---D | M] -- C:\Program Files\Hewlett-Packard
[2010/01/27 23:58:05 | 000,000,000 | ---D | M] -- C:\Program Files\Hidden Expedition Titanic
[2009/03/19 18:03:01 | 000,000,000 | ---D | M] -- C:\Program Files\Hp
[2007/06/18 19:16:08 | 000,000,000 | ---D | M] -- C:\Program Files\HP Games
[2007/06/18 19:26:02 | 000,000,000 | ---D | M] -- C:\Program Files\HPQ
[2010/02/23 21:02:11 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2010/01/24 16:14:55 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2010/03/10 22:32:12 | 000,000,000 | ---D | M] -- C:\Program Files\iPod
[2010/03/10 22:33:40 | 000,000,000 | ---D | M] -- C:\Program Files\iTunes
[2010/04/04 16:17:37 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2009/01/15 22:17:08 | 000,000,000 | ---D | M] -- C:\Program Files\Lavasoft
[2010/07/29 18:58:17 | 000,000,000 | ---D | M] -- C:\Program Files\LimeWire
[2010/02/23 19:02:26 | 000,000,000 | ---D | M] -- C:\Program Files\McAfee Security Scan
[2010/03/07 19:25:38 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft
[2010/07/20 19:27:45 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2006/11/02 07:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Games
[2007/06/18 18:53:34 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2010/07/25 10:52:23 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works
[2007/06/18 18:53:16 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2006/11/02 07:42:32 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2009/05/29 20:25:54 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2006/11/02 07:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2010/03/07 19:26:35 | 000,000,000 | ---D | M] -- C:\Program Files\MSN
[2009/06/11 22:14:32 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Games
[2010/03/07 19:25:34 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Toolbar
[2010/03/07 19:26:24 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Toolbar Installer
[2009/01/12 21:11:04 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
[2007/06/18 19:17:33 | 000,000,000 | ---D | M] -- C:\Program Files\muvee Technologies
[2010/02/06 19:50:34 | 000,000,000 | ---D | M] -- C:\Program Files\Mystery Case Files - Huntsville
[2007/06/18 18:56:08 | 000,000,000 | ---D | M] -- C:\Program Files\NetWaiting
[2010/02/02 22:02:09 | 000,000,000 | ---D | M] -- C:\Program Files\Norton Security Scan
[2010/02/02 22:02:07 | 000,000,000 | ---D | M] -- C:\Program Files\NortonInstaller
[2009/06/11 21:04:58 | 000,000,000 | ---D | M] -- C:\Program Files\Oberon Media
[2007/06/18 19:10:25 | 000,000,000 | ---D | M] -- C:\Program Files\Online Services
[2009/08/05 16:11:31 | 000,000,000 | ---D | M] -- C:\Program Files\OXXOGames
[2009/08/09 14:23:23 | 000,000,000 | ---D | M] -- C:\Program Files\PANTECH
[2010/03/10 22:31:01 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2007/06/18 19:24:36 | 000,000,000 | ---D | M] -- C:\Program Files\Real
[2006/11/02 07:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2007/06/18 19:24:42 | 000,000,000 | ---D | M] -- C:\Program Files\Rhapsody
[2007/06/18 18:36:06 | 000,000,000 | ---D | M] -- C:\Program Files\Roxio
[2009/08/09 15:17:17 | 000,000,000 | ---D | M] -- C:\Program Files\Selectsoft
[2010/05/29 00:06:39 | 000,000,000 | ---D | M] -- C:\Program Files\Singlesnet
[2010/02/28 14:52:31 | 000,000,000 | ---D | M] -- C:\Program Files\Spybot - Search & Destroy
[2007/06/18 18:12:00 | 000,000,000 | ---D | M] -- C:\Program Files\Synaptics
[2006/11/02 08:01:55 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2010/07/09 23:51:17 | 000,000,000 | ---D | M] -- C:\Program Files\Viva Media
[2009/09/20 19:03:11 | 000,000,000 | ---D | M] -- C:\Program Files\Viva Media Game Center
[2009/01/18 18:51:28 | 000,000,000 | ---D | M] -- C:\Program Files\Vongo
[2008/08/05 16:47:39 | 000,000,000 | ---D | M] -- C:\Program Files\WIDCOMM
[2009/01/18 19:11:29 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Calendar
[2009/01/15 23:36:54 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Defender
[2006/11/02 07:42:32 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Journal
[2010/03/07 19:48:48 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Mail
[2010/01/24 16:14:42 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2006/11/02 07:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2006/11/02 07:42:32 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Photo Gallery
[2009/01/15 23:36:44 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Sidebar
[2010/05/11 23:18:24 | 000,000,000 | ---D | M] -- C:\Program Files\Yahoo!
[2010/07/27 21:57:56 | 000,000,000 | ---D | M] -- C:\Program Files\ZooskMessenger

< %appdata%\*.* >
[2010/07/31 12:02:03 | 000,041,662 | ---- | M] () -- C:\Users\linda\AppData\Roaming\nvModes.001
[2010/04/04 18:39:28 | 000,041,662 | ---- | M] () -- C:\Users\linda\AppData\Roaming\nvModes.dat
[2010/07/25 17:17:54 | 000,000,166 | ---- | M] () -- C:\Users\linda\AppData\Roaming\wklnhst.dat


< MD5 for: AGP440.SYS >
[2007/06/18 19:28:17 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=313FF294978EA6AF715722D708FB249F -- C:\WINDOWS\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.20494_none_b858f78adaed51b3\AGP440.sys
[2007/06/18 19:28:18 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=CE71AFD6738AA025D742CDBCFBDC8B9C -- C:\WINDOWS\System32\DriverStore\FileRepository\machine.inf_f2490cb0\AGP440.sys
[2007/06/18 19:28:18 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=CE71AFD6738AA025D742CDBCFBDC8B9C -- C:\WINDOWS\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.16399_none_b7d45c31c1cb309c\AGP440.sys
[2006/11/02 04:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\WINDOWS\System32\drivers\AGP440.sys
[2006/11/02 04:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\WINDOWS\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

< MD5 for: ATAPI.SYS >
[2006/11/02 04:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\WINDOWS\System32\drivers\atapi.sys
[2006/11/02 04:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\WINDOWS\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2009/01/12 21:31:45 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\WINDOWS\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2009/01/12 21:31:45 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\WINDOWS\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2006/11/02 04:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\WINDOWS\System32\cngaudit.dll
[2006/11/02 04:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\WINDOWS\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: DISK.SYS >
[2006/11/02 04:49:51 | 000,052,840 | ---- | M] (Microsoft Corporation) MD5=841AF4C4D41D3E3B2F244E976B0F7963 -- C:\WINDOWS\System32\drivers\disk.sys
[2006/11/02 04:49:51 | 000,052,840 | ---- | M] (Microsoft Corporation) MD5=841AF4C4D41D3E3B2F244E976B0F7963 -- C:\WINDOWS\System32\DriverStore\FileRepository\disk.inf_e0b0b355\disk.sys

< MD5 for: IASTORV.SYS >
[2006/11/02 04:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\WINDOWS\System32\drivers\iaStorV.sys
[2006/11/02 04:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\WINDOWS\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

< MD5 for: NETLOGON.DLL >
[2006/11/02 04:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\WINDOWS\System32\netlogon.dll
[2006/11/02 04:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\WINDOWS\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2006/11/02 04:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\WINDOWS\System32\drivers\nvstor.sys
[2006/11/02 04:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\WINDOWS\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys

< MD5 for: SCECLI.DLL >
[2006/11/02 04:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\WINDOWS\System32\scecli.dll
[2006/11/02 04:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\WINDOWS\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll

< MD5 for: USBSTOR.SYS >
[2009/01/12 21:46:33 | 000,055,296 | ---- | M] (Microsoft Corporation) MD5=7887CE56934E7F104E98C975F47353C5 -- C:\WINDOWS\System32\drivers\USBSTOR.SYS
[2009/01/12 21:46:33 | 000,055,296 | ---- | M] (Microsoft Corporation) MD5=7887CE56934E7F104E98C975F47353C5 -- C:\WINDOWS\System32\DriverStore\FileRepository\usbstor.inf_8416e98e\USBSTOR.SYS
[2009/01/12 21:46:33 | 000,055,296 | ---- | M] (Microsoft Corporation) MD5=7887CE56934E7F104E98C975F47353C5 -- C:\WINDOWS\winsxs\x86_usbstor.inf_31bf3856ad364e35_6.0.6000.16478_none_465c5f209ade1e53\USBSTOR.SYS
[2009/01/12 21:46:33 | 000,055,296 | ---- | M] (Microsoft Corporation) MD5=7DA1833F2B2500C755AB6C81C5ABFC88 -- C:\WINDOWS\winsxs\x86_usbstor.inf_31bf3856ad364e35_6.0.6000.20588_none_46db2bffb403da0e\USBSTOR.SYS
[2006/11/02 03:55:05 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=FDBAABF07244C60B0F4E0A6E71A107C6 -- C:\WINDOWS\System32\DriverStore\FileRepository\usbstor.inf_bb2778a0\USBSTOR.SYS

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-07-31 16:22:02

========== Alternate Data Streams ==========

@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:33A7CC67
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:EAB5D262
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:8C35AEA7
< End of report >
OTL Extras logfile created on: 7/31/2010 3:20:39 PM - Run 1
OTL by OldTimer - Version 3.2.9.0 Folder = C:\Users\linda\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18882)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 51.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 67.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 103.38 Gb Total Space | 73.35 Gb Free Space | 70.96% Space Free | Partition Type: NTFS
Drive D: | 7.17 Gb Total Space | 0.72 Gb Free Space | 10.01% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 1.24 Gb Total Space | 1.21 Gb Free Space | 97.33% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded


lcisbell

Newbie Surfer
Newbie Surfer

Posts : 12
Joined : 2010-08-01
Operating System : windows vista

View user profile

Back to top Go down

multiple issues part 2

Post by lcisbell on Sun 01 Aug 2010, 8:09 am

Computer Name: LINDA-PC
Current User Name: linda
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" = C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink -- (EarthLink, Inc.)


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{15F1EBF9-7F9A-4035-9DFE-2D04C2E3947C}" = lport=138 | protocol=17 | dir=in | app=system |
"{1BC7F9C8-1956-49CF-BD9E-28ADC4F51FF5}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{228F7FBA-CA6F-4154-97E6-2F55C1CE3B3D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{22A13A5E-F8D4-4AB9-9AB3-7C3D49A188F6}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{23A92B86-EF36-4CBA-83B4-622550FF55C1}" = lport=10243 | protocol=6 | dir=in | app=system |
"{2E6F94AE-C295-484D-9DA0-7EC33B28ACA7}" = lport=2869 | protocol=6 | dir=in | app=system |
"{37D37057-5199-4494-9D54-3FC3E9A6D8CD}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe |
"{4144D10F-240B-4479-ABAD-E6D5F1B970FC}" = lport=2869 | protocol=6 | dir=in | app=system |
"{444E854C-76DC-4638-8A25-446401E3684D}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe |
"{5F0D21F3-26E4-4616-B57A-5CE91DC79C8A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{61191D85-4EC7-4D7B-B3D6-07DEB12CE797}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{6543999F-1ADB-4D72-9FC9-373018A01E69}" = rport=138 | protocol=17 | dir=out | app=system |
"{77513A0B-C922-482C-AD9F-C797D49AB484}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{784A8546-C1F7-4F91-860E-C0EA20F2D36A}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe |
"{7DFC632B-C221-4CA6-B1FE-6FD88F9E6FF8}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe |
"{96C77996-2F76-4465-8525-7C2BA511CF9D}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{A671E89E-7EF1-4CB1-A227-95CE12B25754}" = rport=137 | protocol=17 | dir=out | app=system |
"{B0E49B69-1D6C-4832-8F16-FA56F3D40C8F}" = lport=137 | protocol=17 | dir=in | app=system |
"{B8D7D875-A4D3-4AA7-8278-592C8A74DD12}" = rport=139 | protocol=6 | dir=out | app=system |
"{B97C663C-921B-4DE4-897A-AB0FB0BAC2D8}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{BE4ECA12-9E73-4FAB-A0BE-E3A35159B2C9}" = lport=445 | protocol=6 | dir=in | app=system |
"{C7F7383A-2F6F-4672-829E-64D2A8F9D84C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{CB0556A0-CC8E-4154-BF3B-32A5142F58D2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{D105A96F-A5A2-47A2-81F3-508847453C8B}" = rport=10243 | protocol=6 | dir=out | app=system |
"{D7B97C7D-A9F3-40F6-B3C8-93C7B8BFAD86}" = lport=2869 | protocol=6 | dir=in | app=system |
"{D96C69A4-FE19-4A02-8799-1CB1E62CBC69}" = rport=445 | protocol=6 | dir=out | app=system |
"{DB8E7825-6D87-4153-9B65-F5EAD4F6AC32}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{E19BB598-15A0-4B44-9F64-310B598B58E2}" = lport=139 | protocol=6 | dir=in | app=system |
"{E8E3A9C2-2A7E-4380-8294-D6E734157007}" = rport=2869 | protocol=6 | dir=out | app=system |
"{F2E6E32F-0056-4CAF-9141-5920D8BB22F6}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03937102-D399-4D15-B74C-0ECA253FE035}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{09D90C8B-63FF-4138-986D-7A6EB7CB466D}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{0A2907F2-2F75-489B-AAC0-0C4BC96DAA85}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{0A8FDF8C-0C8F-4877-816B-9EDB3ACEEDAB}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
"{0BD2C9D1-F4A1-4D7E-BF73-BEA58746E4A0}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{13CE7F09-9D08-4BBD-9B1E-882ACC698775}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{154EA595-D3AC-44EF-B4B3-A39706386480}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmplayer.exe |
"{17B78449-8DA5-4C80-810F-6AC4BDA15E72}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
"{18DC480A-2EE4-4E18-8A84-6B749883C2BD}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmpnetwk.exe |
"{1CBE5B7E-9C5F-4D37-9F8B-2EAAB3128609}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{271CB2C8-AD74-494F-AB8B-9FC5377DFAA7}" = dir=in | app=c:\program files\hp\quickplay\qpservice.exe |
"{27E746DC-18E9-4F4A-BAB0-62EA7A2C079B}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{282AAFF9-0459-4F92-876F-8679B95B9A9A}" = dir=in | app=c:\program files\hp\quickplay\qp.exe |
"{2AF7E942-7CEB-4931-AB6B-2FBE44E67C35}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{2E2B4B7C-8ACC-4060-A040-31E1B1EAC995}" = protocol=6 | dir=out | app=c:\windows\system32\wudfhost.exe |
"{30D2238B-C1EE-4552-AC1A-DE094612C271}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{39F92367-FC69-443B-AA66-59D134921F5C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{3A941E05-5289-47EC-967A-106392450BAC}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{3D79AAB8-C9A2-416F-BE0D-00D1AA2D7838}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmpnetwk.exe |
"{3E520652-29C6-49B4-A709-58C124540097}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{3EE7134D-8589-41AE-A10C-31BCEB768DF8}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{433F6424-3AA1-4670-BBBE-1E1D2C5766E6}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe |
"{4E85F3CA-F03C-472E-A355-8633292ABD84}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmpnetwk.exe |
"{54973449-C946-4F50-8B10-8F0527F508C0}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{599B1C39-D05C-4A5D-9FA1-CB9BE5A81693}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
"{72BD159C-48BE-4265-BBCD-2B07B82B334D}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{75B226BC-446E-49ED-B74A-6AB6F6D77040}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
"{7CF7F55E-AB57-4A45-938E-193373F85259}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{848BD9DA-4760-42A9-93CD-45FD380E681A}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{8BF6FE1B-1A82-4B8D-B046-72994F8BEEF6}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{8ED9A2D0-FD49-4541-A5A7-7E2A80B6B6D3}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{8EE1CE6E-AA8E-43AD-BB6A-E0E61BCCF153}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{917CA940-73E8-4BF1-A6B0-50C1705D99F7}" = protocol=6 | dir=out | app=system |
"{BA23AC27-C246-4FBB-8AEB-76C71A44D3C3}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{BC12EE39-F709-4932-ADBC-722AF04B5AC7}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{DAFD722F-2D17-4F7B-9844-F8CDD5B23F7E}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{DC65660D-E32D-430E-8CE1-BB2D83F8D82E}" = protocol=6 | dir=out | app=system |
"{DE368681-1D60-4EE8-B793-2C85321503B6}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{EE0C67A2-CB0B-4B13-9473-F720B71D42ED}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmplayer.exe |
"{FB3DE2A4-648B-4F02-8062-D6147C05B8BF}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{FC981C92-6BB1-44CA-9114-DFCDF477DF95}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe |
"{FFD1DF0B-7FA2-4E4D-8B8F-486D0F7F564F}" = protocol=6 | dir=in | app=c:\program files\windows media player\wmpnetwk.exe |
"TCP Query User{55838EC0-36BD-4A96-94E9-991C8342F927}C:\program files\limewire\limewire.exe" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"TCP Query User{8BF999A4-3E11-484F-AB30-3F50C05CA047}C:\program files\bearshare applications\bearshare\bearshare.exe" = protocol=6 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe |
"TCP Query User{DF7ECA0F-65DC-4449-B29C-753B329849DD}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{22D98336-801B-4648-BE85-BC9CF8C2FF80}C:\program files\limewire\limewire.exe" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"UDP Query User{325820AA-D072-465C-B1AE-0BDF7AE6B3C2}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{A47713B5-C28D-4F4B-ACB8-25E2F44B0455}C:\program files\bearshare applications\bearshare\bearshare.exe" = protocol=17 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = MSN Toolbar
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{0BFC200F-C45D-4271-AF34-4CA969225DEB}" = muvee autoProducer 6.0
"{0CFD3BAF-9F4D-4D70-BD0B-638EA2504C25}" = PSSWCORE
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{0DFB3DE8-65B9-44FF-AA0A-3BECC5A2BFD1}" = Adobe Flash Player 10 Plugin
"{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}" = Roxio Creator EasyArchive
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{2656D0AB-9EA4-4C58-A117-635F3CED8B93}" = Microsoft UI Engine
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 19
"{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}" = Rhapsody Player Engine
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
"{33C65B6A-5D73-4E3E-A1F9-127C27BD3F72}" = Roxio MyDVD Basic v9
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.10 B9
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Roxio Activation Module
"{39523EA4-F914-4447-A551-2513766095F5}" = ESU for Microsoft Vista
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{3FFB3B34-D639-4384-9AE9-DDE58430D86F}" = MSCU for Microsoft Vista
"{40F7AED3-0C7D-4582-99F6-484A515C73F2}" = HP Easy Setup - Frontend
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP QuickPlay 3.2
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4F535C04-86BE-47D1-98C6-8AB26D28482B}" = Singlesnet
"{59046D29-2E6B-4224-BF0D-64F3E7A93F7B}" = LightScribe System Software 1.10.19.1
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{61BEA823-ECAF-49F1-8378-A59B3B8AD247}" = Microsoft Default Manager
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{66CFECBB-36FE-EE88-5623-BC7A29A91C3C}" = Zoosk Messenger
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{81063354-9060-42B2-A000-1EBE96778AA9}" = iTunes
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{8C838521-15F3-41E0-B240-62627E935BE3}" = HP User Guides 0083
"{8CEA85DE-955B-4BF4-87F2-0BAA62821633}" = HP Photosmart Essential2.5
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9061CEF2-51F5-42C9-8A70-9ED351C6597A}" = HP Help and Support
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{A13E07E1-A423-44FB-9DEE-B24C75C1BAF2}" = HP Integrated Module with Bluetooth wireless technology
"{A65F7CF8-6F76-40CE-B44D-D5A89D9881C7}" = MSN Toolbar Platform
"{AB5E289E-76BF-4251-9F3F-9B763F681AE0}" = HP Customer Experience Enhancements
"{AC76BA86-7AD7-1033-7B44-A80000000002}" = Adobe Reader 8
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{C13AF9C7-8E06-4354-B629-DF6192CE4A66}" = PANTECH UM175 Driver
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator Basic v9
"{CBAE4F50-9FC9-4557-AB36-9826DF3C103C}" = HP Wireless Assistant
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}" = HP Active Support Library
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E25EB359-C7A3-4E0F-B06C-D6A539AD353E}" = COMODO System Cleaner
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F6B29003-A078-4491-AFBE-62EFB6CFFE19}" = HP Total Care Advisor
"{FAB0C302-CB18-4A7A-BA03-C3DC23101A68}" = HP Active Support Library 32 bit components
"{FE57DE70-95DE-4B64-9266-84DA811053DB}" = HP Update
"3003 Crystal Mazes" = 3003 Crystal Mazes
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"ATT-PRT22" = ATT-PRT22
"AVS Audio Converter 6.2_is1" = AVS Audio Converter version 6.2
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"CNXT_AUDIO_HDA" = Conexant HD Audio
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_5045&SUBSYS_103C30B7" = HDAUDIO Soft Data Fax Modem with SmartCP
"com.zoosk.Desktop.096E6A67431258A508A2446A847B240591D2C99B.1" = Zoosk Messenger
"Hidden Expedition Titanic" = Hidden Expedition Titanic (remove only)
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Photosmart Essential" = HP Photosmart Essential 2.0
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MSNINST" = MSN
"Mystery Case Files - Huntsville" = Mystery Case Files - Huntsville (remove only)
"NSS" = Norton Security Scan
"NVIDIA Drivers" = NVIDIA Drivers
"Rhapsody" = Rhapsody
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WildTangent hplaptop Master Uninstall" = My HP Games
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.9.2

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 7/30/2010 8:04:35 PM | Computer Name = linda-PC | Source = MsiInstaller | ID = 1024
Description =

Error - 7/30/2010 8:09:36 PM | Computer Name = linda-PC | Source = MsiInstaller | ID = 11606
Description =

Error - 7/30/2010 8:09:36 PM | Computer Name = linda-PC | Source = MsiInstaller | ID = 11606
Description =

Error - 7/30/2010 8:09:36 PM | Computer Name = linda-PC | Source = MsiInstaller | ID = 1024
Description =

Error - 7/30/2010 8:10:45 PM | Computer Name = linda-PC | Source = Application Hang | ID = 1002
Description = The program YahooMessenger.exe version 10.0.0.1270 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 114 Start Time: 01cb303cdfba216c Termination Time: 1264

Error - 7/31/2010 9:45:21 AM | Computer Name = linda-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 7/31/2010 12:15:16 PM | Computer Name = linda-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 7/31/2010 12:59:03 PM | Computer Name = linda-PC | Source = Application Error | ID = 1000
Description = Faulting application YahooMessenger.exe, version 10.0.0.1270, time
stamp 0x4c053ffe, faulting module kernel32.dll, version 6.0.6000.16820, time stamp
0x49952034, exception code 0xc0000005, fault offset 0x00044fae, process id 0x7b4,
application start time 0x01cb30cb523fa310.

Error - 7/31/2010 1:11:03 PM | Computer Name = linda-PC | Source = Application Error | ID = 1000
Description = Faulting application YahooMessenger.exe, version 10.0.0.1270, time
stamp 0x4c053ffe, faulting module ymsdk.dll_unloaded, version 0.0.0.0, time stamp
0x4c0540c3, exception code 0xc0000005, fault offset 0x6109427d, process id 0x244,
application start time 0x01cb30d211dfb040.

Error - 7/31/2010 1:27:51 PM | Computer Name = linda-PC | Source = Application Error | ID = 1000
Description = Faulting application YahooMessenger.exe, version 10.0.0.1270, time
stamp 0x4c053ffe, faulting module kernel32.dll, version 6.0.6000.16820, time stamp
0x49952034, exception code 0xe06d7363, fault offset 0x0001b09e, process id 0x1298,
application start time 0x01cb30d363ad0b60.

[ System Events ]
Error - 7/31/2010 12:22:02 PM | Computer Name = linda-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 7/31/2010 12:22:02 PM | Computer Name = linda-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 7/31/2010 12:22:02 PM | Computer Name = linda-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 7/31/2010 12:22:02 PM | Computer Name = linda-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 7/31/2010 12:22:02 PM | Computer Name = linda-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 7/31/2010 12:22:02 PM | Computer Name = linda-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 7/31/2010 12:25:18 PM | Computer Name = linda-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =

Error - 7/31/2010 1:03:11 PM | Computer Name = linda-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 7/31/2010 1:06:33 PM | Computer Name = linda-PC | Source = ipnathlp | ID = 31004
Description = The DNS proxy agent was unable to allocate 0 bytes of memory. This
may indicate that the system is low on virtual memory, or that the memory manager
has encountered an internal error.

Error - 7/31/2010 1:06:36 PM | Computer Name = linda-PC | Source = ipnathlp | ID = 31004
Description = The DNS proxy agent was unable to allocate 0 bytes of memory. This
may indicate that the system is low on virtual memory, or that the memory manager
has encountered an internal error.


< End of report >

It is also very slow starting up I will run that program also
thanks for any help you can give me

lcisbell

Newbie Surfer
Newbie Surfer

Posts : 12
Joined : 2010-08-01
Operating System : windows vista

View user profile

Back to top Go down

Re: multiple issues part 2

Post by DragonMaster Jay on Tue 03 Aug 2010, 5:48 pm

Hello, and welcome to GeekPolice.

Please note the following information about the malware forum:
  • Only Tech Officers, Global Moderators, Administrators, and Malware Advisors are allowed to give advice on removing malware from your computer.
  • From this point on, please do not make any more changes to your computer; such as install/uninstall programs, use special fix tools, delete files, edit the registry, etc. - unless advised by the staff I noted above.
  • Please do not ask for help elsewhere (in this site or other sites). Doing so can result in system changes, which may not show up in the logs you post.
  • If you have already asked for help somewhere, please post the link to the topic you were helped.
  • We try our best to reply quickly, but for any reason we do not reply in two days, do one of two things:

    Reply to this topic with the word BUMP, or
    see [You must be registered and logged in to see this link.].

  • Lastly, keep in mind that we are volunteers, so you do not have to pay for malware removal. Persist in this topic until its close, and your computer is declared clean.





Please visit this webpage for a tutorial on downloading and running ComboFix:

[You must be registered and logged in to see this link.]

See the area: Using ComboFix, and when done, post the log back here.


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Re: multiple issues part 2

Post by lcisbell on Wed 04 Aug 2010, 2:23 pm

here is the new log

ComboFix 10-08-03.01 - linda 08/03/2010 21:18:42.2.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1033.18.1982.1235 [GMT -5:00]
Running from: c:\users\linda\Desktop\ComboFix.exe
SP: Spybot - Search and Destroy *disabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((( Files Created from 2010-07-04 to 2010-08-04 )))))))))))))))))))))))))))))))
.

2010-08-04 02:43 . 2010-08-04 02:43 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-08-02 22:50 . 2010-02-20 23:54 24064 ----a-w- c:\windows\system32\nshhttp.dll
2010-08-02 22:50 . 2010-02-20 23:51 31232 ----a-w- c:\windows\system32\httpapi.dll
2010-08-02 22:50 . 2010-02-20 21:30 396800 ----a-w- c:\windows\system32\drivers\http.sys
2010-07-28 02:57 . 2010-07-28 02:57 -------- d-----w- c:\program files\ZooskMessenger
2010-07-21 00:27 . 2010-07-21 00:27 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
2010-07-21 00:27 . 2010-07-21 00:27 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2010-07-20 00:41 . 2010-07-20 00:41 -------- d-----w- c:\users\linda\AppData\Local\WindowsUpdate
2010-07-19 23:26 . 2010-07-19 23:28 8 ----a-w- c:\windows\crpf.bin
2010-07-19 23:26 . 2010-07-19 23:26 13514 ----a-w- c:\windows\csdf_sdum.dat
2010-07-19 23:26 . 2010-07-19 23:26 4 ----a-w- c:\windows\crpf_sdum.bin
2010-07-10 18:44 . 2010-07-10 18:44 -------- d-----w- c:\users\linda\AppData\Roaming\ComodoGroup
2010-07-10 14:44 . 2010-08-04 00:38 680 ----a-w- c:\users\linda\AppData\Local\d3d9caps.dat
2010-07-10 05:09 . 2010-07-10 05:09 -------- d-----w- c:\program files\COMODO
2010-07-10 04:34 . 2010-07-10 04:34 -------- d-----w- c:\programdata\382E5
2010-07-07 05:58 . 2010-07-07 05:58 -------- dc----w- c:\programdata\{65893B95-F47B-4483-B883-86BA181E9B54}
2010-07-06 02:29 . 2010-07-06 02:29 -------- d-----w- c:\users\linda\AppData\Local\Yahoo!

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-02 23:03 . 2009-01-10 05:10 93072 ----a-w- c:\users\linda\AppData\Local\GDIPFONTCACHEV1.DAT
2010-08-01 18:14 . 2010-03-11 03:27 -------- d-----w- c:\program files\Common Files\Apple
2010-07-30 01:57 . 2010-06-09 04:29 -------- d-----w- c:\program files\BearShare Applications
2010-07-29 23:58 . 2009-03-19 23:10 -------- d-----w- c:\program files\LimeWire
2010-07-29 23:56 . 2010-06-09 04:23 -------- d-----w- c:\program files\Ask.com
2010-07-26 22:59 . 2007-06-18 23:51 -------- d-----w- c:\programdata\Microsoft Help
2010-07-25 22:17 . 2009-09-25 03:21 166 ----a-w- c:\users\linda\AppData\Roaming\wklnhst.dat
2010-07-25 15:52 . 2007-06-18 23:50 -------- d-----w- c:\program files\Microsoft Works
2010-07-17 16:41 . 2010-05-11 23:59 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-07-10 06:12 . 2007-06-18 23:04 12 ----a-w- c:\windows\bthservsdp.dat
2010-07-10 04:51 . 2009-09-21 00:03 -------- d-----w- c:\program files\Viva Media
2010-07-08 23:49 . 2010-05-29 05:07 -------- d-----w- c:\users\linda\AppData\Roaming\Singlesnet
2010-07-08 04:34 . 2009-09-21 00:04 -------- d-----w- c:\programdata\AlawarWrapper
2010-06-17 01:31 . 2007-06-18 23:57 -------- d-----w- c:\programdata\CyberLink
2010-06-12 01:58 . 2010-06-12 01:58 -------- d-----w- c:\programdata\AVS4YOU
2010-06-12 01:57 . 2010-06-12 01:57 -------- d-----w- c:\users\linda\AppData\Roaming\AVS4YOU
2010-06-12 01:57 . 2010-06-12 01:55 -------- d-----w- c:\program files\Common Files\AVSMedia
2010-06-12 01:57 . 2010-06-12 01:55 -------- d-----w- c:\program files\AVS4YOU
2010-05-21 19:14 . 2009-11-11 01:00 221568 ------w- c:\windows\system32\MpSigStub.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-10-18 455968]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-09-18 39408]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2006-11-02 125440]
"Messenger (Yahoo!)"="c:\progra~1\Yahoo!\MESSEN~1\YahooMessenger.exe" [2010-06-01 5252408]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 201728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2009-01-13 1006264]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-01-13 827392]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2007-03-29 176128]
"QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2006-11-06 159744]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-10-09 75008]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-10-03 480560]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-11-07 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-11-07 8534560]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-11-07 81920]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"MSN Toolbar"="c:\program files\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe" [2009-12-09 240992]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-07-17 288080]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-11 417792]
"COMODO System Cleaner"="c:\program files\COMODO\COMODO System Cleaner\CSC.EXE" [2009-08-13 6985992]

c:\users\linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
ZooskMessenger.lnk - c:\program files\ZooskMessenger\ZooskMessenger.exe [2010-7-27 142336]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Reader Synchronizer.lnk - c:\program files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe [2006-10-23 734872]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
R3 PTDUBus;PANTECH UM175 Composite Device Driver ;c:\windows\system32\DRIVERS\PTDUBus.sys [2008-08-11 33024]
R3 PTDUMdm;PANTECH UM175 Drivers;c:\windows\system32\DRIVERS\PTDUMdm.sys [2008-08-11 41344]
R3 PTDUVsp;PANTECH UM175 Diagnostic Port;c:\windows\system32\DRIVERS\PTDUVsp.sys [2008-08-11 39936]
R3 PTDUWWAN;PANTECH UM175 WWAN Driver;c:\windows\system32\DRIVERS\PTDUWWAN.sys [2008-08-11 59904]
S0 CFRPD;CFRPD;c:\windows\System32\drivers\cfrpd.sys [2009-08-05 53280]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-10-18 20:25 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder

2010-07-24 c:\windows\Tasks\HPCeeScheduleForlinda.job
- c:\program files\hewlett-packard\sdp\ceement\HPCEE.exe [2007-06-18 21:23]

2010-07-19 c:\windows\Tasks\Norton Security Scan for linda.job
- c:\program files\Norton Security Scan\Engine\2.7.0.52\Nss.exe [2010-02-03 17:54]
.
.
------- Supplementary Scan -------
.
uStart Page = [You must be registered and logged in to see this link.]
mStart Page = [You must be registered and logged in to see this link.]
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
Trusted Zone: movie25.com
.
- - - - ORPHANS REMOVED - - - -

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKCU-Run-Singlesnet - c:\program files\Singlesnet\Singlesnet\Singlesnet.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2010-08-03 21:44
Windows 6.0.6000 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'Explorer.exe'(4468)
c:\program files\Hewlett-Packard\HP Advisor\Pillars\Market\MLDeskBand.dll
.
Completion time: 2010-08-03 22:01:29
ComboFix-quarantined-files.txt 2010-08-04 03:01

Pre-Run: 71,171,141,632 bytes free
Post-Run: 70,181,634,048 bytes free

- - End Of File - - 4D86B39E17328F6D52AA445A8467DF50

lcisbell

Newbie Surfer
Newbie Surfer

Posts : 12
Joined : 2010-08-01
Operating System : windows vista

View user profile

Back to top Go down

Re: multiple issues part 2

Post by DragonMaster Jay on Wed 04 Aug 2010, 3:03 pm

Re-running ComboFix to remove infections:

  • Close any open browsers.
  • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  • Open notepad and copy/paste the text in the codebox below into it:
    Code:
    DirLook::
    c:\programdata\382E5

    FileLook::
    c:\windows\crpf.bin
    c:\windows\csdf_sdum.dat
    c:\windows\crpf_sdum.bin
  • Save this as CFScript.txt, in the same location as ComboFix.exe



  • Referring to the picture above, drag CFScript into ComboFix.exe
  • When finished, it shall produce a log for you at C:\ComboFix.txt
  • Please post the contents of the log in your next reply.


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Re: multiple issues part 2

Post by lcisbell on Thu 05 Aug 2010, 2:48 pm

ComboFix 10-08-03.01 - linda 08/04/2010 21:54:01.3.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1033.18.1982.1275 [GMT -5:00]
Running from: c:\users\linda\Desktop\ComboFix.exe
SP: Spybot - Search and Destroy *disabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((( Files Created from 2010-07-05 to 2010-08-05 )))))))))))))))))))))))))))))))
.

2010-08-05 03:14 . 2010-08-05 03:14 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp
2010-08-05 03:14 . 2010-08-05 03:14 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-08-05 03:14 . 2010-08-05 03:14 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-08-05 02:48 . 2010-08-05 02:50 -------- d-----w- C:\32788R22FWJFW
2010-08-02 22:50 . 2010-02-20 23:54 24064 ----a-w- c:\windows\system32\nshhttp.dll
2010-08-02 22:50 . 2010-02-20 23:51 31232 ----a-w- c:\windows\system32\httpapi.dll
2010-08-02 22:50 . 2010-02-20 21:30 396800 ----a-w- c:\windows\system32\drivers\http.sys
2010-07-28 02:57 . 2010-07-28 02:57 -------- d-----w- c:\program files\ZooskMessenger
2010-07-21 00:27 . 2010-07-21 00:27 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
2010-07-21 00:27 . 2010-07-21 00:27 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2010-07-20 00:41 . 2010-07-20 00:41 -------- d-----w- c:\users\linda\AppData\Local\WindowsUpdate
2010-07-19 23:26 . 2010-07-19 23:28 8 ----a-w- c:\windows\crpf.bin
2010-07-19 23:26 . 2010-07-19 23:26 13514 ----a-w- c:\windows\csdf_sdum.dat
2010-07-19 23:26 . 2010-07-19 23:26 4 ----a-w- c:\windows\crpf_sdum.bin
2010-07-10 18:44 . 2010-07-10 18:44 -------- d-----w- c:\users\linda\AppData\Roaming\ComodoGroup
2010-07-10 14:44 . 2010-08-04 00:38 680 ----a-w- c:\users\linda\AppData\Local\d3d9caps.dat
2010-07-10 05:09 . 2010-07-10 05:09 -------- d-----w- c:\program files\COMODO
2010-07-10 04:34 . 2010-07-10 04:34 -------- d-----w- c:\programdata\382E5
2010-07-07 05:58 . 2010-07-07 05:58 -------- dc----w- c:\programdata\{65893B95-F47B-4483-B883-86BA181E9B54}

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-02 23:03 . 2009-01-10 05:10 93072 ----a-w- c:\users\linda\AppData\Local\GDIPFONTCACHEV1.DAT
2010-08-01 18:14 . 2010-03-11 03:27 -------- d-----w- c:\program files\Common Files\Apple
2010-07-30 01:57 . 2010-06-09 04:29 -------- d-----w- c:\program files\BearShare Applications
2010-07-29 23:58 . 2009-03-19 23:10 -------- d-----w- c:\program files\LimeWire
2010-07-29 23:56 . 2010-06-09 04:23 -------- d-----w- c:\program files\Ask.com
2010-07-26 22:59 . 2007-06-18 23:51 -------- d-----w- c:\programdata\Microsoft Help
2010-07-25 22:17 . 2009-09-25 03:21 166 ----a-w- c:\users\linda\AppData\Roaming\wklnhst.dat
2010-07-25 15:52 . 2007-06-18 23:50 -------- d-----w- c:\program files\Microsoft Works
2010-07-17 16:41 . 2010-05-11 23:59 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-07-10 06:12 . 2007-06-18 23:04 12 ----a-w- c:\windows\bthservsdp.dat
2010-07-10 04:51 . 2009-09-21 00:03 -------- d-----w- c:\program files\Viva Media
2010-07-08 23:49 . 2010-05-29 05:07 -------- d-----w- c:\users\linda\AppData\Roaming\Singlesnet
2010-07-08 04:34 . 2009-09-21 00:04 -------- d-----w- c:\programdata\AlawarWrapper
2010-06-17 01:31 . 2007-06-18 23:57 -------- d-----w- c:\programdata\CyberLink
2010-06-12 01:58 . 2010-06-12 01:58 -------- d-----w- c:\programdata\AVS4YOU
2010-06-12 01:57 . 2010-06-12 01:57 -------- d-----w- c:\users\linda\AppData\Roaming\AVS4YOU
2010-06-12 01:57 . 2010-06-12 01:55 -------- d-----w- c:\program files\Common Files\AVSMedia
2010-06-12 01:57 . 2010-06-12 01:55 -------- d-----w- c:\program files\AVS4YOU
2010-05-21 19:14 . 2009-11-11 01:00 221568 ------w- c:\windows\system32\MpSigStub.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-10-18 455968]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-09-18 39408]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2006-11-02 125440]
"Messenger (Yahoo!)"="c:\progra~1\Yahoo!\MESSEN~1\YahooMessenger.exe" [2010-06-01 5252408]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 201728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2009-01-13 1006264]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-01-13 827392]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2007-03-29 176128]
"QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2006-11-06 159744]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-10-09 75008]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-10-03 480560]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-11-07 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-11-07 8534560]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-11-07 81920]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"MSN Toolbar"="c:\program files\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe" [2009-12-09 240992]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-07-17 288080]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-11 417792]
"COMODO System Cleaner"="c:\program files\COMODO\COMODO System Cleaner\CSC.EXE" [2009-08-13 6985992]

c:\users\linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
ZooskMessenger.lnk - c:\program files\ZooskMessenger\ZooskMessenger.exe [2010-7-27 142336]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Reader Synchronizer.lnk - c:\program files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe [2006-10-23 734872]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
R3 PTDUBus;PANTECH UM175 Composite Device Driver ;c:\windows\system32\DRIVERS\PTDUBus.sys [2008-08-11 33024]
R3 PTDUMdm;PANTECH UM175 Drivers;c:\windows\system32\DRIVERS\PTDUMdm.sys [2008-08-11 41344]
R3 PTDUVsp;PANTECH UM175 Diagnostic Port;c:\windows\system32\DRIVERS\PTDUVsp.sys [2008-08-11 39936]
R3 PTDUWWAN;PANTECH UM175 WWAN Driver;c:\windows\system32\DRIVERS\PTDUWWAN.sys [2008-08-11 59904]
S0 CFRPD;CFRPD;c:\windows\System32\drivers\cfrpd.sys [2009-08-05 53280]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-10-18 20:25 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder

2010-07-24 c:\windows\Tasks\HPCeeScheduleForlinda.job
- c:\program files\hewlett-packard\sdp\ceement\HPCEE.exe [2007-06-18 21:23]

2010-07-19 c:\windows\Tasks\Norton Security Scan for linda.job
- c:\program files\Norton Security Scan\Engine\2.7.0.52\Nss.exe [2010-02-03 17:54]
.
.
------- Supplementary Scan -------
.
uStart Page = [You must be registered and logged in to see this link.]
mStart Page = [You must be registered and logged in to see this link.]
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
Trusted Zone: movie25.com
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2010-08-04 22:15
Windows 6.0.6000 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'Explorer.exe'(5540)
c:\program files\Hewlett-Packard\HP Advisor\Pillars\Market\MLDeskBand.dll
.
Completion time: 2010-08-04 22:32:58
ComboFix-quarantined-files.txt 2010-08-05 03:32
ComboFix2.txt 2010-08-04 03:01

Pre-Run: 69,098,180,608 bytes free
Post-Run: 68,487,413,760 bytes free

- - End Of File - - 8A9EC985EA61942B4317480D50E2EFA4

lcisbell

Newbie Surfer
Newbie Surfer

Posts : 12
Joined : 2010-08-01
Operating System : windows vista

View user profile

Back to top Go down

Re: multiple issues part 2

Post by DragonMaster Jay on Fri 06 Aug 2010, 10:04 am

Please retry running the CFScript, it did not seem to execute properly.


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Re: multiple issues part 2

Post by lcisbell on Fri 06 Aug 2010, 3:40 pm

ComboFix 10-08-03.01 - linda 08/05/2010 22:38:25.4.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1033.18.1982.1003 [GMT -5:00]
Running from: c:\users\linda\Desktop\ComboFix.exe
Command switches used :: c:\users\linda\Desktop\CFScript.txt
SP: Spybot - Search and Destroy *disabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((( Files Created from 2010-07-06 to 2010-08-06 )))))))))))))))))))))))))))))))
.

2010-08-06 04:01 . 2010-08-06 04:01 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp
2010-08-06 04:01 . 2010-08-06 04:01 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-08-06 04:01 . 2010-08-06 04:01 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-08-06 03:32 . 2010-08-06 03:32 -------- d-----w- C:\32788R22FWJFW
2010-08-02 22:50 . 2010-02-20 23:54 24064 ----a-w- c:\windows\system32\nshhttp.dll
2010-08-02 22:50 . 2010-02-20 23:51 31232 ----a-w- c:\windows\system32\httpapi.dll
2010-08-02 22:50 . 2010-02-20 21:30 396800 ----a-w- c:\windows\system32\drivers\http.sys
2010-07-28 02:57 . 2010-07-28 02:57 -------- d-----w- c:\program files\ZooskMessenger
2010-07-21 00:27 . 2010-07-21 00:27 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
2010-07-21 00:27 . 2010-07-21 00:27 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2010-07-20 00:41 . 2010-07-20 00:41 -------- d-----w- c:\users\linda\AppData\Local\WindowsUpdate
2010-07-19 23:26 . 2010-07-19 23:28 8 ----a-w- c:\windows\crpf.bin
2010-07-19 23:26 . 2010-07-19 23:26 13514 ----a-w- c:\windows\csdf_sdum.dat
2010-07-19 23:26 . 2010-07-19 23:26 4 ----a-w- c:\windows\crpf_sdum.bin
2010-07-10 18:44 . 2010-07-10 18:44 -------- d-----w- c:\users\linda\AppData\Roaming\ComodoGroup
2010-07-10 14:44 . 2010-08-04 00:38 680 ----a-w- c:\users\linda\AppData\Local\d3d9caps.dat
2010-07-10 05:09 . 2010-07-10 05:09 -------- d-----w- c:\program files\COMODO
2010-07-10 04:34 . 2010-07-10 04:34 -------- d-----w- c:\programdata\382E5
2010-07-07 05:58 . 2010-07-07 05:58 -------- dc----w- c:\programdata\{65893B95-F47B-4483-B883-86BA181E9B54}

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-02 23:03 . 2009-01-10 05:10 93072 ----a-w- c:\users\linda\AppData\Local\GDIPFONTCACHEV1.DAT
2010-08-01 18:14 . 2010-03-11 03:27 -------- d-----w- c:\program files\Common Files\Apple
2010-07-30 01:57 . 2010-06-09 04:29 -------- d-----w- c:\program files\BearShare Applications
2010-07-29 23:58 . 2009-03-19 23:10 -------- d-----w- c:\program files\LimeWire
2010-07-29 23:56 . 2010-06-09 04:23 -------- d-----w- c:\program files\Ask.com
2010-07-26 22:59 . 2007-06-18 23:51 -------- d-----w- c:\programdata\Microsoft Help
2010-07-25 22:17 . 2009-09-25 03:21 166 ----a-w- c:\users\linda\AppData\Roaming\wklnhst.dat
2010-07-25 15:52 . 2007-06-18 23:50 -------- d-----w- c:\program files\Microsoft Works
2010-07-17 16:41 . 2010-05-11 23:59 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-07-10 06:12 . 2007-06-18 23:04 12 ----a-w- c:\windows\bthservsdp.dat
2010-07-10 04:51 . 2009-09-21 00:03 -------- d-----w- c:\program files\Viva Media
2010-07-08 23:49 . 2010-05-29 05:07 -------- d-----w- c:\users\linda\AppData\Roaming\Singlesnet
2010-07-08 04:34 . 2009-09-21 00:04 -------- d-----w- c:\programdata\AlawarWrapper
2010-06-17 01:31 . 2007-06-18 23:57 -------- d-----w- c:\programdata\CyberLink
2010-06-12 01:58 . 2010-06-12 01:58 -------- d-----w- c:\programdata\AVS4YOU
2010-06-12 01:57 . 2010-06-12 01:57 -------- d-----w- c:\users\linda\AppData\Roaming\AVS4YOU
2010-06-12 01:57 . 2010-06-12 01:55 -------- d-----w- c:\program files\Common Files\AVSMedia
2010-06-12 01:57 . 2010-06-12 01:55 -------- d-----w- c:\program files\AVS4YOU
2010-05-21 19:14 . 2009-11-11 01:00 221568 ------w- c:\windows\system32\MpSigStub.exe
.

(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.

--- c:\windows\crpf.bin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File size: 8
Created time: 2010-07-19 23:26
Modified time: 2010-07-19 23:28
MD5: 33CDECCCCEBE80329F1FDBEE7F5874CB
SHA1: 3DA89EE273BE13437E7ECF760F3FBD4DC0E8D1FE


--- c:\windows\crpf_sdum.bin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File size: 4
Created time: 2010-07-19 23:26
Modified time: 2010-07-19 23:26
MD5: F1D3FF8443297732862DF21DC4E57262
SHA1: 9069CA78E7450A285173431B3E52C5C25299E473


--- c:\windows\csdf_sdum.dat ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File size: 13514
Created time: 2010-07-19 23:26
Modified time: 2010-07-19 23:26
MD5: CB8169184168BA2F098F2445B8039CE5
SHA1: 23635EAD6091C829FCDF6715DC9FB80C0696D849

---- Directory of c:\programdata\382E5 ----

2010-07-10 04:34 . 2010-06-09 04:39 3172 ----a-w- c:\programdata\382E5\{D2A99A9D-A9AD-4606-BC67-2722D769F613}.swf


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-10-18 455968]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-09-18 39408]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2006-11-02 125440]
"Messenger (Yahoo!)"="c:\progra~1\Yahoo!\MESSEN~1\YahooMessenger.exe" [2010-06-01 5252408]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 201728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2009-01-13 1006264]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-01-13 827392]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2007-03-29 176128]
"QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2006-11-06 159744]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-10-09 75008]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-10-03 480560]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-11-07 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-11-07 8534560]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-11-07 81920]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"MSN Toolbar"="c:\program files\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe" [2009-12-09 240992]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-07-17 288080]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-11 417792]
"COMODO System Cleaner"="c:\program files\COMODO\COMODO System Cleaner\CSC.EXE" [2009-08-13 6985992]

c:\users\linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
ZooskMessenger.lnk - c:\program files\ZooskMessenger\ZooskMessenger.exe [2010-7-27 142336]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Reader Synchronizer.lnk - c:\program files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe [2006-10-23 734872]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
R3 PTDUBus;PANTECH UM175 Composite Device Driver ;c:\windows\system32\DRIVERS\PTDUBus.sys [2008-08-11 33024]
R3 PTDUMdm;PANTECH UM175 Drivers;c:\windows\system32\DRIVERS\PTDUMdm.sys [2008-08-11 41344]
R3 PTDUVsp;PANTECH UM175 Diagnostic Port;c:\windows\system32\DRIVERS\PTDUVsp.sys [2008-08-11 39936]
R3 PTDUWWAN;PANTECH UM175 WWAN Driver;c:\windows\system32\DRIVERS\PTDUWWAN.sys [2008-08-11 59904]
S0 CFRPD;CFRPD;c:\windows\System32\drivers\cfrpd.sys [2009-08-05 53280]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-10-18 20:25 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder

2010-07-24 c:\windows\Tasks\HPCeeScheduleForlinda.job
- c:\program files\hewlett-packard\sdp\ceement\HPCEE.exe [2007-06-18 21:23]

2010-07-19 c:\windows\Tasks\Norton Security Scan for linda.job
- c:\program files\Norton Security Scan\Engine\2.7.0.52\Nss.exe [2010-02-03 17:54]
.
.
------- Supplementary Scan -------
.
uStart Page = [You must be registered and logged in to see this link.]
mStart Page = [You must be registered and logged in to see this link.]
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
Trusted Zone: movie25.com
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2010-08-05 23:03
Windows 6.0.6000 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'Explorer.exe'(1624)
c:\program files\Hewlett-Packard\HP Advisor\Pillars\Market\MLDeskBand.dll
.
Completion time: 2010-08-05 23:16:09
ComboFix-quarantined-files.txt 2010-08-06 04:16
ComboFix2.txt 2010-08-05 03:32
ComboFix3.txt 2010-08-04 03:01

Pre-Run: 67,820,425,216 bytes free
Post-Run: 67,648,983,040 bytes free

- - End Of File - - D7E548D38D85E4564D2B976629362451

lcisbell

Newbie Surfer
Newbie Surfer

Posts : 12
Joined : 2010-08-01
Operating System : windows vista

View user profile

Back to top Go down

Re: multiple issues part 2

Post by DragonMaster Jay on Sat 07 Aug 2010, 11:31 am



[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Re: multiple issues part 2

Post by lcisbell on Sat 07 Aug 2010, 6:00 pm

when I start my computer is says it needs to run scan disk to repair issues it freezes up on the first one. it reboots itself alot and is now very slow to start and shut down

lcisbell

Newbie Surfer
Newbie Surfer

Posts : 12
Joined : 2010-08-01
Operating System : windows vista

View user profile

Back to top Go down

Re: multiple issues part 2

Post by DragonMaster Jay on Sun 08 Aug 2010, 12:55 pm

Has Scan Disk ever run completely, or have you skipped it?


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Re: multiple issues part 2

Post by lcisbell on Mon 09 Aug 2010, 10:57 am

it finally ran this morning it has been freezing up

lcisbell

Newbie Surfer
Newbie Surfer

Posts : 12
Joined : 2010-08-01
Operating System : windows vista

View user profile

Back to top Go down

Re: multiple issues part 2

Post by DragonMaster Jay on Mon 09 Aug 2010, 1:28 pm

What are the results of the completed scan? Did it help or not help?


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Re: multiple issues part 2

Post by lcisbell on Tue 10 Aug 2010, 2:04 am

it helped some but its still taking forever to shut down. and my internet freezes up on this computer only

lcisbell

Newbie Surfer
Newbie Surfer

Posts : 12
Joined : 2010-08-01
Operating System : windows vista

View user profile

Back to top Go down

Re: multiple issues part 2

Post by DragonMaster Jay on Tue 10 Aug 2010, 6:18 am

Let's look rather deep here...

Please download SpiderKill and save it to your Desktop.
  • Right-click on SpiderKill.zip and click Extract All. Follow the prompts and read carefully, to save it to your Desktop.
  • Double-click on the SpiderKill folder, and then double-click on SpiderKill.bat and follow all the prompts in the program.
  • Within a minute, it will save its log titled SpiderKill.txt. Please post that in your next reply. You may have to use two or three posts to be able to fit the information in.


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Re: multiple issues part 2

Post by lcisbell on Tue 10 Aug 2010, 11:32 am

SpiderKill by DragonMaster Jay


Microsoft Windows [Version 6.0.6000]

********************Drivers list********************


Volume in drive C has no label.
Volume Serial Number is AE43-02E6

Directory of C:\Windows\System32\Drivers

08/05/2010 10:52 PM .
08/05/2010 10:52 PM ..
11/02/2006 03:55 AM 53,376 1394bus.sys
01/12/2009 09:53 PM 258,232 acpi.sys
11/02/2006 04:51 AM 420,968 adp94xx.sys
11/02/2006 04:51 AM 297,576 adpahci.sys
11/02/2006 04:50 AM 98,408 adpu160m.sys
11/02/2006 04:51 AM 147,048 adpu320.sys
11/02/2006 03:58 AM 270,336 afd.sys
11/02/2006 04:49 AM 53,864 AGP440.sys
11/02/2006 04:49 AM 14,952 aliide.sys
11/02/2006 04:49 AM 54,888 AMDAGP.SYS
11/02/2006 04:49 AM 15,464 amdide.sys
11/02/2006 03:30 AM 38,912 amdk7.sys
11/02/2006 03:30 AM 40,960 amdk8.sys
11/02/2006 04:50 AM 67,688 arc.sys
11/02/2006 04:50 AM 67,688 arcsas.sys
11/02/2006 03:58 AM 17,408 asyncmac.sys
01/12/2009 09:31 PM 21,560 atapi.sys
01/12/2009 09:31 PM 109,624 ataport.sys
04/29/2008 01:19 PM 12,960 Awrtpd.sys
04/29/2008 01:19 PM 15,648 Awrtrd.sys
01/12/2009 09:53 PM 28,344 battc.sys
01/03/2007 10:43 AM 534,016 BCMWL6.SYS
11/02/2006 07:34 AM 12,288 bdasup.sys
11/02/2006 03:51 AM 6,144 beep.sys
11/02/2006 03:31 AM 69,632 bowser.sys
11/02/2006 03:24 AM 13,568 BrFiltLo.sys
11/02/2006 03:24 AM 5,248 BrFiltUp.sys
11/02/2006 04:23 AM 93,184 bridge.sys
11/02/2006 03:25 AM 71,808 BrSerId.sys
11/02/2006 03:24 AM 62,336 BrSerWdm.sys
11/02/2006 03:24 AM 12,160 BrUsbMdm.sys
11/02/2006 03:24 AM 11,904 BrUsbSer.sys
01/12/2009 09:21 PM 19,456 bthenum.sys
11/02/2006 03:55 AM 39,936 bthmodem.sys
11/02/2006 03:55 AM 92,160 bthpan.sys
01/12/2009 09:21 PM 220,160 bthport.sys
01/12/2009 09:21 PM 29,184 BTHUSB.SYS
01/02/2007 05:45 AM 78,128 btwaudio.sys
01/02/2007 05:45 AM 80,688 btwavdt.sys
01/02/2007 05:45 AM 16,560 btwrchid.sys
11/02/2006 03:30 AM 70,144 cdfs.sys
10/18/2006 05:00 AM 2,432 cdr4_xp.sys
10/18/2006 05:00 AM 2,560 cdralw2k.sys
11/02/2006 03:51 AM 67,072 cdrom.sys
08/04/2009 07:49 PM 53,280 CFRPD.sys
02/21/2007 07:24 PM 159,232 CHDART.sys
03/04/2008 10:32 AM 188,416 CHDRT32.sys
11/02/2006 03:55 AM 35,328 circlass.sys
11/02/2006 04:50 AM 125,032 Classpnp.sys
01/12/2009 09:53 PM 14,208 CmBatt.sys
11/02/2006 04:49 AM 16,488 cmdide.sys
01/12/2009 09:53 PM 20,920 compbatt.sys
06/28/2006 11:54 AM 9,472 CPQBttn.sys
11/02/2006 04:50 AM 33,384 crashdmp.sys
11/02/2006 04:49 AM 22,632 crcdisk.sys
11/02/2006 03:30 AM 38,912 crusoe.sys
11/02/2006 03:31 AM 74,752 dfsc.sys
11/02/2006 04:49 AM 52,840 disk.sys
11/02/2006 03:51 AM 19,456 Diskdump.sys
11/02/2006 04:50 AM 71,272 djsvs.sys
11/02/2006 04:20 AM 130,048 drmk.sys
11/02/2006 03:54 AM 5,632 drmkaud.sys
11/02/2006 04:49 AM 26,728 Dumpata.sys
11/02/2006 03:38 AM 13,312 dxapi.sys
11/02/2006 03:38 AM 76,288 dxg.sys
01/12/2009 09:55 PM 619,008 dxgkrnl.sys
11/02/2006 02:30 AM 163,328 e100b325.sys
11/02/2006 02:30 AM 117,760 E1G60I32.sys
06/28/2006 11:57 AM 8,192 eabfiltr.sys
11/02/2006 07:34 AM 132,200 ecache.sys
11/02/2006 04:51 AM 316,520 elxstor.sys
01/13/2009 01:05 AM en-US
05/01/2009 06:36 PM etc
11/02/2006 03:30 AM 142,336 fastfat.sys
11/02/2006 03:51 AM 25,088 fdc.sys
11/02/2006 04:49 AM 56,424 fileinfo.sys
11/02/2006 03:32 AM 27,648 filetrace.sys
11/02/2006 03:51 AM 20,480 flpydisk.sys
11/02/2006 04:51 AM 183,912 fltMgr.sys
01/12/2009 09:11 PM 12,800 fs_rec.sys
11/02/2006 03:57 AM 84,992 FWPKCLNT.SYS
11/02/2006 04:50 AM 58,984 GAGP30KX.SYS
09/18/2006 04:26 PM 3,440,660 gm.dls
09/18/2006 04:26 PM 646 gmreadme.txt
01/12/2009 09:13 PM 53,760 hdaudbus.sys
11/02/2006 02:36 AM 235,520 HdAudio.sys
11/02/2006 03:55 AM 29,184 hidbth.sys
11/02/2006 03:55 AM 38,912 hidclass.sys
11/02/2006 03:55 AM 21,504 hidir.sys
11/02/2006 03:55 AM 25,472 hidparse.sys
11/02/2006 03:55 AM 12,288 hidusb.sys
11/02/2006 04:50 AM 37,480 HpCISSs.sys
12/07/2006 09:29 AM 144,201 HSFProf.cty
12/07/2006 10:04 AM 207,360 HSXHWAZL.sys
12/07/2006 10:04 AM 659,968 HSX_CNXT.sys
12/07/2006 10:05 AM 985,600 HSX_DPV.sys
02/20/2010 04:30 PM 396,800 http.sys
11/02/2006 04:49 AM 16,488 i2omgmt.sys
11/02/2006 04:49 AM 27,752 i2omp.sys
01/12/2009 09:19 PM 54,784 i8042prt.sys
11/02/2006 04:51 AM 232,040 iaStorV.sys
10/18/2006 09:10 PM 1,380,864 igdkmd32.sys
11/02/2006 04:50 AM 41,576 iirsp.sys
11/02/2006 04:49 AM 14,952 intelide.sys
11/02/2006 03:30 AM 39,424 intelppm.sys
11/02/2006 03:58 AM 47,104 ipfltdrv.sys
11/02/2006 03:42 AM 65,536 IPMIDrv.sys
11/02/2006 03:58 AM 99,840 ipnat.sys
11/02/2006 03:57 AM 95,744 irda.sys
11/02/2006 03:57 AM 13,312 irenum.sys
11/02/2006 04:50 AM 47,208 isapnp.sys
11/02/2006 04:50 AM 35,944 iteatapi.sys
11/02/2006 04:50 AM 35,944 iteraid.sys
11/02/2006 04:49 AM 32,872 kbdclass.sys
11/02/2006 03:51 AM 15,872 kbdhid.sys
11/02/2006 03:51 AM 148,992 ks.sys
06/15/2009 01:12 PM 408,136 ksecdd.sys
11/02/2006 03:56 AM 47,104 lltdio.sys
11/02/2006 04:50 AM 65,640 lsi_fc.sys
11/02/2006 04:50 AM 65,640 lsi_sas.sys
11/02/2006 04:50 AM 65,640 lsi_scsi.sys
11/02/2006 03:33 AM 83,456 luafv.sys
11/02/2006 03:52 AM 18,944 mcd.sys
06/19/2006 09:26 AM 12,672 mdmxsdk.sys
11/02/2006 04:49 AM 28,776 megasas.sys
11/02/2006 03:58 AM 31,744 modem.sys
01/12/2009 09:45 PM 41,984 monitor.sys
01/12/2009 09:19 PM 34,360 mouclass.sys
01/12/2009 09:19 PM 15,872 mouhid.sys
11/02/2006 04:49 AM 54,888 mountmgr.sys
11/02/2006 04:50 AM 78,952 mpio.sys
01/12/2009 09:37 PM 63,488 mpsdrv.sys
11/02/2006 04:49 AM 33,384 Mraid35x.sys
01/12/2009 09:51 PM 110,080 mrxdav.sys
01/12/2009 09:12 PM 101,888 mrxsmb.sys
01/12/2009 09:43 PM 211,456 mrxsmb10.sys
01/12/2009 09:12 PM 58,368 mrxsmb20.sys
11/02/2006 04:49 AM 23,144 msahci.sys
11/02/2006 04:50 AM 80,488 msdsm.sys
11/02/2006 03:30 AM 22,528 msfs.sys
09/18/2006 04:43 PM 3 MsftWdf_Kernel_01005_Inbox_Critical.Wdf
06/18/2007 07:28 PM 13,928 msisadrv.sys
11/02/2006 04:51 AM 168,552 msiscsi.sys
11/02/2006 03:51 AM 8,192 mskssrv.sys
11/02/2006 03:51 AM 5,888 mspclock.sys
11/02/2006 03:51 AM 5,504 mspqm.sys
11/02/2006 04:51 AM 160,872 msrpc.sys
06/18/2007 07:28 PM 28,776 mssmbios.sys
11/02/2006 03:51 AM 6,016 mstee.sys
11/02/2006 04:50 AM 46,696 mup.sys
11/02/2006 04:51 AM 500,840 ndis.sys
01/12/2009 09:56 PM 20,480 ndistapi.sys
11/02/2006 03:57 AM 16,896 ndisuio.sys
11/02/2006 03:58 AM 118,784 ndiswan.sys
01/12/2009 09:56 PM 48,640 ndproxy.sys
11/02/2006 03:57 AM 35,840 netbios.sys
11/02/2006 03:57 AM 184,320 netbt.sys
08/14/2009 12:16 PM 213,592 netio.sys
11/02/2006 04:50 AM 45,160 nfrd960.sys
11/02/2006 03:30 AM 34,816 npfs.sys
04/29/2008 01:20 PM 15,648 NSDriver.sys
11/02/2006 03:57 AM 16,384 nsiproxy.sys
02/02/2010 10:02 PM NSS
01/12/2009 09:45 PM 1,060,920 ntfs.sys
11/02/2006 02:36 AM 20,608 ntrigdigi.sys
11/02/2006 03:51 AM 4,608 null.sys
11/07/2007 12:05 AM 8,231,584 nvlddmkm.sys
11/02/2006 02:30 AM 429,056 nvm60x32.sys
11/02/2006 04:50 AM 88,680 nvraid.sys
09/15/2006 03:44 AM 11,520 nvsmu.sys
11/02/2006 04:50 AM 40,040 nvstor.sys
11/02/2006 04:50 AM 106,600 NV_AGP.SYS
11/02/2006 07:34 AM 154,112 nwifi.sys
11/02/2006 03:55 AM 62,080 ohci1394.sys
01/12/2009 09:55 PM 70,144 pacer.sys
11/02/2006 03:51 AM 79,360 parport.sys
11/02/2006 04:50 AM 49,256 partmgr.sys
11/02/2006 03:51 AM 8,704 parvdm.sys
06/18/2007 07:28 PM 140,392 pci.sys
01/12/2009 09:31 PM 15,928 pciide.sys
01/12/2009 09:31 PM 45,112 pciidex.sys
11/02/2006 04:51 AM 167,528 pcmcia.sys
11/02/2006 04:04 AM 878,080 PEAuth.sys
11/02/2006 03:55 AM 167,424 portcls.sys
11/02/2006 03:30 AM 38,400 processr.sys
08/10/2008 08:00 PM 33,024 PTDUBus.sys
08/10/2008 08:00 PM 41,344 PTDUMdm.sys
08/10/2008 08:00 PM 39,936 PTDUVsp.sys
08/10/2008 08:00 PM 59,904 PTDUWWAN.sys
02/02/2007 05:00 AM 43,528 pxhelp20.sys
11/02/2006 04:51 AM 900,712 ql2300.sys
11/02/2006 04:50 AM 106,088 ql40xx.sys
11/02/2006 07:34 AM 31,232 qwavedrv.sys
11/02/2006 03:58 AM 11,776 rasacd.sys
06/18/2007 06:29 PM 74,752 rasl2tp.sys
11/02/2006 03:58 AM 41,472 raspppoe.sys
06/18/2007 06:29 PM 60,928 raspptp.sys
11/02/2006 03:31 AM 222,208 rdbss.sys
11/02/2006 04:02 AM 6,144 RDPCDD.sys
11/02/2006 04:03 AM 242,688 rdpdr.sys
11/02/2006 04:02 AM 6,144 RDPENCDD.sys
11/02/2006 04:02 AM 160,256 rdpwd.sys
11/02/2006 03:55 AM 49,664 rfcomm.sys
11/15/2006 12:16 PM 32,256 rimmptsk.sys
11/15/2006 07:42 AM 43,520 rimsptsk.sys
11/15/2006 05:35 AM 37,376 rixdptsk.sys
01/12/2009 09:14 PM 113,664 rmcast.sys
11/02/2006 03:57 AM 32,768 RNDISMP.sys
11/02/2006 03:58 AM 8,192 rootmdm.sys
11/02/2006 03:56 AM 60,416 rspndr.sys
11/02/2006 04:50 AM 76,392 sbp2port.sys
11/02/2006 04:50 AM 140,392 scsiport.sys
01/12/2009 09:18 PM 82,432 sdbus.sys
11/02/2006 01:37 AM 20,480 secdrv.sys
11/02/2006 03:51 AM 17,920 serenum.sys
11/02/2006 03:51 AM 83,456 serial.sys
01/12/2009 09:19 PM 19,968 sermouse.sys
01/12/2009 09:19 PM 15,872 SETBD1C.tmp
11/02/2006 03:51 AM 13,312 sffdisk.sys
11/02/2006 03:51 AM 12,800 sffp_mmc.sys
11/02/2006 03:51 AM 12,800 sffp_sd.sys
11/02/2006 03:51 AM 13,312 sfloppy.sys
11/02/2006 04:49 AM 53,352 SISAGP.SYS
11/02/2006 04:50 AM 38,504 sisraid2.sys
11/02/2006 04:50 AM 71,784 sisraid4.sys
11/02/2006 03:57 AM 66,048 smb.sys
11/02/2006 03:51 AM 17,408 smclib.sys
11/02/2006 04:49 AM 18,536 spldr.sys
11/02/2006 02:16 AM 551,936 spsys.sys
01/15/2009 10:18 PM 290,304 srv.sys
09/14/2009 04:50 AM 130,048 srv2.sys
01/12/2009 09:12 PM 84,992 srvnet.sys
08/17/2005 08:45 AM 58,352 sscdbus.sys
08/17/2005 08:47 AM 6,176 sscdcm.sys
08/17/2005 08:47 AM 6,176 sscdcmnt.sys
08/17/2005 08:46 AM 8,272 sscdmdfl.sys
08/17/2005 08:46 AM 93,872 sscdmdm.sys
08/17/2005 08:44 AM 5,840 sscdwh.sys
08/17/2005 08:44 AM 5,840 sscdwhnt.sys
11/02/2006 04:50 AM 117,864 Storport.sys
11/02/2006 03:55 AM 52,864 stream.sys
06/18/2007 07:28 PM 12,776 swenum.sys
11/02/2006 04:50 AM 35,944 symc8xx.sys
11/02/2006 04:49 AM 31,848 sym_hi.sys
11/02/2006 04:50 AM 34,920 sym_u3.sys
01/12/2007 10:59 PM 181,432 SynTP.sys
11/02/2006 03:51 AM 24,576 tape.sys
02/18/2010 07:05 AM 815,104 tcpip.sys
11/02/2006 03:57 AM 27,648 tcpipreg.sys
11/02/2006 03:58 AM 20,992 tdi.sys
11/02/2006 04:02 AM 17,920 tdpipe.sys
11/02/2006 04:02 AM 28,672 tdtcp.sys
11/02/2006 03:57 AM 68,096 tdx.sys
06/18/2007 07:28 PM 50,792 termdd.sys
11/02/2006 04:02 AM 23,552 tssecsrv.sys
02/18/2010 07:04 AM 15,360 TUNMP.SYS
02/18/2010 07:04 AM 25,088 tunnel.sys
11/02/2006 04:49 AM 56,936 UAGP35.SYS
11/02/2006 03:30 AM 225,280 udfs.sys
11/02/2006 04:50 AM 58,472 ULIAGPKX.SYS
11/02/2006 04:51 AM 235,112 uliahci.sys
11/02/2006 04:50 AM 98,408 ulsata.sys
11/02/2006 04:50 AM 115,816 ulsata2.sys
11/02/2006 03:55 AM 34,816 umbus.sys
03/18/2009 06:12 PM UMDF
11/02/2006 03:55 AM 7,168 umpass.sys
11/02/2006 03:57 AM 14,848 usb8023.sys
11/02/2006 03:55 AM 25,728 USBCAMD.sys
11/02/2006 03:55 AM 25,728 USBCAMD2.sys
06/18/2007 06:27 PM 73,216 usbccgp.sys
11/02/2006 03:55 AM 68,608 usbcir.sys
06/18/2007 06:27 PM 5,888 usbd.sys
06/18/2007 06:27 PM 38,400 usbehci.sys
06/18/2007 06:27 PM 191,488 usbhub.sys
06/18/2007 06:27 PM 19,456 usbohci.sys
06/18/2007 06:27 PM 223,744 usbport.sys
11/02/2006 04:14 AM 18,944 usbprint.sys
01/12/2009 09:46 PM 55,296 USBSTOR.SYS
11/02/2006 03:55 AM 22,528 usbuhci.sys
11/02/2006 03:55 AM 132,352 usbvideo.sys
11/02/2006 03:53 AM 25,088 vga.sys
11/02/2006 03:53 AM 26,112 vgapnp.sys
11/02/2006 04:49 AM 54,376 VIAAGP.SYS
11/02/2006 03:30 AM 39,424 viac7.sys
11/02/2006 04:49 AM 17,512 viaide.sys
11/02/2006 03:54 AM 109,056 videoprt.sys
06/18/2007 07:28 PM 50,280 volmgr.sys
11/02/2006 04:51 AM 290,408 volmgrx.sys
11/02/2006 04:51 AM 208,488 volsnap.sys
11/02/2006 04:50 AM 112,232 vsmraid.sys
11/02/2006 02:41 AM 200,704 VSTAZL3.SYS
11/02/2006 02:41 AM 654,336 VSTCNXT3.SYS
09/18/2006 04:42 PM 133,972 VSTDProf.cty
11/02/2006 02:41 AM 987,648 VSTDPV3.SYS
09/18/2006 04:42 PM 133,528 VSTEProf.cty
09/18/2006 04:42 PM 141,392 VSTProf.cty
09/18/2006 04:42 PM 141,572 VSTSProf.cty
11/02/2006 03:52 AM 20,608 wacompen.sys
01/12/2009 09:56 PM 61,952 wanarp.sys
11/02/2006 03:37 AM 32,256 watchdog.sys
11/02/2006 04:49 AM 19,560 wd.sys
01/12/2009 09:19 PM 495,160 Wdf01000.sys
01/12/2009 09:19 PM 35,384 WdfLdr.sys
01/12/2009 09:53 PM 11,264 wmiacpi.sys
11/02/2006 04:49 AM 15,464 wmilib.sys
11/02/2006 04:04 AM 39,936 WpdUsb.sys
11/02/2006 03:58 AM 15,872 ws2ifsl.sys
11/02/2006 03:54 AM 51,712 WUDFPf.sys
11/02/2006 03:54 AM 82,560 WUDFRd.sys
11/28/2006 11:44 AM 386,560 XAudio.exe
11/28/2006 11:44 AM 8,192 XAudio.sys
307 File(s) 43,347,030 bytes

Directory of C:\Windows\System32\Drivers\en-US

01/13/2009 01:05 AM .
01/13/2009 01:05 AM ..
11/02/2006 07:41 AM 9,728 acpi.sys.mui
11/02/2006 07:41 AM 8,704 afd.sys.mui
11/02/2006 07:41 AM 3,072 AGP440.sys.mui
11/02/2006 07:41 AM 3,072 AMDAGP.SYS.mui
11/02/2006 07:40 AM 2,560 amdide.sys.mui
11/02/2006 07:40 AM 14,848 amdk7.sys.mui
11/02/2006 07:40 AM 14,848 amdk8.sys.mui
11/02/2006 07:41 AM 3,072 ati2mpad.sys.mui
11/02/2006 07:41 AM 3,584 ati2mtag.sys.mui
11/02/2006 07:40 AM 3,072 atikmdag.sys.mui
11/02/2006 07:40 AM 5,120 b57nd60x.sys.mui
11/02/2006 07:40 AM 7,680 battc.sys.mui
11/02/2006 07:40 AM 5,120 bcm4sbxp.sys.mui
11/02/2006 07:40 AM 2,560 BrParwdm.sys.mui
11/02/2006 07:41 AM 10,240 BrSerId.sys.mui
11/02/2006 07:40 AM 5,120 bthpan.sys.mui
11/02/2006 07:41 AM 7,168 bthport.sys.mui
11/02/2006 07:41 AM 3,072 cmbp0wdm.sys.mui
11/02/2006 07:40 AM 14,848 crusoe.sys.mui
11/02/2006 07:41 AM 3,072 cxbp0wdm.sys.mui
11/02/2006 07:40 AM 3,072 Dot4usb.sys.mui
11/02/2006 07:40 AM 4,096 dxgkrnl.sys.mui
11/02/2006 07:41 AM 5,120 e100b325.sys.mui
11/02/2006 07:41 AM 30,720 e1e6032.sys.mui
11/02/2006 07:40 AM 16,896 E1G60I32.sys.mui
11/02/2006 07:40 AM 5,120 fltmgr.sys.mui
11/02/2006 07:40 AM 3,072 GAGP30KX.SYS.mui
11/02/2006 07:41 AM 3,584 gpr400.sys.mui
11/02/2006 07:41 AM 4,096 grserial.sys.mui
11/02/2006 07:41 AM 3,584 hidbth.sys.mui
11/02/2006 07:41 AM 27,136 http.sys.mui
01/12/2009 09:19 PM 10,752 i8042prt.sys.mui
11/02/2006 07:40 AM 14,848 intelppm.sys.mui
11/02/2006 07:41 AM 6,144 IPMIDrv.sys.mui
11/02/2006 07:41 AM 4,096 ipnat.sys.mui
11/02/2006 07:41 AM 4,096 isapnp.sys.mui
01/12/2009 09:19 PM 4,608 kbdclass.sys.mui
01/12/2009 09:19 PM 3,072 kbdhid.sys.mui
11/02/2006 07:41 AM 9,728 ltmdmnt.sys.mui
11/02/2006 07:41 AM 6,144 luafv.sys.mui
11/02/2006 07:41 AM 4,096 modem.sys.mui
01/12/2009 09:19 PM 4,608 mouclass.sys.mui
01/12/2009 09:19 PM 3,072 mouhid.sys.mui
11/02/2006 07:41 AM 17,920 mpio.sys.mui
11/02/2006 07:41 AM 4,096 msdsm.sys.mui
11/02/2006 07:41 AM 3,584 mssmbios.sys.mui
11/02/2006 07:41 AM 65,536 ntfs.sys.mui
11/02/2006 07:40 AM 4,096 ntrigdigi.sys.mui
11/02/2006 07:41 AM 5,120 nv4_mini.sys.mui
11/02/2006 07:41 AM 3,072 NV_AGP.SYS.mui
11/02/2006 07:40 AM 12,288 ohci1394.sys.mui
11/02/2006 07:41 AM 3,584 pacer.sys.mui
11/02/2006 07:40 AM 4,096 parport.sys.mui
11/02/2006 07:40 AM 3,072 parvdm.sys.mui
11/02/2006 07:41 AM 8,704 pci.sys.mui
11/02/2006 07:41 AM 4,608 pcmcia.sys.mui
11/02/2006 07:41 AM 3,072 pnpmem.sys.mui
11/02/2006 07:40 AM 14,848 processr.sys.mui
11/02/2006 07:41 AM 4,096 pscr.sys.mui
11/02/2006 07:41 AM 3,072 qwavedrv.sys.mui
11/02/2006 07:40 AM 3,584 RNDISMP.sys.mui
11/02/2006 07:41 AM 3,584 rndismpx.sys.mui
11/02/2006 07:41 AM 4,096 scmstcs.sys.mui
11/02/2006 07:41 AM 4,096 SCR111.sys.mui
11/02/2006 07:41 AM 3,584 scsiport.sys.mui
11/02/2006 07:40 AM 10,752 serial.sys.mui
01/12/2009 09:19 PM 5,632 sermouse.sys.mui
11/02/2006 07:41 AM 3,072 serscan.sys.mui
11/02/2006 07:41 AM 3,072 SISAGP.SYS.mui
11/02/2006 07:41 AM 3,072 srv.sys.mui
11/02/2006 07:41 AM 3,072 stcusb.sys.mui
11/02/2006 07:41 AM 4,096 tpm.sys.mui
11/02/2006 07:40 AM 3,072 UAGP35.SYS.mui
11/02/2006 07:41 AM 3,072 ULIAGPKX.SYS.mui
11/02/2006 07:40 AM 3,584 umbus.sys.mui
11/02/2006 07:41 AM 3,072 VIAAGP.SYS.mui
11/02/2006 07:40 AM 14,848 viac7.sys.mui
11/02/2006 07:41 AM 14,848 volsnap.sys.mui
11/02/2006 07:41 AM 4,608 wacompen.sys.mui
11/02/2006 07:41 AM 2,560 wd.sys.mui
11/02/2006 07:41 AM 3,072 wdf01000.sys.mui
11/02/2006 07:41 AM 5,632 yk60x86.sys.mui
82 File(s) 587,264 bytes

Directory of C:\Windows\System32\Drivers\etc

05/01/2009 06:36 PM .
05/01/2009 06:36 PM ..
09/18/2006 04:41 PM 761 hosts
08/09/2010 07:22 PM 434 hosts.ics
09/18/2006 04:41 PM 3,683 lmhosts.sam
09/18/2006 04:41 PM 407 networks
09/18/2006 04:41 PM 1,358 protocol
09/18/2006 04:41 PM 17,244 services
6 File(s) 23,887 bytes

Directory of C:\Windows\System32\Drivers\NSS

02/02/2010 10:02 PM .
02/02/2010 10:02 PM ..
02/02/2010 10:02 PM 0207000.034
0 File(s) 0 bytes

Directory of C:\Windows\System32\Drivers\NSS\0207000.034

02/02/2010 10:02 PM .
02/02/2010 10:02 PM ..
02/02/2010 10:02 PM 172 isolate.ini
1 File(s) 172 bytes

Directory of C:\Windows\System32\Drivers\UMDF

03/18/2009 06:12 PM .
03/18/2009 06:12 PM ..
11/02/2006 07:42 AM en-US
11/02/2006 04:46 AM 219,648 WpdFs.dll
11/02/2006 04:46 AM 664,576 WpdMtpDr.dll
2 File(s) 884,224 bytes

Directory of C:\Windows\System32\Drivers\UMDF\en-US

11/02/2006 07:42 AM .
11/02/2006 07:42 AM ..
11/02/2006 07:40 AM 6,144 WpdMtpDr.dll.mui
1 File(s) 6,144 bytes

Total Files Listed:
399 File(s) 44,848,721 bytes
20 Dir(s) 68,105,187,328 bytes free


***********************Hidden Drivers********************
Volume in drive C has no label.
Volume Serial Number is AE43-02E6

Directory of C:\Windows\System32\Drivers

08/05/2008 04:45 PM 0 103C_HP_cNB_Pavilion dv2000 (RV322UA#ABA)_Y5335KV_0U_Q2CE7130T1C_E447686-002_4A_I30B5_SWistron_V62.54_F.23_T070213_WV3-0_L409_M959_J160_7AMD_8F82_91.60_#070618_N10DE0269_(RV322UA#ABA)_XMOBILE_CN10_Z_2F.23.MRK
06/18/2007 06:12 PM 0 Msft_Kernel_SynTP_01000.Wdf
2 File(s) 0 bytes
0 Dir(s) 68,105,195,520 bytes free


*********************Processes*******************


PROCESS PID PRIO PATH
Dwm.exe 1732 Normal C:\Windows\system32\Dwm.exe
Explorer.EXE 1756 Normal C:\Windows\Explorer.EXE
MSASCui.exe 1868 Normal C:\Program Files\Windows Defender\MSASCui.exe
SynTPEnh.exe 1876 Normal C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
QPService.exe 1900 Normal C:\Program Files\Hp\QuickPlay\QPService.exe
QLBCTRL.exe 1912 Normal C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
HPWAMain.exe 1932 Normal C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
rundll32.exe 1996 Normal C:\WINDOWS\System32\rundll32.exe
hpwuSchd2.exe 2008 Normal C:\Program Files\Hp\HP Software Update\hpwuSchd2.exe
jusched.exe 2016 Normal C:\Program Files\Common Files\Java\Java Update\jusched.exe
mswinext.exe 2028 Normal C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe
LightScribeControlPanel.exe 296 Normal C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
ehtray.exe 288 Normal C:\WINDOWS\ehome\ehtray.exe
YahooMessenger.exe 340 Normal C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
wmpnscfg.exe 336 Normal C:\Program Files\Windows Media Player\wmpnscfg.exe
SSScheduler.exe 420 Normal C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
ZooskMessenger.exe 412 Normal C:\Program Files\ZooskMessenger\ZooskMessenger.exe
rundll32.exe 532 Normal C:\WINDOWS\System32\rundll32.exe
ehmsas.exe 1544 Normal C:\Windows\ehome\ehmsas.exe
taskeng.exe 1968 Normal C:\Windows\system32\taskeng.exe
WiFiMsg.EXE 3148 Normal C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
HpqToaster.exe 2988 Normal C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
unsecapp.exe 2484 Normal C:\Windows\system32\wbem\unsecapp.exe
SearchProtocolHost.exe 5948 Idle C:\Windows\system32\SearchProtocolHost.exe
cmd.exe 4864 Normal C:\Windows\system32\cmd.exe
processes.exe 3452 Normal C:\Users\linda\Desktop\SpiderKill\SpiderKill\processes.exe


*********************Modules of explorer.exe and svchost.exe*******************
Module information for 'Explorer.EXE'(1756)
MODULE BASE SIZE PATH
Explorer.EXE 1b0000 2936832 C:\Windows\Explorer.EXE 6.0.6000.16386 (vista_rtm.061101-2205) Windows Explorer
ntdll.dll 77550000 1171456 C:\Windows\system32\ntdll.dll 6.0.6000.16386 (vista_rtm.061101-2205) NT Layer DLL
kernel32.dll 75c40000 884736 C:\Windows\system32\kernel32.dll 6.0.6000.16386 (vista_rtm.061101-2205) Windows NT BASE API Client DLL
ADVAPI32.dll 76800000 782336 C:\Windows\system32\ADVAPI32.dll 6.0.6000.16386 (vista_rtm.061101-2205) Advanced Windows 32 Base API
RPCRT4.dll 768c0000 798720 C:\Windows\system32\RPCRT4.dll 6.0.6000.16386 (vista_rtm.061101-2205) Remote Procedure Call Runtime
GDI32.dll 75e60000 307200 C:\Windows\system32\GDI32.dll 6.0.6000.16766 (vista_gdr.081020-1655) GDI Client DLL
USER32.dll 76440000 647168 C:\Windows\system32\USER32.dll 6.0.6000.16386 (vista_rtm.061101-2205) Multi-User Windows USER API Client DLL
msvcrt.dll 766d0000 696320 C:\Windows\system32\msvcrt.dll 7.0.6000.16386 (vista_rtm.061101-2205) Windows NT CRT DLL
SHLWAPI.dll 76020000 348160 C:\Windows\system32\SHLWAPI.dll 6.0.6000.16386 (vista_rtm.061101-2205) Shell Light-weight Utility Library
SHELL32.dll 76990000 11329536 C:\Windows\system32\SHELL32.dll 6.0.6000.16386 (vista_rtm.061101-2205) Windows Shell Common Dll
ole32.dll 76210000 1327104 C:\Windows\system32\ole32.dll 6.0.6000.16386 (vista_rtm.061101-2205) Microsoft OLE for Windows
OLEAUT32.dll 776a0000 573440 C:\Windows\system32\OLEAUT32.dll 6.0.6000.16607 6.0.6000.16607
SHDOCVW.dll 72ec0000 1077248 C:\Windows\system32\SHDOCVW.dll 6.0.6000.16386 (vista_rtm.061101-2205) Shell Doc Object and Control Library
UxTheme.dll 74cf0000 258048 C:\Windows\system32\UxTheme.dll 6.0.6000.16386 (vista_rtm.061101-2205) Microsoft UxTheme Library
POWRPROF.dll 74fa0000 106496 C:\Windows\system32\POWRPROF.dll 6.0.6000.16386 (vista_rtm.061101-2205) Power Profile Helper DLL
dwmapi.dll 736c0000 49152 C:\Windows\system32\dwmapi.dll 6.0.6000.16386 (vista_rtm.061101-2205) Microsoft Desktop Window Manager API
gdiplus.dll 744a0000 1744896 C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16782_none_9ea1072ec96e0be7\gdiplus.dll 5.2.6000.16782 (vista_gdr.081126-1506) Microsoft GDI+
slc.dll 75560000 233472 C:\Windows\system32\slc.dll 6.0.6000.16509 (vista_gdr.070620-1500) Software Licensing Client Dll
PROPSYS.dll 742e0000 749568 C:\Windows\system32\PROPSYS.dll 6.0.6000.16386 (vista_rtm.061101-2205) Microsoft Property System
BROWSEUI.dll 72d70000 1331200 C:\Windows\system32\BROWSEUI.dll 6.0.6000.16386 (vista_rtm.061101-2205) Shell Browser UI Library
IMM32.dll 75da0000 122880 C:\Windows\system32\IMM32.dll 6.0.6000.16386 (vista_rtm.061101-2205) Multi-User Windows IMM32 API Client DLL
MSCTF.dll 76370000 815104 C:\Windows\system32\MSCTF.dll 6.0.6000.16386 (vista_rtm.061101-2205) MSCTF Server DLL
DUser.dll 74cc0000 196608 C:\Windows\system32\DUser.dll 6.0.6000.16386 (vista_rtm.061101-2205) Windows DirectUser Engine
LPK.DLL 76360000 36864 C:\Windows\system32\LPK.DLL 6.0.6000.16939 (vista_gdr.091019-0119) Language Pack
USP10.dll 76780000 512000 C:\Windows\system32\USP10.dll 1.0626.6000.16386 (vista_rtm.061101-2205) Uniscribe Unicode script processor
comctl32.dll 749f0000 1654784 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll 5.82 (vista_rtm.061101-2205) Common Controls Library
WindowsCodecs.dll 73d20000 729088 C:\Windows\system32\WindowsCodecs.dll 6.0.6000.16740 (vista_gdr.080827-1507) Microsoft Windows Codecs Library
IconCodecService.dll 73660000 24576 C:\Windows\system32\IconCodecService.dll 6.0.6000.16386 (vista_rtm.061101-2205) Converts a PNG part of the icon to a legacy bmp icon
Secur32.dll 75ad0000 81920 C:\Windows\system32\Secur32.dll 6.0.6000.16870 (vista_gdr.090615-0258) Security Support Provider Interface
CLBCatQ.DLL 75dd0000 540672 C:\Windows\system32\CLBCatQ.DLL 2001.12.6930.16386 (vista_rtm.061101-2205) COM+ Configuration Catalog
rsaenh.dll 75060000 229376 C:\Windows\system32\rsaenh.dll 6.0.6000.16386 (vista_rtm.061101-2205) Microsoft Enhanced Cryptographic Provider
timedate.cpl 730d0000 729088 C:\Windows\system32\timedate.cpl 6.0.6000.16386 (vista_rtm.061101-2205) Time Date Control Panel Applet
ATL.DLL 74240000 81920 C:\Windows\system32\ATL.DLL 3.05.2284 ATL Module for Windows XP (Unicode)
NETAPI32.dll 75940000 434176 C:\Windows\system32\NETAPI32.dll 6.0.6000.16764 (vista_gdr.081015-1604) Net Win32 API DLL
PSAPI.DLL 75ba0000 28672 C:\Windows\system32\PSAPI.DLL 6.0.6000.16386 (vista_rtm.061101-2205) Process Status Helper
OLEACC.dll 74720000 229376 C:\Windows\system32\OLEACC.dll 4.2.5406.0 (vista_rtm.061101-2205) Active Accessibility Core Component
WINBRAND.dll 75120000 880640 C:\Windows\system32\WINBRAND.dll 6.0.6000.16386 (vista_rtm.061101-2205) Windows Branding Resources
ACTXPRXY.DLL 73070000 339968 C:\Windows\system32\ACTXPRXY.DLL 6.0.6000.16386 (vista_rtm.061101-2205) ActiveX Interface Marshaling Library
USERENV.dll 75af0000 122880 C:\Windows\system32\USERENV.dll 6.0.6000.16386 (vista_rtm.061101-2205) Userenv
MLDeskBand.dll 10000000 106496 C:\Program Files\Hewlett-Packard\HP Advisor\Pillars\Market\MLDeskBand.dll 1.0.0.10 MediaLamp
MSVCR80.dll 72fd0000 634880 C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d08d7da0442a985d\MSVCR80.dll 8.00.50727.4053 Microsoft® C Runtime Library
wmpband.dll 735b0000 110592 C:\PROGRA~1\WI4EB4~1\wmpband.dll 11.0.6000.6324 (vista_rtm.061101-2205) Windows Media Player Deskband
MPR.dll 756a0000 81920 C:\Windows\system32\MPR.dll 6.0.6000.16386 (vista_rtm.061101-2205) Multiple Provider Router DLL
shacct.dll 746c0000 90112 C:\Windows\System32\shacct.dll 6.0.6000.16386 (vista_rtm.061101-2205) Shell Accounts Classes
SAMLIB.dll 75710000 69632 C:\Windows\System32\SAMLIB.dll 6.0.6000.16386 (vista_rtm.061101-2205) SAM Library DLL
apphelp.dll 75a70000 180224 C:\Windows\system32\apphelp.dll 6.0.6000.16386 (vista_rtm.061101-2205) Application Compatibility Client Library
msshsq.dll 72d30000 245760 C:\Windows\System32\msshsq.dll 6.0.6000.16404 (vista_gdr.061219-1500) Structured Query
NaturalLanguage6.dll 72b90000 806912 C:\Windows\System32\NaturalLanguage6.dll 6.0.6000.16710 (vista_gdr.080625-1507) Natural Language Development Platform 6
CRYPT32.dll 755a0000 987136 C:\Windows\System32\CRYPT32.dll 6.0.6000.16386 (vista_rtm.061101-2205) Crypto API32
MSASN1.dll 756f0000 73728 C:\Windows\System32\MSASN1.dll 6.0.6000.16922 (vista_gdr.090903-2340) ASN.1 Runtime APIs
authui.dll 74800000 1994752 C:\Windows\system32\authui.dll 6.0.6000.16386 (vista_rtm.061101-2205) Windows Authentication UI
MSIMG32.dll 74f80000 20480 C:\Windows\system32\MSIMG32.dll 6.0.6000.16386 (vista_rtm.061101-2205) GDIEXT Client DLL
msiltcfg.dll 73670000 28672 C:\Windows\system32\msiltcfg.dll 4.0.6000.16386 (vista_rtm.061101-2205) Windows Installer Configuration API Stub
VERSION.dll 74f90000 32768 C:\Windows\system32\VERSION.dll 6.0.6000.16386 (vista_rtm.061101-2205) Version Checking and File Installation Libraries
msi.dll 72980000 2113536 C:\Windows\system32\msi.dll 4.0.6000.16386 Windows Installer
NTMARTA.DLL 74fc0000 135168 C:\Windows\system32\NTMARTA.DLL 6.0.6000.16386 (vista_rtm.061101-2205) Windows NT MARTA provider
WLDAP32.dll 77740000 299008 C:\Windows\system32\WLDAP32.dll 6.0.6000.16386 (vista_rtm.061101-2205) Win32 LDAP API DLL
WS2_32.dll 77670000 184320 C:\Windows\system32\WS2_32.dll 6.0.6000.16386 (vista_rtm.061101-2205) Windows Socket 2.0 32-Bit DLL
NSI.dll 75dc0000 24576 C:\Windows\system32\NSI.dll 6.0.6000.16386 (vista_rtm.061101-2205) NSI User-mode interface DLL
urlmon.dll 75eb0000 1253376 C:\Windows\system32\urlmon.dll 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339) OLE32 Extensions for Win32
iertutil.dll 764e0000 1998848 C:\Windows\system32\iertutil.dll 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339) Run time utility for Internet Explorer
ieframe.dll 709a0000 11087872 C:\Windows\system32\ieframe.dll 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339) Internet Explorer
LINKINFO.dll 735e0000 36864 C:\Windows\system32\LINKINFO.dll 6.0.6000.16386 (vista_rtm.061101-2205) Windows Volume Tracking
WININET.dll 77460000 942080 C:\Windows\system32\WININET.dll 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339) Internet Extensions for Win32
Normaliz.dll 77730000 12288 C:\Windows\system32\Normaliz.dll 6.0.6000.16386 (vista_rtm.061101-2205) Unicode Normalization DLL
WINMM.dll 74760000 208896 C:\Windows\system32\WINMM.dll 6.0.6000.16386 (vista_rtm.061101-2205) MCI API DLL
wdmaud.drv 74260000 196608 C:\Windows\system32\wdmaud.drv 6.0.6000.16386 (vista_rtm.061101-2205) Winmm audio system driver
ksuser.dll 74660000 16384 C:\Windows\system32\ksuser.dll 6.0.6000.16386 (vista_rtm.061101-2205) User CSA Library
AVRT.dll 74de0000 28672 C:\Windows\system32\AVRT.dll 6.0.6000.16386 (vista_rtm.061101-2205) Multimedia Realtime Runtime
MMDevAPI.DLL 74690000 159744 C:\Windows\system32\MMDevAPI.DLL 6.0.6000.16386 (vista_rtm.061101-2205) MMDevice API
SETUPAPI.dll 76080000 1609728 C:\Windows\system32\SETUPAPI.dll 6.0.6000.16609 (vista_gdr.071205-1500) Windows Setup API
WINTRUST.dll 74df0000 184320 C:\Windows\system32\WINTRUST.dll 6.0.6000.16386 (vista_rtm.061101-2205) Microsoft Trust Verification APIs
imagehlp.dll 75ff0000 167936 C:\Windows\system32\imagehlp.dll 6.0.6000.16470 (vista_gdr.070416-1510) Windows NT Image Helper
ExplorerFrame.dll 735d0000 36864 C:\Windows\system32\ExplorerFrame.dll 6.0.6000.16386 (vista_rtm.061101-2205) ExplorerFrame
audioses.dll 74130000 135168 C:\Windows\System32\audioses.dll 6.0.6000.16386 (vista_rtm.061101-2205) Audio Session
audioeng.dll 73f50000 417792 C:\Windows\System32\audioeng.dll 6.0.6000.16386 (vista_rtm.061101-2205) Audio Engine
MLANG.dll 73580000 196608 C:\Windows\system32\MLANG.dll 6.0.6000.16386 (vista_rtm.061101-2205) Multi Language Support DLL
msacm32.drv 74230000 36864 C:\Windows\system32\msacm32.drv 6.0.6000.16386 (vista_rtm.061101-2205) Microsoft Sound Mapper
MSACM32.dll 74210000 86016 C:\Windows\system32\MSACM32.dll 6.0.6000.16386 (vista_rtm.061101-2205) Microsoft ACM Audio Filter
midimap.dll 74120000 28672 C:\Windows\system32\midimap.dll 6.0.6000.16386 (vista_rtm.061101-2205) Microsoft MIDI Mapper
cscapi.dll 74dd0000 40960 C:\Windows\system32\cscapi.dll 6.0.6000.16386 (vista_rtm.061101-2205) Offline Files Win32 API
stobject.dll 6edc0000 598016 C:\Windows\system32\stobject.dll 6.0.6000.16386 (vista_rtm.061101-2205) Systray shell service object
BatMeter.dll 6ed00000 745472 C:\Windows\system32\BatMeter.dll 6.0.6000.16386 (vista_rtm.061101-2205) Battery Meter Helper DLL
WTSAPI32.dll 74eb0000 36864 C:\Windows\system32\WTSAPI32.dll 6.0.6000.16386 (vista_rtm.061101-2205) Windows Terminal Server SDK APIs
WINSTA.dll 75310000 147456 C:\Windows\system32\WINSTA.dll 6.0.6000.16386 (vista_rtm.061101-2205) Winstation Library
es.dll 73de0000 286720 C:\Windows\system32\es.dll 2001.12.6930.16677 (vista_gdr.080418-1950) COM+
SndVolSSO.dll 6eed0000 196608 C:\Windows\System32\SndVolSSO.dll 6.0.6000.16386 (vista_rtm.061101-2205) SCA Volume
ehSSO.dll 6ee70000 135168 C:\Windows\ehome\ehSSO.dll 6.0.6000.16386 (vista_rtm.061101-2205) Windows Media Center Shell Service Object
HID.DLL 74110000 36864 C:\Windows\system32\HID.DLL 6.0.6000.16386 (vista_rtm.061101-2205) Hid User Library
netshell.dll 6db20000 3190784 C:\Windows\System32\netshell.dll 6.0.6000.16386 (vista_rtm.061101-2205) Network Connections Shell
IPHLPAPI.DLL 75500000 102400 C:\Windows\System32\IPHLPAPI.DLL 6.0.6000.16386 (vista_rtm.061101-2205) IP Helper API
dhcpcsvc.DLL 754c0000 217088 C:\Windows\System32\dhcpcsvc.DLL 6.0.6000.16386 (vista_rtm.061101-2205) DHCP Client Service
DNSAPI.dll 75730000 176128 C:\Windows\System32\DNSAPI.dll 6.0.6000.16386 (vista_rtm.061101-2205) DNS Client API DLL
WINNSI.DLL 754b0000 28672 C:\Windows\System32\WINNSI.DLL 6.0.6000.16386 (vista_rtm.061101-2205) Network Store Information RPC interface
dhcpcsvc6.DLL 75490000 131072 C:\Windows\System32\dhcpcsvc6.DLL 6.0.6000.16386 (vista_rtm.061101-2205) DHCPv6 Client
nlaapi.dll 74650000 61440 C:\Windows\System32\nlaapi.dll 6.0.6000.16386 (vista_rtm.061101-2205) Network Location Awareness 2
pnidui.dll 6eb40000 1830912 C:\Windows\system32\pnidui.dll 6.0.6000.16386 (vista_rtm.061101-2205) Network System Icon
QUtil.dll 6eb20000 94208 C:\Windows\system32\QUtil.dll 6.0.6000.16386 (vista_rtm.061101-2205) Quarantine Utilities
wevtapi.dll 75520000 253952 C:\Windows\system32\wevtapi.dll 6.0.6000.16386 (vista_rtm.061101-2205) Eventing Consumption and Configuration API
wlanutil.dll 736d0000 24576 C:\Windows\system32\wlanutil.dll 6.0.6000.16386 (vista_rtm.061101-2205) Windows Wireless LAN 802.11 Utility DLL
FirewallAPI.dll 74ed0000 405504 C:\Windows\system32\FirewallAPI.dll 6.0.6000.16386 (vista_rtm.061101-2205) Windows Firewall API
FunDisc.dll 6ead0000 159744 C:\Windows\system32\FunDisc.dll 6.0.6000.16386 (vista_rtm.061101-2205) Function Discovery Dll
fdproxy.dll 71dc0000 36864 C:\Windows\system32\fdproxy.dll 6.0.6000.16386 (vista_rtm.061101-2205) Function Discovery Proxy Dll
msxml3.dll 6e850000 1269760 C:\Windows\System32\msxml3.dll 8.100.3501.0 MSXML 3.0 SP10
ntlanman.dll 6ea00000 73728 C:\Windows\System32\ntlanman.dll 6.0.6000.16386 (vista_rtm.061101-2205) Microsoft® Lan Manager
drprov.dll 6eeb0000 32768 C:\Windows\System32\drprov.dll 6.0.6000.16386 (vista_rtm.061101-2205) Microsoft Terminal Server Network Provider
davclnt.dll 6eea0000 61440 C:\Windows\System32\davclnt.dll 6.0.6000.16386 (vista_rtm.061101-2205) Web DAV Client DLL
npmproxy.dll 6c130000 32768 C:\Windows\System32\npmproxy.dll 6.0.6000.16386 (vista_rtm.061101-2205) Network List Manager Proxy
Wlanapi.dll 6a830000 57344 C:\Windows\system32\Wlanapi.dll 6.0.6000.16386 (vista_rtm.061101-2205) Windows WLAN AutoConfig Client Side API DLL
OneX.DLL 73730000 184320 C:\Windows\system32\OneX.DLL 6.0.6000.16386 (vista_rtm.061101-2205) IEEE 802.1X supplicant library
eappprxy.dll 73cb0000 53248 C:\Windows\system32\eappprxy.dll 6.0.6000.16386 (vista_rtm.061101-2205) Microsoft EAPHost Peer Client DLL
eappcfg.dll 73700000 163840 C:\Windows\system32\eappcfg.dll 6.0.6000.16386 (vista_rtm.061101-2205) Eap Peer Config
bcrypt.dll 753f0000 278528 C:\Windows\system32\bcrypt.dll 6.0.6000.16386 (vista_rtm.061101-2205) Windows Cryptographic Primitives Library
AltTab.dll 6a200000 53248 C:\Windows\System32\AltTab.dll 6.0.6000.16386 (vista_rtm.061101-2205) Windows Shell Alt Tab
wpdshserviceobj.dll 6a120000 143360 C:\Windows\system32\wpdshserviceobj.dll 6.0.6000.16386 (vista_rtm.061101-2205) Windows Portable Device Shell Service Object
WINHTTP.dll 72870000 389120 C:\Windows\system32\WINHTTP.dll 6.0.6000.16386 (vista_rtm.061101-2205) Windows HTTP Services
srchadmin.dll 69c90000 262144 C:\Windows\System32\srchadmin.dll 6.0.6000.16386 (vista_rtm.061101-2205) Indexing Options
webcheck.dll 69c10000 249856 C:\Windows\System32\webcheck.dll 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339) Web Site Monitor
btncopy.dll 1dc0000 188416 C:\Windows\system32\btncopy.dll 6.0.1.3700 BTNCopy Module
ntshrui.dll 74c70000 303104 C:\Windows\system32\ntshrui.dll 6.0.6000.16386 (vista_rtm.061101-2205) Shell extensions for sharing
SyncCenter.dll 68570000 2211840 C:\Windows\System32\SyncCenter.dll 6.0.6000.16386 (vista_rtm.061101-2205) Microsoft Sync Center
wscntfy.dll 69a80000 233472 C:\Windows\system32\wscntfy.dll 6.0.6000.16386 (vista_rtm.061101-2205) Windows Security Center Notification App
WSCAPI.dll 6a820000 45056 C:\Windows\system32\WSCAPI.dll 6.0.6000.16386 (vista_rtm.061101-2205) Windows Security Center API
imapi2.dll 68510000 331776 C:\Windows\system32\imapi2.dll 6.0.6000.16386 (vista_rtm.061101-2205) Image Mastering API v2
mssprxy.dll 69c60000 45056 C:\Windows\system32\mssprxy.dll 6.0.6000.16386 (vista_rtm.061101-2205) mssprxy.lib
NLSData0009.dll 72230000 4886528 C:\Windows\System32\NLSData0009.dll 6.0.6000.16710 (vista_gdr.080625-1507) Microsoft English Natural Language Server Data and Code
NLSLexicons0009.dll 71fa0000 2650112 C:\Windows\System32\NLSLexicons0009.dll 6.0.6000.16710 (vista_gdr.080625-1507) Microsoft English Natural Language Server Data and Code
bthprops.cpl 6d6f0000 1019904 C:\Windows\system32\bthprops.cpl 6.0.6000.16386 (vista_rtm.061101-2205) Bluetooth Control Panel Applet
PortableDeviceTypes.dll 6f010000 176128 C:\Windows\system32\PortableDeviceTypes.dll 6.0.6000.16767 (vista_gdr.081021-1528) Windows Portable Device (Parameter) Types Component
PortableDeviceApi.dll 6c4c0000 253952 C:\Windows\system32\PortableDeviceApi.dll 6.0.6000.16767 (vista_gdr.081021-1528) Windows Portable Device API Components
SXS.DLL 759b0000 389120 C:\Windows\system32\SXS.DLL 6.0.6000.16386 (vista_rtm.061101-2205) Fusion 2.5
QAgent.dll 6a7f0000 180224 C:\Windows\System32\QAgent.dll 6.0.6000.16386 (vista_rtm.061101-2205) Quarantine Agent Proxy
fwpuclnt.dll 6d8f0000 565248 C:\Windows\System32\fwpuclnt.dll 6.0.6000.16386 (vista_rtm.061101-2205) FWP/IPsec User-Mode API
wbemprox.dll 71c30000 45056 C:\Windows\system32\wbem\wbemprox.dll 6.0.6000.16386 (vista_rtm.061101-2205) WMI
wbemcomn.dll 719f0000 368640 C:\Windows\system32\wbem\wbemcomn.dll 6.0.6000.16386 (vista_rtm.061101-2205) WMI
wbemsvc.dll 6c500000 65536 C:\Windows\system32\wbem\wbemsvc.dll 6.0.6000.16386 (vista_rtm.061101-2205) WMI
fastprox.dll 6c190000 626688 C:\Windows\system32\wbem\fastprox.dll 6.0.6000.16830 (vista_gdr.090302-1506) WMI Custom Marshaller
NTDSAPI.dll 756d0000 98304 C:\Windows\system32\NTDSAPI.dll 6.0.6000.16386 (vista_rtm.061101-2205) Active Directory Domain Services API
zipfldr.dll 708c0000 352256 C:\Windows\system32\zipfldr.dll 6.0.6000.16386 (vista_rtm.061101-2205) Compressed (zipped) Folders
tiptsf.dll 705f0000 393216 C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll 6.0.6000.16386 (vista_rtm.061101-2205) Tablet PC Input Panel Text Services Framework
AcroIEHelper.dll 1bf0000 65536 C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll 8.0.0.2006102200 Adobe PDF Helper for Internet Explorer
SDHelper.dll 5ec0000 1925120 C:\Program Files\Spybot - Search & Destroy\SDHelper.dll 1, 6, 2, 14 SBSD IE Protection
comdlg32.dll 75d20000 475136 C:\Windows\system32\comdlg32.dll 6.0.6000.16386 (vista_rtm.061101-2205) Common Dialogs DLL
wsock32.dll 747f0000 28672 C:\Windows\system32\wsock32.dll 6.0.6000.16386 (vista_rtm.061101-2205) Windows Socket 32-Bit DLL
winspool.drv 72730000 266240 C:\Windows\system32\winspool.drv 6.0.6000.16386 (vista_rtm.061101-2205) Windows Spooler Driver
wer.dll 6bc10000 905216 C:\Windows\system32\wer.dll 6.0.6000.16386 (vista_rtm.061101-2205) Windows Error Reporting DLL
SensApi.dll 6d640000 24576 C:\Windows\system32\SensApi.dll 6.0.6000.16386 (vista_rtm.061101-2205) SENS Connectivity API DLL
faultrep.dll 6c140000 155648 C:\Windows\system32\faultrep.dll 6.0.6000.16386 (vista_rtm.061101-2205) Windows User Mode Crash Reporting DLL
olepro32.dll 72710000 98304 C:\Windows\system32\olepro32.dll 6.0.6000.16386 6.0.6000.16386
jsproxy.dll 72700000 36864 C:\Windows\system32\jsproxy.dll 8.00.6001.18882 (longhorn_ie8_gdr.100101-1700) JScript Proxy Auto-Configuration
xmllite.dll 6d610000 139264 C:\Windows\system32\xmllite.dll 1.1.1002.0 Microsoft XmlLite Library
thumbcache.dll 707e0000 73728 C:\Windows\system32\thumbcache.dll 6.0.6000.16386 (vista_rtm.061101-2205) Microsoft Thumbnail Cache
MpOav.dll 707c0000 86016 C:\Program Files\Windows Defender\MpOav.dll 1.1.1505.0 IOfficeAntiVirus Module
MSISIP.DLL 726f0000 32768 C:\Windows\system32\MSISIP.DLL 4.0.6000.16386 (vista_rtm.061101-2205) MSI Signature SIP Provider
wshext.dll 707a0000 69632 C:\Windows\system32\wshext.dll 5.7.0.6000 Microsoft (R) Shell Extension for Windows Script Host
Cabinet.dll 74700000 81920 C:\Windows\system32\Cabinet.dll 6.0.6000.16386 (vista_rtm.061101-2205) Microsoft® Cabinet File API




******************************************
EOF

lcisbell

Newbie Surfer
Newbie Surfer

Posts : 12
Joined : 2010-08-01
Operating System : windows vista

View user profile

Back to top Go down

Re: multiple issues part 2

Post by DragonMaster Jay on Wed 11 Aug 2010, 6:07 am

I need to look at something real quick.

Please download the latest version of Kaspersky GetSystemInfo (GSI) from Kaspersky and save it to your Desktop.

Note: please close all other applications running on your system.

Double click GetSystemInfo.exe to open it. It will display an agreement. Click on I Agree to continue.

Click the Settings button.



Set the slider to Maximum.



IMPORTANT! Then, click Customize - choose Driver / Ports tab and uncheck Scan Ports.




On the General tab, make sure all of the boxes are checked.




On the Misc tab, make sure all the checkboxes are checked.

Then, click OK on the windows that you launched.



Click Create Report to run it.


It will begin scanning.

It will create a zip folder called GetSystemInfo_XXXXXXXXXXXXXX.zip on your Desktop.

It should automatically upload it to [You must be registered and logged in to see this link.] If it does not, then please submit it manually by going to the site and doing the upload process.

It will redirect to a page, where it will provide a sharing URL for specialists. Copy and paste the url of the GSI Parser report in your next reply.


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Re: multiple issues part 2

Post by lcisbell on Wed 11 Aug 2010, 12:01 pm

[You must be registered and logged in to see this link.]

lcisbell

Newbie Surfer
Newbie Surfer

Posts : 12
Joined : 2010-08-01
Operating System : windows vista

View user profile

Back to top Go down

Re: multiple issues part 2

Post by DragonMaster Jay on Wed 11 Aug 2010, 4:37 pm

Are the problems still persisting?


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Re: multiple issues part 2

Post by lcisbell on Thu 12 Aug 2010, 12:08 am

it is doing very good now thank you

lcisbell

Newbie Surfer
Newbie Surfer

Posts : 12
Joined : 2010-08-01
Operating System : windows vista

View user profile

Back to top Go down

Re: multiple issues part 2

Post by DragonMaster Jay on Thu 12 Aug 2010, 6:45 am

Hiya! Your logs appear to be clean. If there are no more issues, then we shall clean up!

Clean up System Restore

Now, to get you off to a clean start, we will be creating a new Restore Point, then clearing the old ones to make sure you do not get reinfected, in case you need to "restore back."

To manually create a new Restore Point

  • Go to Control Panel and select System and Maintenance
  • Select System
  • On the left select Advance System Settings and accept the warning if you get one
  • Select System Protection Tab
  • Select Create at the bottom
  • Type in a name i.e. Clean
  • Select Create
Now we can purge the infected ones
  • Go back to the System and Maintenance page
  • Select Performance Information and Tools
  • On the left select Open Disk Cleanup
  • Select Files from all users and accept the warning if you get one
  • In the drop down box select your main drive i.e. C
  • For a few moments the system will make some calculations
  • Select the More Options tab
  • In the System Restore and Shadow Backups select Clean up
  • Select Delete on the pop up
  • Select OK
  • Select Delete


Run OTC to remove our tools

To remove all of the tools we used and the files and folders they created, please do the following:
Please download OTC.exe by OldTimer:
  • Save it to your Desktop.
  • Double click OTC.exe.
  • Click the CleanUp! button.
  • If you are prompted to Reboot during the cleanup, select Yes.
  • The tool will delete itself once it finishes.

Note: If any tool, file or folder (belonging to the program we have used) hasn't been deleted, please delete it manually.

Purge old temporary files

Please download TFC by OldTimer to your desktop
  • Please double-click TFC.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
  • It will close all programs when run, so make sure you have saved all your work before you begin.
  • Click the Start
    button to begin the process. Depending on how often you clean temp
    files, execution time should be anywhere from a few seconds to a minute
    or two. Let it run uninterrupted to completion.
  • Once it's finished it should reboot your machine. If it does not, please manually reboot the machine yourself to ensure a complete clean.


Security Check

Please download Security Check by screen317 from SpywareInfoforum.org or Changelog.fr.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.


Tell me in your next reply, if you have completed these tasks:
  • Cleaned System Restore
  • Ran OTC
  • Ran TFC
  • Ran Security Check

Also, let me know how your computer is running, and don't forget to post the contents of the Security Check log.


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Re: multiple issues part 2

Post by lcisbell on Thu 12 Aug 2010, 11:41 am

all have been run here is the report
Results of screen317's Security Check version 0.99.5
Windows Vista (UAC is enabled)
Out of date service pack!!
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Enabled!
McAfee Security Scan Plus
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

Ad-Aware
Spybot - Search & Destroy
COMODO System Cleaner
Java(TM) 6 Update 19
Java(TM) SE Runtime Environment 6
Out of date Java installed!
Adobe Flash Player 10.0.32.18
Adobe Reader 8
Out of date Adobe Reader installed!
````````````````````````````````
Process Check:
objlist.exe by Laurent

Windows Defender MSASCui.exe
Ad-Aware AAWService.exe
Ad-Aware AAWTray.exe is disabled!
Spybot Teatimer.exe is disabled!
Windows Defender MSASCui.exe
````````````````````````````````
DNS Vulnerability Check:

GREAT! (Not vulnerable to DNS cache poisoning)

``````````End of Log````````````

lcisbell

Newbie Surfer
Newbie Surfer

Posts : 12
Joined : 2010-08-01
Operating System : windows vista

View user profile

Back to top Go down

Re: multiple issues part 2

Post by DragonMaster Jay on Fri 13 Aug 2010, 6:03 pm

Please consider updating to Windows Vista Service Packs 1 & 2.
Windows Vista Service Packs 1 & 2 contain all the updates released since the first release plus support for new types of hardware and emerging hardware standards.
It is now available via Windows Update or as a standalone installation here.

================================

Adobe Reader Update!

Please download the newest version of Adobe Acrobat Reader from Adobe.com

Before installing: it is important to remove older versions of Acrobat Reader since it does not do so automatically and old versions still leave you vulnerable.
Go to the Control Panel and enter Add or Remove Programs (Programs and Features in Vista/7).
Search in the list for all previous installed versions of Adobe Acrobat Reader. Uninstall/Remove each of them.

Once old versions are gone, please install the newest version.

Java Update!

Please download the newest version of Java from Java.com.

Before installing: it is important to remove older versions of Java since it does not do so automatically and old versions still leave you vulnerable.
Go to the Control Panel and enter Add or Remove Programs (Programs and Features in Vista/7).
Search in the list for all previous installed versions of Java. (J2SE Runtime Environment). Please uninstall/remove each of them.

Once old versions are gone, please install the newest version.

=======================================

Please read the following information that I have provided, which will help you prevent malicious software in the future. Please keep in mind, malware is a continuous danger on the Internet. It is highly important to stay safe while browsing, to prevent re-infection.

Software recommendations

Antivirus/Antispyware

  • Microsoft Security Essentials: this is Microsoft's free antivirus/antispyware program. It equips you with protection against viruses, spyware, trojans, rootkits, and worms. It is also light on the computer's performance. Note: when installing this, you have both an antivirus and antispyware. Make sure you also get a firewall.
  • Avira Free: this is one of the most powerful, and easiest to use security software. The free version equips you with protection against viruses, spyware, trojans, rootkits, worms, and rogue software.


Firewall

  • Tallemu Online Armor: the free version is just as good as the premium. I have linked you to the free version.
  • Comodo Firewall: the free version is just as good as the premium. I have linked you to the free version. The optional security suite enhances the firewall by 40% increase. If you would like to install the suite that includes antivirus, then remove your old antivirus first.
  • PC Tools Firewall Plus: free and excellent firewall.


Note: Please keep ALL of these programs up-to-date and run them whenever you suspect a problem to prevent malware problems.

Resident Protection help
A number of programs have resident protection and it is a good idea to run the resident protection of one of each type of program to maintain protection. However, it is important to run only one resident program of each type since they can conflict and become less effective. That means only one antivirus, firewall, and scanning anti-spyware program at a time. Passive protectors such as SpywareBlaster can be run with any of them.

Securing your computer

  • Windows Updates - It is very important to make sure that both Internet Explorer and Windows are kept current with the latest critical security patches from Microsoft. To do this just start Internet Explorer and select Tools > Windows Update, and follow the online instructions from there.
  • hpHosts file replaces your current HOSTS file with one containing well known ad sites and other bad sites. This prevents your computer from connecting to those sites by redirecting them to 127.0.0.1, which is your local computer's loopback address, meaning it will be difficult to infect your computer in the future.


Please consider using an alternate browser
Mozilla's Firefox browser is a very good alternative. In addition to being generally more secure than Internet Explorer, it has a very good built-in popup blocker and add-ons, like NoScript, can make it even more secure. Opera is another good option.

If you are interested:


See [You must be registered and logged in to see this link.] for more info about malware and prevention.

Thank you for choosing GeekPolice. Please see [You must be registered and logged in to see this link.] if you would like to leave feedback or contribute to our site. Do you have any more questions?


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Re: multiple issues part 2

Post by Sponsored content Today at 6:17 am


Sponsored content


Back to top Go down

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum