Inactive Computer freezing after 15-20 minutes

kgand · 2010/07/29

[Inactive] Computer freezing after 15-20 minutes

Hello all,

I have 2 questions.
1. I ran a registry cleaner on my computer on Monday and yesterday after working fine all morning the screen suddenly went gray with white stripe and then wouldn't do anything. It now will not turn on at all. Is there anything I can do to save it or any of my data?
2. My husband's computer has been freezing after 15 minutes which is what led me here. I followed broni's instructions to another person and so far have downloaded run superanitspyware and I am currently running a malwarebytes scan. The superantispyware found over 600 issues! I just want to know if I am on the right track. I am afraid to have 2 expensive doorstops.

Thanks in advance for any help you can give me!

PeteC · 2010/07/29

Welcome to WindowsBBS

You have posted 2 unrelated problems in the same thread which is not helpull to us and certainly not helpful for you.

Please post Issue #1 in the appropriate forum for your Operating System - XP, Vista or 7

For Issue #2 .....

Please read this as indicated at the head of the forum and post the logs requested in this thread.

kgand · 2010/07/29

I'm sorry I am new here and haven't gotten the rules down yet.

Here are the logs:

dds.txt

DDS (Ver_10-03-17.01) - NTFSx86
Run by gspot023 at 10:04:49.63 on Thu 07/29/2010
Internet Explorer: 8.0.6001.18904
Microsoft® Windows Vistaâ„¢ Home Premium 6.0.6000.0.1252.1.1033.18.2046.1206 [GMT -4:00]

AV: McAfee VirusScan *On-access scanning enabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
SP: McAfee VirusScan *enabled* (Updated) {C78B3C70-4777-4742-BB91-9D615CC575E6}
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}
FW: McAfee Personal Firewall *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Google\Update\1.2.183.29\GoogleCrashHandler.exe
C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\aestsrv.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
C:\Windows\system32\CTsvcCDA.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\Windows\system32\STacSV.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Creative\SBAudigy\Volume Panel\VolPanlu.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe
C:\Program Files\Upromise\dca-ua.exe
C:\Program Files\Upromise\UpromiseTray.exe
C:\Program Files\Registry Mechanic\RMTray.exe
C:\Users\gspot023\AppData\Roaming\Smilebox\SmileboxTray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Windows\ehome\ehmsas.exe
C:\Users\gspot023\Desktop\dds.scr

============== Pseudo HJT Report ===============

uSearch Page =
uStart Page = hxxp://www.msn.com
uDefault_Page_URL = hxxp://www.msn.com
uWindow Title = Windows Internet Explorer provided by Comcast
mStart Page = hxxp://www.comcast.net/
mDefault_Page_URL = hxxp://www.yahoo.com/
mDefault_Search_URL = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
mSearch Page = hxxp://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
mWindow Title = Windows Internet Explorer provided by Comcast
mSearchAssistant =
uURLSearchHooks: H - No File
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AskBar BHO: {201f27d4-3704-41d6-89c1-aa35e39143ed} - AskBar BHO
BHO: BitComet Helper: {39f7e362-828a-4b5a-bcaf-5b79bfdfea60} - c:\program files\bitcomet\tools\BitCometBHO_1.3.1.15.dll
BHO: Comcast Toolbar: {4e7bd74f-2b8d-469e-93be-be2df4d9ae29} - c:\progra~1\comcas~1\COMCAS~1.DLL
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0\bin\ssv.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\mcafee\virusscan\scriptsn.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: DCA BHO: {b49699fc-1665-4414-a1cb-c4a2a4a13eec} - c:\program files\upromise\dca-bho.dll
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\dell\bae\BAE.dll
BHO: MSN Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn\toolbar\3.0.1203.0\msneshellx.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
BHO: ChromeFrame BHO: {ecb3c477-1a0a-44bd-bb57-78f9efe34fa7} - c:\program files\google\chrome frame\application\5.0.375.125\npchrome_frame.dll
BHO: Upromise TurboSaver: {edc0f17f-f4b7-47e4-b73e-887faeb376fa} - c:\program files\upromise\upromisetoolbar.dll
TB: Comcast Toolbar: {4e7bd74f-2b8d-469e-93be-be2df4d9ae29} - c:\progra~1\comcas~1\COMCAS~1.DLL
TB: Ask Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} -
TB: Upromise TurboSaver: {06e58e5e-f8cb-4049-991e-a41c03bd419e} - c:\program files\upromise\upromisetoolbar.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: MSN Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - c:\program files\msn\toolbar\3.0.1203.0\msneshellx.dll
TB: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No File
TB: {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No File
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter
uRun: [MsnMsgr] "c:\program files\windows live\messenger\MsnMsgr.Exe" /background
uRun: [DW6] "c:\program files\the weather channel fw\desktop\DesktopWeather.exe "
uRun: [Upromise Update] c:\program files\upromise\dca-ua.exe
uRun: [Upromise Tray] c:\program files\upromise\UpromiseTray.exe
uRun: [RegistryMechanic] c:\program files\registry mechanic\RMTray.exe /H
uRun: [SmileboxTray] "c:\users\gspot023\appdata\roaming\smilebox\SmileboxTray.exe "
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [RegistryBooster] "c:\program files\uniblue\registrybooster\launcher.exe" delay 20000
uRunOnce: [Shockwave Updater] c:\windows\system32\adobe\shockwave 11\SwHelper_1150596.exe -Update -1150596 - "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; Comcast Install 1.0; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.5.30729; .NET CLR 3.0.30618; OfficeLiveConnector.1.3; OfficeLivePatch.0.0)" - "http://www.chuckecheese.com/chuck-e-games/games/chuck-e-ball.php "
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [ECenter] c:\dell\e-center\EULALauncher.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [NvSvc] RUNDLL32.EXE c:\windows\system32\nvsvc.dll,nvsvcStart
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [NVHotkey] rundll32.exe c:\windows\system32\nvHotkey.dll,Start
mRun: [VolPanel] "c:\program files\creative\sbaudigy\volume panel\VolPanlu.exe" /r
mRun: [UpdReg] c:\windows\UpdReg.EXE
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [<NO NAME>]
mRun: [PCMService] "c:\program files\dell\mediadirect\PCMService.exe "
mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe "
mRun: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter
mRun: [itype] "c:\program files\microsoft intellitype pro\itype.exe "
mRun: [IntelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe "
mRun: [ddoctorv2] "c:\program files\comcast\desktop doctor\bin\sprtcmd.exe" /P ddoctorv2
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe "
mRun: [LogitechCommunicationsManager] "c:\program files\common files\logishrd\lcommgr\Communications_Helper.exe "
mRun: [LogitechQuickCamRibbon] "c:\program files\logitech\quickcam\Quickcam.exe" /hide
mRun: [mcagent_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRun: [MSConfig] "c:\windows\system32\msconfig.exe" /auto
dRun: [MySpaceIM] c:\program files\myspace\im\MySpaceIM.exe
dRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\logite~1.lnk - c:\program files\logitech\desktop messenger\8876480\program\LogitechDesktopMessenger.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\quickset.lnk - c:\program files\dell\quickset\quickset.exe
IE: &D&ownload &with BitComet - c:\program files\bitcomet\BitComet.exe/AddLink.htm
IE: &D&ownload all video with BitComet - c:\program files\bitcomet\BitComet.exe/AddVideo.htm
IE: &D&ownload all with BitComet - c:\program files\bitcomet\BitComet.exe/AddAllLink.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://c:\program files\bitcomet\tools\BitCometBHO_1.3.1.15.dll/206
IE: {06E58E5E-F8CB-4049-991E-A41C03BD419E} - {06E58E5E-F8CB-4049-991E-A41C03BD419E} - c:\program files\upromise\upromisetoolbar.dll
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0\bin\npjpi160.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
DPF: {02A2D714-433E-46E4-B217-7C3B3FAF8EAE} - hxxp://www.worldwinner.com/games/v47/scrabblecubes/scrabblecubes.cab
DPF: {0B195D55-0AB4-48C7-828F-34BE10BA4266} - hxxp://www.worldwinner.com/games/v53/dealornodeal/dealornodeal.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {1D082E71-DF20-4AAF-863B-596428C49874} - hxxp://www.worldwinner.com/games/v50/tpir/tpir.cab
DPF: {362C56AA-6E4F-40C7-A0B5-85501DBDAD77} - hxxp://i.dell.com/images/global/js/scanner/SysProExe.cab
DPF: {3D3DBC64-0D21-4EA4-94EE-86D6D9B31C0C} - hxxp://www.worldwinner.com/games/v45/moneylist/moneylist.cab
DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} - hxxp://support.dell.com/systemprofiler/SysProExe.CAB
DPF: {555F1BBC-6EC2-474F-84AF-633EF097FF54} - hxxp://www.worldwinner.com/games/v53/wwhearts/wwhearts.cab
DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} - hxxp://www.worldwinner.com/games/v51/bejeweled/bejeweled.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} - hxxp://www.worldwinner.com/games/shared/wwlaunch.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {A52FBD2B-7AB3-4F6B-90E3-91C772C5D00F} - hxxp://www.worldwinner.com/games/v57/wof/wof.cab
DPF: {AC2881FD-5760-46DB-83AE-20A5C6432A7E} - hxxp://www.worldwinner.com/games/v67/swapit/swapit.cab
DPF: {CF969D51-F764-4FBF-9E90-475248601C8A} - hxxp://www.worldwinner.com/games/v49/familyfeud/familyfeud.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {E70E3E64-2793-4AEF-8CC8-F1606BE563B0} - hxxp://www.worldwinner.com/games/v54/wwspades/wwspades.cab
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\logitech\desktop messenger\8876480\program\GAPlugProtocol-8876480.dll
Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - c:\program files\google\chrome frame\application\5.0.375.125\npchrome_frame.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL

============= SERVICES / DRIVERS ===============

S3 cmeu0wdm;CardMan 2020;c:\windows\system32\drivers\cmeu0wdm.sys [2005-5-23 43737]
S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2009-9-30 54632]

=============== Created Last 30 ================

2010-07-28 19:44:45 0 d-----w- c:\users\gspot023\appdata\roaming\SUPERAntiSpyware.com
2010-07-28 19:44:45 0 d-----w- c:\programdata\SUPERAntiSpyware.com
2010-07-28 19:44:26 0 d-----w- c:\program files\SUPERAntiSpyware
2010-07-26 16:25:40 0 d-----w- c:\program files\WinASO
2010-07-23 14:41:24 0 d-----w- c:\users\gspot023\appdata\roaming\Uniblue
2010-07-23 14:41:17 0 d-----w- c:\program files\Uniblue
2010-07-20 02:17:44 65536 ----a-w- c:\windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.dpx
2010-07-20 02:17:44 131072 ----a-w- c:\windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.perf
2010-07-20 02:17:43 1507328 ----a-w- c:\windows\ocsetup_install_MicrosoftWindowsPowerShell.etl
2010-07-20 02:17:40 0 d-----w- c:\program files\Microsoft ATS

==================== Find3M ====================

2010-07-29 13:20:50 212128 ----a-w- c:\users\gspot023\appdata\roaming\nvModes.dat
2010-07-28 19:50:00 1660 ----a-w- c:\windows\bthservsdp.dat
2010-07-10 18:53:00 51200 ----a-w- c:\windows\inf\infpub.dat
2010-07-10 18:53:00 143360 ----a-w- c:\windows\inf\infstrng.dat
2010-07-10 18:52:33 86016 ----a-w- c:\windows\inf\infstor.dat
2010-05-14 15:06:03 5262 ----a-w- c:\users\gspot023\appdata\roaming\wklnhst.dat
2009-01-03 08:19:51 174 --sha-w- c:\program files\desktop.ini
2008-07-08 04:59:59 665600 ----a-w- c:\windows\inf\drvindex.dat
2006-11-02 12:42:02 30674 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 12:42:02 30674 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 12:42:02 287440 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 12:42:02 287440 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
2010-01-12 15:43:20 245760 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\ietldcache\index.dat
2007-10-20 15:16:33 8192 --sha-w- c:\windows\users\default\NTUSER.DAT

============= FINISH: 10:10:21.15 ===============

kgand · 2010/07/29

attach.txt log

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-03-17.01)

Microsoft® Windows Vistaâ„¢ Home Premium
Boot Device: \Device\HarddiskVolume3
Install Date: 10/20/2007 3:24:48 AM
System Uptime: 7/29/2010 10:01:46 AM (0 hours ago)

Motherboard: Dell Inc. | | 0KY768
Processor: Intel(R) Core(TM)2 Duo CPU T5250 @ 1.50GHz | Microprocessor | 1500/166mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 136 GiB total, 72.7 GiB free.
D: is FIXED (NTFS) - 10 GiB total, 5.763 GiB free.
E: is CDROM ()

==== Disabled Device Manager Items =============

Class GUID:
Description: Bluetooth Peripheral Device
Device ID: BTHENUM\{426C6163-6B42-6572-7279-427970617373}_LOCALMFG&000F\8&3DF47A1&0&001CCC7BDE8A_C00000000
Manufacturer:
Name: Bluetooth Peripheral Device
PNP Device ID: BTHENUM\{426C6163-6B42-6572-7279-427970617373}_LOCALMFG&000F\8&3DF47A1&0&001CCC7BDE8A_C00000000
Service:

Class GUID:
Description: Bluetooth Peripheral Device
Device ID: BTHENUM\{426C6163-6B42-6572-7279-44736B746F70}_LOCALMFG&000F\8&3DF47A1&0&001CCC7BDE8A_C00000000
Manufacturer:
Name: Bluetooth Peripheral Device
PNP Device ID: BTHENUM\{426C6163-6B42-6572-7279-44736B746F70}_LOCALMFG&000F\8&3DF47A1&0&001CCC7BDE8A_C00000000
Service:

==== System Restore Points ===================

RP515: 7/21/2010 1:34:37 AM - Scheduled Checkpoint
RP516: 7/21/2010 3:10:38 PM - Scheduled Checkpoint
RP517: 7/22/2010 2:39:25 PM - Scheduled Checkpoint

==== Installed Programs ======================

32 Bit HP CIO Components Installer
AAC Decoder
Acrobat.com
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Reader 9.1
Adobe Shockwave Player 11.5
AIO_Scan
Ask Toolbar
AudioCatalyst
AutoUpdate
BitComet 1.09
BlackBerry Desktop Software 4.3
BlackBerry Device Software v4.3.0 for the BlackBerry 8120 smartphone
Broadcom Management Programs
Browser Address Error Redirector
BufferChm
Comcast High-Speed Internet Install Wizard
Comcast Toolbar
Conexant HDA D330 MDC V.92 Modem
Copy
Coupon Printer for Windows
Creative MediaSource 5
CustomerResearchQFolder
Dell DataSafe Online
Dell Support Center (Support Software)
Dell System Customization Wizard
Dell Touchpad
DellSupport
Desktop Doctor
Destinations
DeviceManagementQFolder
Digital Line Detect
DivX Codec
DivX Converter
DivX Player
DivX Plus DirectShow Filters
DivX Version Checker
DivX Web Player
DJ_AIO_ProductContext
DJ_AIO_Software
DJ_AIO_Software_min
eSupportQFolder
F4100
F4100_Help
Games, Music, & Photos Launcher
Google Chrome Frame
Google Earth
Google Update Helper
GoToAssist 8.0.0.480
H.264 Decoder
Highlight Viewer (Windows Live Toolbar)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Customer Participation Program 8.0
HP Deskjet All-In-One Software 8.0
HP Imaging Device Functions 8.0
HP Photosmart Essential
HP Solution Center 8.0
HP Update
HPProductAssistant
HPSSupply
Intel(R) PROSet/Wireless Software
Java(TM) SE Runtime Environment 6
Junk Mail filter update
LimeWire 4.18.8
Logitech Desktop Messenger
Logitech QuickCam
Logitech QuickCam Driver Package
Logitech Updater
Malwarebytes' Anti-Malware
Map Button (Windows Live Toolbar)
MarketResearch
McAfee SecurityCenter
mCore
MediaDirect
mHelp
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft IntelliPoint 6.1
Microsoft IntelliType Pro 6.1
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Live Add-in 1.5
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional 2007
Microsoft Office Professional 2007 Trial
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Office Word Viewer 2003
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
MKV Splitter
mMHouse
Modem Diagnostic Tool
Move Networks Media Player for Internet Explorer
MpcStar 4.1
mPfMgr
MSN Toolbar
MSVCRT
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
mWMI
MySpaceIM
Netflix Movie Viewer
NetWaiting
NVIDIA Drivers
OGA Notifier 2.0.0048.0
Ots CD Scratch 1200 1.00.044
OutlookAddinSetup
PCDJ Red 5.0
PDG Gold for NCOs - 2009 Demo
Product Documentation Launcher
QualxServ Service Agreement
QuickSet
QuickTime
Registry Mechanic 8.0
Roxio Creator Audio
Roxio Creator BDAV Plugin
Roxio Creator Copy
Roxio Creator Data
Roxio Creator DE
Roxio Creator Tools
Roxio Drag-to-Disc
Roxio Express Labeler
Roxio MyDVD DE
Roxio Update Manager
Scan
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for 2007 Microsoft Office System (KB982312)
Security Update for 2007 Microsoft Office System (KB982331)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB982308)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office Outlook 2007 (KB980376)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office Publisher 2007 (KB982124)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB969613)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB982135)
SigmaTel Audio
Skype web features
Skypeâ„¢ 4.1
Smart Menus (Windows Live Toolbar)
Smilebox
SolutionCenter
Sonic Activation Module
Sound Blaster Audigy ADVANCED MB
Spelling Dictionaries Support For Adobe Reader 8
Status
SUPERAntiSpyware
The Weather Channel Desktop 6
TomTom HOME
Toolbox
TrayApp
Uniblue RegistryBooster
UnloadSupport
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (kb2202131)
Upromise TurboSaver (remove only)
User's Guides
VC_MergeModuleToMSI
VC80CRTRedist - 8.0.50727.762
Virtual DJ - Atomix Productions
Walmart Photo Manager
WebReg
WIDCOMM Bluetooth Software 6.0.1.3100
WinASO Registry Optimizer 4.5.5
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live Favorites for Windows Live Toolbar
Windows Live ID Sign-in Assistant
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Gallery
Windows Live Sync
Windows Live Toolbar
Windows Live Toolbar Extension (Windows Live Toolbar)
Windows Live Upload Tool
Windows Live Writer
XingMP3 Player

==== Event Viewer Messages From Past Week ========

7/28/2010 3:55:12 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service McNASvc with arguments " " in order to run the server: {24F616A1-B755-4053-8018-C3425DC8B68A}
7/28/2010 3:52:04 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments " " in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
7/28/2010 3:51:27 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments " " in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
7/28/2010 3:51:27 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments " " in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
7/28/2010 3:51:26 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments " " in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}
7/28/2010 3:51:23 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments " " in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
7/28/2010 3:51:15 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments " " in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
7/28/2010 3:39:38 PM, Error: EventLog [6008] - The previous system shutdown at 3:29:50 PM on 7/28/2010 was unexpected.
7/28/2010 3:26:07 PM, Error: EventLog [6008] - The previous system shutdown at 3:15:28 PM on 7/28/2010 was unexpected.
7/28/2010 3:09:36 PM, Error: EventLog [6008] - The previous system shutdown at 3:04:30 PM on 7/28/2010 was unexpected.
7/28/2010 2:38:33 PM, Error: EventLog [6008] - The previous system shutdown at 2:32:44 PM on 7/28/2010 was unexpected.
7/28/2010 2:09:30 PM, Error: Microsoft-Windows-LanguagePackSetup [1001] - Application initialization failed. Last error: 0x80004005
7/28/2010 12:56:36 PM, Error: Microsoft-Windows-ResourcePublication [1002] - Element Provider\Microsoft.Base.Publication/Publication/Computer failed to publish. Ensure that both PKEY_PUBSVCS_METADATA and PKEY_PUBSVCS_TYPE are set properly on the function instance and there were no errors adding the function instance.
7/28/2010 12:56:15 PM, Error: EventLog [6008] - The previous system shutdown at 12:52:53 PM on 7/28/2010 was unexpected.
7/28/2010 12:38:22 PM, Error: EventLog [6008] - The previous system shutdown at 12:34:07 PM on 7/28/2010 was unexpected.
7/28/2010 12:23:11 PM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.
7/28/2010 12:22:43 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
7/28/2010 12:22:43 PM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
7/28/2010 12:22:43 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments " " in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
7/28/2010 12:17:30 PM, Error: EventLog [6008] - The previous system shutdown at 5:19:15 PM on 7/26/2010 was unexpected.
7/28/2010 1:27:32 PM, Error: EventLog [6008] - The previous system shutdown at 1:23:44 PM on 7/28/2010 was unexpected.
7/28/2010 1:11:58 PM, Error: EventLog [6008] - The previous system shutdown at 1:05:51 PM on 7/28/2010 was unexpected.
7/26/2010 9:16:24 AM, Error: EventLog [6008] - The previous system shutdown at 8:43:34 AM on 7/26/2010 was unexpected.
7/26/2010 8:21:42 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the McAfee Real-time Scanner service to connect.
7/26/2010 8:21:42 AM, Error: Service Control Manager [7000] - The McAfee Real-time Scanner service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
7/26/2010 8:09:14 AM, Error: EventLog [6008] - The previous system shutdown at 8:26:45 PM on 7/25/2010 was unexpected.
7/26/2010 4:21:47 PM, Error: EventLog [6008] - The previous system shutdown at 3:59:14 PM on 7/26/2010 was unexpected.
7/26/2010 3:42:47 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
7/26/2010 3:42:47 PM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error 2147749155 (0x80040D23).
7/26/2010 3:40:33 PM, Error: EventLog [6008] - The previous system shutdown at 3:36:44 PM on 7/26/2010 was unexpected.
7/25/2010 8:06:44 PM, Error: Service Control Manager [7031] - The McAfee Real-time Scanner service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
7/25/2010 7:54:46 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the McAfee Network Agent service to connect.
7/25/2010 7:54:46 PM, Error: Service Control Manager [7000] - The McAfee Network Agent service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
7/25/2010 7:54:46 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service McNASvc with arguments " " in order to run the server: {24F616A1-B755-4053-8018-C3425DC8B68A}
7/25/2010 7:54:14 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the McAfee SystemGuards service to connect.
7/25/2010 7:54:14 PM, Error: Service Control Manager [7000] - The McAfee SystemGuards service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
7/25/2010 7:53:09 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Media Player Network Sharing Service service to connect.
7/25/2010 7:53:09 PM, Error: Service Control Manager [7000] - The Windows Media Player Network Sharing Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
7/25/2010 7:51:19 PM, Error: EventLog [6008] - The previous system shutdown at 7:43:52 PM on 7/25/2010 was unexpected.
7/25/2010 7:39:16 PM, Error: EventLog [6008] - The previous system shutdown at 12:39:32 PM on 7/23/2010 was unexpected.
7/23/2010 9:57:14 AM, Error: EventLog [6008] - The previous system shutdown at 9:52:58 AM on 7/23/2010 was unexpected.
7/23/2010 9:19:23 AM, Error: Microsoft-Windows-WinHttp [12506] - The WinHTTP Web Proxy Auto-Discovery Service encountered a system error from RpcEpRegisterW(): (Error Code = 1752) The server endpoint cannot perform the operation.
7/23/2010 9:05:54 AM, Error: BROWSER [8007] - The browser was unable to update the service status bits. The data is the error.
7/23/2010 8:19:29 AM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.15.4 for the Network Card with network address 001CBF14AFE2 has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).
7/23/2010 8:11:04 AM, Error: EventLog [6008] - The previous system shutdown at 8:00:58 AM on 7/23/2010 was unexpected.
7/23/2010 12:27:40 PM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\IWMSSvc.dll Error Code: 21
7/23/2010 11:36:38 AM, Error: EventLog [6008] - The previous system shutdown at 11:22:42 AM on 7/23/2010 was unexpected.
7/23/2010 10:18:52 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {8BC3F05E-D86B-11D0-A075-00C04FB68820} to the user gspot023-PC\gspot023 SID (S-1-5-21-1510583900-2182253708-3798832088-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
7/22/2010 8:08:07 AM, Error: BTHUSB [17] - The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
7/22/2010 11:33:01 AM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.15.3 for the Network Card with network address 001CBF14AFE2 has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).
7/22/2010 11:14:10 AM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.0.2 for the Network Card with network address 001CBF14AFE2 has been denied by the DHCP server 192.168.15.1 (The DHCP Server sent a DHCPNACK message).
7/22/2010 11:13:58 AM, Error: EventLog [6008] - The previous system shutdown at 10:59:49 AM on 7/22/2010 was unexpected.
7/22/2010 10:00:13 AM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume OS.
7/22/2010 1:24:42 PM, Error: iaStor [9] - The device, \Device\Ide\iaStor0, did not respond within the timeout period.

==== End Of File ===========================

Admin. · 2010/07/29

I see you have P2P software ( Azures, Limewire, BitTorrent, uTorrent etc…) installed on your machine. We are not here to pass judgment on file-sharing as a concept. However, we will warn you that engaging in this activity and having this kind of software installed on your machine will always make you more susceptible to re-infections. It may be contributing to your current situation. This page will give you further information.

Please note: Even if you are using a "safe" P2P program, it is only the program that is safe. You will be sharing files from uncertified sources, and these are often infected. The bad guys use P2P filesharing as a major conduit to spread their wares and their infections.

References for the risk of these programs are here, and here.

I would strongly recommend that you uninstall them, and read the links above for educational value!

Note: Please be advised that continued use of these programs after being warned of the danger of infections from them, may result in the discontinued help of future cleaning of your system here at WindowsBBS Malware and Virus removal.

A Malware expert will have a look at your log in due course.

broni · 2010/07/29

Please, uninstall RegistryBooster. Registry tools are not recommended (you already know from your computer issues). More info: http://miekiemoes.blogspot.com/2008/02/registry-cleaners-and-system-tweaking_13.html

================================================================

STEP 1. Download Malwarebytes' Anti-Malware (aka MBAM): http://www.malwarebytes.org/mbam.php to your desktop.
(Malwarebytes is free to use as a manual scanner. Payment is only required if you wish to have it run and update automatically which is not necessary for our purposes)

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform Quick Scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

STEP 2. Download GMER: http://www.gmer.net/files.php, by clicking on Download EXE button.
Alternative downloads:
- http://majorgeeks.com/GMER_d5198.html
- http://www.softpedia.com/get/Interne...ers/GMER.shtml
Double click on downloaded .exe file, select Rootkit tab and click the Scan button.
Do NOT use the computer while GMER is running!
When scan is completed, click Save button, and save the results as gmer.log
Warning ! Please, do not select the "Show all" checkbox during the scan.
Post the log to your next reply.

IMPORTANT! If for some reason GMER refuses to run, try again.
If it still fails, try to UN-check "Devices" in right pane.
If still no joy, try to run it from Safe Mode.

STEP 3. Download MBRCheck to your desktop

Double click MBRCheck.exe to run (Vista and Windows 7 users, right click and select Run as Administrator).
It will show a black screen with some data on it.
A report called MBRcheckxxxx.txt will be on your desktop
Open this report and post its content in your next reply.

DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!

kgand · 2010/07/29

The P2P programs are my husbands from when he was deployed they haven't been used in a very long time. I can easily uninstall them.

kgand · 2010/07/29

broni, do you want the log from the superantispyware as well?

broni · 2010/07/29

Not now...

kgand · 2010/07/29

Malwarebytes log

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4052

Windows 6.0.6000
Internet Explorer 8.0.6001.18904

7/29/2010 8:10:01 PM
mbam-log-2010-07-29 (20-10-01).txt

Scan type: Quick scan
Objects scanned: 125868
Time elapsed: 12 minute(s), 26 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

broni · 2010/07/29

Go on...

kgand · 2010/08/02

The scan took over 24 hours and then froze the computer and then I had to go out of town. I am going to try again.

kgand · 2010/08/02

I forgot to say that everytime I tried to get what I could out of the log it causes a blue screen that says it doing a 'crash dump'.

broni · 2010/08/02

OK. Skip GMER for now.

Proceed with MBRCheck and then...

Please download ComboFix from [color= "Red"]Here[/color] or [color= "#FF0000"]Here[/color] to your Desktop.

[color= "Blue"]**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**[/color]

Please, never rename Combofix unless instructed.

Close any open browsers.

Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results ".

Click on [color= "Red"]this link[/color] to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.

NOTE1. If Combofix asks you to install Recovery Console, please allow it.
NOTE 2. If Combofix asks you to update the program, always do so.

Close any open browsers.

[color= "Red"]WARNING:[/color] Combofix will disconnect your machine from the Internet as soon as it starts

Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.

If there is no internet connection after running Combofix, then restart your computer to restore back your connection.

Double click on combofix.exe & follow the prompts.

When finished, it will produce a report for you.

Please post the "C:\ComboFix.txt"

**Note: Do not mouseclick combofix's window while it's running. That may cause it to stall**

Make sure, you re-enable your security programs, when you're done with Combofix.

DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!

kgand · 2010/08/03

ComboFix 10-08-03.02 - gspot023 08/03/2010 22:54:39.1.2 - x86
Microsoft® Windows Vistaâ„¢ Home Premium 6.0.6000.0.1252.1.1033.18.2046.1223 [GMT -4:00]
Running from: c:\users\gspot023\Desktop\ComboFix.exe
AV: McAfee VirusScan *On-access scanning disabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Personal Firewall *disabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}
SP: McAfee VirusScan *disabled* (Updated) {C78B3C70-4777-4742-BB91-9D615CC575E6}
SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\gspot023\GoToAssistDownloadHelper.exe
c:\windows\Downloaded Program Files\f3initialsetup1.0.1.1.inf
c:\windows\TEMP\logishrd\LVPrcInj02.dll

.
((((((((((((((((((((((((( Files Created from 2010-07-04 to 2010-08-04 )))))))))))))))))))))))))))))))
.

2010-08-04 03:04 . 2010-08-04 03:04 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-08-04 02:22 . 2010-08-04 02:23 -------- dc----w- C:\32788R22FWJFW
2010-07-30 01:38 . 2010-07-30 01:38 -------- d-----w- C:\found.000
2010-07-28 19:44 . 2010-07-28 19:44 -------- d-----w- c:\users\gspot023\AppData\Roaming\SUPERAntiSpyware.com
2010-07-28 19:44 . 2010-07-28 19:44 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2010-07-28 19:44 . 2010-07-28 19:44 -------- d-----w- c:\program files\SUPERAntiSpyware
2010-07-26 16:25 . 2010-07-26 16:25 -------- d-----w- c:\program files\WinASO
2010-07-23 14:41 . 2010-07-23 14:41 -------- d-----w- c:\users\gspot023\AppData\Roaming\Uniblue
2010-07-20 02:17 . 2010-07-20 02:17 -------- d-----w- c:\program files\Microsoft ATS

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-04 03:05 . 2007-10-20 07:24 1660 ----a-w- c:\windows\bthservsdp.dat
2010-07-29 14:04 . 2008-02-21 00:10 8268 ----a-w- c:\users\gspot023\AppData\Local\d3d9caps.dat
2010-07-29 13:20 . 2007-10-24 22:53 212128 ----a-w- c:\users\gspot023\AppData\Roaming\nvModes.dat
2010-07-23 12:20 . 2009-12-22 19:21 -------- d-----w- c:\users\gspot023\AppData\Roaming\Smilebox
2010-07-21 02:58 . 2009-10-09 15:43 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-07-14 14:29 . 2009-09-24 20:56 -------- d-----w- c:\programdata\Microsoft Help
2010-06-22 19:15 . 2008-01-18 20:36 -------- d-----w- c:\users\gspot023\AppData\Roaming\Image Zone Express
2010-06-19 16:31 . 2009-04-11 03:13 -------- d-----w- c:\users\gspot023\AppData\Roaming\Skype
2010-06-19 12:03 . 2009-04-11 03:15 -------- d-----w- c:\users\gspot023\AppData\Roaming\skypePM
2010-05-14 15:06 . 2007-10-25 21:08 5262 ----a-w- c:\users\gspot023\AppData\Roaming\wklnhst.dat
2007-10-20 15:16 . 2007-10-20 15:06 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe "= "c:\windows\ehome\ehTray.exe" [2006-11-02 125440]
"DellSupportCenter "= "c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]
"MsnMsgr "= "c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-07-26 3883856]
"DW6 "= "c:\program files\The Weather Channel FW\Desktop\DesktopWeather.exe" [2009-10-08 818288]
"Upromise Update "= "c:\program files\Upromise\dca-ua.exe" [2009-04-13 96136]
"Upromise Tray "= "c:\program files\Upromise\UpromiseTray.exe" [2009-04-14 139264]
"RegistryMechanic "= "c:\program files\Registry Mechanic\RMTray.exe" [2008-07-03 812952]
"SmileboxTray "= "c:\users\gspot023\AppData\Roaming\Smilebox\SmileboxTray.exe" [2010-06-29 304448]
"WMPNSCFG "= "c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 201728]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Shockwave Updater "= "c:\windows\system32\Adobe\Shockwave 11\SwHelper_1150596.exe" [2009-04-29 468408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender "= "c:\program files\Windows Defender\MSASCui.exe" [2007-10-20 1006264]
"ECenter "= "c:\dell\E-Center\EULALauncher.exe" [2007-05-25 17920]
"SynTPEnh "= "c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-04-28 857648]
"NvSvc "= "c:\windows\system32\nvsvc.dll" [2007-06-25 86016]
"NvCplDaemon "= "c:\windows\system32\NvCpl.dll" [2007-06-25 8433664]
"NvMediaCenter "= "c:\windows\system32\NvMcTray.dll" [2007-06-25 81920]
"NVHotkey "= "c:\windows\system32\nvHotkey.dll" [2007-06-25 67584]
"VolPanel "= "c:\program files\Creative\SBAudigy\Volume Panel\VolPanlu.exe" [2006-11-27 180224]
"UpdReg "= "c:\windows\UpdReg.EXE" [2000-05-11 90112]
"ISUSScheduler "= "c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2006-10-03 81920]
"PCMService "= "c:\program files\Dell\MediaDirect\PCMService.exe" [2007-04-16 184320]
"dscactivate "= "c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-11-15 16384]
"SigmatelSysTrayApp "= "c:\program files\SigmaTel\C-Major Audio\WDM\sttray.exe" [2007-09-07 405504]
"ISUSPM Startup "= "c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2006-10-03 221184]
"QuickTime Task "= "c:\program files\QuickTime\QTTask.exe" [2008-02-01 385024]
"DellSupportCenter "= "c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]
"itype "= "c:\program files\Microsoft IntelliType Pro\itype.exe" [2006-11-22 813912]
"IntelliPoint "= "c:\program files\Microsoft IntelliPoint\ipoint.exe" [2007-02-05 849280]
"ddoctorv2 "= "c:\program files\Comcast\Desktop Doctor\bin\sprtcmd.exe" [2008-04-24 202560]
"Adobe Reader Speed Launcher "= "c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"LogitechCommunicationsManager "= "c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2008-08-14 565008]
"LogitechQuickCamRibbon "= "c:\program files\Logitech\QuickCam\Quickcam.exe" [2008-08-14 2407184]
"mcagent_exe "= "c:\program files\McAfee.com\Agent\mcagent.exe" [2009-10-29 1218008]
"Malwarebytes Anti-Malware (reboot) "= "c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-04-29 1090952]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"MySpaceIM "= "c:\program files\MySpace\IM\MySpaceIM.exe" [2008-12-12 9555968]
"msnmsgr "= "c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2006-11-3 703280]
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2007-10-20 50688]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-1-2 210520]
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2009-8-16 66864]
QuickSet.lnk - c:\program files\Dell\QuickSet\quickset.exe [2007-7-20 1180952]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer "=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=" "

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=" "

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@= "Service "
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MbarInstall

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitComet]
2009-01-20 06:37 2523960 ----a-w- c:\program files\BitComet\BitComet.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2006-12-11 02:52 49152 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MySpaceIM]
2008-12-12 18:46 9555968 ----a-w- c:\program files\MySpace\IM\MySpaceIM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2009-10-09 18:11 25623336 ----a-r- c:\program files\Skype\Phone\Skype.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
2008-05-06 08:42 202088 ----a-w- c:\program files\TomTom HOME 2\HOMERunner.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring "=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring "=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring "=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring "=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring "=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring "=dword:00000001

R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2009-11-30 135664]
R3 cmeu0wdm;CardMan 2020;c:\windows\system32\DRIVERS\cmeu0wdm.sys [2005-05-23 43737]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2010-02-17 12872]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2010-05-10 67656]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\aestsrv.exe [2007-08-29 73728]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder

2010-08-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-11-30 14:34]

2010-08-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-11-30 14:34]

2010-06-15 c:\windows\Tasks\McDefragTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2009-10-21 16:22]

2010-07-01 c:\windows\Tasks\McQcTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2009-10-21 16:22]

2008-07-09 c:\windows\Tasks\Microsoft_Hardware_Launch_IPoint_exe.job
- c:\program files\Microsoft IntelliPoint\ipoint.exe [2007-02-05 23:52]

2008-07-09 c:\windows\Tasks\Microsoft_Hardware_Launch_IType_exe.job
- c:\program files\Microsoft IntelliType Pro\itype.exe [2006-11-22 01:08]

2010-08-04 c:\windows\Tasks\User_Feed_Synchronization-{EF56156B-CCF5-47AD-8756-3497125380BB}.job
- c:\windows\system32\msfeedssync.exe [2010-03-30 04:54]
.
.
------- Supplementary Scan -------
.
mStart Page = hxxp://www.comcast.net/
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
mWindow Title = Windows Internet Explorer provided by Comcast
IE: &D&ownload &with BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: &D&ownload all video with BitComet - c:\program files\BitComet\BitComet.exe/AddVideo.htm
IE: &D&ownload all with BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
.
- - - - ORPHANS REMOVED - - - -

BHO-{201f27d4-3704-41d6-89c1-aa35e39143ed} - (no file)
Toolbar-{3041d03e-fd4b-44e0-b742-2d9b88305f98} - (no file)
WebBrowser-{3041D03E-FD4B-44E0-B742-2D9B88305F98} - (no file)
WebBrowser-{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - (no file)
HKCU-Run-RegistryBooster - c:\program files\Uniblue\RegistryBooster\launcher.exe
Notify-GoToAssist - (no file)

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-03 23:10
Windows 6.0.6000 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid "= "YMP.Media "

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aifc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid "= "YMP.Media "

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aiff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid "= "YMP.Media "

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.au\UserChoice]
@Denied: (2) (LocalSystem)
"Progid "= "YMP.Media "

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.flac\UserChoice]
@Denied: (2) (LocalSystem)
"Progid "= "YMP.Media "

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m3u\UserChoice]
@Denied: (2) (LocalSystem)
"Progid "= "YMP.Media "

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mid\UserChoice]
@Denied: (2) (LocalSystem)
"Progid "= "YMP.Media "

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.midi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid "= "YMP.Media "

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp3\UserChoice]
@Denied: (2) (LocalSystem)
"Progid "= "YMP.Media "

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ogg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid "= "YMP.Media "

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid "= "YMP.Media "

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pls\UserChoice]
@Denied: (2) (LocalSystem)
"Progid "= "YMP.Media "

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.snd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid "= "YMP.Media "

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.spx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid "= "YMP.Media "

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wav\UserChoice]
@Denied: (2) (LocalSystem)
"Progid "= "YMP.Media "

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wma\UserChoice]
@Denied: (2) (LocalSystem)
"Progid "= "YMP.Media "

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial "=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial "=dword:00000000
"MSCurrentCountry "=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial "=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial "=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'Explorer.exe'(11212)
c:\windows\TEMP\logishrd\LVPrcInj01.dll
c:\windows\system32\btncopy.dll
c:\program files\Roxio\Drag-to-Disc\Shellex.dll
c:\windows\system32\DLAAPI_W.DLL
c:\program files\Roxio\Drag-to-Disc\ShellRes.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\WLANExt.exe
c:\program files\Google\Update\1.2.183.29\GoogleCrashHandler.exe
c:\program files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
c:\windows\system32\CTsvcCDA.exe
c:\program files\Intel\Wireless\Bin\EvtEng.exe
c:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
c:\progra~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
c:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
c:\progra~1\McAfee\VIRUSS~1\mcshield.exe
c:\program files\McAfee\MPF\MPFSrv.exe
c:\program files\Intel\Wireless\Bin\RegSrvc.exe
c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Comcast\Desktop Doctor\bin\sprtsvc.exe
c:\program files\Dell Support Center\bin\sprtsvc.exe
c:\windows\system32\STacSV.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\windows\system32\DRIVERS\xaudio.exe
c:\progra~1\McAfee\MSC\mcmscsvc.exe
c:\progra~1\mcafee.com\agent\mcagent.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\progra~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\windows\servicing\TrustedInstaller.exe
.
**************************************************************************
.
Completion time: 2010-08-03 23:20:14 - machine was rebooted
ComboFix-quarantined-files.txt 2010-08-04 03:20

Pre-Run: 84,815,876,096 bytes free
Post-Run: 91,365,789,696 bytes free

- - End Of File - - 22E32A4815F208D203CECA60CA63BB34

broni · 2010/08/03

You forgot MBRCheck...

kgand · 2010/08/04

I'm so sorry

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows Vista Home Premium Edition
Windows Information: (build 6000), 32-bit
Base Board Manufacturer: Dell Inc.
BIOS Manufacturer: Dell Inc.
System Manufacturer: Dell Inc.
System Product Name: Inspiron 1520
Logical Drives Mask: 0x0000001c

Kernel Drivers (total 183):
0x82000000 \SystemRoot\system32\ntkrnlpa.exe
0x823A1000 \SystemRoot\system32\hal.dll
0x802C6000 \SystemRoot\system32\kdcom.dll
0x80266000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x8025D000 \SystemRoot\system32\PSHED.dll
0x80255000 \SystemRoot\system32\BOOTVID.dll
0x8021A000 \SystemRoot\system32\CLFS.SYS
0x8051F000 \SystemRoot\system32\CI.dll
0x804A4000 \SystemRoot\system32\drivers\Wdf01000.sys
0x8020D000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x80461000 \SystemRoot\system32\drivers\acpi.sys
0x80204000 \SystemRoot\system32\drivers\WMILIB.SYS
0x80459000 \SystemRoot\system32\drivers\msisadrv.sys
0x80434000 \SystemRoot\system32\drivers\pci.sys
0x80425000 \SystemRoot\system32\drivers\volmgr.sys
0x80201000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x8041B000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x8040B000 \SystemRoot\System32\drivers\mountmgr.sys
0x80404000 \SystemRoot\system32\DRIVERS\intelide.sys
0x807F2000 \SystemRoot\system32\DRIVERS\PCIIDEX.SYS
0x807EB000 \SystemRoot\system32\drivers\pciide.sys
0x807A1000 \SystemRoot\System32\drivers\volmgrx.sys
0x80701000 \SystemRoot\system32\drivers\iastorv.sys
0x80643000 \SystemRoot\system32\drivers\iastor.sys
0x8063B000 \SystemRoot\system32\drivers\atapi.sys
0x8061D000 \SystemRoot\system32\drivers\ataport.SYS
0x87FCF000 \SystemRoot\system32\drivers\fltmgr.sys
0x8060D000 \SystemRoot\system32\drivers\fileinfo.sys
0x87FB9000 \SystemRoot\System32\Drivers\DRVMCDB.SYS
0x80604000 \SystemRoot\System32\Drivers\PxHelp20.sys
0x87EB5000 \SystemRoot\system32\drivers\ndis.sys
0x87E8A000 \SystemRoot\system32\drivers\msrpc.sys
0x87E51000 \SystemRoot\system32\drivers\NETIO.SYS
0x880F8000 \SystemRoot\System32\Drivers\Ntfs.sys
0x8808E000 \SystemRoot\System32\Drivers\ksecdd.sys
0x87E1B000 \SystemRoot\system32\drivers\volsnap.sys
0x87E13000 \SystemRoot\System32\Drivers\spldr.sys
0x87E04000 \SystemRoot\System32\drivers\partmgr.sys
0x8807F000 \SystemRoot\System32\Drivers\mup.sys
0x8805A000 \SystemRoot\System32\drivers\ecache.sys
0x88049000 \SystemRoot\system32\drivers\disk.sys
0x88028000 \SystemRoot\system32\drivers\CLASSPNP.SYS
0x8801F000 \SystemRoot\system32\drivers\crcdisk.sys
0x8CB3C000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x89291000 \SystemRoot\system32\DRIVERS\tunmp.sys
0x8C22C000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x8E737000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys
0x8DF13000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x8DACA000 \SystemRoot\System32\drivers\watchdog.sys
0x8D550000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0x8DE30000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x8C23A000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x8C31F000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x8E50E000 \SystemRoot\system32\DRIVERS\NETw4v32.sys
0x88FE0000 \SystemRoot\system32\DRIVERS\bcm4sbxp.sys
0x88FB0000 \SystemRoot\system32\DRIVERS\ohci1394.sys
0x8C248000 \SystemRoot\system32\DRIVERS\1394BUS.SYS
0x8D312000 \SystemRoot\system32\DRIVERS\sdbus.sys
0x8C256000 \SystemRoot\system32\DRIVERS\rimmptsk.sys
0x8D53C000 \SystemRoot\system32\DRIVERS\rimsptsk.sys
0x8DEC2000 \SystemRoot\system32\DRIVERS\rixdptsk.sys
0x8DA21000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x8DE05000 \SystemRoot\system32\DRIVERS\SynTP.sys
0x8E045000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x8D55B000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x8D566000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x8E2F1000 \SystemRoot\System32\Drivers\DLACDBHM.SYS
0x8DA98000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x8E3CC000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x892A3000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x8E105000 \SystemRoot\system32\DRIVERS\msiscsi.sys
0x8E081000 \SystemRoot\system32\DRIVERS\storport.sys
0x8D571000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x89340000 \SystemRoot\System32\Drivers\RootMdm.sys
0x8DAE4000 \SystemRoot\system32\drivers\modem.sys
0x8E010000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x8D57C000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x8E05E000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x8CA97000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x8DC4D000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x8D24F000 \SystemRoot\system32\DRIVERS\RimSerial.sys
0x8CAA6000 \SystemRoot\system32\DRIVERS\termdd.sys
0x8E2FB000 \SystemRoot\system32\DRIVERS\swenum.sys
0x8E1EC000 \SystemRoot\system32\DRIVERS\ks.sys
0x8DD9C000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x8DAF1000 \SystemRoot\system32\DRIVERS\umbus.sys
0x8E496000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x88FD0000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x8D671000 \SystemRoot\system32\drivers\stwrt.sys
0x8D644000 \SystemRoot\system32\drivers\portcls.sys
0x8D61F000 \SystemRoot\system32\drivers\drmk.sys
0x8D7AD000 \SystemRoot\system32\DRIVERS\HSXHWAZL.sys
0x8EEFD000 \SystemRoot\system32\DRIVERS\HSX_DPV.sys
0x8DB86000 \SystemRoot\system32\DRIVERS\HSX_CNXT.sys
0x89252000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0x88E01000 \SystemRoot\System32\Drivers\Null.SYS
0x8D210000 \SystemRoot\System32\Drivers\Beep.SYS
0x8E28B000 \SystemRoot\System32\Drivers\DLARTL_M.SYS
0x8D217000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x8DCB8000 \SystemRoot\System32\drivers\vga.sys
0x8D2B9000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x89360000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x89368000 \SystemRoot\system32\drivers\rdpencdd.sys
0x8D5A8000 \SystemRoot\System32\Drivers\Msfs.SYS
0x8C2D4000 \SystemRoot\System32\Drivers\Npfs.SYS
0x89264000 \SystemRoot\System32\DRIVERS\rasacd.sys
0x8D35D000 \SystemRoot\System32\drivers\tcpip.sys
0x8D2A0000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x8D334000 \SystemRoot\System32\Drivers\Mpfp.sys
0x8D2E5000 \SystemRoot\system32\DRIVERS\tdx.sys
0x8D50E000 \SystemRoot\system32\DRIVERS\ipfltdrv.sys
0x8D4E3000 \SystemRoot\system32\DRIVERS\smb.sys
0x8D737000 \SystemRoot\system32\drivers\afd.sys
0x8D705000 \SystemRoot\System32\DRIVERS\netbt.sys
0x8D4BB000 \SystemRoot\system32\DRIVERS\pacer.sys
0x88E5E000 \SystemRoot\system32\DRIVERS\netbios.sys
0x8D7ED000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x8E21D000 \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
0x8E297000 \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
0x8E41B000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x8DDC4000 \SystemRoot\system32\drivers\nsiproxy.sys
0x8E4DB000 \SystemRoot\system32\drivers\mfehidk.sys
0x8DE7F000 \SystemRoot\System32\Drivers\dfsc.sys
0x8DD0C000 \SystemRoot\System32\Drivers\BTHUSB.sys
0x8F10A000 \SystemRoot\System32\Drivers\bthport.sys
0x8C331000 \SystemRoot\system32\DRIVERS\rfcomm.sys
0x8DDD8000 \SystemRoot\system32\DRIVERS\BthEnum.sys
0x8CF88000 \SystemRoot\system32\DRIVERS\bthpan.sys
0x8C264000 \SystemRoot\system32\DRIVERS\bthmodem.sys
0x8CEB1000 \SystemRoot\system32\drivers\btwavdt.sys
0x8CE36000 \SystemRoot\system32\drivers\btwaudio.sys
0x8CA28000 \SystemRoot\system32\DRIVERS\btwrchid.sys
0x88FA0000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x892AC000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x892B5000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0x89380000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x994AE000 \SystemRoot\System32\Drivers\crashdmp.sys
0x8C342000 \SystemRoot\System32\Drivers\dump_iaStor.sys
0xA2200000 \SystemRoot\System32\win32k.sys
0x98D90000 \SystemRoot\System32\drivers\Dxapi.sys
0x8CA6A000 \SystemRoot\system32\DRIVERS\monitor.sys
0xA5400000 \SystemRoot\System32\TSDDD.dll
0xA5410000 \SystemRoot\System32\ATMFD.DLL
0xA5460000 \SystemRoot\System32\cdd.dll
0x8D6EA000 \SystemRoot\system32\drivers\luafv.sys
0x9932F000 \SystemRoot\System32\Drivers\DRVNDDM.SYS
0x8E0DC000 \SystemRoot\System32\DLA\DLADResM.SYS
0x8D795000 \SystemRoot\System32\DLA\DLAIFS_M.SYS
0x9C1E7000 \SystemRoot\System32\DLA\DLAOPIOM.SYS
0x9BEA3000 \SystemRoot\System32\DLA\DLAPoolM.SYS
0x97B61000 \SystemRoot\System32\DLA\DLABMFSM.SYS
0x97B68000 \SystemRoot\System32\DLA\DLABOIOM.SYS
0x8D4F8000 \SystemRoot\System32\DLA\DLAUDFAM.SYS
0x8DA59000 \SystemRoot\System32\DLA\DLAUDF_M.SYS
0x9BA84000 \SystemRoot\system32\drivers\spsys.sys
0x9B912000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x8DE97000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x98D9A000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x8CF18000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x9BA1B000 \SystemRoot\system32\drivers\HTTP.sys
0x8E325000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x8E402000 \SystemRoot\system32\DRIVERS\bowser.sys
0x8E0C3000 \SystemRoot\System32\drivers\mpsdrv.sys
0x8EE21000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x8F147000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x8CFA2000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x978FA000 \SystemRoot\System32\DRIVERS\srv2.sys
0x98EE2000 \SystemRoot\System32\DRIVERS\srv.sys
0x8EE53000 \SystemRoot\system32\DRIVERS\dsunidrv.sys
0x9D4A0000 \SystemRoot\system32\DRIVERS\mdmxsdk.sys
0x9FEB2000 \SystemRoot\system32\drivers\peauth.sys
0x8DD6A000 \SystemRoot\System32\Drivers\secdrv.SYS
0x99345000 \SystemRoot\System32\drivers\tcpipreg.sys
0x9835C000 \SystemRoot\system32\DRIVERS\xaudio.sys
0x9C1E2000 \SystemRoot\system32\DRIVERS\LVPr2Mon.sys
0x9FFEB000 \SystemRoot\system32\drivers\mfebopk.sys
0x8E047000 \SystemRoot\system32\drivers\mfeavfk.sys
0x8E2C7000 \??\C:\Users\gspot023\AppData\Local\Temp\mbr.sys
0x8EEE7000 \SystemRoot\system32\DRIVERS\cdfs.sys
0x982AC000 \??\C:\ComboFix\catchme.sys
0x8E2F5000 \??\C:\Windows\system32\Drivers\PROCEXP113.SYS
0x9881A000 \SystemRoot\System32\Drivers\fastfat.SYS
0x77680000 \Windows\System32\ntdll.dll

Processes (total 72):
0 System Idle Process
4 System
412 C:\Windows\System32\smss.exe
476 csrss.exe
516 C:\Windows\System32\wininit.exe
536 csrss.exe
568 C:\Windows\System32\services.exe
584 C:\Windows\System32\lsass.exe
592 C:\Windows\System32\lsm.exe
720 C:\Windows\System32\svchost.exe
804 C:\Windows\System32\svchost.exe
884 C:\Windows\System32\svchost.exe
908 C:\Windows\System32\svchost.exe
928 C:\Windows\System32\svchost.exe
996 C:\Windows\System32\winlogon.exe
1056 C:\Windows\System32\audiodg.exe
1080 C:\Windows\System32\svchost.exe
1096 C:\Windows\System32\SLsvc.exe
1124 C:\Windows\System32\svchost.exe
1252 C:\Windows\System32\svchost.exe
1496 C:\Windows\System32\wlanext.exe
1588 C:\Windows\System32\spoolsv.exe
1664 C:\Windows\System32\svchost.exe
1864 C:\Windows\System32\dwm.exe
1884 C:\Windows\System32\taskeng.exe
288 C:\Windows\System32\taskeng.exe
344 C:\Program Files\Google\Update\GoogleUpdate.exe
464 C:\Program Files\Google\Update\1.2.183.29\GoogleCrashHandler.exe
624 C:\Windows\System32\AEstSrv.exe
972 C:\Windows\System32\svchost.exe
1360 C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
1120 C:\Windows\System32\CTSVCCDA.EXE
1936 C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
2212 C:\Windows\System32\svchost.exe
2228 C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
2244 C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
2276 C:\Program Files\Common Files\McAfee\McProxy\McProxy.exe
2300 C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
2332 C:\Program Files\McAfee\VirusScan\Mcshield.exe
2408 C:\Program Files\McAfee\MPF\MpfSrv.exe
2488 C:\Windows\System32\svchost.exe
2524 C:\Windows\System32\svchost.exe
2536 C:\Windows\System32\svchost.exe
2552 C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
2580 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
2760 C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
2808 C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
2824 C:\Program Files\Dell Support Center\bin\sprtsvc.exe
2840 C:\Windows\System32\stacsv.exe
2948 C:\Windows\System32\svchost.exe
3024 C:\Windows\System32\svchost.exe
3044 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
3088 C:\Windows\System32\SearchIndexer.exe
3212 C:\Windows\System32\drivers\XAudio.exe
3612 C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
2132 C:\PROGRA~1\McAfee.com\Agent\mcagent.exe
3168 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
6004 C:\PROGRA~1\COMMON~1\McAfee\MNA\McNASvc.exe
11212 C:\Windows\explorer.exe
13088 C:\Program Files\Internet Explorer\iexplore.exe
13236 C:\Program Files\Internet Explorer\iexplore.exe
13852 C:\Windows\System32\Macromed\Flash\FlashUtil10b.exe
14856 C:\Program Files\Internet Explorer\iexplore.exe
15656 C:\Program Files\Internet Explorer\iexplore.exe
7988 C:\Program Files\Internet Explorer\iexplore.exe
12624 C:\Program Files\Internet Explorer\iexplore.exe
14868 C:\Program Files\Internet Explorer\iexplore.exe
15272 C:\Windows\System32\SearchProtocolHost.exe
16204 C:\Windows\System32\SearchFilterHost.exe
15548 dllhost.exe
16068 dllhost.exe
15828 C:\Users\gspot023\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XZ5PMB7Q\MBRCheck[1].exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000002`84f00000 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000000`04f00000 (NTFS)

PhysicalDrive0 Model Number: SAMSUNGHM160HI, Rev: HH100-10

Size Device Name MBR Status
--------------------------------------------
149 GB \\.\PhysicalDrive0 Windows Vista MBR code detected
SHA1: 8DF43F2BDE2D9451948FA14B5279969C777A7979

Done!

broni · 2010/08/04

I strongly suggest, you uninstall Uniblue Registry Mechanic, if you don't want to run into more problems.

How is computer doing at the moment? Still freezing?

Uninstall Combofix:
Go Start > Run [Vista users, go Start> "Start search"]
Type in:
Combofix /Uninstall
Note the space between the "Combofix" and the "/Uninstall "
Click OK (Vista users - press Enter).
Restart computer.

==============================================================

Download OTL to your Desktop.

* Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
* Under the Custom Scan box paste this in:

netsvcs
drivers32 /all
%SYSTEMDRIVE%\*.*
%systemroot%\system32\Spool\prtprocs\w32x86\*.dll
%systemroot%\system32\*.wt
%systemroot%\system32\*.ruy
%systemroot%\Fonts\*.com
%systemroot%\Fonts\*.dll
%systemroot%\system32\spool\prtprocs\w32x86\*.tmp
%systemroot%\*. /mp /s
/md5start
/md5stop
CREATERESTOREPOINT
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\user32.dll /md5
%systemroot%\system32\ws2_32.dll /md5
%systemroot%\system32\ws2help.dll /md5
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs

* Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.

Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.

kgand · 2010/08/05

Ok, uninstalled, I apparently had more than one cleaner.

It is still freezing, often in a 'thinking' mode. If I run the superantispyware in safe mode it cleans helps though.

kgand · 2010/08/05

extra log

OTL Extras logfile created on: 8/5/2010 10:09:33 AM - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\gspot023\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 61.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 75.00% Paging File free
Paging file location(s): ?:\pagefile.sys

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 136.47 Gb Total Space | 83.31 Gb Free Space | 61.05% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 5.76 Gb Free Space | 57.63% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: GSPOT023-PC
Current User Name: gspot023
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1 "
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{5D44D85B-BD10-418E-A907-1A6EDB85086D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{60143A72-3B04-49AF-95E0-E66A098BC437}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{D415BD5B-E548-4CA0-BEBA-A38479B7B9FA}" = lport=2869 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{132032D5-0315-4C4B-B1DF-6D96FB0BF5B7}" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"{1F1B0046-01F1-41CE-ACDD-243B11D59B55}" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"{2931A02F-8383-48BA-9D6D-D279DBF39D56}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dms\clmsservice.exe |
"{2E62200E-9BC8-4B69-92A7-F347B2C13551}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{32ED9061-001C-4B05-8EF1-61E0AAED22CB}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{3914F121-EB3E-4998-8BBF-3DC42D903857}" = dir=in | app=c:\program files\myspace\im\myspaceim.exe |
"{3AF1D0EB-F529-423B-9DA8-8C7E062DE369}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{3F03CB93-F072-4C69-A536-828BEE3EF329}" = protocol=6 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{593A4D3A-E486-4F25-AE57-E45D44FF482B}" = protocol=6 | dir=in | app=c:\program files\yahoo!\yahoo! music jukebox\yahoomusicengine.exe |
"{5AA5A380-18D2-47BC-8927-48C42A7AC364}" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"{5AB23895-54F0-4C8E-B7DA-77FDCDA70D85}" = protocol=17 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{5ACFBBF5-12DE-4C60-B236-ADE7C8129919}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yserver.exe |
"{6232D3E5-3437-4D2A-81EB-5085208838A3}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yserver.exe |
"{671B5906-5DA5-4A4A-8A3A-E87DE26BB914}" = protocol=6 | dir=in | app=c:\program files\dogpile toolbar\toolbarupdate.exe |
"{75A99EFA-1A95-48E4-B608-AA9CB544B915}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dmp\clbrowserengine.exe |
"{90B7ED1A-474A-4D3D-868F-FA3278B06A51}" = dir=in | app=c:\program files\dell\mediadirect\pcmservice.exe |
"{A33DBD4B-124B-4985-8BE3-8EBBEF045B62}" = dir=in | app=c:\program files\dell\mediadirect\powercinema.exe |
"{AD63530B-7E55-4DE6-8C3B-E035AD26BB31}" = dir=in | app=c:\program files\common files\mcafee\mna\mcnasvc.exe |
"{BC5299D4-E8AF-4F07-8144-D49981CE7560}" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"{DA31DD4A-56F2-4262-8FBB-777DD37338BF}" = protocol=6 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{DCF744A3-1906-4750-A666-0411120B4968}" = protocol=17 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{EDA79DFF-408D-4DFA-9BCB-FBFB858C2BC2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{EF091C48-B8E9-48B6-B785-9733FBE91A7F}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{F4B418B1-F5DC-4A61-9F24-77C61611FAA1}" = protocol=17 | dir=in | app=c:\program files\dogpile toolbar\troubleshooter.exe |
"{F7CC984A-FFC0-489C-AC62-CBFB38CDB172}" = protocol=6 | dir=in | app=c:\program files\dogpile toolbar\troubleshooter.exe |
"{FACC529F-1B97-42AB-84DD-AE272939026E}" = protocol=17 | dir=in | app=c:\program files\dogpile toolbar\toolbarupdate.exe |
"{FC60B3C9-4CAD-4557-827C-5D2D5E14BE9A}" = protocol=17 | dir=in | app=c:\program files\yahoo!\yahoo! music jukebox\yahoomusicengine.exe |
"TCP Query User{C3E5E0C0-0CAC-4435-991D-1612FEB08BC3}C:\program files\bitcomet\bitcomet.exe" = protocol=6 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"TCP Query User{CB7C4E16-246E-4A03-90D9-714F994D03CA}C:\program files\bitcomet\bitcomet.exe" = protocol=6 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"TCP Query User{EEBEC0E4-6C29-4F2E-B972-C18FD5BD145B}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{F2B408DE-B690-49D9-916B-D53A0E0CAEEA}C:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe" = protocol=6 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"UDP Query User{3F0B833F-B03A-4D1E-9307-C1ABA3925016}C:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe" = protocol=17 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"UDP Query User{9F8B467B-A45F-4EE2-B3BB-05360646CC4A}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{CCA9D7F3-F9B9-415B-9396-2B94181E06E8}C:\program files\bitcomet\bitcomet.exe" = protocol=17 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"UDP Query User{EAC79CE5-B0CA-4348-93C3-FFCC5210B337}C:\program files\bitcomet\bitcomet.exe" = protocol=17 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{0D2E9DCB-9938-475E-B4DD-8851738852FF}" = AIO_Scan
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{0E4BC542-9CFD-4E97-B586-9F1E5516E7B9}" = Microsoft IntelliPoint 6.1
"{0F756CD9-4A1E-409B-B101-601DDC4C03AA}" = QualxServ Service Agreement
"{0F95AA42-0FF6-4D48-9CA1-64C8D0777500}" = QuickSet
"{139E303E-1050-497F-98B1-9AE87B15C463}" = Windows Live Family Safety
"{13BA7B44-B712-4DEE-A7B8-1DD564F37AE5}" = Dell System Customization Wizard
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{1746EA69-DCB6-4408-B5A5-E75F55439CDF}" = Scan
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}" = Google Earth
"{1D601240-1E3C-11DE-8C30-0800200C9A66}" = Walmart Photo Manager
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{24557DC0-0839-496f-82F9-C4EB72EFE4FA}" = HP Deskjet All-In-One Software 8.0
"{2C6C74C2-042F-4D36-B7B0-0C538FCF01AB}" = Dell DataSafe Online
"{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}" = Roxio Drag-to-Disc
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
"{341201D4-4F61-4ADB-987E-9CCE4D83A58D}" = Windows Live Toolbar Extension (Windows Live Toolbar)
"{3560CE5A-C4EF-4DB0-9ECC-BA035FE309C5}" = MSN Toolbar
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module
"{38921865-6DE2-46CC-8818-4A616657F510}" = BlackBerry Device Software v4.3.0 for the BlackBerry 8120 smartphone
"{3AF8FCCD-F51A-4014-9002-F195E1CBC876}" = Logitech QuickCam
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3D5044A5-97B8-45C0-B956-BB2376569188}" = Windows Live Movie Maker
"{3E25E350-949F-4DB7-8288-2A60E018B4C1}" = Games, Music, & Photos Launcher
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{53735ECE-E461-4FD0-B742-23A352436D3A}" = Logitech Updater
"{53C6D09E-EAB6-49E5-BA4C-BA7FF13830FB}" = Sound Blaster Audigy ADVANCED MB
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}" = User's Guides
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{62230596-37E5-4618-A329-0D21F529A86F}" = Browser Address Error Redirector
"{63DB9CCD-2B56-4217-9A3D-507AC78320CA}" = mWMI
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{657F8B33-CBBB-45F4-9087-274F22C89400}" = DJ_AIO_ProductContext
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{67D3F1A0-A1F2-49b7-B9EE-011277B170CD}" = HPProductAssistant
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{6D8D64BE-F500-55B6-705D-DFD08AFE0624}" = Acrobat.com
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7745B7A9-F323-4BB9-9811-01BF57A028DA}" = Map Button (Windows Live Toolbar)
"{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}" = Windows Live Favorites for Windows Live Toolbar
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7DDEABFB-0621-4321-B385-CB86D3A6F90F}" = F4100
"{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}" = DellSupport
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}" = Roxio Creator BDAV Plugin
"{89CEAE14-DD0F-448E-9554-15781EC9DB24}" = Product Documentation Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{8C6027FD-53DC-446D-BB75-CACD7028A134}" = HP Update
"{8C6BB412-D3A8-4AAE-A01B-35B681789D68}" = mHelp
"{900A92BA-19EF-4A34-86CF-7B6C85BDD971}" = VC_MergeModuleToMSI
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90850409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{91120000-0014-0000-0000-0000000FF1CE}" = Microsoft Office Professional 2007
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0122-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{95D08F4E-DFC2-4ce3-ACB7-8C8E206217E9}" = MarketResearch
"{978C25EE-5777-46e4-8988-732C297CBDBD}" = Status
"{995F1E2E-F542-4310-8E1D-9926F5A279B3}" = Windows Live Toolbar
"{9B1FD9CE-0776-4f0b-A6F5-C6AB7B650CDF}" = Destinations
"{9BDEF074-020E-458D-ADC5-8FF68E0C9B56}" = OutlookAddinSetup
"{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}" = MediaDirect
"{9ECB4705-B9CB-405A-B6D4-33BDF707308E}" = DJ_AIO_Software
"{A13E07E1-A423-44FB-9DEE-B24C75C1BAF2}" = WIDCOMM Bluetooth Software 6.0.1.3100
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A36CD345-625C-4d6c-B3E2-76E1248CB451}" = SolutionCenter
"{A3B7C670-4A1E-4EE2-950E-C875BC1965D0}" = Copy
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A5C4AD72-25FE-4899-B6DF-6D8DF63C93CF}" = Highlight Viewer (Windows Live Toolbar)
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{ACE22C48-49D7-4531-BE20-5C3D03393AB6}" = F4100_Help
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BCE72AED-3332-4863-9567-C5DCB9052CA2}" = Netflix Movie Viewer
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BE77A81F-B315-4666-9BF3-AE70C0ADB057}" = BufferChm
"{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5
"{BFD96B89-B769-4CD6-B11E-E79FFD46F067}" = QuickTime
"{C178B38F-613A-4EFE-B718-A675BD27A1E1}" = BlackBerry Desktop Software 4.3
"{C716522C-3731-4667-8579-40B098294500}" = Toolbox
"{C73A3AB4-99A4-45E5-B77F-09A3065E0D6A}" = Microsoft IntelliType Pro 6.1
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE
"{C99C0593-3B48-41D9-B42F-6E035B320449}" = Broadcom Management Programs
"{CC514EAE-B42C-42D2-B450-48BF141F551B}" = PDG Gold for NCOs - 2009 Demo
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skypeâ„¢ 4.1
"{D639085F-4B6E-4105-9F37-A0DBB023E2FB}" = Roxio MyDVD DE
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{D87149B3-7A1D-4548-9CBF-032B791E5908}" = Desktop Doctor
"{DC83F417-8068-4074-BA2F-C4F8AB872556}" = DJ_AIO_Software_min
"{E06F04B9-45E6-4AC0-8083-85F7515F40F7}" = UnloadSupport
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential
"{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}" = HPSSupply
"{F084395C-40FB-4DB3-981C-B51E74E1E83D}" = Smart Menus (Windows Live Toolbar)
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F5D7FAB5-A1FD-4DD3-983E-4155B09D7102}" = mCore
"{F63A3748-B93D-4360-9AD4-B064481A5C7B}" = Modem Diagnostic Tool
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{FF075778-6E50-47ed-991D-3B07FD4E3250}" = TrayApp
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Ask Toolbar_is1" = Ask Toolbar
"AudioCatalyst" = AudioCatalyst
"BitComet" = BitComet 1.09
"BlackBerry_{C178B38F-613A-4EFE-B718-A675BD27A1E1}" = BlackBerry Desktop Software 4.3
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F" = Conexant HDA D330 MDC V.92 Modem
"ComcastHSI" = Comcast High-Speed Internet Install Wizard
"ComcastToolbar" = Comcast Toolbar
"Coupon Printer for Windows5.0.0.0" = Coupon Printer for Windows
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"Google Chrome Frame" = Google Chrome Frame
"GoToAssist" = GoToAssist 8.0.0.480
"HP Imaging Device Functions" = HP Imaging Device Functions 8.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 8.0
"HPExtendedCapabilities" = HP Customer Participation Program 8.0
"lvdrivers_11.80" = Logitech QuickCam Driver Package
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MpcStar" = MpcStar 4.1
"MSC" = McAfee SecurityCenter
"MySpaceIM" = MySpaceIM
"NVIDIA Drivers" = NVIDIA Drivers
"Ots CD Scratch 1200" = Ots CD Scratch 1200 1.00.044
"PCDJ Red 5.0" = PCDJ Red 5.0
"ProInst" = Intel(R) PROSet/Wireless Software
"PROR" = Microsoft Office Professional 2007 Trial
"SynTPDeinstKey" = Dell Touchpad
"The Weather Channel Desktop 6" = The Weather Channel Desktop 6
"TomTom HOME" = TomTom HOME
"Upromise TurboSaver" = Upromise TurboSaver (remove only)
"Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions
"WinASO Registry Optimizer 4.5.5_is1" = WinASO Registry Optimizer 4.5.5
"WinLiveSuite_Wave3" = Windows Live Essentials
"XingMP3 Player" = XingMP3 Player

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Move Networks Player - IE" = Move Networks Media Player for Internet Explorer
"Smilebox" = Smilebox

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 10/1/2009 9:15:30 AM | Computer Name = gspot023-PC | Source = Application Error | ID = 1000
Description = Faulting application wltuser.exe, version 14.0.8064.206, time stamp
0x498ce4e2, faulting module wltuser.exe, version 14.0.8064.206, time stamp 0x498ce4e2,
exception code 0xc0000005, fault offset 0x0000ffd9, process id 0x6b28, application
start time 0x01ca429940142520.

Error - 10/1/2009 9:15:36 AM | Computer Name = gspot023-PC | Source = Application Error | ID = 1000
Description = Faulting application wltuser.exe, version 14.0.8064.206, time stamp
0x498ce4e2, faulting module wltuser.exe, version 14.0.8064.206, time stamp 0x498ce4e2,
exception code 0xc0000005, fault offset 0x0000ffd9, process id 0x6ef0, application
start time 0x01ca4299434c6cc0.

Error - 10/1/2009 9:15:41 AM | Computer Name = gspot023-PC | Source = Application Error | ID = 1000
Description = Faulting application wltuser.exe, version 14.0.8064.206, time stamp
0x498ce4e2, faulting module wltuser.exe, version 14.0.8064.206, time stamp 0x498ce4e2,
exception code 0xc0000005, fault offset 0x0000ffd9, process id 0x6ba0, application
start time 0x01ca4299468ec680.

Error - 10/1/2009 9:15:47 AM | Computer Name = gspot023-PC | Source = Application Error | ID = 1000
Description = Faulting application wltuser.exe, version 14.0.8064.206, time stamp
0x498ce4e2, faulting module wltuser.exe, version 14.0.8064.206, time stamp 0x498ce4e2,
exception code 0xc0000005, fault offset 0x0000ffd9, process id 0x5064, application
start time 0x01ca429949f745e0.

Error - 10/1/2009 9:15:52 AM | Computer Name = gspot023-PC | Source = Application Error | ID = 1000
Description = Faulting application wltuser.exe, version 14.0.8064.206, time stamp
0x498ce4e2, faulting module wltuser.exe, version 14.0.8064.206, time stamp 0x498ce4e2,
exception code 0xc0000005, fault offset 0x0000ffd9, process id 0x4190, application
start time 0x01ca42994d2cf570.

Error - 10/1/2009 9:15:58 AM | Computer Name = gspot023-PC | Source = Application Error | ID = 1000
Description = Faulting application wltuser.exe, version 14.0.8064.206, time stamp
0x498ce4e2, faulting module wltuser.exe, version 14.0.8064.206, time stamp 0x498ce4e2,
exception code 0xc0000005, fault offset 0x0000ffd9, process id 0x5018, application
start time 0x01ca429950b4bca0.

Error - 10/1/2009 9:22:18 AM | Computer Name = gspot023-PC | Source = Application Error | ID = 1000
Description = Faulting application wltuser.exe, version 14.0.8064.206, time stamp
0x498ce4e2, faulting module wltuser.exe, version 14.0.8064.206, time stamp 0x498ce4e2,
exception code 0xc0000005, fault offset 0x0000ffd9, process id 0x6228, application
start time 0x01ca429a32d64b30.

Error - 10/1/2009 9:22:24 AM | Computer Name = gspot023-PC | Source = Application Error | ID = 1000
Description = Faulting application wltuser.exe, version 14.0.8064.206, time stamp
0x498ce4e2, faulting module wltuser.exe, version 14.0.8064.206, time stamp 0x498ce4e2,
exception code 0xc0000005, fault offset 0x0000ffd9, process id 0x45b8, application
start time 0x01ca429a365d9d30.

Error - 10/1/2009 9:22:29 AM | Computer Name = gspot023-PC | Source = Application Error | ID = 1000
Description = Faulting application wltuser.exe, version 14.0.8064.206, time stamp
0x498ce4e2, faulting module wltuser.exe, version 14.0.8064.206, time stamp 0x498ce4e2,
exception code 0xc0000005, fault offset 0x0000ffd9, process id 0x3be0, application
start time 0x01ca429a39b79da0.

Error - 10/1/2009 9:22:35 AM | Computer Name = gspot023-PC | Source = Application Error | ID = 1000
Description = Faulting application wltuser.exe, version 14.0.8064.206, time stamp
0x498ce4e2, faulting module wltuser.exe, version 14.0.8064.206, time stamp 0x498ce4e2,
exception code 0xc0000005, fault offset 0x0000ffd9, process id 0x7388, application
start time 0x01ca429a3d04f3e0.

[ Media Center Events ]
Error - 12/19/2007 11:45:02 PM | Computer Name = gspot023-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 7/7/2008 12:19:48 AM | Computer Name = gspot023-PC | Source = Media Center Guide | ID = 0
Description =

Error - 7/7/2008 12:20:05 AM | Computer Name = gspot023-PC | Source = Media Center Guide | ID = 0
Description =

Error - 11/14/2008 5:47:09 PM | Computer Name = gspot023-PC | Source = MCUpdate | ID = 0
Description = Failed to wait on MCUpdate mutex with exception: 'The wait completed
due to an abandoned mutex.'.

Error - 1/2/2009 2:12:54 PM | Computer Name = gspot023-PC | Source = MCUpdate | ID = 0
Description = Failed to wait on MCUpdate mutex with exception: 'The wait completed
due to an abandoned mutex.'.

Error - 4/12/2009 3:29:54 PM | Computer Name = gspot023-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 7/22/2009 3:29:35 PM | Computer Name = gspot023-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 10/7/2009 2:11:28 PM | Computer Name = gspot023-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 10/7/2009 4:07:09 PM | Computer Name = gspot023-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 10/26/2009 8:17:45 AM | Computer Name = gspot023-PC | Source = MCUpdate | ID = 0
Description = Failed to wait on MCUpdate mutex with exception: 'The wait completed
due to an abandoned mutex.'.

[ System Events ]
Error - 8/5/2010 11:12:25 AM | Computer Name = gspot023-PC | Source = iaStor | ID = 262153
Description = The device, \Device\Ide\iaStor0, did not respond within the timeout
period.

Error - 8/5/2010 11:13:27 AM | Computer Name = gspot023-PC | Source = iaStor | ID = 262153
Description = The device, \Device\Ide\iaStor0, did not respond within the timeout
period.

Error - 8/5/2010 11:15:27 AM | Computer Name = gspot023-PC | Source = iaStor | ID = 262153
Description = The device, \Device\Ide\iaStor0, did not respond within the timeout
period.

Error - 8/5/2010 11:16:28 AM | Computer Name = gspot023-PC | Source = iaStor | ID = 262153
Description = The device, \Device\Ide\iaStor0, did not respond within the timeout
period.

Error - 8/5/2010 11:23:28 AM | Computer Name = gspot023-PC | Source = iaStor | ID = 262153
Description = The device, \Device\Ide\iaStor0, did not respond within the timeout
period.

Error - 8/5/2010 11:24:29 AM | Computer Name = gspot023-PC | Source = iaStor | ID = 262153
Description = The device, \Device\Ide\iaStor0, did not respond within the timeout
period.

Error - 8/5/2010 11:25:30 AM | Computer Name = gspot023-PC | Source = iaStor | ID = 262153
Description = The device, \Device\Ide\iaStor0, did not respond within the timeout
period.

Error - 8/5/2010 11:26:31 AM | Computer Name = gspot023-PC | Source = iaStor | ID = 262153
Description = The device, \Device\Ide\iaStor0, did not respond within the timeout
period.

Error - 8/5/2010 11:27:32 AM | Computer Name = gspot023-PC | Source = iaStor | ID = 262153
Description = The device, \Device\Ide\iaStor0, did not respond within the timeout
period.

Error - 8/5/2010 11:29:32 AM | Computer Name = gspot023-PC | Source = iaStor | ID = 262153
Description = The device, \Device\Ide\iaStor0, did not respond within the timeout
period.

< End of report >

Log in or Sign up

Inactive Computer freezing after 15-20 minutes

kgand Inactive Thread Starter

PeteC SuperGeek Staff

kgand Inactive Thread Starter

kgand Inactive Thread Starter

Admin. Administrator Administrator Staff

broni Moderator Malware Analyst

kgand Inactive Thread Starter

kgand Inactive Thread Starter

broni Moderator Malware Analyst

kgand Inactive Thread Starter

broni Moderator Malware Analyst

kgand Inactive Thread Starter

kgand Inactive Thread Starter

broni Moderator Malware Analyst

kgand Inactive Thread Starter

broni Moderator Malware Analyst

kgand Inactive Thread Starter

broni Moderator Malware Analyst

kgand Inactive Thread Starter

kgand Inactive Thread Starter

Share This Page

Log in or Sign up

Inactive Computer freezing after 15-20 minutes

kgand Inactive Thread Starter

PeteC SuperGeek Staff

kgand Inactive Thread Starter

kgand Inactive Thread Starter

Admin. Administrator Administrator Staff

broni Moderator Malware Analyst

kgand Inactive Thread Starter

kgand Inactive Thread Starter

broni Moderator Malware Analyst

kgand Inactive Thread Starter

broni Moderator Malware Analyst

kgand Inactive Thread Starter

kgand Inactive Thread Starter

broni Moderator Malware Analyst

kgand Inactive Thread Starter

broni Moderator Malware Analyst

kgand Inactive Thread Starter

broni Moderator Malware Analyst

kgand Inactive Thread Starter

kgand Inactive Thread Starter

Share This Page

Useful Searches