Application cannot be executed. The file *** is infected.

[Halogengirlie]

It's a personal computer.. I just started the software running in the morning before I left for work,  so that I wouldn't have to come home from work and then wait 2 hours for it to run. 

(Kinda makes it feel like instant gratification when you come home that night and the log is all ready for you)

I'll work on the other items tonight.  Thanks!

[Halogengirlie]

OK few items: 

Bonjour... I've never used it (that I know of) What is it for?

Sonic... I went to read your second link... but it wouldn't work.

HiJack This... I didn't see any of the 3 items you listed... I'll attach the most current log below.

(Will work on Combo Fix next)


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:40:21 PM, on 2/24/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Wave Systems Corp\Common\DataServer.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\NeatReceipts Professional\exec\NeatReceiptsAutoBackup.exe
C:\Program Files\Apoint\Apoint.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\WINDOWS\stsystra.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\docmgr.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe
C:\Program Files\Linksys Wireless-G Print Server\PSDiagnosticM.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Apoint\HidFind.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\NetWaiting\netWaiting.exe
C:\PROGRA~1\DELLSU~1\DSAgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Electronic Arts\EADM\Core.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Wave Systems Corp\Services Manager\Secure Update\AutoUpdate.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Palm\HOTSYNC.EXE
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\NTRU Cryptosystems\NTRU Hybrid TSS v2.0.25\bin\tcsd_win32.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
C:\Program Files\Trend Micro\HijackThis\sniper.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=5070313
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=5070313
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=22028
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [NVHotkey] rundll32.exe nvHotkey.dll,Start
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [Document Manager] C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\docmgr.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] "C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [Samsung PanelMgr] C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe /autorun
O4 - HKLM\..\Run: [PSDiagnosticM] "C:\Program Files\Linksys Wireless-G Print Server\PSDiagnosticM.exe"
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [BlackBerryAutoUpdate] C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe /background
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKCU\..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netWaiting.exe
O4 - HKCU\..\Run: [DellSupport] "C:\PROGRA~1\DELLSU~1\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')
O4 - S-1-5-18 Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: HotSync Manager.lnk = C:\Program Files\Palm\HOTSYNC.EXE (User 'SYSTEM')
O4 - .DEFAULT Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (User 'Default user')
O4 - .DEFAULT Startup: HotSync Manager.lnk = C:\Program Files\Palm\HOTSYNC.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: HotSync Manager.lnk = C:\Program Files\Palm\HOTSYNC.EXE
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart16.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Cisco Systems VPN Client.lnk = C:\Program Files\Cisco Systems\VPN Client\vpngui.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: EMBASSY Trust Suite Secure Update.lnk = C:\Program Files\Wave Systems Corp\Services Manager\Secure Update\AutoUpdate.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/2.9.1.0/GarminAxControl.CAB
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {26B2A5DA-BFD6-422F-A89A-28A54C74B12B} (Photo Upload Plugin Class) - http://www.costcophotocenter.com/upload/activex/v3_0_0_4/PhotoCenter_ActiveX_Control.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www2.snapfish.com/SnapfishActivia.cab
O16 - DPF: {549F957E-2F89-11D6-8CFE-00C04F52B225} (CMV5 Class) - http://coupons.smartsource.com/download/cscmv5X.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1174695347609
O16 - DPF: {6F750203-1362-4815-A476-88533DE61D0C} (Kodak Gallery Easy Upload Manager Class) - http://targetphoto.kodakgallery.com/downloads/BUM/BUM_WIN_IE_2/axofupld.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {A1662FB6-39BE-41BB-ACDC-0448FB1B5817} (Photo Upload Plugin Class) - http://images3.pnimedia.com/ProductAssets/costcous/activex/v3_0_0_5/PhotoCenter_ActiveX_Control.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: DataSvr2 - Wave Systems Corp. - C:\Program Files\Wave Systems Corp\Common\DataServer.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NeatReceipts Auto Backup - Digital Business Processes - C:\Program Files\NeatReceipts Professional\exec\NeatReceiptsAutoBackup.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: NTRU Hybrid TSS v2.0.25 TCS (tcsd_win32.exe) - Unknown owner - C:\Program Files\NTRU Cryptosystems\NTRU Hybrid TSS v2.0.25\bin\tcsd_win32.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE
O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/LELIAG~1/LOCALS~1/Temp/msohtmlclip1/01/clip_image002.jpg

--
End of file - 16581 bytes

[Halogengirlie]

I shut off my windows firewall and my Anti-Virus & closed all windows.

I then ran the Combo Fix.  It notified me that I needed to get a recovery console installed, which I agreed to.  It downloaded it and began to run... a few minutes into the program a blue screen appeared.

It says:

A problem has been detected and Windows has been shut down to prevent damage to your computer

PAGE_FAULT_IN_NONPAGED_AREA

If this is the first time you've seen this Stop error screen, restart your computer. If this screen appears again, follow these steps:

Check to make sure any new hardware or software is properly installed. If this is a new installation, ask your hardware or software manufacturer for any windows updates you might need.

If problems continue, disable or remove any newly installed hardware or software. Disable BIOS memory options such as caching or shadowing. IF you need to use Safe mode to remove or disable components, restart your computer, press F8 to select Advanced Startup Options, and then select safe mode.

Technical Information: 

*** STOP: 0x00000050 (0xBA4012A4, 0x00000008, 0x805417f4, 0x00000000)
*** mbr.sys - Address BA4012A4 base at BA4012A4, DateStamp 000000000

Beginning dump of physical memory
Physical memory dump complete.
Contact your system administrator or technical support group for further assistance.


Not sure what to do next.... I've never seen that message before....  Should I reboot and see if my computer comes up?  OR reboot in safe mode??

[Halogengirlie]

I rebooted... and it came back up...

I think that perhaps this might be a good time to burn my personal files to DVD?

[Halogengirlie]

A few minutes after the reboot this message appeared

Microsoft Windows

Error Signature
BCCode: 1000005   BCP1: BA4012A4   BCP2: 00000008   BCP3: 805417F4
BCP4: 00000000   OSVer: 5_1_2600    SP: 3_0    Product: 256_1

Reporting details:

This error report includes: information regarding the conditionof Microsoft Windos when the problem occured, the operating system version and computer hardware in use, and the Internet Protocol (IP) address of your computer.

WE do not intentionally collect your name, address, email address or any other form of personally identifiable information. HOwever, the error report may contain customer - specific information in the collected data files. While this information coule be used to determine your identity, if present, it will nto be sued.

The data we collect will only be used to fix the problem. If more information is available, we will tell you, when you report the problem. Tis error report will be sent using a secure connection to a database with limited access and will not be used for marketing purposes.

To view technical info click here:

( I Clicked... and.... this is what it showed)

C:DOCUME~1\LELIAG~1\LOCALS~1\Temp\WERa707.dir00\Mini022410-01.dmp
C:DOCUME~1\LELIAG~1\LOCALS~1\Temp\WERa707.dir00\sysdata.xml

(I then reported to Windows and it provided this link)

http://wer.microsoft.com/responses/Response.aspx/685/en-us/5.1.2600.2.00010100.3.0?SGD=2968b530-6834-4de5-96bb-0e3ef1eefdd7

[Halogengirlie]

I attached photos of the error message images (in case I made a typo or something).

[Saving space, attachment deleted by admin]

[SuperDave]

Ok. Let's try this.

Please download and run the below tool named Rkill (courtesy of BleepingComputer.com) which may help allow other programs to run.
Save Rkill to your desktop.

There are 4 different versions. If one of them won't run then download and try to run the other one.
 
Vista and Win7 users need to right click Rkill and choose Run as Administrator
 

You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

Rkill.exe
Rkill.com
Rkill.scr
Rkill.pif

Once you've gotten one of them to run then try to immediately run the following.
 
Now download and Run exeHelper.

Please download exeHelper from Raktor to your desktop.

• Double-click on exeHelper.com to run the fix. A black window should pop up, press any key to close once the fix is completed. A log file named log.txt will be created in the directory where you ran exeHelper.com Attach the log.txt file to your next message.
  
  Note: If the window shows a message that says "Error deleting file", please re-run the program before posting a log - and post the two logs together (they will both be in the one file).
  

[Halogengirlie]

This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.
Ran as Lelia Goehring on 02/25/2010 at 18:04:11.


Processes terminated by Rkill or while it was running:


C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\NTRU Cryptosystems\NTRU Hybrid TSS v2.0.25\bin\tcsd_win32.exe
C:\Documents and Settings\Lelia Goehring\Desktop\rkill.pif


Rkill completed on 02/25/2010  at 18:04:14.

[Halogengirlie]

I ran the rkill then tried the exehelper... and the exehelper gave me an error message. (The above log is from the first rkill). 

I re-downloaded the exehelper... ran the rkill again (it showed only the C:\Documents and Settings\Lelia Goehring\Desktop\rkill.pif  line the second time.. i forgot to save that log.)

I then ran the exehelper again, it worked the second time) and got this log:


exeHelper by Raktor
Build 20091220
Run at 18:08:09 on 02/25/10
Now searching...
Checking for numerical processes...
Checking for sysguard processes...
Checking for bad processes...
Checking for bad files...
Checking for bad registry entries...
Resetting filetype association for .exe
Resetting filetype association for .com
Resetting userinit and shell values...
Resetting policies...
--Finished--

[Halogengirlie]

I also pulled my ESET NOD32 LOGS...  Since I saw it kick up a message...

2/25/2010 6:15:45 PM   
Real-time file system protection   file   
C:\RECYCLER\S-1-5-21-612603234-3240061797-151707943-1005\Dc2.com   
probably a variant of Win32/Agent trojan   
cleaned by deleting - quarantined   
NT AUTHORITY\SYSTEM   
Event occurred on a file modified by the application: C:\WINDOWS\explorer.exe.


2/25/2010 6:03:05 PM   
Real-time file system protection   file   
C:\Documents and Settings\Lelia Goehring\Local Settings\Temporary Internet Files\Content.IE5\PW21Z7SY\exeHelper[1].com   probably a variant of Win32/Agent trojan   
cleaned by deleting (after the next restart) - quarantined   
NT AUTHORITY\SYSTEM   
Event occurred on a new file created by the application: C:\Program Files\Internet Explorer\iexplore.exe.


2/23/2010 5:31:46 AM   
Real-time file system protection   file   
C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP884\A0060016.exe   
Win32/Adware.SpywareProtect2009 application   
cleaned by deleting - quarantined   
NT AUTHORITY\SYSTEM
Event occurred during an attempt to run the file by the application: C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe.


2/23/2010 4:20:11 AM   
Real-time file system protection   file   
C:\Documents and Settings\Lelia Goehring\Local Settings\Application Data\nolcol\vnsnsftav.exe
Win32/Adware.SpywareProtect2009 application   
cleaned by deleting - quarantined   
NT AUTHORITY\SYSTEM   
Event occurred during an attempt to access the file by the application: C:\Documents and Settings\Lelia Goehring\Local Settings\Application Data\nolcol\vnsnsftav.exe.


2/23/2010 3:20:16 AM   
Real-time file system protection   file   
C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP884\A0059734.com   
probably a variant of Win32/Agent trojan   
cleaned by deleting - quarantined   
NT AUTHORITY\SYSTEM   
Event occurred during an attempt to run the file by the application: C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe.


2/23/2010 2:27:40 AM   
Real-time file system protection   file   
C:\Documents and Settings\Lelia Goehring\Desktop\virus\exeHelper.com   
probably a variant of Win32/Agent trojan   
cleaned by deleting - quarantined   
NT AUTHORITY\SYSTEM   
Event occurred during an attempt to run the file by the application: C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe.


2/22/2010 11:09:48 PM   
Real-time file system protection   file   
G:\exeHelper.com   
probably a variant of Win32/Agent trojan   
cleaned by deleting - quarantined   
NT AUTHORITY\SYSTEM   
Event occurred during an attempt to access the file by the application: C:\WINDOWS\Explorer.EXE.


2/22/2010 10:35:58 PM   
Real-time file system protection   file   
E:\exeHelper.com   
probably a variant of Win32/Agent trojan   
cleaned by deleting - quarantined   
NT AUTHORITY\SYSTEM   
Event occurred during an attempt to access the file by the application: C:\WINDOWS\Explorer.EXE.

[Halogengirlie]

A bunch of those notifications were where it didn't like your exehelper... and in order to download it  I would have to disable my anti-virus... once i ran it, I would turn the anti-virus back on.. and it would quarantine the exehelper...

But I didnt know what these were: 

C:\RECYCLER\S-1-5-21-612603234-3240061797-151707943-1005\Dc2.com  (Date: 2/25)

C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP884\A0060016.exe   Win32/Adware.SpywareProtect2009 application   (Date: 2/23)

C:\Documents and Settings\Lelia Goehring\Local Settings\Application Data\nolcol\vnsnsftav.exe   Win32/Adware.SpywareProtect2009 application   (Date: 2/23)

I don't see Adware in my "All Programs" files... so if it's a legit software... I didn't disable it when I tried to run the ComboFix.

Also that file in the nolcol directory... I never found a file there (of course that event is two days old... so it may be gone now).

[Halogengirlie]

Oh... and the error message I got with the exehelper... was not "error deleting a file"... it said that the exehelper was not a valid file... The second time I downloaded it I had no troubles running it.

Thanks again for your help!

[SuperDave]

Let's try this.

Download DDS from HERE or HERE and save it to your desktop.

Vista users right click on dds and select Run as administrator (you will receive a UAC prompt, please allow it)

* XP users Double click on dds to run it.
* If your antivirus or firewall try to block DDS then please allow it to run.
* When finished DDS will open two (2) logs.

1) DDS.txt
2) Attach.txt

* Save both logs to your desktop.
* Please copy and paste the entire contents of both logs in your next reply.

Note: DDS will instruct you to post the Attach.txt log as an attachment.
Please just post it as you would any other log by copy and pasting it into the reply.

[Halogengirlie]

I ran it with my virus protection enabled and it did not try to block it (as far as I can tell).  If you need me to re-run it with my virus protection disabled, please let me know.

DDS (Ver_09-12-01.01) - NTFSx86 
Run by Lelia Goehring at  7:37:04.15 on Fri 02/26/2010
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_18
Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.2046.1327 [GMT -6:00]

AV: ESET NOD32 Antivirus 3.0 *On-access scanning enabled* (Updated)   {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Apoint\Apoint.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\docmgr.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Apoint\HidFind.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
svchost.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe
C:\Program Files\Linksys Wireless-G Print Server\PSDiagnosticM.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Wave Systems Corp\Common\DataServer.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\NetWaiting\netWaiting.exe
C:\PROGRA~1\DELLSU~1\DSAgnt.exe
C:\Program Files\NeatReceipts Professional\exec\NeatReceiptsAutoBackup.exe
C:\Program Files\Electronic Arts\EADM\Core.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Wave Systems Corp\Services Manager\Secure Update\AutoUpdate.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Palm\HOTSYNC.EXE
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\Lelia Goehring\Desktop\dds.pif

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.yahoo.com/
uSearch Bar =
uDefault_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=5070313
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.0.926.3450\swg.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_219B3E1547538286.dll
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\bae\BAE.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: &Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll
EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll
uRun: [ModemOnHold] c:\program files\netwaiting\netWaiting.exe
uRun: [DellSupport] "c:\progra~1\dellsu~1\DSAgnt.exe" /startup
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [EA Core] "c:\program files\electronic arts\eadm\Core.exe" -silent
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
mRun: [Apoint] c:\program files\apoint\Apoint.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /installquiet
mRun: [NVHotkey] rundll32.exe nvHotkey.dll,Start
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [SigmatelSysTrayApp] stsystra.exe
mRun: [Document Manager] c:\program files\wave systems corp\services manager\docmgr\bin\docmgr.exe
mRun: [DVDLauncher] "c:\program files\cyberlink\powerdvd\DVDLauncher.exe"
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [DLA] c:\windows\system32\dla\DLACTRLW.EXE
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [Logitech Hardware Abstraction Layer] "c:\program files\common files\logitech\khalshared\KHALMNPR.EXE"
mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
mRun: [PCSuiteTrayApplication] c:\program files\nokia\nokia pc suite 6\LaunchApplication.exe -startup
mRun: [egui] "c:\program files\eset\eset nod32 antivirus\egui.exe" /hide /waitservice
mRun: [Samsung PanelMgr] c:\windows\samsung\panelmgr\SSMMgr.exe /autorun
mRun: [PSDiagnosticM] "c:\program files\linksys wireless-g print server\PSDiagnosticM.exe"
mRun: [ArcSoft Connection Service] c:\program files\common files\arcsoft\connection service\bin\ACDaemon.exe
mRun: [HPDJ Taskbar Utility] c:\windows\system32\spool\drivers\w32x86\3\hpztsb04.exe
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [BlackBerryAutoUpdate] c:\program files\common files\research in motion\auto update\RIMAutoUpdate.exe /background
mRun: [<NO NAME>]
mRun: [RoxWatchTray] "c:\program files\common files\roxio shared\9.0\sharedcom\RoxWatchTray9.exe"
mRun: [Acrobat Assistant 7.0] "c:\program files\adobe\acrobat 7.0\distillr\Acrotray.exe"
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
dRun: [Nokia.PCSync] c:\program files\nokia\nokia pc suite 6\PcSync2.exe /NoDialog
StartupFolder: c:\docume~1\leliag~1\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\docume~1\leliag~1\startm~1\programs\startup\hotsyn~1.lnk - c:\program files\palm\HOTSYNC.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobea~1.lnk - c:\windows\installer\{ac76ba86-1033-f400-7760-0000003d0002}\SC_Acrobat.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\autoca~1.lnk - c:\program files\common files\autodesk shared\acstart16.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueto~1.lnk - c:\program files\toshiba\bluetooth toshiba stack\TosBtMng1.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\ciscos~1.lnk - c:\program files\cisco systems\vpn client\vpngui.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\embass~1.lnk - c:\program files\wave systems corp\services manager\secure update\AutoUpdate.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\logite~1.lnk - c:\program files\logitech\setpoint\SetPoint.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe
IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office12\REFIEBAR.DLL
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.1.0/GarminAxControl.CAB
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {26B2A5DA-BFD6-422F-A89A-28A54C74B12B} - hxxp://www.costcophotocenter.com/upload/activex/v3_0_0_4/PhotoCenter_ActiveX_Control.cab
DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} - hxxp://www2.snapfish.com/SnapfishActivia.cab
DPF: {549F957E-2F89-11D6-8CFE-00C04F52B225} - hxxp://coupons.smartsource.com/download/cscmv5X.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1174695347609
DPF: {6F750203-1362-4815-A476-88533DE61D0C} - hxxp://targetphoto.kodakgallery.com/downloads/BUM/BUM_WIN_IE_2/axofupld.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {A1662FB6-39BE-41BB-ACDC-0448FB1B5817} - hxxp://images3.pnimedia.com/ProductAssets/costcous/activex/v3_0_0_5/PhotoCenter_ActiveX_Control.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
LSA: Authentication Packages = msv1_0 wvauth

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\leliag~1\applic~1\mozilla\firefox\profiles\ej1vlvan.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut. enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency",   1600);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug",            false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight",       2);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize",       1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight",   25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight",     5);
c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugi n", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

============= SERVICES / DRIVERS ===============

R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2008-7-1 34312]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-2-17 66632]
R2 aawservice;Ad-Aware 2007 Service;c:\program files\lavasoft\ad-aware 2007\aawservice.exe [2008-1-4 607576]
R2 ekrn;Eset Service;c:\program files\eset\eset nod32 antivirus\ekrn.exe [2008-7-1 468224]
R2 LBeepKE;LBeepKE;c:\windows\system32\drivers\LBeepKE.sys [2007-4-7 3712]
R2 NeatReceipts Auto Backup;NeatReceipts Auto Backup;c:\program files\neatreceipts professional\exec\NeatReceiptsAutoBackup.exe [2007-3-16 30320]
R3 lknuhst;Linksys Network USB Host Controller;c:\windows\system32\drivers\lknuhst.sys [2008-8-15 12032]
R3 LKNUHUB;Linksys Network USB Root Hub;c:\windows\system32\drivers\lknuhub.sys [2008-8-15 39424]
S2 SSPORT;SSPORT;\??\c:\windows\system32\drivers\ssport.sys --> c:\windows\system32\drivers\SSPORT.sys [?]
S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245;c:\program files\google\google desktop search\GoogleDesktop.exe [2007-3-12 29744]
S3 GTKCMOS;GTKCMOS;c:\windows\system32\GTKCMOS.sys [2004-6-15 7882]
S3 MSSQL$NR2005;MSSQL$NR2005;c:\program files\microsoft sql server\mssql$nr2005\binn\sqlservr.exe -snr2005 --> c:\program files\microsoft sql server\mssql$nr2005\binn\sqlservr.exe -sNR2005 [?]
S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2010-2-17 12872]
S3 SQLAgent$NR2005;SQLAgent$NR2005;c:\program files\microsoft sql server\mssql$nr2005\binn\sqlagent.exe -i nr2005 --> c:\program files\microsoft sql server\mssql$nr2005\binn\sqlagent.EXE -i NR2005 [?]
S3 vsdatant;vsdatant;c:\windows\system32\vsdatant.sys [2007-3-22 278384]

=============== Created Last 30 ================

2010-02-25 04:17:37   7168   --sha-w-   c:\windows\Thumbs.db
2010-02-25 02:07:21   0   ----a-w-   c:\windows\system32\openglssd.sys
2010-02-25 02:03:26   0   d-sha-r-   C:\cmdcons
2010-02-25 01:59:43   98816   ----a-w-   c:\windows\sed.exe
2010-02-25 01:59:43   77312   ----a-w-   c:\windows\MBR.exe
2010-02-25 01:59:43   261632   ----a-w-   c:\windows\PEV.exe
2010-02-25 01:59:43   161792   ----a-w-   c:\windows\SWREG.exe
2010-02-25 01:59:37   0   d-s---w-   C:\ComboFix
2010-02-23 10:13:08   0   d-----w-   c:\program files\Trend Micro
2010-02-23 09:59:52   0   d-----w-   c:\program files\CCleaner
2010-02-23 04:49:33   0   d-----w-   c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com
2010-02-23 04:49:16   0   d-----w-   c:\program files\SUPERAntiSpyware
2010-02-23 04:49:16   0   d-----w-   c:\docume~1\leliag~1\applic~1\SUPERAntiSpyware.com
2010-02-21 02:45:38   73728   ----a-w-   c:\windows\system32\javacpl.cpl
2010-02-21 02:41:41   411368   ----a-w-   c:\windows\system32\deploytk.dll
2010-02-13 18:59:33   0   d-----w-   c:\docume~1\leliag~1\applic~1\Office Genuine Advantage
2010-02-01 02:42:42   0   d-----w-   c:\program files\common files\Adobe Systems Shared
2010-01-31 22:54:13   0   d-----w-   c:\program files\MyPublisher
2010-01-31 22:54:06   0   d-----w-   c:\docume~1\leliag~1\applic~1\MyPublisher

==================== Find3M  ====================

2010-02-13 15:28:35   62064   ----a-w-   c:\windows\system32\nvModes.dat
2010-01-31 22:54:24   91264   ----a-w-   c:\windows\fonts\MPDorset-Bold.ttf
2010-01-31 22:54:24   38248   ----a-w-   c:\windows\fonts\DeckerI.ttf
2010-01-31 22:54:24   154520   ----a-w-   c:\windows\fonts\MPPeony.ttf
2010-01-31 22:54:24   143044   ----a-w-   c:\windows\fonts\MPPalisade-Bold.ttf
2010-01-31 22:54:24   137400   ----a-w-   c:\windows\fonts\MPPalisade-Regular.ttf
2010-01-31 22:54:24   130944   ----a-w-   c:\windows\fonts\MPBaxter.ttf
2010-01-31 22:54:24   110352   ----a-w-   c:\windows\fonts\MPDorset-Regular.ttf
2010-01-31 22:54:21   38784   ----a-w-   c:\windows\fonts\Decker.ttf
2010-01-07 22:07:14   38224   ----a-w-   c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-07 22:07:04   19160   ----a-w-   c:\windows\system32\drivers\mbam.sys
2010-01-04 00:29:51   0   ----a-w-   c:\windows\system32\drivers\lvuvc.hs
2010-01-04 00:29:49   0   ----a-w-   c:\windows\system32\drivers\logiflt.iad
2009-12-31 16:50:03   353792   ----a-w-   c:\windows\system32\drivers\srv.sys
2009-12-31 16:50:03   353792   ------w-   c:\windows\system32\dllcache\srv.sys
2009-12-21 13:19:18   173056   ------w-   c:\windows\system32\dllcache\ie4uinit.exe
2009-12-16 18:43:27   343040   ----a-w-   c:\windows\system32\mspaint.exe
2009-12-16 18:43:27   343040   ------w-   c:\windows\system32\dllcache\mspaint.exe
2009-12-14 07:08:23   33280   ----a-w-   c:\windows\system32\csrsrv.dll
2009-12-14 07:08:23   33280   ------w-   c:\windows\system32\dllcache\csrsrv.dll
2009-12-09 05:53:44   726528   ----a-w-   c:\windows\system32\dllcache\jscript.dll
2009-12-08 19:27:51   2189184   ------w-   c:\windows\system32\dllcache\ntoskrnl.exe
2009-12-08 19:26:15   2145280   ----a-w-   c:\windows\system32\ntoskrnl.exe
2009-12-08 19:26:15   2145280   ------w-   c:\windows\system32\dllcache\ntkrnlmp.exe
2009-12-08 18:43:51   2023936   ----a-w-   c:\windows\system32\ntkrnlpa.exe
2009-12-08 18:43:51   2023936   ------w-   c:\windows\system32\dllcache\ntkrpamp.exe
2009-12-08 18:43:50   2066048   ------w-   c:\windows\system32\dllcache\ntkrnlpa.exe
2009-12-08 09:23:28   474112   ------w-   c:\windows\system32\dllcache\shlwapi.dll
2009-12-04 18:22:22   455424   ------w-   c:\windows\system32\dllcache\mrxsmb.sys
2009-04-01 05:37:02   32768   --sha-w-   c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012009040120090402\index.dat

============= FINISH:  7:37:25.75 ===============

[Halogengirlie]

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-12-01.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 3/16/2007 7:29:10 PM
System Uptime: 2/25/2010 5:25:39 PM (14 hours ago)

Motherboard: Dell Inc. |  | 0JF242
Processor: Intel(R) Core(TM)2 CPU         T7400  @ 2.16GHz | Microprocessor | 2161/166mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 74 GiB total, 6.824 GiB free.
D: is CDROM ()

==== Disabled Device Manager Items =============

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Cisco Systems VPN Adapter
Device ID: ROOT\NET\0000
Manufacturer: Cisco Systems
Name: Cisco Systems VPN Adapter
PNP Device ID: ROOT\NET\0000
Service: CVirtA

Class GUID: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}
Description: Lelia's Phone
Device ID: ROOT\WPD\0000
Manufacturer: Nokia
Name: Lelia's Phone
PNP Device ID: ROOT\WPD\0000
Service: WUDFRd

==== System Restore Points ===================

RP790: 11/29/2009 4:59:10 PM - System Checkpoint
RP791: 11/30/2009 3:00:17 AM - Software Distribution Service 3.0
RP792: 12/1/2009 3:40:41 AM - System Checkpoint
RP793: 12/2/2009 5:40:42 AM - System Checkpoint
RP794: 12/3/2009 7:40:41 AM - System Checkpoint
RP795: 12/4/2009 4:47:26 PM - System Checkpoint
RP796: 12/5/2009 5:41:47 PM - System Checkpoint
RP797: 12/6/2009 7:40:41 PM - System Checkpoint
RP798: 12/7/2009 11:23:01 PM - System Checkpoint
RP799: 12/8/2009 11:40:41 PM - System Checkpoint
RP800: 12/9/2009 3:00:18 AM - Software Distribution Service 3.0
RP801: 12/10/2009 3:00:18 AM - Software Distribution Service 3.0
RP802: 12/11/2009 3:25:31 AM - System Checkpoint
RP803: 12/12/2009 5:26:36 AM - System Checkpoint
RP804: 12/13/2009 7:25:32 AM - System Checkpoint
RP805: 12/13/2009 1:34:51 PM - Installed BlackBerry Desktop Software 4.7.
RP806: 12/13/2009 1:41:02 PM - Installed Roxio Media Manager
RP807: 12/14/2009 3:00:18 AM - Software Distribution Service 3.0
RP808: 12/15/2009 3:50:51 AM - System Checkpoint
RP809: 12/16/2009 5:50:52 AM - System Checkpoint
RP810: 12/17/2009 7:51:51 AM - System Checkpoint
RP811: 12/18/2009 8:04:13 AM - System Checkpoint
RP812: 12/19/2009 10:29:28 AM - System Checkpoint
RP813: 12/20/2009 11:13:40 AM - System Checkpoint
RP814: 12/21/2009 11:50:50 AM - System Checkpoint
RP815: 12/22/2009 1:15:51 PM - System Checkpoint
RP816: 12/23/2009 5:49:31 PM - System Checkpoint
RP817: 12/24/2009 7:04:49 PM - System Checkpoint
RP818: 12/25/2009 11:36:38 AM - Logitech Webcam Software v12.10.1110
RP819: 12/26/2009 1:04:53 PM - System Checkpoint
RP820: 12/27/2009 1:32:55 PM - System Checkpoint
RP821: 12/28/2009 1:46:54 PM - System Checkpoint
RP822: 12/29/2009 1:48:06 PM - System Checkpoint
RP823: 12/30/2009 3:32:56 PM - System Checkpoint
RP824: 12/31/2009 5:19:01 PM - System Checkpoint
RP825: 1/1/2010 7:09:42 PM - System Checkpoint
RP826: 1/2/2010 9:04:48 PM - System Checkpoint
RP827: 1/3/2010 11:20:12 PM - System Checkpoint
RP828: 1/5/2010 1:16:30 AM - System Checkpoint
RP829: 1/6/2010 3:11:46 AM - System Checkpoint
RP830: 1/7/2010 3:24:24 AM - System Checkpoint
RP831: 1/8/2010 5:11:53 AM - System Checkpoint
RP832: 1/9/2010 12:50:50 PM - System Checkpoint
RP833: 1/10/2010 2:13:29 PM - System Checkpoint
RP834: 1/11/2010 3:15:34 PM - System Checkpoint
RP835: 1/12/2010 5:20:54 PM - System Checkpoint
RP836: 1/13/2010 7:29:01 AM - Software Distribution Service 3.0
RP837: 1/14/2010 3:00:18 AM - Software Distribution Service 3.0
RP838: 1/15/2010 4:05:03 AM - System Checkpoint
RP839: 1/16/2010 4:06:11 AM - System Checkpoint
RP840: 1/17/2010 6:05:08 AM - System Checkpoint
RP841: 1/18/2010 8:09:11 AM - System Checkpoint
RP842: 1/19/2010 3:00:18 AM - Software Distribution Service 3.0
RP843: 1/20/2010 3:57:02 AM - System Checkpoint
RP844: 1/21/2010 5:57:05 AM - System Checkpoint
RP845: 1/22/2010 3:00:16 AM - Software Distribution Service 3.0
RP846: 1/23/2010 3:00:18 AM - Software Distribution Service 3.0
RP847: 1/23/2010 5:54:22 PM - Installed Device Package
RP848: 1/24/2010 11:42:25 PM - System Checkpoint
RP849: 1/26/2010 12:53:15 AM - System Checkpoint
RP850: 1/26/2010 3:00:18 AM - Software Distribution Service 3.0
RP851: 1/27/2010 3:17:38 AM - System Checkpoint
RP852: 1/28/2010 3:00:17 AM - Software Distribution Service 3.0
RP853: 1/29/2010 3:53:31 AM - System Checkpoint
RP854: 1/30/2010 5:53:31 AM - System Checkpoint
RP855: 1/31/2010 6:03:16 AM - System Checkpoint
RP856: 1/31/2010 8:40:45 PM - Installed Adobe Photoshop CS2
RP857: 1/31/2010 9:07:35 PM - Installed Adobe Acrobat 3D
RP858: 2/1/2010 9:21:18 PM - System Checkpoint
RP859: 2/2/2010 10:12:52 PM - System Checkpoint
RP860: 2/4/2010 12:35:02 AM - System Checkpoint
RP861: 2/5/2010 2:03:26 AM - System Checkpoint
RP862: 2/6/2010 2:13:00 AM - System Checkpoint
RP863: 2/7/2010 2:24:37 AM - System Checkpoint
RP864: 2/8/2010 4:03:22 AM - System Checkpoint
RP865: 2/9/2010 6:03:23 AM - System Checkpoint
RP866: 2/10/2010 3:00:35 AM - Software Distribution Service 3.0
RP867: 2/11/2010 3:00:17 AM - Software Distribution Service 3.0
RP868: 2/12/2010 3:52:25 AM - System Checkpoint
RP869: 2/13/2010 12:25:15 AM - Removed Logitech Webcam Software.
RP870: 2/13/2010 12:26:09 AM - Logitech Webcam Software v12.10.1110
RP871: 2/13/2010 12:38:48 AM - Removed Logitech Vid.
RP872: 2/13/2010 1:25:36 AM - Software Distribution Service 3.0
RP873: 2/14/2010 2:29:26 AM - System Checkpoint
RP874: 2/15/2010 4:25:54 AM - System Checkpoint
RP875: 2/16/2010 3:00:22 AM - Software Distribution Service 3.0
RP876: 2/17/2010 4:25:54 AM - System Checkpoint
RP877: 2/18/2010 4:26:05 AM - System Checkpoint
RP878: 2/19/2010 6:25:31 AM - System Checkpoint
RP879: 2/20/2010 6:26:04 AM - System Checkpoint
RP880: 2/20/2010 8:41:10 PM - Installed Java(TM) 6 Update 18
RP881: 2/20/2010 8:44:24 PM - Removed Java(TM) 6 Update 18
RP882: 2/20/2010 8:45:10 PM - Installed Java(TM) 6 Update 18
RP883: 2/21/2010 10:27:09 PM - System Checkpoint
RP884: 2/22/2010 10:49:15 PM - Installed SUPERAntiSpyware Free Edition
RP885: 2/23/2010 11:02:08 PM - System Checkpoint
RP886: 2/24/2010 7:24:06 PM - Software Distribution Service 3.0
RP887: 2/26/2010 7:31:11 AM - Software Distribution Service 3.0

==== Installed Programs ======================

50 Free Elegant Fonts
Ad-Aware 2007
Adobe Acrobat 3D
Adobe Acrobat 3D - English, Français, Deutsch
Adobe Bridge 1.0
Adobe Common File Installer
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Help Center 1.0
Adobe Photoshop CS2
Adobe Reader 8.1.6
Adobe Stock Photos 1.0
ALPS Touch Pad Driver
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcSoft Print Creations
ArcSoft Print Creations - Album Page
ArcSoft Print Creations - Funhouse
ArcSoft Print Creations - Greeting Card
ArcSoft Print Creations - Photo Book
ArcSoft Print Creations - Photo Calendar
ArcSoft Print Creations - Scrapbook
ArcSoft Print Creations - Slimline Card
Autodesk Architectural Desktop 2006
Autodesk Customization Conversion Tools
Autodesk DWF Viewer
biolsp patch
BlackBerry Desktop Software 4.7
Bluetooth Stack for Windows by Toshiba
Bonjour
Broadcom Advanced Control Suite
Broadcom TPM Driver Installer
BUM
CCleaner
Conexant HDA D110 MDC V.92 Modem
Coupon Printer for Windows
Critical Update for Windows Media Player 11 (KB959772)
Dell Embassy Trust Suite by Wave Systems
Dell Support 3.2.1
Dell Wireless WLAN Card
Digital Line Detect
Document Manager Lite
EA Download Manager
EMBASSY Security Center
EMBASSY Trust Suite by Wave Systems
ESET NOD32 Antivirus
ETS Launch Pad
ETS Upgrade
Garmin USB Drivers
Garmin WebUpdater
Google Desktop
Google Toolbar for Internet Explorer
High Definition Audio Driver Package - KB835221
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB932716-v2)
Hotfix for Windows XP (KB945060-v3)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
hp deskjet 930c series (Remove only)
Intellisync Lite
iQue - MapInstall and ContactLocation
iTunes
J2SE Runtime Environment 5.0 Update 6
Java Auto Updater
Java(TM) 6 Update 18
KhalSetup
KODAK EASYSHARE Gallery Easy Upload, v2.1
KODAK EASYSHARE Gallery Upload ActiveX Control
Linksys Wireless-G Print Server
Logitech SetPoint
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB953297)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Halo
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Software Update for Web Folders  (English) 12
Microsoft SQL Server Desktop Engine (NeatReceipts Professional)
Microsoft User-Mode Driver Framework Feature Pack 1.5
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Modem Helper
Mozilla Firefox (3.6)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
MyPublisher
NeatReceipts Professional v2.7.5
NetWaiting
Nokia Connectivity Cable Driver
Nokia PC Suite
NTRU Hybrid TSS v2.0.25
NVIDIA Drivers
OGA Notifier 2.0.0048.0
Palm Desktop for Garmin iQue
PC Connectivity Solution
PE Builder 3.1.10a
PowerDVD 5.7
Preboot Manager
Private Information Manager
QuickSet
QuickTime
Roxio DLA
Roxio Express Labeler
Roxio Media Manager
Roxio RecordNow Audio
Roxio RecordNow Copy
Roxio RecordNow Data
Samsung ML-2850 Series
Secure Update
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB973704)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft Office Excel 2007 (KB973593)
Security Update for Microsoft Office Outlook 2007 (KB972363)
Security Update for Microsoft Office PowerPoint 2007 (KB957789)
Security Update for Microsoft Office Publisher 2007 (KB969693)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB969613)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB969604)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 7 (KB974455)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Media Player 9 (KB917734)
Security Update for Windows Media Player 9 (KB936782)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978706)
Security Wizards
Sonic Update Manager
SPORE™
Stardock MyColors
SUPERAntiSpyware Free Edition
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office InfoPath 2007 (KB976416)
Update for Outlook 2007 Junk Email Filter (kb977719)
Update for Windows Internet Explorer 8 (KB973874)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
upekmsi
URL Assistant
VPN Client
Wave Infrastructure Installer
Wave Support Software
WebCyberCoach 3.2 Dell
WebFldrs XP
Windows Desktop Search 3.01
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (03/08/2007 2.2.1.0)
Windows Driver Package - Nokia (WUDFRd) WPD  (03/19/2007 6.83.31.1)
Windows Driver Package - Nokia Modem  (02/15/2007 3.1)
Windows Driver Package - Nokia Modem  (11/03/2006 6.82.0.1)
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Imaging Component
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
WinZip 11.2

==== Event Viewer Messages From Past Week ========

2/24/2010 8:41:12 PM, error: System Error [1003]  - Error code 10000050, parameter1 ba4012a4, parameter2 00000008, parameter3 805417f4, parameter4 00000000.
2/24/2010 8:04:29 PM, error: Service Control Manager [7034]  - The Dell Wireless WLAN Tray Service service terminated unexpectedly.  It has done this 1 time(s).
2/24/2010 8:00:29 PM, error: WMPNetworkSvc [14344]  - A new media server was not initialized because WMCreateDeviceRegistration() encountered error '0xc00d2711'. The Windows Media DRM components on your computer might be corrupted. Verify that protected files play correctly in Windows Media Player, and then restart the WMPNetworkSvc service.
2/24/2010 7:59:59 PM, error: Service Control Manager [7031]  - The Windows Media Player Network Sharing Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
2/22/2010 11:11:30 PM, error: Service Control Manager [7034]  - The NVIDIA Display Driver Service service terminated unexpectedly.  It has done this 1 time(s).
2/22/2010 11:11:30 PM, error: Service Control Manager [7034]  - The NTRU Hybrid TSS v2.0.25 TCS service terminated unexpectedly.  It has done this 1 time(s).
2/22/2010 11:03:03 PM, error: Service Control Manager [7009]  - Timeout (30000 milliseconds) waiting for the Roxio Hard Drive Watcher 9 service to connect.
2/22/2010 11:03:03 PM, error: Service Control Manager [7009]  - Timeout (30000 milliseconds) waiting for the NeatReceipts Auto Backup service to connect.
2/22/2010 11:03:03 PM, error: Service Control Manager [7000]  - The SSPORT service failed to start due to the following error:  The system cannot find the file specified.
2/22/2010 11:03:03 PM, error: Service Control Manager [7000]  - The NeatReceipts Auto Backup service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
2/22/2010 11:03:03 PM, error: Service Control Manager [7000]  - The DgiVecp service failed to start due to the following error:  The system cannot find the device specified.

==== End Of File ===========================