Corrupted C Drive?

[pogiepnoy]

I was on my computer last week and all of a sudden something popped up saying my drives were all corrupted. My C drive didnt show any program files or folders and i had to manually uncheck the "hidden attritrubes" for most of my folders to show them. I can only run Malwarebytes and Superantispyware if i right click the C drive and click "scan with etc." When i click on any program it says empty folder.  Malwarebytes and superantispyware did not find anything. Please help
 

[Allan]

Please follow the instructions in the post I made here:
http://www.computerhope.com/forum/index.php/topic,120384.msg794758.html#msg794758

[pogiepnoy]

Thank you i will

[SuperDave]

Hello and welcome to Computer Hope Forum. My name is Dave. I will be helping you out with your particular problem on your computer.

1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.
2. The fixes are specific to your problem and should only be used for this issue on this machine.
3. If you don't know or understand something, please don't hesitate to ask.
4. Please DO NOT run any other tools or scans while I am helping you.
5. It is important that you reply to this thread. Do not start a new topic.
6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
7. Absence of symptoms does not mean that everything is clear.

If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line.
*****************************************************

• Please download Unhide by Grinler from here and save it to your desktop.
  
• Double click unhide.exe to run the tool.
  
• It will take some time to go through all your files, so please be patient.
• If this tool doesn´t fix the problem, please let me know.

****************************************************
Download DDS from HERE or HERE and save it to your desktop.

Vista users right click on dds and select Run as administrator (you will receive a UAC prompt, please allow it)

* XP users Double click on dds to run it.
* If your antivirus or firewall try to block DDS then please allow it to run.
* When finished DDS will open two (2) logs.

1) DDS.txt
2) Attach.txt

* Save both logs to your desktop.
* Please copy and paste the entire contents of both logs in your next reply.

Note: DDS will instruct you to post the Attach.txt log as an attachment.
Please just post it as you would any other log by copying and pasting it into the reply.

[pogiepnoy]

Hi Dave,
I did the unhide.exe and it DID bring up the files from the C drive but when i click on start and all programs, the program files still say (empty)
Here are the DDS logs:

.
DDS (Ver_2011-06-12.02) - NTFSx86
Internet Explorer: 7.0.6002.18005  BrowserJavaVersion: 1.6.0_22
Run by Pogiepnoy at 17:43:28 on 2011-06-13
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.1.1033.18.3070.1672 [GMT -5:00]
.
AV: ESET NOD32 Antivirus 4.2 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 4.2 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\SUPERAntiSpyware\SASCore.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=laptop
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=laptop
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=laptop
uInternet Settings,ProxyOverride = <local>;*.local
uURLSearchHooks: H - No File
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - c:\program files\divx\divx plus web player\npdivx32.dll
BHO: DivX HiQ: {593ddec6-7468-4cdd-90e1-42dadaa222e9} - c:\program files\divx\divx plus web player\npdivx32.dll
BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Windows Live Toolbar Helper: {bdbd1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll
BHO: 1 (0x1) - No File
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
TB: Windows Live Toolbar: {bdad1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
mRun: [WAWifiMessage] c:\program files\hewlett-packard\hp wireless assistant\WiFiMsg.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [hpWirelessAssistant] c:\program files\hewlett-packard\hp wireless assistant\HPWAMain.exe
mRun: [egui] "c:\program files\eset\eset nod32 antivirus\egui.exe" /hide /waitservice
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [SynTPStart] c:\program files\synaptics\syntp\SynTPStart.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: &Windows Live Search - c:\program files\windows live toolbar\msntb.dll/search.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {85d1f590-48f4-11d9-9669-0800200c9a66}
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
Trusted Zone: microsoft.com
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{617E9727-9A80-4453-819D-61E542CACF9A} : DhcpNameServer = 192.168.1.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\pogiepnoy\appdata\roaming\mozilla\firefox\profiles\apk0b461.default\
FF - prefs.js: browser.search.selectedEngine - Bing
FF - prefs.js: browser.startup.homepage - hxxp://www.aol.com/
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?pc=Z003&form=ZGAADF&q=
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\users\pogiepnoy\appdata\roaming\move networks\plugins\npqmp071503000010.dll
FF - plugin: c:\users\pogiepnoy\appdata\roaming\move networks\plugins\npqmp071701000002.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox 3.6 beta 4\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\mozilla firefox 3.6 beta 4\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} - c:\program files\mozilla firefox 3.6 beta 4\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\mozilla firefox 3.6 beta 4\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\mozilla firefox 3.6 beta 4\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\mozilla firefox 3.6 beta 4\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Silvermel: [email protected] - %profile%\extensions\[email protected]
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
.
---- FIREFOX POLICIES ----
FF - user.js: network.protocol-handler.warn-external.dnupdate - false
============= SERVICES / DRIVERS ===============
.
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-12-7 64288]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2010-7-29 115008]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67656]
R2 eamonm;eamonm;c:\windows\system32\drivers\eamonm.sys [2010-9-3 137144]
R2 ekrn;ESET Service;c:\program files\eset\eset nod32 antivirus\ekrn.exe [2010-11-4 810144]
R2 epfwwfpr;epfwwfpr;c:\windows\system32\drivers\epfwwfpr.sys [2010-7-29 96920]
R2 SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-5-4 114048]
S3 PACSPTISVR-Sound_Organizer;PACSPTISVR-Sound_Organizer;c:\program files\sony\sound organizer\sony.earth\PACSPTISVR.exe [2010-11-19 157024]
S4 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;"c:\program files\lavasoft\ad-aware\aawservice.exe" --> c:\program files\lavasoft\ad-aware\AAWService.exe [?]
.
=============== Created Last 30 ================
.
2011-06-11 03:24:23   --------   d-----w-   c:\program files\Sony
2011-06-11 01:19:17   --------   d-----w-   c:\programdata\Easy Driver Pro
2011-06-11 00:46:07   --------   d-----w-   c:\program files\Easy Driver Pro
2011-06-08 22:27:07   39984   ----a-w-   c:\windows\system32\drivers\mbamswissarmy.sys
2011-06-08 22:27:03   22712   ----a-w-   c:\windows\system32\drivers\mbam.sys
2011-06-08 03:13:46   6962000   ----a-w-   c:\programdata\microsoft\windows defender\definition updates\{eb0c9422-c1fb-4fed-ae5c-57fc770501d0}\mpengine.dll
2011-06-07 03:03:20   --------   d-----w-   c:\program files\FileASSASSIN
2011-06-05 14:32:44   9200   ------w-   c:\windows\system32\drivers\cdralw2k.sys
2011-06-05 14:32:44   9072   ------w-   c:\windows\system32\drivers\cdr4_xp.sys
2011-06-05 14:32:44   45200   ------w-   c:\windows\system32\drivers\PxHelp20.sys
2011-06-05 14:30:06   --------   d-----w-   c:\programdata\Sony Corporation
2011-05-28 20:25:28   --------   d-----w-   c:\program files\MSSOAP
2011-05-28 20:25:28   --------   d-----w-   c:\program files\common files\MSSoap
2011-05-28 20:20:03   --------   d-----w-   c:\users\pogiepnoy\appdata\roaming\QuickScan
2011-05-28 20:19:44   --------   d-----w-   c:\program files\common files\BitDefender
2011-05-28 20:15:38   150240   ----a-w-   c:\programdata\bdinstall.bin
2011-05-28 00:56:55   --------   d-----w-   c:\program files\iPod
2011-05-28 00:35:02   --------   d-----w-   c:\program files\Bonjour
2011-05-28 00:07:33   404640   ----a-w-   c:\windows\system32\FlashPlayerCPLApp.cpl
2011-05-18 02:49:18   --------   d-----w-   c:\program files\Malwarebytes' Anti-Malware
2011-05-17 03:00:48   --------   d-----w-   c:\program files\common files\PC Tools
2011-05-17 02:59:19   --------   d-----w-   c:\programdata\PC Tools
2011-05-16 23:22:49   --------   d-----w-   c:\users\pogiepnoy\{457e6a42-a1c1-418d-a971-25d69467e6bf}
2011-05-16 23:22:47   --------   d-----w-   c:\users\pogiepnoy\{f79bcab9-a039-4b4a-bd30-63e6ab19564e}
.
==================== Find3M  ====================
.
2011-06-11 02:13:24   17920   ----a-w-   c:\windows\system32\wfapigp.dll
2011-06-11 02:13:23   69120   ----a-w-   c:\windows\system32\vsstrace.dll
2011-05-25 00:14:10   222080   ------w-   c:\windows\system32\MpSigStub.exe
2011-04-06 21:20:16   91424   ----a-w-   c:\windows\system32\dnssd.dll
2011-04-06 21:20:16   197920   ----a-w-   c:\windows\system32\dnssdX.dll
2011-04-06 21:20:16   107808   ----a-w-   c:\windows\system32\dns-sd.exe
.
============= FINISH: 17:43:56.03 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-06-12.02)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 3/11/2008 6:36:49 PM
System Uptime: 6/13/2011 1:58:12 PM (4 hours ago)
.
Motherboard: Quanta |  | 30D2
Processor: Intel(R) Core(TM)2 Duo CPU     T5550  @ 1.83GHz | U2E1 | 1833/667mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 286 GiB total, 67.404 GiB free.
D: is FIXED (NTFS) - 12 GiB total, 1.867 GiB free.
E: is CDROM (CDFS)
.
==== Disabled Device Manager Items =============
.
Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Description: Officejet 6500 E709n
Device ID: ROOT\IMAGE\0000
Manufacturer: Hewlett-Packard
Name: Officejet 6500 E709n
PNP Device ID: ROOT\IMAGE\0000
Service: StillCam
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: Officejet 6500 E709n
Device ID: ROOT\MULTIFUNCTION\0000
Manufacturer: HP
Name: Officejet 6500 E709n
PNP Device ID: ROOT\MULTIFUNCTION\0000
Service:
.
Class GUID: {4d36e979-e325-11ce-bfc1-08002be10318}
Description: Officejet 6500 E709n
Device ID: ROOT\PRINTER\0000
Manufacturer: HP
Name: Officejet 6500 E709n
PNP Device ID: ROOT\PRINTER\0000
Service:
.
==== System Restore Points ===================
.
RP696: 6/10/2011 10:23:58 PM - Installed Sound Organizer.
.
==== Installed Programs ======================
.
.
 Update for Microsoft Office 2007 (KB2508958)
32 Bit HP CIO Components Installer
6500_E709_eDocs
6500_E709_Help
6500_E709n
Activation Assistant for the 2007 Microsoft Office suites
Adobe Flash Player 10 Plugin
Adobe Flash Player ActiveX
Adobe Reader 8.1.6
Adobe Shockwave Player
AIM 7
Apple Application Support
Apple Mobile Device Support
Apple Software Update
BitTorrent
Bonjour
bpd_scan
BPDSoftware
BPDSoftware_Ini
BufferChm
Canon Camera Window DC_DV 6 for ZoomBrowser EX
Canon Camera Window MC 6 for ZoomBrowser EX
Canon G.726 WMP-Decoder
Canon MovieEdit Task for ZoomBrowser EX
Canon RAW Image Task for ZoomBrowser EX
Canon RemoteCapture Task for ZoomBrowser EX
Canon Utilities PhotoStitch
Canon Utilities ZoomBrowser EX
Cards_Calendar_OrderGift_DoMorePlugout
CCleaner
Compatibility Pack for the 2007 Office system
ConvertXtoDVD 2.2.3.258
Coupon Printer for Windows
Cucusoft Ultimate DVD + Video Converter Suite 7.13.7.7
CyberLink YouCam
Destination Component
DeviceDiscovery
Diskeeper 2007 Pro Premier
DivX Setup
DocMgr
DocProc
Download Updater (AOL LLC)
Easy Driver Pro
ESET NOD32 Antivirus
ESET Online Scanner
ESU for Microsoft Vista
Fax
File Recover 7.5
FileASSASSIN
Google Talk (remove only)
GPBaseService2
Handbrake 0.9.4
Hauppauge MCE XP/Vista Software Encoder (2.0.25149)
Hewlett-Packard Active Check for Health Check
Hewlett-Packard Asset Agent for Health Check
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Active Support Library
HP Customer Participation Program 12.0
HP Doc Viewer
HP Document Manager 2.0
HP Easy Setup - Frontend
HP Help and Support
HP Imaging Device Functions 12.0
HP Officejet 6500 E709 Series
HP Photosmart Essential 2.5
HP Quick Launch Buttons 6.30 E1
HP QuickPlay 3.6
HP QuickTouch 1.00 C4
HP Smart Web Printing
HP Solution Center 12.0
HP Total Care Advisor
HP Update
HP User Guides 0087
HP Wireless Assistant
HPNetworkAssistant
HPPhotoSmartDiscLabel_PaperLabel
HPPhotoSmartDiscLabel_PrintOnDisc
HPPhotoSmartDiscLabel_Tattoo
HPPhotoSmartDiscLabelContent1
hpphotosmartdisclabelplugin
HPPhotoSmartPhotobookHolidayPack1
HPPhotoSmartPhotobookModernPack1
HPPhotoSmartPhotobookPlayfulPack1
HPPhotoSmartPhotobookScrapbookPack1
HPPhotoSmartPhotobookWebPack1
HPProductAssistant
HPSSupply
ImagXpress
Intel® Matrix Storage Manager
iTunes
Java Auto Updater
Java(TM) 6 Update 2
Java(TM) 6 Update 22
Juniper Networks Setup Client
Juniper Networks Setup Client Activex Control
LabelPrint
LG USB Modem driver
LightScribe System Software  1.14.17.1
Malwarebytes' Anti-Malware version 1.51.0.1200
MarketResearch
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 3.5 SP1
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SOAP Toolkit 3.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Web Publishing Wizard 1.52
Microsoft Works
Motorola SM56 Data Fax Modem
Move Media Player
Mozilla Firefox (3.6.17)
MSCU for Microsoft Vista
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
muvee autoProducer 6.1
My HP Games
neroxml
Network
NVIDIA Drivers
OCR Software by I.R.I.S. 12.0
OGA Notifier 2.0.0048.0
Power2Go
PowerDirector
ProductContext
PSSWCORE
PVSonyDll
QuickPlay SlingPlayer 0.4.4
QuickTime
Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista
Realtek AC'97 Audio
Realtek High Definition Audio Driver
Rhapsody Player Engine
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01
Scan
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2466156)
Security Update for 2007 Microsoft Office System (KB2509488)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft Office Excel 2007 (KB2464583)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2535818)
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Shop for HP Supplies
Skype™ 4.2
Slingbox Flash Tour
SlingPlayer
SmartWebPrinting
SolutionCenter
Sound Organizer
Status
SUPERAntiSpyware
Synaptics Pointing Device Driver
The Print Shop 23
Toolbox
TrayApp
TurboTax 2009
TurboTax 2009 wiliper
TurboTax 2009 WinPerFedFormset
TurboTax 2009 WinPerReleaseEngine
TurboTax 2009 WinPerTaxSupport
TurboTax 2009 wrapper
UnloadSupport
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
V CAST Music with Rhapsody
VC80CRTRedist - 8.0.50727.4053
VideoToolkit01
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
WeatherBug Gadget
WebReg
Windows Live installer
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Toolbar
Windows Media Player Firefox Plugin
WinRAR archiver
XviD Video Codec 04102002-1 (Koepi's build with EPSZ ME)
Zero Assumption Recovery Version 8.4
.
==== Event Viewer Messages From Past Week ========
.
6/9/2011 7:56:51 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070426: Update for Windows Vista (KB2524375).
6/9/2011 7:54:04 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package KB2524375 (Security Update) into Resolved(Resolved) state
6/9/2011 7:53:55 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070490: Platform Update Supplement for Windows Vista (KB2117917).
6/9/2011 7:53:50 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update 2117917-98_neutral_GDR from package KB2117917(Update) into Staged(Staged) state
6/9/2011 7:53:50 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update 2117917-97_neutral_LDR from package KB2117917(Update) into Staged(Staged) state
6/9/2011 7:53:50 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update 2117917-96_neutral_GDR from package KB2117917(Update) into Staged(Staged) state
6/9/2011 7:53:50 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update 2117917-95_neutral_LDR from package KB2117917(Update) into Staged(Staged) state
6/9/2011 7:53:50 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update 2117917-94_neutral_GDR from package KB2117917(Update) into Staged(Staged) state
6/9/2011 7:53:50 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update 2117917-93_neutral_LDR from package KB2117917(Update) into Staged(Staged) state
6/9/2011 7:53:50 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update 2117917-92_neutral_GDR from package KB2117917(Update) into Staged(Staged) state
6/9/2011 7:53:50 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update 2117917-91_neutral_LDR from package KB2117917(Update) into Staged(Staged) state
6/9/2011 7:53:50 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update 2117917-90_neutral_GDR from package KB2117917(Update) into Staged(Staged) state
6/9/2011 7:53:50 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update 2117917-88_neutral_GDR from package KB2117917(Update) into Staged(Staged) state
6/9/2011 7:53:50 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update 2117917-479_neutral_PACKAGE from package KB2117917(Update) into Absent(Absent) state
6/9/2011 7:53:50 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update 2117917-478_neutral_PACKAGE from package KB2117917(Update) into Absent(Absent) state
6/9/2011 7:53:50 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update 2117917-477_neutral_PACKAGE from package KB2117917(Update) into Staged(Staged) state
6/9/2011 7:53:50 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update 2117917-474_neutral_PACKAGE from package KB2117917(Update) into Staged(Staged) state
6/9/2011 7:53:50 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update 2117917-28_neutral_GDR from package KB2117917(Update) into Staged(Staged) state
6/9/2011 7:53:50 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update 2117917-26_neutral_GDR from package KB2117917(Update) into Staged(Staged) state
6/9/2011 7:53:50 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update 2117917-233_neutral_PACKAGE from package KB2117917(Update) into Staged(Staged) state
6/9/2011 7:53:50 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update 2117917-232_neutral_PACKAGE from package KB2117917(Update) into Staged(Staged) state
6/9/2011 7:53:50 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update 2117917-231_neutral_PACKAGE from package KB2117917(Update) into Staged(Staged) state
6/9/2011 7:53:50 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update 2117917-230_neutral_PACKAGE from package KB2117917(Update) into Staged(Staged) state
6/9/2011 7:53:50 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update 2117917-229_neutral_PACKAGE from package KB2117917(Update) into Staged(Staged) state
6/9/2011 7:53:50 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update 2117917-228_neutral_PACKAGE from package KB2117917(Update) into Staged(Staged) state
6/9/2011 7:53:50 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update 2117917-227_neutral_PACKAGE from package KB2117917(Update) into Staged(Staged) state
6/9/2011 7:53:50 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update 2117917-226_neutral_PACKAGE from package KB2117917(Update) into Staged(Staged) state
6/9/2011 7:53:50 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update 2117917-225_neutral_PACKAGE from package KB2117917(Update) into Staged(Staged) state
6/9/2011 7:53:50 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update 2117917-224_neutral_PACKAGE from package KB2117917(Update) into Staged(Staged) state
6/9/2011 7:53:50 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update 2117917-223_neutral_PACKAGE from package KB2117917(Update) into Staged(Staged) state
6/9/2011 7:53:50 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update 2117917-222_neutral_PACKAGE from package KB2117917(Update) into Staged(Staged) state
6/9/2011 7:53:50 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update 2117917-221_neutral_PACKAGE from package KB2117917(Update) into Staged(Staged) state
6/9/2011 7:53:50 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update 2117917-220_neutral_PACKAGE from package KB2117917(Update) into Staged(Staged) state
6/9/2011 7:53:50 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update 2117917-219_neutral_PACKAGE from package KB2117917(Update) into Staged(Staged) state
6/9/2011 7:53:50 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update 2117917-218_neutral_PACKAGE from package KB2117917(Update) into Staged(Staged) state
6/9/2011 7:53:50 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update 2117917-217_neutral_PACKAGE from package KB2117917(Update) into Staged(Staged) state
6/9/2011 7:53:50 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update 2117917-216_neutral_PACKAGE from package KB2117917(Update) into Staged(Staged) state
6/9/2011 7:53:50 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update 2117917-215_neutral_PACKAGE from package KB2117917(Update) into Staged(Staged) state
6/9/2011 7:53:50 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update 2117917-214_neutral_PACKAGE from package KB2117917(Update) into Staged(Staged) state
6/9/2011 7:53:50 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update 2117917-213_neutral_PACKAGE from package KB2117917(Update) into Staged(Staged) state
6/9/2011 7:53:50 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update 2117917-212_neutral_PACKAGE from package KB2117917(Update) into Staged(Staged) state
6/9/2011 7:53:50 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update 2117917-211_neutral_PACKAGE from package KB2117917(Update) into Staged(Staged) state
6/9/2011 7:53:50 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update 2117917-210_neutral_PACKAGE from package KB2117917(Update) into Staged(Staged) state
6/9/2011 7:53:50 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update 2117917-209_neutral_PACKAGE from package KB2117917(Update) into Staged(Staged) state
6/9/2011 7:53:50 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update 2117917-208_neutral_PACKAGE from package KB2117917(Update) into Staged(Staged) state
6/9/2011 7:53:50 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update 2117917-207_neutral_PACKAGE from package KB2117917(Update) into Staged(Staged) state
6/9/2011 7:53:50 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update 2117917-206_neutral_PACKAGE from package KB2117917(Update) into Staged(Staged) state
6/9/2011 7:53:50 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update 2117917-205_neutral_PACKAGE from package KB2117917(Update) into Staged(Staged) state
6/9/2011 7:53:50 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update 2117917-204_neutral_PACKAGE from package KB2117917(Update) into Staged(Staged) state
6/9/2011 7:53:50 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update 2117917-203_neutral_PACKAGE from package KB2117917(Update) into Staged(Staged) state
6/9/2011 7:53:50 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update 2117917-202_neutral_PACKAGE from package KB2117917(Update) into Staged(Staged) state
6/9/2011 7:53:50 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update 2117917-201_neutral_PACKAGE from package KB2117917(Update) into Staged(Staged) state
6/9/2011 7:53:50 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update 2117917-200_neutral_PACKAGE from package KB2117917(Update) into Staged(Staged) state
6/9/2011 7:53:50 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update 2117917-199_neutral_PACKAGE from package KB2117917(Update) into Staged(Staged) state
6/9/2011 7:53:50 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update 2117917-198_neutral_PACKAGE from package KB2117917(Update) into Staged(Staged) state
6/9/2011 7:53:50 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update 2117917-197_neutral_PACKAGE from package KB2117917(Update) into Staged(Staged) state
6/9/2011 7:53:50 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update 2117917-196_neutral_PACKAGE from package KB2117917(Update) into Staged(Staged) state
6/9/2011 7:53:50 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update 2117917-195_neutral_PACKAGE from package KB2117917(Update) into Staged(Staged) state
6/9/2011 7:53:50 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update 2117917-194_neutral_PACKAGE from package KB2117917(Update) into Staged(Staged) state
6/9/2011 7:53:50 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update 2117917-193_neutral_PACKAGE from package KB2117917(Update) into Staged(Staged) state
6/9/2011 7:53:50 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update 2117917-192_neutral_PACKAGE from package KB2117917(Update) into Staged(Staged) state
6/9/2011 7:53:50 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update 2117917-191_neutral_PACKAGE from package KB2117917(Update) into Staged(Staged) state
6/9/2011 7:53:50 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update 2117917-190_neutral_PACKAGE from package KB2117917(Update) into Staged(Staged) state
6/9/2011 7:53:50 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update 2117917-189_neutral_PACKAGE from package KB2117917(Update) into Staged(Staged) state
6/9/2011 7:53:50 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update 2117917-188_neutral_GDR from package KB2117917(Update) into Staged(Staged) state
6/9/2011 7:53:50 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update 2117917-186_neutral_GDR from package KB2117917(Update) into Staged(Staged) state
6/9/2011 7:53:50 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update 2117917-184_neutral_GDR from package KB2117917(Update) into Staged(Staged) state
6/9/2011 7:53:50 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update 2117917-182_neutral_GDR from package KB2117917(Update) into Staged(Staged) state
6/9/2011 7:53:50 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update 2117917-180_neutral_GDR from package KB2117917(Update) into Staged(Staged) state
6/9/2011 7:53:50 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update 2117917-178_neutral_GDR from package KB2117917(Update) into Staged(Staged) state
6/9/2011 7:53:50 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update 2117917-176_neutral_GDR from package KB2117917(Update) into Staged(Staged) state
6/9/2011 7:53:50 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update 2117917-174_neutral_GDR from package KB2117917(Update) into Staged(Staged) state
6/9/2011 7:53:50 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update 2117917-112_neutral_GDR from package KB2117917(Update) into Staged(Staged) state
6/9/2011 7:53:50 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update 2117917-110_neutral_GDR from package KB2117917(Update) into Staged(Staged) state
6/9/2011 7:53:50 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update 2117917-108_neutral_GDR from package KB2117917(Update) into Staged(Staged) state
6/9/2011 7:53:50 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update 2117917-106_neutral_GDR from package KB2117917(Update) into Staged(Staged) state
6/9/2011 7:53:50 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update 2117917-104_neutral_GDR from package KB2117917(Update) into Staged(Staged) state
6/9/2011 7:53:50 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update 2117917-102_neutral_GDR from package KB2117917(Update) into Staged(Staged) state
6/9/2011 7:53:50 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update 2117917-100_neutral_GDR from package KB2117917(Update) into Staged(Staged) state
6/9/2011 7:53:50 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package KB2117917 (Update) into Staged(Staged) state
6/9/2011 7:53:50 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package KB2117917 (Update) into Install Requested(Install Requested) state
6/9/2011 7:53:34 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070426: Platform Update for Windows Vista (KB971644).
6/9/2011 7:53:29 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package Microsoft-Windows-AutomationAPI-Package-Package-zh-TW-MiniLP (Update) into Resolved(Resolved) state
6/9/2011 7:53:29 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package Microsoft-Windows-AutomationAPI-Package-Package-zh-HK-MiniLP (Update) into Resolved(Resolved) state
6/9/2011 7:53:29 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package Microsoft-Windows-AutomationAPI-Package-Package-zh-CN-MiniLP (Update) into Resolved(Resolved) state
6/9/2011 7:53:29 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package Microsoft-Windows-AutomationAPI-Package-Package-uk-UA-MiniLP (Update) into Resolved(Resolved) state
6/9/2011 7:53:29 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package Microsoft-Windows-AutomationAPI-Package-Package-tr-TR-MiniLP (Update) into Resolved(Resolved) state
6/9/2011 7:53:29 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package Microsoft-Windows-AutomationAPI-Package-Package-th-TH-MiniLP (Update) into Resolved(Resolved) state
6/9/2011 7:53:29 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package Microsoft-Windows-AutomationAPI-Package-Package-sv-SE-MiniLP (Update) into Resolved(Resolved) state
6/9/2011 7:53:29 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package Microsoft-Windows-AutomationAPI-Package-Package-sr-Latn-cs-MiniLP (Update) into Resolved(Resolved) state
6/9/2011 7:53:29 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package Microsoft-Windows-AutomationAPI-Package-Package-sl-SI-MiniLP (Update) into Resolved(Resolved) state
6/9/2011 7:53:29 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package Microsoft-Windows-AutomationAPI-Package-Package-sk-sk-MiniLP (Update) into Resolved(Resolved) state
6/9/2011 7:53:29 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package Microsoft-Windows-AutomationAPI-Package-Package-ru-ru-MiniLP (Update) into Resolved(Resolved) state
6/9/2011 7:53:29 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package Microsoft-Windows-AutomationAPI-Package-Package-ro-ro-MiniLP (Update) into Resolved(Resolved) state
6/9/2011 7:53:29 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package Microsoft-Windows-AutomationAPI-Package-Package-pt-pt-MiniLP (Update) into Resolved(Resolved) state
6/9/2011 7:53:29 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package Microsoft-Windows-AutomationAPI-Package-Package-pt-br-MiniLP (Update) into Resolved(Resolved) state
6/9/2011 7:53:29 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package Microsoft-Windows-AutomationAPI-Package-Package-pl-pl-MiniLP (Update) into Resolved(Resolved) state
6/9/2011 7:53:29 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package Microsoft-Windows-AutomationAPI-Package-Package-nl-nl-MiniLP (Update) into Resolved(Resolved) state
6/9/2011 7:53:29 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package Microsoft-Windows-AutomationAPI-Package-Package-nb-no-MiniLP (Update) into Resolved(Resolved) state
6/9/2011 7:53:29 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package Microsoft-Windows-AutomationAPI-Package-Package-lv-lv-MiniLP (Update) into Resolved(Resolved) state
6/9/2011 7:53:29 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package Microsoft-Windows-AutomationAPI-Package-Package-lt-lt-MiniLP (Update) into Resolved(Resolved) state
6/9/2011 7:53:29 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package Microsoft-Windows-AutomationAPI-Package-Package-ko-kr-MiniLP (Update) into Resolved(Resolved) state
6/9/2011 7:53:29 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package Microsoft-Windows-AutomationAPI-Package-Package-ja-jp-MiniLP (Update) into Resolved(Resolved) state
6/9/2011 7:53:29 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package Microsoft-Windows-AutomationAPI-Package-Package-it-it-MiniLP (Update) into Resolved(Resolved) state
6/9/2011 7:53:29 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package Microsoft-Windows-AutomationAPI-Package-Package-hu-hu-MiniLP (Update) into Resolved(Resolved) state
6/9/2011 7:53:29 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package Microsoft-Windows-AutomationAPI-Package-Package-hr-hr-MiniLP (Update) into Resolved(Resolved) state
6/9/2011 7:53:29 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package Microsoft-Windows-AutomationAPI-Package-Package-he-il-MiniLP (Update) into Resolved(Resolved) state
6/9/2011 7:53:29 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package Microsoft-Windows-AutomationAPI-Package-Package-fr-fr-MiniLP (Update) into Resolved(Resolved) state
6/9/2011 7:53:29 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package Microsoft-Windows-AutomationAPI-Package-Package-fi-fi-MiniLP (Update) into Resolved(Resolved) state
6/9/2011 7:53:29 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package Microsoft-Windows-AutomationAPI-Package-Package-et-ee-MiniLP (Update) into Resolved(Resolved) state
6/9/2011 7:53:29 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package Microsoft-Windows-AutomationAPI-Package-Package-es-es-MiniLP (Update) into Resolved(Resolved) state
6/9/2011 7:53:29 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package Microsoft-Windows-AutomationAPI-Package-Package-en-US-MiniLP (Update) into Resolved(Resolved) state
6/9/2011 7:53:29 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package Microsoft-Windows-AutomationAPI-Package-Package-el-gr-MiniLP (Update) into Resolved(Resolved) state
6/9/2011 7:53:29 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package Microsoft-Windows-AutomationAPI-Package-Package-de-de-MiniLP (Update) into Resolved(Resolved) state
6/9/2011 7:53:29 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package Microsoft-Windows-AutomationAPI-Package-Package-da-dk-MiniLP (Update) into Resolved(Resolved) state
6/9/2011 7:53:29 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package Microsoft-Windows-AutomationAPI-Package-Package-cs-cz-MiniLP (Update) into Resolved(Resolved) state
6/9/2011 7:53:29 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package Microsoft-Windows-AutomationAPI-Package-Package-bg-bg-MiniLP (Update) into Resolved(Resolved) state
6/9/2011 7:53:29 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package Microsoft-Windows-AutomationAPI-Package-Package-ar-sa-MiniLP (Update) into Resolved(Resolved) state
6/9/2011 7:53:29 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package KB971513_zh-TW (Language Pack) into Resolved(Resolved) state
6/9/2011 7:53:29 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package KB971513_zh-HK (Language Pack) into Resolved(Resolved) state
6/9/2011 7:53:29 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package KB971513_zh-CN (Language Pack) into Resolved(Resolved) state
6/9/2011 7:53:29 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package KB971513_uk-UA (Language Pack) into Resolved(Resolved) state
6/9/2011 7:53:29 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package KB971513_tr-TR (Language Pack) into Resolved(Resolved) state
6/9/2011 7:53:29 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package KB971513_th-TH (Language Pack) into Resolved(Resolved) state
6/9/2011 7:53:29 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package KB971513_sv-SE (Language Pack) into Resolved(Resolved) state
6/9/2011 7:53:29 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package KB971513_sr-Latn-CS (Language Pack) into Resolved(Resolved) state
6/9/2011 7:53:29 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package KB971513_sl-SI (Language Pack) into Resolved(Resolved) state
6/9/2011 7:53:29 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package KB971513_sk-SK (Language Pack) into Resolved(Resolved) state
6/9/2011 7:53:29 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package KB971513_ru-RU (Language Pack) into Resolved(Resolved) state
6/9/2011 7:53:29 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package KB971513_ro-RO (Language Pack) into Resolved(Resolved) state
6/9/2011 7:53:29 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package KB971513_pt-PT (Language Pack) into Resolved(Resolved) state
6/9/2011 7:53:29 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package KB971513_pt-BR (Language Pack) into Resolved(Resolved) state
6/9/2011 7:53:29 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package KB971513_pl-PL (Language Pack) into Resolved(Resolved) state
6/9/2011 7:53:29 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package KB971513_nl-NL (Language Pack) into Resolved(Resolved) state
6/9/2011 7:53:29 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package KB971513_nb-NO (Language Pack) into Resolved(Resolved) state
6/9/2011 7:53:29 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package KB971513_lv-LV (Language Pack) into Resolved(Resolved) state
6/9/2011 7:53:29 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package KB971513_lt-LT (Language Pack) into Resolved(Resolved) state
6/9/2011 7:53:29 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package KB971513_ko-KR (Language Pack) into Resolved(Resolved) state
6/9/2011 7:53:29 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package KB971513_ja-JP (Language Pack) into Resolved(Resolved) state
6/9/2011 7:53:29 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package KB971513_it-IT (Language Pack) into Resolved(Resolved) state
6/9/2011 7:53:29 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package KB971513_hu-HU (Language Pack) into Resolved(Resolved) state
6/9/2011 7:53:29 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package KB971513_hr-HR (Language Pack) into Resolved(Resolved) state
6/9/2011 7:53:29 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package KB971513_he-IL (Language Pack) into Resolved(Resolved) state
6/9/2011 7:53:29 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package KB971513_fr-FR (Language Pack) into Resolved(Resolved) state
6/9/2011 7:53:29 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package KB971513_fi-FI (Language Pack) into Resolved(Resolved) state
6/9/2011 7:53:29 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package KB971513_et-EE (Language Pack) into Resolved(Resolved) state
6/9/2011 7:53:29 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package KB971513_es-ES (Language Pack) into Resolved(Resolved) state
6/9/2011 7:53:29 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package KB971513_en-US (Language Pack) into Resolved(Resolved) state
6/9/2011 7:53:29 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package KB971513_el-GR (Language Pack) into Resolved(Resolved) state
6/9/2011 7:53:29 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package KB971513_de-DE (Language Pack) into Resolved(Resolved) state
6/9/2011 7:53:29 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package KB971513_da-DK (Language Pack) into Resolved(Resolved) state
6/9/2011 7:53:29 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package KB971513_cs-CZ (Language Pack) into Resolved(Resolved) state
6/9/2011 7:53:29 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package KB971513_bg-BG (Language Pack) into Resolved(Resolved) state
6/9/2011 7:53:29 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package KB971513_ar-SA (Language Pack) into Resolved(Resolved) state
6/9/2011 7:53:29 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package KB971513 (Update) into Resolved(Resolved) state
6/9/2011 7:53:02 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070426: Cumulative Update for Media Center for Windows Vista (KB982480).
6/9/2011 7:52:57 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package KB982480 (Update) into Resolved(Resolved) state
6/9/2011 7:52:39 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070426: Cumulative Security Update for ActiveX Killbits for Windows Vista (KB2508272).
6/9/2011 7:52:34 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package KB2508272 (Security Update) into Resolved(Resolved) state
6/9/2011 7:52:29 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x800b0100: Update for Windows Vista (KB2443685).
6/9/2011 7:52:24 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package KB2443685 (Update) into Resolved(Resolved) state
6/9/2011 7:52:23 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package KB2443685 (Update) into Staging(Staging) state
6/9/2011 7:52:10 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070426: Windows PowerShell 2.0 and WinRM 2.0 for Windows Vista (KB968930).
6/9/2011 7:52:02 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package Windows-Management-Framework-Core-Package-en-us-MiniLP (Update) into Resolved(Resolved) state
6/9/2011 7:52:02 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package PowerShell ISE_en-US (Language Pack) into Resolved(Resolved) state
6/9/2011 7:52:02 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package KB968931 (Software Update) into Resolved(Resolved) state
6/9/2011 7:52:02 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package KB968930 (Update) into Resolved(Resolved) state
6/9/2011 7:52:02 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package KB968930 (Software Update) into Resolved(Resolved) state
6/9/2011 7:52:02 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package KB968930 (Language Pack) into Resolved(Resolved) state
6/9/2011 7:52:02 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package KB968923 (Software Update) into Resolved(Resolved) state
6/9/2011 7:52:02 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package KB950099 (Software Update) into Resolved(Resolved) state
6/9/2011 7:52:02 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package KB950099 (Language Pack) into Resolved(Resolved) state
6/9/2011 7:52:02 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package KB928439 (Language Pack) into Resolved(Resolved) state
6/9/2011 7:51:02 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070426: Update for Windows Vista (KB975929).
6/9/2011 7:50:57 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package KB975929 (Hotfix) into Resolved(Resolved) state
6/9/2011 7:28:24 PM, Error: Service Control Manager [7024]  - The Windows Firewall service terminated with service-specific error 126 (0x7E).
6/8/2011 7:13:41 PM, Error: Service Control Manager [7000]  - The SAS Core Service service failed to start due to the following error:  The system cannot find the file specified.
6/7/2011 9:57:29 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
6/7/2011 10:31:21 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
6/7/2011 10:31:21 PM, Error: Service Control Manager [7000]  - The Windows Search service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
6/7/2011 10:15:22 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80246007: Security Update for Microsoft Visual C++ 2005 Service Pack 1 Redistributable Package (KB2467175).
6/6/2011 10:26:06 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.
6/13/2011 7:05:10 AM, Error: Service Control Manager [7000]  - The SASDIFSV service failed to start due to the following error:  Cannot create a file when that file already exists.
6/13/2011 5:14:22 AM, Error: EventLog [6008]  - The previous system shutdown at 11:35:25 PM on 6/12/2011 was unexpected.
6/13/2011 12:15:20 PM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  AFD DfsC ehdrv NetBIOS netbt nsiproxy PSched RasAcd rdbss SASDIFSV SASKUTIL Smb spldr tdx Wanarpv6
6/13/2011 12:15:20 PM, Error: Service Control Manager [7001]  - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.
6/13/2011 12:15:20 PM, Error: Service Control Manager [7001]  - The WebDav Client Redirector Driver service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error:  A device attached to the system is not functioning.
6/13/2011 12:15:20 PM, Error: Service Control Manager [7001]  - The WebClient service depends on the WebDav Client Redirector Driver service which failed to start because of the following er

[SuperDave]

P2P - I see you have P2P software installed on your machine (BitTorrent). We are not here to pass judgment on file-sharing as a concept. However, we will warn you that engaging in this activity and having this kind of software installed on your machine will always make you more susceptible to re-infections. It is certainly contributing to your current situation.

Please note: Even if you are using a "safe" P2P program, it is only the program that is safe. You will be sharing files from uncertified sources, and these are often infected. The bad guys use P2P filesharing as a major conduit to spread their wares.

I would strongly recommend that you uninstall them, however that choice is up to you. If you choose to remove these programs, you can do so via Control Panel >> Add or Remove Programs.
************************************************
Update Your Java (JRE)

Old versions of Java have vulnerabilities that malware can use to infect your system.

First Verify your Java Version

If there are any other version(s) installed then update now.

Get the new version (if needed)

If your version is out of date install the newest version of the Sun Java Runtime Environment.

Note: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.

Be sure to close ALL open web browsers before starting the installation.

Remove any old versions

1. Download JavaRa and unzip the file to your Desktop.
2. Open JavaRA.exe and choose Remove Older Versions
3. Once complete exit JavaRA.

Additional Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. To disable the JQS service if you don't want to use it, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and reboot your computer.
***************************************************
Download OTL to your desktop.

* Open OTL
* Copy and Paste the following text in the codebox into the Custom Scans/Fixes window.

Code: [Select]

:OTL
uURLSearchHooks: H - No File
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No File
BHO: 1 (0x1) - No File
TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Trusted Zone: microsoft.com

:COMMANDS
[resethosts]
[purity]
[emptytemp]
[start explorer]

* Click Run Fix
* OTLI2 may ask to reboot the machine. Please do so if asked.
* Click OK
* A report will open. Copy and Paste that report in your next reply.
************************************************************
Download ComboFix by sUBs from one of the below links.  Be sure to save it to the Desktop.

link # 1
Link # 2
If you are using Firefox, make sure that your download settings are as follows:

* Tools->Options->Main tab
* Set to "Always ask me where to Save the files".

Close any open web browsers (Firefox, Internet Explorer, etc) before starting ComboFix.

Temporarily disable your anti-virus, and any anti-spyware real-time protection before performing a scan. Click this link to see a list of security programs that should be disabled and how to disable them.

Right-click combofix.exe and select Run as Administrator and follow the prompts.
When finished, ComboFix will produce a log for you.
Post the ComboFix login your next reply.

NOTE: Do not mouseclick ComboFix's window while it is running. That may cause it to stall.

Remember to re-enable your anti-virus and anti-spyware protection when ComboFix is complete.
 

[pogiepnoy]

ok, I deleted bittorrent and updated java and deleted the old ones.

All processes killed
========== OTL ==========
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Guest
->Temp folder emptied: 21884362 bytes
->Temporary Internet Files folder emptied: 49499452 bytes
->Java cache emptied: 13761048 bytes
->FireFox cache emptied: 99932181 bytes
->Flash cache emptied: 10699 bytes
 
User: Pogiepnoy
->Temp folder emptied: 581614 bytes
->Temporary Internet Files folder emptied: 3427039 bytes
->Java cache emptied: 24162 bytes
->FireFox cache emptied: 112924797 bytes
->Google Chrome cache emptied: 14216530 bytes
->Flash cache emptied: 1937847 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 213312 bytes
Windows Temp folder emptied: 16444 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 304.00 mb
 
 
OTL by OldTimer - Version 3.2.24.0 log created on 06132011_191916

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

ComboFix 11-06-13.01 - Pogiepnoy 06/13/2011  19:30:03.3.2 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.1.1033.18.3070.1942 [GMT -5:00]
Running from: c:\users\Pogiepnoy\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Search Toolbar
c:\program files\Search Toolbar\icon.ico
c:\program files\Search Toolbar\SearchToolbarUninstall.exe
c:\program files\Search Toolbar\SearchToolbarUpdater.exe
c:\windows\system32\drivers\qdxvcq.sys
.
Infected copy of c:\windows\System32\msinfo32.exe was found and disinfected
Restored copy from - c:\windows\winsxs\x86_microsoft-windows-msinfo32-exe-common_31bf3856ad364e35_6.0.6002.18005_none_88307826e802a99c\msinfo32.exe
.
.
(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_izhbtj
.
.
(((((((((((((((((((((((((   Files Created from 2011-05-14 to 2011-06-14  )))))))))))))))))))))))))))))))
.
.
2011-06-14 00:37 . 2011-06-14 00:41   --------   d-----w-   c:\users\Pogiepnoy\AppData\Local\temp
2011-06-14 00:37 . 2011-06-14 00:37   --------   d-----w-   c:\users\Guest\AppData\Local\temp
2011-06-14 00:37 . 2011-06-14 00:37   --------   d-----w-   c:\users\Default\AppData\Local\temp
2011-06-14 00:19 . 2011-06-14 00:19   --------   d-----w-   C:\_OTL
2011-06-13 10:30 . 2011-06-13 10:30   --------   d-----w-   c:\programdata\WindowsSearch
2011-06-11 03:24 . 2011-06-11 03:24   --------   d-----w-   c:\program files\Sony
2011-06-11 01:19 . 2011-06-11 01:19   --------   d-----w-   c:\programdata\Easy Driver Pro
2011-06-11 00:46 . 2011-06-11 00:46   --------   d-----w-   c:\program files\Easy Driver Pro
2011-06-09 01:13 . 2011-06-09 01:13   --------   d-----w-   c:\windows\Sun
2011-06-08 22:27 . 2011-05-29 14:11   39984   ----a-w-   c:\windows\system32\drivers\mbamswissarmy.sys
2011-06-08 22:27 . 2011-05-29 14:11   22712   ----a-w-   c:\windows\system32\drivers\mbam.sys
2011-06-08 03:13 . 2011-05-25 00:12   6962000   ----a-w-   c:\programdata\Microsoft\Windows Defender\Definition Updates\{EB0C9422-C1FB-4FED-AE5C-57FC770501D0}\mpengine.dll
2011-06-07 03:03 . 2011-06-07 03:03   --------   d-----w-   c:\program files\FileASSASSIN
2011-06-05 14:53 . 2011-06-05 14:58   --------   d-----w-   c:\users\Pogiepnoy\AppData\Roaming\Sony Corporation
2011-06-05 14:32 . 2011-06-05 14:32   45200   ------w-   c:\windows\system32\drivers\PxHelp20.sys
2011-06-05 14:32 . 2011-06-05 14:32   9200   ------w-   c:\windows\system32\drivers\cdralw2k.sys
2011-06-05 14:32 . 2011-06-05 14:32   9072   ------w-   c:\windows\system32\drivers\cdr4_xp.sys
2011-06-05 14:30 . 2011-06-11 03:28   --------   d-----w-   c:\programdata\Sony Corporation
2011-05-28 20:25 . 2011-05-28 20:25   --------   d-----w-   c:\program files\MSSOAP
2011-05-28 20:20 . 2011-05-28 20:20   --------   d-----w-   c:\users\Pogiepnoy\AppData\Roaming\QuickScan
2011-05-28 20:19 . 2011-05-28 20:25   --------   d-----w-   c:\program files\Common Files\BitDefender
2011-05-28 20:15 . 2011-05-29 18:19   150240   ----a-w-   c:\programdata\bdinstall.bin
2011-05-28 00:56 . 2011-05-28 00:56   --------   d-----w-   c:\program files\iPod
2011-05-28 00:35 . 2011-05-28 00:35   --------   d-----w-   c:\program files\Bonjour
2011-05-28 00:07 . 2011-05-28 00:07   404640   ----a-w-   c:\windows\system32\FlashPlayerCPLApp.cpl
2011-05-18 02:49 . 2011-06-08 22:27   --------   d-----w-   c:\program files\Malwarebytes' Anti-Malware
2011-05-17 22:10 . 2011-05-17 22:10   --------   d-----w-   c:\users\Guest\AppData\Roaming\SUPERAntiSpyware.com
2011-05-17 03:00 . 2011-05-17 12:05   --------   d-----w-   c:\program files\Common Files\PC Tools
2011-05-17 02:59 . 2011-05-17 12:02   --------   d-----w-   c:\programdata\PC Tools
2011-05-16 23:22 . 2011-05-16 23:22   --------   d-----w-   c:\users\Pogiepnoy\{457e6a42-a1c1-418d-a971-25d69467e6bf}
2011-05-16 23:22 . 2011-05-16 23:22   --------   d-----w-   c:\users\Pogiepnoy\{f79bcab9-a039-4b4a-bd30-63e6ab19564e}
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-14 00:09 . 2010-07-13 21:45   472808   ----a-w-   c:\windows\system32\deployJava1.dll
2011-06-11 02:13 . 2008-06-30 21:27   17920   ----a-w-   c:\windows\system32\wfapigp.dll
2011-06-11 02:13 . 2008-06-30 21:28   69120   ----a-w-   c:\windows\system32\vsstrace.dll
2011-05-25 00:14 . 2009-10-02 23:55   222080   ------w-   c:\windows\system32\MpSigStub.exe
2011-04-06 21:20 . 2011-04-06 21:20   91424   ----a-w-   c:\windows\system32\dnssd.dll
2011-04-06 21:20 . 2011-04-06 21:20   197920   ----a-w-   c:\windows\system32\dnssdX.dll
2011-04-06 21:20 . 2011-04-06 21:20   107808   ----a-w-   c:\windows\system32\dns-sd.exe
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-06-13 2424192]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WAWifiMessage"="c:\program files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2007-01-08 311296]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-10-03 13826664]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-09-13 480560]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2010-11-04 2219184]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-09-15 102400]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
.
c:\users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2011-03-21 18:56   1230704   ----a-w-   c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\googletalk]
2007-01-01 21:22   3739648   ----a-w-   c:\users\Pogiepnoy\AppData\Roaming\Google\Google Talk\googletalk.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2007-05-08 22:24   54840   ----a-w-   c:\program files\HP\HP Software Update\hpwuSchd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]
2008-06-02 07:55   80896   ----a-w-   c:\program files\HP\Digital Imaging\bin\HpqSRmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
2008-04-15 23:54   178712   ----a-w-   c:\program files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2011-04-27 06:22   421160   ----a-w-   c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware (reboot)]
2011-05-29 14:11   1047656   ----a-w-   c:\program files\Malwarebytes' Anti-Malware\mbam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OnScreenDisplay]
2007-09-04 20:54   554320   ----a-w-   c:\program files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl]
2007-09-19 21:31   202032   ----a-w-   c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QPService]
2007-10-01 02:34   181544   ----a-w-   c:\program files\HP\QuickPlay\QPService.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 22:38   421888   ----a-w-   c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
2007-03-09 22:50   4390912   ----a-w-   c:\windows\RtHDVCpl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2010-09-02 21:15   13351304   ----a-r-   c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMSERIAL]
2007-01-17 13:34   634880   ----a-w-   c:\program files\Motorola\SMSERIAL\sm56hlpr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
2011-06-13 12:05   2424192   ----a-w-   c:\program files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2008-07-04 00:14   171448   ----a-w-   c:\program files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UCam_Menu]
2007-08-17 06:13   218408   ------w-   c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"FirewallOverride"=dword:00000001
.
R3 cpuz134;cpuz134;c:\users\POGIEP~1\AppData\Local\Temp\cpuz134\cpuz134_x32.sys

R3 PACSPTISVR-Sound_Organizer;PACSPTISVR-Sound_Organizer;c:\program files\Sony\Sound Organizer\Sony.Earth\PACSPTISVR.exe [2010-11-19 157024]
R4 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe

S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2009-09-23 64288]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2010-07-29 115008]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2010-02-17 12872]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2010-05-10 67656]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2010-09-03 137144]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2010-11-04 810144]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2010-07-29 96920]
S2 SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCore.exe [2011-05-04 114048]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12   REG_MULTI_SZ      Pml Driver HPZ12 Net Driver HPZ12
HPService   REG_MULTI_SZ      HPSLPSVC
hpdevmgmt   REG_MULTI_SZ      hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-06-09 16:14   451872   ----a-w-   c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder
.
2008-05-08 c:\windows\Tasks\Check Updates for Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 16:20]
.
2010-12-21 c:\windows\Tasks\User_Feed_Synchronization-{599A7A6A-739C-44AE-AC80-05932EC126DC}.job
- c:\windows\system32\msfeedssync.exe [2008-06-30 07:33]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=laptop
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=laptop
uInternet Settings,ProxyOverride = <local>;*.local
IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
Trusted Zone: microsoft.com
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Pogiepnoy\AppData\Roaming\Mozilla\Firefox\Profiles\apk0b461.default\
FF - prefs.js: browser.search.selectedEngine - Bing
FF - prefs.js: browser.startup.homepage - hxxp://www.aol.com/
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?pc=Z003&form=ZGAADF&q=
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox 3.6 Beta 4\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox 3.6 Beta 4\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox 3.6 Beta 4\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox 3.6 Beta 4\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox 3.6 Beta 4\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox 3.6 Beta 4\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Silvermel: [email protected] - %profile%\extensions\[email protected]
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - user.js: network.protocol-handler.warn-external.dnupdate - false
.
- - - - ORPHANS REMOVED - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
MSConfigStartUp-AnyDVD - c:\program files\SlySoft\AnyDVD\AnyDVDtray.exe
MSConfigStartUp-avast - c:\program files\AVAST Software\Avast\avastUI.exe
MSConfigStartUp-BDAgent - c:\program files\BitDefender\BitDefender 2011\bdagent.exe
MSConfigStartUp-BitDefender Antiphishing Helper - c:\program files\BitDefender\BitDefender 2011\ieshow.exe
MSConfigStartUp-ijbrmwgi - c:\users\POGIEP~1\AppData\Local\Temp\gtwoidevi\snhtwvyhmof.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-06-13 19:39
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ... 
.
scanning hidden autostart entries ...
.
scanning hidden files ... 
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Diskeeper Corporation\Diskeeper\DkService.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\windows\system32\nvvsvc.exe
c:\program files\HP\QuickPlay\Kernel\TV\QPSched.exe
c:\program files\Synaptics\SynTP\SynTPEnh.exe
c:\program files\Windows Media Player\wmpnscfg.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
c:\program files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
.
**************************************************************************
.
Completion time: 2011-06-13  19:46:49 - machine was rebooted
ComboFix-quarantined-files.txt  2011-06-14 00:46
ComboFix2.txt  2009-03-12 03:06
.
Pre-Run: 72,215,257,088 bytes free
Post-Run: 71,703,613,440 bytes free
.
- - End Of File - - 6690ECD1D5C836C5B73788D783B6C960

[SuperDave]

Very good. We're making progress.

Re-running ComboFix to remove infections:

• Close any open browsers.
• Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
• Open notepad and copy/paste the text in the quotebox below into it:
  

  KillAll::
  
  DDS::
  Trusted Zone: microsoft.com
  
  
• Save this as CFScript.txt, in the same location as ComboFix.exe
  
  
  
  
• Referring to the picture above, drag CFScript into ComboFix.exe
• When finished, it shall produce a log for you at C:\ComboFix.txt
  
• I don't need to see the log from this action.
  

************************************************************
SysProt Antirootkit

Download
SysProt Antirootkit from the link below (you will find it at the bottom
of the page under attachments, or you can get it from one of the
mirrors).

http://sites.google.com/site/sysprotantirootkit/

Unzip it into a folder on your desktop.

• Double click Sysprot.exe to start the program.
• Click on the Log tab.
• In the Write to log box select the following items.
• Process << Selected
  
• Kernel Modules << Selected
  
• SSDT << Selected
  
• Kernel Hooks << Selected
  
• IRP Hooks << NOT Selected
  
• Ports << NOT Selected
  
• Hidden Files << Selected
  
• At the bottom of the page
• Hidden Objects Only << Selected
  
• Click on the Create Log button on the bottom right.
• After a few seconds a new window should appear.
• Select Scan Root Drive. Click on the Start button.
• When it is complete a new window will appear to indicate that the scan is finished.
• The log will be saved automatically in the same folder Sysprot.exe was extracted to. Open the text file and copy/paste the log here.