Malware or Virus possibly on my computer

[casey071]

OTL Extras logfile created on: 12/14/2011 9:55:18 PM - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\office depot\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19154)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
2.00 Gb Total Physical Memory | 1.50 Gb Available Physical Memory | 74.91% Memory free
4.23 Gb Paging File | 3.89 Gb Available in Paging File | 92.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 142.45 Gb Total Space | 52.67 Gb Free Space | 36.97% Space Free | Partition Type: NTFS
Drive D: | 6.60 Gb Total Space | 0.44 Gb Free Space | 6.70% Space Free | Partition Type: NTFS
 
Computer Name: CASEYSLAPTOP | User Name: office depot | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- Reg Error: Key error. File not found
.exe [@ = exefile] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 1
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" = C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink -- (EarthLink, Inc.)
"C:\Program Files\AT&T\Communication Manager\SwiApiMux.exe" = C:\Program Files\AT&T\Communication Manager\SwiApiMux.exe:*:Enabled:SwiApiMux
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04E58074-C9A5-4C09-9A6D-7E2FB1EAEABB}" = rport=1723 | protocol=6 | dir=out | app=system |
"{0FBB377A-73DB-4E96-84BC-1C3B7332B912}" = lport=3702 | protocol=17 | dir=in | app=c:\windows\system32\netproj.exe |
"{1E2330EB-0C5C-4EBF-ADE8-DE94C05359B7}" = rport=5358 | protocol=6 | dir=out | app=system |
"{215DBB87-BB64-4A77-AA60-115617CCBC58}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{286F3E82-7636-4494-B3C3-4196248DCFBC}" = lport=1723 | protocol=6 | dir=in | app=system |
"{351E1190-B31E-460E-953C-2CB6EFF17FF9}" = lport=5358 | protocol=6 | dir=in | app=system |
"{5E4C88F7-4984-488E-8BE7-B0AA98698E35}" = rport=1701 | protocol=17 | dir=out | app=system |
"{6E33A28F-C42F-452A-9700-3DD9262611EC}" = rport=3702 | protocol=17 | dir=out | app=c:\windows\system32\netproj.exe |
"{8CD2393D-EDDD-47A0-8EF1-B3643EA6A433}" = lport=5357 | protocol=6 | dir=in | app=system |
"{AEE55DE3-8CAC-4716-859D-84FA8B059593}" = lport=rpc | protocol=6 | dir=in | svc=* | app=c:\windows\system32\svchost.exe |
"{BA33174F-098E-44CC-82B8-E2C84FA114B6}" = lport=1701 | protocol=17 | dir=in | app=system |
"{CB8B0720-C4B1-4A5F-9481-AA0670735BA9}" = lport=445 | protocol=6 | dir=in | app=system |
"{CCB5C760-43CB-4E66-8754-6828F93672B9}" = rport=5357 | protocol=6 | dir=out | app=system |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{110AF835-C1FA-4B10-8D5D-12C7045342B7}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{290CC207-0F18-4D8C-A617-B6B95D081BDF}" = protocol=6 | dir=in | app=c:\windows\system32\netproj.exe |
"{5FADAAF5-7026-4BA4-96EB-82D0A81F26AE}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{626A5080-15C1-4A5B-82F8-F15F0E728B99}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{64CD1AED-3137-4834-9FE6-2CDEFE9CED40}" = protocol=6 | dir=in | app=c:\windows\system32\dlbxcoms.exe |
"{7C39CF9D-2EA1-424A-AD2D-38B1E7AED8B9}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{8A9BA13A-1075-4133-9D8D-3D06CAB7814C}" = protocol=6 | dir=out | svc=msiscsi | app=c:\windows\system32\svchost.exe |
"{8BA4B469-5935-4505-81FE-1838FFC713B7}" = protocol=6 | dir=in | svc=msiscsi | app=c:\windows\system32\svchost.exe |
"{B804D16E-7F3D-4FF6-9924-600084F2621C}" = protocol=17 | dir=in | app=c:\program files\netzero\exec.exe |
"{C8F0F144-C002-486E-A62D-0B4D455C7F28}" = protocol=17 | dir=in | app=c:\windows\system32\dlbxcoms.exe |
"{CE840C84-4B4C-432A-89D0-CF5591196481}" = dir=in | app=c:\program files\hp\quickplay\qp.exe |
"{D0B29A37-8623-4F72-A2AF-2BF9C5ABA25C}" = dir=in | app=c:\program files\hp\quickplay\qpservice.exe |
"{E102F59B-BB89-4F24-B9DD-2529DA9000CF}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{EF04E17D-9688-45D9-8FA5-C7612057C675}" = protocol=6 | dir=out | app=c:\windows\system32\netproj.exe |
"{F678864F-0168-46F1-8C05-4AD53C6A94EE}" = protocol=6 | dir=in | app=c:\program files\netzero\exec.exe |
"TCP Query User{6788D697-B91B-4BF7-AAF4-43A0E2D1C6B7}C:\program files\itunes\itunes.exe" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"TCP Query User{CDE3A3CC-522A-487B-BC93-D66DE5C2D8B6}C:\program files\itunes\itunes.exe" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"UDP Query User{14BD5DB3-B56A-420F-90D3-EFB01D90276D}C:\program files\itunes\itunes.exe" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"UDP Query User{F0FECDCC-FC92-4DF3-A7F9-13B15212B20E}C:\program files\itunes\itunes.exe" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{DCDAB2ED-5741-4C30-A1A4-0FCB8A529001}" = WordPerfect Office X4
"{000AB2ED-5741-4C30-A1A4-0FCB8A529000}" = WordPerfect Office X4
"{001E7FB6-BB6B-4ED0-BEDC-B5404ED96D4E}" = DocProc
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{0054A0F6-00C9-4498-B821-B5C9578F433E}" = HP Help and Support
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{03EDED24-8375-407D-A721-4643D9768BE1}" = kgchlwn
"{073F22CE-9A5B-4A40-A604-C7270AC6BF34}" = ESSSONIC
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{10E1E87C-656C-4D08-86D6-5443D28583BE}" = TrayApp
"{1101AD13-F7A9-4B65-83C6-48344E8F88C2}" = Switched-On Schoolhouse 2011 - Home Edition Tutorials
"{11F3F858-4131-4FFA-A560-3FE282933B6E}" = kgchday
"{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}" = Roxio Creator EasyArchive
"{13F00518-807A-4B3A-83B0-A7CD90F3A398}" = MarketResearch
"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD
"{1753255A-0AEB-4220-8C75-607B73F0C133}" = Copy
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{22466889-7642-488d-AA0E-F619704CF7AB}" = DeviceDiscovery
"{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{2614F54E-A828-49FA-93BA-45A3F756BFAA}" = 32 Bit HP CIO Components Installer
"{26A24AE4-039D-4CA4-87B4-2F83216027FF}" = Java(TM) 6 Update 29
"{2750B389-A2D2-4953-99CA-27C1F2A8E6FD}" = Microsoft SQL Server 2005 Tools Express Edition
"{29ED20C9-5E15-4969-9279-25BF3727A3DA}" = iTunes
"{29FA38B4-0AE4-4D0D-8A51-6165BB990BB0}" = WebReg
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (ALLDATASC)
"{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt
"{2F28B3C9-2C89-4206-8B33-8ADC9577C49B}" = Scan
"{3018B943-C76C-44B0-B078-790A28CEF67E}" = Microsoft UI Engine
"{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper
"{324CEC09-007A-48eb-90E0-9D42D4D5EB0A}" = NetDeviceManager
"{33C65B6A-5D73-4E3E-A1F9-127C27BD3F72}" = Roxio MyDVD Basic v9
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.10 B9
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E3A110A-7FAE-4DC0-8E39-BAFFE89724B6}" = HP User Guide 0049
"{40F7AED3-0C7D-4582-99F6-484A515C73F2}" = HP Easy Setup - Frontend
"{42938595-0D83-404D-9F73-F8177FDD531A}" = ESScore
"{44B2E182-DD85-45FC-9F51-326B81D7C7F1}" = Fax
"{4537EA4B-F603-4181-89FB-2953FC695AB1}" = netbrdg
"{459E93B6-150E-45d5-8D4B-45C66FC035FE}" = getPlus(R) for Corel
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP QuickPlay 3.6
"{4873CC58-69D8-490D-9E5C-001DC2EE2000}" = WordPerfect Lightning
"{4873CC58-69D8-490D-9E5C-001DC2EE2010}" = WordPerfect Lightning - Messages
"{4873CC58-69D8-490D-9E5C-001DC2EE2020}" = WordPerfect Lightning - IPM
"{4873CC58-69D8-490D-9E5C-001DC2EE2100}" = WordPerfect Lightning - EN
"{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}" = HPSSupply
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5316DFC9-CE99-4458-9AB3-E8726EDE0210}" = skin0001
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{543E938C-BDC4-4933-A612-01293996845F}" = UnloadSupport
"{54EE4F1E-4AD4-4085-96B3-96DB2CF70856}" = ServiceCenter
"{5A3F6A80-7913-475E-8B96-477A952CFA43}" = SupportSoft Assisted Service
"{5CA81D12-9EC2-4082-972B-43ECA63F41F2}" = HP Pavilion Webcam Driver for Vista v061.001.00005
"{5DF5621C-5071-4F68-B623-69FD2D36DA3C}" = LaserCat
"{5E453519-60F6-4A4D-A0BF-16663F9B3536}" = Safari
"{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA
"{608D2A3C-6889-4C11-9B54-A42F45ACBFDB}" = fflink
"{612F4E20-3661-4D44-AD79-823F1B613FB3}" = HP Update
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}" = Bing Rewards Client Installer
"{643EAE81-920C-4931-9F0B-4B343B225CA6}" = ESSBrwr
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{693C08A7-9E76-43FF-B11E-9A58175474C4}" = kgckids
"{6AF4A721-280D-40FA-8AD6-A2EC4314F16F}" = Switched-On Schoolhouse 2011 - Home Edition
"{6D3DB611-D5E8-4E4B-8952-0D3F549F9CC6}" = HP Active Support Library 32 bit components
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{6DEF11C0-35FF-4160-A543-FDD336C4DAE5}" = Microsoft SQL Server 2005 Express Edition (SOSHOME309)
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{730837D4-FF5E-48DB-BA49-33E732DFF0B3}" = PanoStandAlone
"{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}" = Microsoft SQL Server Native Client
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}" = Bing Bar
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{824D3839-DAA1-4315-A822-7AE3E620E528}" = VideoToolkit01
"{8389382B-53BA-4A87-8854-91E3D80A5AC7}" = HP Photosmart Essential2.01
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{8943CE61-53BD-475E-90E1-A580869E98A2}" = staticcr
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS
"{8A8664E1-84C8-4936-891C-BC1F07797549}" = kgcvday
"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini
"{8ECB8220-F422-4BEB-9596-97033C533702}" = QuickBooks Pro 2008
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui
"{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL
"{99C5770C-1C90-42E7-9B74-D47CFAF14621}" = muvee autoProducer 5.0
"{9BD54685-1496-46A5-AB62-357CD140ED8B}" = kgcinvt
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A00B9A50-3090-4CFF-9CDA-82DA0BEDAA21}" = Apple Mobile Device Support
"{A12A3DED-CCDA-4F29-A1BA-00F0C6521CD5}" = HP Total Care Advisor
"{A131EC70-DADF-41B5-94D3-854A4DEF8B28}" = Print Perfect DVD
"{A1588373-1D86-4D44-86C9-78ABD190F9CC}" = kgcmove
"{A16B3EA2-8798-4960-8D8B-18D3149AD617}" = OpenOffice.org 3.1
"{A1D7375C-9D57-4376-8D20-4C504C9F4D38}" = GameFinder
"{A73ACE08-4CA7-4d08-912E-EFE4DF521B39}" = c7200_Help
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9DC9256-709F-4BEA-B39D-4F11D90585AA}" = HP Smart Web Printing
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AB5E289E-76BF-4251-9F3F-9B763F681AE0}" = HP Customer Experience Enhancements
"{AC76BA86-7AD7-1033-7B44-A81000000003}" = Adobe Reader 8.1.1
"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK
"{AEA07F97-9088-497c-8821-0F36BD5DC251}" = HPProductAssistant
"{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan
"{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
"{B7FB6B99-C93C-4818-825B-37EF4B64C80C}" = PS_AIO_02_Software
"{BCD6CD1A-0DBE-412E-9F25-3B500D1E6BA1}" = SolutionCenter
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator Basic v9
"{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB84F0F2-927B-458D-9DC5-87832E3DC653}" = GearDrvs
"{CBAE4F50-9FC9-4557-AB36-9826DF3C103C}" = HP Wireless Assistant
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE26F10F-C80F-4377-908B-1B7882AE2CE3}" = Crystal Reports Basic Runtime for Visual Studio 2008
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE4888DB-CE49-485b-AA3A-A9E0F361B277}" = C7200
"{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}" = HP Active Support Library
"{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}" = getPlus(R) for Adobe
"{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}" = Destination Component
"{D25BDCF5-19F6-4d9e-B9C9-273FE81446C4}" = PS_AIO_02_ProductContext
"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare software
"{D64BC2CF-0F12-47d7-B412-B4F3FD684253}" = HP Photosmart All-In-One Software 9.0
"{D90AD053-6F8D-4658-9EB8-D57C8BE39092}" = QBFC 7.0
"{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR
"{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer
"{DCDAB2ED-5741-4C30-A1A4-0FCB8A529001}" = WordPerfect Office X4 - ICA
"{DCDAB2ED-5741-4C30-A1A4-0FCB8A529010}" = WordPerfect Office X4 - Common
"{DCDAB2ED-5741-4C30-A1A4-0FCB8A529011}" = WordPerfect Office X4 - WP
"{DCDAB2ED-5741-4C30-A1A4-0FCB8A529012}" = WordPerfect Office X4 - QP
"{DCDAB2ED-5741-4C30-A1A4-0FCB8A529013}" = WordPerfect Office X4 - PR
"{DCDAB2ED-5741-4C30-A1A4-0FCB8A529014}" = WordPerfect Office X4 - Content
"{DCDAB2ED-5741-4C30-A1A4-0FCB8A529016}" = WordPerfect Office X4 - Skins
"{DCDAB2ED-5741-4C30-A1A4-0FCB8A529017}" = WordPerfect Office X4 - Filters
"{DCDAB2ED-5741-4C30-A1A4-0FCB8A529018}" = WordPerfect Office X4 - Graphics
"{DCDAB2ED-5741-4C30-A1A4-0FCB8A529023}" = WordPerfect Office X4 - System
"{DCDAB2ED-5741-4C30-A1A4-0FCB8A529030}" = WordPerfect Office X4 - Migration Manager
"{DCDAB2ED-5741-4C30-A1A4-0FCB8A529040}" = WordPerfect Office X4 - IPM
"{DCDAB2ED-5741-4C30-A1A4-0FCB8A529046}" = WordPerfect Office X4 - IPM T EN
"{DCDAB2ED-5741-4C30-A1A4-0FCB8A529050}" = WordPerfect Office X4 - PerfectExperts
"{DCDAB2ED-5741-4C30-A1A4-0FCB8A529080}" = WordPerfect Office X4 - MAIL
"{DCDAB2ED-5741-4C30-A1A4-0FCB8A529100}" = WordPerfect Office X4 - EN
"{E1180142-3B31-4DCC-9D27-7AC2D37662BF}" = LightScribe  1.4.124.1
"{E18B549C-5D15-45DA-8D8F-8FD2BD946344}" = kgcbaby
"{E2662C24-B31E-4349-A084-32EB76E8B760}" = BufferChm
"{E3C0A1C8-F588-4A5B-87A0-08090B61DD42}" = Switched-On Schoolhouse 2011 - Home Edition Database
"{E7084B89-69E0-46B3-A118-8F99D06988CD}" = Microsoft SQL Server VSS Writer
"{E79987F0-0E34-42CC-B8FF-6C860AEEB26A}" = tooltips
"{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}" = Toolbox
"{EE690DCE-5D8D-4E52-9F72-F3ADE168A631}" = QBFC 6.0
"{EF0D2E55-6FE2-4e35-BE22-A742E85D84E3}" = PS_AIO_02_Software_min
"{F22C222C-3CE2-4A4B-A83F-AF4681371ABE}" = kgcbase
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK
"{F619E2AF-677D-49bc-9618-D60BDFB925DB}" = C7200_doccd
"{F6EE49FD-B736-4888-A05A-115F3B1160FA}" = WordPerfect Lightning - MSOM
"{F72E2DDC-3DB8-4190-A21D-63883D955FE7}" = PSSWCORE
"{F94234DB-FD06-42C3-B88D-6FC4DC9F988C}" = HP Easy Setup - Core
"{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS
"{FAB0C302-CB18-4A7A-BA03-C3DC23101A68}" = ASL_HS_Installer32
"{FCDB1C92-03C6-4C76-8625-371224256091}" = ESSPDock
"{FD8D8B04-BEAD-4A55-AA1D-62D2373E7DEA}" = Status
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.9
"avast" = avast! Free Antivirus
"CCleaner" = CCleaner
"Cisco Connect" = Cisco Connect
"CNXT_HDAUDIO" = Conexant HD Audio
"CNXT_MODEM_HDA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
"com.adobe.mauby.4875E02D9FB21EE389F73B8 D1702B320485DF8CE.1" = Acrobat.com
"Coupon Printer for Windows4.0" = Coupon Printer for Windows
"Coupon Printer for Windows5.0.0.1" = Coupon Printer for Windows
"Disney Toontown Online" = Disney Toontown Online
"Fender FUSE" = Fender FUSE 2.2.2.31
"Hauppauge MCE2005 Software Encoder" = Hauppauge MCE XP/Vista Software Encoder (2.0.24341)
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Imaging Device Functions" = HP Imaging Device Functions 9.0
"HP Photosmart Essential" = HP Photosmart Essential 2.01
"HP Smart Web Printing" = HP Smart Web Printing
"HP Solution Center & Imaging Support Tools" = HP Solution Center 9.0
"HPExtendedCapabilities" = HP Customer Participation Program 9.0
"HPOCR" = HP OCR Software 9.0
"HPOOVClient-6811507 Uninstaller" = HP Connections (remove only)
"LiveUpdate" = LiveUpdate 3.2 (Symantec Corporation)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"NVIDIA Drivers" = NVIDIA Drivers
"Photo Viewer_is1" = Photo Viewer s2.5
"PROSet" = Intel(R) Network Connections Drivers
"RegClean Pro_is1" = RegClean Pro
"SlingMedia.QPSlingPlayer_is1" = QuickPlay SlingPlayer 0.4.6
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"The Print Shop Deluxe" = The Print Shop Deluxe III
"Virtools3DLifePlayer" = Virtools 3D Life Player
"WildTangent hplaptop Master Uninstall" = My HP Games
"Zoo Vet 2" = Zoo Vet 2
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"At a Glance Photo Viewing Software" = At a Glance Photo Viewing Software
"Google Chrome" = Google Chrome
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 12/11/2011 3:59:35 PM | Computer Name = CaseysLaptop | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.19154, time stamp
 0x4e8634f0, faulting module Flash10w.ocx, version 10.3.183.7, time stamp 0x4e52e8e0,
 exception code 0xc0000005, fault offset 0x0000282b,  process id 0x7fc, application
 start time 0x01ccb83f61c99963.
 
Error - 12/11/2011 4:03:13 PM | Computer Name = CaseysLaptop | Source = Application Error | ID = 1000
Description = Faulting application AvastUI.exe, version 6.0.1367.0, time stamp 0x4ed3cb98,
 faulting module Flash10w.ocx, version 10.3.183.7, time stamp 0x4e52e8e0, exception
 code 0xc0000005, fault offset 0x0000282b,  process id 0x2c0, application start time
 0x01ccb83fde94c3b0.
 
Error - 12/11/2011 10:58:02 PM | Computer Name = CaseysLaptop | Source = EventSystem | ID = 4609
Description =
 
Error - 12/11/2011 10:59:12 PM | Computer Name = CaseysLaptop | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.19154, time stamp
 0x4e8634f0, faulting module Flash10w.ocx, version 10.3.183.7, time stamp 0x4e52e8e0,
 exception code 0xc0000005, fault offset 0x0000282b,  process id 0x650, application
 start time 0x01ccb879f1e7fc39.
 
Error - 12/11/2011 10:59:31 PM | Computer Name = CaseysLaptop | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.19154, time stamp
 0x4e8634f0, faulting module Flash10w.ocx, version 10.3.183.7, time stamp 0x4e52e8e0,
 exception code 0xc0000005, fault offset 0x0000282b,  process id 0x258, application
 start time 0x01ccb87a0d7e9770.
 
Error - 12/11/2011 11:01:16 PM | Computer Name = CaseysLaptop | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.19154, time stamp
 0x4e8634f0, faulting module Flash10w.ocx, version 10.3.183.7, time stamp 0x4e52e8e0,
 exception code 0xc0000005, fault offset 0x0000282b,  process id 0x724, application
 start time 0x01ccb87a49d289c8.
 
Error - 12/11/2011 11:02:38 PM | Computer Name = CaseysLaptop | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.19154, time stamp
 0x4e8634f0, faulting module Flash10w.ocx, version 10.3.183.7, time stamp 0x4e52e8e0,
 exception code 0xc0000005, fault offset 0x0000282e,  process id 0x414, application
 start time 0x01ccb87a6f172070.
 
Error - 12/11/2011 11:56:11 PM | Computer Name = CaseysLaptop | Source = Microsoft-Windows-CAPI2 | ID = 131584
Description =
 
Error - 12/11/2011 11:58:11 PM | Computer Name = CaseysLaptop | Source = EventSystem | ID = 4609
Description =
 
Error - 12/14/2011 4:52:51 PM | Computer Name = CaseysLaptop | Source = EventSystem | ID = 4609
Description =
 
[ Media Center Events ]
Error - 12/2/2007 8:56:08 PM | Computer Name = officedepot-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
 
Error - 12/3/2007 2:51:09 PM | Computer Name = officedepot-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
 
Error - 5/30/2008 7:40:02 AM | Computer Name = CaseysLaptop | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.
 
Error - 6/2/2008 9:24:58 AM | Computer Name = CaseysLaptop | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.
 
Error - 6/2/2008 1:12:14 PM | Computer Name = CaseysLaptop | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.
 
Error - 8/28/2008 8:01:11 AM | Computer Name = CaseysLaptop | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
 
Error - 9/16/2008 5:47:20 PM | Computer Name = CaseysLaptop | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
 
Error - 6/9/2009 8:09:34 AM | Computer Name = CaseysLaptop | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
 
Error - 7/16/2009 8:08:54 PM | Computer Name = CaseysLaptop | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError
 returned 10000105  Process: DefaultDomain Object Name: Media Center Guide
 
Error - 3/15/2011 1:29:02 AM | Computer Name = CaseysLaptop | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError
 returned 10000105  Process: DefaultDomain Object Name: Media Center Guide
 
[ OSession Events ]
Error - 4/14/2008 6:09:03 PM | Computer Name = CaseysLaptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
 12.0.6214.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 14175
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 6/2/2008 7:07:30 PM | Computer Name = CaseysLaptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
 12.0.6214.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 1600
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 9/10/2010 9:50:26 PM | Computer Name = CaseysLaptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
 12.0.6214.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 36924
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 2/11/2011 1:06:50 PM | Computer Name = CaseysLaptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6211.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 92
 seconds with 60 seconds of active time.  This session ended with a crash.
 
[ System Events ]
Error - 12/14/2011 4:52:02 PM | Computer Name = CaseysLaptop | Source = DCOM | ID = 10005
Description =
 
Error - 12/14/2011 4:52:02 PM | Computer Name = CaseysLaptop | Source = LSM | ID = 1048
Description =
 
Error - 12/14/2011 4:52:41 PM | Computer Name = CaseysLaptop | Source = DCOM | ID = 10005
Description =
 
Error - 12/14/2011 4:52:51 PM | Computer Name = CaseysLaptop | Source = DCOM | ID = 10005
Description =
 
Error - 12/14/2011 4:52:57 PM | Computer Name = CaseysLaptop | Source = DCOM | ID = 10005
Description =
 
Error - 12/14/2011 4:53:01 PM | Computer Name = CaseysLaptop | Source = DCOM | ID = 10005
Description =
 
Error - 12/14/2011 4:53:03 PM | Computer Name = CaseysLaptop | Source = DCOM | ID = 10005
Description =
 
Error - 12/14/2011 4:53:13 PM | Computer Name = CaseysLaptop | Source = Service Control Manager | ID = 7001
Description =
 
Error - 12/14/2011 4:53:13 PM | Computer Name = CaseysLaptop | Source = Service Control Manager | ID = 7026
Description =
 
Error - 12/14/2011 4:54:03 PM | Computer Name = CaseysLaptop | Source = Service Control Manager | ID = 7001
Description =
 
 
< End of report >

[SuperDave]

A problem has been detected and windows has been shut down to prevent damage to your computer.
This is a whole page message, and I can tell you all of it if you need it. 

Could you please give me the whole message?

[casey071]

A problem has been detected and windows has been shut down to prevent damage to your computer

Attempt to reset the display driver and recover from timeout failed.

If this is the first time you've seen this stop error screen, restart your computer. If this screen appears again, follow these steps:

Check to make sure any new hardware or software is properly installed. If this is a new installation, ask your hardware or software manufacturer for any windows updates you might need.

If problems continue, disable or remove any newly installed hardware or software.  Disable BIOS memory options such as caching or shadowing. If you need to use safe mode to remove or disable components, restart your computer, press F8 to select Advanced Startup options, and then select safe mode.

Technical information:

*** STOP: 0x00000116 (0x857F3510, 0x8D013A70, 0x00000000, 0x00000002)

*** nvlddmkm.sys - Address 8D013A70 base at 8D00A000, DateStamp 493750e2

Collecting data for crash dump...
Initializing disk for crash dump...
Beginning dump of physical memory.
Dumping physical memory to disk: 100
Physical memory dump complete.
Contact your system admin or technical support group for further assistance. 

[SuperDave]

Let's run a few more scans to see what turns up.

Please download aswMBR.exe ( 511KB ) to your desktop.

Double click the aswMBR.exe to run it



Click the "Scan" button to start scan

Note: Do not take action against any **Rootkit** entries until I have reviewed the log. Often there are false positives



On completion of the scan click save log, save it to your desktop and post in your next reply
*************************************************
Download Bootkit Remover to your Desktop.

�You then need to extract the remover.exe file from the RAR using a program capable of extracing RAR compressed files. If you don't have an extraction program, you can use 7-Zip

�After extracing remover.exe to your Desktop, double-click on remover.exe to run the program (Vista/7 users,right click on remover.exe and click Run As Administrator.

�It will show a Black screen with some data on it.

�Right click on the screen and click Select All.

�Press Enter

�Open a Notepad and press CTRL V

�Post the output back here.

[casey071]

3�� �׼ z� �Ύێ���r  
  z          f�U�B� |2�f�" � ����� �>�U�ì
�t��� ���_f�QPH_�s3ۀ�

����* ��
� 8mt9��u!f�RECOf9t f9�u
�* ���E ��E<t
<t$�<u��-����t�t���N
uG�N
uD�|�u;�=f3��D��
����u�} uB�=�t=����Jt�6Q
�>��6S
�7�� �����  * �E�����&N
�f3�� z�C�������6O
u�� | 
PW
\
c
h
Err2
Err1 Err3
Press F11 for Emergency Recovery  s a key
                                 M
�
]I  �

���?   e{�  ������{��                                 U�

[casey071]

I clicked on the link for the BootKit Remover and it said:
Not Found
The requested URL /files/bootkit_remover.rar was not found on this server.


--------------------------------------------------------------------------------

Apache/2.2.16 (Debian) Server at www.esagelab.com Port 80

[SuperDave]

I clicked on the link for the BootKit Remover and it said:
Not Found

Sorry about that. I'll check it out.
We think that you are experiencing a video card/or driver problem. Please check you Device Manager to see if there are any yellow warning signs.

[casey071]

I right clicked on My Computer, then I saw Device Manager. I clicked on that.
Under System Devices there is a yellow warning sign on Consumer IR Devices. I think that is the only one. It's hard to see because I'm using safe mode.

[SuperDave]

Can you try updating the video card driver?

[casey071]

Sure, If you can tell me how?

[SuperDave]

Here you go.

[casey071]

Ok, I fixed the Driver

[SuperDave]

Ok, I fixed the Driver

Any change?

[casey071]

no, Still black screen, and when I tried to restart it without going into safe mode, still the same error message came up

A problem has been detected and windows has been shut down to prevent damage to your computer

Attempt to reset the display driver and recover from timeout failed.

If this is the first time you've seen this stop error screen, restart your computer. If this screen appears again, follow these steps:

Check to make sure any new hardware or software is properly installed. If this is a new installation, ask your hardware or software manufacturer for any windows updates you might need.

If problems continue, disable or remove any newly installed hardware or software.  Disable BIOS memory options such as caching or shadowing. If you need to use safe mode to remove or disable components, restart your computer, press F8 to select Advanced Startup options, and then select safe mode.

Technical information:

*** STOP: 0x00000116 (0x857F3510, 0x8D013A70, 0x00000000, 0x00000002)

*** nvlddmkm.sys - Address 8D013A70 base at 8D00A000, DateStamp 493750e2

Collecting data for crash dump...
Initializing disk for crash dump...
Beginning dump of physical memory.
Dumping physical memory to disk: 100
Physical memory dump complete.
Contact your system admin or technical support group for further assistance. 

[SuperDave]

Everything points to the video card now.