1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

odd Rundll problem

Discussion in 'Virus & Other Malware Removal' started by carsncats, Aug 5, 2012.

Thread Status:
Not open for further replies.
Advertisement
  1. carsncats

    carsncats Thread Starter

    Joined:
    Jan 14, 2004
    Messages:
    84
    Hello
    I have an odd Rundll problem. Checked here and seen plenty but mine is a little different.
    I get Rundll error box with : Problem starting C:\User\ Me\appdata\Local\Temp
    specific module could not be found.... Nothing after \Temp ...

    I bought this used laptop and it was like a new user..sign up went ok...I put on : Superantispyware( found only cookies),
    Zonealarm, Then Removed : Norton antivirus...
    and then this rundll problem happened when it starts to Desktop..

    I continued with adding Avast, Malwarebytes (it found 1 trogan.BHO and removed it)
    ran all Win updates.... so would like to fix this before I add all my other little stuff...
    thank you for your time...

    -------------- --------------------- ---------------


    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 4:53:56 PM, on 8/5/2012
    Platform: Windows 7 (WinNT 6.00.3504)
    MSIE: Internet Explorer v9.00 (9.00.8112.16447)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
    C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\mswinext.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
    C:\Program Files\AVAST Software\Avast\AvastUI.exe
    C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\PROGRA~2\AD-AWA~1\AdAware.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
    C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
    C:\Users\Judy\Downloads\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=userinit.exe,
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Zonealarm Helper Object - {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.6.4.5\bh\zonealarm.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Ad-Aware Security Toolbar - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
    O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll
    O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\npwinext.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: @C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\npwinext.dll
    O3 - Toolbar: ZoneAlarm Security Toolbar - {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.6.4.5\zonealarmTlbr.dll
    O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll
    O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O3 - Toolbar: Ad-Aware Security Toolbar - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKLM\..\Run: [Bing Bar] "C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\mswinext.exe"
    O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
    O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
    O4 - HKLM\..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
    O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
    O4 - HKLM\..\Run: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"
    O4 - HKLM\..\Run: [Ad-Aware Antivirus] "C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher" --windows-run
    O4 - HKCU\..\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
    O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
    O4 - HKCU\..\Run: [ATI] rundll32.exe "C:\Users\Judy\AppData\Local\Temp\",CreateInstance
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    O23 - Service: Ad-Aware Service - Lavasoft Limited - C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
    O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    O23 - Service: CinemaNow Service - CinemaNow, Inc. - C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
    O23 - Service: HP Health Check Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
    O23 - Service: HP Wireless Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
    O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
    O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: HPWMISVC - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
    O23 - Service: ZoneAlarm LTD Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: RtVOsdService Installer (RtVOsdService) - Realtek Semiconductor Corp. - C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Ad-Aware (SBAMSvc) - GFI Software - C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --
    End of file - 12026 bytes
     
  2. carsncats

    carsncats Thread Starter

    Joined:
    Jan 14, 2004
    Messages:
    84
    Hello ...
    I was wondering -is this something that can be harmless and live with ....Or very risky to continue using ?
    Again thank you for any input...
     
  3. Mark1956

    Mark1956 Malware Specialist

    Joined:
    May 7, 2011
    Messages:
    14,142
    Hi Carsncats, my name is Mark and I will be helping you.

    This might be Malware related but many Rundll errors are related to partially uninstalled software and as you got the PC second hand you obviously won't have a clue as to what that may have been.

    Please go Here and follow the instructions to post both the logs produced by DDS. This may help me to be able to identify the cause.

    I would also recommend you uninstall Adaware as you are now running two Anti Virus programs which is likely to cause more problems.

    Apart from the Rundll error is there any other performance issue? if not then this is most likely to be due to a bad uninstall.
     
  4. carsncats

    carsncats Thread Starter

    Joined:
    Jan 14, 2004
    Messages:
    84
    Tech Support Guy System Info Utility version 1.0.0.2
    OS Version: Microsoft Windows 7 Home Premium, 64 bit
    Processor: AMD Athlon(tm) II P340 Dual-Core Processor, AMD64 Family 16 Model 6 Stepping 3
    Processor Count: 2
    RAM: 2810 Mb
    Graphics Card: AMD M880G with ATI Mobility Radeon HD 4250, 256 Mb
    Hard Drives: C: Total - 287178 MB, Free - 247822 MB; D: Total - 17761 MB, Free - 2569 MB;
    Motherboard: Hewlett-Packard, 1444
    Antivirus: ZoneAlarm Antivirus, Updated and Enabled

    .....................

    I got rid of Adaware....
    It works great on the internet....
    It hangs when I have to go to Program files...

    I did not download, gmer yet...til I get your ok, I have 64 bit
    Win 7...
    ........
    .
    DDS (Ver_2011-08-26.01) - NTFSAMD64
    Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_33
    Run by Judy at 22:26:29 on 2012-08-07
    Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.2811.771 [GMT -5:00]
    .
    AV: ZoneAlarm Antivirus *Enabled/Updated* {DE038A5B-9EDD-18A9-2361-FF7D98D43730}
    AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
    SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: ZoneAlarm Anti-Spyware *Enabled/Updated* {65626BBF-B8E7-1727-19D1-C40FE3537D8D}
    FW: ZoneAlarm Firewall *Enabled* {E6380B7E-D4B2-19F1-083E-56486607704B}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\system32\atiesrxx.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\servicing\TrustedInstaller.exe
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
    C:\Windows\system32\WLANExt.exe
    C:\Windows\system32\conhost.exe
    C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
    C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
    C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
    C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
    C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
    C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\atieclxx.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
    C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
    C:\Program Files\Realtek\RtVOsd\RtVOsd.exe
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\taskhost.exe
    C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\wuauclt.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
    C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\mswinext.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
    C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
    C:\Program Files\AVAST Software\Avast\AvastUI.exe
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
    C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
    C:\Windows\SysWOW64\cmd.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\SysWOW64\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    mWinlogon: Userinit=userinit.exe,
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: Zonealarm Helper Object: {2a841f7a-a014-4da5-b6d9-8b913dfb7a8c} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.6.4.5\bh\zonealarm.dll
    BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
    BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
    BHO: ZoneAlarm Security Engine Registrar: {8a4a36c2-0535-4d2c-bd3d-496cb7eed6e3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll
    BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\npwinext.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    TB: @C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\npwinext.dll
    TB: ZoneAlarm Security Toolbar: {438fae3e-bdef-44d3-ab8b-0c7c8350df59} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.6.4.5\zonealarmTlbr.dll
    TB: ZoneAlarm Security Engine: {ee2ac4e5-b0b0-4ec6-88a9-bca1a32ab107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll
    TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    uRun: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
    uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
    uRun: [ATI] rundll32.exe "C:\Users\Judy\AppData\Local\Temp\",CreateInstance
    uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    mRun: [Bing Bar] "C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\mswinext.exe"
    mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
    mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
    mRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
    mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
    TCP: DhcpNameServer = 192.168.1.1 74.40.74.40
    TCP: Interfaces\{4093B978-6079-487D-B1B9-701945BBD2BC} : DhcpNameServer = 192.168.1.1 74.40.74.40
    mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
    BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO-X64: AcroIEHelperStub - No File
    BHO-X64: Zonealarm Helper Object: {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.6.4.5\bh\zonealarm.dll
    BHO-X64: Zonealarm Helper Object - No File
    BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
    BHO-X64: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    BHO-X64: Search Helper - No File
    BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
    BHO-X64: ZoneAlarm Security Engine Registrar: {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll
    BHO-X64: ZoneAlarm Security Engine Registrar - No File
    BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO-X64: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\npwinext.dll
    BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    TB-X64: @C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\npwinext.dll
    TB-X64: ZoneAlarm Security Toolbar: {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.6.4.5\zonealarmTlbr.dll
    TB-X64: ZoneAlarm Security Engine: {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll
    TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    mRun-x64: [Bing Bar] "C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\mswinext.exe"
    mRun-x64: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
    mRun-x64: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
    mRun-x64: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
    mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun-x64: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
    mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\Judy\AppData\Roaming\Mozilla\Firefox\Profiles\kukt3tog.default\
    FF - prefs.js: browser.startup.homepage - hxxp://frontier.my.yahoo.com/?_bc=1
    FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=
    FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
    FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrlui.dll
    FF - plugin: C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\npwinext.dll
    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll
    FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
    FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll
    FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
    .
    ---- FIREFOX POLICIES ----
    FF - user.js: extensions.zonealarm.autoRvrt - false
    FF - user.js: extensions.zonealarm_i.newTab - false
    FF - user.js: extensions.zonealarm.tlbrSrchUrl - hxxp://search.zonealarm.com/search?Source=ToolBar&oemCode=ZLN114134832492407-1001&toolbarId=base&affiliateId=1001&Lan={dfltLng}&utid=2250e7af0000000000004c0f6e69dcbb&q=
    FF - user.js: extensions.zonealarm.id - 2250e7af0000000000004c0f6e69dcbb
    FF - user.js: extensions.zonealarm.instlDay - 15556
    FF - user.js: extensions.zonealarm.vrsn - 1.6.4.5
    FF - user.js: extensions.zonealarm.vrsni - 1.6.4.5
    FF - user.js: extensions.zonealarm_i.vrsnTs - 1.6.4.51:19:56
    FF - user.js: extensions.zonealarm.prtnrId - checkpoint
    FF - user.js: extensions.zonealarm.prdct - zonealarm
    FF - user.js: extensions.zonealarm.aflt - 1001
    FF - user.js: extensions.zonealarm_i.smplGrp - none
    FF - user.js: extensions.zonealarm.tlbrId - base
    FF - user.js: extensions.zonealarm.instlRef - ZLN114134832492407-1001
    FF - user.js: extensions.zonealarm.dfltLng - en
    FF - user.js: extensions.zonealarm.excTlbr - false
    FF - user.js: extensions.zonealarm.admin - false
    .
    ============= SERVICES / DRIVERS ===============
    .
    R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]
    R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]
    R1 kl2;kl2;C:\Windows\system32\DRIVERS\kl2.sys --> C:\Windows\system32\DRIVERS\kl2.sys [?]
    R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
    R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
    R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
    R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2011-8-11 140672]
    R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2010-10-24 98208]
    R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
    R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]
    R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]
    R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-8-4 44808]
    R2 CinemaNow Service;CinemaNow Service;C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe [2010-5-21 140272]
    R2 ISWKL;ZoneAlarm LTD Toolbar ISWKL;C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys [2012-7-14 33712]
    R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atipmdag.sys --> C:\Windows\system32\DRIVERS\atipmdag.sys [?]
    R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
    R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys --> C:\Windows\system32\DRIVERS\usbfilter.sys [?]
    S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-8-4 250056]
    S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys --> C:\Windows\system32\DRIVERS\netw5v64.sys [?]
    S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers\RtsUStor.sys [?]
    S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?]
    S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?]
    S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?]
    S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]
    .
    =============== Created Last 30 ================
    .
    2012-08-08 02:42:04 -------- d-----w- C:\ProgramData\GFI Software
    2012-08-08 00:49:11 -------- d-----w- C:\ProgramData\{A8DA1505-E615-42BB-BB77-74D5CC91FE7E}
    2012-08-05 23:17:22 -------- d-----w- C:\Program Files (x86)\MSXML 4.0
    2012-08-05 20:45:20 -------- d-----w- C:\Windows\SysWow64\Wat
    2012-08-05 20:45:20 -------- d-----w- C:\Windows\System32\Wat
    2012-08-05 20:29:25 367104 ----a-w- C:\Windows\System32\wcncsvc.dll
    2012-08-05 20:29:22 276992 ----a-w- C:\Windows\SysWow64\wcncsvc.dll
    2012-08-05 20:25:14 3147264 ----a-w- C:\Windows\System32\win32k.sys
    2012-08-05 19:31:55 99176 ----a-w- C:\Windows\SysWow64\PresentationHostProxy.dll
    2012-08-05 19:31:55 49472 ----a-w- C:\Windows\SysWow64\netfxperf.dll
    2012-08-05 19:31:55 297808 ----a-w- C:\Windows\SysWow64\mscoree.dll
    2012-08-05 19:31:55 295264 ----a-w- C:\Windows\SysWow64\PresentationHost.exe
    2012-08-05 19:31:54 48960 ----a-w- C:\Windows\System32\netfxperf.dll
    2012-08-05 19:31:54 444752 ----a-w- C:\Windows\System32\mscoree.dll
    2012-08-05 19:31:54 320352 ----a-w- C:\Windows\System32\PresentationHost.exe
    2012-08-05 19:31:54 1130824 ----a-w- C:\Windows\SysWow64\dfshim.dll
    2012-08-05 19:31:54 109912 ----a-w- C:\Windows\System32\PresentationHostProxy.dll
    2012-08-05 19:31:53 1942856 ----a-w- C:\Windows\System32\dfshim.dll
    2012-08-05 19:10:18 22896 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
    2012-08-05 19:10:17 80896 ----a-w- C:\Windows\System32\imagehlp.dll
    2012-08-05 19:10:15 158720 ----a-w- C:\Windows\SysWow64\imagehlp.dll
    2012-08-05 19:10:13 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
    2012-08-05 19:10:11 220672 ----a-w- C:\Windows\System32\wintrust.dll
    2012-08-05 19:10:08 5120 ----a-w- C:\Windows\System32\wmi.dll
    2012-08-05 19:10:07 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
    2012-08-05 19:04:24 184832 ----a-w- C:\Windows\System32\drivers\usbvideo.sys
    2012-08-05 19:04:21 243712 ----a-w- C:\Windows\System32\drivers\ks.sys
    2012-08-04 23:12:37 -------- d-----w- C:\Users\Judy\AppData\Roaming\Malwarebytes
    2012-08-04 23:12:10 -------- d-----w- C:\ProgramData\Malwarebytes
    2012-08-04 23:12:07 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2012-08-04 23:12:06 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2012-08-04 21:19:03 -------- d-----w- C:\Users\Judy\AppData\Local\CrashDumps
    2012-08-04 20:34:49 -------- d-----w- C:\Users\Judy\AppData\Local\Downloaded Installations
    2012-08-04 20:32:57 -------- d-----w- C:\Users\Judy\AppData\Local\adawarebp
    2012-08-04 20:01:57 -------- d-----w- C:\Users\Judy\AppData\Local\Google
    2012-08-04 20:01:46 54072 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
    2012-08-04 20:01:39 958400 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
    2012-08-04 20:01:34 71064 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
    2012-08-04 20:00:44 41224 ----a-w- C:\Windows\avastSS.scr
    2012-08-04 20:00:30 -------- d-----w- C:\ProgramData\AVAST Software
    2012-08-04 20:00:30 -------- d-----w- C:\Program Files\AVAST Software
    2012-08-04 18:47:59 148992 ----a-w- C:\Windows\System32\t2embed.dll
    2012-08-04 18:47:59 109056 ----a-w- C:\Windows\SysWow64\t2embed.dll
    2012-08-04 18:45:55 552960 ----a-w- C:\Windows\System32\msdri.dll
    2012-08-04 18:43:41 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
    2012-08-04 18:42:48 27008 ----a-w- C:\Windows\System32\drivers\Diskdump.sys
    2012-08-04 18:41:52 640896 ----a-w- C:\Windows\System32\winload.efi
    2012-08-04 18:40:56 64512 ----a-w- C:\Windows\SysWow64\devobj.dll
    2012-08-04 18:39:51 1895280 ----a-w- C:\Windows\System32\drivers\tcpip.sys
    2012-08-04 18:24:54 77312 ----a-w- C:\Windows\System32\packager.dll
    2012-08-04 18:24:54 67072 ----a-w- C:\Windows\SysWow64\packager.dll
    2012-08-04 06:21:54 11864 ----a-w- C:\Windows\System32\drivers\kl2.sys
    2012-08-04 06:21:52 460888 ----a-w- C:\Windows\System32\drivers\kl1.sys
    2012-08-04 06:21:11 374664 ----a-w- C:\Windows\System32\drivers\netio.sys
    2012-08-04 06:20:25 -------- d-----w- C:\Users\Judy\AppData\Roaming\CheckPoint
    2012-08-04 06:20:02 -------- d-----w- C:\Program Files\CheckPoint
    2012-08-04 06:19:56 -------- d-----w- C:\Program Files (x86)\Check Point Software Technologies LTD
    2012-08-04 06:19:35 -------- d-----w- C:\Program Files (x86)\CheckPoint
    2012-08-04 06:19:34 -------- d-----w- C:\ProgramData\CheckPoint
    2012-08-04 05:45:00 -------- d-----w- C:\Users\Judy\AppData\Roaming\SUPERAntiSpyware.com
    2012-08-04 05:44:00 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
    2012-08-04 05:44:00 -------- d-----w- C:\Program Files\SUPERAntiSpyware
    2012-08-04 05:35:59 476976 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll
    2012-08-04 05:26:01 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2012-08-04 05:26:01 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2012-08-03 23:47:39 -------- d-----w- C:\Users\Judy\AppData\Local\ATI
    2012-08-03 23:47:04 -------- d-----w- C:\Program Files\Symantec
    2012-08-03 23:46:43 -------- d-----w- C:\Users\Judy\AppData\Roaming\hpqLog
    2012-08-03 23:43:53 826368 ----a-w- C:\Windows\SysWow64\rdpcore.dll
    2012-08-03 23:43:53 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
    2012-08-03 23:43:53 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
    2012-08-03 23:32:55 -------- d-----w- C:\Users\Judy\AppData\Local\ElevatedDiagnostics
    2012-08-03 23:24:27 9133488 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3FFCA836-5C1A-4DB6-81B0-ABAA3325AB5A}\mpengine.dll
    2012-08-03 23:16:16 -------- d-----w- C:\Users\Judy\AppData\Local\Hewlett-Packard
    2012-08-03 16:54:09 2622464 ----a-w- C:\Windows\System32\wucltux.dll
    2012-08-03 16:54:03 99840 ----a-w- C:\Windows\System32\wudriver.dll
    2012-07-30 19:27:20 -------- d-----w- C:\ProgramData\Recovery
    .
    ==================== Find3M ====================
    .
    2012-08-04 05:35:52 472880 ----a-w- C:\Windows\SysWow64\deployJava1.dll
    2012-06-06 05:50:50 2003968 ----a-w- C:\Windows\System32\msxml6.dll
    2012-06-06 05:50:50 1880064 ----a-w- C:\Windows\System32\msxml3.dll
    2012-06-06 05:09:46 1389568 ----a-w- C:\Windows\SysWow64\msxml6.dll
    2012-06-06 05:09:46 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
    2012-06-02 20:19:42 186752 ----a-w- C:\Windows\System32\wuwebv.dll
    2012-06-02 20:15:12 36864 ----a-w- C:\Windows\System32\wuapp.exe
    2012-06-02 05:38:26 95088 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
    2012-06-02 05:38:24 152432 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
    2012-06-02 05:37:45 459216 ----a-w- C:\Windows\System32\drivers\cng.sys
    2012-06-02 05:27:02 340992 ----a-w- C:\Windows\System32\schannel.dll
    2012-06-02 05:27:00 307200 ----a-w- C:\Windows\System32\ncrypt.dll
    2012-06-02 04:48:39 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
    2012-06-02 04:48:35 225280 ----a-w- C:\Windows\SysWow64\schannel.dll
    2012-06-02 04:47:31 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll
    2012-06-02 04:42:51 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
    2012-05-28 12:09:04 2168416 ----a-w- C:\Windows\System32\coin91.dll
    .
    ============= FINISH: 22:30:02.67 ===============


    ....
    I am working on zip file.Want to post this much now...just incase...
    Thank you so much for helping me....
     
  5. carsncats

    carsncats Thread Starter

    Joined:
    Jan 14, 2004
    Messages:
    84
    Hello,
    I am going to try to attach the last file...I am not good with zip files..So Please don't be mad , if it doesn't work right...
    I tried to read up and put on winzip...

    .....
    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2011-08-26.01)
    .
    Microsoft Windows 7 Home Premium
    Boot Device: \Device\HarddiskVolume1
    Install Date: 8/3/2012 11:53:21 AM
    System Uptime: 8/7/2012 10:02:19 PM (0 hours ago)
    .
    Motherboard: Hewlett-Packard | | 1444
    Processor: AMD Athlon(tm) II P340 Dual-Core Processor | Socket S1G4 | 2200/200mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 280 GiB total, 241.673 GiB free.
    D: is FIXED (NTFS) - 17 GiB total, 2.509 GiB free.
    E: is CDROM ()
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Description: SBRE
    Device ID: ROOT\LEGACY_SBRE\0000
    Manufacturer:
    Name: SBRE
    PNP Device ID: ROOT\LEGACY_SBRE\0000
    Service: SBRE
    .
    ==== System Restore Points ===================
    .
    RP2: 8/3/2012 12:08:42 PM - First_User_Boot
    RP3: 8/3/2012 6:46:37 PM - Windows Update
    RP4: 8/4/2012 12:34:58 AM - Installed Java(TM) 6 Update 33
    RP5: 8/4/2012 1:20:38 AM - Windows Update
    RP6: 8/4/2012 3:00:01 PM - avast! Free Antivirus Setup
    RP7: 8/5/2012 2:00:24 PM - Windows Update
    RP8: 8/5/2012 6:12:35 PM - Windows Update
    RP9: 8/6/2012 2:49:53 PM - Windows Update
    RP10: 8/7/2012 7:50:14 PM - Installed HP Support Assistant
    RP11: 8/7/2012 8:01:42 PM - Windows Modules Installer
    RP12: 8/7/2012 8:03:35 PM - Windows Modules Installer
    RP13: 8/7/2012 8:25:05 PM - Removed Ad-Aware Antivirus.
    .
    ==== Installed Programs ======================
    .
    Acrobat.com
    Adobe AIR
    Adobe Flash Player 11 ActiveX
    Adobe Reader 9.3 MUI
    Adobe Shockwave Player 11.5
    AMD USB Filter Driver
    Atheros Driver Installation Program
    avast! Free Antivirus
    Bejeweled 2 Deluxe
    Bing Bar
    Bing Bar Platform
    Blackhawk Striker 2
    Build-a-lot 2
    Catalyst Control Center - Branding
    Catalyst Control Center Core Implementation
    Catalyst Control Center Graphics Full Existing
    Catalyst Control Center Graphics Full New
    Catalyst Control Center Graphics Light
    Catalyst Control Center Graphics Previews Common
    Catalyst Control Center Graphics Previews Vista
    Catalyst Control Center InstallProxy
    Catalyst Control Center Localization All
    ccc-core-static
    CCC Help Chinese Standard
    CCC Help Chinese Traditional
    CCC Help Czech
    CCC Help Danish
    CCC Help Dutch
    CCC Help English
    CCC Help Finnish
    CCC Help French
    CCC Help German
    CCC Help Greek
    CCC Help Hungarian
    CCC Help Italian
    CCC Help Japanese
    CCC Help Korean
    CCC Help Norwegian
    CCC Help Polish
    CCC Help Portuguese
    CCC Help Russian
    CCC Help Spanish
    CCC Help Swedish
    CCC Help Thai
    CCC Help Turkish
    Chuzzle Deluxe
    CinemaNow Media Manager
    Cisco EAP-FAST Module
    Cisco LEAP Module
    Cisco PEAP Module
    CyberLink DVD Suite
    CyberLink MediaShow
    CyberLink PowerDVD 9
    CyberLink YouCam
    Diner Dash 2 Restaurant Rescue
    Dora's Carnival Adventure
    Energy Star Digital Logo
    Escape Rosecliff Island
    ESU for Microsoft Windows 7
    FATE
    Final Drive Nitro
    Heroes of Hellas 2 - Olympia
    Hewlett-Packard ACLM.NET v1.1.2.0
    HP Advisor
    HP Customer Experience Enhancements
    HP Documentation
    HP Game Console
    HP Games
    HP MediaSmart CinemaNow 2.0
    HP Photo Creations
    HP Power Manager
    HP Quick Launch
    HP Setup
    HP Software Framework
    HP Support Assistant
    Java Auto Updater
    Java(TM) 6 Update 33
    Jewel Quest 3
    Jewel Quest Solitaire 2
    Junk Mail filter update
    LabelPrint
    LightScribe System Software
    Malwarebytes Anti-Malware version 1.62.0.1300
    Microsoft Choice Guard
    Microsoft Default Manager
    Microsoft Office 2010
    Microsoft Search Enhancement Pack
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft WSE 3.0 Runtime
    Mozilla Firefox 14.0.1 (x86 en-US)
    Mozilla Maintenance Service
    MSVCRT
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    Norton Online Backup
    Penguins!
    PhotoNow!
    Plants vs. Zombies
    Poker Superstars III
    Polar Bowler
    Polar Golfer
    Power2Go
    PowerDirector
    Realtek Ethernet Controller Driver For Windows 7
    Realtek High Definition Audio Driver
    Realtek USB 2.0 Card Reader
    Recovery Manager
    Roxio CinemaNow 2.0
    Virtual Families
    Virtual Villagers - The Secret City
    Wheel of Fortune 2
    Windows Live Call
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Mail
    Windows Live Messenger
    Windows Live Movie Maker
    Windows Live Photo Gallery
    Windows Live Sync
    Windows Live Upload Tool
    Windows Live Writer
    ZoneAlarm Antivirus
    ZoneAlarm Firewall
    ZoneAlarm Free Antivirus + Firewall
    ZoneAlarm Security
    ZoneAlarm Security Toolbar
    Zuma Deluxe
    .
    ==== Event Viewer Messages From Past Week ========
    .
    8/7/2012 9:54:44 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Dnscache service.
    8/7/2012 9:46:16 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the HP Support Assistant Service service to connect.
    8/7/2012 9:46:16 PM, Error: Service Control Manager [7000] - The HP Support Assistant Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    8/7/2012 9:39:30 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
    8/7/2012 9:39:29 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
    8/7/2012 9:39:28 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
    8/7/2012 9:39:20 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
    8/7/2012 9:39:20 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
    8/7/2012 9:39:19 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
    8/7/2012 9:39:13 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
    8/7/2012 9:39:02 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD aswRdr aswSnx aswSP aswTdi DfsC discache kl2 KLIF NetBIOS NetBT nsiproxy Psched rdbss SASDIFSV SASKUTIL spldr tdx Vsdatant vwififlt Wanarpv6 WfpLwf
    8/7/2012 9:39:02 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
    8/7/2012 9:39:02 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
    8/7/2012 9:39:02 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
    8/7/2012 9:39:02 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
    8/7/2012 9:39:02 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
    8/7/2012 9:38:59 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
    8/7/2012 9:38:59 PM, Error: Service Control Manager [7001] - The TrueVector Internet Monitor service depends on the Zone Alarm Firewall Driver service which failed to start because of the following error: A device attached to the system is not functioning.
    8/7/2012 9:38:59 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
    8/7/2012 9:38:59 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
    8/7/2012 9:38:59 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
    8/7/2012 9:38:59 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
    8/7/2012 9:22:41 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service.
    8/7/2012 9:08:53 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WerSvc service.
    8/7/2012 9:06:31 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.
    8/7/2012 8:16:52 PM, Error: Service Control Manager [7043] - The Windows Update service did not shut down properly after receiving a preshutdown control.
    8/7/2012 8:01:02 PM, Error: Service Control Manager [7031] - The Windows Modules Installer service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
    8/7/2012 6:26:13 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Modules Installer service to connect.
    8/7/2012 6:26:13 PM, Error: Service Control Manager [7000] - The Windows Modules Installer service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    8/7/2012 6:26:13 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service TrustedInstaller with arguments "" in order to run the server: {752073A1-23F2-4396-85F0-8FDB879ED0ED}
    8/7/2012 6:08:00 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.
    8/7/2012 6:08:00 PM, Error: Service Control Manager [7000] - The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    8/7/2012 10:03:16 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: SBRE
    8/6/2012 3:13:45 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Installer service to connect.
    8/6/2012 3:13:45 PM, Error: Service Control Manager [7000] - The Windows Installer service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    8/6/2012 3:06:46 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
    8/6/2012 2:43:43 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the HP Wireless Assistant Service service to connect.
    8/6/2012 2:43:43 PM, Error: Service Control Manager [7000] - The HP Wireless Assistant Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    8/6/2012 2:43:12 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the HP Health Check Service service to connect.
    8/6/2012 2:43:12 PM, Error: Service Control Manager [7000] - The HP Health Check Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    8/5/2012 4:48:53 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service hpqwmiex with arguments "" in order to run the server: {F5539356-2F02-40D4-999E-FA61F45FE12E}
    8/5/2012 4:48:51 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the HP Software Framework Service service to connect.
    8/5/2012 4:48:51 PM, Error: Service Control Manager [7000] - The HP Software Framework Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    8/5/2012 4:02:52 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Update for Windows 7 for x64-based Systems (KB2703157).
    8/5/2012 4:02:52 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Update for Internet Explorer 8 Compatibility View List for Windows 7 for x64-based Systems (KB2598845).
    8/5/2012 4:02:40 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Security Update for Internet Explorer 8 for Windows 7 for x64-based Systems (KB2544521).
    8/5/2012 4:00:33 PM, Error: Service Control Manager [7023] -
    8/5/2012 3:49:56 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the vsmon service.
    8/5/2012 3:49:26 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SBAMSvc service.
    8/5/2012 3:48:58 PM, Error: Service Control Manager [7038] - The avast! Antivirus service was unable to log on as NT AUTHORITY\SYSTEM with the currently configured password due to the following error: The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
    8/5/2012 3:48:58 PM, Error: Service Control Manager [7000] - The avast! Antivirus service failed to start due to the following error: The service did not start due to a logon failure.
    8/5/2012 3:48:53 PM, Error: Service Control Manager [7031] - The avast! Antivirus service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
    8/5/2012 3:48:30 PM, Error: Service Control Manager [7034] - The SeaPort service terminated unexpectedly. It has done this 1 time(s).
    8/5/2012 3:48:28 PM, Error: Service Control Manager [7034] - The Ad-Aware Service service terminated unexpectedly. It has done this 1 time(s).
    8/5/2012 3:48:25 PM, Error: Service Control Manager [7034] - The HPWMISVC service terminated unexpectedly. It has done this 1 time(s).
    8/5/2012 3:48:24 PM, Error: Service Control Manager [7034] - The CinemaNow Service service terminated unexpectedly. It has done this 1 time(s).
    8/5/2012 3:48:22 PM, Error: Service Control Manager [7034] - The HP Quick Synchronization Service service terminated unexpectedly. It has done this 1 time(s).
    8/5/2012 3:48:07 PM, Error: Service Control Manager [7031] - The avast! Antivirus service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
    8/5/2012 3:47:29 PM, Error: Service Control Manager [7023] - The Security Center service terminated with the following error: The process cannot access the file because it is being used by another process.
    8/5/2012 3:46:34 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the RtVOsdService Installer service to connect.
    8/5/2012 3:46:34 PM, Error: Service Control Manager [7000] - The RtVOsdService Installer service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    8/5/2012 3:41:09 PM, Error: Service Control Manager [7043] - The Windows Modules Installer service did not shut down properly after receiving a preshutdown control.
    8/5/2012 3:05:42 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Microsoft XML Core Services 4.0 Service Pack 2 for x64-based Systems (KB973688).
    8/5/2012 2:50:29 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft XML Core Services 4.0 Service Pack 2 for x64-based Systems (KB954430).
    8/4/2012 5:56:08 PM, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
    8/4/2012 5:55:08 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
    8/4/2012 4:39:30 PM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.
    8/4/2012 4:30:03 PM, Error: Service Control Manager [7022] - The HP Health Check Service service hung on starting.
    8/4/2012 4:18:30 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Schedule service.
    8/4/2012 1:33:32 AM, Error: Service Control Manager [7034] - The HP Software Framework Service service terminated unexpectedly. It has done this 1 time(s).
    8/4/2012 1:22:11 AM, Error: Service Control Manager [7030] - The TrueVector Internet Monitor service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
    8/4/2012 1:14:29 AM, Error: Service Control Manager [7031] - The Norton Internet Security service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
    8/3/2012 6:35:58 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
    8/3/2012 6:22:37 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
    8/3/2012 6:16:30 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service hpqwmiex with arguments "" in order to run the server: {F5539356-2F02-40D4-999E-FA61F45FE12E}
    8/3/2012 6:06:05 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
    8/3/2012 6:05:52 PM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\system32\athihvs.dll Error Code: 21
    8/3/2012 6:05:36 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache spldr SRTSP SRTSPX Wanarpv6
    .
    ==== End Of File ===========================

    Oh my that is not an Attachment...I am so sorry....
     
  6. Mark1956

    Mark1956 Malware Specialist

    Joined:
    May 7, 2011
    Messages:
    14,142
    Hi, thanks for the logs, I always ask for the Attach.txt log to be pasted into a reply so you have done nothing wrong. GMER cannot be used on a 64bit system due to incompatibility.

    I've spotted an immediate problem. Now I have seen the DDS log it appears that Zone Alarm is the full security suite so it includes an Anti Virus. This means you still have two Anti Virus programs.

    As I have often seen Zone Alarm cause problems even when there is no other Anti Virus or Firewall on the system, for the process of elimination, I think it would be best to remove Zone Alarm and Avast, then install Microsoft Security Essentials and Comodo firewall. MSE is extremely unlikely to cause any conflicts and the same goes for Comodo.

    Please uninstall Zone Alarm and Avast then run both of these clean up tools.

    ZoneAlarm removal tool
    Avast removal tool

    Next install this: Microsoft Security Essentials
    And this: Comodo Free Firewalll Click on the Free Download button, at the next page enter you version of Windows and click on the Download button.

    Once done, run the system for a while and report back with any change in performance.
     
  7. carsncats

    carsncats Thread Starter

    Joined:
    Jan 14, 2004
    Messages:
    84
    Hello, I did all the removals, cleanups and Installs that you last stated....

    I still have the RunDLL error......
    But the good news - it Runs great, did everything I wanted it to all day long!

    I can live with the error and just hit- OK.... now you got it running great....Or
    did you think of other things to try ?
    I am so glad for your help...
     
  8. Mark1956

    Mark1956 Malware Specialist

    Joined:
    May 7, 2011
    Messages:
    14,142
    It's up to you if you wish to continue, there are various approaches we can take to try and track down what is causing the Rundll error.

    Start by posting the log produced from this if you wish to go on:

    Please download MiniToolBox and save it to your desktop.
    Double click on the MiniToolBox icon [​IMG]
    You will now see the following window appear.
    [​IMG]
    Click on each of the boxes as indicated in the list below, then click on the GO button.
    Copy & Paste the contents of the report that appears into your next post, you can also find a copy of the report on your desktop (Result.txt).

    •List last 10 Event Viewer log
     
  9. carsncats

    carsncats Thread Starter

    Joined:
    Jan 14, 2004
    Messages:
    84
    = Event log errors: ===============================

    Application errors:
    ==================
    Error: (08/09/2012 06:13:58 PM) (Source: SideBySide) (User: )
    Description: Activation context generation failed for "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1".Error in manifest or policy file "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" on line WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
    Component identity found in manifest does not match the identity of the component requested.
    Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
    Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
    Please use sxstrace.exe for detailed diagnosis.

    Error: (08/09/2012 06:09:54 PM) (Source: SideBySide) (User: )
    Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
    The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

    Error: (08/09/2012 01:32:22 PM) (Source: ESENT) (User: )
    Description: WinMail (2364) WindowsMail0: The backup has been stopped because it was halted by the client or the connection with the client failed.

    Error: (08/09/2012 01:22:30 PM) (Source: .NET Runtime Optimization Service) (User: )
    Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to execute command from the offline queue: uninstall "Microsoft.PowerShell.Commands.Diagnostics, Version=1.0.0.0, Culture=Neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=msil". The error returned was Error: The specified assembly is not installed.
    .

    Error: (08/08/2012 11:32:24 PM) (Source: Microsoft-Windows-RestartManager) (User: Judy-HP)Judy-HP
    Description: Application or service 'Check Point Install Utility' could not be shut down.

    Error: (08/07/2012 09:41:43 PM) (Source: System Restore) (User: )
    Description: Failed to create restore point (Process = C:\Windows\system32\msiexec.exe /V; Description = Removed Ad-Aware Antivirus.; Error = 0x8007043c).

    Error: (08/07/2012 09:41:31 PM) (Source: System Restore) (User: )
    Description: Failed to create restore point (Process = C:\Windows\system32\msiexec.exe /V; Description = Removed Ad-Aware Antivirus.; Error = 0x8007043c).

    Error: (08/07/2012 08:32:27 PM) (Source: MsiInstaller) (User: Judy-HP)Judy-HP
    Description: Product: Ad-Aware Antivirus -- Error 1730. You must be an Administrator to remove this application. To remove this application, you can log on as an administrator, or contact your technical support group for assistance.

    Error: (08/07/2012 07:52:47 PM) (Source: Microsoft-Windows-RestartManager) (User: Judy-HP)Judy-HP
    Description: Application or service 'hpCaslNotification' could not be shut down.

    Error: (08/06/2012 02:55:53 PM) (Source: ESENT) (User: )
    Description: Catalog Database (1388) Catalog Database: The database engine stopped the instance (0) with error (-1090).


    System errors:
    =============
    Error: (08/10/2012 06:45:14 PM) (Source: Service Control Manager) (User: )
    Description: The following boot-start or system-start driver(s) failed to load:
    SBRE

    Error: (08/09/2012 09:57:03 PM) (Source: DCOM) (User: )
    Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

    Error: (08/09/2012 05:22:52 PM) (Source: Service Control Manager) (User: )
    Description: The following boot-start or system-start driver(s) failed to load:
    SBRE

    Error: (08/09/2012 04:49:16 PM) (Source: Service Control Manager) (User: )
    Description: The following boot-start or system-start driver(s) failed to load:
    SBRE

    Error: (08/09/2012 04:44:57 PM) (Source: DCOM) (User: )
    Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

    Error: (08/09/2012 04:11:32 PM) (Source: Service Control Manager) (User: )
    Description: The following boot-start or system-start driver(s) failed to load:
    SBRE

    Error: (08/09/2012 01:51:00 PM) (Source: Service Control Manager) (User: )
    Description: The following boot-start or system-start driver(s) failed to load:
    SBRE

    Error: (08/09/2012 01:49:01 PM) (Source: Service Control Manager) (User: )
    Description: The following boot-start or system-start driver(s) failed to load:
    SBRE

    Error: (08/09/2012 01:19:55 PM) (Source: Service Control Manager) (User: )
    Description: The following boot-start or system-start driver(s) failed to load:
    SBRE

    Error: (08/09/2012 00:16:07 PM) (Source: Service Control Manager) (User: )
    Description: The following boot-start or system-start driver(s) failed to load:
    SBRE


    Microsoft Office Sessions:
    =========================
    Error: (08/09/2012 06:13:58 PM) (Source: SideBySide)(User: )
    Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"c:\program files (x86)\windows live\photo gallery\MovieMaker.Exec:\program files (x86)\windows live\photo gallery\WLMFDS.DLL8

    Error: (08/09/2012 06:09:54 PM) (Source: SideBySide)(User: )
    Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

    Error: (08/09/2012 01:32:22 PM) (Source: ESENT)(User: )
    Description: WinMail2364WindowsMail0:

    Error: (08/09/2012 01:22:30 PM) (Source: .NET Runtime Optimization Service)(User: )
    Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to execute command from the offline queue: uninstall "Microsoft.PowerShell.Commands.Diagnostics, Version=1.0.0.0, Culture=Neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=msil". The error returned was Error: The specified assembly is not installed.
    .

    Error: (08/08/2012 11:32:24 PM) (Source: Microsoft-Windows-RestartManager)(User: Judy-HP)Judy-HP
    Description: 1C:\Program Files (x86)\CheckPoint\Install\Install.exeCheck Point Install Utility0111741200

    Error: (08/07/2012 09:41:43 PM) (Source: System Restore)(User: )
    Description: C:\Windows\system32\msiexec.exe /VRemoved Ad-Aware Antivirus.0x8007043c

    Error: (08/07/2012 09:41:31 PM) (Source: System Restore)(User: )
    Description: C:\Windows\system32\msiexec.exe /VRemoved Ad-Aware Antivirus.0x8007043c

    Error: (08/07/2012 08:32:27 PM) (Source: MsiInstaller)(User: Judy-HP)Judy-HP
    Description: Product: Ad-Aware Antivirus -- Error 1730. You must be an Administrator to remove this application. To remove this application, you can log on as an administrator, or contact your technical support group for assistance.(NULL)(NULL)(NULL)(NULL)(NULL)

    Error: (08/07/2012 07:52:47 PM) (Source: Microsoft-Windows-RestartManager)(User: Judy-HP)Judy-HP
    Description: 1C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exehpCaslNotification0211752040

    Error: (08/06/2012 02:55:53 PM) (Source: ESENT)(User: )
    Description: Catalog Database1388Catalog Database: 0-1090

    ..............................................

    thanks for the new idea....thank you again...
     
  10. Mark1956

    Mark1956 Malware Specialist

    Joined:
    May 7, 2011
    Messages:
    14,142
    The problem appears to be caused by a remnant from AdAware. Please follow this guide (the second part) to locate and remove any left overs. How to Uninstall Ad-Aware

    If you can't find unregaaw.exe just continue with the rest of the instructions for the manual removal.
     
  11. carsncats

    carsncats Thread Starter

    Joined:
    Jan 14, 2004
    Messages:
    84
    Hello,
    I did what I could....But Rundll error still then on reboot...
    I'm willing to try more....Do you need any more files Posted?
    If you are busy on weekends , that is good...
    I will keep checking back...
    Thank you so much....
     
  12. Mark1956

    Mark1956 Malware Specialist

    Joined:
    May 7, 2011
    Messages:
    14,142
    Ok, I need to see another log from DDS to try and find what remnants are still there. Please run DDS again and paste both the logs into your next reply.
     
  13. carsncats

    carsncats Thread Starter

    Joined:
    Jan 14, 2004
    Messages:
    84
    .
    DDS (Ver_2011-08-26.01) - NTFSAMD64
    Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_33
    Run by Judy at 23:20:43 on 2012-08-11
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2811.1258 [GMT -5:00]
    .
    AV: Microsoft Security Essentials *Enabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: Microsoft Security Essentials *Enabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
    SP: COMODO Defense+ *Enabled/Updated* {FEEA52D5-051E-08DD-07EF-2F009097607D}
    FW: COMODO Firewall *Enabled* {7DB03214-694B-060B-1600-BD4715C36DBB}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    c:\Program Files\Microsoft Security Client\MsMpEng.exe
    C:\Windows\system32\atiesrxx.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\atieclxx.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
    C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe
    C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
    C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
    C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
    C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
    C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
    C:\Program Files\Realtek\RtVOsd\RtVOsd.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\servicing\TrustedInstaller.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
    C:\Program Files\Microsoft Security Client\msseces.exe
    C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
    C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
    C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
    C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
    C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
    C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
    C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\COMODO\COMODO GeekBuddy\CLPS.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
    C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
    C:\Windows\SysWOW64\cmd.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\SysWOW64\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    mWinlogon: Userinit=userinit.exe,
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: Zonealarm Helper Object: {2a841f7a-a014-4da5-b6d9-8b913dfb7a8c} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.6.4.5\bh\zonealarm.dll
    BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
    BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    TB: ZoneAlarm Security Toolbar: {438fae3e-bdef-44d3-ab8b-0c7c8350df59} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.6.4.5\zonealarmTlbr.dll
    TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll"
    uRun: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
    uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
    uRun: [ATI] rundll32.exe "C:\Users\Judy\AppData\Local\Temp\",CreateInstance
    uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
    mRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun: [ZoneAlarm Installer] "C:\Program Files (x86)\CheckPoint\Install\Launcher.exe" "C:\Program Files (x86)\CheckPoint\Install\Install.exe" /r /c "C:\Program Files (x86)\CheckPoint\Install\Install.xml"
    mRun: [COMODO] C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLA.exe
    mRun: [CPA] C:\Program Files\COMODO\COMODO GeekBuddy\VALA.exe
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
    TCP: DhcpNameServer = 192.168.1.1 74.40.74.40
    TCP: Interfaces\{4093B978-6079-487D-B1B9-701945BBD2BC} : DhcpNameServer = 192.168.1.1 74.40.74.40
    AppInit_DLLs: C:\Windows\SysWOW64\guard32.dll
    mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
    BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO-X64: AcroIEHelperStub - No File
    BHO-X64: Zonealarm Helper Object: {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.6.4.5\bh\zonealarm.dll
    BHO-X64: Zonealarm Helper Object - No File
    BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
    BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
    BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll
    BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    TB-X64: ZoneAlarm Security Toolbar: {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.6.4.5\zonealarmTlbr.dll
    TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll"
    mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    mRun-x64: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
    mRun-x64: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
    mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun-x64: [ZoneAlarm Installer] "C:\Program Files (x86)\CheckPoint\Install\Launcher.exe" "C:\Program Files (x86)\CheckPoint\Install\Install.exe" /r /c "C:\Program Files (x86)\CheckPoint\Install\Install.xml"
    mRun-x64: [COMODO] C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLA.exe
    mRun-x64: [CPA] C:\Program Files\COMODO\COMODO GeekBuddy\VALA.exe
    AppInit_DLLs-X64: C:\Windows\SysWOW64\guard32.dll
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\Judy\AppData\Roaming\Mozilla\Firefox\Profiles\kukt3tog.default\
    FF - prefs.js: browser.startup.homepage - hxxp://frontier.my.yahoo.com/?_bc=1
    FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=
    FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
    FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
    FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll
    FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
    .
    ---- FIREFOX POLICIES ----
    FF - user.js: extensions.zonealarm.autoRvrt - false
    FF - user.js: extensions.zonealarm_i.newTab - false
    FF - user.js: extensions.zonealarm.tlbrSrchUrl - hxxp://search.zonealarm.com/search?Source=ToolBar&oemCode=ZLN114134832492407-1001&toolbarId=base&affiliateId=1001&Lan={dfltLng}&utid=2250e7af0000000000004c0f6e69dcbb&q=
    FF - user.js: extensions.zonealarm.id - 2250e7af0000000000004c0f6e69dcbb
    FF - user.js: extensions.zonealarm.instlDay - 15556
    FF - user.js: extensions.zonealarm.vrsn - 1.6.4.5
    FF - user.js: extensions.zonealarm.vrsni - 1.6.4.5
    FF - user.js: extensions.zonealarm_i.vrsnTs - 1.6.4.51:19:56
    FF - user.js: extensions.zonealarm.prtnrId - checkpoint
    FF - user.js: extensions.zonealarm.prdct - zonealarm
    FF - user.js: extensions.zonealarm.aflt - 1001
    FF - user.js: extensions.zonealarm_i.smplGrp - none
    FF - user.js: extensions.zonealarm.tlbrId - base
    FF - user.js: extensions.zonealarm.instlRef - ZLN114134832492407-1001
    FF - user.js: extensions.zonealarm.dfltLng - en
    FF - user.js: extensions.zonealarm.excTlbr - false
    FF - user.js: extensions.zonealarm.admin - false
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]
    R1 cmdGuard;COMODO Internet Security Sandbox Driver;C:\Windows\system32\DRIVERS\cmdguard.sys --> C:\Windows\system32\DRIVERS\cmdguard.sys [?]
    R1 cmdHlp;COMODO Internet Security Helper Driver;C:\Windows\system32\DRIVERS\cmdhlp.sys --> C:\Windows\system32\DRIVERS\cmdhlp.sys [?]
    R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
    R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
    R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
    R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2011-8-11 140672]
    R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2010-10-24 98208]
    R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
    R2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.EXE [2012-2-10 193816]
    R2 CinemaNow Service;CinemaNow Service;C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe [2010-5-21 140272]
    R2 CLPSLS;COMODO livePCsupport Service;C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe [2011-11-23 1267000]
    R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-9-9 86072]
    R2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-6-18 103992]
    R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-3-28 94264]
    R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-6-29 27192]
    R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-1 2804568]
    R2 RtVOsdService;RtVOsdService Installer;C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe [2010-4-19 315392]
    R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
    R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
    R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys --> C:\Windows\system32\DRIVERS\usbfilter.sys [?]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-8-4 250056]
    S3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.EXE [2012-2-10 240408]
    S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-8-4 113120]
    S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys --> C:\Windows\system32\DRIVERS\netw5v64.sys [?]
    S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
    S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696]
    S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers\RtsUStor.sys [?]
    S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?]
    S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?]
    S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
    S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]
    .
    =============== Created Last 30 ================
    .
    2012-08-10 23:55:42 9133488 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{210A9AE7-68E1-404D-9D0F-5BE509029649}\mpengine.dll
    2012-08-09 22:12:38 9133488 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
    2012-08-09 22:02:51 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
    2012-08-09 22:02:51 366592 ----a-w- C:\Windows\System32\qdvd.dll
    2012-08-09 17:30:56 -------- d-----w- C:\Windows\System32\SPReview
    2012-08-09 17:29:32 -------- d-----w- C:\Windows\System32\EventProviders
    2012-08-09 06:19:09 -------- d-----w- C:\Users\Judy\AppData\Roaming\.minecraft
    2012-08-09 06:09:09 -------- d-----w- C:\ProgramData\CPA_VA
    2012-08-09 06:00:20 -------- d-----w- C:\ProgramData\Comodo
    2012-08-09 06:00:13 1700352 ----a-w- C:\Windows\SysWow64\gdiplus.dll
    2012-08-09 06:00:13 -------- d-----w- C:\Program Files\COMODO
    2012-08-09 04:56:01 927800 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{43F61622-64DE-4473-8436-FC6BB8F4A84D}\gapaengine.dll
    2012-08-09 04:47:35 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client
    2012-08-09 04:47:26 -------- d-----w- C:\Program Files\Microsoft Security Client
    2012-08-09 04:39:10 -------- d-----w- C:\Program Files (x86)\CheckPoint
    2012-08-09 04:07:09 9133488 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
    2012-08-09 04:06:59 9133488 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8A4EB37D-BBCB-4A5B-8F40-F357A7BB0C5E}\mpengine.dll
    2012-08-09 04:06:54 279656 ------w- C:\Windows\System32\MpSigStub.exe
    2012-08-08 04:08:27 48976 ----a-w- C:\Windows\System32\netfxperf.dll
    2012-08-08 04:08:26 1942856 ----a-w- C:\Windows\System32\dfshim.dll
    2012-08-08 04:08:10 1130824 ----a-w- C:\Windows\SysWow64\dfshim.dll
    2012-08-08 04:08:03 59392 ----a-w- C:\Windows\System32\drivers\TsUsbFlt.sys
    2012-08-08 04:08:03 12288 ----a-w- C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll
    2012-08-08 04:08:02 3715584 ----a-w- C:\Windows\System32\mstscax.dll
    2012-08-08 04:08:00 1838080 ----a-w- C:\Windows\System32\d3d10warp.dll
    2012-08-08 04:06:59 99176 ----a-w- C:\Windows\SysWow64\PresentationHostProxy.dll
    2012-08-08 04:05:59 982912 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
    2012-08-08 04:04:59 305152 ----a-w- C:\Windows\SysWow64\taskcomp.dll
    2012-08-08 04:03:59 633856 ----a-w- C:\Windows\System32\comctl32.dll
    2012-08-08 04:02:59 82432 ----a-w- C:\Windows\SysWow64\dot3cfg.dll
    2012-08-08 04:01:59 60928 ----a-w- C:\Program Files\Windows Defender\MsMpCom.dll
    2012-08-08 04:00:54 3072 ----a-w- C:\Windows\System32\drivers\en-US\tsusbflt.sys.mui
    2012-08-08 04:00:53 2560 ----a-w- C:\Windows\System32\drivers\en-US\rdpwd.sys.mui
    2012-08-08 04:00:32 6144 ----a-w- C:\Windows\System32\drivers\en-US\IPMIDrv.sys.mui
    2012-08-08 04:00:32 4608 ----a-w- C:\Windows\System32\drivers\en-US\kbdclass.sys.mui
    2012-08-08 04:00:25 399872 ----a-w- C:\Windows\System32\dpx.dll
    2012-08-08 04:00:25 189952 ----a-w- C:\Windows\SysWow64\wdscore.dll
    2012-08-08 04:00:12 189952 ----a-w- C:\Windows\SysWow64\sqmapi.dll
    2012-08-08 03:59:27 189952 ----a-w- C:\Program Files (x86)\Windows Portable Devices\sqmapi.dll
    2012-08-08 03:59:26 606208 ----a-w- C:\Windows\SysWow64\wbem\fastprox.dll
    2012-08-08 03:59:26 363008 ----a-w- C:\Windows\SysWow64\wbemcomn.dll
    2012-08-08 03:53:17 529408 ----a-w- C:\Windows\System32\wbemcomn.dll
    2012-08-08 03:53:17 244736 ----a-w- C:\Program Files\Windows Portable Devices\sqmapi.dll
    2012-08-08 03:53:01 244736 ----a-w- C:\Windows\System32\sqmapi.dll
    2012-08-08 02:42:04 -------- d-----w- C:\ProgramData\GFI Software
    2012-08-08 00:49:11 -------- d-----w- C:\ProgramData\{A8DA1505-E615-42BB-BB77-74D5CC91FE7E}
    2012-08-08 00:03:06 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys
    2012-08-08 00:03:06 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
    2012-08-08 00:03:05 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
    2012-08-08 00:03:03 98816 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
    2012-08-08 00:03:02 7936 ----a-w- C:\Windows\System32\drivers\usbd.sys
    2012-08-08 00:03:02 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
    2012-08-08 00:03:02 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
    2012-08-08 00:02:53 1139200 ----a-w- C:\Windows\System32\FntCache.dll
    2012-08-08 00:02:48 902656 ----a-w- C:\Windows\System32\d2d1.dll
    2012-08-08 00:02:47 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll
    2012-08-08 00:00:04 1659776 ----a-w- C:\Windows\System32\drivers\ntfs.sys
    2012-08-08 00:00:03 2565632 ----a-w- C:\Windows\System32\esent.dll
    2012-08-07 23:59:59 1699328 ----a-w- C:\Windows\SysWow64\esent.dll
    2012-08-07 23:59:53 166272 ----a-w- C:\Windows\System32\drivers\nvstor.sys
    2012-08-07 23:59:51 148352 ----a-w- C:\Windows\System32\drivers\nvraid.sys
    2012-08-07 23:59:44 189824 ----a-w- C:\Windows\System32\drivers\storport.sys
    2012-08-07 23:59:39 410496 ----a-w- C:\Windows\System32\drivers\iaStorV.sys
    2012-08-07 23:59:37 96768 ----a-w- C:\Windows\System32\fsutil.exe
    2012-08-07 23:59:36 74240 ----a-w- C:\Windows\SysWow64\fsutil.exe
    2012-08-05 23:17:22 -------- d-----w- C:\Program Files (x86)\MSXML 4.0
    2012-08-05 20:45:20 -------- d-----w- C:\Windows\SysWow64\Wat
    2012-08-05 20:45:20 -------- d-----w- C:\Windows\System32\Wat
    2012-08-05 20:25:13 3148800 ----a-w- C:\Windows\System32\win32k.sys
    2012-08-05 19:10:18 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
    2012-08-05 19:10:17 81408 ----a-w- C:\Windows\System32\imagehlp.dll
    2012-08-05 19:10:16 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
    2012-08-05 19:10:11 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
    2012-08-05 19:10:10 220672 ----a-w- C:\Windows\System32\wintrust.dll
    2012-08-05 19:10:09 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
    2012-08-05 19:10:09 5120 ----a-w- C:\Windows\System32\wmi.dll
    2012-08-04 23:12:37 -------- d-----w- C:\Users\Judy\AppData\Roaming\Malwarebytes
    2012-08-04 23:12:10 -------- d-----w- C:\ProgramData\Malwarebytes
    2012-08-04 23:12:07 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2012-08-04 23:12:06 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2012-08-04 21:19:03 -------- d-----w- C:\Users\Judy\AppData\Local\CrashDumps
    2012-08-04 20:34:49 -------- d-----w- C:\Users\Judy\AppData\Local\Downloaded Installations
    2012-08-04 20:01:57 -------- d-----w- C:\Users\Judy\AppData\Local\Google
    2012-08-04 20:00:30 -------- d-----w- C:\ProgramData\AVAST Software
    2012-08-04 18:46:30 509952 ----a-w- C:\Windows\System32\ntshrui.dll
    2012-08-04 18:45:53 43520 ----a-w- C:\Windows\System32\csrsrv.dll
    2012-08-04 18:45:48 515584 ----a-w- C:\Windows\System32\timedate.cpl
    2012-08-04 18:45:47 478720 ----a-w- C:\Windows\SysWow64\timedate.cpl
    2012-08-04 18:45:46 476160 ----a-w- C:\Windows\System32\XpsGdiConverter.dll
    2012-08-04 18:45:46 288256 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll
    2012-08-04 18:45:17 870912 ----a-w- C:\Windows\SysWow64\XpsPrint.dll
    2012-08-04 18:45:17 1465344 ----a-w- C:\Windows\System32\XpsPrint.dll
    2012-08-04 18:45:12 1395712 ----a-w- C:\Windows\System32\mfc42.dll
    2012-08-04 18:45:12 1359872 ----a-w- C:\Windows\System32\mfc42u.dll
    2012-08-04 18:45:12 1137664 ----a-w- C:\Windows\SysWow64\mfc42.dll
    2012-08-04 18:45:11 1164288 ----a-w- C:\Windows\SysWow64\mfc42u.dll
    2012-08-04 18:42:48 27520 ----a-w- C:\Windows\System32\drivers\Diskdump.sys
    2012-08-04 18:41:52 642944 ----a-w- C:\Windows\System32\winload.efi
    2012-08-04 18:40:56 64512 ----a-w- C:\Windows\SysWow64\devobj.dll
    2012-08-04 18:39:51 288640 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
    2012-08-04 18:24:54 77312 ----a-w- C:\Windows\System32\packager.dll
    2012-08-04 18:24:54 67072 ----a-w- C:\Windows\SysWow64\packager.dll
    2012-08-04 06:20:25 -------- d-----w- C:\Users\Judy\AppData\Roaming\CheckPoint
    2012-08-04 06:19:56 -------- d-----w- C:\Program Files (x86)\Check Point Software Technologies LTD
    2012-08-04 06:19:34 -------- d-----w- C:\ProgramData\CheckPoint
    2012-08-04 05:45:00 -------- d-----w- C:\Users\Judy\AppData\Roaming\SUPERAntiSpyware.com
    2012-08-04 05:44:00 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
    2012-08-04 05:44:00 -------- d-----w- C:\Program Files\SUPERAntiSpyware
    2012-08-04 05:35:59 476976 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll
    2012-08-04 05:26:01 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2012-08-04 05:26:01 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2012-08-03 23:47:39 -------- d-----w- C:\Users\Judy\AppData\Local\ATI
    2012-08-03 23:46:43 -------- d-----w- C:\Users\Judy\AppData\Roaming\hpqLog
    2012-08-03 23:43:53 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
    2012-08-03 23:43:53 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
    2012-08-03 23:43:53 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
    2012-08-03 23:32:55 -------- d-----w- C:\Users\Judy\AppData\Local\ElevatedDiagnostics
    2012-08-03 23:16:16 -------- d-----w- C:\Users\Judy\AppData\Local\Hewlett-Packard
    2012-08-03 16:54:09 2622464 ----a-w- C:\Windows\System32\wucltux.dll
    2012-08-03 16:54:03 99840 ----a-w- C:\Windows\System32\wudriver.dll
    2012-07-30 19:27:20 -------- d-----w- C:\ProgramData\Recovery
    .
    ==================== Find3M ====================
    .
    2012-08-09 17:48:54 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
    2012-08-09 17:48:53 175616 ----a-w- C:\Windows\System32\msclmd.dll
    2012-08-04 05:35:52 472880 ----a-w- C:\Windows\SysWow64\deployJava1.dll
    2012-06-20 14:42:44 3678720 ----a-w- C:\Windows\System32\drivers\athrx.sys
    2012-06-06 06:06:16 2004480 ----a-w- C:\Windows\System32\msxml6.dll
    2012-06-06 06:06:16 1881600 ----a-w- C:\Windows\System32\msxml3.dll
    2012-06-06 06:02:54 1133568 ----a-w- C:\Windows\System32\cdosys.dll
    2012-06-06 05:05:52 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll
    2012-06-06 05:05:52 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
    2012-06-06 05:03:06 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll
    2012-06-02 20:19:42 186752 ----a-w- C:\Windows\System32\wuwebv.dll
    2012-06-02 20:15:12 36864 ----a-w- C:\Windows\System32\wuapp.exe
    2012-06-02 05:50:10 458704 ----a-w- C:\Windows\System32\drivers\cng.sys
    2012-06-02 05:48:16 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
    2012-06-02 05:48:16 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
    2012-06-02 05:45:31 340992 ----a-w- C:\Windows\System32\schannel.dll
    2012-06-02 05:44:21 307200 ----a-w- C:\Windows\System32\ncrypt.dll
    2012-06-02 04:40:42 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
    2012-06-02 04:40:39 225280 ----a-w- C:\Windows\SysWow64\schannel.dll
    2012-06-02 04:39:10 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll
    2012-06-02 04:34:09 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
    2012-05-28 12:09:04 2168416 ----a-w- C:\Windows\System32\coin91.dll
    .
    ============= FINISH: 23:25:33.08 ===============




    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2011-08-26.01)
    .
    Microsoft Windows 7 Home Premium
    Boot Device: \Device\HarddiskVolume1
    Install Date: 8/3/2012 11:53:21 AM
    System Uptime: 8/11/2012 11:11:05 PM (0 hours ago)
    .
    Motherboard: Hewlett-Packard | | 1444
    Processor: AMD Athlon(tm) II P340 Dual-Core Processor | Socket S1G4 | 2200/200mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 280 GiB total, 242.589 GiB free.
    D: is FIXED (NTFS) - 17 GiB total, 2.509 GiB free.
    E: is CDROM ()
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Description: SBRE
    Device ID: ROOT\LEGACY_SBRE\0000
    Manufacturer:
    Name: SBRE
    PNP Device ID: ROOT\LEGACY_SBRE\0000
    Service: SBRE
    .
    ==== System Restore Points ===================
    .
    RP21: 8/9/2012 12:30:46 PM - Windows 7 Service Pack 1
    RP22: 8/9/2012 1:37:09 PM - Windows Update
    RP23: 8/9/2012 4:14:07 PM - Windows Update
    RP24: 8/9/2012 5:08:17 PM - Windows Update
    .
    ==== Installed Programs ======================
    .
    Acrobat.com
    Adobe AIR
    Adobe Flash Player 11 ActiveX
    Adobe Reader 9.3 MUI
    Adobe Shockwave Player 11.5
    AMD USB Filter Driver
    Atheros Driver Installation Program
    Bejeweled 2 Deluxe
    Bing Bar
    Blackhawk Striker 2
    Build-a-lot 2
    Catalyst Control Center - Branding
    Catalyst Control Center Core Implementation
    Catalyst Control Center Graphics Full Existing
    Catalyst Control Center Graphics Full New
    Catalyst Control Center Graphics Light
    Catalyst Control Center Graphics Previews Common
    Catalyst Control Center Graphics Previews Vista
    Catalyst Control Center InstallProxy
    Catalyst Control Center Localization All
    ccc-core-static
    CCC Help Chinese Standard
    CCC Help Chinese Traditional
    CCC Help Czech
    CCC Help Danish
    CCC Help Dutch
    CCC Help English
    CCC Help Finnish
    CCC Help French
    CCC Help German
    CCC Help Greek
    CCC Help Hungarian
    CCC Help Italian
    CCC Help Japanese
    CCC Help Korean
    CCC Help Norwegian
    CCC Help Polish
    CCC Help Portuguese
    CCC Help Russian
    CCC Help Spanish
    CCC Help Swedish
    CCC Help Thai
    CCC Help Turkish
    Chuzzle Deluxe
    CinemaNow Media Manager
    Cisco EAP-FAST Module
    Cisco LEAP Module
    Cisco PEAP Module
    COMODO GeekBuddy
    CyberLink DVD Suite
    CyberLink MediaShow
    CyberLink PowerDVD 9
    CyberLink YouCam
    Diner Dash 2 Restaurant Rescue
    Dora's Carnival Adventure
    Energy Star Digital Logo
    Escape Rosecliff Island
    ESU for Microsoft Windows 7
    FATE
    Final Drive Nitro
    Heroes of Hellas 2 - Olympia
    Hewlett-Packard ACLM.NET v1.1.2.0
    HP Customer Experience Enhancements
    HP Documentation
    HP Game Console
    HP Games
    HP MediaSmart CinemaNow 2.0
    HP Photo Creations
    HP Power Manager
    HP Quick Launch
    HP Setup
    HP Software Framework
    HP Support Assistant
    Java Auto Updater
    Java(TM) 6 Update 33
    Jewel Quest 3
    Jewel Quest Solitaire 2
    Junk Mail filter update
    LabelPrint
    LightScribe System Software
    Malwarebytes Anti-Malware version 1.62.0.1300
    Microsoft Choice Guard
    Microsoft Office 2010
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft WSE 3.0 Runtime
    Mozilla Firefox 14.0.1 (x86 en-US)
    Mozilla Maintenance Service
    MSVCRT
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    Norton Online Backup
    Penguins!
    PhotoNow!
    Plants vs. Zombies
    Poker Superstars III
    Polar Bowler
    Polar Golfer
    Power2Go
    PowerDirector
    Realtek Ethernet Controller Driver For Windows 7
    Realtek High Definition Audio Driver
    Realtek USB 2.0 Card Reader
    Recovery Manager
    Roxio CinemaNow 2.0
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
    Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
    Virtual Families
    Virtual Villagers - The Secret City
    Wheel of Fortune 2
    Windows Live Call
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Mail
    Windows Live Messenger
    Windows Live Movie Maker
    Windows Live Photo Gallery
    Windows Live Sync
    Windows Live Upload Tool
    Windows Live Writer
    ZoneAlarm Security
    ZoneAlarm Security Toolbar
    Zuma Deluxe
    .
    ==== Event Viewer Messages From Past Week ========
    .
    8/9/2012 1:08:24 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service.
    8/9/2012 1:08:03 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
    8/9/2012 1:08:03 AM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    8/9/2012 1:08:03 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
    8/9/2012 1:02:00 AM, Error: Service Control Manager [7030] - The COMODO Internet Security Helper Service service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
    8/7/2012 9:54:44 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Dnscache service.
    8/7/2012 9:46:16 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the HP Support Assistant Service service to connect.
    8/7/2012 9:46:16 PM, Error: Service Control Manager [7000] - The HP Support Assistant Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    8/7/2012 9:39:30 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
    8/7/2012 9:39:29 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
    8/7/2012 9:39:28 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
    8/7/2012 9:39:20 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
    8/7/2012 9:39:20 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
    8/7/2012 9:39:19 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
    8/7/2012 9:39:13 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
    8/7/2012 9:39:02 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD aswRdr aswSnx aswSP aswTdi DfsC discache kl2 KLIF NetBIOS NetBT nsiproxy Psched rdbss SASDIFSV SASKUTIL spldr tdx Vsdatant vwififlt Wanarpv6 WfpLwf
    8/7/2012 9:39:02 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
    8/7/2012 9:39:02 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
    8/7/2012 9:39:02 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
    8/7/2012 9:39:02 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
    8/7/2012 9:39:02 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
    8/7/2012 9:38:59 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
    8/7/2012 9:38:59 PM, Error: Service Control Manager [7001] - The TrueVector Internet Monitor service depends on the Zone Alarm Firewall Driver service which failed to start because of the following error: A device attached to the system is not functioning.
    8/7/2012 9:38:59 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
    8/7/2012 9:38:59 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
    8/7/2012 9:38:59 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
    8/7/2012 9:38:59 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
    8/7/2012 9:08:53 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WerSvc service.
    8/7/2012 9:06:31 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.
    8/7/2012 8:16:52 PM, Error: Service Control Manager [7043] - The Windows Update service did not shut down properly after receiving a preshutdown control.
    8/7/2012 8:01:02 PM, Error: Service Control Manager [7031] - The Windows Modules Installer service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
    8/7/2012 6:26:13 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Modules Installer service to connect.
    8/7/2012 6:26:13 PM, Error: Service Control Manager [7000] - The Windows Modules Installer service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    8/7/2012 6:26:13 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service TrustedInstaller with arguments "" in order to run the server: {752073A1-23F2-4396-85F0-8FDB879ED0ED}
    8/7/2012 6:08:00 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.
    8/7/2012 6:08:00 PM, Error: Service Control Manager [7000] - The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    8/6/2012 3:13:45 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Installer service to connect.
    8/6/2012 3:13:45 PM, Error: Service Control Manager [7000] - The Windows Installer service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    8/6/2012 3:06:46 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
    8/6/2012 2:43:43 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the HP Wireless Assistant Service service to connect.
    8/6/2012 2:43:43 PM, Error: Service Control Manager [7000] - The HP Wireless Assistant Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    8/6/2012 2:43:12 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the HP Health Check Service service to connect.
    8/6/2012 2:43:12 PM, Error: Service Control Manager [7000] - The HP Health Check Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    8/5/2012 4:48:53 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service hpqwmiex with arguments "" in order to run the server: {F5539356-2F02-40D4-999E-FA61F45FE12E}
    8/5/2012 4:48:51 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the HP Software Framework Service service to connect.
    8/5/2012 4:48:51 PM, Error: Service Control Manager [7000] - The HP Software Framework Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    8/5/2012 4:02:52 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Update for Windows 7 for x64-based Systems (KB2703157).
    8/5/2012 4:02:52 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Update for Internet Explorer 8 Compatibility View List for Windows 7 for x64-based Systems (KB2598845).
    8/5/2012 4:02:40 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Security Update for Internet Explorer 8 for Windows 7 for x64-based Systems (KB2544521).
    8/5/2012 4:00:33 PM, Error: Service Control Manager [7023] -
    8/5/2012 3:49:56 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the vsmon service.
    8/5/2012 3:49:26 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SBAMSvc service.
    8/5/2012 3:48:58 PM, Error: Service Control Manager [7038] - The avast! Antivirus service was unable to log on as NT AUTHORITY\SYSTEM with the currently configured password due to the following error: The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
    8/5/2012 3:48:58 PM, Error: Service Control Manager [7000] - The avast! Antivirus service failed to start due to the following error: The service did not start due to a logon failure.
    8/5/2012 3:48:53 PM, Error: Service Control Manager [7031] - The avast! Antivirus service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
    8/5/2012 3:48:30 PM, Error: Service Control Manager [7034] - The SeaPort service terminated unexpectedly. It has done this 1 time(s).
    8/5/2012 3:48:28 PM, Error: Service Control Manager [7034] - The Ad-Aware Service service terminated unexpectedly. It has done this 1 time(s).
    8/5/2012 3:48:25 PM, Error: Service Control Manager [7034] - The HPWMISVC service terminated unexpectedly. It has done this 1 time(s).
    8/5/2012 3:48:24 PM, Error: Service Control Manager [7034] - The CinemaNow Service service terminated unexpectedly. It has done this 1 time(s).
    8/5/2012 3:48:22 PM, Error: Service Control Manager [7034] - The HP Quick Synchronization Service service terminated unexpectedly. It has done this 1 time(s).
    8/5/2012 3:48:07 PM, Error: Service Control Manager [7031] - The avast! Antivirus service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
    8/5/2012 3:47:29 PM, Error: Service Control Manager [7023] - The Security Center service terminated with the following error: The process cannot access the file because it is being used by another process.
    8/5/2012 3:46:34 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the RtVOsdService Installer service to connect.
    8/5/2012 3:46:34 PM, Error: Service Control Manager [7000] - The RtVOsdService Installer service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    8/5/2012 3:41:09 PM, Error: Service Control Manager [7043] - The Windows Modules Installer service did not shut down properly after receiving a preshutdown control.
    8/5/2012 3:05:42 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Microsoft XML Core Services 4.0 Service Pack 2 for x64-based Systems (KB973688).
    8/5/2012 2:50:29 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft XML Core Services 4.0 Service Pack 2 for x64-based Systems (KB954430).
    8/4/2012 5:56:08 PM, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
    8/4/2012 5:55:08 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
    8/4/2012 4:39:30 PM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.
    8/4/2012 4:30:03 PM, Error: Service Control Manager [7022] - The HP Health Check Service service hung on starting.
    8/4/2012 4:18:30 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Schedule service.
    8/4/2012 1:33:32 AM, Error: Service Control Manager [7034] - The HP Software Framework Service service terminated unexpectedly. It has done this 1 time(s).
    8/4/2012 1:22:11 AM, Error: Service Control Manager [7030] - The TrueVector Internet Monitor service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
    8/4/2012 1:14:29 AM, Error: Service Control Manager [7031] - The Norton Internet Security service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
    8/11/2012 11:11:37 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: SBRE
    .
    ==== End Of File ===========================
     
  14. Mark1956

    Mark1956 Malware Specialist

    Joined:
    May 7, 2011
    Messages:
    14,142
    Ad-Aware seems to have all gone now but there are several entries still sowing for Zone Alarm including these two items in the installed programs list: ZoneAlarm Security and ZoneAlarm Security Toolbar.

    Please go into Programs and Features and if you find either of them uninstall them and run the clean up tool again from post 6. Let me know what you find.

    Please then reboot the PC several times and then repeat the instructions in post 8 and post the new log.
     
  15. carsncats

    carsncats Thread Starter

    Joined:
    Jan 14, 2004
    Messages:
    84
    Still have the error....Thank you for your help....
    Here is the error report....


    ...... ............. ...........
    MiniToolBox by Farbar Version: 23-07-2012
    Ran by Judy (administrator) on 12-08-2012 at 22:35:21
    Microsoft Windows 7 Home Premium Service Pack 1 (X64)
    Boot Mode: Normal
    ***************************************************************************

    ========================= Event log errors: ===============================

    Application errors:
    ==================
    Error: (08/09/2012 06:13:58 PM) (Source: SideBySide) (User: )
    Description: Activation context generation failed for "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1".Error in manifest or policy file "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" on line WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
    Component identity found in manifest does not match the identity of the component requested.
    Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
    Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
    Please use sxstrace.exe for detailed diagnosis.

    Error: (08/09/2012 06:09:54 PM) (Source: SideBySide) (User: )
    Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
    The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

    Error: (08/09/2012 01:32:22 PM) (Source: ESENT) (User: )
    Description: WinMail (2364) WindowsMail0: The backup has been stopped because it was halted by the client or the connection with the client failed.

    Error: (08/09/2012 01:22:30 PM) (Source: .NET Runtime Optimization Service) (User: )
    Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to execute command from the offline queue: uninstall "Microsoft.PowerShell.Commands.Diagnostics, Version=1.0.0.0, Culture=Neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=msil". The error returned was Error: The specified assembly is not installed.
    .

    Error: (08/08/2012 11:32:24 PM) (Source: Microsoft-Windows-RestartManager) (User: Judy-HP)Judy-HP
    Description: Application or service 'Check Point Install Utility' could not be shut down.

    Error: (08/07/2012 09:41:43 PM) (Source: System Restore) (User: )
    Description: Failed to create restore point (Process = C:\Windows\system32\msiexec.exe /V; Description = Removed Ad-Aware Antivirus.; Error = 0x8007043c).

    Error: (08/07/2012 09:41:31 PM) (Source: System Restore) (User: )
    Description: Failed to create restore point (Process = C:\Windows\system32\msiexec.exe /V; Description = Removed Ad-Aware Antivirus.; Error = 0x8007043c).

    Error: (08/07/2012 08:32:27 PM) (Source: MsiInstaller) (User: Judy-HP)Judy-HP
    Description: Product: Ad-Aware Antivirus -- Error 1730. You must be an Administrator to remove this application. To remove this application, you can log on as an administrator, or contact your technical support group for assistance.

    Error: (08/07/2012 07:52:47 PM) (Source: Microsoft-Windows-RestartManager) (User: Judy-HP)Judy-HP
    Description: Application or service 'hpCaslNotification' could not be shut down.

    Error: (08/06/2012 02:55:53 PM) (Source: ESENT) (User: )
    Description: Catalog Database (1388) Catalog Database: The database engine stopped the instance (0) with error (-1090).


    System errors:
    =============
    Error: (08/12/2012 10:28:18 PM) (Source: Service Control Manager) (User: )
    Description: The following boot-start or system-start driver(s) failed to load:
    SBRE

    Error: (08/12/2012 05:47:10 PM) (Source: Service Control Manager) (User: )
    Description: The following boot-start or system-start driver(s) failed to load:
    SBRE

    Error: (08/12/2012 05:21:30 PM) (Source: Service Control Manager) (User: )
    Description: The following boot-start or system-start driver(s) failed to load:
    SBRE

    Error: (08/12/2012 05:16:58 PM) (Source: Service Control Manager) (User: )
    Description: The following boot-start or system-start driver(s) failed to load:
    SBRE

    Error: (08/12/2012 04:07:31 PM) (Source: Service Control Manager) (User: )
    Description: The following boot-start or system-start driver(s) failed to load:
    SBRE

    Error: (08/11/2012 11:11:37 PM) (Source: Service Control Manager) (User: )
    Description: The following boot-start or system-start driver(s) failed to load:
    SBRE

    Error: (08/11/2012 05:39:17 PM) (Source: Service Control Manager) (User: )
    Description: The following boot-start or system-start driver(s) failed to load:
    SBRE

    Error: (08/11/2012 04:43:04 PM) (Source: Service Control Manager) (User: )
    Description: The following boot-start or system-start driver(s) failed to load:
    SBRE

    Error: (08/11/2012 04:11:26 PM) (Source: Service Control Manager) (User: )
    Description: The following boot-start or system-start driver(s) failed to load:
    SBRE

    Error: (08/10/2012 06:45:14 PM) (Source: Service Control Manager) (User: )
    Description: The following boot-start or system-start driver(s) failed to load:
    SBRE


    Microsoft Office Sessions:
    =========================
    Error: (08/09/2012 06:13:58 PM) (Source: SideBySide)(User: )
    Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"c:\program files (x86)\windows live\photo gallery\MovieMaker.Exec:\program files (x86)\windows live\photo gallery\WLMFDS.DLL8

    Error: (08/09/2012 06:09:54 PM) (Source: SideBySide)(User: )
    Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

    Error: (08/09/2012 01:32:22 PM) (Source: ESENT)(User: )
    Description: WinMail2364WindowsMail0:

    Error: (08/09/2012 01:22:30 PM) (Source: .NET Runtime Optimization Service)(User: )
    Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to execute command from the offline queue: uninstall "Microsoft.PowerShell.Commands.Diagnostics, Version=1.0.0.0, Culture=Neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=msil". The error returned was Error: The specified assembly is not installed.
    .

    Error: (08/08/2012 11:32:24 PM) (Source: Microsoft-Windows-RestartManager)(User: Judy-HP)Judy-HP
    Description: 1C:\Program Files (x86)\CheckPoint\Install\Install.exeCheck Point Install Utility0111741200

    Error: (08/07/2012 09:41:43 PM) (Source: System Restore)(User: )
    Description: C:\Windows\system32\msiexec.exe /VRemoved Ad-Aware Antivirus.0x8007043c

    Error: (08/07/2012 09:41:31 PM) (Source: System Restore)(User: )
    Description: C:\Windows\system32\msiexec.exe /VRemoved Ad-Aware Antivirus.0x8007043c

    Error: (08/07/2012 08:32:27 PM) (Source: MsiInstaller)(User: Judy-HP)Judy-HP
    Description: Product: Ad-Aware Antivirus -- Error 1730. You must be an Administrator to remove this application. To remove this application, you can log on as an administrator, or contact your technical support group for assistance.(NULL)(NULL)(NULL)(NULL)(NULL)

    Error: (08/07/2012 07:52:47 PM) (Source: Microsoft-Windows-RestartManager)(User: Judy-HP)Judy-HP
    Description: 1C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exehpCaslNotification0211752040

    Error: (08/06/2012 02:55:53 PM) (Source: ESENT)(User: )
    Description: Catalog Database1388Catalog Database: 0-1090


    **** End of log ****
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1063959