Computer Crashes

[bizzoveg111]

Hi again

4 more crashes trying to reply...

I copied and pasted the error messages into Start/run but it said it couldn't find the path...

Then when it crashed again I copied that error into the Start/run field and same thing happened...couldn't find the path.

Oh dear! What now?

Appreciating all your help but this one seems to have us beat?

Liz

[guestolo]

Can I see another log please
==Download and save WinPFind.zip
UNZIP the contents to your desktop
Don't run it yet

RESTART your Computer into SAFE MODE
You can do this by tapping the F8 key as the system is restarting, just before Windows loads
Choose Safe mode from the startup menu and hit Enter

In safe mode
Open the WinPFind folder you extracted to desktop
Double click on WinPFind.exe
Click START SCAN
This could take some time as it will scan your drive
Close out after

Reboot back to Normal mode

Back in Windows
Post the results of the WindPFind.txt located in the WinPFind folder

[bizzoveg111]

Hi there

Yep! ALL DONE and file is attached.

Thanks

Liz

Can't see the attachement

Am trying again.

Oh. The file was too big. This was the message from TECH CLINIC;
"THE FOLLOWING ERROR(S) WERE FOUND
The total filespace required to upload all the attached files is greater than your per post or global limit. Please reduce the number of attachments or the size of the attachments."

How do I make it smaller?

Thanks

Liz

I copied and pasted it....

WARNING: not all files found by this scanner are bad. Consult with a knowledgable person before proceeding.

If you see a message in the titlebar saying "Not responding..." you can ignore it. Windows somethimes displays this message due to the high volume of disk I/O. As long as the hard disk light is flashing, the program is still working properly.

»»»»»»»»»»»»»»»»» Windows OS and Versions »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Product Name: Microsoft Windows XP    Current Build: Service Pack 2    Current Build Number: 2600
Internet Explorer Version: 6.0.2900.2180

»»»»»»»»»»»»»»»»» Checking Selected Standard Folders »»»»»»»»»»»»»»»»»»»»

Checking %SystemDrive% folder...

Checking %ProgramFilesDir% folder...

Checking %WinDir% folder...

Checking %System% folder...
PEC2                 29/08/2002 11:00:00 PM      41397      C:\WINDOWS\SYSTEM32\dfrg.msc
PEC2                 27/01/2006 5:36:02 AM       574976     C:\WINDOWS\SYSTEM32\DivX.dll
PECompact2           27/01/2006 5:36:02 AM       574976     C:\WINDOWS\SYSTEM32\DivX.dll
PTech                4/11/2005 4:27:24 PM        534280     C:\WINDOWS\SYSTEM32\LegitCheckControl.DLL
PECompact2           8/02/2006 4:23:40 PM        4513120    C:\WINDOWS\SYSTEM32\MRT.exe
aspack               8/02/2006 4:23:40 PM        4513120    C:\WINDOWS\SYSTEM32\MRT.exe
aspack               4/08/2004 6:56:36 PM        708096     C:\WINDOWS\SYSTEM32\ntdll.dll
Umonitor             4/08/2004 6:56:44 PM        657920     C:\WINDOWS\SYSTEM32\rasdlg.dll
winsync              29/08/2002 11:00:00 PM      1309184    C:\WINDOWS\SYSTEM32\wbdbase.deu

Checking %System%\Drivers folder and sub-folders...
UPX!                 17/01/2006 9:06:34 PM       752608     C:\WINDOWS\SYSTEM32\drivers\avg7core.sys
FSG!                 17/01/2006 9:06:34 PM       752608     C:\WINDOWS\SYSTEM32\drivers\avg7core.sys
PEC2                 17/01/2006 9:06:34 PM       752608     C:\WINDOWS\SYSTEM32\drivers\avg7core.sys
aspack               17/01/2006 9:06:34 PM       752608     C:\WINDOWS\SYSTEM32\drivers\avg7core.sys
PTech                4/08/2004 4:41:38 PM        1309184    C:\WINDOWS\SYSTEM32\drivers\mtlstrm.sys

Items found in C:\WINDOWS\SYSTEM32\drivers\etc\backup_of_hosts


Items found in C:\WINDOWS\SYSTEM32\drivers\etc\hosts


Checking the Windows folder and sub-folders for system and hidden files within the last 60 days...
                     27/02/2006 9:48:14 AM     S 2048       C:\WINDOWS\bootstat.dat
                     7/02/2006 12:31:50 PM    HS 239616     C:\WINDOWS\Thumbs.db
                     19/02/2006 9:23:34 AM   RH  749        C:\WINDOWS\WindowsShell.Manifest
                     19/02/2006 9:23:42 AM    H  65         C:\WINDOWS\Downloaded Program Files\desktop.ini
                     19/02/2006 9:24:30 AM    HS 67         C:\WINDOWS\Fonts\desktop.ini
                     19/02/2006 9:23:42 AM    H  65         C:\WINDOWS\Offline Web Pages\desktop.ini
                     11/02/2006 6:24:30 PM   RHS 286777     C:\WINDOWS\PCHealth\HelpCtr\PackageStore\package_5.cab
                     19/02/2006 9:25:28 AM    H  516096     C:\WINDOWS\repair\ntuser.dat
                     31/01/2006 8:38:42 AM    HS 7168       C:\WINDOWS\ShellNew\Thumbs.db
                     19/02/2006 9:23:34 AM   RH  749        C:\WINDOWS\system32\cdplayer.exe.manifest
                     19/02/2006 9:23:42 AM   RH  488        C:\WINDOWS\system32\logonui.exe.manifest
                     19/02/2006 9:23:34 AM   RH  749        C:\WINDOWS\system32\ncpa.cpl.manifest
                     19/02/2006 9:23:34 AM   RH  749        C:\WINDOWS\system32\nwc.cpl.manifest
                     19/02/2006 9:23:34 AM   RH  749        C:\WINDOWS\system32\sapi.cpl.manifest
                     19/02/2006 9:47:52 AM    HS 16384      C:\WINDOWS\system32\Thumbs.db
                     19/02/2006 9:23:42 AM   RH  488        C:\WINDOWS\system32\WindowsLogon.manifest
                     19/02/2006 9:23:34 AM   RH  749        C:\WINDOWS\system32\wuaucpl.cpl.manifest
                     3/01/2006 1:17:06 PM      S 8792       C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB911564.cat
                     13/01/2006 12:34:32 PM    S 7898       C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB911565.cat
                     4/01/2006 4:39:38 PM      S 11223      C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB911927.cat
                     3/01/2006 10:09:36 AM     S 11223      C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB912919.cat
                     14/01/2006 6:28:32 AM     S 10925      C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB913446.cat
                     27/02/2006 9:48:22 AM    H  20480      C:\WINDOWS\system32\config\default.LOG
                     19/02/2006 8:06:06 PM    H  0          C:\WINDOWS\system32\config\default.tmp.LOG
                     27/02/2006 9:48:38 AM    H  1024       C:\WINDOWS\system32\config\SAM.LOG
                     27/02/2006 9:48:16 AM    H  16384      C:\WINDOWS\system32\config\SECURITY.LOG
                     27/02/2006 9:49:02 AM    H  73728      C:\WINDOWS\system32\config\software.LOG
                     19/02/2006 8:06:06 PM    H  0          C:\WINDOWS\system32\config\software.tmp.LOG
                     27/02/2006 9:48:26 AM    H  798720     C:\WINDOWS\system32\config\system.LOG
                     19/02/2006 8:05:48 PM    H  0          C:\WINDOWS\system32\config\system.tmp.LOG
                     19/02/2006 8:05:44 PM    H  1024       C:\WINDOWS\system32\config\TempKey.LOG
                     19/02/2006 8:06:06 PM    H  1024       C:\WINDOWS\system32\config\userdiff.LOG
                     19/02/2006 9:25:28 AM    H  1024       C:\WINDOWS\system32\config\userdifr.LOG
                     27/02/2006 2:30:10 AM    H  1024       C:\WINDOWS\system32\config\systemprofile\ntuser.dat.LOG
                     20/02/2006 10:16:14 AM    S 558        C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\E6024EAC88E6B6165D49FE3C95ADD735
                     20/02/2006 10:16:14 AM    S 144        C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\E6024EAC88E6B6165D49FE3C95ADD735
                     11/02/2006 10:39:58 AM   HS 67         C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\desktop.ini
                     19/02/2006 9:33:04 AM    HS 67         C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\8LY1SLED\desktop.ini
                     19/02/2006 9:33:04 AM    HS 67         C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\9H1OFT26\desktop.ini
                     19/02/2006 9:33:04 AM    HS 67         C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\OGQYNC8H\desktop.ini
                     19/02/2006 9:33:04 AM    HS 67         C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\QT23EHUF\desktop.ini
                     24/02/2006 2:29:56 PM    HS 388        C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\3b06cc53-2b08-48b6-b526-05416df95ca1
                     24/02/2006 2:29:56 PM    HS 24         C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\Preferred
                     5/02/2006 10:22:02 AM    H  8628       C:\WINDOWS\system32\spool\drivers\w32x86\3\E_QI021E.GID
                     27/02/2006 9:51:36 AM    H  370        C:\WINDOWS\Tasks\MP Scheduled Scan.job
                     27/02/2006 9:47:10 AM    H  6          C:\WINDOWS\Tasks\SA.DAT
                     19/02/2006 9:48:52 AM    HS 9728       C:\WINDOWS\Web\Thumbs.db

Checking for CPL files...
                               26/05/2004 2:06:58 AM       417792     C:\WINDOWS\SYSTEM32\ac3filter.cpl
Microsoft Corporation          4/08/2004 6:56:58 PM        68608      C:\WINDOWS\SYSTEM32\access.cpl
Microsoft Corporation          4/08/2004 6:56:58 PM        549888     C:\WINDOWS\SYSTEM32\appwiz.cpl
Microsoft Corporation          4/08/2004 6:56:58 PM        110592     C:\WINDOWS\SYSTEM32\bthprops.cpl
Microsoft Corporation          4/08/2004 6:56:58 PM        135168     C:\WINDOWS\SYSTEM32\desk.cpl
Microsoft Corporation          4/08/2004 6:56:58 PM        80384      C:\WINDOWS\SYSTEM32\firewall.cpl
Microsoft Corporation          4/08/2004 6:56:58 PM        155136     C:\WINDOWS\SYSTEM32\hdwwiz.cpl
Microsoft Corporation          4/08/2004 6:56:58 PM        358400     C:\WINDOWS\SYSTEM32\inetcpl.cpl
Microsoft Corporation          4/08/2004 6:56:58 PM        129536     C:\WINDOWS\SYSTEM32\intl.cpl
Microsoft Corporation          4/08/2004 6:56:58 PM        380416     C:\WINDOWS\SYSTEM32\irprops.cpl
Microsoft Corporation          4/08/2004 6:56:58 PM        68608      C:\WINDOWS\SYSTEM32\joy.cpl
Sun Microsystems, Inc.         10/11/2005 1:03:50 PM       49265      C:\WINDOWS\SYSTEM32\jpicpl32.cpl
Microsoft Corporation          29/08/2002 11:00:00 PM      187904     C:\WINDOWS\SYSTEM32\main.cpl
Microsoft Corporation          4/08/2004 6:56:58 PM        618496     C:\WINDOWS\SYSTEM32\mmsys.cpl
Microsoft Corporation          29/08/2002 11:00:00 PM      35840      C:\WINDOWS\SYSTEM32\ncpa.cpl
Microsoft Corporation          4/08/2004 6:56:58 PM        25600      C:\WINDOWS\SYSTEM32\netsetup.cpl
Microsoft Corporation          4/08/2004 6:56:58 PM        257024     C:\WINDOWS\SYSTEM32\nusrmgr.cpl
                               10/12/2005 3:06:00 AM       73728      C:\WINDOWS\SYSTEM32\nvtuicpl.cpl
Microsoft Corporation          4/08/2004 6:56:58 PM        32768      C:\WINDOWS\SYSTEM32\odbccp32.cpl
Microsoft Corporation          4/08/2004 6:56:58 PM        114688     C:\WINDOWS\SYSTEM32\powercfg.cpl
Microsoft Corporation          4/08/2004 6:56:58 PM        298496     C:\WINDOWS\SYSTEM32\sysdm.cpl
Microsoft Corporation          29/08/2002 11:00:00 PM      28160      C:\WINDOWS\SYSTEM32\telephon.cpl
Microsoft Corporation          4/08/2004 6:56:58 PM        94208      C:\WINDOWS\SYSTEM32\timedate.cpl
Microsoft Corporation          4/08/2004 6:56:58 PM        148480     C:\WINDOWS\SYSTEM32\wscui.cpl
Microsoft Corporation          26/05/2005 4:16:30 AM       174360     C:\WINDOWS\SYSTEM32\wuaucpl.cpl
Microsoft Corporation          4/08/2004 6:56:58 PM        68608      C:\WINDOWS\SYSTEM32\dllcache\access.cpl
Microsoft Corporation          4/08/2004 6:56:58 PM        549888     C:\WINDOWS\SYSTEM32\dllcache\appwiz.cpl
Microsoft Corporation          4/08/2004 6:56:58 PM        110592     C:\WINDOWS\SYSTEM32\dllcache\bthprops.cpl
Microsoft Corporation          4/08/2004 6:56:58 PM        135168     C:\WINDOWS\SYSTEM32\dllcache\desk.cpl
Microsoft Corporation          4/08/2004 6:56:58 PM        80384      C:\WINDOWS\SYSTEM32\dllcache\firewall.cpl
Microsoft Corporation          4/08/2004 6:56:58 PM        155136     C:\WINDOWS\SYSTEM32\dllcache\hdwwiz.cpl
Microsoft Corporation          4/08/2004 6:56:58 PM        358400     C:\WINDOWS\SYSTEM32\dllcache\inetcpl.cpl
Microsoft Corporation          4/08/2004 6:56:58 PM        129536     C:\WINDOWS\SYSTEM32\dllcache\intl.cpl
Microsoft Corporation          4/08/2004 6:56:58 PM        380416     C:\WINDOWS\SYSTEM32\dllcache\irprops.cpl
Microsoft Corporation          4/08/2004 6:56:58 PM        68608      C:\WINDOWS\SYSTEM32\dllcache\joy.cpl
Microsoft Corporation          29/08/2002 11:00:00 PM      187904     C:\WINDOWS\SYSTEM32\dllcache\main.cpl
Microsoft Corporation          4/08/2004 6:56:58 PM        618496     C:\WINDOWS\SYSTEM32\dllcache\mmsys.cpl
Microsoft Corporation          29/08/2002 11:00:00 PM      35840      C:\WINDOWS\SYSTEM32\dllcache\ncpa.cpl
Microsoft Corporation          4/08/2004 6:56:58 PM        25600      C:\WINDOWS\SYSTEM32\dllcache\netsetup.cpl
Microsoft Corporation          4/08/2004 6:56:58 PM        257024     C:\WINDOWS\SYSTEM32\dllcache\nusrmgr.cpl
Microsoft Corporation          4/08/2004 6:56:58 PM        32768      C:\WINDOWS\SYSTEM32\dllcache\odbccp32.cpl
Microsoft Corporation          4/08/2004 6:56:58 PM        114688     C:\WINDOWS\SYSTEM32\dllcache\powercfg.cpl
Microsoft Corporation          4/08/2004 6:56:58 PM        155648     C:\WINDOWS\SYSTEM32\dllcache\sapi.cpl
Microsoft Corporation          4/08/2004 6:56:58 PM        298496     C:\WINDOWS\SYSTEM32\dllcache\sysdm.cpl
Microsoft Corporation          29/08/2002 11:00:00 PM      28160      C:\WINDOWS\SYSTEM32\dllcache\telephon.cpl
Microsoft Corporation          4/08/2004 6:56:58 PM        94208      C:\WINDOWS\SYSTEM32\dllcache\timedate.cpl
Microsoft Corporation          4/08/2004 6:56:58 PM        148480     C:\WINDOWS\SYSTEM32\dllcache\wscui.cpl
Microsoft Corporation          26/05/2005 4:16:30 AM       174360     C:\WINDOWS\SYSTEM32\dllcache\wuaucpl.cpl

»»»»»»»»»»»»»»»»» Checking Selected Startup Folders »»»»»»»»»»»»»»»»»»»»»

Checking files in %ALLUSERSPROFILE%\Startup folder...
                     19/02/2006 9:25:24 AM    HS 84         C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini

Checking files in %ALLUSERSPROFILE%\Application Data folder...
                     19/02/2006 9:09:46 AM    HS 62         C:\Documents and Settings\All Users\Application Data\desktop.ini

Checking files in %USERPROFILE%\Startup folder...
                     26/11/2005 7:44:10 AM    HS 84         C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\desktop.ini

Checking files in %USERPROFILE%\Application Data folder...
                     26/11/2005 6:33:44 PM    HS 62         C:\Documents and Settings\Administrator\Application Data\desktop.ini

»»»»»»»»»»»»»»»»» Checking Selected Registry Keys »»»»»»»»»»»»»»»»»»»»»»»

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
   SV1    =

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]

[HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers]
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\AVG7 Shell Extension
   {9F97547E-4609-42C5-AE0C-81C61FFAEBC3}    = C:\Program Files\Grisoft\AVG Free\avgse.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\ewido
   {57BD36D7-CE32-4600-9B1C-1A0C47EFC02E}    = C:\Program Files\ewido anti-malware\context.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\gfxfggnm
   {266a49c8-aee4-4ae3-8173-26a93c33ff4b}    = C:\WINDOWS\System32\gfwfg.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Offline Files
   {750fdf0e-2a26-11d1-a3ea-080036587f03}    = %SystemRoot%\System32\cscui.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Open With
   {09799AFB-AD67-11d1-ABCD-00C04FC30936}    = %SystemRoot%\system32\SHELL32.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Open With EncryptionMenu
   {A470F8CF-A1E8-4f65-8335-227475AA5C46}    = %SystemRoot%\system32\SHELL32.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\WinZip
   {E0D79304-84BE-11CE-9641-444553540000}    = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\{a2a9545d-a0c2-42b4-9708-a0b2badd77c8}
   Start Menu Pin    = %SystemRoot%\system32\SHELL32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers]
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\AVG7 Shell Extension
   {9F97547E-4609-42C5-AE0C-81C61FFAEBC3}    = C:\Program Files\Grisoft\AVG Free\avgse.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\WinZip
   {E0D79304-84BE-11CE-9641-444553540000}    = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers]
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\EncryptionMenu
   {A470F8CF-A1E8-4f65-8335-227475AA5C46}    = %SystemRoot%\system32\SHELL32.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\ewido
   {57BD36D7-CE32-4600-9B1C-1A0C47EFC02E}    = C:\Program Files\ewido anti-malware\context.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\Offline Files
   {750fdf0e-2a26-11d1-a3ea-080036587f03}    = %SystemRoot%\System32\cscui.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\Sharing
   {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}    = ntshrui.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\WinZip
   {E0D79304-84BE-11CE-9641-444553540000}    = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers]
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{0D2E74C4-3C34-11d2-A27E-00C04FC30871}
    = %SystemRoot%\system32\SHELL32.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{24F14F01-7B1C-11d1-838f-0000F80461CF}
    = %SystemRoot%\system32\SHELL32.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{24F14F02-7B1C-11d1-838f-0000F80461CF}
    = %SystemRoot%\system32\SHELL32.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{66742402-F9B9-11D1-A202-0000F81FEDEE}
    = %SystemRoot%\system32\SHELL32.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{F9DB5320-233E-11D1-9F84-707F02C10627}
    = C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
   AcroIEHlprObj Class = C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}
    = C:\PROGRA~1\SPYBOT~1\SDHelper.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
   SSVHelper Class = C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{4D5C8C25-D075-11d0-B416-00C04FB90376}
   &Tip of the Day = %SystemRoot%\System32\shdocvw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{FB5F1910-F110-11d2-BB9E-00C04F795683}
   ButtonText    = Messenger   : C:\Program Files\Messenger\msmsgs.exe

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars]
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{32683183-48a0-441b-a342-7c2a440a9478}
    =

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar]
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
   AVG7_CC   C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
   AVG7_EMC   C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
   DataLayer   C:\PROGRA~1\COMMON~1\PCSuite\DATALA~1\DATALA~1.EXE
   PCSuiteTrayApplication   C:\PROGRA~1\Nokia\NOKIAP~1\TRAYAP~1.EXE
   NvCplDaemon   RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
   nwiz   nwiz.exe /install
   SunJavaUpdateSched   C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
   NvMediaCenter   RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
   Windows Defender   "C:\Program Files\Windows Defender\MSASCui.exe" -hide

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]
   IMAIL   Installed = 1
   MAPI   Installed = 1
   MSFS   Installed = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
   MSMSGS   "C:\Program Files\Messenger\msmsgs.exe" /background

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\load]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\state
   system.ini   0
   win.ini   0
   bootini   0
   services   0
   startup   0


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments
   ScanWithAntiVirus   3


HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum
   {BDEADF00-C265-11D0-BCED-00A0C90AB50F} = C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL
   {6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} =
   {0DF44EAA-FF21-4412-828E-260A8728E7F1} =


HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ratings

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system
   dontdisplaylastusername   0
   legalnoticecaption   
   legalnoticetext   
   shutdownwithoutlogon   1
   undockwithoutlogon   1
   DisableTaskMgr   0
   DisableCAD   0


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies]

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop
   NoChangingWallPaper   0
   NoAddingComponents   0
   NoComponents   0
   NoDeletingComponents   0
   NoEditingComponents   0
   NoCloseDragDropBands   0
   NoMovingBands   0
   NoHTMLWallPaper   0

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
   NoDriveTypeAutoRun   145
   NoActiveDesktop   0
   NoSaveSettings   0
   ClassicShell   0
   NoThemesTab   0
   ForceActiveDesktopOn   0

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
   DisableTaskMgr   0
   NoDispAppearancePage   0
   NoColorChoice   0
   NoSizeChoice   0
   NoDispBackgroundPage   0
   NoDispScrSavPage   0
   NoDispCPL   0
   NoVisualStyleChoice   0
   NoDispSettingsPage   0


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
   PostBootReminder                  {7849596a-48ea-486e-8937-a2a3009f31a9} = %SystemRoot%\system32\SHELL32.dll
   CDBurn                            {fbeb8a05-beee-4442-804e-409d6c4515e9} = %SystemRoot%\system32\SHELL32.dll
   WebCheck                          {E6FB5E20-DE35-11CF-9C87-00AA005127ED} = %SystemRoot%\System32\webcheck.dll
   SysTray                           {35CEC8A3-2BE6-11D2-8773-92E220524153} = C:\WINDOWS\System32\stobject.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
   UserInit   = C:\WINDOWS\system32\userinit.exe,
   Shell      = Explorer.exe
   System      =

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain
    = crypt32.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet
    = cryptnet.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll
    = cscdll.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp
    = wlnotify.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule
    = wlnotify.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy
    = sclgntfy.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn
    = WlNotify.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv
    = wlnotify.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon
    = wlnotify.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Your Image File Name Here without a path
   Debugger = ntsd -d

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
   AppInit_DLLs   


<<<<<<<<<< Checking for AddOn Monitors.def information >>>>>>>>>>
Parameter line : regkey=HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Monitors;;
  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Monitors found!

  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Monitors\BJ Language Monitor
   Driver   cnbjmon.dll


  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Monitors\EPSON Printer Port
   Driver   Eplpmx02.DLL
   CHG1_IOADDR   888
   LPT1_IOADDR   888
   CHG1_IRQ   7
   LPT1_IRQ   7
   CHG1_DMA   -1
   LPT1_DMA   -1
   CHG1_DMAON   0
   LPT1_DMAON   0
   CHG1_FLAGS   32
   LPT1_FLAGS   32


  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Monitors\EPSON V5 2KMonitor
   Driver   EBPMON2.DLL


  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Monitors\Local Port
   Driver   localspl.dll


  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Monitors\PJL Language Monitor
   Driver   pjlmon.dll
   EOJTimeout   60000


  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Monitors\Standard TCP/IP Port
   Driver   tcpmon.dll


  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Monitors\Standard TCP/IP Port\Ports
   StatusUpdateInterval   10
   StatusUpdateEnabled   1

  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Monitors\USB Monitor
   Driver   usbmon.dll



<<<<<<<<<< Checking for AddOn OpenCommand.def information >>>>>>>>>>
>>>>>>>>>> Exporting Shell Open\Command entries
Parameter line : regkey=HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\batfile\shell\open\command;;
  HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\batfile\shell\open\command found!
      "%1" %*

Parameter line : regkey=HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\comfile\shell\open\command;;
  HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\comfile\shell\open\command found!
      "%1" %*

Parameter line : regkey=HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\exefile\shell\open\command;;
  HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\exefile\shell\open\command found!
      "%1" %*

Parameter line : regkey=HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\piffile\shell\open\command;;
  HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\piffile\shell\open\command found!
      "%1" %*

Parameter line : regkey=HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\regfile\shell\open\command;;
  HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\regfile\shell\open\command found!
      regedit.exe "%1"

Parameter line : regkey=HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\scrfile\shell\open\command;;
  HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\scrfile\shell\open\command found!
      "%1" /S

Parameter line : regkey=HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\vbsfile\shell\open\command;;
  HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\vbsfile\shell\open\command found!

Parameter line : regkey=HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\htmlfile\shell\open\command;;
  HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\htmlfile\shell\open\command found!
      "C:\Program Files\Internet Explorer\iexplore.exe" -nohome

Parameter line : regkey=HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\http\shell\open\command;;
  HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\http\shell\open\command found!
      "C:\Program Files\Internet Explorer\iexplore.exe" -nohome

Parameter line : regkey=HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\mp3file\shell\open\command;;
  HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\mp3file\shell\open\command found!
      "C:\Program Files\Windows Media Player\wmplayer.exe" /prefetch:6 /Open "%L"

Parameter line : regkey=HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\mpegfile\shell\open\command;;
  HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\mpegfile\shell\open\command found!
      "C:\Program Files\Windows Media Player\wmplayer.exe" /prefetch:9 /Open "%L"

Parameter line : regkey=HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\jsfile\shell\open\command;;
  HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\jsfile\shell\open\command found!


<<<<<<<<<< Checking for AddOn Policies.def information >>>>>>>>>>

<<<<<<<<<< Checking for AddOn Qoologic.def information >>>>>>>>>>
>>>>>>>>>> Search by size and name
>>>>>>>>>> Files found by this method are not necessarily bad
>>>>>>>>>> Example PNGFILT.DLL is a windows file
Parameter line : file=%sysdir%;*.exe;150;61952;;;
  File C:\WINDOWS\SYSTEM32\*.exe for today - 150 days with a size of 61952 bytes was not found!
Parameter line : file=%sysdir%;*.exe;150;7680;;;
  File C:\WINDOWS\SYSTEM32\*.exe for today - 150 days with a size of 7680 bytes was not found!
Parameter line : file=%sysdir%;*.exe;150;91648;;;
  File C:\WINDOWS\SYSTEM32\*.exe for today - 150 days with a size of 91648 bytes was not found!
Parameter line : file=%sysdir%;*.exe;150;81920;;;
  File C:\WINDOWS\SYSTEM32\*.exe for today - 150 days with a size of 81920 bytes was not found!
Parameter line : file=%sysdir%;*.exe;150;7168;;;
  File C:\WINDOWS\SYSTEM32\*.exe for today - 150 days with a size of 7168 bytes was not found!
Parameter line : file=%sysdir%;*.exe;150;65536;;;
  File C:\WINDOWS\SYSTEM32\*.exe for today - 150 days with a size of 65536 bytes was not found!
Parameter line : file=%sysdir%;redit.cpl;;;;;
  File C:\WINDOWS\SYSTEM32\redit.cpl was not found!
Parameter line : file=%sysdir%;conres.cpl;;;;;
  File C:\WINDOWS\SYSTEM32\conres.cpl was not found!
Parameter line : file=%sysdir%;datadx.dll;;;;;
  File C:\WINDOWS\SYSTEM32\datadx.dll was not found!
Parameter line : file=%sysdir%;*.dll;150;10240;;;
  File C:\WINDOWS\SYSTEM32\*.dll for today - 150 days with a size of 10240 bytes was not found!
Parameter line : file=%sysdir%;*.dll;150;46080;;;
  File C:\WINDOWS\SYSTEM32\*.dll for today - 150 days with a size of 46080 bytes was not found!
Parameter line : file=%sysdir%;*.dll;150;34816;;;
  File C:\WINDOWS\SYSTEM32\*.dll for today - 150 days with a size of 34816 bytes was not found!
Parameter line : file=%sysdir%;*.dll;150;16384;;;
  File C:\WINDOWS\SYSTEM32\*.dll for today - 150 days with a size of 16384 bytes was not found!
Parameter line : file=%sysdir%;*.dll;150;29184;;;
  File C:\WINDOWS\SYSTEM32\*.dll for today - 150 days with a size of 29184 bytes was not found!
Parameter line : file=%sysdir%;*.dll;150;26624;;;
  File C:\WINDOWS\SYSTEM32\*.dll for today - 150 days with a size of 26624 bytes was not found!
Parameter line : file=%sysdir%;*.dll;150;9728;;;
  File C:\WINDOWS\SYSTEM32\*.dll for today - 150 days with a size of 9728 bytes was not found!
Parameter line : file=%sysdir%;*.dll;150;10843;;;
  File C:\WINDOWS\SYSTEM32\*.dll for today - 150 days with a size of 10843 bytes was not found!
Parameter line : file=%sysdir%;*.dll;150;18432;;;
  File C:\WINDOWS\SYSTEM32\*.dll for today - 150 days with a size of 18432 bytes was not found!
Parameter line : file=%sysdir%;*.dll;150;23040;;;
  File C:\WINDOWS\SYSTEM32\*.dll for today - 150 days with a size of 23040 bytes was not found!
Parameter line : file=%sysdir%;*.dll;150;17920;;;
  File C:\WINDOWS\SYSTEM32\*.dll for today - 150 days with a size of 17920 bytes was not found!
Parameter line : file=%allusers%\start menu\programs\startup;*.exe;;;;;
  File C:\Documents and Settings\All Users\start menu\programs\startup\*.exe was not found!
>>>>>>>>>> Misc Checks
Parameter line : file=%sysdir%;*.dat;150;81920;;;
  File C:\WINDOWS\SYSTEM32\*.dat for today - 150 days with a size of 81920 bytes was not found!
Parameter line : file=%sysdir%;*.dat;150;61952;;;
  File C:\WINDOWS\SYSTEM32\*.dat for today - 150 days with a size of 61952 bytes was not found!
Parameter line : file=%sysdir%;*.dat;150;65536;;;
  File C:\WINDOWS\SYSTEM32\*.dat for today - 150 days with a size of 65536 bytes was not found!
Parameter line : file=%sysdir%;*.dat;150;7680;;;
  File C:\WINDOWS\SYSTEM32\*.dat for today - 150 days with a size of 7680 bytes was not found!
Parameter line : file=%sysdir%;*.dat;150;91648;;;
  File C:\WINDOWS\SYSTEM32\*.dat for today - 150 days with a size of 91648 bytes was not found!
Parameter line : file=%sysdir%;*.dat;150;7168;;;
  File C:\WINDOWS\SYSTEM32\*.dat for today - 150 days with a size of 7168 bytes was not found!
Parameter line : file=%windir%;*.dll;150;10843;;;
  File C:\WINDOWS\*.dll for today - 150 days with a size of 10843 bytes was not found!
Parameter line : file=%windir%;*.dll;150;3950;;;
  File C:\WINDOWS\*.dll for today - 150 days with a size of 3950 bytes was not found!
Parameter line : file=%windir%;*.dll;150;3943;;;
  File C:\WINDOWS\*.dll for today - 150 days with a size of 3943 bytes was not found!

<<<<<<<<<< Checking for AddOn RDriv.def information >>>>>>>>>>
Registry Entries
Parameter line : RegKey=HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center;;
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center found!
   AntiVirusDisableNotify   0
   FirewallDisableNotify   0
   UpdatesDisableNotify   0
   AntiVirusOverride   0
   FirewallOverride   0

  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring

  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus

  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus

  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus

  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus

  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall

  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus

  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall

  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus

  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus

  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall

  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall

  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus

  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall

  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall

Parameter line : RegKey=HKEY_LOCAL_MACHINE\Software\Microsoft\Security Center Updates;;
  HKEY_LOCAL_MACHINE\Software\Microsoft\Security Center Updates not found!
Parameter line : RegKey=HKEY_LOCAL_MACHINE\Software\Microsoft\Security Center AntiVirus;;
  HKEY_LOCAL_MACHINE\Software\Microsoft\Security Center AntiVirus not found!
Parameter line : RegKey=HKEY_LOCAL_MACHINE\Software\Microsoft\Security Center Firewall;;
  HKEY_LOCAL_MACHINE\Software\Microsoft\Security Center Firewall not found!
Parameter line : RegKey=HKEY_LOCAL_MACHINE\Software\Microsoft\OLE;;
  HKEY_LOCAL_MACHINE\Software\Microsoft\OLE found!
   EnableDCOM   Y

  HKEY_LOCAL_MACHINE\Software\Microsoft\OLE\AppCompat

  HKEY_LOCAL_MACHINE\Software\Microsoft\OLE\AppCompat\ActivationSecurityCheckExemptionList
   {A50398B8-9075-4FBF-A7A1-456BF21937AD}   1
   {AD65A69D-3831-40D7-9629-9B0B50A93843}   1
   {0040D221-54A1-11D1-9DE0-006097042D69}   1
   {2A6D72F1-6E7E-4702-B99C-E40D3DED33C3}   1

Parameter line : RegKey=HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\rdriv;;
  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\rdriv not found!
Parameter line : RegKey=HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\iTunesMusic;;
  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\iTunesMusic not found!
Parameter line : RegKey=HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\Legacy_ITUNESMUSIC;;
  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\Legacy_ITUNESMUSIC not found!
Parameter line : RegKey=HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\Legacy_RDRIV;;
  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\Legacy_RDRIV not found!
Parameter line : RegKey=HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\WindowsUpdate;;
  HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\WindowsUpdate not found!
Parameter line : RegKey=HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall;;
  HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall not found!
Parameter line : RegKey=HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\lanmanserver\parameters;;
  HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\lanmanserver\parameters found!
   autodisconnect   15
   enableforcedlogoff   1
   enablesecuritysignature   0
   requiresecuritysignature   0
   Lmannounce   0
   Size   1
   Guid   1pz‡9-OI¸,¹_ò
   AdjustedNullSessionPipes   1
   CachedOpenLimit   0
Parameter line : RegKey=HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\lanmanworkstation\parameters;;
  HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\lanmanworkstation\parameters found!
   enableplaintextpassword   0
   enablesecuritysignature   1
   requiresecuritysignature   0

Parameter line : RegKey=HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions;;
  HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions found!

  HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
   {00022613-0000-0000-C000-000000000046}   Multimedia File Property Sheet
   {176d6597-26d3-11d1-b350-080036a75b03}   ICM Scanner Management
   {1F2E5C40-9550-11CE-99D2-00AA006E086C}   NTFS Security Page
   {3EA48300-8CF6-101B-84FB-666CCB9BCD32}   OLE Docfile Property Page
   {40dd6e20-7c17-11ce-a804-00aa003ca9f6}   Shell extensions for sharing
   {41E300E0-78B6-11ce-849B-444553540000}   PlusPack CPL Extension
   {42071712-76d4-11d1-8b24-00a0c9068ff3}   Display Adapter CPL Extension
   {42071713-76d4-11d1-8b24-00a0c9068ff3}   Display Monitor CPL Extension
   {42071714-76d4-11d1-8b24-00a0c9068ff3}   Display Panning CPL Extension
   {4E40F770-369C-11d0-8922-00A024AB2DBB}   DS Security Page
   {513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}   Compatibility Page
   {56117100-C0CD-101B-81E2-00AA004AE837}   Shell Scrap DataHandler
   {59099400-57FF-11CE-BD94-0020AF85B590}   Disk Copy Extension
   {59be4990-f85c-11ce-aff7-00aa003ca9f6}   Shell extensions for Microsoft Windows Network objects
   {5DB2625A-54DF-11D0-B6C4-0800091AA605}   ICM Monitor Management
   {675F097E-4C4D-11D0-B6C1-0800091AA605}   ICM Printer Management
   {764BF0E1-F219-11ce-972D-00AA00A14F56}   Shell extensions for file compression
   {77597368-7b15-11d0-a0c2-080036af3f03}   Web Printer Shell Extension
   {7988B573-EC89-11cf-9C00-00AA00A14F56}   Disk Quota UI
   {853FE2B1-B769-11d0-9C4E-00C04FB6C6FA}   Encryption Context Menu
   {85BBD920-42A0-1069-A2E4-08002B30309D}   Briefcase
   {88895560-9AA2-1069-930E-00AA0030EBC8}   HyperTerminal Icon Ext
   {BD84B380-8CA2-1069-AB1D-08000948F534}   Fonts
   {DBCE2480-C732-101B-BE72-BA78E9AD5B27}   ICC Profile
   {F37C5810-4D3F-11d0-B4BF-00AA00BBB723}   Printers Security Page
   {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}   Shell extensions for sharing
   {f92e8c40-3d33-11d2-b1aa-080036a75b03}   Display TroubleShoot CPL Extension
   {7444C717-39BF-11D1-8CD9-00C04FC29D45}   Crypto PKO Extension
   {7444C719-39BF-11D1-8CD9-00C04FC29D45}   Crypto Sign Extension
   {7007ACC7-3202-11D1-AAD2-00805FC1270E}   Network Connections
   {992CFFA0-F557-101A-88EC-00DD010CCC48}   Network Connections
   {E211B736-43FD-11D1-9EFB-0000F8757FCD}   Scanners & Cameras
   {FB0C9C8A-6C50-11D1-9F1D-0000F8757FCD}   Scanners & Cameras
   {905667aa-acd6-11d2-8080-00805f6596d2}   Scanners & Cameras
   {3F953603-1008-4f6e-A73A-04AAC7A992F1}   Scanners & Cameras
   {83bbcbf3-b28a-4919-a5aa-73027445d672}   Scanners & Cameras
   {F0152790-D56E-4445-850E-4F3117DB740C}   Remote Sessions CPL Extension
   {5F327514-6C5E-4d60-8F16-D07FA08A78ED}   Auto Update Property Sheet Extension
   {60254CA5-953B-11CF-8C96-00AA00B8708C}   Shell extensions for Windows Script Host
   {2206CDB2-19C1-11D1-89E0-00C04FD7A829}   Microsoft Data Link
   {DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF}   Tasks Folder Icon Handler
   {797F1E90-9EDD-11cf-8D8E-00AA0060F5BF}   Tasks Folder Shell Extension
   {D6277990-4C6A-11CF-8D87-00AA0060F5BF}   Scheduled Tasks
   {0DF44EAA-FF21-4412-828E-260A8728E7F1}   Taskbar and Start Menu
   {2559a1f0-21d7-11d4-bdaf-00c04f60b9f0}   Search
   {2559a1f1-21d7-11d4-bdaf-00c04f60b9f0}   Help and Support
   {2559a1f2-21d7-11d4-bdaf-00c04f60b9f0}   Help and Support
   {2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}   Run...
   {2559a1f4-21d7-11d4-bdaf-00c04f60b9f0}   Internet
   {2559a1f5-21d7-11d4-bdaf-00c04f60b9f0}   E-mail
   {D20EA4E1-3957-11d2-A40B-0C5020524152}   Fonts
   {D20EA4E1-3957-11d2-A40B-0C5020524153}   Administrative Tools
   {875CB1A1-0F29-45de-A1AE-CFB4950D0B78}   Audio Media Properties Handler
   {40C3D757-D6E4-4b49-BB41-0E5BBEA28817}   Video Media Properties Handler
   {E4B29F9D-D390-480b-92FD-7DDB47101D71}   Wav Properties Handler
   {87D62D94-71B3-4b9a-9489-5FE6850DC73E}   Avi Properties Handler
   {A6FD9E45-6E44-43f9-8644-08598F5A74D9}   Midi Properties Handler
   {c5a40261-cd64-4ccf-84cb-c394da41d590}   Video Thumbnail Extractor
   {5E6AB780-7743-11CF-A12B-00AA004AE837}   Microsoft Internet Toolbar
   {22BF0C20-6DA7-11D0-B373-00A0C9034938}   Download Status
   {91EA3F8B-C99B-11d0-9815-00C04FD91972}   Augmented Shell Folder
   {6413BA2C-B461-11d1-A18A-080036B11A03}   Augmented Shell Folder 2
   {F61FFEC1-754F-11d0-80CA-00AA005B4383}   BandProxy
   {7BA4C742-9E81-11CF-99D3-00AA004AE837}   Microsoft BrowserBand
   {30D02401-6A81-11d0-8274-00C04FD5AE38}   Search Band
   {32683183-48a0-441b-a342-7c2a440a9478}   Media Band
   {169A0691-8DF9-11d1-A1C4-00C04FD75D13}   In-pane search
   {07798131-AF23-11d1-9111-00A0C98BA67D}   Web Search
   {AF4F6510-F982-11d0-8595-00AA004CD6D8}   Registry Tree Options Utility
   {01E04581-4EEE-11d0-BFE9-00AA005B4383}   &Address
   {A08C11D2-A228-11d0-825B-00AA005B4383}   Address EditBox
   {00BB2763-6A77-11D0-A535-00C04FD7D062}   Microsoft AutoComplete
   {7376D660-C583-11d0-A3A5-00C04FD706EC}   TridentImageExtractor
   {6756A641-DE71-11d0-831B-00AA005B4383}   MRU AutoComplete List
   {6935DB93-21E8-4ccc-BEB9-9FE3C77A297A}   Custom MRU AutoCompleted List
   {7e653215-fa25-46bd-a339-34a2790f3cb7}   Accessible
   {acf35015-526e-4230-9596-becbe19f0ac9}   Track Popup Bar
   {E0E11A09-5CB8-4B6C-8332-E00720A168F2}   Address Bar Parser
   {00BB2764-6A77-11D0-A535-00C04FD7D062}   Microsoft History AutoComplete List
   {03C036F1-A186-11D0-824A-00AA005B4383}   Microsoft Shell Folder AutoComplete List
   {00BB2765-6A77-11D0-A535-00C04FD7D062}   Microsoft Multiple AutoComplete List Container
   {ECD4FC4E-521C-11D0-B792-00A0C90312E1}   Shell Band Site Menu
   {3CCF8A41-5C85-11d0-9796-00AA00B90ADF}   Shell DeskBarApp
   {ECD4FC4C-521C-11D0-B792-00A0C90312E1}   Shell DeskBar
   {ECD4FC4D-521C-11D0-B792-00A0C90312E1}   Shell Rebar BandSite
   {DD313E04-FEFF-11d1-8ECD-0000F87A470C}   User Assist
   {EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}   Global Folder Settings
   {EFA24E61-B078-11d0-89E4-00C04FC9E26E}   Favorites Band
   {0A89A860-D7B1-11CE-8350-444553540000}   Shell Automation Inproc Service
   {E7E4BC40-E76A-11CE-A9BB-00AA004AE837}   Shell DocObject Viewer
   {A5E46E3A-8849-11D1-9D8C-00C04FC99D61}   Microsoft Browser Architecture
   {FBF23B40-E3F0-101B-8488-00AA003E56F8}   InternetShortcut
   {3C374A40-BAE4-11CF-BF7D-00AA006946EE}   Microsoft Url History Service
   {FF393560-C2A7-11CF-BFF4-444553540000}   History
   {7BD29E00-76C1-11CF-9DD0-00A0C9034933}   Temporary Internet Files
   {7BD29E01-76C1-11CF-9DD0-00A0C9034933}   Temporary Internet Files
   {CFBFAE00-17A6-11D0-99CB-00C04FD64497}   Microsoft Url Search Hook
   {A2B0DD40-CC59-11d0-A3A5-00C04FD706EC}   IE4 Suite Splash Screen
   {67EA19A0-CCEF-11d0-8024-00C04FD75D13}   CDF Extension Copy Hook
   {131A6951-7F78-11D0-A979-00C04FD705A2}   ISFBand OC
   {9461b922-3c5a-11d2-bf8b-00c04fb93661}   Search Assistant OC
   {3DC7A020-0ACD-11CF-A9BB-00AA004AE837}   The Internet
   {871C5380-42A0-1069-A2EA-08002B30309D}   Internet Name Space
   {EFA24E64-B078-11d0-89E4-00C04FC9E26E}   Explorer Band
   {9E56BE60-C50F-11CF-9A2C-00A0C90A90CE}   Sendmail service
   {9E56BE61-C50F-11CF-9A2C-00A0C90A90CE}   Sendmail service
   {88C6C381-2E85-11D0-94DE-444553540000}   ActiveX Cache Folder
   {E6FB5E20-DE35-11CF-9C87-00AA005127ED}   WebCheck
   {ABBE31D0-6DAE-11D0-BECA-00C04FD940BE}   Subscription Mgr
   {F5175861-2688-11d0-9C5E-00AA00A45957}   Subscription Folder
   {08165EA0-E946-11CF-9C87-00AA005127ED}   WebCheckWebCrawler
   {E3A8BDE6-ABCE-11d0-BC4B-00C04FD929DB}   WebCheckChannelAgent
   {E8BB6DC0-6B4E-11d0-92DB-00A0C90C2BD7}   TrayAgent
   {7D559C10-9FE9-11d0-93F7-00AA0059CE02}   Code Download Agent
   {E6CC6978-6B6E-11D0-BECA-00C04FD940BE}   ConnectionAgent
   {D8BD2030-6FC9-11D0-864F-00AA006809D9}   PostAgent
   {7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB}   WebCheck SyncMgr Handler
   {352EC2B7-8B9A-11D1-B8AE-006008059382}   Shell Application Manager
   {0B124F8F-91F0-11D1-B8B5-006008059382}   Installed Apps Enumerator
   {CFCCC7A0-A282-11D1-9082-006008059382}   Darwin App Publisher
   {e84fda7c-1d6a-45f6-b725-cb260c236066}   Shell Image Verbs
   {66e4e4fb-f385-4dd0-8d74-a2efd1bc6178}   Shell Image Data Factory
   {3F30C968-480A-4C6C-862D-EFC0897BB84B}   GDI+ file thumbnail extractor
   {9DBD2C50-62AD-11d0-B806-00C04FD706EC}   Summary Info Thumbnail handler (DOCFILES)
   {EAB841A0-9550-11cf-8C16-00805F1408F3}   HTML Thumbnail Extractor
   {eb9b1153-3b57-4e68-959a-a3266bc3d7fe}   Shell Image Property Handler
   {CC6EEFFB-43F6-46c5-9619-51D571967F7D}   Web Publishing Wizard
   {add36aa8-751a-4579-a266-d66f5202ccbb}   Print Ordering via the Web
   {6b33163c-76a5-4b6c-bf21-45de9cd503a1}   Shell Publishing Wizard Object
   {58f1f272-9240-4f51-b6d4-fd63d1618591}   Get a Passport Wizard
   {7A9D77BD-5403-11d2-8785-2E0420524153}   User Accounts
   {E88DCCE0-B7B3-11d1-A9F0-00AA0060FA31}   Compressed (zipped) Folder
   {BD472F60-27FA-11cf-B8B4-444553540000}   Compressed (zipped) Folder Right Drag Handler
   {888DCA60-FC0A-11CF-8F0F-00C04FD7D062}   Compressed (zipped) Folder SendTo Target
   {63da6ec0-2e98-11cf-8d82-444553540000}   FTP Folders Webview
   {883373C3-BF89-11D1-BE35-080036B11A03}   Microsoft DocProp Shell Ext
   {A9CF0EAE-901A-4739-A481-E35B73E47F6D}   Microsoft DocProp Inplace Edit Box Control
   {8EE97210-FD1F-4B19-91DA-67914005F020}   Microsoft DocProp Inplace ML Edit Box Control
   {0EEA25CC-4362-4A12-850B-86EE61B0D3EB}   Microsoft DocProp Inplace Droplist Combo Control
   {6A205B57-2567-4A2C-B881-F787FAB579A3}   Microsoft DocProp Inplace Calendar Control
   {28F8A4AC-BBB3-4D9B-B177-82BFC914FA33}   Microsoft DocProp Inplace Time Control
   {8A23E65E-31C2-11d0-891C-00A024AB2DBB}   Directory Query UI
   {9E51E0D0-6E0F-11d2-9601-00C04FA31A86}   Shell properties for a DS object
   {163FDC20-2ABC-11d0-88F0-00A024AB2DBB}   Directory Object Find
   {F020E586-5264-11d1-A532-0000F8757D7E}   Directory Start/Search Find
   {0D45D530-764B-11d0-A1CA-00AA00C16E65}   Directory Property UI
   {62AE1F9A-126A-11D0-A14B-0800361B1103}   Directory Context Menu Verbs
   {ECF03A33-103D-11d2-854D-006008059367}   MyDocs Copy Hook
   {ECF03A32-103D-11d2-854D-006008059367}   MyDocs Drop Target
   {4a7ded0a-ad25-11d0-98a8-0800361b1103}   MyDocs Properties
   {750fdf0e-2a26-11d1-a3ea-080036587f03}   Offline Files Menu
   {10CFC467-4392-11d2-8DB4-00C04FA31A66}   Offline Files Folder Options
   {AFDB1F70-2A4C-11d2-9039-00C04F8EEB3E}   Offline Files Folder
   {143A62C8-C33B-11D1-84FE-00C04FA34A14}   Microsoft Agent Character Property Sheet Handler
   {ECCDF543-45CC-11CE-B9BF-0080C87CDBA6}   DfsShell
   {60fd46de-f830-4894-a628-6fa81bc0190d}   %DESC_PublishDropTarget%
   {7A80E4A8-8005-11D2-BCF8-00C04F72C717}   MMC Icon Handler
   {0CD7A5C0-9F37-11CE-AE65-08002B2E1262}   .CAB file viewer
   {32714800-2E5F-11d0-8B85-00AA0044F941}   For &People...
   {8DD448E6-C188-4aed-AF92-44956194EB1F}   Windows Media Player Play as Playlist Context Menu Handler
   {CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C}   Windows Media Player Burn Audio CD Context Menu Handler
   {F1B9284F-E9DC-4e68-9D7E-42362A59F0FD}   Windows Media Player Add to Playlist Context Menu Handler
   {2559a1f7-21d7-11d4-bdaf-00c04f60b9f0}   Set Program Access and Defaults
   {596AB062-B4D2-4215-9F74-E9109B0A8153}   Previous Versions Property Page
   {9DB7A13C-F208-4981-8353-73CC61AE2783}   Previous Versions
   {0006F045-0000-0000-C000-000000000046}   Microsoft Outlook Custom Icon Handler
   {E0D79304-84BE-11CE-9641-444553540000}   WinZip
   {E0D79305-84BE-11CE-9641-444553540000}   WinZip
   {E0D79306-84BE-11CE-9641-444553540000}   WinZip
   {E0D79307-84BE-11CE-9641-444553540000}   WinZip
   {9F97547E-4609-42C5-AE0C-81C61FFAEBC3}   AVG7 Shell Extension
   {9F97547E-460A-42C5-AE0C-81C61FFAEBC3}   AVG7 Find Extension
   {40950107-FEA6-4d53-A65F-B2DCBA57DD58}   Nokia Phone Browser
   {FBFE7864-D495-41f0-B7DC-4BB601CC295E}   Contact View
   {C0C4375A-5B72-4efe-929D-3B848C3A1E91}   Message View
   {640167b4-59b0-47a6-b335-a6b3c0695aea}   Portable Media Devices
   {cc86590a-b60a-48e6-996b-41d25ed39a1e}   Portable Media Devices Menu
   {A70C977A-BF00-412C-90B7-034C51DA2439}   NvCpl DesktopContext Class
   {1CDB2949-8F65-4355-8456-263E7C208A5D}   Desktop Explorer
   {1E9B04FB-F9E5-4718-997B-B8DA88302A47}   Desktop Explorer Menu
   {1E9B04FB-F9E5-4718-997B-B8DA88302A48}   nView Desktop Context Menu
   {A5110426-177D-4e08-AB3F-785F10B4439C}   My Phones
   {692F0339-CBAA-47e6-B5B5-3B84DB604E87}   Extensions Manager Folder
   {21569614-B795-46b1-85F4-E737A8DC09AD}   Shell Search Band
   {FFB699E0-306A-11d3-8BD1-00104B6F7516}   Play on my TV helper
   {f39a0dc0-9cc8-11d0-a599-00c04fd64433}   Channel File
   {f3aa0dc0-9cc8-11d0-a599-00c04fd64434}   Channel Shortcut
   {f3ba0dc0-9cc8-11d0-a599-00c04fd64435}   Channel Handler Object
   {f3da0dc0-9cc8-11d0-a599-00c04fd64437}   Channel Menu
   {f3ea0dc0-9cc8-11d0-a599-00c04fd64438}   Channel Properties


Files
Parameter line : File=%sysdir%;rdriv.sys;;;;;
  File C:\WINDOWS\SYSTEM32\rdriv.sys was not found!
Parameter line : File=%sysdir%;ItunesMusic.exe;;;;;
  File C:\WINDOWS\SYSTEM32\ItunesMusic.exe was not found!
Parameter line : File=%sysdir%;wkssvc.exe;;;;;
  File C:\WINDOWS\SYSTEM32\wkssvc.exe was not found!
Parameter line : File=%windir%;ItunesMusic.exe;;;;;
  File C:\WINDOWS\ItunesMusic.exe was not found!
Parameter line : File=%windir%;wkssvc.exe;;;;;
  File C:\WINDOWS\wkssvc.exe was not found!

<<<<<<<<<< Checking for AddOn SharedTaskScheduler.def information >>>>>>>>>>
>>>>>>>>>> Exporting Policies from HKLM
Parameter line : regkey=HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler;;
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler found!
   {438755C2-A8BA-11D1-B96B-00A0C90312E1}   Browseui preloader
   {8C7461EF-2B13-11d2-BE35-3078302C2030}   Component Categories cache daemon
   {D1A2E7CD-F5C1-21A8-CA2C-13D0AC72D19D}   Wheel Mouse Optical Driver


<<<<<<<<<< Checking for AddOn WareOut.def information >>>>>>>>>>
>>>>>>>>>> PLEASE NOTE THAT ALL FILES FOUND BY THIS METHOD ARE NOT BAD FILES, There WILL be LEGIT FILES LISTED PLEASE BE CAREFUL WHILE FIXING. IF YOU ARE UNSURE OF WHAT IT IS LEAVE THEM ALONE.
Parameter line : file=%sysdir%;*.exe;300;55304;;;
  File C:\WINDOWS\SYSTEM32\*.exe for today - 300 days with a size of 55304 bytes was not found!
Parameter line : file=%sysdir%;*.exe;;43528;;;
  File C:\WINDOWS\SYSTEM32\*.exe with a size of 43528 bytes was not found!
Parameter line : file=%sysdir%;*.exe;300;4096;;;
  File C:\WINDOWS\SYSTEM32\*.exe for today - 300 days with a size of 4096 bytes was not found!
Parameter line : file=%sysdir%;*.exe;;43528;;;
  File C:\WINDOWS\SYSTEM32\*.exe with a size of 43528 bytes was not found!
Parameter line : file=%sysdir%;*.exe;300;28680;;;
  File C:\WINDOWS\SYSTEM32\*.exe for today - 300 days with a size of 28680 bytes was not found!
Parameter line : file=%sysdir%;*.exe;;11264;;;
                       4/08/2004 6:56:48 PM        11264      C:\WINDOWS\SYSTEM32\atmadm.exe found!

[guestolo]

Can you do the following, I want to eliminate malware

Please download Rootkit Revealer (link is at the very bottom of the page)

    * Unzip it to your desktop.
    * Double-click rootkitrevealer.exe
    * Click the Scan button (bottom right)
    * It may take a while to scan (don't do anything while it's running)
    * When it's done, go up to File > Save. Choose to save it to your desktop.
    * Open rootkitrevealer.txt on your desktop and copy the entire contents and paste them here

[bizzoveg111]

Hi.

All done

"Scan complete. No discrepencies found"

Thanks

Liz

[guestolo]

Can I get you to run another tool please
I want to ensure we rid you of the index.dat files in the temp folders

==Download and Install
Windows Cleanup! 4.0
==Open Cleanup! by double-clicking the icon on your desktop (or from the Start > All Programs menu).

Press the CleanUp! button to start the program.
When it's finished
Don't just log off but also Reboot the computer

Let me know if you still get the errors

I know this isn't much help, but if you have too many errors getting back here
and even if you don't
Please install my favorite browser
FireFox
http://www.mozilla.com/firefox/

I'm not asking you to download this browser as a permanent fix, but a temporary work around
I would also like to know if you get errors while running Firefox

[bizzoveg111]

All done!

Firefox has had no problems so far........

Seems a bit faster too.

I shall check in as soon as it has problems.

Thanks again

Liz

[bizzoveg111]

Hi there

Just giving you an update.

No crashes using firefox.........wonderful.

Had one crash with same error message (different numbers) whilst using adobe and a cd.

Wondering if its related to a memory problem?

Thanks

Liz

[guestolo]

Can we just check one more thing before you go test the memory
By the way, you can use Memtest86 for that

Right click the MyComputer Icon and then left click properties
Click the Hardware tab>>Select Device Manager
Expand(+) Display Adapters
Double click on your display adapter, which appears to be Nvidia
Open the Driver tab
Let me know driver date and driver version

Could you also open Hijackthis>>Open Misc tools section>>Open Uninstall manager
Click the SAVE LIST button
Save the list too desktop then copy and paste back here the whole contents please

[bizzoveg111]

Hi

You got me to update my display adapter previously........
Driver date is 10th dec 2005
Driver Version is 8.1.9.8

Hijack Log:
AC3Filter (remove only)
Ad-Aware SE Personal
Adobe Download Manager 2.0 (Remove Only)
Adobe Photoshop 7.0
Adobe Reader 7.0
afreeCodecVT
AnyDVD
AVG Free Edition
AVI DivX to DVD SVCD VCD Converter 1.4.0
BHA B's Recorder GOLD 5.30
Charlie and the Chocolate Factory (remove only)
CleanUp!
CloneCD
CloneDVD
DivX
DivxToDVD 1.99.11
D-Link DSL-302G USB Driver
DVD Shrink 3.2
DVD X Rescue
Electronic Arts Product Registration
EPSON PhotoQuicker3.2
EPSON Printer Software
ewido anti-malware
HijackThis 1.99.1
Hotfix for Windows XP (KB912475)
InterVideo WinDVD
J2SE Runtime Environment 5.0 Update 3
J2SE Runtime Environment 5.0 Update 6
Kid Pix Studio Deluxe
KwÐ v5.0 MPEG-4 Codec
LimeWire PRO 4.10.0
Macromedia Flash Player 8
Macromedia Shockwave Player
Microsoft Office 2000 Premium
mIRC
Mozilla Firefox (1.5)
MSN Messenger 7.5
MXpie Patch
Nancy Drew: The Final Scene
Nokia Connectivity Cable Driver
Nokia PC Suite
NVIDIA Drivers
Seagate SeaTools English Online
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893066)
Security Update for Windows XP (KB896688)
setup (Remove only)
Sony Ericsson File Manager
Sony Ericsson Image Editor
Sony Ericsson MMS Home Studio
Sony Ericsson Sound Editor
Sony USB Driver
Spybot - Search & Destroy 1.4
SpywareBlaster v3.5.1
The Sacred Amulet (tm)
Update for Windows XP (KB894391)
USB Data Cable
VEGA$ - Make It Big
Windows Defender
Windows Defender Signatures
Windows Genuine Advantage v1.3.0254.0
Windows Media Format Runtime
Windows Media Player 10
Windows XP Hotfix - KB873333
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
Windows XP Service Pack 2
WinMX
WinZip
XviD 1.1 final uninstall

Thanks

Liz

[guestolo]

I would almost bet that one of your CD/DVD copying/virtual drive software may be the issue
You would have to make sure that they are all the latest versions
and check out their version histories for fixes
I'm not going to track down the makers websites for updates or fixes
I'll leave that up to you
Geesh, I'm not sure where to go from here
A clean install would help with this many problems your having
But I wouldn't go installing all that copying software all at once
You could try uninstalling all of it, reinstall one at a time, give it some time to see which one could be the problems
I actually wanted you too earlier uninstall ALL copying programs, including copyprotection programs you install
BEFORE install Service pack 2
They very much could of interfered with the install
I think I can find about 4 times you said the computer crashed when you were copying a DVD or CD

Again, as mentioned, check with ALL the makers websites for issues with their software before installing it!!!!

Have you checked for errors in
Go to start>>run>>type in
eventvwr.msc
For recent error messages that may give a clue

As you mentioned, you could check out your memory
Download
Memtest86 v3.2 ISO image (zip)"
from here
http://www.memtest86.com/
Unzip the contents within and then burn the ISO image file to a CD and bootup with it to check your memory
This test can take some time
Remember to set the bios to boot from the CD first

[bizzoveg111]

Hi there

I did uninstall my copying programs as requested and have only just put CLONE CD back on as it made no difference.

In the eventvwr.msc it simply states its an application error. No clue as to what or why.

I downloaded the 'memory link' and copied the memtest86-3.2.iso to cd & have rebooted from the CD. What is supposed to happen? It says it is booting from CD, the cd drive flashes in stages and then it just starts in windows as normal.

What is supposed to happen? It there supposed to be a test message or something?

Thanking you

Liz

[guestolo]

You had to unzip that file you downloaded before burning it
Remember it's an image file, you can't just burn it like normal data
You have to choose burn image or ISO
You don't have copying software to copy an ISO Image?
Is that the problem?

[bizzoveg111]

Hi

I unzipped it and burnt it to a cd using my burning program (b's recorder gold).

It looks exactly the same as the one that was unzipped.

Not sure if i need a specail burning program or not.....

Thanks

Liz

[guestolo]

Doesn't sound like your recording the ISO properly
I have never used B's recorder

From what I understand from their site
The instructions are all documented in their help files in the application folder of the program itself on your harddrive

Be sure to select [ISO]in the settings screen when completing the settings. Refer to [Basic Functions] -> [Create a Data Disc] -> [Creating a Data Disc] in the HTML Help for more details.

the manual if you can't find it, can be found HERE
My favorite burning software is
CDBurnerXP Pro
It's free of course  http://images.thetechguide.com/forum/public/style_emoticons/<#EMO_DIR#>/smile.gif\' class=\'bbc_emoticon\' alt=\'\' />
but you may not want to install it, you should be able to do it with B' recorder
I don't think CloneCd supports it

[bizzoveg111]

Hi again

Oh my goodness! This problem is a real good one!

I have downloaded CDBurnerXP Pro and burnt the memtest86-3.2.iso again on a separate cd.

I restarted my computer (and changed all BIOS modes to boot with cd rom).

Same thing happened.....no test.......just reloaded windows with a bit of a delay with cd light flashing.

A clue? Playing HARRY POTTER game and it shuts down after a while (kids were playing.....but I saw error message). I keep thinking it may be a memory problem because when the game shut down, there was half a picture of HARRY and different audio files were playing...strange.

Error message  said, " The nv4_disp display driver has stopped working normally." Then it said something else but ended in, "upload data about failure to Microsoft". I missed the bit in the middle thinking it would just be a video problem that I may alter in the settings. But alas, I couldn't do it.

Please help. This is so frustrating.

Thanks

Liz

[jcurrieirocz]

I know im side tracking you here but i never seemed to like dvdxcopy it always seemed to not work for me after a while and it did the same thing for my brother and another person i know who used it. Instead of x copy i am now useing DVDFab Express witch i love and works great every time. And its also one of those programs that will still copy regardless of the copyright protected dvds,, for making copys of your own dvds of cource..for back ups! I also think useing this program you shouldnt need dvd srink anymore iether.

Now i see your running 2 or more different converters for divx/xvid/avi to dvd...... you really dont need all of those and you should look at replacing them all with something like i use called Convertxtodvd....it converts everything except rm i think and works great for me...it adds menus and even burns them for you...no need for any other stuff. I also like that i can throw a butch of different kinds of vids and it converts it all and can write it to one dvd. Just a suggestion i know for a while there i had way too many converters and dvdr programs filling up my computer.