windows recovery, ms removal, xp home security

View previous topic View next topic Go down

Re: windows recovery, ms removal, xp home security

Post by mgravot on 19th May 2011, 9:28 pm

OTL logfile created on: 5/19/2011 3:29:19 PM - Run 3
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Compaq_Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 55.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 71.00% Paging File free
Paging file location(s): C:\pagefile.sys 288 576 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 51.71 Gb Total Space | 26.05 Gb Free Space | 50.39% Space Free | Partition Type: NTFS
Drive D: | 4.18 Gb Total Space | 0.99 Gb Free Space | 23.60% Space Free | Partition Type: FAT32

Computer Name: GRAVOTS | User Name: Compaq_Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/19 15:26:42 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\OTL.com
PRC - [2011/03/15 15:54:36 | 000,617,640 | ---- | M] () -- C:\Program Files\iolo\System Mechanic PC TotalCare\System Shield\ioloSSTray.exe
PRC - [2011/03/15 15:20:42 | 000,724,152 | ---- | M] (iolo technologies, LLC) -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
PRC - [2010/01/19 18:46:54 | 000,117,288 | R--- | M] (Authentium, Inc) -- C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe
PRC - [2010/01/19 18:46:48 | 000,121,384 | R--- | M] (Authentium, Inc) -- C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe
PRC - [2009/12/14 16:03:41 | 000,149,904 | ---- | M] (Microsoft ® Corporation) -- C:\Program Files\Microsoft Forefront UAG\Endpoint Components\3.1.0\uagqecsvc.exe
PRC - [2009/11/10 10:28:06 | 001,131,808 | ---- | M] (LeapFrog Enterprises, Inc.) -- C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
PRC - [2008/12/26 14:40:51 | 000,151,552 | ---- | M] (Skyhook Wireless) -- C:\Program Files\Skyhook Wireless\Wi-Fi Service\wpsscannersvc.exe
PRC - [2008/12/26 14:40:04 | 000,408,230 | ---- | M] () -- C:\WINDOWS\system32\cadhgw\atisvc_tmfha.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005/09/30 20:22:50 | 000,096,341 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe
PRC - [2004/10/22 12:53:06 | 000,053,248 | ---- | M] (S3 Graphics, Inc.) -- C:\WINDOWS\system32\VTTimer.exe


========== Modules (SafeList) ==========

MOD - [2011/05/19 15:26:42 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\OTL.com
MOD - [2010/08/23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/03/29 15:41:46 | 000,053,248 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper) getPlus(R)
SRV - [2011/03/15 15:20:42 | 000,724,152 | ---- | M] (iolo technologies, LLC) [Auto | Running] -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloSystemService)
SRV - [2011/03/15 15:20:42 | 000,724,152 | ---- | M] (iolo technologies, LLC) [Auto | Running] -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloFileInfoList)
SRV - [2010/01/19 18:46:56 | 000,158,248 | ---- | M] (Authentium, Inc) [On_Demand | Stopped] -- C:\Program Files\Common Files\Authentium\AntiVirus5\vseqrts.exe -- (vseqrts)
SRV - [2010/01/19 18:46:54 | 000,117,288 | R--- | M] (Authentium, Inc) [Auto | Running] -- C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe -- (vsedsps)
SRV - [2010/01/19 18:46:48 | 000,121,384 | R--- | M] (Authentium, Inc) [Auto | Running] -- C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe -- (vseamps)
SRV - [2009/12/14 16:03:41 | 000,149,904 | ---- | M] (Microsoft ® Corporation) [Auto | Running] -- C:\Program Files\Microsoft Forefront UAG\Endpoint Components\3.1.0\uagqecsvc.exe -- (uagqecsvc)
SRV - [2009/11/10 10:28:06 | 001,131,808 | ---- | M] (LeapFrog Enterprises, Inc.) [Auto | Running] -- C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe -- (LeapFrog Connect Device Service)
SRV - [2008/12/26 14:40:51 | 000,151,552 | ---- | M] (Skyhook Wireless) [Auto | Running] -- C:\Program Files\Skyhook Wireless\Wi-Fi Service\wpsscannersvc.exe -- (wpsscannersvc)
SRV - [2008/12/26 14:40:04 | 000,408,230 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\cadhgw\atisvc_tmfha.exe -- (atisvc_tmfha)
SRV - [2005/09/30 20:22:50 | 000,096,341 | ---- | M] (Canon Inc.) [Auto | Running] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)


========== Driver Services (SafeList) ==========

DRV - [2010/12/20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2010/06/29 18:30:08 | 000,009,341 | ---- | M] (iolo technologies, LLC (based on original work by Bo Brantn)) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\filedisk.sys -- (FileDisk)
DRV - [2010/05/27 07:17:17 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/05/27 07:17:17 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/01/19 18:53:46 | 000,127,016 | R--- | M] (Authentium, Inc) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\amp.sys -- (AMP)
DRV - [2010/01/19 18:53:44 | 001,118,248 | R--- | M] (Authentium, Inc) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ampse.sys -- (AMPSE)
DRV - [2008/12/26 14:40:06 | 000,013,312 | ---- | M] (Skyhook Wireless) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wpsnuio.sys -- (Wpsnuio)
DRV - [2005/03/04 12:02:20 | 001,066,278 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2004/10/01 19:24:02 | 002,279,424 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2004/09/30 00:55:50 | 000,229,888 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sisgrp.sys -- (SiS315)
DRV - [2004/09/24 12:38:40 | 000,012,928 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srvkp.sys -- (SiSkp)
DRV - [2003/12/02 20:23:20 | 000,142,336 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\fasttx2k.sys -- (fasttx2k)
DRV - [2003/07/18 18:58:20 | 000,036,992 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\SISAGPX.sys -- (SISAGP)
DRV - [2003/07/02 13:42:00 | 000,027,904 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\viaagp1.sys -- (viaagp1)
DRV - [2002/10/25 16:59:36 | 000,642,958 | R--- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Intels51.sys -- (Intels51) Intel(R)
DRV - [2002/10/21 12:37:16 | 000,515,803 | ---- | M] (Digital Camera) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\Ca533av.sys -- (Ca533av) Icatch(IV)
DRV - [2002/10/04 19:04:10 | 000,046,976 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\R8139n51.sys -- (rtl8139)
DRV - [2002/07/30 00:43:50 | 000,023,808 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2)
DRV - [2002/07/25 12:19:48 | 000,010,986 | ---- | M] (USB BULK) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Bulk533.sys -- (USBCamera) Icatch(IV)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\software\mozilla\Firefox\Extensions\\msntoolbar@msn.com: C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\Firefox [2010/01/16 13:07:56 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010/06/13 22:09:37 | 000,000,000 | ---D | M]

[2009/12/07 20:51:29 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Extensions
[2008/12/26 14:40:04 | 002,520,032 | ---- | M] () -- C:\Program Files\Mozilla Firefox\components\1282669.dll

O1 HOSTS File: ([2011/05/10 10:54:50 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {00000000-0000-0000-0000-000000000002} - No CLSID value found.
O2 - BHO: (no name) - {15F4D456-5BAA-4076-8486-EECB38CD3E57} - No CLSID value found.
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (&Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (&Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O4 - HKLM..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\LSBurnWatcher.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [PrinTray] C:\WINDOWS\system32\spool\drivers\w32x86\2\printray.exe (Lexmark)
O4 - HKLM..\Run: [PS2] C:\WINDOWS\system32\ps2.EXE (Hewlett-Packard Company)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [VTTimer] C:\WINDOWS\System32\VTTimer.exe (S3 Graphics, Inc.)
O4 - HKCU..\Run: [WhlCach3.exe] C:\Program Files\Microsoft Forefront UAG\Endpoint Components\3.1.0\WhlCach3.exe (Microsoft ® Corporation)
O4 - HKLM..\RunOnce: [SMRequiresRestart] File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\iavlsp.dll (iolo technologies, LLC)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\System32\iavlsp.dll (iolo technologies, LLC)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\WINDOWS\System32\iavlsp.dll (iolo technologies, LLC)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} [You must be registered and logged in to see this link.] (Facebook Photo Uploader 5 Control)
O16 - DPF: {1D8A63E5-F219-11D4-9BD1-000039051213} [You must be registered and logged in to see this link.] (CouponTBInst Control)
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} [You must be registered and logged in to see this link.] (Symantec AntiVirus scanner)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} [You must be registered and logged in to see this link.] (Symantec RuFSI Utility Class)
O16 - DPF: {6F750203-1362-4815-A476-88533DE61D0C} [You must be registered and logged in to see this link.] (Kodak Gallery Easy Upload Manager Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} [You must be registered and logged in to see this link.] (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_21)
O16 - DPF: {8EC18CE2-D7B4-11D2-88C8-006008A717FD} [You must be registered and logged in to see this link.] (NCSView Class)
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} [You must be registered and logged in to see this link.] (Virtools WebPlayer Class)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_21)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} [You must be registered and logged in to see this link.] (get_atlcom Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [You must be registered and logged in to see this link.] (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} [You must be registered and logged in to see this link.] (get_atlcom Class)
O16 - DPF: {EFD1E13D-1CB3-4545-B754-CA410FE7734F} [You must be registered and logged in to see this link.] (Photo Upload Plugin Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 216.165.129.158
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/10/26 20:00:03 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/28 06:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (autocheck smrgdf C:\Documents and Settings\Compaq_Owner\Application Data\iolo\) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKCU\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/05/19 15:26:39 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\OTL.com
[2011/05/19 15:22:03 | 000,201,728 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\OTC.exe
[2011/05/11 19:16:34 | 001,407,280 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Compaq_Owner\Desktop\tdsskiller.exe
[2011/05/10 13:23:50 | 000,000,000 | ---D | C] -- C:\Rooter$
[2011/05/10 13:23:22 | 000,173,119 | ---- | C] (Eric_71) -- C:\Documents and Settings\Compaq_Owner\Desktop\Rooter.exe
[2011/05/10 11:39:14 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/05/08 17:54:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Application Data\Malwarebytes
[2011/05/08 17:53:35 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/05/08 17:53:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/05/08 17:53:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/05/08 17:53:28 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/05/04 20:20:58 | 000,577,536 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Compaq_Owner\Desktop\aswMBR.exe
[2011/05/03 23:12:15 | 000,118,784 | ---- | C] (iolo technologies, LLC) -- C:\WINDOWS\System32\iavlsp.dll
[2011/05/03 23:12:12 | 000,087,688 | ---- | C] (iolo technologies, LLC) -- C:\WINDOWS\System32\IncContxMenu.dll
[2011/05/03 23:12:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\System Mechanic PC TotalCare
[2011/05/03 23:12:03 | 000,056,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\offreg.dll
[2011/05/03 23:12:03 | 000,029,696 | ---- | C] (iolo technologies, LLC) -- C:\WINDOWS\System32\iolobtdfg.exe
[2011/05/03 23:12:03 | 000,011,776 | ---- | C] (iolo technologies, LLC) -- C:\WINDOWS\System32\smrgdf.exe
[2011/05/03 22:57:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2011/05/03 22:18:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Authentium
[2011/05/03 09:26:23 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011/05/03 09:26:23 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011/05/03 09:26:23 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011/05/03 09:26:23 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011/05/03 09:26:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/05/03 09:08:09 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Compaq_Owner\Recent
[2011/05/03 08:27:00 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/05/02 21:18:44 | 000,000,000 | ---D | C] -- C:\Program Files\NOS
[2011/05/02 21:18:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NOS
[2011/05/02 20:28:05 | 016,537,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Documents and Settings\Compaq_Owner\Desktop\jre-6u25-windows-i586.exe
[2011/05/02 19:09:58 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2011/05/02 17:55:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2011/05/01 23:01:27 | 000,000,000 | ---D | C] -- C:\Program Files\interMute
[2011/05/01 20:10:00 | 000,095,568 | R--- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfeapfk.sys.5bf4.deleteme
[2011/05/01 20:09:57 | 000,385,536 | R--- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfehidk.sys.5e02.deleteme
[2011/05/01 19:21:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\DriveScrubber 3
[2011/05/01 19:21:35 | 002,234,552 | ---- | C] (iolo technologies, LLC) -- C:\WINDOWS\System32\Incinerator.dll
[2011/05/01 19:17:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\iolo
[2011/05/01 19:16:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Search and Recover
[2011/05/01 19:16:04 | 000,009,341 | ---- | C] (iolo technologies, LLC (based on original work by Bo Brantn)) -- C:\WINDOWS\System32\drivers\filedisk.sys
[2011/05/01 19:15:49 | 000,000,000 | ---D | C] -- C:\Program Files\iolo
[2011/05/01 19:14:36 | 000,000,000 | ---D | C] -- C:\iolo
[2011/05/01 19:01:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Application Data\iolo
[2011/05/01 19:01:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\iolo

========== Files - Modified Within 30 Days ==========

[2011/05/19 15:26:42 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\OTL.com
[2011/05/19 15:24:00 | 000,000,898 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/05/19 15:21:58 | 000,201,728 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\OTC.exe
[2011/05/19 14:24:02 | 000,000,894 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/05/19 06:46:30 | 000,000,408 | ---- | M] () -- C:\WINDOWS\System32\iolo.ini
[2011/05/19 06:46:22 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/05/19 06:44:12 | 000,000,188 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.DAT
[2011/05/19 06:44:07 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/05/19 06:44:06 | 1274,597,376 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/18 19:53:08 | 000,502,095 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\unhide.exe
[2011/05/18 17:29:50 | 000,000,436 | ---- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{934C330A-1743-4407-BF40-7B65DA3CE113}.job
[2011/05/17 12:08:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/05/14 07:41:45 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Internet Explorer.lnk
[2011/05/14 07:41:39 | 000,000,746 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Outlook Express.lnk
[2011/05/12 18:49:33 | 000,293,775 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\gmer.zip
[2011/05/12 07:35:05 | 000,080,384 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\MBRCheck.exe
[2011/05/12 07:34:20 | 001,407,280 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Compaq_Owner\Desktop\tdsskiller.exe
[2011/05/10 14:05:24 | 000,170,711 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\web passwords.rtf
[2011/05/10 13:23:22 | 000,173,119 | ---- | M] (Eric_71) -- C:\Documents and Settings\Compaq_Owner\Desktop\Rooter.exe
[2011/05/10 10:54:50 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/05/10 10:42:31 | 004,345,263 | R--- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\ComboFix.exe
[2011/05/10 07:47:32 | 000,017,438 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\32760rk4g1p24q1l2o174hf3526j1456y7i1o1865s52h
[2011/05/10 07:47:31 | 000,017,438 | -HS- | M] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\32760rk4g1p24q1l2o174hf3526j1456y7i1o1865s52h
[2011/05/08 20:11:23 | 000,014,192 | -HS- | M] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\mptnc6q8788g1dt0rhb7ftt43p
[2011/05/08 20:11:23 | 000,014,192 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\mptnc6q8788g1dt0rhb7ftt43p
[2011/05/08 17:53:35 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/06 12:44:18 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\MBR.dat
[2011/05/04 20:20:58 | 000,577,536 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Compaq_Owner\Desktop\aswMBR.exe
[2011/05/03 23:20:37 | 000,000,406 | ---- | M] () -- C:\WINDOWS\System32\ioloBootDefrag.cfg
[2011/05/03 23:12:12 | 000,001,832 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\System Mechanic PC TotalCare.lnk
[2011/05/03 23:12:12 | 000,001,814 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\System Mechanic PC TotalCare.lnk
[2011/05/03 22:40:07 | 000,974,081 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\A guide and tutorial on using ComboFix.mht
[2011/05/03 22:36:37 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/05/03 22:05:48 | 000,009,646 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Application Data\E16E.007
[2011/05/03 15:19:40 | 000,001,494 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Calculator.lnk
[2011/05/03 15:19:37 | 004,997,120 | ---- | M] () -- C:\WINDOWS\outlook.pst
[2011/05/03 09:00:25 | 000,020,062 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\7436f707h6re145pe55c
[2011/05/03 09:00:24 | 000,020,062 | -HS- | M] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\7436f707h6re145pe55c
[2011/05/02 20:30:05 | 001,228,854 | ---- | M] () -- C:\fsqwr.bmp
[2011/05/02 20:28:05 | 016,537,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\Compaq_Owner\Desktop\jre-6u25-windows-i586.exe
[2011/05/02 19:11:52 | 000,000,378 | ---- | M] () -- C:\WINDOWS\tasks\Symantec NetDetect.job
[2011/05/01 23:22:47 | 000,002,154 | ---- | M] () -- C:\WINDOWS\System32\ssmute.ini
[2011/05/01 22:49:05 | 000,000,800 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Outlook.lnk
[2011/05/01 21:56:34 | 000,001,737 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2011/05/01 20:04:43 | 000,185,016 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/05/01 19:21:42 | 000,000,841 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\DriveScrubber.lnk
[2011/05/01 19:16:19 | 000,000,879 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Search and Recover.lnk
[2011/05/01 19:02:16 | 000,074,703 | ---- | M] () -- C:\WINDOWS\System32\mfc45.dll
[2011/05/01 11:18:20 | 000,001,945 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2011/04/30 20:16:19 | 000,000,344 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\18865972

========== Files Created - No Company Name ==========

[2011/05/19 06:46:30 | 000,000,408 | ---- | C] () -- C:\WINDOWS\System32\iolo.ini
[2011/05/18 19:53:12 | 000,502,095 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\unhide.exe
[2011/05/14 07:41:44 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Internet Explorer.lnk
[2011/05/14 07:41:39 | 000,000,746 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Outlook Express.lnk
[2011/05/12 18:49:33 | 000,293,775 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\gmer.zip
[2011/05/12 07:35:05 | 000,080,384 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\MBRCheck.exe
[2011/05/09 22:25:36 | 000,017,438 | -HS- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\32760rk4g1p24q1l2o174hf3526j1456y7i1o1865s52h
[2011/05/09 22:25:36 | 000,017,438 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\32760rk4g1p24q1l2o174hf3526j1456y7i1o1865s52h
[2011/05/08 20:04:30 | 000,014,192 | -HS- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\mptnc6q8788g1dt0rhb7ftt43p
[2011/05/08 20:04:30 | 000,014,192 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\mptnc6q8788g1dt0rhb7ftt43p
[2011/05/08 17:53:35 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/04 20:22:22 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\MBR.dat
[2011/05/03 23:20:37 | 000,000,406 | ---- | C] () -- C:\WINDOWS\System32\ioloBootDefrag.cfg
[2011/05/03 23:12:12 | 000,001,832 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\System Mechanic PC TotalCare.lnk
[2011/05/03 23:12:12 | 000,001,814 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\System Mechanic PC TotalCare.lnk
[2011/05/03 23:00:35 | 1274,597,376 | -HS- | C] () -- C:\hiberfil.sys
[2011/05/03 22:43:01 | 004,345,263 | R--- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\ComboFix.exe
[2011/05/03 22:40:04 | 000,974,081 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\A guide and tutorial on using ComboFix.mht
[2011/05/03 09:26:23 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/05/03 09:26:23 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/05/03 09:26:23 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/05/03 09:26:23 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/05/03 09:26:23 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/05/02 19:52:54 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/05/02 19:11:51 | 000,000,378 | ---- | C] () -- C:\WINDOWS\tasks\Symantec NetDetect.job
[2011/05/02 17:54:17 | 001,228,854 | ---- | C] () -- C:\fsqwr.bmp
[2011/05/01 23:03:44 | 000,000,024 | ---- | C] () -- C:\Documents and Settings\LocalService\Application Data\htjzka.dat
[2011/05/01 23:03:23 | 000,009,646 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\E16E.007
[2011/05/01 23:01:31 | 000,002,154 | ---- | C] () -- C:\WINDOWS\System32\ssmute.ini
[2011/05/01 22:49:05 | 000,000,800 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Outlook.lnk
[2011/05/01 22:13:26 | 000,020,062 | -HS- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\7436f707h6re145pe55c
[2011/05/01 22:13:26 | 000,020,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\7436f707h6re145pe55c
[2011/05/01 21:54:01 | 000,002,347 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader 9.lnk
[2011/05/01 21:54:01 | 000,001,737 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2011/05/01 19:21:42 | 000,000,841 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\DriveScrubber.lnk
[2011/05/01 19:16:19 | 000,000,879 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Search and Recover.lnk
[2011/05/01 19:02:16 | 000,074,703 | ---- | C] () -- C:\WINDOWS\System32\mfc45.dll
[2011/05/01 11:17:33 | 000,001,945 | ---- | C] () -- C:\WINDOWS\epplauncher.mif
[2011/04/30 20:16:19 | 000,000,344 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\18865972
[2011/01/21 11:15:07 | 000,000,408 | ---- | C] () -- C:\WINDOWS\GALSINT.INI
[2010/10/14 16:54:14 | 000,001,940 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2010/10/14 16:48:58 | 000,001,940 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2010/07/21 10:36:53 | 000,035,324 | ---- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/07/12 10:08:45 | 000,000,121 | ---- | C] () -- C:\WINDOWS\GALSWIN.INI
[2010/07/10 16:32:37 | 000,013,729 | ---- | C] () -- C:\WINDOWS\Galsmave.ini
[2009/11/29 17:57:49 | 000,000,110 | ---- | C] () -- C:\WINDOWS\{7E7D778E-121D-4BBD-BA29-FAA81B9FBD8C}_WiseFW.ini
[2009/09/09 22:48:47 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2009/08/16 11:03:02 | 000,027,136 | ---- | C] () -- C:\WINDOWS\System32\QTUninst.dll
[2009/08/08 19:10:37 | 000,018,824 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\hypyz.dat
[2009/08/08 19:10:37 | 000,016,001 | ---- | C] () -- C:\Program Files\Common Files\edacyroho._sy
[2009/08/08 19:10:36 | 000,010,067 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\tyqogumip.ban
[2009/08/08 16:35:31 | 000,013,855 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\xoneku.ban
[2009/08/08 16:35:31 | 000,011,900 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\karylyped._dl
[2009/08/08 16:35:30 | 000,019,825 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\ofys.dl
[2009/08/08 16:35:30 | 000,019,024 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ofahapa.dat
[2009/08/08 16:35:30 | 000,011,608 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\ysokobiviq.bin
[2009/08/08 16:35:30 | 000,010,618 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\amom.bin
[2009/08/01 08:26:13 | 000,073,220 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
[2009/08/01 08:26:13 | 000,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat
[2009/08/01 08:26:13 | 000,029,114 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
[2009/08/01 08:26:13 | 000,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat
[2009/08/01 08:26:13 | 000,021,021 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat
[2009/08/01 08:26:13 | 000,015,670 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat
[2009/08/01 08:26:13 | 000,013,280 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat
[2009/08/01 08:26:13 | 000,010,673 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat
[2009/08/01 08:26:13 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat
[2009/08/01 08:26:13 | 000,001,140 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat
[2009/08/01 08:26:13 | 000,001,140 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat
[2009/08/01 08:26:13 | 000,001,137 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat
[2009/08/01 08:26:13 | 000,001,130 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat
[2009/08/01 08:26:13 | 000,001,130 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat
[2009/08/01 08:26:13 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat
[2009/02/24 22:29:38 | 000,013,880 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\slot1.mm1
[2009/02/15 22:16:02 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2009/02/15 12:05:47 | 000,020,480 | R--- | C] () -- C:\WINDOWS\Imgtask.exe
[2007/08/27 10:18:16 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\PPCInstall.dll
[2007/01/19 19:47:36 | 000,000,107 | ---- | C] () -- C:\WINDOWS\wpd99.drv
[2007/01/19 19:47:03 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\pdfmona.dll
[2007/01/19 19:47:03 | 000,051,716 | ---- | C] () -- C:\WINDOWS\System32\pdf995mon.dll
[2006/09/06 21:10:15 | 000,010,752 | ---- | C] () -- C:\WINDOWS\System32\PopWait.exe
[2006/02/11 13:55:05 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI
[2006/02/02 20:18:19 | 000,000,165 | ---- | C] () -- C:\WINDOWS\BluesCluesPreschool.ini
[2005/06/21 09:24:24 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2005/04/22 10:09:20 | 000,000,853 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/04/22 10:08:58 | 000,000,303 | ---- | C] () -- C:\WINDOWS\Sierra.ini
[2005/03/27 12:32:32 | 000,001,888 | ---- | C] () -- C:\WINDOWS\CA533A.INI
[2005/03/27 12:32:32 | 000,001,325 | ---- | C] () -- C:\WINDOWS\Remove.ini
[2005/03/27 12:32:31 | 000,118,784 | ---- | C] () -- C:\WINDOWS\ShowBmp.exe
[2005/03/27 12:10:48 | 000,020,992 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/03/27 11:45:42 | 000,000,572 | ---- | C] () -- C:\WINDOWS\videoimp.ini
[2005/03/27 11:45:32 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2005/03/27 11:45:21 | 000,000,021 | ---- | C] () -- C:\WINDOWS\VI_setup.ini
[2005/03/27 11:44:02 | 000,000,021 | ---- | C] () -- C:\WINDOWS\PI4_setup.ini
[2005/03/04 10:51:02 | 000,000,004 | ---- | C] () -- C:\WINDOWS\uccspecb.sys
[2005/02/18 19:07:35 | 000,000,190 | ---- | C] () -- C:\WINDOWS\QTW.INI
[2005/02/18 15:50:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\bobvila.INI
[2005/02/15 14:35:09 | 000,000,371 | ---- | C] () -- C:\WINDOWS\Trpmaker.INI
[2005/02/15 13:32:02 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\MSVCRT10.DLL
[2005/02/15 13:32:02 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\PlugFile.dll
[2005/02/15 13:31:36 | 000,038,688 | ---- | C] () -- C:\WINDOWS\System32\LEADDIB.DRV
[2005/02/15 13:31:36 | 000,011,136 | ---- | C] () -- C:\WINDOWS\System32\FPRUN300.DLL
[2005/02/08 22:11:28 | 001,107,192 | ---- | C] () -- C:\WINDOWS\Xwmba500.dll
[2005/02/08 22:11:28 | 000,260,440 | ---- | C] () -- C:\WINDOWS\Xwmhb500.dll
[2005/02/08 22:11:28 | 000,174,352 | ---- | C] () -- C:\WINDOWS\Xwmte500.dll
[2005/02/08 22:11:28 | 000,000,043 | ---- | C] () -- C:\WINDOWS\PHAssist.ini
[2005/01/30 10:09:37 | 000,083,456 | ---- | C] () -- C:\WINDOWS\System32\lxsmunin.exe
[2005/01/30 10:09:36 | 000,000,643 | ---- | C] () -- C:\WINDOWS\lexstat.ini
[2005/01/30 10:09:35 | 000,079,872 | ---- | C] () -- C:\WINDOWS\System32\lex_psu.exe
[2005/01/30 10:09:34 | 000,328,704 | ---- | C] () -- C:\WINDOWS\System32\dosfnt32.dll
[2005/01/26 14:18:06 | 000,000,037 | ---- | C] () -- C:\WINDOWS\ipixActivex.ini
[2005/01/18 10:03:26 | 000,006,248 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\wklnhst.dat
[2005/01/17 22:57:46 | 000,000,567 | ---- | C] () -- C:\WINDOWS\JUNO.INI
[2005/01/17 22:46:16 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\fusioncache.dat
[2004/11/17 06:10:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/11/17 06:09:59 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/11/17 06:09:03 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/11/17 06:08:35 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/11/17 05:48:01 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/11/17 05:48:01 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/11/17 05:47:59 | 000,004,490 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/11/17 05:47:55 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/11/17 05:47:51 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/10/27 16:57:22 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/10/26 21:46:37 | 000,118,784 | R--- | C] () -- C:\WINDOWS\bwUnin-6.3.2.62.exe
[2004/10/26 21:45:58 | 000,013,949 | ---- | C] () -- C:\WINDOWS\System32\CHODDI.SYS
[2004/10/26 21:45:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpreg.dll
[2004/10/26 21:19:17 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/10/26 21:07:27 | 000,001,040 | ---- | C] () -- C:\WINDOWS\System32\drivers\alcxinit.dat
[2004/10/26 21:02:35 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\sis760.bin
[2004/10/26 21:02:35 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\sis741.bin
[2004/10/26 21:02:35 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\sis660.bin
[2004/10/26 20:33:02 | 000,299,073 | ---- | C] () -- C:\WINDOWS\System32\PythonCOM22.dll
[2004/10/26 20:33:02 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\PyWinTypes22.dll
[2004/10/26 20:32:36 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2004/10/26 20:04:20 | 000,000,802 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/10/26 20:02:26 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/10/26 19:57:30 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/10/26 19:44:44 | 000,000,572 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2004/10/26 19:44:04 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/10/26 19:44:01 | 000,381,692 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/10/26 19:44:01 | 000,053,436 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/10/26 12:51:40 | 000,004,346 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/10/26 12:50:42 | 000,185,016 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/09/17 17:37:42 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\vuins32.dll
[2004/09/14 01:35:56 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/20 05:14:46 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\PcdrKernelModeServices.dll
[2004/08/20 05:14:46 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\ProgressTrace.dll
[2003/04/11 01:04:00 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\JAWTAccessBridge.dll
[2001/04/23 12:21:38 | 000,020,635 | ---- | C] () -- C:\WINDOWS\Galavent.ini
[1997/07/11 00:00:00 | 000,047,104 | ---- | C] () -- C:\WINDOWS\System32\WRKGADM.EXE
[1997/07/11 00:00:00 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\ODBCSTF.DLL
[1997/07/11 00:00:00 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL
[1997/07/11 00:00:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL

========== Files - Unicode (All) ==========
[2008/07/05 16:24:27 | 000,000,393 | ---- | M] ()(C:\Documents and Settings\Compaq_Owner\?????????????) -- C:\Documents and Settings\Compaq_Owner\倁䌀䐀爀䴀漀搀攀洀⸀椀渀椀

========== Alternate Data Streams ==========

@Alternate Data Stream - 99 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C9FD258B
@Alternate Data Stream - 95 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:AC95B5ED
@Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9ACFF27B
@Alternate Data Stream - 136 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E8292261
@Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:03B5CC1F
@Alternate Data Stream - 131 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:90865A6D
@Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5D351BC6
@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:EC2381A4
@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:880F0FEF
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:92A815D8
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B3B557D
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0AC32449
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:90574144
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8944C195
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:61F0C8FB
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:BD27B7FC
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7B52659E
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2F6462DF
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F44D3C53
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C6EBC69
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:53DF59D1
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D31BE97C
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9ACB70D7
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7B60C375
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:12C32D25
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7AF9CAEB
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3539CD43
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:270A3983
@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FC8FFA4E
@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D507B5A8
@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A4F63AED
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:78E0DF72
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2D277F53
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0E684AC9
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4673E9EA
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E5294695
@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3E06C78F
@Alternate Data Stream - 107 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C22674B6
@Alternate Data Stream - 107 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A7DA2BCD
@Alternate Data Stream - 107 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:848CC150
@Alternate Data Stream - 107 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:51F17BB8
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A3B8F70C
@Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F14D1F80
@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F3EFA8A8
@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:561B1D2B
@Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:71FA8B7F
@Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:177313FB

< End of report >

mgravot
Novice
Novice

Posts Posts : 20
Joined Joined : 2011-05-03
OS OS : La Vergne, Tennessee
Points Points : 20738
# Likes # Likes : 0

View user profile

Back to top Go down

Re: windows recovery, ms removal, xp home security

Post by Dr Jay on 20th May 2011, 11:17 am

Run this please and post a log: [You must be registered and logged in to see this link.]


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 13743
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Protection Protection : Bitdefender Total Security
Points Points : 302211
# Likes # Likes : 10

View user profile

Back to top Go down

Re: windows recovery, ms removal, xp home security

Post by mgravot on 20th May 2011, 2:37 pm

It wouldn't let me run. When I doubleclicked a compressed (zipped) Folders Error came up. Error was "The Compressed (zipped) Folder is invalid or corrupted.

mgravot
Novice
Novice

Posts Posts : 20
Joined Joined : 2011-05-03
OS OS : La Vergne, Tennessee
Points Points : 20738
# Likes # Likes : 0

View user profile

Back to top Go down

Re: windows recovery, ms removal, xp home security

Post by Dr Jay on 21st May 2011, 12:29 am

Right click on it and select Extract All...

Go through the wizard. Then, it should create a new folder with the program inside of it so you can run the program.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 13743
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Protection Protection : Bitdefender Total Security
Points Points : 302211
# Likes # Likes : 10

View user profile

Back to top Go down

Re: windows recovery, ms removal, xp home security

Post by mgravot on 21st May 2011, 3:07 am

Tried wizard still came up with The Compressed (zipped) Folder is invalid or corrupted.

mgravot
Novice
Novice

Posts Posts : 20
Joined Joined : 2011-05-03
OS OS : La Vergne, Tennessee
Points Points : 20738
# Likes # Likes : 0

View user profile

Back to top Go down

Re: windows recovery, ms removal, xp home security

Post by Dr Jay on 22nd May 2011, 3:45 am

Please download: [You must be registered and logged in to see this link.] to your Desktop.
  • Double Click the HijackThis icon, located on your Desktop.
  • By Default, it will install to: C:\Program Files\Trend Micro\HijackThis
    It will also create a shortcut on your Desktop.
  • Accept the license agreement.
  • Click Do a System Scan and Save a Logfile.
  • Please post the log in your next reply.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 13743
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Protection Protection : Bitdefender Total Security
Points Points : 302211
# Likes # Likes : 10

View user profile

Back to top Go down

Re: windows recovery, ms removal, xp home security

Post by mgravot on 22nd May 2011, 1:18 pm

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:16:28 AM, on 5/22/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\WINDOWS\system32\cadhgw\atisvc_tmfha.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\cadhgw\atisvc_tmfha.exe
C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Forefront UAG\Endpoint Components\3.1.0\uagqecsvc.exe
C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Skyhook Wireless\Wi-Fi Service\wpsscannersvc.exe
C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\windows\system\hpsysdrv.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\iolo\System Mechanic PC TotalCare\System Shield\ioloSSTray.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: EarthLink BHO Guard - {00000000-0000-0000-0000-000000000002} - (no file)
O2 - BHO: EarthLink ScamBlocker V3 - {15F4D456-5BAA-4076-8486-EECB38CD3E57} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: MSN Toolbar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: MSN Toolbar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\printray.exe
O4 - HKLM\..\Run: [MSN Toolbar] "C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe"
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WhlCach3.exe] C:\Program Files\Microsoft Forefront UAG\Endpoint Components\3.1.0\WhlCach3.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\WINDOWS\system32\shdocvw.dll (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\iavlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\iavlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\iavlsp.dll
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - [You must be registered and logged in to see this link.]
O16 - DPF: {1D8A63E5-F219-11D4-9BD1-000039051213} (CouponTBInst Control) - [You must be registered and logged in to see this link.]
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - [You must be registered and logged in to see this link.]
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - [You must be registered and logged in to see this link.]
O16 - DPF: {6F750203-1362-4815-A476-88533DE61D0C} (Kodak Gallery Easy Upload Manager Class) - [You must be registered and logged in to see this link.]
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - [You must be registered and logged in to see this link.]
O16 - DPF: {8EC18CE2-D7B4-11D2-88C8-006008A717FD} (NCSView Class) - [You must be registered and logged in to see this link.]
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - [You must be registered and logged in to see this link.]
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - [You must be registered and logged in to see this link.]
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - [You must be registered and logged in to see this link.]
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - [You must be registered and logged in to see this link.]
O16 - DPF: {EFD1E13D-1CB3-4545-B754-CA410FE7734F} (Photo Upload Plugin Class) - [You must be registered and logged in to see this link.]
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 93.188.165.219,93.188.160.190
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: atisvc_tmfha - Unknown owner - C:\WINDOWS\system32\cadhgw\atisvc_tmfha.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iolo FileInfoList Service (ioloFileInfoList) - iolo technologies, LLC - C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
O23 - Service: iolo System Service (ioloSystemService) - iolo technologies, LLC - C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LeapFrog Connect Device Service - LeapFrog Enterprises, Inc. - C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: vseamps - Authentium, Inc - C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe
O23 - Service: vsedsps - Authentium, Inc - C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe
O23 - Service: vseqrts - Authentium, Inc - C:\Program Files\Common Files\Authentium\AntiVirus5\vseqrts.exe
O23 - Service: WPS Wi-Fi Scanner Service (wpsscannersvc) - Skyhook Wireless - C:\Program Files\Skyhook Wireless\Wi-Fi Service\wpsscannersvc.exe

--
End of file - 10432 bytes

mgravot
Novice
Novice

Posts Posts : 20
Joined Joined : 2011-05-03
OS OS : La Vergne, Tennessee
Points Points : 20738
# Likes # Likes : 0

View user profile

Back to top Go down

Re: windows recovery, ms removal, xp home security

Post by Dr Jay on 23rd May 2011, 7:30 am

Found the source of the redirects...

Please open HijackThis and click "Do a system scan only" and check the following item only:

O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 93.188.165.219,93.188.160.190

Close all other windows except for HijackThis and press Fix checked.

Restart your system, and post a new HijackThis log in your next reply.

Please get an uninstall list from HijackThis by doing the following:
  • Open HijackThis, click Config, click Misc Tools
  • Click "Open Uninstall Manager"
  • Click "Save List" (generates uninstall_list.txt)
  • Click Save, copy and paste the results in your next post.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 13743
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Protection Protection : Bitdefender Total Security
Points Points : 302211
# Likes # Likes : 10

View user profile

Back to top Go down

Re: windows recovery, ms removal, xp home security

Post by mgravot on 23rd May 2011, 11:17 pm

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 6:06:50 PM, on 5/23/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\windows\system\hpsysdrv.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\WINDOWS\system32\cadhgw\atisvc_tmfha.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\cadhgw\atisvc_tmfha.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Forefront UAG\Endpoint Components\3.1.0\uagqecsvc.exe
C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Skyhook Wireless\Wi-Fi Service\wpsscannersvc.exe
C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Canon\CAL\CALMAIN.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: EarthLink BHO Guard - {00000000-0000-0000-0000-000000000002} - (no file)
O2 - BHO: EarthLink ScamBlocker V3 - {15F4D456-5BAA-4076-8486-EECB38CD3E57} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: MSN Toolbar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: MSN Toolbar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\printray.exe
O4 - HKLM\..\Run: [MSN Toolbar] "C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe"
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WhlCach3.exe] C:\Program Files\Microsoft Forefront UAG\Endpoint Components\3.1.0\WhlCach3.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\WINDOWS\system32\shdocvw.dll (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\iavlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\iavlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\iavlsp.dll
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - [You must be registered and logged in to see this link.]
O16 - DPF: {1D8A63E5-F219-11D4-9BD1-000039051213} (CouponTBInst Control) - [You must be registered and logged in to see this link.]
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - [You must be registered and logged in to see this link.]
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - [You must be registered and logged in to see this link.]
O16 - DPF: {6F750203-1362-4815-A476-88533DE61D0C} (Kodak Gallery Easy Upload Manager Class) - [You must be registered and logged in to see this link.]
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - [You must be registered and logged in to see this link.]
O16 - DPF: {8EC18CE2-D7B4-11D2-88C8-006008A717FD} (NCSView Class) - [You must be registered and logged in to see this link.]
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - [You must be registered and logged in to see this link.]
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - [You must be registered and logged in to see this link.]
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - [You must be registered and logged in to see this link.]
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - [You must be registered and logged in to see this link.]
O16 - DPF: {EFD1E13D-1CB3-4545-B754-CA410FE7734F} (Photo Upload Plugin Class) - [You must be registered and logged in to see this link.]
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: atisvc_tmfha - Unknown owner - C:\WINDOWS\system32\cadhgw\atisvc_tmfha.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iolo FileInfoList Service (ioloFileInfoList) - iolo technologies, LLC - C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
O23 - Service: iolo System Service (ioloSystemService) - iolo technologies, LLC - C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LeapFrog Connect Device Service - LeapFrog Enterprises, Inc. - C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: vseamps - Authentium, Inc - C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe
O23 - Service: vsedsps - Authentium, Inc - C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe
O23 - Service: vseqrts - Authentium, Inc - C:\Program Files\Common Files\Authentium\AntiVirus5\vseqrts.exe
O23 - Service: WPS Wi-Fi Scanner Service (wpsscannersvc) - Skyhook Wireless - C:\Program Files\Skyhook Wireless\Wi-Fi Service\wpsscannersvc.exe

--
End of file - 10064 bytes





Acrobat.com
Acrobat.com
Adobe AIR
Adobe AIR
Adobe Download Manager
Adobe Flash Player 10 ActiveX
Adobe Reader 9.4.4
Adobe Shockwave Player 11
Agere Systems PCI Soft Modem
Alphabet Express
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcSoft PhotoImpression
ArcSoft VideoImpression 1.6
Autodesk MapGuide(R) Viewer ActiveX Control Release 6.5
AVSDK5
Blue's Preschool
Blue's Room
Bonjour
Canon Camera Access Library
Canon Camera Support Core Library
Canon Camera Window DC_DV 5 for ZoomBrowser EX
Canon Camera Window DC_DV 6 for ZoomBrowser EX
Canon Camera Window MC 6 for ZoomBrowser EX
Canon G.726 WMP-Decoder
Canon MovieEdit Task for ZoomBrowser EX
Canon RAW Image Task for ZoomBrowser EX
Canon RemoteCapture Task for ZoomBrowser EX
Canon Utilities EOS Utility
Canon Utilities PhotoStitch
Canon Utilities ZoomBrowser EX
Catz (remove only)
Compaq Connections
Compatibility Pack for the 2007 Office system
Coupon Printer for Windows
Digital Camera
Dreamship Tales
Easy Internet Sign-up
EPSON NX100 Series Printer Uninstall
Galswin
getPlus(R)_ocx
Google Chrome
Google Earth Plug-in
Google Toolbar for Internet Explorer
Google Update Helper
Help and Support Additions
High Definition Audio Driver Package - KB835221
HiJackThis
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
Icatch(IV) Camera Driver
Image Web Server IE Plugins 2,0,0,104
iolo technologies' DriveScrubber 3
iolo technologies' Search and Recover
iolo technologies' System Mechanic PC TotalCare
iTunes
Java(TM) 6 Update 21
Juice 2.2
KBD
KODAK Gallery Upload Software
LeapFrog Connect
LeapFrog Connect
LeapFrog Leapster2 Plugin
LiveUpdate 2.5 (Symantec Corporation)
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft Default Manager
Microsoft Forefront UAG endpoint components v4.0.0
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office XP Media Content
Microsoft Office XP Professional
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft Works
MSN Toolbar
MSN Toolbar Platform
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Pdf995
PdfEdit995
Pencil-Pal Preschool
Physician's Home Assistant 1.8
PS2
Python 2.2 combined Win32 extensions
Python 2.2.1
QuickTime
QuickTime
QuickTime 3.0
Reader Rabbit Learn To Read With Phonics
S3 S3Display
S3 S3Gamma2
S3 S3Info2
S3 S3Overlay
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2491683)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Shockwave
Shutterfly Express Uploader
Shutterfly Express Uploader
SierraHome Print Artist 12.0
Sonic RecordNow!
TaxCut Basic 2006
Transition Math K-1
Unity Web Player
Update for Windows Internet Explorer 8 (KB972636)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Use the entry named LeapFrog Connect to uninstall (LeapFrog Leapster2 Plugin)
Veetle TV 0.9.18
VIA Rhine-Family Fast Ethernet Adapter
VIA/S3G Display Driver
Windows Internet Explorer 8
Windows Live ID Sign-in Assistant
Windows Media Format Runtime
Windows Media Player 10
Windows XP Service Pack 3
Wonder Words


mgravot
Novice
Novice

Posts Posts : 20
Joined Joined : 2011-05-03
OS OS : La Vergne, Tennessee
Points Points : 20738
# Likes # Likes : 0

View user profile

Back to top Go down

Re: windows recovery, ms removal, xp home security

Post by Dr Jay on 24th May 2011, 8:44 am

Looking at the programs listed in your previous reply, which of those do you see in the Start menu?


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 13743
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Protection Protection : Bitdefender Total Security
Points Points : 302211
# Likes # Likes : 10

View user profile

Back to top Go down

Re: windows recovery, ms removal, xp home security

Post by mgravot on 24th May 2011, 10:15 pm

Adobe Reader 9.4.4
Alphabet Express
ArcSoft PhotoImpression
ArSoft VideoImpression 1.6
Blue's Preschool
Blue's Room
Canon Camera Access Library
Canon Camera Support Core Library
Canon Camera Window DC_DV 5 for ZoomBrowser EX
Canon Camera Window DC_DV 6 for ZoomBrowser EX
Canon Camera Window MC 6 for ZoomBrowser EX
Canon MovieEdit Task for ZoomBrowser EX
Canon RAW Image Task for ZoomBrowser EX
Canon RemoteCapture Task for ZoomBrowser EX
Canon Utilities EOS Utility
Canon Utilities PhotoStitch
Canon Utilities ZoomBrowser EX
Catz
Coupon Printer for Windows
Galswin
Google Chrome
Goodgle Earth Plug-in
HiJackThis
iTunes
Juice 2.2
KODAK Gallery Upload Software
LeapFrog Connect
Malwarebytes' Anti-Walware
Microsoft Silverlight
Pencil-Pal Preschool
Physician's Home Assistant 1.8
QuickTime
Reader Rabbit Learn To Read With Phonics
Shutterfly Express Uploader
Sonic RecordNow!
TaxCut Basic 2006
Transition Math K-1
Windows Media Player 10
Wonder Words

mgravot
Novice
Novice

Posts Posts : 20
Joined Joined : 2011-05-03
OS OS : La Vergne, Tennessee
Points Points : 20738
# Likes # Likes : 0

View user profile

Back to top Go down

Re: windows recovery, ms removal, xp home security

Post by Dr Jay on 25th May 2011, 10:31 am

I would recommend for the programs that you do want to see in the start menu to just reinstall them.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 13743
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Protection Protection : Bitdefender Total Security
Points Points : 302211
# Likes # Likes : 10

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum