windows recovery, ms removal, xp home security

Page 2 of 2 Previous  1, 2

View previous topic View next topic Go down

windows recovery, ms removal, xp home security

Post by mgravot on Tue 03 May 2011, 1:51 pm

First topic message reminder :

These are the 3 virus that keep on popping up on my computer. There may be more. Did the downloads to the best as my computer would allow from read before you post. Also tried to dowload the malwarebytes' anti-malware but every time I clicked on download it said internet explorer cannot display. The bottom is the stuff I copied from the OTL log. Thank you in advance for any help. If I have misspelled anything or don't make any sense I'm truly sorry, this is the third night trying to fix my computer and brain is fried! Also I think I will have to do a second post for the rest of the OTL log.


OTL logfile created on: 5/2/2011 9:22:34 PM - Run 2
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Administrator\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 52.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 69.00% Paging File free
Paging file location(s): C:\pagefile.sys 288 576 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 51.71 Gb Total Space | 25.94 Gb Free Space | 50.18% Space Free | Partition Type: NTFS
Drive D: | 4.18 Gb Total Space | 0.99 Gb Free Space | 23.61% Space Free | Partition Type: FAT32

Computer Name: GRAVOTS | User Name: Administrator | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/02 20:40:27 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.com
PRC - [2011/05/02 19:16:21 | 000,170,496 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft\conhost.exe
PRC - [2011/05/01 23:03:33 | 000,186,880 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\csrss.exe
PRC - [2011/05/01 23:03:23 | 000,181,248 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Application Data\dwm.exe
PRC - [2011/05/01 22:13:25 | 000,348,160 | -HS- | M] (Microsoft Corporation) -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\itt.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (SafeList) ==========

MOD - [2011/05/02 20:40:27 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.com
MOD - [2010/08/23 11:12:02 | 001,054,208 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (gusvc)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/03/29 15:41:46 | 000,053,248 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper) getPlus(R)
SRV - [2011/03/15 01:35:44 | 000,724,152 | -H-- | M] (iolo technologies, LLC) [Auto | Stopped] -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloSystemService)
SRV - [2011/03/15 01:35:44 | 000,724,152 | -H-- | M] (iolo technologies, LLC) [Auto | Stopped] -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloFileInfoList)
SRV - [2009/12/15 00:05:16 | 000,468,368 | -H-- | M] () [On_Demand | Stopped] -- C:\WINDOWS\Downloaded Program Files\DM.1\DMService.exe -- (DMService)
SRV - [2009/12/14 16:03:41 | 000,149,904 | -H-- | M] (Microsoft ® Corporation) [Auto | Stopped] -- C:\Program Files\Microsoft Forefront UAG\Endpoint Components\3.1.0\uagqecsvc.exe -- (uagqecsvc)
SRV - [2009/11/10 10:28:06 | 001,131,808 | -H-- | M] (LeapFrog Enterprises, Inc.) [Auto | Stopped] -- C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe -- (LeapFrog Connect Device Service)
SRV - [2008/12/26 14:40:51 | 000,151,552 | -H-- | M] (Skyhook Wireless) [Auto | Stopped] -- C:\Program Files\Skyhook Wireless\Wi-Fi Service\wpsscannersvc.exe -- (wpsscannersvc)
SRV - [2008/12/26 14:40:04 | 000,408,230 | -H-- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\cadhgw\atisvc_tmfha.exe -- (atisvc_tmfha)
SRV - [2005/09/30 20:22:50 | 000,096,341 | -H-- | M] (Canon Inc.) [Auto | Stopped] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)
SRV - [2004/08/18 00:44:56 | 000,046,208 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- c:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe -- (NPFMntor)
SRV - [2004/08/18 00:44:36 | 000,176,768 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- c:\Program Files\Norton AntiVirus\navapsvc.exe -- (navapsvc)
SRV - [2004/08/13 13:17:48 | 000,164,984 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe -- (ccSetMgr)
SRV - [2004/08/13 13:17:46 | 000,078,968 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- c:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe -- (ccPwdSvc)
SRV - [2004/08/13 13:17:40 | 000,197,752 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe -- (ccEvtMgr)
SRV - [2004/08/13 12:00:44 | 000,206,048 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe -- (SNDSrvc)
SRV - [2004/07/23 12:47:22 | 000,197,864 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- c:\Program Files\Norton AntiVirus\SAVScan.exe -- (SAVScan)
SRV - [2004/07/21 09:24:04 | 000,173,160 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe -- (SPBBCSvc)


========== Driver Services (SafeList) ==========

DRV - [2010/06/29 18:30:08 | 000,009,341 | -H-- | M] (iolo technologies, LLC (based on original work by Bo BrantÚn)) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\filedisk.sys -- (FileDisk)
DRV - [2010/05/27 07:17:17 | 000,371,248 | -H-- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/05/27 07:17:17 | 000,102,448 | -H-- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2008/12/26 14:40:06 | 000,013,312 | -H-- | M] (Skyhook Wireless) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wpsnuio.sys -- (Wpsnuio)
DRV - [2006/10/04 03:00:00 | 000,831,880 | -H-- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061016.020\NAVEX15.SYS -- (NAVEX15)
DRV - [2006/10/04 03:00:00 | 000,079,240 | -H-- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061016.020\NAVENG.SYS -- (NAVENG)
DRV - [2005/03/04 12:02:20 | 001,066,278 | -H-- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2004/10/01 19:24:02 | 002,279,424 | -H-- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2004/09/30 00:55:50 | 000,229,888 | -H-- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sisgrp.sys -- (SiS315)
DRV - [2004/09/24 12:38:40 | 000,012,928 | -H-- | M] (Silicon Integrated Systems Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\srvkp.sys -- (SiSkp)
DRV - [2004/08/13 12:00:24 | 000,266,368 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2004/08/09 12:59:32 | 000,103,952 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Symantec\SYMEVENT.SYS -- (SymEvent)
DRV - [2004/07/23 12:47:24 | 000,049,808 | ---- | M] (Symantec Corporation) [Kernel | Auto | Stopped] -- c:\Program Files\Norton AntiVirus\Savrtpel.sys -- (SAVRTPEL)
DRV - [2004/07/23 12:47:22 | 000,335,504 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- c:\Program Files\Norton AntiVirus\savrt.sys -- (SAVRT)
DRV - [2004/07/21 09:24:02 | 000,341,096 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2003/12/02 20:23:20 | 000,142,336 | -H-- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\fasttx2k.sys -- (fasttx2k)
DRV - [2003/07/18 18:58:20 | 000,036,992 | -H-- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\SISAGPX.sys -- (SISAGP)
DRV - [2003/07/02 13:42:00 | 000,027,904 | -H-- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\viaagp1.sys -- (viaagp1)
DRV - [2002/10/25 16:59:36 | 000,642,958 | RH-- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Intels51.sys -- (Intels51) Intel(R)
DRV - [2002/10/21 12:37:16 | 000,515,803 | -H-- | M] (Digital Camera) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\Ca533av.sys -- (Ca533av) Icatch(IV)
DRV - [2002/10/04 19:04:10 | 000,046,976 | -H-- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\R8139n51.sys -- (rtl8139)
DRV - [2002/07/30 00:43:50 | 000,023,808 | -H-- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2)
DRV - [2002/07/25 12:19:48 | 000,010,986 | -H-- | M] (USB BULK) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Bulk533.sys -- (USBCamera) Icatch(IV)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = [You must be registered and logged in to see this link.]

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\msntoolbar@msn.com: C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\Firefox [2010/01/16 13:07:56 | 000,000,000 | -H-D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010/06/13 22:09:37 | 000,000,000 | -H-D | M]

[2008/12/26 14:40:04 | 002,520,032 | -H-- | M] () -- C:\Program Files\Mozilla Firefox\components\1282669.dll

O1 HOSTS File: ([2004/08/04 14:00:00 | 000,000,734 | -H-- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (ElnkBhoGuard Class) - {00000000-0000-0000-0000-000000000002} - File not found
O2 - BHO: (ElnkScamBHO Class) - {15F4D456-5BAA-4076-8486-EECB38CD3E57} - File not found
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (CNavExtBho Class) - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton AntiVirus\NAVShExt.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (&Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKLM\..\Toolbar: (Norton AntiVirus) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NAVShExt.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (Norton AntiVirus) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NAVShExt.dll (Symantec Corporation)
O4 - HKLM..\Run: [ccApp] c:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [conhost] C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft\conhost.exe ()
O4 - HKLM..\Run: [ImgTask] C:\WINDOWS\Imgtask.exe ()
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\LSBurnWatcher.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [Monitor] C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe (LeapFrog Enterprises, Inc.)
O4 - HKLM..\Run: [NAV CfgWiz] c:\Program Files\Norton AntiVirus\CfgWiz.exe (Symantec Corporation)
O4 - HKLM..\Run: [PrinTray] C:\WINDOWS\system32\spool\drivers\w32x86\2\printray.exe (Lexmark)
O4 - HKLM..\Run: [PS2] C:\WINDOWS\system32\ps2.EXE (Hewlett-Packard Company)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [SSC_UserPrompt] c:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe (Symantec Corporation)
O4 - HKLM..\Run: [VTTimer] C:\WINDOWS\System32\VTTimer.exe (S3 Graphics, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} [You must be registered and logged in to see this link.] (Facebook Photo Uploader 5 Control)
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O16 - DPF: {1D8A63E5-F219-11D4-9BD1-000039051213} [You must be registered and logged in to see this link.] (CouponTBInst Control)
O16 - DPF: {2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} [You must be registered and logged in to see this link.] (MiniBugTransporterX Class)
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} [You must be registered and logged in to see this link.] (Symantec AntiVirus scanner)
O16 - DPF: {549F957E-2F89-11D6-8CFE-00C04F52B225} [You must be registered and logged in to see this link.] (CMV5 Class)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} [You must be registered and logged in to see this link.] (Symantec RuFSI Utility Class)
O16 - DPF: {6F750203-1362-4815-A476-88533DE61D0C} [You must be registered and logged in to see this link.] (Kodak Gallery Easy Upload Manager Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} [You must be registered and logged in to see this link.] (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_21)
O16 - DPF: {8EC18CE2-D7B4-11D2-88C8-006008A717FD} [You must be registered and logged in to see this link.] (NCSView Class)
O16 - DPF: {A7EA8AD2-287F-11D3-B120-006008C39542} [You must be registered and logged in to see this link.] (CBSTIEPrint Class)
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} [You must be registered and logged in to see this link.] (Virtools WebPlayer Class)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_21)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} [You must be registered and logged in to see this link.] (get_atlcom Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [You must be registered and logged in to see this link.] (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} [You must be registered and logged in to see this link.] (get_atlcom Class)
O16 - DPF: {EFD1E13D-1CB3-4545-B754-CA410FE7734F} [You must be registered and logged in to see this link.] (Photo Upload Plugin Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 93.188.165.219,93.188.160.190
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\welcome.htm
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\welcome.htm
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/10/26 20:00:03 | 000,000,000 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/28 06:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2004/04/30 22:01:14 | 000,000,053 | -HS- | M] () - D:\Autorun.inf -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found


SafeBootMin: AppMgmt - File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: MCODS - Reg Error: Value error.
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: AppMgmt - File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: MCODS - Reg Error: Value error.
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 8.0
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 11.0
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 11.0
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2F6EFCE6-10DF-49F9-9E64-9AE3775B2588} - Microsoft .NET Framework 1.1 Security Update (KB2416447)
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {8b15971b-5355-4c82-8c07-7e181ea07608} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {94de52c8-2d59-4f1b-883e-79663d2d9a8c} - Fax Provider
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.SP54 - C:\WINDOWS\System32\SP5X_32.DLL (Sunplus)
Drivers32: VIDC.SP55 - C:\WINDOWS\System32\SP5X_32.DLL (Sunplus)
Drivers32: VIDC.SP56 - C:\WINDOWS\System32\SP5X_32.DLL (Sunplus)
Drivers32: VIDC.SP57 - C:\WINDOWS\System32\SP5X_32.DLL (Sunplus)
Drivers32: VIDC.SP58 - C:\WINDOWS\System32\SP5X_32.DLL (Sunplus)
Drivers32: wave3 - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)

CREATERESTOREPOINT
Error starting restore point: The function was called in safe mode.
Error closing restore point: The sequence number is invalid.

========== Files/Folders - Created Within 30 Days ==========

[2011/05/02 21:18:44 | 000,000,000 | ---D | C] -- C:\Program Files\NOS
[2011/05/02 21:18:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NOS
[2011/05/02 20:56:41 | 016,537,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Documents and Settings\Administrator\Desktop\jre-6u25-windows-i586.exe
[2011/05/02 20:40:15 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.com
[2011/05/02 20:37:14 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\PrivacIE
[2011/05/02 20:36:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Adobe
[2011/05/02 20:36:11 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\IETldCache
[2011/05/02 20:36:07 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrator\Application Data\Microsoft
[2011/05/02 20:36:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Favorites
[2011/05/02 20:36:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Application Data
[2011/05/02 20:36:07 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\Cookies
[2011/05/02 20:36:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Symantec
[2011/05/02 20:36:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Sun
[2011/05/02 20:36:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\SampleView
[2011/05/02 20:36:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Macromedia
[2011/05/02 20:36:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Identities
[2011/05/02 20:36:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop
[2011/05/02 20:36:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Apple Computer
[2011/05/02 20:36:06 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Start Menu\Programs\Startup
[2011/05/02 20:36:06 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Start Menu
[2011/05/02 20:36:06 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\SendTo
[2011/05/02 20:36:06 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Recent
[2011/05/02 20:36:06 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\My Documents\My Pictures
[2011/05/02 20:36:06 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\My Documents\My Music
[2011/05/02 20:36:06 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\My Documents
[2011/05/02 20:36:06 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories
[2011/05/02 20:36:06 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\Local Settings
[2011/05/02 20:36:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\WINDOWS
[2011/05/02 20:36:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Templates
[2011/05/02 20:36:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Start Menu\Programs\SpySubtract Spyware Manager
[2011/05/02 20:36:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\PrintHood
[2011/05/02 20:36:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Start Menu\Programs\PC Help & Tools
[2011/05/02 20:36:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Start Menu\Programs\Online Services
[2011/05/02 20:36:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\NetHood
[2011/05/02 20:36:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft
[2011/05/02 20:36:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\ApplicationHistory
[2011/05/02 20:36:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Apple Computer
[2011/05/02 20:36:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\{7148F0A6-6813-11D6-A77B-00B0D0142030}
[2011/05/02 19:11:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Norton AntiVirus
[2011/05/02 19:10:00 | 000,103,952 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2011/05/02 19:10:00 | 000,083,168 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2011/05/02 19:09:58 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2011/05/02 17:55:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2011/05/01 23:01:27 | 000,000,000 | -H-D | C] -- C:\Program Files\interMute
[2011/05/01 22:53:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\mC28601DiIgM28601
[2011/05/01 22:53:51 | 000,000,000 | -H-D | C] -- C:\Microsoft
[2011/05/01 20:10:00 | 000,095,568 | RH-- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfeapfk.sys.5bf4.deleteme
[2011/05/01 20:09:57 | 000,385,536 | RH-- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfehidk.sys.5e02.deleteme
[2011/05/01 20:09:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2011/05/01 19:21:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\DriveScrubber 3
[2011/05/01 19:21:35 | 002,234,552 | -H-- | C] (iolo technologies, LLC) -- C:\WINDOWS\System32\Incinerator.dll
[2011/05/01 19:17:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\iolo
[2011/05/01 19:16:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Search and Recover
[2011/05/01 19:16:04 | 000,009,341 | -H-- | C] (iolo technologies, LLC (based on original work by Bo BrantÚn)) -- C:\WINDOWS\System32\drivers\filedisk.sys
[2011/05/01 19:15:49 | 000,000,000 | -H-D | C] -- C:\Program Files\iolo
[2011/05/01 19:14:36 | 000,000,000 | -H-D | C] -- C:\iolo
[2011/05/01 19:01:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\iolo
[2011/04/30 20:05:46 | 000,520,704 | ---- | C] (WinTrust) -- C:\Documents and Settings\All Users\Application Data\iVxRnQyKaCplSN.exe
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/05/02 21:16:18 | 000,160,350 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\JavaRa.zip
[2011/05/02 21:10:12 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/05/02 20:56:56 | 016,537,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\Administrator\Desktop\jre-6u25-windows-i586.exe
[2011/05/02 20:40:27 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.com
[2011/05/02 20:36:12 | 000,001,158 | -H-- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/05/02 20:32:08 | 000,020,058 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\7436f707h6re145pe55c
[2011/05/02 20:31:03 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/05/02 20:30:05 | 001,228,854 | ---- | M] () -- C:\fsqwr.bmp
[2011/05/02 20:24:00 | 000,000,898 | -H-- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/05/02 19:59:23 | 000,000,188 | -H-- | M] () -- C:\WINDOWS\System\hpsysdrv.DAT
[2011/05/02 19:58:44 | 000,000,894 | -H-- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/05/02 19:11:52 | 000,000,378 | ---- | M] () -- C:\WINDOWS\tasks\Symantec NetDetect.job
[2011/05/02 19:10:21 | 004,997,120 | -H-- | M] () -- C:\WINDOWS\outlook.pst
[2011/05/02 18:39:42 | 000,000,436 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{934C330A-1743-4407-BF40-7B65DA3CE113}.job
[2011/05/01 23:22:47 | 000,002,154 | ---- | M] () -- C:\WINDOWS\System32\ssmute.ini
[2011/05/01 21:56:34 | 000,001,737 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2011/05/01 20:04:43 | 000,185,016 | -H-- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/05/01 19:51:30 | 000,001,891 | -H-- | M] () -- C:\WINDOWS\imsins.BAK
[2011/05/01 19:02:16 | 000,074,703 | -H-- | M] () -- C:\WINDOWS\System32\mfc45.dll
[2011/05/01 11:18:20 | 000,001,945 | -H-- | M] () -- C:\WINDOWS\epplauncher.mif
[2011/04/30 20:16:26 | 000,000,160 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\~18865972r
[2011/04/30 20:16:26 | 000,000,136 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\~18865972
[2011/04/30 20:16:19 | 000,000,344 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\18865972
[2011/04/30 20:16:16 | 000,444,928 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\18865972.exe
[2011/04/30 20:05:46 | 000,520,704 | ---- | M] (WinTrust) -- C:\Documents and Settings\All Users\Application Data\iVxRnQyKaCplSN.exe
[2011/04/26 12:07:01 | 000,000,284 | -H-- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/05/02 21:16:13 | 000,160,350 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\JavaRa.zip
[2011/05/02 20:36:08 | 000,002,235 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Help and Support.lnk
[2011/05/02 20:36:08 | 000,001,799 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/05/02 20:36:08 | 000,001,632 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\iTunes.lnk
[2011/05/02 20:36:08 | 000,000,787 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/05/02 20:36:08 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\QuickTime Player.lnk
[2011/05/02 20:36:08 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\fusioncache.dat
[2011/05/02 20:36:08 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2011/05/02 20:36:07 | 000,001,599 | ---- | C] () -- C:\Documents and Settings\Administrator\Start Menu\Programs\Remote Assistance.lnk
[2011/05/02 20:36:07 | 000,000,800 | ---- | C] () -- C:\Documents and Settings\Administrator\Start Menu\Programs\Windows Media Player.lnk
[2011/05/02 20:36:07 | 000,000,775 | ---- | C] () -- C:\Documents and Settings\Administrator\Start Menu\Programs\Internet Explorer.lnk
[2011/05/02 20:36:07 | 000,000,746 | ---- | C] () -- C:\Documents and Settings\Administrator\Start Menu\Programs\Outlook Express.lnk
[2011/05/02 19:52:54 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/05/02 19:11:51 | 000,000,378 | ---- | C] () -- C:\WINDOWS\tasks\Symantec NetDetect.job
[2011/05/02 17:54:17 | 001,228,854 | ---- | C] () -- C:\fsqwr.bmp
[2011/05/01 23:03:44 | 000,000,016 | ---- | C] () -- C:\Documents and Settings\LocalService\Application Data\htjzka.dat
[2011/05/01 23:01:31 | 000,002,154 | ---- | C] () -- C:\WINDOWS\System32\ssmute.ini
[2011/05/01 22:13:26 | 000,020,058 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\7436f707h6re145pe55c
[2011/05/01 21:54:01 | 000,002,347 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader 9.lnk
[2011/05/01 21:54:01 | 000,001,737 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2011/05/01 19:02:16 | 000,074,703 | -H-- | C] () -- C:\WINDOWS\System32\mfc45.dll
[2011/05/01 11:17:33 | 000,001,945 | -H-- | C] () -- C:\WINDOWS\epplauncher.mif
[2011/04/30 20:16:26 | 000,000,160 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\~18865972r
[2011/04/30 20:16:26 | 000,000,136 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\~18865972
[2011/04/30 20:16:19 | 000,000,344 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\18865972
[2011/04/30 20:16:16 | 000,444,928 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\18865972.exe
[2011/01/21 11:15:07 | 000,000,408 | -H-- | C] () -- C:\WINDOWS\GALSINT.INI
[2010/10/14 16:48:58 | 000,001,940 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2010/07/21 10:36:53 | 000,035,324 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/07/12 10:08:45 | 000,000,121 | -H-- | C] () -- C:\WINDOWS\GALSWIN.INI
[2010/07/10 16:32:37 | 000,013,729 | -H-- | C] () -- C:\WINDOWS\Galsmave.ini
[2009/11/29 17:57:49 | 000,000,110 | -H-- | C] () -- C:\WINDOWS\{7E7D778E-121D-4BBD-BA29-FAA81B9FBD8C}_WiseFW.ini
[2009/09/09 22:48:47 | 000,000,118 | -H-- | C] () -- C:\WINDOWS\System32\MRT.INI
[2009/08/16 11:03:02 | 000,027,136 | -H-- | C] () -- C:\WINDOWS\System32\QTUninst.dll
[2009/08/08 19:10:37 | 000,016,001 | -H-- | C] () -- C:\Program Files\Common Files\edacyroho._sy
[2009/08/08 16:35:31 | 000,018,290 | -H-- | C] () -- C:\Program Files\Common Files\ebyduho.dl
[2009/08/08 16:35:31 | 000,013,855 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\xoneku.ban
[2009/08/08 16:35:30 | 000,019,024 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ofahapa.dat
[2009/08/08 16:35:30 | 000,010,618 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\amom.bin
[2009/08/01 08:26:13 | 000,073,220 | -H-- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
[2009/08/01 08:26:13 | 000,031,053 | -H-- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat
[2009/08/01 08:26:13 | 000,029,114 | -H-- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
[2009/08/01 08:26:13 | 000,027,417 | -H-- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat
[2009/08/01 08:26:13 | 000,021,021 | -H-- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat
[2009/08/01 08:26:13 | 000,015,670 | -H-- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat
[2009/08/01 08:26:13 | 000,013,280 | -H-- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat
[2009/08/01 08:26:13 | 000,010,673 | -H-- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat
[2009/08/01 08:26:13 | 000,004,943 | -H-- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat
[2009/08/01 08:26:13 | 000,001,140 | -H-- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat
[2009/08/01 08:26:13 | 000,001,140 | -H-- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat
[2009/08/01 08:26:13 | 000,001,137 | -H-- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat
[2009/08/01 08:26:13 | 000,001,130 | -H-- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat
[2009/08/01 08:26:13 | 000,001,130 | -H-- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat
[2009/08/01 08:26:13 | 000,001,104 | -H-- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat
[2009/02/15 22:16:02 | 000,004,096 | -H-- | C] () -- C:\WINDOWS\d3dx.dat
[2009/02/15 12:05:47 | 000,020,480 | RH-- | C] () -- C:\WINDOWS\Imgtask.exe
[2007/08/27 10:18:16 | 000,262,144 | -H-- | C] () -- C:\WINDOWS\System32\PPCInstall.dll
[2007/01/19 19:47:36 | 000,000,107 | -H-- | C] () -- C:\WINDOWS\wpd99.drv
[2007/01/19 19:47:03 | 000,118,784 | -H-- | C] () -- C:\WINDOWS\System32\pdfmona.dll
[2007/01/19 19:47:03 | 000,051,716 | -H-- | C] () -- C:\WINDOWS\System32\pdf995mon.dll
[2006/09/06 21:10:15 | 000,010,752 | -H-- | C] () -- C:\WINDOWS\System32\PopWait.exe
[2006/02/11 13:55:05 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SETUP32.INI
[2006/02/02 20:18:19 | 000,000,165 | -H-- | C] () -- C:\WINDOWS\BluesCluesPreschool.ini
[2005/06/21 09:24:24 | 000,000,754 | -H-- | C] () -- C:\WINDOWS\WORDPAD.INI
[2005/04/22 10:09:20 | 000,000,853 | -H-- | C] () -- C:\WINDOWS\ODBC.INI
[2005/04/22 10:08:58 | 000,000,303 | -H-- | C] () -- C:\WINDOWS\Sierra.ini
[2005/03/27 12:32:32 | 000,001,888 | -H-- | C] () -- C:\WINDOWS\CA533A.INI
[2005/03/27 12:32:32 | 000,001,325 | -H-- | C] () -- C:\WINDOWS\Remove.ini
[2005/03/27 12:32:31 | 000,118,784 | -H-- | C] () -- C:\WINDOWS\ShowBmp.exe
[2005/03/27 11:45:42 | 000,000,572 | -H-- | C] () -- C:\WINDOWS\videoimp.ini
[2005/03/27 11:45:32 | 000,010,240 | -H-- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2005/03/27 11:45:21 | 000,000,021 | -H-- | C] () -- C:\WINDOWS\VI_setup.ini
[2005/03/27 11:44:02 | 000,000,021 | -H-- | C] () -- C:\WINDOWS\PI4_setup.ini
[2005/03/04 10:51:02 | 000,000,004 | -H-- | C] () -- C:\WINDOWS\uccspecb.sys
[2005/02/18 19:07:35 | 000,000,190 | -H-- | C] () -- C:\WINDOWS\QTW.INI
[2005/02/18 15:50:10 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\bobvila.INI
[2005/02/15 14:35:09 | 000,000,371 | -H-- | C] () -- C:\WINDOWS\Trpmaker.INI
[2005/02/15 13:32:02 | 000,210,944 | -H-- | C] () -- C:\WINDOWS\System32\MSVCRT10.DLL
[2005/02/15 13:32:02 | 000,028,672 | -H-- | C] () -- C:\WINDOWS\System32\PlugFile.dll
[2005/02/15 13:31:36 | 000,038,688 | -H-- | C] () -- C:\WINDOWS\System32\LEADDIB.DRV
[2005/02/15 13:31:36 | 000,011,136 | -H-- | C] () -- C:\WINDOWS\System32\FPRUN300.DLL
[2005/02/08 22:11:28 | 001,107,192 | -H-- | C] () -- C:\WINDOWS\Xwmba500.dll
[2005/02/08 22:11:28 | 000,260,440 | -H-- | C] () -- C:\WINDOWS\Xwmhb500.dll
[2005/02/08 22:11:28 | 000,174,352 | -H-- | C] () -- C:\WINDOWS\Xwmte500.dll
[2005/02/08 22:11:28 | 000,000,043 | -H-- | C] () -- C:\WINDOWS\PHAssist.ini
[2005/01/30 10:09:37 | 000,083,456 | -H-- | C] () -- C:\WINDOWS\System32\lxsmunin.exe
[2005/01/30 10:09:36 | 000,000,643 | -H-- | C] () -- C:\WINDOWS\lexstat.ini
[2005/01/30 10:09:35 | 000,079,872 | -H-- | C] () -- C:\WINDOWS\System32\lex_psu.exe
[2005/01/30 10:09:34 | 000,328,704 | -H-- | C] () -- C:\WINDOWS\System32\dosfnt32.dll
[2005/01/26 14:18:06 | 000,000,037 | -H-- | C] () -- C:\WINDOWS\ipixActivex.ini
[2005/01/17 22:57:46 | 000,000,567 | -H-- | C] () -- C:\WINDOWS\JUNO.INI
[2004/11/17 06:10:00 | 000,673,088 | -H-- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/11/17 06:09:59 | 000,046,258 | -H-- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/11/17 06:09:03 | 000,218,003 | -H-- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/11/17 06:08:35 | 000,001,804 | -H-- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/11/17 05:48:01 | 000,272,128 | -H-- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/11/17 05:48:01 | 000,028,626 | -H-- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/11/17 05:47:59 | 000,004,490 | -H-- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/11/17 05:47:55 | 013,107,200 | -H-- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/11/17 05:47:51 | 000,000,741 | -H-- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/10/27 16:57:22 | 000,000,061 | -H-- | C] () -- C:\WINDOWS\smscfg.ini
[2004/10/26 21:46:37 | 000,118,784 | RH-- | C] () -- C:\WINDOWS\bwUnin-6.3.2.62.exe
[2004/10/26 21:45:58 | 000,013,949 | -H-- | C] () -- C:\WINDOWS\System32\CHODDI.SYS
[2004/10/26 21:45:50 | 000,045,056 | -H-- | C] () -- C:\WINDOWS\System32\hpreg.dll
[2004/10/26 21:19:17 | 000,001,793 | -H-- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/10/26 21:07:27 | 000,001,040 | -H-- | C] () -- C:\WINDOWS\System32\drivers\alcxinit.dat
[2004/10/26 21:02:35 | 000,065,536 | -H-- | C] () -- C:\WINDOWS\System32\sis760.bin
[2004/10/26 21:02:35 | 000,065,536 | -H-- | C] () -- C:\WINDOWS\System32\sis741.bin
[2004/10/26 21:02:35 | 000,049,152 | -H-- | C] () -- C:\WINDOWS\System32\sis660.bin
[2004/10/26 20:33:02 | 000,299,073 | -H-- | C] () -- C:\WINDOWS\System32\PythonCOM22.dll
[2004/10/26 20:33:02 | 000,065,536 | -H-- | C] () -- C:\WINDOWS\System32\PyWinTypes22.dll
[2004/10/26 20:32:36 | 000,016,896 | -H-- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2004/10/26 20:04:20 | 000,000,802 | -H-- | C] () -- C:\WINDOWS\orun32.ini
[2004/10/26 20:02:26 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/10/26 19:57:30 | 000,021,640 | -H-- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/10/26 19:44:44 | 000,000,572 | -H-- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2004/10/26 19:44:04 | 000,004,569 | -H-- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/10/26 19:44:01 | 000,381,692 | -H-- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/10/26 19:44:01 | 000,053,436 | -H-- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/10/26 12:51:40 | 000,004,346 | -H-- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/10/26 12:50:42 | 000,185,016 | -H-- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/09/17 17:37:42 | 000,061,440 | -H-- | C] () -- C:\WINDOWS\System32\vuins32.dll
[2004/09/14 01:35:56 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/20 05:14:46 | 000,086,016 | -H-- | C] () -- C:\WINDOWS\System32\PcdrKernelModeServices.dll
[2004/08/20 05:14:46 | 000,065,536 | -H-- | C] () -- C:\WINDOWS\System32\ProgressTrace.dll
[2003/04/11 01:04:00 | 000,028,672 | -H-- | C] () -- C:\WINDOWS\System32\JAWTAccessBridge.dll
[2001/04/23 12:21:38 | 000,020,635 | -H-- | C] () -- C:\WINDOWS\Galavent.ini
[1997/07/11 00:00:00 | 000,047,104 | -H-- | C] () -- C:\WINDOWS\System32\WRKGADM.EXE
[1997/07/11 00:00:00 | 000,022,016 | -H-- | C] () -- C:\WINDOWS\System32\ODBCSTF.DLL
[1997/07/11 00:00:00 | 000,022,016 | -H-- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL
[1997/07/11 00:00:00 | 000,012,288 | -H-- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL

========== Custom Scans ==========

mgravot

Newbie Surfer
Newbie Surfer

Posts : 20
Joined : 2011-05-03
Operating System : La Vergne, Tennessee

View user profile

Back to top Go down


Re: windows recovery, ms removal, xp home security

Post by mgravot on Fri 20 May 2011, 8:28 am

OTL logfile created on: 5/19/2011 3:29:19 PM - Run 3
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Compaq_Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 55.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 71.00% Paging File free
Paging file location(s): C:\pagefile.sys 288 576 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 51.71 Gb Total Space | 26.05 Gb Free Space | 50.39% Space Free | Partition Type: NTFS
Drive D: | 4.18 Gb Total Space | 0.99 Gb Free Space | 23.60% Space Free | Partition Type: FAT32

Computer Name: GRAVOTS | User Name: Compaq_Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/19 15:26:42 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\OTL.com
PRC - [2011/03/15 15:54:36 | 000,617,640 | ---- | M] () -- C:\Program Files\iolo\System Mechanic PC TotalCare\System Shield\ioloSSTray.exe
PRC - [2011/03/15 15:20:42 | 000,724,152 | ---- | M] (iolo technologies, LLC) -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
PRC - [2010/01/19 18:46:54 | 000,117,288 | R--- | M] (Authentium, Inc) -- C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe
PRC - [2010/01/19 18:46:48 | 000,121,384 | R--- | M] (Authentium, Inc) -- C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe
PRC - [2009/12/14 16:03:41 | 000,149,904 | ---- | M] (Microsoft ® Corporation) -- C:\Program Files\Microsoft Forefront UAG\Endpoint Components\3.1.0\uagqecsvc.exe
PRC - [2009/11/10 10:28:06 | 001,131,808 | ---- | M] (LeapFrog Enterprises, Inc.) -- C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
PRC - [2008/12/26 14:40:51 | 000,151,552 | ---- | M] (Skyhook Wireless) -- C:\Program Files\Skyhook Wireless\Wi-Fi Service\wpsscannersvc.exe
PRC - [2008/12/26 14:40:04 | 000,408,230 | ---- | M] () -- C:\WINDOWS\system32\cadhgw\atisvc_tmfha.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005/09/30 20:22:50 | 000,096,341 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe
PRC - [2004/10/22 12:53:06 | 000,053,248 | ---- | M] (S3 Graphics, Inc.) -- C:\WINDOWS\system32\VTTimer.exe


========== Modules (SafeList) ==========

MOD - [2011/05/19 15:26:42 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\OTL.com
MOD - [2010/08/23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/03/29 15:41:46 | 000,053,248 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper) getPlus(R)
SRV - [2011/03/15 15:20:42 | 000,724,152 | ---- | M] (iolo technologies, LLC) [Auto | Running] -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloSystemService)
SRV - [2011/03/15 15:20:42 | 000,724,152 | ---- | M] (iolo technologies, LLC) [Auto | Running] -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloFileInfoList)
SRV - [2010/01/19 18:46:56 | 000,158,248 | ---- | M] (Authentium, Inc) [On_Demand | Stopped] -- C:\Program Files\Common Files\Authentium\AntiVirus5\vseqrts.exe -- (vseqrts)
SRV - [2010/01/19 18:46:54 | 000,117,288 | R--- | M] (Authentium, Inc) [Auto | Running] -- C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe -- (vsedsps)
SRV - [2010/01/19 18:46:48 | 000,121,384 | R--- | M] (Authentium, Inc) [Auto | Running] -- C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe -- (vseamps)
SRV - [2009/12/14 16:03:41 | 000,149,904 | ---- | M] (Microsoft ® Corporation) [Auto | Running] -- C:\Program Files\Microsoft Forefront UAG\Endpoint Components\3.1.0\uagqecsvc.exe -- (uagqecsvc)
SRV - [2009/11/10 10:28:06 | 001,131,808 | ---- | M] (LeapFrog Enterprises, Inc.) [Auto | Running] -- C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe -- (LeapFrog Connect Device Service)
SRV - [2008/12/26 14:40:51 | 000,151,552 | ---- | M] (Skyhook Wireless) [Auto | Running] -- C:\Program Files\Skyhook Wireless\Wi-Fi Service\wpsscannersvc.exe -- (wpsscannersvc)
SRV - [2008/12/26 14:40:04 | 000,408,230 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\cadhgw\atisvc_tmfha.exe -- (atisvc_tmfha)
SRV - [2005/09/30 20:22:50 | 000,096,341 | ---- | M] (Canon Inc.) [Auto | Running] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)


========== Driver Services (SafeList) ==========

DRV - [2010/12/20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2010/06/29 18:30:08 | 000,009,341 | ---- | M] (iolo technologies, LLC (based on original work by Bo BrantÚn)) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\filedisk.sys -- (FileDisk)
DRV - [2010/05/27 07:17:17 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/05/27 07:17:17 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/01/19 18:53:46 | 000,127,016 | R--- | M] (Authentium, Inc) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\amp.sys -- (AMP)
DRV - [2010/01/19 18:53:44 | 001,118,248 | R--- | M] (Authentium, Inc) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ampse.sys -- (AMPSE)
DRV - [2008/12/26 14:40:06 | 000,013,312 | ---- | M] (Skyhook Wireless) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wpsnuio.sys -- (Wpsnuio)
DRV - [2005/03/04 12:02:20 | 001,066,278 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2004/10/01 19:24:02 | 002,279,424 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2004/09/30 00:55:50 | 000,229,888 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sisgrp.sys -- (SiS315)
DRV - [2004/09/24 12:38:40 | 000,012,928 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srvkp.sys -- (SiSkp)
DRV - [2003/12/02 20:23:20 | 000,142,336 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\fasttx2k.sys -- (fasttx2k)
DRV - [2003/07/18 18:58:20 | 000,036,992 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\SISAGPX.sys -- (SISAGP)
DRV - [2003/07/02 13:42:00 | 000,027,904 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\viaagp1.sys -- (viaagp1)
DRV - [2002/10/25 16:59:36 | 000,642,958 | R--- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Intels51.sys -- (Intels51) Intel(R)
DRV - [2002/10/21 12:37:16 | 000,515,803 | ---- | M] (Digital Camera) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\Ca533av.sys -- (Ca533av) Icatch(IV)
DRV - [2002/10/04 19:04:10 | 000,046,976 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\R8139n51.sys -- (rtl8139)
DRV - [2002/07/30 00:43:50 | 000,023,808 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2)
DRV - [2002/07/25 12:19:48 | 000,010,986 | ---- | M] (USB BULK) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Bulk533.sys -- (USBCamera) Icatch(IV)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\software\mozilla\Firefox\Extensions\\msntoolbar@msn.com: C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\Firefox [2010/01/16 13:07:56 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010/06/13 22:09:37 | 000,000,000 | ---D | M]

[2009/12/07 20:51:29 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Extensions
[2008/12/26 14:40:04 | 002,520,032 | ---- | M] () -- C:\Program Files\Mozilla Firefox\components\1282669.dll

O1 HOSTS File: ([2011/05/10 10:54:50 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {00000000-0000-0000-0000-000000000002} - No CLSID value found.
O2 - BHO: (no name) - {15F4D456-5BAA-4076-8486-EECB38CD3E57} - No CLSID value found.
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (&Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (&Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O4 - HKLM..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\LSBurnWatcher.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [PrinTray] C:\WINDOWS\system32\spool\drivers\w32x86\2\printray.exe (Lexmark)
O4 - HKLM..\Run: [PS2] C:\WINDOWS\system32\ps2.EXE (Hewlett-Packard Company)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [VTTimer] C:\WINDOWS\System32\VTTimer.exe (S3 Graphics, Inc.)
O4 - HKCU..\Run: [WhlCach3.exe] C:\Program Files\Microsoft Forefront UAG\Endpoint Components\3.1.0\WhlCach3.exe (Microsoft ® Corporation)
O4 - HKLM..\RunOnce: [SMRequiresRestart] File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\iavlsp.dll (iolo technologies, LLC)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\System32\iavlsp.dll (iolo technologies, LLC)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\WINDOWS\System32\iavlsp.dll (iolo technologies, LLC)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} [You must be registered and logged in to see this link.] (Facebook Photo Uploader 5 Control)
O16 - DPF: {1D8A63E5-F219-11D4-9BD1-000039051213} [You must be registered and logged in to see this link.] (CouponTBInst Control)
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} [You must be registered and logged in to see this link.] (Symantec AntiVirus scanner)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} [You must be registered and logged in to see this link.] (Symantec RuFSI Utility Class)
O16 - DPF: {6F750203-1362-4815-A476-88533DE61D0C} [You must be registered and logged in to see this link.] (Kodak Gallery Easy Upload Manager Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} [You must be registered and logged in to see this link.] (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_21)
O16 - DPF: {8EC18CE2-D7B4-11D2-88C8-006008A717FD} [You must be registered and logged in to see this link.] (NCSView Class)
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} [You must be registered and logged in to see this link.] (Virtools WebPlayer Class)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_21)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} [You must be registered and logged in to see this link.] (get_atlcom Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [You must be registered and logged in to see this link.] (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} [You must be registered and logged in to see this link.] (get_atlcom Class)
O16 - DPF: {EFD1E13D-1CB3-4545-B754-CA410FE7734F} [You must be registered and logged in to see this link.] (Photo Upload Plugin Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 216.165.129.158
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/10/26 20:00:03 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/28 06:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (autocheck smrgdf C:\Documents and Settings\Compaq_Owner\Application Data\iolo\) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKCU\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/05/19 15:26:39 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\OTL.com
[2011/05/19 15:22:03 | 000,201,728 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\OTC.exe
[2011/05/11 19:16:34 | 001,407,280 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Compaq_Owner\Desktop\tdsskiller.exe
[2011/05/10 13:23:50 | 000,000,000 | ---D | C] -- C:\Rooter$
[2011/05/10 13:23:22 | 000,173,119 | ---- | C] (Eric_71) -- C:\Documents and Settings\Compaq_Owner\Desktop\Rooter.exe
[2011/05/10 11:39:14 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/05/08 17:54:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Application Data\Malwarebytes
[2011/05/08 17:53:35 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/05/08 17:53:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/05/08 17:53:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/05/08 17:53:28 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/05/04 20:20:58 | 000,577,536 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Compaq_Owner\Desktop\aswMBR.exe
[2011/05/03 23:12:15 | 000,118,784 | ---- | C] (iolo technologies, LLC) -- C:\WINDOWS\System32\iavlsp.dll
[2011/05/03 23:12:12 | 000,087,688 | ---- | C] (iolo technologies, LLC) -- C:\WINDOWS\System32\IncContxMenu.dll
[2011/05/03 23:12:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\System Mechanic PC TotalCare
[2011/05/03 23:12:03 | 000,056,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\offreg.dll
[2011/05/03 23:12:03 | 000,029,696 | ---- | C] (iolo technologies, LLC) -- C:\WINDOWS\System32\iolobtdfg.exe
[2011/05/03 23:12:03 | 000,011,776 | ---- | C] (iolo technologies, LLC) -- C:\WINDOWS\System32\smrgdf.exe
[2011/05/03 22:57:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2011/05/03 22:18:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Authentium
[2011/05/03 09:26:23 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011/05/03 09:26:23 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011/05/03 09:26:23 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011/05/03 09:26:23 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011/05/03 09:26:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/05/03 09:08:09 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Compaq_Owner\Recent
[2011/05/03 08:27:00 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/05/02 21:18:44 | 000,000,000 | ---D | C] -- C:\Program Files\NOS
[2011/05/02 21:18:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NOS
[2011/05/02 20:28:05 | 016,537,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Documents and Settings\Compaq_Owner\Desktop\jre-6u25-windows-i586.exe
[2011/05/02 19:09:58 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2011/05/02 17:55:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2011/05/01 23:01:27 | 000,000,000 | ---D | C] -- C:\Program Files\interMute
[2011/05/01 20:10:00 | 000,095,568 | R--- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfeapfk.sys.5bf4.deleteme
[2011/05/01 20:09:57 | 000,385,536 | R--- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfehidk.sys.5e02.deleteme
[2011/05/01 19:21:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\DriveScrubber 3
[2011/05/01 19:21:35 | 002,234,552 | ---- | C] (iolo technologies, LLC) -- C:\WINDOWS\System32\Incinerator.dll
[2011/05/01 19:17:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\iolo
[2011/05/01 19:16:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Search and Recover
[2011/05/01 19:16:04 | 000,009,341 | ---- | C] (iolo technologies, LLC (based on original work by Bo BrantÚn)) -- C:\WINDOWS\System32\drivers\filedisk.sys
[2011/05/01 19:15:49 | 000,000,000 | ---D | C] -- C:\Program Files\iolo
[2011/05/01 19:14:36 | 000,000,000 | ---D | C] -- C:\iolo
[2011/05/01 19:01:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Application Data\iolo
[2011/05/01 19:01:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\iolo

========== Files - Modified Within 30 Days ==========

[2011/05/19 15:26:42 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\OTL.com
[2011/05/19 15:24:00 | 000,000,898 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/05/19 15:21:58 | 000,201,728 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\OTC.exe
[2011/05/19 14:24:02 | 000,000,894 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/05/19 06:46:30 | 000,000,408 | ---- | M] () -- C:\WINDOWS\System32\iolo.ini
[2011/05/19 06:46:22 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/05/19 06:44:12 | 000,000,188 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.DAT
[2011/05/19 06:44:07 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/05/19 06:44:06 | 1274,597,376 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/18 19:53:08 | 000,502,095 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\unhide.exe
[2011/05/18 17:29:50 | 000,000,436 | ---- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{934C330A-1743-4407-BF40-7B65DA3CE113}.job
[2011/05/17 12:08:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/05/14 07:41:45 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Internet Explorer.lnk
[2011/05/14 07:41:39 | 000,000,746 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Outlook Express.lnk
[2011/05/12 18:49:33 | 000,293,775 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\gmer.zip
[2011/05/12 07:35:05 | 000,080,384 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\MBRCheck.exe
[2011/05/12 07:34:20 | 001,407,280 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Compaq_Owner\Desktop\tdsskiller.exe
[2011/05/10 14:05:24 | 000,170,711 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\web passwords.rtf
[2011/05/10 13:23:22 | 000,173,119 | ---- | M] (Eric_71) -- C:\Documents and Settings\Compaq_Owner\Desktop\Rooter.exe
[2011/05/10 10:54:50 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/05/10 10:42:31 | 004,345,263 | R--- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\ComboFix.exe
[2011/05/10 07:47:32 | 000,017,438 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\32760rk4g1p24q1l2o174hf3526j1456y7i1o1865s52h
[2011/05/10 07:47:31 | 000,017,438 | -HS- | M] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\32760rk4g1p24q1l2o174hf3526j1456y7i1o1865s52h
[2011/05/08 20:11:23 | 000,014,192 | -HS- | M] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\mptnc6q8788g1dt0rhb7ftt43p
[2011/05/08 20:11:23 | 000,014,192 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\mptnc6q8788g1dt0rhb7ftt43p
[2011/05/08 17:53:35 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/06 12:44:18 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\MBR.dat
[2011/05/04 20:20:58 | 000,577,536 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Compaq_Owner\Desktop\aswMBR.exe
[2011/05/03 23:20:37 | 000,000,406 | ---- | M] () -- C:\WINDOWS\System32\ioloBootDefrag.cfg
[2011/05/03 23:12:12 | 000,001,832 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\System Mechanic PC TotalCare.lnk
[2011/05/03 23:12:12 | 000,001,814 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\System Mechanic PC TotalCare.lnk
[2011/05/03 22:40:07 | 000,974,081 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\A guide and tutorial on using ComboFix.mht
[2011/05/03 22:36:37 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/05/03 22:05:48 | 000,009,646 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Application Data\E16E.007
[2011/05/03 15:19:40 | 000,001,494 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Calculator.lnk
[2011/05/03 15:19:37 | 004,997,120 | ---- | M] () -- C:\WINDOWS\outlook.pst
[2011/05/03 09:00:25 | 000,020,062 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\7436f707h6re145pe55c
[2011/05/03 09:00:24 | 000,020,062 | -HS- | M] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\7436f707h6re145pe55c
[2011/05/02 20:30:05 | 001,228,854 | ---- | M] () -- C:\fsqwr.bmp
[2011/05/02 20:28:05 | 016,537,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\Compaq_Owner\Desktop\jre-6u25-windows-i586.exe
[2011/05/02 19:11:52 | 000,000,378 | ---- | M] () -- C:\WINDOWS\tasks\Symantec NetDetect.job
[2011/05/01 23:22:47 | 000,002,154 | ---- | M] () -- C:\WINDOWS\System32\ssmute.ini
[2011/05/01 22:49:05 | 000,000,800 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Outlook.lnk
[2011/05/01 21:56:34 | 000,001,737 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2011/05/01 20:04:43 | 000,185,016 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/05/01 19:21:42 | 000,000,841 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\DriveScrubber.lnk
[2011/05/01 19:16:19 | 000,000,879 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Search and Recover.lnk
[2011/05/01 19:02:16 | 000,074,703 | ---- | M] () -- C:\WINDOWS\System32\mfc45.dll
[2011/05/01 11:18:20 | 000,001,945 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2011/04/30 20:16:19 | 000,000,344 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\18865972

========== Files Created - No Company Name ==========

[2011/05/19 06:46:30 | 000,000,408 | ---- | C] () -- C:\WINDOWS\System32\iolo.ini
[2011/05/18 19:53:12 | 000,502,095 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\unhide.exe
[2011/05/14 07:41:44 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Internet Explorer.lnk
[2011/05/14 07:41:39 | 000,000,746 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Outlook Express.lnk
[2011/05/12 18:49:33 | 000,293,775 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\gmer.zip
[2011/05/12 07:35:05 | 000,080,384 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\MBRCheck.exe
[2011/05/09 22:25:36 | 000,017,438 | -HS- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\32760rk4g1p24q1l2o174hf3526j1456y7i1o1865s52h
[2011/05/09 22:25:36 | 000,017,438 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\32760rk4g1p24q1l2o174hf3526j1456y7i1o1865s52h
[2011/05/08 20:04:30 | 000,014,192 | -HS- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\mptnc6q8788g1dt0rhb7ftt43p
[2011/05/08 20:04:30 | 000,014,192 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\mptnc6q8788g1dt0rhb7ftt43p
[2011/05/08 17:53:35 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/04 20:22:22 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\MBR.dat
[2011/05/03 23:20:37 | 000,000,406 | ---- | C] () -- C:\WINDOWS\System32\ioloBootDefrag.cfg
[2011/05/03 23:12:12 | 000,001,832 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\System Mechanic PC TotalCare.lnk
[2011/05/03 23:12:12 | 000,001,814 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\System Mechanic PC TotalCare.lnk
[2011/05/03 23:00:35 | 1274,597,376 | -HS- | C] () -- C:\hiberfil.sys
[2011/05/03 22:43:01 | 004,345,263 | R--- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\ComboFix.exe
[2011/05/03 22:40:04 | 000,974,081 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\A guide and tutorial on using ComboFix.mht
[2011/05/03 09:26:23 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/05/03 09:26:23 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/05/03 09:26:23 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/05/03 09:26:23 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/05/03 09:26:23 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/05/02 19:52:54 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/05/02 19:11:51 | 000,000,378 | ---- | C] () -- C:\WINDOWS\tasks\Symantec NetDetect.job
[2011/05/02 17:54:17 | 001,228,854 | ---- | C] () -- C:\fsqwr.bmp
[2011/05/01 23:03:44 | 000,000,024 | ---- | C] () -- C:\Documents and Settings\LocalService\Application Data\htjzka.dat
[2011/05/01 23:03:23 | 000,009,646 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\E16E.007
[2011/05/01 23:01:31 | 000,002,154 | ---- | C] () -- C:\WINDOWS\System32\ssmute.ini
[2011/05/01 22:49:05 | 000,000,800 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Outlook.lnk
[2011/05/01 22:13:26 | 000,020,062 | -HS- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\7436f707h6re145pe55c
[2011/05/01 22:13:26 | 000,020,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\7436f707h6re145pe55c
[2011/05/01 21:54:01 | 000,002,347 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader 9.lnk
[2011/05/01 21:54:01 | 000,001,737 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2011/05/01 19:21:42 | 000,000,841 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\DriveScrubber.lnk
[2011/05/01 19:16:19 | 000,000,879 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Search and Recover.lnk
[2011/05/01 19:02:16 | 000,074,703 | ---- | C] () -- C:\WINDOWS\System32\mfc45.dll
[2011/05/01 11:17:33 | 000,001,945 | ---- | C] () -- C:\WINDOWS\epplauncher.mif
[2011/04/30 20:16:19 | 000,000,344 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\18865972
[2011/01/21 11:15:07 | 000,000,408 | ---- | C] () -- C:\WINDOWS\GALSINT.INI
[2010/10/14 16:54:14 | 000,001,940 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2010/10/14 16:48:58 | 000,001,940 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2010/07/21 10:36:53 | 000,035,324 | ---- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/07/12 10:08:45 | 000,000,121 | ---- | C] () -- C:\WINDOWS\GALSWIN.INI
[2010/07/10 16:32:37 | 000,013,729 | ---- | C] () -- C:\WINDOWS\Galsmave.ini
[2009/11/29 17:57:49 | 000,000,110 | ---- | C] () -- C:\WINDOWS\{7E7D778E-121D-4BBD-BA29-FAA81B9FBD8C}_WiseFW.ini
[2009/09/09 22:48:47 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2009/08/16 11:03:02 | 000,027,136 | ---- | C] () -- C:\WINDOWS\System32\QTUninst.dll
[2009/08/08 19:10:37 | 000,018,824 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\hypyz.dat
[2009/08/08 19:10:37 | 000,016,001 | ---- | C] () -- C:\Program Files\Common Files\edacyroho._sy
[2009/08/08 19:10:36 | 000,010,067 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\tyqogumip.ban
[2009/08/08 16:35:31 | 000,013,855 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\xoneku.ban
[2009/08/08 16:35:31 | 000,011,900 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\karylyped._dl
[2009/08/08 16:35:30 | 000,019,825 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\ofys.dl
[2009/08/08 16:35:30 | 000,019,024 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ofahapa.dat
[2009/08/08 16:35:30 | 000,011,608 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\ysokobiviq.bin
[2009/08/08 16:35:30 | 000,010,618 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\amom.bin
[2009/08/01 08:26:13 | 000,073,220 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
[2009/08/01 08:26:13 | 000,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat
[2009/08/01 08:26:13 | 000,029,114 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
[2009/08/01 08:26:13 | 000,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat
[2009/08/01 08:26:13 | 000,021,021 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat
[2009/08/01 08:26:13 | 000,015,670 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat
[2009/08/01 08:26:13 | 000,013,280 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat
[2009/08/01 08:26:13 | 000,010,673 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat
[2009/08/01 08:26:13 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat
[2009/08/01 08:26:13 | 000,001,140 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat
[2009/08/01 08:26:13 | 000,001,140 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat
[2009/08/01 08:26:13 | 000,001,137 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat
[2009/08/01 08:26:13 | 000,001,130 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat
[2009/08/01 08:26:13 | 000,001,130 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat
[2009/08/01 08:26:13 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat
[2009/02/24 22:29:38 | 000,013,880 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\slot1.mm1
[2009/02/15 22:16:02 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2009/02/15 12:05:47 | 000,020,480 | R--- | C] () -- C:\WINDOWS\Imgtask.exe
[2007/08/27 10:18:16 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\PPCInstall.dll
[2007/01/19 19:47:36 | 000,000,107 | ---- | C] () -- C:\WINDOWS\wpd99.drv
[2007/01/19 19:47:03 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\pdfmona.dll
[2007/01/19 19:47:03 | 000,051,716 | ---- | C] () -- C:\WINDOWS\System32\pdf995mon.dll
[2006/09/06 21:10:15 | 000,010,752 | ---- | C] () -- C:\WINDOWS\System32\PopWait.exe
[2006/02/11 13:55:05 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI
[2006/02/02 20:18:19 | 000,000,165 | ---- | C] () -- C:\WINDOWS\BluesCluesPreschool.ini
[2005/06/21 09:24:24 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2005/04/22 10:09:20 | 000,000,853 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/04/22 10:08:58 | 000,000,303 | ---- | C] () -- C:\WINDOWS\Sierra.ini
[2005/03/27 12:32:32 | 000,001,888 | ---- | C] () -- C:\WINDOWS\CA533A.INI
[2005/03/27 12:32:32 | 000,001,325 | ---- | C] () -- C:\WINDOWS\Remove.ini
[2005/03/27 12:32:31 | 000,118,784 | ---- | C] () -- C:\WINDOWS\ShowBmp.exe
[2005/03/27 12:10:48 | 000,020,992 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/03/27 11:45:42 | 000,000,572 | ---- | C] () -- C:\WINDOWS\videoimp.ini
[2005/03/27 11:45:32 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2005/03/27 11:45:21 | 000,000,021 | ---- | C] () -- C:\WINDOWS\VI_setup.ini
[2005/03/27 11:44:02 | 000,000,021 | ---- | C] () -- C:\WINDOWS\PI4_setup.ini
[2005/03/04 10:51:02 | 000,000,004 | ---- | C] () -- C:\WINDOWS\uccspecb.sys
[2005/02/18 19:07:35 | 000,000,190 | ---- | C] () -- C:\WINDOWS\QTW.INI
[2005/02/18 15:50:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\bobvila.INI
[2005/02/15 14:35:09 | 000,000,371 | ---- | C] () -- C:\WINDOWS\Trpmaker.INI
[2005/02/15 13:32:02 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\MSVCRT10.DLL
[2005/02/15 13:32:02 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\PlugFile.dll
[2005/02/15 13:31:36 | 000,038,688 | ---- | C] () -- C:\WINDOWS\System32\LEADDIB.DRV
[2005/02/15 13:31:36 | 000,011,136 | ---- | C] () -- C:\WINDOWS\System32\FPRUN300.DLL
[2005/02/08 22:11:28 | 001,107,192 | ---- | C] () -- C:\WINDOWS\Xwmba500.dll
[2005/02/08 22:11:28 | 000,260,440 | ---- | C] () -- C:\WINDOWS\Xwmhb500.dll
[2005/02/08 22:11:28 | 000,174,352 | ---- | C] () -- C:\WINDOWS\Xwmte500.dll
[2005/02/08 22:11:28 | 000,000,043 | ---- | C] () -- C:\WINDOWS\PHAssist.ini
[2005/01/30 10:09:37 | 000,083,456 | ---- | C] () -- C:\WINDOWS\System32\lxsmunin.exe
[2005/01/30 10:09:36 | 000,000,643 | ---- | C] () -- C:\WINDOWS\lexstat.ini
[2005/01/30 10:09:35 | 000,079,872 | ---- | C] () -- C:\WINDOWS\System32\lex_psu.exe
[2005/01/30 10:09:34 | 000,328,704 | ---- | C] () -- C:\WINDOWS\System32\dosfnt32.dll
[2005/01/26 14:18:06 | 000,000,037 | ---- | C] () -- C:\WINDOWS\ipixActivex.ini
[2005/01/18 10:03:26 | 000,006,248 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\wklnhst.dat
[2005/01/17 22:57:46 | 000,000,567 | ---- | C] () -- C:\WINDOWS\JUNO.INI
[2005/01/17 22:46:16 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\fusioncache.dat
[2004/11/17 06:10:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/11/17 06:09:59 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/11/17 06:09:03 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/11/17 06:08:35 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/11/17 05:48:01 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/11/17 05:48:01 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/11/17 05:47:59 | 000,004,490 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/11/17 05:47:55 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/11/17 05:47:51 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/10/27 16:57:22 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/10/26 21:46:37 | 000,118,784 | R--- | C] () -- C:\WINDOWS\bwUnin-6.3.2.62.exe
[2004/10/26 21:45:58 | 000,013,949 | ---- | C] () -- C:\WINDOWS\System32\CHODDI.SYS
[2004/10/26 21:45:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpreg.dll
[2004/10/26 21:19:17 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/10/26 21:07:27 | 000,001,040 | ---- | C] () -- C:\WINDOWS\System32\drivers\alcxinit.dat
[2004/10/26 21:02:35 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\sis760.bin
[2004/10/26 21:02:35 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\sis741.bin
[2004/10/26 21:02:35 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\sis660.bin
[2004/10/26 20:33:02 | 000,299,073 | ---- | C] () -- C:\WINDOWS\System32\PythonCOM22.dll
[2004/10/26 20:33:02 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\PyWinTypes22.dll
[2004/10/26 20:32:36 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2004/10/26 20:04:20 | 000,000,802 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/10/26 20:02:26 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/10/26 19:57:30 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/10/26 19:44:44 | 000,000,572 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2004/10/26 19:44:04 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/10/26 19:44:01 | 000,381,692 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/10/26 19:44:01 | 000,053,436 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/10/26 12:51:40 | 000,004,346 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/10/26 12:50:42 | 000,185,016 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/09/17 17:37:42 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\vuins32.dll
[2004/09/14 01:35:56 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/20 05:14:46 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\PcdrKernelModeServices.dll
[2004/08/20 05:14:46 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\ProgressTrace.dll
[2003/04/11 01:04:00 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\JAWTAccessBridge.dll
[2001/04/23 12:21:38 | 000,020,635 | ---- | C] () -- C:\WINDOWS\Galavent.ini
[1997/07/11 00:00:00 | 000,047,104 | ---- | C] () -- C:\WINDOWS\System32\WRKGADM.EXE
[1997/07/11 00:00:00 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\ODBCSTF.DLL
[1997/07/11 00:00:00 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL
[1997/07/11 00:00:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL

========== Files - Unicode (All) ==========
[2008/07/05 16:24:27 | 000,000,393 | ---- | M] ()(C:\Documents and Settings\Compaq_Owner\?????????????) -- C:\Documents and Settings\Compaq_Owner\倁䌀䐀爀䴀漀搀攀洀⸀椀渀椀

========== Alternate Data Streams ==========

@Alternate Data Stream - 99 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C9FD258B
@Alternate Data Stream - 95 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:AC95B5ED
@Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9ACFF27B
@Alternate Data Stream - 136 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E8292261
@Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:03B5CC1F
@Alternate Data Stream - 131 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:90865A6D
@Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5D351BC6
@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:EC2381A4
@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:880F0FEF
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:92A815D8
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B3B557D
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0AC32449
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:90574144
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8944C195
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:61F0C8FB
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:BD27B7FC
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7B52659E
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2F6462DF
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F44D3C53
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C6EBC69
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:53DF59D1
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D31BE97C
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9ACB70D7
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7B60C375
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:12C32D25
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7AF9CAEB
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3539CD43
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:270A3983
@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FC8FFA4E
@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D507B5A8
@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A4F63AED
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:78E0DF72
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2D277F53
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0E684AC9
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4673E9EA
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E5294695
@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3E06C78F
@Alternate Data Stream - 107 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C22674B6
@Alternate Data Stream - 107 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A7DA2BCD
@Alternate Data Stream - 107 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:848CC150
@Alternate Data Stream - 107 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:51F17BB8
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A3B8F70C
@Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F14D1F80
@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F3EFA8A8
@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:561B1D2B
@Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:71FA8B7F
@Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:177313FB

< End of report >

mgravot

Newbie Surfer
Newbie Surfer

Posts : 20
Joined : 2011-05-03
Operating System : La Vergne, Tennessee

View user profile

Back to top Go down

Re: windows recovery, ms removal, xp home security

Post by DragonMaster Jay on Fri 20 May 2011, 10:17 pm

Run this please and post a log: [You must be registered and logged in to see this link.]


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Re: windows recovery, ms removal, xp home security

Post by mgravot on Sat 21 May 2011, 1:37 am

It wouldn't let me run. When I doubleclicked a compressed (zipped) Folders Error came up. Error was "The Compressed (zipped) Folder is invalid or corrupted.

mgravot

Newbie Surfer
Newbie Surfer

Posts : 20
Joined : 2011-05-03
Operating System : La Vergne, Tennessee

View user profile

Back to top Go down

Re: windows recovery, ms removal, xp home security

Post by DragonMaster Jay on Sat 21 May 2011, 11:29 am

Right click on it and select Extract All...

Go through the wizard. Then, it should create a new folder with the program inside of it so you can run the program.


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Re: windows recovery, ms removal, xp home security

Post by mgravot on Sat 21 May 2011, 2:07 pm

Tried wizard still came up with The Compressed (zipped) Folder is invalid or corrupted.

mgravot

Newbie Surfer
Newbie Surfer

Posts : 20
Joined : 2011-05-03
Operating System : La Vergne, Tennessee

View user profile

Back to top Go down

Re: windows recovery, ms removal, xp home security

Post by DragonMaster Jay on Sun 22 May 2011, 2:45 pm

Please download: HijackThis to your Desktop.
  • Double Click the HijackThis icon, located on your Desktop.
  • By Default, it will install to: C:\Program Files\Trend Micro\HijackThis
    It will also create a shortcut on your Desktop.
  • Accept the license agreement.
  • Click Do a System Scan and Save a Logfile.
  • Please post the log in your next reply.


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Re: windows recovery, ms removal, xp home security

Post by mgravot on Mon 23 May 2011, 12:18 am

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:16:28 AM, on 5/22/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\WINDOWS\system32\cadhgw\atisvc_tmfha.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\cadhgw\atisvc_tmfha.exe
C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Forefront UAG\Endpoint Components\3.1.0\uagqecsvc.exe
C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Skyhook Wireless\Wi-Fi Service\wpsscannersvc.exe
C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\windows\system\hpsysdrv.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\iolo\System Mechanic PC TotalCare\System Shield\ioloSSTray.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: EarthLink BHO Guard - {00000000-0000-0000-0000-000000000002} - (no file)
O2 - BHO: EarthLink ScamBlocker V3 - {15F4D456-5BAA-4076-8486-EECB38CD3E57} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: MSN Toolbar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: MSN Toolbar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\printray.exe
O4 - HKLM\..\Run: [MSN Toolbar] "C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe"
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WhlCach3.exe] C:\Program Files\Microsoft Forefront UAG\Endpoint Components\3.1.0\WhlCach3.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\WINDOWS\system32\shdocvw.dll (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\iavlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\iavlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\iavlsp.dll
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - [You must be registered and logged in to see this link.]
O16 - DPF: {1D8A63E5-F219-11D4-9BD1-000039051213} (CouponTBInst Control) - [You must be registered and logged in to see this link.]
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - [You must be registered and logged in to see this link.]
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - [You must be registered and logged in to see this link.]
O16 - DPF: {6F750203-1362-4815-A476-88533DE61D0C} (Kodak Gallery Easy Upload Manager Class) - [You must be registered and logged in to see this link.]
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - [You must be registered and logged in to see this link.]
O16 - DPF: {8EC18CE2-D7B4-11D2-88C8-006008A717FD} (NCSView Class) - [You must be registered and logged in to see this link.]
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - [You must be registered and logged in to see this link.]
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - [You must be registered and logged in to see this link.]
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - [You must be registered and logged in to see this link.]
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - [You must be registered and logged in to see this link.]
O16 - DPF: {EFD1E13D-1CB3-4545-B754-CA410FE7734F} (Photo Upload Plugin Class) - [You must be registered and logged in to see this link.]
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 93.188.165.219,93.188.160.190
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: atisvc_tmfha - Unknown owner - C:\WINDOWS\system32\cadhgw\atisvc_tmfha.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iolo FileInfoList Service (ioloFileInfoList) - iolo technologies, LLC - C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
O23 - Service: iolo System Service (ioloSystemService) - iolo technologies, LLC - C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LeapFrog Connect Device Service - LeapFrog Enterprises, Inc. - C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: vseamps - Authentium, Inc - C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe
O23 - Service: vsedsps - Authentium, Inc - C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe
O23 - Service: vseqrts - Authentium, Inc - C:\Program Files\Common Files\Authentium\AntiVirus5\vseqrts.exe
O23 - Service: WPS Wi-Fi Scanner Service (wpsscannersvc) - Skyhook Wireless - C:\Program Files\Skyhook Wireless\Wi-Fi Service\wpsscannersvc.exe

--
End of file - 10432 bytes

mgravot

Newbie Surfer
Newbie Surfer

Posts : 20
Joined : 2011-05-03
Operating System : La Vergne, Tennessee

View user profile

Back to top Go down

Re: windows recovery, ms removal, xp home security

Post by DragonMaster Jay on Mon 23 May 2011, 6:30 pm

Found the source of the redirects...

Please open HijackThis and click "Do a system scan only" and check the following item only:

O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 93.188.165.219,93.188.160.190

Close all other windows except for HijackThis and press Fix checked.

Restart your system, and post a new HijackThis log in your next reply.

Please get an uninstall list from HijackThis by doing the following:
  • Open HijackThis, click Config, click Misc Tools
  • Click "Open Uninstall Manager"
  • Click "Save List" (generates uninstall_list.txt)
  • Click Save, copy and paste the results in your next post.


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Re: windows recovery, ms removal, xp home security

Post by mgravot on Tue 24 May 2011, 10:17 am

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 6:06:50 PM, on 5/23/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\windows\system\hpsysdrv.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\WINDOWS\system32\cadhgw\atisvc_tmfha.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\cadhgw\atisvc_tmfha.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Forefront UAG\Endpoint Components\3.1.0\uagqecsvc.exe
C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Skyhook Wireless\Wi-Fi Service\wpsscannersvc.exe
C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Canon\CAL\CALMAIN.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: EarthLink BHO Guard - {00000000-0000-0000-0000-000000000002} - (no file)
O2 - BHO: EarthLink ScamBlocker V3 - {15F4D456-5BAA-4076-8486-EECB38CD3E57} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: MSN Toolbar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: MSN Toolbar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\printray.exe
O4 - HKLM\..\Run: [MSN Toolbar] "C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe"
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WhlCach3.exe] C:\Program Files\Microsoft Forefront UAG\Endpoint Components\3.1.0\WhlCach3.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\WINDOWS\system32\shdocvw.dll (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\iavlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\iavlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\iavlsp.dll
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - [You must be registered and logged in to see this link.]
O16 - DPF: {1D8A63E5-F219-11D4-9BD1-000039051213} (CouponTBInst Control) - [You must be registered and logged in to see this link.]
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - [You must be registered and logged in to see this link.]
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - [You must be registered and logged in to see this link.]
O16 - DPF: {6F750203-1362-4815-A476-88533DE61D0C} (Kodak Gallery Easy Upload Manager Class) - [You must be registered and logged in to see this link.]
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - [You must be registered and logged in to see this link.]
O16 - DPF: {8EC18CE2-D7B4-11D2-88C8-006008A717FD} (NCSView Class) - [You must be registered and logged in to see this link.]
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - [You must be registered and logged in to see this link.]
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - [You must be registered and logged in to see this link.]
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - [You must be registered and logged in to see this link.]
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - [You must be registered and logged in to see this link.]
O16 - DPF: {EFD1E13D-1CB3-4545-B754-CA410FE7734F} (Photo Upload Plugin Class) - [You must be registered and logged in to see this link.]
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: atisvc_tmfha - Unknown owner - C:\WINDOWS\system32\cadhgw\atisvc_tmfha.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iolo FileInfoList Service (ioloFileInfoList) - iolo technologies, LLC - C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
O23 - Service: iolo System Service (ioloSystemService) - iolo technologies, LLC - C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LeapFrog Connect Device Service - LeapFrog Enterprises, Inc. - C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: vseamps - Authentium, Inc - C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe
O23 - Service: vsedsps - Authentium, Inc - C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe
O23 - Service: vseqrts - Authentium, Inc - C:\Program Files\Common Files\Authentium\AntiVirus5\vseqrts.exe
O23 - Service: WPS Wi-Fi Scanner Service (wpsscannersvc) - Skyhook Wireless - C:\Program Files\Skyhook Wireless\Wi-Fi Service\wpsscannersvc.exe

--
End of file - 10064 bytes





Acrobat.com
Acrobat.com
Adobe AIR
Adobe AIR
Adobe Download Manager
Adobe Flash Player 10 ActiveX
Adobe Reader 9.4.4
Adobe Shockwave Player 11
Agere Systems PCI Soft Modem
Alphabet Express
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcSoft PhotoImpression
ArcSoft VideoImpression 1.6
Autodesk MapGuide(R) Viewer ActiveX Control Release 6.5
AVSDK5
Blue's Preschool
Blue's Room
Bonjour
Canon Camera Access Library
Canon Camera Support Core Library
Canon Camera Window DC_DV 5 for ZoomBrowser EX
Canon Camera Window DC_DV 6 for ZoomBrowser EX
Canon Camera Window MC 6 for ZoomBrowser EX
Canon G.726 WMP-Decoder
Canon MovieEdit Task for ZoomBrowser EX
Canon RAW Image Task for ZoomBrowser EX
Canon RemoteCapture Task for ZoomBrowser EX
Canon Utilities EOS Utility
Canon Utilities PhotoStitch
Canon Utilities ZoomBrowser EX
Catz (remove only)
Compaq Connections
Compatibility Pack for the 2007 Office system
Coupon Printer for Windows
Digital Camera
Dreamship Tales
Easy Internet Sign-up
EPSON NX100 Series Printer Uninstall
Galswin
getPlus(R)_ocx
Google Chrome
Google Earth Plug-in
Google Toolbar for Internet Explorer
Google Update Helper
Help and Support Additions
High Definition Audio Driver Package - KB835221
HiJackThis
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
Icatch(IV) Camera Driver
Image Web Server IE Plugins 2,0,0,104
iolo technologies' DriveScrubber 3
iolo technologies' Search and Recover
iolo technologies' System Mechanic PC TotalCare
iTunes
Java(TM) 6 Update 21
Juice 2.2
KBD
KODAK Gallery Upload Software
LeapFrog Connect
LeapFrog Connect
LeapFrog Leapster2 Plugin
LiveUpdate 2.5 (Symantec Corporation)
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft Default Manager
Microsoft Forefront UAG endpoint components v4.0.0
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office XP Media Content
Microsoft Office XP Professional
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft Works
MSN Toolbar
MSN Toolbar Platform
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Pdf995
PdfEdit995
Pencil-Pal Preschool
Physician's Home Assistant 1.8
PS2
Python 2.2 combined Win32 extensions
Python 2.2.1
QuickTime
QuickTime
QuickTime 3.0
Reader Rabbit Learn To Read With Phonics
S3 S3Display
S3 S3Gamma2
S3 S3Info2
S3 S3Overlay
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2491683)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Shockwave
Shutterfly Express Uploader
Shutterfly Express Uploader
SierraHome Print Artist 12.0
Sonic RecordNow!
TaxCut Basic 2006
Transition Math K-1
Unity Web Player
Update for Windows Internet Explorer 8 (KB972636)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Use the entry named LeapFrog Connect to uninstall (LeapFrog Leapster2 Plugin)
Veetle TV 0.9.18
VIA Rhine-Family Fast Ethernet Adapter
VIA/S3G Display Driver
Windows Internet Explorer 8
Windows Live ID Sign-in Assistant
Windows Media Format Runtime
Windows Media Player 10
Windows XP Service Pack 3
Wonder Words


mgravot

Newbie Surfer
Newbie Surfer

Posts : 20
Joined : 2011-05-03
Operating System : La Vergne, Tennessee

View user profile

Back to top Go down

Re: windows recovery, ms removal, xp home security

Post by DragonMaster Jay on Tue 24 May 2011, 7:44 pm

Looking at the programs listed in your previous reply, which of those do you see in the Start menu?


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Re: windows recovery, ms removal, xp home security

Post by mgravot on Wed 25 May 2011, 9:15 am

Adobe Reader 9.4.4
Alphabet Express
ArcSoft PhotoImpression
ArSoft VideoImpression 1.6
Blue's Preschool
Blue's Room
Canon Camera Access Library
Canon Camera Support Core Library
Canon Camera Window DC_DV 5 for ZoomBrowser EX
Canon Camera Window DC_DV 6 for ZoomBrowser EX
Canon Camera Window MC 6 for ZoomBrowser EX
Canon MovieEdit Task for ZoomBrowser EX
Canon RAW Image Task for ZoomBrowser EX
Canon RemoteCapture Task for ZoomBrowser EX
Canon Utilities EOS Utility
Canon Utilities PhotoStitch
Canon Utilities ZoomBrowser EX
Catz
Coupon Printer for Windows
Galswin
Google Chrome
Goodgle Earth Plug-in
HiJackThis
iTunes
Juice 2.2
KODAK Gallery Upload Software
LeapFrog Connect
Malwarebytes' Anti-Walware
Microsoft Silverlight
Pencil-Pal Preschool
Physician's Home Assistant 1.8
QuickTime
Reader Rabbit Learn To Read With Phonics
Shutterfly Express Uploader
Sonic RecordNow!
TaxCut Basic 2006
Transition Math K-1
Windows Media Player 10
Wonder Words

mgravot

Newbie Surfer
Newbie Surfer

Posts : 20
Joined : 2011-05-03
Operating System : La Vergne, Tennessee

View user profile

Back to top Go down

Re: windows recovery, ms removal, xp home security

Post by DragonMaster Jay on Wed 25 May 2011, 9:31 pm

I would recommend for the programs that you do want to see in the start menu to just reinstall them.


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Re: windows recovery, ms removal, xp home security

Post by Sponsored content Today at 2:54 am


Sponsored content


Back to top Go down

Page 2 of 2 Previous  1, 2

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum