XP Home- MS Update, malware removal & repair [Solved]

Need a geek? Geeks to Go offers free, quality tech support -- in terms anyone can understand. Volunteers are waiting to help, friendly, technology experts who have knowledge to share, and enjoy helping others. Feel free to browse the site as a guest. However, you must log in to reply to existing topics, or to start a new topic of your own. Other benefits of joining include richer forum features, and removal of all advertising. Learn more in our Welcome Guide Infected? Malware and Spyware Cleaning Guide. What are you waiting for? Click here to join for free today!

> Geeks to Go! » Security » Virus, Spyware and Trojan Removal

2 Pages

< 1 2

XP Home- MS Update, malware removal & repair [Solved], AV360 ,System Guard 2009- MSupdate repair

Options

Rorschach112 View Member Profile	Nov 17 2009, 03:13 PM Post #16
GeekU Teacher Posts: 43,120 From: Dublin OS: XP	then delete gooredfix.exe, re-download it from the same link, run it again and post its log

CrackerBoy View Member Profile	Nov 18 2009, 05:33 AM Post #17
Member Posts: 30 From: FL/USA OS: XP Pro SP3	My apology, I ASSUMED a hardware problem. This error seems to have aborted the process somewhere around Windows\logs. Error: Invalid time flag![03 08:07:24\|0000,000,053\|-H-\|M]-K:autorun.inf--[FAT32] Must be numerical. --------

Rorschach112 View Member Profile	Nov 18 2009, 06:47 AM Post #18
GeekU Teacher Posts: 43,120 From: Dublin OS: XP	did you do the otl and goorefix step ?

CrackerBoy View Member Profile	Nov 18 2009, 07:11 AM Post #19
Member Posts: 30 From: FL/USA OS: XP Pro SP3	GooredFix by jpshortstuff (17.11.09.1) Log created at 07:01 on 18/11/2009 (Compaq_Owner) Firefox version 3.5.5 (en-US) ========== GooredScan ========== ========== GooredLog ========== C:\Program Files\Mozilla Firefox\extensions\ {972ce4c6-7e08-4474-a285-3208198ce6fd} [18:20 03/11/2009] {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} [23:31 06/11/2009] [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{677A50BC-65E5-46FE-B8E6-ADA6D26F1A07}"="C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\{677A50BC-65E5-46FE-B8E6-ADA6D26F1A07}" [] "{20a82645-c095-46ed-80e3-08825760534b}"="c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\" [10:59 06/11/2009] "jqs@sun.com"="C:\Program Files\Java\jre6\lib\deploy\jqs\ff" [23:15 02/11/2009] ---------- Old Logs ---------- GooredFix[10.30.47_17-11-2009].txt GooredFix[10.31.24_17-11-2009].txt GooredFix[11.14.55_18-11-2009].txt GooredFix[20.19.32_17-11-2009].txt GooredFix[20.51.14_17-11-2009].txt GooredFix[20.58.21_17-11-2009].txt GooredFix[21.20.23_17-11-2009].txt GooredFix[21.24.31_17-11-2009].txt -=E.O.F=- ___________________________________________ OTL Invalid time flag![03 08:24\|00,000,053\|-H--\|M]()-K:\autorun.inf-[FAT32]] Must be numberical. Did not complete. -------------------- NOTE: Have used a 'K' USB SansDisk, but it was not in machine at time.

Rorschach112 View Member Profile	Nov 18 2009, 07:19 AM Post #20
GeekU Teacher Posts: 43,120 From: Dublin OS: XP	you are doing the OTL step wrong you need to click the run fix button not the run scan one

CrackerBoy View Member Profile	Nov 18 2009, 07:28 AM Post #21
Member Posts: 30 From: FL/USA OS: XP Pro SP3	OOPS!! All processes killed ========== OTL ========== File K:\autorun.inf not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{eed6f0f6-c881-11de-a576-8cb8311abd30}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{eed6f0f6-c881-11de-a576-8cb8311abd30}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{eed6f0f6-c881-11de-a576-8cb8311abd30}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{eed6f0f6-c881-11de-a576-8cb8311abd30}\ not found. C:\WINDOWS\WMSysPr9.prx moved successfully. C:\WINDOWS\usoxaboko.dll moved successfully. C:\WINDOWS\evirojikeh.dll moved successfully. ========== SERVICES/DRIVERS ========== ========== REGISTRY ========== ========== FILES ========== ========== COMMANDS ========== [EMPTYTEMP] User: Administrator ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: All Users User: Bubba ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Compaq_Owner ->Temp folder emptied: 6436 bytes ->Temporary Internet Files folder emptied: 948426 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 37221428 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Elaine ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Granddaughter ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->FireFox cache emptied: 0 bytes User: Grandson ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Jimmy ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Kayla ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: LocalService ->Temp folder emptied: 66016 bytes ->Temporary Internet Files folder emptied: 16786 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes Windows Temp folder emptied: 46183 bytes RecycleBin emptied: 562846 bytes Total Files Cleaned = 37.07 mb OTL by OldTimer - Version 3.1.3.3 log created on 11182009_072302 Files\Folders moved on Reboot... Registry entries deleted on Reboot... -------------- Thanks for your polite patience!

Rorschach112 View Member Profile	Nov 18 2009, 08:04 AM Post #22
GeekU Teacher Posts: 43,120 From: Dublin OS: XP	open otl click quick scan post that log

CrackerBoy View Member Profile	Nov 18 2009, 08:11 AM Post #23
Member Posts: 30 From: FL/USA OS: XP Pro SP3	OTL logfile created on: 11/18/2009 8:06:31 AM - Run 4 OTL by OldTimer - Version 3.1.3.3 Folder = C:\Documents and Settings\Compaq_Owner\Desktop Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 \| Country: United States \| Language: ENU \| Date Format: M/d/yyyy 222.48 Mb Total Physical Memory \| 122.14 Mb Available Physical Memory \| 54.90% Memory free 873.85 Mb Paging File \| 684.87 Mb Available in Paging File \| 78.37% Paging File free Paging file location(s): C:\pagefile.sys 0 0D:\pagefile.sys 0 0 [binary data] %SystemDrive% = C: \| %SystemRoot% = C:\WINDOWS \| %ProgramFiles% = C:\Program Files Drive C: \| 68.02 Gb Total Space \| 53.29 Gb Free Space \| 78.34% Space Free \| Partition Type: NTFS Drive D: \| 6.50 Gb Total Space \| 1.12 Gb Free Space \| 17.23% Space Free \| Partition Type: FAT32 E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: ROGERSFAMILY Current User Name: Compaq_Owner Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: On Skip Microsoft Files: On File Age = 14 Days Output = Standard Quick Scan ========== Processes (SafeList) ========== PRC - [2009/11/09 04:43:25 \| 00,723,632 \| ---- \| M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe PRC - [2009/11/09 04:43:23 \| 01,799,952 \| ---- \| M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe PRC - [2009/11/05 05:22:18 \| 00,528,384 \| ---- \| M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\OTL.exe PRC - [2009/10/11 04:17:36 \| 00,149,280 \| ---- \| M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe PRC - [2009/10/11 04:17:35 \| 00,153,376 \| ---- \| M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe PRC - [2008/04/13 18:12:36 \| 00,033,280 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\snmp.exe PRC - [2008/04/13 18:12:19 \| 01,033,728 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007/03/11 21:34:40 \| 00,049,152 \| ---- \| M] (Hewlett-Packard Co.) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe PRC - [2005/06/08 05:05:00 \| 00,344,064 \| ---- \| M] (ATI Technologies, Inc.) -- C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe PRC - [2005/06/07 23:38:32 \| 00,376,832 \| ---- \| M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe PRC - [2005/06/07 23:38:32 \| 00,376,832 \| ---- \| M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe PRC - [2004/09/07 14:47:52 \| 00,057,344 \| ---- \| M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\ALCXMNTR.EXE PRC - [2004/08/11 09:45:04 \| 00,038,912 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe PRC - [2004/08/04 06:00:00 \| 00,019,456 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\tcpsvcs.exe PRC - [2003/12/22 08:38:42 \| 00,241,664 \| ---- \| M] (Hewlett-Packard Company) -- C:\Program Files\HP\hpcoretech\hpcmpmgr.exe PRC - [2003/06/20 07:25:00 \| 00,322,120 \| ---- \| M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE PRC - [1998/05/07 10:04:38 \| 00,052,736 \| ---- \| M] (Hewlett-Packard Company) -- c:\WINDOWS\system\hpsysdrv.exe ========== Modules (SafeList) ========== MOD - [2009/11/05 05:22:18 \| 00,528,384 \| ---- \| M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\OTL.exe MOD - [2008/04/13 18:12:51 \| 01,054,208 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll MOD - [2008/04/13 18:12:00 \| 00,025,088 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\mslbui.dll MOD - [2008/04/13 18:11:53 \| 00,185,344 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll ========== Win32 Services (SafeList) ========== SRV - File not found -- -- (Nero BackItUp Scheduler 4.0) SRV - File not found -- -- (iPodService) SRV - File not found -- -- (AOL ACS) SRV - [2009/11/09 04:43:25 \| 00,723,632 \| ---- \| M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent) SRV - [2009/10/11 04:17:35 \| 00,153,376 \| ---- \| M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2008/07/29 21:10:04 \| 00,046,104 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0) SRV - [2008/07/29 19:24:50 \| 00,881,664 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc) SRV - [2008/07/29 19:16:38 \| 00,132,096 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing) SRV - [2008/07/25 11:17:02 \| 00,069,632 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2008/07/25 11:16:40 \| 00,034,312 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state) SRV - [2008/04/13 18:12:36 \| 00,033,280 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\snmp.exe -- (SNMP) SRV - [2008/04/13 18:12:02 \| 00,038,400 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll -- (helpsvc) SRV - [2007/06/04 22:14:50 \| 00,217,088 \| ---- \| M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08) SRV - [2007/06/04 22:14:50 \| 00,131,072 \| ---- \| M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll -- (hpqddsvc) SRV - [2006/11/08 15:35:38 \| 00,053,248 \| ---- \| M] (Hewlett-Packard) -- C:\WINDOWS\system32\HPZipm12.dll -- (Pml Driver HPZ12) SRV - [2006/11/08 15:35:36 \| 00,043,520 \| ---- \| M] (Hewlett-Packard) -- C:\WINDOWS\system32\HPZinw12.dll -- (Net Driver HPZ12) SRV - [2005/06/07 23:38:32 \| 00,376,832 \| ---- \| M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller) SRV - [2005/04/03 23:41:10 \| 00,069,632 \| ---- \| M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT) SRV - [2004/08/11 09:45:04 \| 00,038,912 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe -- (UMWdf) SRV - [2004/08/04 06:00:00 \| 00,019,456 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\tcpsvcs.exe -- (SimpTcp) SRV - [2003/06/20 07:25:00 \| 00,322,120 \| ---- \| M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...arm1=seconduser IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1 FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.5 FF - HKLM\software\mozilla\Firefox\extensions\\{677A50BC-65E5-46FE-B8E6-ADA6D26F1A07}: C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\{677A50BC-65E5-46FE-B8E6-ADA6D26F1A07} FF - HKLM\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/11/08 08:29:45 \| 00,000,000 \| ---D \| M] FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009/11/02 17:15:06 \| 00,000,000 \| ---D \| M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/11/17 14:48:52 \| 00,000,000 \| ---D \| M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/11/17 14:48:52 \| 00,000,000 \| ---D \| M] [2009/11/06 06:47:22 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Extensions [2009/11/06 06:47:22 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} [2009/11/18 04:13:40 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\n9g8yzjl.default\extensions [2009/11/08 11:00:42 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\n9g8yzjl.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2009/11/18 04:13:40 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Mozilla Firefox\extensions [2009/11/17 14:48:52 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2009/11/06 17:31:37 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} [2009/11/17 14:48:36 \| 00,023,512 \| ---- \| M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll [2009/11/17 14:48:36 \| 00,137,176 \| ---- \| M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll [2009/10/11 04:17:27 \| 00,411,368 \| ---- \| M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll [2009/11/17 14:48:43 \| 00,064,984 \| ---- \| M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll [2009/02/27 13:13:42 \| 00,103,792 \| ---- \| M] (Adobe Systems Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll [2009/11/17 14:48:45 \| 00,001,394 \| ---- \| M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom.xml [2009/11/17 14:48:45 \| 00,002,193 \| ---- \| M] () -- C:\Program Files\Mozilla Firefox\searchplugins\answers.xml [2009/11/17 14:48:45 \| 00,001,534 \| ---- \| M] () -- C:\Program Files\Mozilla Firefox\searchplugins\creativecommons.xml [2009/11/17 14:48:45 \| 00,002,344 \| ---- \| M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay.xml [2009/11/17 14:48:45 \| 00,002,371 \| ---- \| M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml [2009/11/17 14:48:45 \| 00,001,178 \| ---- \| M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia.xml [2009/11/17 14:48:45 \| 00,000,792 \| ---- \| M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo.xml O1 HOSTS File: (27 bytes) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found. O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AlcxMonitor] C:\WINDOWS\ALCXMNTR.EXE (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO) O4 - HKLM..\Run: [HP Component Manager] C:\Program Files\HP\hpcoretech\hpcmpmgr.exe (Hewlett-Packard Company) O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard Co.) O4 - HKLM..\Run: [HPBootOp] C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe (Hewlett-Packard Company) O4 - HKLM..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\LSBurnWatcher.exe (Hewlett-Packard Company) O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe File not found O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.) O4 - Startup: C:\Documents and Settings\Compaq_Owner\Start Menu\Programs\Startup\Be_Careful_DH.txt () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: &Google Search - C:\Program Files\Google\GoogleToolbar1.dll File not found O8 - Extra context menu item: Backward Links - C:\Program Files\Google\GoogleToolbar1.dll File not found O8 - Extra context menu item: Cached Snapshot of Page - C:\Program Files\Google\GoogleToolbar1.dll File not found O8 - Extra context menu item: E&xport to Microsoft Excel - C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE File not found O8 - Extra context menu item: Similar Pages - C:\Program Files\Google\GoogleToolbar1.dll File not found O8 - Extra context menu item: Translate into English - C:\Program Files\Google\GoogleToolbar1.dll File not found O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_17.dll (Sun Microsystems, Inc.) O9 - Extra Button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm () O9 - Extra 'Tools' menuitem : Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm () O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation) O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O15 - HKCU\..Trusted Domains: internet ([]about in Internet) O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://support.microsoft.com/Dcode/ActiveX/MSDcode.cab (Microsoft Data Collection Control) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdat...b?1257263184203 (MUWebControl Class) O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab (HP Download Manager) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp - No CLSID value found O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (My Current Home Page) - About:Home O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2005/06/24 23:32:00 \| 00,000,000 \| ---- \| M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2001/07/28 07:07:38 \| 00,000,000 \| -HS- \| M] () - D:\AUTOEXEC.BAT -- [ FAT32 ] O34 - HKLM BootExecute: (autocheck) - File not found O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation) O34 - HKLM BootExecute: () - File not found O35 - comfile [open] -- "%1" % File not found O35 - exefile [open] -- "%1" %* File not found ========== Files/Folders - Created Within 14 Days ========== [2009/11/18 07:23:02 \| 00,000,000 \| ---D \| C] -- C:\_OTL [2009/11/18 04:49:45 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Compaq_Owner\My Documents\Microsoft [2009/11/18 04:40:06 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Compaq_Owner\My Documents\Jimmy_Helen_Rogers [2009/11/18 04:40:04 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Compaq_Owner\My Documents\GeeksToGo [2009/11/18 04:40:02 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Compaq_Owner\My Documents\Geeks [2009/11/18 04:36:36 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Compaq_Owner\My Documents\Downloads [2009/11/17 14:59:54 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Compaq_Owner\Application Data\Sonic [2009/11/17 14:59:14 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Compaq_Owner\Application Data\Leadertech [2009/11/17 04:52:13 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Compaq_Owner\Application Data\Nero [2009/11/16 16:17:59 \| 00,528,384 \| ---- \| C] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\OTL.exe [2009/11/13 16:11:11 \| 04,045,536 \| ---- \| C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Compaq_Owner\Desktop\mbam-setup.exe [2009/11/13 16:09:42 \| 00,339,456 \| ---- \| C] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\TFC.exe [2009/11/09 20:24:45 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Compaq_Owner\Application Data\HP [2009/11/09 20:07:33 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Application Data\HP Product Assistant [2009/11/09 19:01:12 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Compaq_Owner\My Documents\My Albums [2009/11/09 19:00:57 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\IsolatedStorage [2009/11/09 18:58:01 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\HP [2009/11/09 09:12:50 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Compaq_Owner\Application Data\HPQ [2009/11/09 09:02:49 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Compaq_Owner\Application Data\Adobe [2009/11/09 08:59:26 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Compaq_Owner\My Documents\GTCom-Netopia [2009/11/09 08:59:21 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Compaq_Owner\My Documents\Fairpoint [2009/11/09 08:56:53 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Application Data\Adobe [2009/11/09 08:56:00 \| 00,000,000 \| ---D \| C] -- C:\Program Files\Common Files\Adobe [2009/11/09 08:47:50 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Adobe [2009/11/09 07:57:48 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Application Data\NOS [2009/11/09 04:43:46 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Application Data\Comodo [2009/11/09 04:43:36 \| 00,179,792 \| ---- \| C] (COMODO) -- C:\WINDOWS\System32\guard32.dll [2009/11/09 04:43:36 \| 00,132,296 \| ---- \| C] (COMODO) -- C:\WINDOWS\System32\drivers\cmdguard.sys [2009/11/09 04:43:36 \| 00,087,104 \| ---- \| C] (COMODO) -- C:\WINDOWS\System32\drivers\inspect.sys [2009/11/09 04:43:36 \| 00,025,160 \| ---- \| C] (COMODO) -- C:\WINDOWS\System32\drivers\cmdhlp.sys [2009/11/09 04:43:27 \| 00,000,000 \| ---D \| C] -- C:\Program Files\COMODO [2009/11/08 11:09:09 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com [2009/11/08 11:08:57 \| 00,000,000 \| ---D \| C] -- C:\Program Files\SUPERAntiSpyware [2009/11/08 11:08:57 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Compaq_Owner\Application Data\SUPERAntiSpyware.com [2009/11/08 11:05:59 \| 00,000,000 \| ---D \| C] -- C:\Program Files\Alwil Software [2009/11/08 09:47:39 \| 00,000,000 \| ---D \| C] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2 [2009/11/08 09:45:28 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage [2009/11/08 09:39:44 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\Prefetch [2009/11/08 09:21:29 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\System32\scripting [2009/11/08 09:21:28 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\l2schemas [2009/11/08 09:21:27 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\System32\en [2009/11/08 09:21:26 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\System32\bits [2009/11/08 09:16:45 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\network diagnostic [2009/11/08 09:10:55 \| 00,000,000 \| -H-D \| C] -- C:\WINDOWS\$NtServicePackUninstall$ [2009/11/08 09:10:44 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\EHome [2009/11/08 08:24:53 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\ServicePackFiles [2009/11/08 08:24:23 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\ie8updates [2009/11/08 08:01:41 \| 00,281,088 \| ---- \| C] (Cinematronics) -- C:\WINDOWS\System32\dllcache\pinball.exe [2009/11/08 07:20:47 \| 00,212,480 \| ---- \| C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe [2009/11/08 07:20:47 \| 00,161,792 \| ---- \| C] (SteelWerX) -- C:\WINDOWS\SWREG.exe [2009/11/08 07:20:47 \| 00,136,704 \| ---- \| C] (SteelWerX) -- C:\WINDOWS\SWSC.exe [2009/11/08 07:20:47 \| 00,031,232 \| ---- \| C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe [2009/11/08 07:20:02 \| 00,000,000 \| ---D \| C] -- C:\Qoobox [2009/11/07 07:30:13 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Compaq_Owner\Application Data\Malwarebytes [2009/11/07 07:29:59 \| 00,000,000 \| ---D \| C] -- C:\Program Files\Malwarebytes' Anti-Malware [2009/11/07 07:29:59 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes [2009/11/07 06:50:03 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\ERDNT [2009/11/07 06:13:55 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Compaq_Owner\Application Data\RegistryPC [2009/11/07 06:12:05 \| 00,000,000 \| ---D \| C] -- C:\Program Files\RegistryPC [2009/11/07 05:43:44 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Compaq_Owner\Application Data\HpUpdate [2009/11/06 08:07:19 \| 00,000,000 \| -HSD \| C] -- C:\Documents and Settings\Compaq_Owner\IECompatCache [2009/11/06 06:57:03 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Compaq_Owner\Application Data\Macromedia [2009/11/06 06:56:47 \| 00,000,000 \| -HSD \| C] -- C:\Documents and Settings\Compaq_Owner\PrivacIE [2009/11/06 06:46:37 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Mozilla [2009/11/06 06:46:37 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla [2009/11/06 06:41:12 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Compaq_Owner\Application Data\Sun [2009/11/06 06:32:21 \| 00,000,000 \| -HSD \| C] -- C:\Documents and Settings\Compaq_Owner\IETldCache [2009/11/06 06:31:19 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Compaq_Owner\Application Data\Intuit [2009/11/06 06:31:19 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Compaq_Owner\Application Data\Identities [2009/11/06 06:31:19 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Compaq_Owner\Application Data\Apple Computer [2009/11/06 06:31:18 \| 00,000,000 \| R--D \| C] -- C:\Documents and Settings\Compaq_Owner\Recent [2009/11/06 06:31:18 \| 00,000,000 \| R--D \| C] -- C:\Documents and Settings\Compaq_Owner\My Documents\My Videos [2009/11/06 06:31:18 \| 00,000,000 \| R--D \| C] -- C:\Documents and Settings\Compaq_Owner\My Documents\My Pictures [2009/11/06 06:31:18 \| 00,000,000 \| R--D \| C] -- C:\Documents and Settings\Compaq_Owner\My Documents\My Music [2009/11/06 06:31:18 \| 00,000,000 \| R--D \| C] -- C:\Documents and Settings\Compaq_Owner\My Documents [2009/11/06 06:31:18 \| 00,000,000 \| R--D \| C] -- C:\Documents and Settings\Compaq_Owner\Favorites [2009/11/06 06:31:18 \| 00,000,000 \| -HSD \| C] -- C:\Documents and Settings\Compaq_Owner\Cookies [2009/11/06 06:31:18 \| 00,000,000 \| -H-D \| C] -- C:\Documents and Settings\Compaq_Owner\Local Settings [2009/11/06 06:31:18 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Compaq_Owner\WINDOWS [2009/11/06 06:31:18 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Compaq_Owner\Templates [2009/11/06 06:31:18 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Compaq_Owner\Start Menu [2009/11/06 06:31:18 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Compaq_Owner\SendTo [2009/11/06 06:31:18 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Compaq_Owner\PrintHood [2009/11/06 06:31:18 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Compaq_Owner\NetHood [2009/11/06 06:31:18 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Compaq_Owner\Desktop [2009/11/06 06:31:18 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Compaq_Owner\Application Data [2009/11/06 06:31:18 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Microsoft [2009/11/06 06:31:18 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Google [2009/11/06 06:31:18 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\ApplicationHistory [2009/11/06 06:31:18 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Apple Computer [2009/11/06 06:31:18 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150000} [2009/11/06 06:31:18 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Compaq_Owner\Application Data\Symantec [2009/11/06 06:31:18 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Compaq_Owner\Application Data\SampleView [2009/11/06 06:31:18 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Compaq_Owner\Application Data\Real [2009/11/06 06:31:18 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft [2009/11/06 04:58:28 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\System32\XPSViewer [2009/11/06 04:58:23 \| 00,000,000 \| ---D \| C] -- C:\Program Files\MSBuild [2009/11/06 04:58:14 \| 00,000,000 \| ---D \| C] -- C:\Program Files\Reference Assemblies [2009/11/06 04:57:07 \| 00,000,000 \| ---D \| C] -- C:\c5b25b0dac0a918333a666d64f9b [2009/11/06 04:48:53 \| 00,000,000 \| ---D \| C] -- C:\Program Files\MSXML 6.0 [2009/11/05 17:05:04 \| 00,000,000 \| ---D \| C] -- C:\1555d17a104fb8819590c1ad18de [2009/11/05 16:07:47 \| 00,000,000 \| ---D \| C] -- C:\Program Files\Microsoft.NET [2009/11/04 16:33:01 \| 00,000,000 \| -H-D \| C] -- C:\WINDOWS\ie8 [2009/11/04 09:41:50 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Application Data\Nero [2009/11/04 09:41:46 \| 00,000,000 \| ---D \| C] -- C:\Program Files\Common Files\Nero ========== Files - Modified Within 14 Days ========== [2009/11/18 07:27:33 \| 00,000,185 \| ---- \| M] () -- C:\WINDOWS\System\hpsysdrv.DAT [2009/11/18 07:24:59 \| 00,000,006 \| -H-- \| M] () -- C:\WINDOWS\tasks\SA.DAT [2009/11/18 07:24:53 \| 00,002,048 \| --S- \| M] () -- C:\WINDOWS\bootstat.dat [2009/11/18 07:23:38 \| 00,000,178 \| -HS- \| M] () -- C:\Documents and Settings\Compaq_Owner\ntuser.ini [2009/11/18 07:23:37 \| 01,572,864 \| ---- \| M] () -- C:\Documents and Settings\Compaq_Owner\NTUSER.DAT [2009/11/18 05:42:25 \| 00,001,158 \| ---- \| M] () -- C:\WINDOWS\System32\wpa.dbl [2009/11/17 15:21:48 \| 00,523,532 \| ---- \| M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2009/11/17 15:21:48 \| 00,442,796 \| ---- \| M] () -- C:\WINDOWS\System32\perfh009.dat [2009/11/17 15:21:48 \| 00,071,936 \| ---- \| M] () -- C:\WINDOWS\System32\perfc009.dat [2009/11/17 15:14:54 \| 00,004,625 \| ---- \| M] () -- C:\WINDOWS\imsins.BAK [2009/11/17 15:04:33 \| 00,305,152 \| ---- \| M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\windiag.iso [2009/11/14 10:55:30 \| 00,002,577 \| ---- \| M] () -- C:\WINDOWS\System32\CONFIG.NT [2009/11/14 10:48:25 \| 00,000,526 \| ---- \| M] () -- C:\WINDOWS\win.ini [2009/11/13 16:12:02 \| 00,001,495 \| ---- \| M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Windows Explorer.lnk [2009/11/13 05:58:08 \| 00,339,456 \| ---- \| M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\TFC.exe [2009/11/12 10:08:32 \| 00,000,227 \| ---- \| M] () -- C:\WINDOWS\system.ini [2009/11/12 10:06:42 \| 00,000,027 \| ---- \| M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2009/11/12 09:18:27 \| 00,155,568 \| ---- \| M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2009/11/09 20:15:10 \| 00,141,023 \| ---- \| M] () -- C:\WINDOWS\hpoins14.dat [2009/11/09 20:11:50 \| 00,001,866 \| ---- \| M] () -- C:\Documents and Settings\All Users\Desktop\HP Photosmart Essential 2.01.lnk [2009/11/09 19:22:10 \| 00,029,425 \| ---- \| M] () -- C:\WINDOWS\hpoins03.dat [2009/11/09 18:51:44 \| 00,000,135 \| ---- \| M] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\fusioncache.dat [2009/11/09 10:20:51 \| 00,029,089 \| ---- \| M] () -- C:\WINDOWS\hpoins03.dat.temp [2009/11/09 08:57:25 \| 00,001,737 \| ---- \| M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk [2009/11/09 06:30:48 \| 01,310,720 \| -H-- \| M] () -- C:\Documents and Settings\Compaq_Owner\NTUSER.bak [2009/11/09 04:48:45 \| 00,000,816 \| ---- \| M] () -- C:\Documents and Settings\All Users\Desktop\COMODO Internet Security.lnk [2009/11/09 04:43:26 \| 00,179,792 \| ---- \| M] (COMODO) -- C:\WINDOWS\System32\guard32.dll [2009/11/09 04:43:26 \| 00,132,296 \| ---- \| M] (COMODO) -- C:\WINDOWS\System32\drivers\cmdguard.sys [2009/11/09 04:43:26 \| 00,087,104 \| ---- \| M] (COMODO) -- C:\WINDOWS\System32\drivers\inspect.sys [2009/11/09 04:43:26 \| 00,025,160 \| ---- \| M] (COMODO) -- C:\WINDOWS\System32\drivers\cmdhlp.sys [2009/11/08 15:08:38 \| 00,032,216 \| ---- \| M] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\GDIPFONTCACHEV1.DAT [2009/11/08 14:21:51 \| 00,004,212 \| -H-- \| M] () -- C:\WINDOWS\System32\zllictbl.dat [2009/11/08 09:16:21 \| 00,250,048 \| RHS- \| M] () -- C:\ntldr [2009/11/07 12:07:08 \| 00,000,000 \| ---- \| M] () -- C:\rollback.ini [2009/11/07 09:16:24 \| 00,054,156 \| -H-- \| M] () -- C:\WINDOWS\QTFont.qfn [2009/11/07 09:16:24 \| 00,001,409 \| ---- \| M] () -- C:\WINDOWS\QTFont.for [2009/11/07 08:53:42 \| 00,000,015 \| ---- \| M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\settings.dat [2009/11/06 10:53:52 \| 00,267,264 \| ---- \| M] () -- C:\WINDOWS\PEV.exe [2009/11/05 15:31:00 \| 00,000,105 \| ---- \| M] () -- C:\WINDOWS\WININIT.INI [2009/11/05 05:22:18 \| 00,528,384 \| ---- \| M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\OTL.exe [2009/11/05 05:20:10 \| 04,045,536 \| ---- \| M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Compaq_Owner\Desktop\mbam-setup.exe ========== Files Created - No Company Name ========== [2009/11/17 15:04:33 \| 00,305,152 \| ---- \| C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\windiag.iso [2009/11/13 16:12:02 \| 00,001,495 \| ---- \| C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Windows Explorer.lnk [2009/11/09 20:11:50 \| 00,001,866 \| ---- \| C] () -- C:\Documents and Settings\All Users\Desktop\HP Photosmart Essential 2.01.lnk [2009/11/09 20:01:40 \| 00,141,023 \| ---- \| C] () -- C:\WINDOWS\hpoins14.dat [2009/11/09 20:01:40 \| 00,002,000 \| ---- \| C] () -- C:\WINDOWS\hpomdl14.dat [2009/11/09 19:16:17 \| 00,038,867 \| ---- \| C] () -- C:\WINDOWS\hpomdl03.dat [2009/11/09 19:16:17 \| 00,029,425 \| ---- \| C] () -- C:\WINDOWS\hpoins03.dat [2009/11/09 18:51:44 \| 00,000,135 \| ---- \| C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\fusioncache.dat [2009/11/09 08:57:24 \| 00,001,737 \| ---- \| C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk [2009/11/09 04:48:45 \| 00,000,816 \| ---- \| C] () -- C:\Documents and Settings\All Users\Desktop\COMODO Internet Security.lnk [2009/11/08 08:02:34 \| 00,001,261 \| ---- \| C] () -- C:\WINDOWS\System32\pid.inf [2009/11/08 07:57:30 \| 00,067,866 \| ---- \| C] () -- C:\WINDOWS\System32\drivers\netwlan5.img [2009/11/08 07:57:29 \| 00,129,045 \| ---- \| C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty [2009/11/08 07:57:28 \| 00,064,352 \| ---- \| C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod [2009/11/08 07:48:23 \| 01,089,593 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\ntprint.cat [2009/11/08 07:20:47 \| 00,267,264 \| ---- \| C] () -- C:\WINDOWS\PEV.exe [2009/11/08 07:20:47 \| 00,098,816 \| ---- \| C] () -- C:\WINDOWS\sed.exe [2009/11/08 07:20:47 \| 00,080,412 \| ---- \| C] () -- C:\WINDOWS\grep.exe [2009/11/08 07:20:47 \| 00,077,312 \| ---- \| C] () -- C:\WINDOWS\MBR.exe [2009/11/08 07:20:47 \| 00,068,096 \| ---- \| C] () -- C:\WINDOWS\zip.exe [2009/11/08 04:31:24 \| 00,026,236 \| ---- \| C] () -- C:\WINDOWS\System32\wins.mib [2009/11/08 04:31:23 \| 00,049,275 \| ---- \| C] () -- C:\WINDOWS\System32\wfospf.mib [2009/11/08 04:31:22 \| 00,004,332 \| ---- \| C] () -- C:\WINDOWS\System32\smi.mib [2009/11/08 04:31:21 \| 00,038,608 \| ---- \| C] () -- C:\WINDOWS\System32\nipx.mib [2009/11/08 04:31:20 \| 00,034,317 \| ---- \| C] () -- C:\WINDOWS\System32\msiprip2.mib [2009/11/08 04:31:19 \| 00,013,767 \| ---- \| C] () -- C:\WINDOWS\System32\msipbtp.mib [2009/11/08 04:31:19 \| 00,000,581 \| ---- \| C] () -- C:\WINDOWS\System32\msft.mib [2009/11/08 04:31:18 \| 00,010,313 \| ---- \| C] () -- C:\WINDOWS\System32\mripsap.mib [2009/11/08 04:31:17 \| 00,021,386 \| ---- \| C] () -- C:\WINDOWS\System32\mipx.mib [2009/11/08 04:31:16 \| 00,107,882 \| ---- \| C] () -- C:\WINDOWS\System32\mib_ii.mib [2009/11/08 04:31:15 \| 00,030,448 \| ---- \| C] () -- C:\WINDOWS\System32\mcastmib.mib [2009/11/08 04:31:14 \| 00,026,100 \| ---- \| C] () -- C:\WINDOWS\System32\lmmib2.mib [2009/11/08 04:31:14 \| 00,015,799 \| ---- \| C] () -- C:\WINDOWS\System32\ipforwd.mib [2009/11/08 04:31:12 \| 00,048,593 \| ---- \| C] () -- C:\WINDOWS\System32\hostmib.mib [2009/11/08 04:31:12 \| 00,004,597 \| ---- \| C] () -- C:\WINDOWS\System32\dhcp.mib [2009/11/08 04:31:09 \| 00,016,617 \| ---- \| C] () -- C:\WINDOWS\System32\authserv.mib [2009/11/08 04:31:06 \| 00,015,597 \| ---- \| C] () -- C:\WINDOWS\System32\accserv.mib [2009/11/07 09:16:24 \| 00,054,156 \| -H-- \| C] () -- C:\WINDOWS\QTFont.qfn [2009/11/07 09:16:24 \| 00,001,409 \| ---- \| C] () -- C:\WINDOWS\QTFont.for [2009/11/07 08:49:00 \| 00,000,015 \| ---- \| C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\settings.dat [2009/11/07 06:42:40 \| 00,032,216 \| ---- \| C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\GDIPFONTCACHEV1.DAT [2009/11/06 06:31:25 \| 00,000,062 \| -HS- \| C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\desktop.ini [2009/11/06 06:31:23 \| 00,002,846 \| ---- \| C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Help and Support.lnk [2009/11/06 06:31:22 \| 04,311,832 \| -H-- \| C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\IconCache.db [2009/11/06 06:31:18 \| 00,000,178 \| -HS- \| C] () -- C:\Documents and Settings\Compaq_Owner\ntuser.ini [2009/11/06 06:31:17 \| 01,572,864 \| ---- \| C] () -- C:\Documents and Settings\Compaq_Owner\NTUSER.DAT [2009/11/06 06:31:17 \| 01,310,720 \| -H-- \| C] () -- C:\Documents and Settings\Compaq_Owner\NTUSER.bak [2007/09/19 12:55:50 \| 00,000,002 \| ---- \| C] () -- C:\WINDOWS\msoffice.ini [2006/09/09 07:08:04 \| 00,017,519 \| ---- \| C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log [2006/06/29 14:58:52 \| 00,030,808 \| ---- \| C] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont [2006/06/29 14:53:56 \| 00,026,489 \| ---- \| C] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont [2006/04/18 15:39:28 \| 00,029,779 \| ---- \| C] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont [2006/04/18 15:39:28 \| 00,026,040 \| ---- \| C] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont [2005/08/08 17:27:27 \| 00,000,061 \| ---- \| C] () -- C:\WINDOWS\smscfg.ini [2005/08/08 16:55:18 \| 00,012,992 \| ---- \| C] () -- C:\WINDOWS\System32\CHODDI.SYS [2005/08/08 16:55:10 \| 00,045,056 \| ---- \| C] () -- C:\WINDOWS\System32\hpreg.dll [2005/08/08 16:48:07 \| 00,000,376 \| ---- \| C] () -- C:\WINDOWS\ODBC.INI [2005/08/08 16:41:35 \| 00,204,800 \| ---- \| C] () -- C:\WINDOWS\System32\IVIresizeW7.dll [2005/08/08 16:41:35 \| 00,200,704 \| ---- \| C] () -- C:\WINDOWS\System32\IVIresizeA6.dll [2005/08/08 16:41:35 \| 00,192,512 \| ---- \| C] () -- C:\WINDOWS\System32\IVIresizeP6.dll [2005/08/08 16:41:35 \| 00,192,512 \| ---- \| C] () -- C:\WINDOWS\System32\IVIresizeM6.dll [2005/08/08 16:41:35 \| 00,188,416 \| ---- \| C] () -- C:\WINDOWS\System32\IVIresizePX.dll [2005/08/08 16:41:35 \| 00,020,480 \| ---- \| C] () -- C:\WINDOWS\System32\IVIresize.dll [2005/08/08 16:36:06 \| 00,000,105 \| ---- \| C] () -- C:\WINDOWS\WININIT.INI [2005/08/08 16:30:56 \| 00,001,793 \| ---- \| C] () -- C:\WINDOWS\System32\fxsperf.ini [2005/08/08 16:15:38 \| 00,000,780 \| ---- \| C] () -- C:\WINDOWS\orun32.ini [2005/08/08 16:10:53 \| 00,016,896 \| ---- \| C] () -- C:\WINDOWS\System32\bcbmm.dll [2005/06/24 23:32:00 \| 00,000,526 \| ---- \| C] () -- C:\WINDOWS\win.ini [2005/06/24 16:26:26 \| 00,000,227 \| ---- \| C] () -- C:\WINDOWS\system.ini [2005/06/24 16:26:14 \| 00,000,062 \| -HS- \| C] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini [2004/06/15 23:38:02 \| 00,000,592 \| ---- \| C] () -- C:\WINDOWS\System32\oeminfo.ini ========== LOP Check ========== [2009/11/03 13:15:56 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\MailFrontier [2009/11/03 13:27:13 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\TEMP [2009/11/17 14:59:14 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Leadertech [2009/11/07 06:43:31 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Compaq_Owner\Application Data\RegistryPC [2005/08/08 16:54:21 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Compaq_Owner\Application Data\SampleView [2004/08/04 13:00:00 \| 00,000,065 \| RH-- \| M] () -- C:\WINDOWS\Tasks\desktop.ini [2009/11/18 07:24:59 \| 00,000,006 \| -H-- \| M] () -- C:\WINDOWS\Tasks\SA.DAT ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 145 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2 < End of report >

Rorschach112 View Member Profile	Nov 18 2009, 05:32 PM Post #24
GeekU Teacher Posts: 43,120 From: Dublin OS: XP	delete goorefix.exe re-download it and run it again, and post that log

CrackerBoy View Member Profile	Nov 19 2009, 10:32 AM Post #25
Member Posts: 30 From: FL/USA OS: XP Pro SP3	GooredFix by jpshortstuff (18.11.09.1) Log created at 10:31 on 19/11/2009 (Compaq_Owner) Firefox version 3.5.5 (en-US) ========== GooredScan ========== Removing Orphan: "{677A50BC-65E5-46FE-B8E6-ADA6D26F1A07}"="C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\{677A50BC-65E5-46FE-B8E6-ADA6D26F1A07}" -> Success! ========== GooredLog ========== C:\Program Files\Mozilla Firefox\extensions\ {972ce4c6-7e08-4474-a285-3208198ce6fd} [18:20 03/11/2009] {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} [23:31 06/11/2009] [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{20a82645-c095-46ed-80e3-08825760534b}"="c:\WINDOWS\Microsoft.NET\Framew ork\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\" [10:59 06/11/2009] "jqs@sun.com"="C:\Program Files\Java\jre6\lib\deploy\jqs\ff" [23:15 02/11/2009] -=E.O.F=-

Rorschach112 View Member Profile	Nov 19 2009, 03:01 PM Post #26
GeekU Teacher Posts: 43,120 From: Dublin OS: XP	Your logs are clean Follow these steps to uninstall Combofix and tools used in the removal of malware Uninstall ComboFix Remove Combofix now that we're done with it. Please press the Windows Key and R on your keyboard. This will bring up the Run... command. Now type in Combofix /Uninstall in the runbox and click OK. (Notice the space between the "x" and "/") Please follow the prompts to uninstall Combofix. You will then recieve a message saying Combofix was uninstalled successfully once it's done uninstalling itself. Download OTC to your desktop and run it Click Yes to beginning the Cleanup process and remove these components, including this application. You will be asked to reboot the machine to finish the Cleanup process. Choose Yes. Your using an old version of Adobe Acrobat Reader, this can leave your pc open to vulnerabilities, you can update it here : http://www.adobe.com/products/acrobat/readstep2.html Below I have included a number of recommendations for how to protect your computer against malware infections. Keep Windows updated by regularly checking their website at : http://windowsupdate.microsoft.com/ This will ensure your computer has always the latest security updates available installed on your computer. SpywareBlaster protects against bad ActiveX, it immunizes your PC against them. SpywareGuard offers realtime protection from spyware installation attempts. Make sure you are only running one real-time anti-spyware protection program ( eg : TeaTimer, Windows Defender ) or there will be a conflict. Make Internet Explorer more secure Click Start > Run Type Inetcpl.cpl & click OK Click on the Security tab Click Reset all zones to default level Make sure the Internet Zone is selected & Click Custom level In the ActiveX section, set the first two options ("Download signed and unsigned ActiveX controls) to "Prompt", and ("Initialize and Script ActiveX controls not marked as safe") to "Disable". Next Click OK, then Apply button and then OK to exit the Internet Properties page. TFC - Cleans temporary files from IE and Windows, empties the recycle bin and more. Great tool to help speed up your computer and knock out those nasties that like to reside in the temp folders. MVPS Hosts file replaces your current HOSTS file with one containing well known ad sites and other bad sites. Basically, this prevents your computer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer, meaning it will be difficult to infect yourself in the future. Please consider using an alternate browser. Mozilla's Firefox browser is fantastic; it is much more secure than Internet Explorer, immune to almost all known browser hijackers, and also has the best built-in pop up blocker (as an added benefit!) that I have ever seen. If you are interested, Firefox may be downloaded from Here If you choose to use Firefox, I highly recommend these add-ons to keep your PC even more secure. NoScript - for blocking ads and other potential website attacks McAfee SiteAdvisor - this tells you whether the sites you are about to visit are safe or not. A must if you do a lot of Googling Keep a backup of your important files - Now, more than ever, it's especially important to protect your digital files and memories. This article is full of good information on alternatives for home backup solutions. ERUNT (Emergency Recovery Utility NT) allows you to keep a complete backup of your registry and restore it when needed. The standard registry backup options that come with Windows back up most of the registry but not all of it. ERUNT however creates a complete backup set, including the Security hive and user related sections. ERUNT is easy to use and since it creates a full backup, there are no options or choices other than to select the location of the backup files. The backup set includes a small executable that will launch the registry restore if needed. FileHippo Update Checker is an extremely helpful program that will tell you which of your programs need to be updated. Its important to keep programs up to date so that malware doesn't exploit any old security flaws. Recovery Console - Recent trends appear to indicate that future infections will include attacks to the boot sector of the computer. The installation of the Recovery Console in the computer will be our only defense against this threat. For more information and steps to install the Recovery Console see This Article. Should you need assistance in installing the Recovery Console, please do not hesitate to ask. Please read my guide on how to prevent malware and about safe computing here Thank you for your patience, and performing all of the procedures requested.

CrackerBoy View Member Profile	Nov 20 2009, 03:58 PM Post #27
Member Posts: 30 From: FL/USA OS: XP Pro SP3	I do need help installing the Recovery Console. The unit is a Compaq Presario SR1603WM, it came loaded with XP Home and no disks; it featured a separate partition for recovery <which I was unaware of> and the ability to create 1 set of recovery disks and 1 recovery tools disk (neither of the programs will create the disks offered; though I'm quite sure none were ever made). I've tried to create them in Safe Mode as well. All other suggested steps have been accomplished including all updates, ERUNT has been run along with created Restore Points at each step. Your assistance and teaching is very much appreciated, I'm honored. Please advise if this should be a separate issue/thread. Thank you!!

Rorschach112 View Member Profile	Nov 20 2009, 04:34 PM Post #28
GeekU Teacher Posts: 43,120 From: Dublin OS: XP	I would actually post in the Windows XP forum about the recovery console, its more their area

Rorschach112 View Member Profile	Nov 23 2009, 07:02 PM Post #29
GeekU Teacher Posts: 43,120 From: Dublin OS: XP	Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread. Everyone else please begin a New Topic.

« Next Oldest · Virus, Spyware and Trojan Removal · Next Newest »

2 Pages

< 1 2

1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)

0 Members:

Topic Title	Replies / Views	Topic Information
Virus, Spyware and Trojan Removal Malware Removal Forum Rules [Solved]	14 / 258	18th December 2009 - 11:08 AM musicseawater started - last by Essexboy
Windows XP�, 2000, 2003, NT XP beyond slow after malware removal	1 / 190	10th January 2010 - 07:50 PM HardMaple72 started - last by rshaffer61
Windows XP�, 2000, 2003, NT Windows Xp keeps crashing, recent malware removal, registry changes	0 / 87	31st January 2010 - 06:12 PM tonyneves started - last by tonyneves
Windows XP�, 2000, 2003, NT XP - no sound after malware removal 12	25 / 501	15th March 2010 - 10:38 PM gshaw started - last by gshaw