Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Trojan.vundo cannot remove [Solved]

Started by JON B , Dec 20 2008 11:11 PM

  • This topic is locked This topic is locked

#16
Rorschach112
Posted 23 December 2008 - 03:27 PM

Rorschach112

    Ralphie

  • Retired Staff
  • 47,710 posts
Hello

  • Download random's system information tool (RSIT) by random/random from here and save it to your desktop.
  • Double click on RSIT.exe to run RSIT.
  • Click Continue at the disclaimer screen.
  • Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)

  • 0

Advertisements

#17
JON B
Posted 23 December 2008 - 04:26 PM

JON B

    Member

  • Topic Starter
  • Member
  • PipPip
  • 83 posts
Here is Log.txt:

Logfile of random's system information tool 1.05 (written by random/random)
Run by Compaq_Administrator at 2008-12-23 15:24:43
Microsoft Windows XP Professional Service Pack 3
System drive C: has 205 GB (89%) free of 231 GB
Total RAM: 958 MB (47% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:24:53 PM, on 12/23/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\sm56hlpr.exe
C:\Program Files\QuickTime\qttask.exe
C:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\lxddcoms.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\WALGRE~1\WALGRE~1\data\xtras\mssysmgr.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
c:\windows\system\hpsysdrv.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Documents and Settings\Compaq_Administrator\temp\TeamViewer\Version4\TeamViewer.exe
C:\Documents and Settings\Compaq_Administrator\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Compaq_Administrator.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...arm1=seconduser
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.h...arm1=seconduser
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.h...arm1=seconduser
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.h...arm1=seconduser
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.h...arm1=seconduser
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.redirect.h...arm1=seconduser
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\WALGRE~1\WALGRE~1\data\xtras\mssysmgr.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1229927903687
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn...ro.cab56649.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: DvpApi (dvpapi) - Authentium, Inc. - C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: lxdd_device - - C:\WINDOWS\system32\lxddcoms.exe
O23 - Service: Viewpoint Manager Service - Unknown owner - C:\Program Files\Viewpoint\Common\ViewpointService.exe (file missing)

--
End of file - 8197 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Check Updates for Windows Live Toolbar.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2008-12-15 455960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java™ Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-12-22 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}]
AVG Security Toolbar - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [2008-12-15 2055960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-12-22 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-12-22 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{A057A204-BACC-4D26-9990-79A187E2698E} - AVG Security Toolbar - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [2008-12-15 2055960]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2008-12-15 1261336]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2005-08-05 180269]
"SMSERIAL"=C:\WINDOWS\sm56hlpr.exe [2005-01-24 544768]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2005-08-05 98304]
"LSBWatcher"=c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe [2005-05-10 253952]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-07-27 221184]
"HPBootOp"=C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe [2005-02-25 245760]
"ehTray"=C:\WINDOWS\ehome\ehtray.exe [2005-08-05 64512]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-12-22 136600]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2008-12-04 1809648]
"PhotoShow Deluxe Media Manager"=C:\PROGRA~1\WALGRE~1\WALGRE~1\data\xtras\mssysmgr.exe [2005-05-19 176128]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-13 1695232]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="avgrsstx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2008-12-03 352256]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2005-06-07 46080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=
scecli
scecli
scecli
scecli

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe"="C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe:*:Enabled:Compaq Connections"
"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe"="C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink"
"C:\Program Files\iolo\System Mechanic Professional 7\Personal Firewall\ioloFW.exe"="C:\Program Files\iolo\System Mechanic Professional 7\Personal Firewall\ioloFW.exe:*:Enabled:iolo Firewall®"
"C:\Program Files\iolo\System Mechanic Professional 7\AntiVirus\ioloAV.exe"="C:\Program Files\iolo\System Mechanic Professional 7\AntiVirus\ioloAV.exe:*:Enabled:iolo AntiVirus®"
"C:\Program Files\iolo\System Mechanic Professional 7\AntiVirus\iAVEmailScanner.exe"="C:\Program Files\iolo\System Mechanic Professional 7\AntiVirus\iAVEmailScanner.exe:*:Enabled:iolo AntiVirus® Email Protection"
"C:\WINDOWS\system32\lxddcoms.exe"="C:\WINDOWS\system32\lxddcoms.exe:*:Enabled:2500 Series Server"
"C:\Program Files\Common Files\AOL\Loader\aolload.exe"="C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader"
"C:\Program Files\AIM6\aim6.exe"="C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM"
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\AVG\AVG8\avgemc.exe"="C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\NetMeeting\conf.exe"="C:\Program Files\NetMeeting\conf.exe:*:Enabled:Windows® NetMeeting®"
"C:\Documents and Settings\Compaq_Administrator\temp\TeamViewer\Version4\TeamViewer.exe"="C:\Documents and Settings\Compaq_Administrator\temp\TeamViewer\Version4\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe"="C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe:*:Enabled:Compaq Connections"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======File associations======

.js - open - NOTEPAD.EXE %1
.vbs - open - NOTEPAD.EXE %1

======List of files/folders created in the last 1 months======

2008-12-23 15:24:43 ----D---- C:\rsit
2008-12-22 19:09:24 ----D---- C:\WINDOWS\CSC
2008-12-22 15:12:45 ----A---- C:\WINDOWS\system32\javaws.exe
2008-12-22 15:12:45 ----A---- C:\WINDOWS\system32\javaw.exe
2008-12-22 15:12:45 ----A---- C:\WINDOWS\system32\java.exe
2008-12-22 10:57:59 ----D---- C:\_OTScanIt
2008-12-22 01:10:44 ----D---- C:\WINDOWS\system32\CatRoot2
2008-12-22 01:10:06 ----D---- C:\WINDOWS\temp
2008-12-22 00:11:47 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2008-12-22 00:11:47 ----A---- C:\WINDOWS\system32\mucltui.dll
2008-12-21 22:52:28 ----D---- C:\Program Files\Common Files\Adobe AIR
2008-12-21 22:29:09 ----D---- C:\Program Files\NOS
2008-12-21 22:29:09 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2008-12-21 21:59:54 ----D---- C:\Program Files\VS Revo Group
2008-12-21 21:35:58 ----D---- C:\_OTMoveIt
2008-12-21 20:56:46 ----D---- C:\Documents and Settings\Compaq_Administrator\Application Data\TeamViewer
2008-12-20 21:56:29 ----D---- C:\Program Files\Trend Micro
2008-12-20 21:04:59 ----A---- C:\VundoFix.txt
2008-12-20 13:41:43 ----D---- C:\Documents and Settings\Compaq_Administrator\Application Data\Malwarebytes
2008-12-20 13:41:37 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2008-12-20 13:41:37 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-12-20 00:35:42 ----D---- C:\Program Files\MSBuild
2008-12-20 00:33:52 ----D---- C:\WINDOWS\system32\XPSViewer
2008-12-20 00:33:12 ----D---- C:\Program Files\Reference Assemblies
2008-12-20 00:32:42 ----N---- C:\WINDOWS\system32\spmsg2.dll
2008-12-19 21:31:08 ----D---- C:\WINDOWS\system32\URTTemp
2008-12-19 19:15:16 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2008-12-19 19:15:13 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2008-12-19 19:14:55 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP11$
2008-12-19 19:14:38 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2008-12-19 19:07:05 ----N---- C:\WINDOWS\system32\spmsg.dll
2008-12-19 19:07:04 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2008-12-19 19:06:43 ----D---- C:\Program Files\Windows Media Connect 2
2008-12-19 19:06:33 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2008-12-19 19:05:50 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2008-12-19 19:05:23 ----D---- C:\WINDOWS\system32\LogFiles
2008-12-19 19:05:20 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2008-12-19 19:04:47 ----HDC---- C:\WINDOWS\$NtUninstallKB925766$
2008-12-19 18:41:29 ----D---- C:\WINDOWS\RegisteredPackages
2008-12-19 18:39:52 ----HDC---- C:\WINDOWS\$NtUninstallKB900325$
2008-12-19 18:38:55 ----HDC---- C:\WINDOWS\$NtUninstallKB903157$
2008-12-19 17:00:42 ----HDC---- C:\WINDOWS\$NtUninstallKB943729$
2008-12-19 14:32:34 ----D---- C:\Program Files\CCleaner
2008-12-19 13:27:31 ----D---- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-12-19 13:27:12 ----D---- C:\Program Files\SUPERAntiSpyware
2008-12-19 13:27:12 ----D---- C:\Documents and Settings\Compaq_Administrator\Application Data\SUPERAntiSpyware.com
2008-12-19 13:26:24 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2008-12-17 14:36:54 ----D---- C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla
2008-12-17 14:35:45 ----D---- C:\Program Files\Mozilla Firefox
2008-12-15 14:12:36 ----HD---- C:\$AVG8.VAULT$
2008-12-15 14:09:36 ----A---- C:\WINDOWS\system32\avgrsstx.dll
2008-12-15 14:09:21 ----D---- C:\Documents and Settings\Compaq_Administrator\Application Data\AVGTOOLBAR
2008-12-15 14:09:06 ----D---- C:\Program Files\AVG
2008-12-15 14:09:05 ----D---- C:\Documents and Settings\All Users\Application Data\avg8
2008-12-13 07:49:53 ----D---- C:\WINDOWS\pss
2008-12-12 16:43:46 ----A---- C:\WINDOWS\system32\57de897c-.txt
2008-12-10 03:06:21 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$
2008-12-10 03:05:01 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2008-12-10 03:04:47 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2008-12-10 03:01:38 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2008-12-04 03:04:00 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2008-12-04 03:02:26 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2008-12-03 14:29:01 ----D---- C:\WINDOWS\Prefetch
2008-12-03 14:25:59 ----HDC---- C:\WINDOWS\$NtUninstallKB951376$
2008-12-03 14:25:50 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-12-03 14:25:41 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-12-03 14:25:32 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2008-12-03 14:25:21 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2008-12-03 14:25:12 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-12-03 14:18:47 ----D---- C:\WINDOWS\system32\scripting
2008-12-03 14:18:46 ----D---- C:\WINDOWS\l2schemas
2008-12-03 14:18:45 ----D---- C:\WINDOWS\system32\en
2008-12-03 14:18:45 ----D---- C:\WINDOWS\system32\bits
2008-12-03 14:14:59 ----D---- C:\WINDOWS\ServicePackFiles
2008-12-03 13:57:15 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2008-12-02 18:09:48 ----N---- C:\WINDOWS\system32\aaclient.dll
2008-12-02 18:09:41 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2008-12-02 18:09:41 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2008-12-02 18:09:41 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2008-12-02 18:09:40 ----N---- C:\WINDOWS\system32\azroles.dll
2008-12-02 18:09:39 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2008-12-02 18:09:31 ----N---- C:\WINDOWS\system32\credssp.dll
2008-12-02 18:09:27 ----N---- C:\WINDOWS\system32\dimsroam.dll
2008-12-02 18:09:27 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2008-12-02 18:09:27 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2008-12-02 18:09:26 ----N---- C:\WINDOWS\system32\dot3ui.dll
2008-12-02 18:09:26 ----N---- C:\WINDOWS\system32\dot3svc.dll
2008-12-02 18:09:26 ----N---- C:\WINDOWS\system32\dot3msm.dll
2008-12-02 18:09:26 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2008-12-02 18:09:26 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2008-12-02 18:09:26 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2008-12-02 18:09:26 ----N---- C:\WINDOWS\system32\dot3api.dll
2008-12-02 18:09:23 ----N---- C:\WINDOWS\system32\eappgnui.dll
2008-12-02 18:09:23 ----N---- C:\WINDOWS\system32\eappcfg.dll
2008-12-02 18:09:23 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2008-12-02 18:09:23 ----N---- C:\WINDOWS\system32\eapolqec.dll
2008-12-02 18:09:22 ----N---- C:\WINDOWS\system32\eapsvc.dll
2008-12-02 18:09:22 ----N---- C:\WINDOWS\system32\eapqec.dll
2008-12-02 18:09:22 ----N---- C:\WINDOWS\system32\eappprxy.dll
2008-12-02 18:09:22 ----N---- C:\WINDOWS\system32\eapphost.dll
2008-12-02 18:09:20 ----N---- C:\WINDOWS\system32\faxpatch.exe
2008-12-02 18:09:15 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2008-12-02 18:09:10 ----N---- C:\WINDOWS\system32\comsdupd.exe
2008-12-02 18:09:05 ----N---- C:\WINDOWS\system32\smtpapi.dll
2008-12-02 18:09:05 ----N---- C:\WINDOWS\system32\rwnh.dll
2008-12-02 18:08:56 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2008-12-02 18:08:55 ----N---- C:\WINDOWS\system32\kmsvc.dll
2008-12-02 18:08:55 ----N---- C:\WINDOWS\system32\kbdpash.dll
2008-12-02 18:08:55 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2008-12-02 18:08:55 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2008-12-02 18:08:54 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2008-12-02 18:08:44 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
2008-12-02 18:08:41 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2008-12-02 18:08:41 ----N---- C:\WINDOWS\system32\mmcex.dll
2008-12-02 18:08:41 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2008-12-02 18:08:40 ----N---- C:\WINDOWS\system32\mmcperf.exe
2008-12-02 18:08:25 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2008-12-02 18:08:25 ----N---- C:\WINDOWS\system32\mssha.dll
2008-12-02 18:08:22 ----N---- C:\WINDOWS\system32\napstat.exe
2008-12-02 18:08:22 ----N---- C:\WINDOWS\system32\napmontr.dll
2008-12-02 18:08:22 ----N---- C:\WINDOWS\system32\napipsec.dll
2008-12-02 18:08:22 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2008-12-02 18:08:22 ----N---- C:\WINDOWS\system32\msxml6r.dll
2008-12-02 18:08:22 ----N---- C:\WINDOWS\system32\msxml6.dll
2008-12-02 18:08:18 ----N---- C:\WINDOWS\system32\nv4_disp.dll
2008-12-02 18:08:17 ----N---- C:\WINDOWS\system32\onex.dll
2008-12-02 18:08:15 ----N---- C:\WINDOWS\system32\photometadatahandler.dll
2008-12-02 18:08:14 ----N---- C:\WINDOWS\system32\qutil.dll
2008-12-02 18:08:14 ----N---- C:\WINDOWS\system32\qcliprov.dll
2008-12-02 18:08:14 ----N---- C:\WINDOWS\system32\qagentrt.dll
2008-12-02 18:08:14 ----N---- C:\WINDOWS\system32\qagent.dll
2008-12-02 18:08:13 ----N---- C:\WINDOWS\system32\rasqec.dll
2008-12-02 18:08:12 ----N---- C:\WINDOWS\system32\s3gnb.dll
2008-12-02 18:08:12 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2008-12-02 18:08:11 ----N---- C:\WINDOWS\system32\setupn.exe
2008-12-02 18:08:10 ----N---- C:\WINDOWS\system32\slcoinst.dll
2008-12-02 18:08:09 ----N---- C:\WINDOWS\system32\spupdwxp.exe
2008-12-02 18:08:09 ----N---- C:\WINDOWS\system32\slserv.exe
2008-12-02 18:08:09 ----N---- C:\WINDOWS\system32\slrundll.exe
2008-12-02 18:08:09 ----N---- C:\WINDOWS\system32\slgen.dll
2008-12-02 18:08:09 ----N---- C:\WINDOWS\system32\slextspk.dll
2008-12-02 18:08:09 ----N---- C:\WINDOWS\slrundll.exe
2008-12-02 18:08:09 ----A---- C:\WINDOWS\system32\spdwnwxp.exe
2008-12-02 18:08:03 ----N---- C:\WINDOWS\system32\tspkg.dll
2008-12-02 18:08:03 ----N---- C:\WINDOWS\system32\tsgqec.dll
2008-12-02 18:07:56 ----N---- C:\WINDOWS\system32\wlanapi.dll
2008-12-02 18:07:56 ----N---- C:\WINDOWS\system32\windowscodecsext.dll
2008-12-02 18:07:56 ----N---- C:\WINDOWS\system32\windowscodecs.dll
2008-12-02 18:07:55 ----N---- C:\WINDOWS\system32\wmphoto.dll
2008-12-02 14:34:42 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2008-12-02 14:32:53 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2008-12-02 14:32:44 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2008-12-02 14:32:32 ----HDC---- C:\WINDOWS\$NtUninstallKB956390$
2008-12-02 14:32:19 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-12-02 14:32:07 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2008-12-02 14:31:56 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-12-02 14:31:50 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2008-12-02 14:31:43 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-12-02 14:31:37 ----HDC---- C:\WINDOWS\$NtUninstallKB938464_0$
2008-12-02 14:30:17 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$
2008-12-02 14:28:31 ----D---- C:\WINDOWS\ie7updates
2008-12-02 14:28:06 ----D---- C:\WINDOWS\WBEM
2008-12-02 14:28:05 ----D---- C:\WINDOWS\system32\en-US
2008-12-02 14:27:14 ----HDC---- C:\WINDOWS\ie7
2008-12-02 14:27:02 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
2008-12-02 14:26:48 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2008-12-02 14:26:25 ----HDC---- C:\WINDOWS\$NtUninstallKB915865$
2008-12-02 14:26:23 ----A---- C:\WINDOWS\system32\xmllite.dll
2008-12-02 14:24:47 ----A---- C:\WINDOWS\system32\MRT.exe
2008-12-02 14:24:39 ----HDC---- C:\WINDOWS\$NtUninstallKB943460$
2008-12-02 14:24:34 ----D---- C:\WINDOWS\network diagnostic
2008-12-02 14:24:32 ----HDC---- C:\WINDOWS\$NtUninstallKB914440$
2008-12-02 14:24:26 ----HDC---- C:\WINDOWS\$NtUninstallKB904942$
2008-12-02 13:58:03 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2008-12-02 13:19:25 ----A---- C:\WINDOWS\system32\deploytk.dll
2008-12-01 21:03:55 ----D---- C:\WINDOWS\system32\PreInstall
2008-12-01 15:47:57 ----D---- C:\WINDOWS\system32\SoftwareDistribution

======List of files/folders modified in the last 1 months======

2008-12-23 09:26:40 ----SHD---- C:\WINDOWS\Installer
2008-12-23 09:26:40 ----HD---- C:\Config.Msi
2008-12-23 09:14:14 ----D---- C:\WINDOWS\Registration
2008-12-23 09:12:29 ----D---- C:\WINDOWS
2008-12-23 00:09:18 ----N---- C:\WINDOWS\SchedLgU.Txt
2008-12-22 15:12:46 ----D---- C:\WINDOWS\system32
2008-12-22 11:41:13 ----D---- C:\WINDOWS\Microsoft.NET
2008-12-22 11:41:12 ----RSD---- C:\WINDOWS\assembly
2008-12-22 10:59:54 ----SD---- C:\WINDOWS\Tasks
2008-12-22 10:58:00 ----D---- C:\Program Files\Windows Media Player
2008-12-22 10:52:57 ----RSHD---- C:\WINDOWS\system32\dllcache
2008-12-22 01:11:05 ----D---- C:\WINDOWS\system32\CatRoot
2008-12-22 00:40:55 ----A---- C:\WINDOWS\win.ini
2008-12-22 00:23:26 ----HD---- C:\WINDOWS\inf
2008-12-22 00:16:26 ----RSD---- C:\WINDOWS\Fonts
2008-12-22 00:16:02 ----D---- C:\Program Files\Common Files\Microsoft Shared
2008-12-21 23:38:29 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-12-21 23:20:33 ----D---- C:\Program Files
2008-12-21 23:20:32 ----D---- C:\Program Files\iPod
2008-12-21 23:20:05 ----HD---- C:\Program Files\InstallShield Installation Information
2008-12-21 23:20:01 ----D---- C:\WINDOWS\system32\drivers
2008-12-21 23:01:14 ----A---- C:\WINDOWS\system.ini
2008-12-21 22:55:10 ----D---- C:\Program Files\Adobe
2008-12-21 22:52:28 ----D---- C:\Program Files\Common Files
2008-12-21 22:51:24 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2008-12-21 22:16:05 ----D---- C:\Program Files\Common Files\Adobe
2008-12-21 22:07:56 ----D---- C:\Program Files\Java
2008-12-21 18:47:52 ----D---- C:\Program Files\NetMeeting
2008-12-20 13:37:47 ----RASH---- C:\boot.ini
2008-12-20 00:36:02 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-12-19 23:51:46 ----D---- C:\WINDOWS\WinSxS
2008-12-19 23:51:05 ----D---- C:\Program Files\Internet Explorer
2008-12-19 19:09:42 ----D---- C:\WINDOWS\ehome
2008-12-19 19:06:40 ----D---- C:\WINDOWS\Help
2008-12-19 18:44:03 ----D---- C:\WINDOWS\security
2008-12-19 17:00:44 ----D---- C:\WINDOWS\system32\wbem
2008-12-19 15:00:26 ----D---- C:\WINDOWS\Debug
2008-12-17 13:58:15 ----HD---- C:\WINDOWS\$hf_mig$
2008-12-15 14:44:40 ----D---- C:\Program Files\Common Files\WinSoftware
2008-12-15 13:53:51 ----D---- C:\Documents and Settings\All Users\Application Data\iolo
2008-12-14 23:01:48 ----D---- C:\WINDOWS\system32\config
2008-12-14 21:57:37 ----D---- C:\WINDOWS\system32\NtmsData
2008-12-13 20:25:07 ----D---- C:\Program Files\MSN
2008-12-13 08:54:14 ----D---- C:\WINDOWS\SoftwareDistribution
2008-12-13 07:53:22 ----D---- C:\WINDOWS\system32\inetsrv
2008-12-12 23:40:02 ----A---- C:\WINDOWS\system32\mshtml.dll
2008-12-12 17:53:14 ----D---- C:\Program Files\Online Services
2008-12-12 17:48:55 ----SD---- C:\Documents and Settings\Compaq_Administrator\Application Data\Microsoft
2008-12-12 15:32:50 ----RD---- C:\WINDOWS\Offline Web Pages
2008-12-04 20:25:54 ----D---- C:\Program Files\Lx_cats
2008-12-04 16:51:20 ----A---- C:\WINDOWS\system32\Incinerator.dll
2008-12-03 14:28:41 ----D---- C:\WINDOWS\system32\Setup
2008-12-03 14:28:41 ----D---- C:\WINDOWS\ime
2008-12-03 14:28:41 ----D---- C:\WINDOWS\AppPatch
2008-12-03 14:28:41 ----D---- C:\Program Files\Messenger
2008-12-03 14:18:48 ----D---- C:\WINDOWS\system32\usmt
2008-12-03 14:18:45 ----D---- C:\WINDOWS\PeerNet
2008-12-03 14:18:45 ----D---- C:\Program Files\Movie Maker
2008-12-03 14:14:38 ----D---- C:\WINDOWS\system32\Restore
2008-12-03 14:14:37 ----D---- C:\WINDOWS\system32\npp
2008-12-03 14:14:37 ----D---- C:\WINDOWS\mui
2008-12-03 14:14:36 ----D---- C:\WINDOWS\msagent
2008-12-03 14:14:34 ----D---- C:\WINDOWS\srchasst
2008-12-03 14:14:27 ----D---- C:\WINDOWS\system32\Com
2008-12-03 14:14:24 ----D---- C:\Program Files\Windows NT
2008-12-03 14:14:24 ----D---- C:\Program Files\Outlook Express
2008-12-03 14:14:20 ----D---- C:\Program Files\Common Files\System
2008-12-03 14:13:56 ----D---- C:\WINDOWS\system32\oobe
2008-12-03 14:13:46 ----D---- C:\WINDOWS\system
2008-12-03 14:06:51 ----D---- C:\WINDOWS\system32\ReinstallBackups
2008-12-02 14:31:30 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-12-02 14:31:22 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$
2008-12-02 14:31:10 ----HDC---- C:\WINDOWS\$NtUninstallKB950974_0$
2008-12-02 14:31:02 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2008-12-02 14:30:53 ----HDC---- C:\WINDOWS\$NtUninstallKB946648_0$
2008-12-02 14:30:43 ----HDC---- C:\WINDOWS\$NtUninstallKB951066_0$
2008-12-02 14:30:34 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP10$
2008-12-02 14:30:08 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2008-12-02 14:29:58 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2008-12-02 14:29:49 ----HDC---- C:\WINDOWS\$NtUninstallKB953356$
2008-12-02 14:29:42 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2008-12-02 14:29:36 ----HDC---- C:\WINDOWS\$NtUninstallKB923689$
2008-12-02 14:29:18 ----HDC---- C:\WINDOWS\$NtUninstallKB950762_0$
2008-12-02 14:29:07 ----HDC---- C:\WINDOWS\$NtUninstallKB950749$
2008-12-02 14:27:59 ----D---- C:\WINDOWS\Media
2008-12-02 14:13:57 ----HDC---- C:\WINDOWS\$NtUninstallKB948590$
2008-12-02 14:13:49 ----HDC---- C:\WINDOWS\$NtUninstallKB945553$
2008-12-02 14:13:42 ----HDC---- C:\WINDOWS\$NtUninstallKB943055$
2008-12-02 14:13:32 ----HDC---- C:\WINDOWS\$NtUninstallKB946026$
2008-12-02 14:13:25 ----HDC---- C:\WINDOWS\$NtUninstallKB943485$
2008-12-02 14:13:20 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2008-12-02 14:13:03 ----HDC---- C:\WINDOWS\$NtUninstallKB937894$
2008-12-02 14:12:55 ----HDC---- C:\WINDOWS\$NtUninstallKB944653$
2008-12-02 14:12:48 ----HDC---- C:\WINDOWS\$NtUninstallKB943460_0$
2008-12-02 14:12:37 ----HDC---- C:\WINDOWS\$NtUninstallKB933729$
2008-12-02 14:12:29 ----HDC---- C:\WINDOWS\$NtUninstallKB938127$
2008-12-02 14:12:14 ----HDC---- C:\WINDOWS\$NtUninstallKB938828$
2008-12-02 14:11:55 ----HDC---- C:\WINDOWS\$NtUninstallKB930494$
2008-12-02 14:11:38 ----HDC---- C:\WINDOWS\$NtUninstallKB925398_WMP64$
2008-12-02 14:11:10 ----HDC---- C:\WINDOWS\$NtUninstallKB935839$
2008-12-02 14:11:03 ----HDC---- C:\WINDOWS\$NtUninstallKB935840$
2008-12-02 14:10:55 ----HDC---- C:\WINDOWS\$NtUninstallKB929123$
2008-12-02 14:10:46 ----HDC---- C:\WINDOWS\$NtUninstallKB927891$
2008-12-02 14:10:39 ----HDC---- C:\WINDOWS\$NtUninstallKB923723$
2008-12-02 14:10:34 ----HDC---- C:\WINDOWS\$NtUninstallKB930916$
2008-12-02 14:10:27 ----HDC---- C:\WINDOWS\$NtUninstallKB920213$
2008-12-02 14:10:18 ----HDC---- C:\WINDOWS\$NtUninstallKB890046$
2008-12-02 14:10:09 ----HDC---- C:\WINDOWS\$NtUninstallKB932168$
2008-12-02 14:10:02 ----HDC---- C:\WINDOWS\$NtUninstallKB931261$
2008-12-02 14:09:54 ----HDC---- C:\WINDOWS\$NtUninstallKB930178$
2008-12-02 14:09:46 ----HDC---- C:\WINDOWS\$NtUninstallKB925902$
2008-12-02 14:09:36 ----HDC---- C:\WINDOWS\$NtUninstallKB926436$
2008-12-02 14:09:29 ----HDC---- C:\WINDOWS\$NtUninstallKB918118$
2008-12-02 14:09:19 ----HDC---- C:\WINDOWS\$NtUninstallKB927779$
2008-12-02 14:09:08 ----HDC---- C:\WINDOWS\$NtUninstallKB924667$
2008-12-02 14:09:01 ----HDC---- C:\WINDOWS\$NtUninstallKB927802$
2008-12-02 14:08:54 ----HDC---- C:\WINDOWS\$NtUninstallKB928843$
2008-12-02 14:08:44 ----HDC---- C:\WINDOWS\$NtUninstallKB928255$
2008-12-02 14:08:35 ----HDC---- C:\WINDOWS\$NtUninstallKB926255$
2008-12-02 14:08:27 ----HDC---- C:\WINDOWS\$NtUninstallKB923980$
2008-12-02 14:08:18 ----HDC---- C:\WINDOWS\$NtUninstallKB924270$
2008-12-02 14:08:09 ----HDC---- C:\WINDOWS\$NtUninstallKB923191$
2008-12-02 14:08:03 ----HDC---- C:\WINDOWS\$NtUninstallKB924496$
2008-12-02 14:07:56 ----HDC---- C:\WINDOWS\$NtUninstallKB920872$
2008-12-02 14:07:47 ----HDC---- C:\WINDOWS\$NtUninstallKB920685$
2008-12-02 14:07:39 ----HDC---- C:\WINDOWS\$NtUninstallKB916595$
2008-12-02 14:07:31 ----HDC---- C:\WINDOWS\$NtUninstallKB922582$
2008-12-02 14:07:21 ----HDC---- C:\WINDOWS\$NtUninstallKB920683$
2008-12-02 14:07:14 ----HDC---- C:\WINDOWS\$NtUninstallKB920670$
2008-12-02 14:07:08 ----HDC---- C:\WINDOWS\$NtUninstallKB914388$
2008-12-02 14:06:59 ----HDC---- C:\WINDOWS\$NtUninstallKB911280$
2008-12-02 14:06:51 ----HDC---- C:\WINDOWS\$NtUninstallKB913580$
2008-12-02 14:06:43 ----HDC---- C:\WINDOWS\$NtUninstallKB918439$
2008-12-02 14:06:33 ----HDC---- C:\WINDOWS\$NtUninstallKB914389$
2008-12-02 14:06:24 ----HDC---- C:\WINDOWS\$NtUninstallKB908531$
2008-12-02 14:06:15 ----HDC---- C:\WINDOWS\$NtUninstallKB900485$
2008-12-02 14:06:05 ----HDC---- C:\WINDOWS\$NtUninstallKB911562$
2008-12-02 14:05:57 ----HDC---- C:\WINDOWS\$NtUninstallKB911927$
2008-12-02 14:05:48 ----HDC---- C:\WINDOWS\$NtUninstallKB908519$
2008-12-02 14:05:39 ----HDC---- C:\WINDOWS\$NtUninstallKB910437$
2008-12-02 14:05:27 ----HDC---- C:\WINDOWS\$NtUninstallKB900725$
2008-12-02 14:05:14 ----HDC---- C:\WINDOWS\$NtUninstallKB905749$
2008-12-02 14:05:06 ----HDC---- C:\WINDOWS\$NtUninstallKB905414$
2008-12-02 14:04:58 ----HDC---- C:\WINDOWS\$NtUninstallKB901017$
2008-12-02 14:04:43 ----HDC---- C:\WINDOWS\$NtUninstallKB902400$
2008-12-02 14:03:54 ----HDC---- C:\WINDOWS\$NtUninstallKB894391$
2008-12-02 14:03:45 ----HDC---- C:\WINDOWS\$NtUninstallKB896423$
2008-12-02 14:03:37 ----HDC---- C:\WINDOWS\$NtUninstallKB899587$
2008-12-02 14:03:30 ----HDC---- C:\WINDOWS\$NtUninstallKB899591$
2008-12-02 14:03:22 ----HDC---- C:\WINDOWS\$NtUninstallKB893756$
2008-12-02 14:03:13 ----HDC---- C:\WINDOWS\$NtUninstallKB890859$
2008-12-02 14:03:01 ----HDC---- C:\WINDOWS\$NtUninstallKB901214$
2008-12-02 14:02:50 ----HDC---- C:\WINDOWS\$NtUninstallKB896428$
2008-12-02 14:02:42 ----HDC---- C:\WINDOWS\$NtUninstallKB888302$
2008-12-02 14:02:29 ----HDC---- C:\WINDOWS\$NtUninstallKB886185$
2008-12-01 21:03:54 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2008-11-28 14:51:40 ----D---- C:\Program Files\Common Files\AOL
2008-11-28 11:19:49 ----D---- C:\Program Files\Yahoo!
2008-11-28 11:19:18 ----D---- C:\Documents and Settings\All Users\Application Data\yahoo!

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK8;AMD Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2005-03-09 36352]
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2008-12-15 97928]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2008-12-15 26824]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R2 AvgTdiX;AVG Free8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2008-12-15 76040]
R2 CSS DVP;Dynamic Virus Protection; C:\WINDOWS\system32\DRIVERS\css-dvp.sys [2007-07-09 834448]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-04-20 2317696]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-06-07 1235968]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 Ps2;PS2; C:\WINDOWS\system32\DRIVERS\PS2.sys [2002-07-29 23808]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2008-02-25 105088]
R3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
R3 smserial;smserial; C:\WINDOWS\system32\DRIVERS\smserial.sys [2005-01-25 923863]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 ltmodem5;LT Modem Driver; C:\WINDOWS\system32\DRIVERS\ltmdmnt.sys [2004-08-04 606684]
S3 MHNDRV;MHN driver; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
S3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
S4 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-10 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-06-07 376832]
R2 avg8emc;AVG Free8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-12-15 875288]
R2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-12-15 231704]
R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2006-10-09 237568]
R2 ehSched;Media Center Scheduler Service; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 102912]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-12-22 152984]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2005-06-21 53248]
R2 lxdd_device;lxdd_device; C:\WINDOWS\system32\lxddcoms.exe [2007-05-25 537520]
R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
S2 dvpapi;DvpApi; C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe [2007-07-09 177416]
S2 Viewpoint Manager Service;Viewpoint Manager Service; C:\Program Files\Viewpoint\Common\ViewpointService.exe []
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2007-10-09 36864]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
S4 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-13 267776]
S4 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S4 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2007-10-11 864256]
S4 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2007-10-11 122880]

-----------------EOF-----------------
  • 0

#18
JON B
Posted 23 December 2008 - 04:27 PM

JON B

    Member

  • Topic Starter
  • Member
  • PipPip
  • 83 posts
Here is info.txt...


info.txt logfile of random's system information tool 1.05 2008-12-23 15:24:56

======Uninstall list======

-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {F80239D8-7811-4D5E-B033-0D0BBFE32920}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Acrobat.com-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe -uninstall com.adobe.mauby 4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
Acrobat.com-->MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07}
Adobe AIR-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{00203668-8170-44A0-BE44-B632FA4D780F}
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A90000000001}
ATI Control Panel-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
Authentium AntiVirus SDK - 2-->MsiExec.exe /I{C67DF120-4DD3-11D4-A3CA-005004AD2A5B}
AVG Free 8.0-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
Barnyard Invasion from Compaq (remove only)-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\53474592-01BC-4338-8647-FE350957D912\Uninstall.exe"
Bejeweled 2 Deluxe from Compaq (remove only)-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\D84AC71A-75E8-4709-8BA5-4B46EAC00C5E\Uninstall.exe"
Big Kahuna Reef from Compaq (remove only)-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\9421EC3B-DD11-4A1D-B299-6E00CBFD0313\Uninstall.exe"
Blackhawk Striker 2 from Compaq (remove only)-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\BFAF1EEC-E987-415B-BCB8-80CDB0BC6CDF\Uninstall.exe"
Blasterball 2 from Compaq (remove only)-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\75528D5F-DD82-402E-BA7C-045B7DC6A712\Uninstall.exe"
Blasterball 2 Holidays from Compaq (remove only)-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\D06AB82F-D68E-405A-9886-AB8804291B6D\Uninstall.exe"
Boggle Supreme from Compaq (remove only)-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\C6D35CCA-3F9E-4B6E-A17F-409EE7379D6B\Uninstall.exe"
Bookworm Deluxe from Compaq (remove only)-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\E618FC78-EE4F-4243-8409-078EB5E0B1F6\Uninstall.exe"
Bounce Symphony from Compaq (remove only)-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\29FF6D07-4A15-41F1-9D5E-E0F3A58012C6\Uninstall.exe"
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Compaq Connections (remove only)-->C:\WINDOWS\HPCPCUninstall-5577497\HPBWSetup.exe -appid 5577497 -uninstall
Compaq Game Console and games-->C:\Program Files\WildTangent\Apps\hpuninstall.exe
Compaq Multimedia Keyboard Software-->C:\HP\KBD\KBD.EXE uninstalled
Compaq Organize-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D0122362-6333-4DE4-93F6-A5A2F3CC101A}\Setup.exe" UNINSTALL
Crystal Maze from Compaq (remove only)-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\C43D84CD-EBFC-48D3-A330-7868C8AD415A\Uninstall.exe"
Digby's Donuts from Compaq (remove only)-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\3DB5E24E-D0CE-437E-96BB-35E09A45B800\Uninstall.exe"
Easy Internet Sign-up-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{8105684D-8CA6-440D-8F58-7E5FD67A499D} /l1033
FATE Demo from Compaq (remove only)-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\EC103FAC-9610-4651-BD68-CCEA97C7AB02\Uninstall.exe"
Flip Words from Compaq (remove only)-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\220B08B4-42B6-4452-A646-5646B6CB8063\Uninstall.exe"
GemMaster Mystic-->"C:\Program Files\GemMaster\uninstallgemmaster.exe"
High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 10 (KB903157)-->"C:\WINDOWS\$NtUninstallKB903157$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
HP Boot Optimizer-->MsiExec.exe /I{3BA95526-6AE0-4B87-A62D-17187EF565FC}
HP DigitalMedia Archive-->MsiExec.exe /I{F80239D8-7811-4D5E-B033-0D0BBFE32920}
HP Software Update-->MsiExec.exe /X{ECFDD6BD-E0C0-41CC-A171-E6D6AF4C0E93}
Insaniquarium Deluxe from Compaq (remove only)-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\5AF1DD17-7B06-45EF-8592-2E524E458BAB\Uninstall.exe"
InterVideo WinDVD Player-->"C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL
Java™ 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Jewel Quest from Compaq (remove only)-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\2FC85AE2-A516-46DC-9622-BEE432D2276B\Uninstall.exe"
Mah Jong Quest from Compaq (remove only)-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\422C7575-C10D-4795-87FA-9972765379E6\Uninstall.exe"
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft .NET Framework 3.0 Service Pack 1-->MsiExec.exe /I{2BA00471-0328-3743-93BD-FA813353A783}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft Money 2005-->C:\Program Files\Microsoft Money 2005\MNYCoreFiles\Setup\uninst.exe /s:120
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Standard Edition 2003-->MsiExec.exe /I{91120409-6000-11D3-8CFE-0150048383C9}
Microsoft Plus! Dancer LE-->MsiExec.exe /X{1A103D70-5C9B-4E1A-B306-5106C68F9914}
Microsoft Plus! Digital Media Edition Installer-->MsiExec.exe /X{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}
Microsoft Plus! Photo Story 2 LE-->MsiExec.exe /X{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Works-->MsiExec.exe /I{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}
Motorola SM56 Speakerphone Modem-->C:\WINDOWS\Motorola\SMSERIAL\sm56unst.exe
Mozilla Firefox (3.0.5)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 6.0 Parser (KB925673)-->MsiExec.exe /I{FE9126DB-5F84-495A-BB46-3C724F1C2D08}
Office 2003 Tour-->MsiExec.exe /I{BE9FEFBA-F2F8-468B-A108-4356F73A3E9C}
Otto-->"C:\Program Files\EnglishOtto\uninstallotto.exe"
Polar Bowler from Compaq (remove only)-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\05E21449-3BA3-42BF-BBDA-95205F4EA40A\Uninstall.exe"
Polar Golfer from Compaq (remove only)-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\3330A279-CC39-4A17-AE19-DA464B26AD9A\Uninstall.exe"
PS2-->C:\WINDOWS\system32\ps2.exe uninstall
Puzzle Express from Compaq (remove only)-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\E1A0F769-A43A-4DDB-9F73-12791E453557\Uninstall.exe"
Python 2.2 pywin32 extensions (build 203)-->"C:\Python22\Removepywin32.exe" -u "C:\Python22\pywin32-wininst.log"
Python 2.2.3-->C:\Python22\UNWISE.EXE C:\Python22\INSTALL.LOG
Quicken 2005-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{2DBE41DD-2129-4C65-A3D3-5647236A60F3} anything
QuickTime-->C:\WINDOWS\unvise32qt.exe C:\WINDOWS\system32\QuickTime\Uninstall.log
RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Revo Uninstaller 1.75-->C:\Program Files\VS Revo Group\Revo Uninstaller\uninst.exe
Ricochet Lost Worlds from Compaq (remove only)-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\52AEBC18-F252-4B0C-B3E1-724537D9F873\Uninstall.exe"
SCRABBLE Blast from Compaq (remove only)-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\4A750179-4CAB-4A94-911D-36ECBC64B6B2\Uninstall.exe"
SCRABBLE from Compaq (remove only)-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\FA6A73EB-40AB-4B58-851D-3892B3C10EF6\Uninstall.exe"
SCRABBLE Rack Attack from Compaq (remove only)-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\AC542946-E8F0-4163-9902-A1DCB02E327F\Uninstall.exe"
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Step By Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Shrek 2 Ogre Bowler from Compaq (remove only)-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\BBCBAA5D-AC5A-4098-A53E-EC60A68F38F9\Uninstall.exe"
Slingo Deluxe from Compaq (remove only)-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\F19E8CDF-5EFD-45E0-9FAF-66CBAE84B1D9\Uninstall.exe"
Slyder from Compaq (remove only)-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\8BA6F58B-7A91-461F-95F8-E34F8BD8AA4E\Uninstall.exe"
Sonic Encoders-->MsiExec.exe /I{9941F0AA-B903-4AF4-A055-83A9815CC011}
Sonic Express Labeler-->MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Sonic MyDVD Plus-->MsiExec.exe /I{21657574-BD54-48A2-9450-EB03B2C7FC29}
Sonic RecordNow Audio-->MsiExec.exe /I{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
Sonic RecordNow Copy-->MsiExec.exe /I{B12665F4-4E93-4AB4-B7FC-37053B524629}
Sonic RecordNow Data-->MsiExec.exe /I{075473F5-846A-448B-BCB3-104AA1760205}
Sonic Update Manager-->MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
Super Granny from Compaq (remove only)-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\DE87FA96-7840-420C-86F9-33F3B7B3CED1\Uninstall.exe"
SUPERAntiSpyware Free Edition-->MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
Swarm from Compaq (remove only)-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\B8DC3DBE-D64E-4EE3-8211-8BCAD6CD3D56\Uninstall.exe"
Tradewinds from Compaq (remove only)-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\66195170-D19D-46C5-8FB7-8A4630071ADC\Uninstall.exe"
Update for Windows XP (KB943729)-->"C:\WINDOWS\$NtUninstallKB943729$\spuninst\spuninst.exe"
Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Update for Windows XP (KB953356)-->"C:\WINDOWS\$NtUninstallKB953356$\spuninst\spuninst.exe"
Update for Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Update Rollup 2 for Windows XP Media Center Edition 2005-->C:\WINDOWS\$NtUninstallKB900325$\spuninst\spuninst.exe
Viewpoint Media Player-->C:\Program Files\Viewpoint\Viewpoint Media Player\mtsAxInstaller.exe /u
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
Windows XP Media Center Edition 2005 KB894553-->C:\WINDOWS\$NtUninstallKB894553$\spuninst\spuninst.exe
Windows XP Media Center Edition 2005 KB895678-->C:\WINDOWS\$NtUninstallKB895678$\spuninst\spuninst.exe
Windows XP Media Center Edition 2005 KB925766-->"C:\WINDOWS\$NtUninstallKB925766$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"

======Security center information======

AV: AVG Anti-Virus Free

System event log

Computer Name: YOUR-B27FB1C401
Event Code: 7035
Message: The Fast User Switching Compatibility service was successfully sent a start control.

Record Number: 19597
Source Name: Service Control Manager
Time Written: 20081216121915.000000-420
Event Type: information
User: NT AUTHORITY\SYSTEM

Computer Name: YOUR-B27FB1C401
Event Code: 7036
Message: The Terminal Services service entered the running state.

Record Number: 19596
Source Name: Service Control Manager
Time Written: 20081216121915.000000-420
Event Type: information
User:

Computer Name: YOUR-B27FB1C401
Event Code: 7022
Message: The Windows Image Acquisition (WIA) service hung on starting.

Record Number: 19595
Source Name: Service Control Manager
Time Written: 20081216121914.000000-420
Event Type: error
User:

Computer Name: YOUR-B27FB1C401
Event Code: 49157
Message: INIT: BIOS TV signature not found

Record Number: 19594
Source Name: ati2mtag
Time Written: 20081216121744.000000-420
Event Type: information
User:

Computer Name: YOUR-B27FB1C401
Event Code: 6005
Message: The Event log service was started.

Record Number: 19593
Source Name: EventLog
Time Written: 20081216121716.000000-420
Event Type: information
User:

Application event log

Computer Name: YOUR-B27FB1C401
Event Code: 103
Message: wuaueng.dll (3580) SUS20ClientDataStore: The database engine stopped the instance (0).

Record Number: 3907
Source Name: ESENT
Time Written: 20081128211151.000000-420
Event Type: information
User:

Computer Name: YOUR-B27FB1C401
Event Code: 102
Message: wuaueng.dll (3580) SUS20ClientDataStore: The database engine started a new instance (0).

Record Number: 3906
Source Name: ESENT
Time Written: 20081128210649.000000-420
Event Type: information
User:

Computer Name: YOUR-B27FB1C401
Event Code: 100
Message: wuauclt (3580) The database engine 5.01.2600.2180 started.

Record Number: 3905
Source Name: ESENT
Time Written: 20081128210649.000000-420
Event Type: information
User:

Computer Name: YOUR-B27FB1C401
Event Code: 101
Message: wuauclt (1524) The database engine stopped.

Record Number: 3904
Source Name: ESENT
Time Written: 20081128161132.000000-420
Event Type: information
User:

Computer Name: YOUR-B27FB1C401
Event Code: 103
Message: wuaueng.dll (1524) SUS20ClientDataStore: The database engine stopped the instance (0).

Record Number: 3903
Source Name: ESENT
Time Written: 20081128161132.000000-420
Event Type: information
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;c:\Python22;C:\Program Files\ATI Technologies\ATI Control Panel
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 47 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=2f02
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"SonicCentral"=c:\Program Files\Common Files\Sonic Shared\Sonic Central\

-----------------EOF-----------------
  • 0

#19
Rorschach112
Posted 23 December 2008 - 04:50 PM

Rorschach112

    Ralphie

  • Retired Staff
  • 47,710 posts
hello

Please download the OTMoveIt3 by OldTimer or from here.
  • Save it to your desktop.
  • Please double-click OTMoveIt3.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
  • Copy the lines in the codebox below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

    :Processes
explorer.exe

:Services

:Reg

:Files
C:\WINDOWS\system32\57de897c-.txt

:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]
  • Return to OTMoveIt3, right click in the "Paste Instructions for Items to be Moved" window (under the yellow bar) and choose Paste.
  • Click the red Moveit! button.
  • Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTMoveIt3
Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes. In this case, after the reboot, open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTMoveIt\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.



  • Make sure you have an Internet Connection.
  • Download OTCleanIt to your desktop and run it
  • A list of tool components used in the Cleanup of malware will be downloaded.
  • If your Firewall or Real Time protection attempts to block OTCleanUp to reach the Internet, please allow the application to do so.
  • Click Yes to beging the Cleanup process and remove these components, including this application.
  • You will be asked to reboot the machine to finish the Cleanup process. If you are asked to reboot the machine choose Yes.



Now we need to create a new System Restore point.

Click Start Menu > Run > type (or copy and paste)

%SystemRoot%\System32\restore\rstrui.exe

Press OK. Choose Create a Restore Point then click Next. Name it and click Create, when the confirmation screen shows the restore point has been created click Close.

Next goto Start Menu > Run > type

cleanmgr

Click OK, Disk Cleanup will open and start calculating the amount of space that can be freed, Once thats finished it will open the Disk Cleanup options screen, click the More Options tab then click Clean up on the system restore area and choose Yes at the confirmation window which will remove all the restore points except the one we just created.

To close Disk Cleanup and remove the Temporary Internet Files detected in the initial scan click OK then choose Yes on the confirmation window.



Below I have included a number of recommendations for how to protect your computer against malware infections.

* Keep Windows updated by regularly checking their website at :
http://windowsupdate.microsoft.com/
This will ensure your computer has always the latest security updates available installed on your computer.

* To reduce re-infection for malware in the future, I strongly recommend installing these free programs:

SpywareBlaster protects against bad ActiveX

* SpywareGuard offers realtime protection from spyware installation attempts. Make sure you are only running one real-time anti-spyware protection program or there will be a conflict.

Make Internet Explorer more secure
  • Click Start > Run
  • Type Inetcpl.cpl & click OK
  • Click on the Security tab
  • Click Reset all zones to default level
  • Make sure the Internet Zone is selected & Click Custom level
  • In the ActiveX section, set the first two options ("Download signed and unsigned ActiveX controls) to "Prompt", and ("Initialize and Script ActiveX controls not marked as safe") to "Disable".
  • Next Click OK, then Apply button and then OK to exit the Internet Properties page.


*ATF Cleaner - Cleans temporary files from IE and Windows, empties the recycle bin and more. Great tool to help speed up your computer and knock out those nasties that like to reside in the temp folders.

*NoScript - Addon for Firefox that stops all scripts from running on websites. Stops malicious software from invading via flash, java, javascript, and many other entry points.

*Keep a backup of your important files - Now, more than ever, it's especially important to protect your digital files and memories. This article is full of good information on alternatives for home backup solutions.

* MVPS Hosts file replaces your current HOSTS file with one containing well known ad sites and other bad sites. Basically, this prevents your computer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer, meaning it will be difficult to infect yourself in the future.

* Please consider using an alternate browser. Mozilla's Firefox browser is fantastic; it is much more
secure than Internet Explorer, immune to almost all known browser hijackers, and also has the best built-in pop up
blocker (as an added benefit!) that I have ever seen. If you are interested, Firefox may be downloaded from
Here

* Take a good look at the following suggestions for malware prevention by reading Tony Klein’s article 'How Did I Get Infected In The First Place'
Here

*ERUNT (Emergency Recovery Utility NT) allows you to keep a complete backup of your registry and restore it when needed. The standard registry backup options that come with Windows back up most of the registry but not all of it. ERUNT however creates a complete backup set, including the Security hive and user related sections. ERUNT is easy to use and since it creates a full backup, there are no options or choices other than to select the location of the backup files. The backup set includes a small executable that will launch the registry restore if needed.

* Recovery Console - Recent trends appear to indicate that future infections will include attacks to the boot sector of the computer. The installation of the Recovery Console in the computer will be our only defense against this threat. For more information and steps to install the Recovery Console see This Article. Should you need assistance in installing the Recovery Console, please do not hesitate to ask.

Thank you for your patience, and performing all of the procedures requested.
  • 0

#20
JON B
Posted 23 December 2008 - 09:15 PM

JON B

    Member

  • Topic Starter
  • Member
  • PipPip
  • 83 posts
Here is the last log:


========== PROCESSES ==========
Process explorer.exe killed successfully.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
C:\WINDOWS\system32\57de897c-.txt moved successfully.
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\etilqs_XotKRzSgbUgl9eftTB1N scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat scheduled to be deleted on reboot.
Local Service Temp folder emptied.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_198.dat scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
File delete failed. C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\Mozilla\Firefox\Profiles\0r1k2j18.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\Mozilla\Firefox\Profiles\0r1k2j18.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\Mozilla\Firefox\Profiles\0r1k2j18.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\Mozilla\Firefox\Profiles\0r1k2j18.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\Mozilla\Firefox\Profiles\0r1k2j18.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\Mozilla\Firefox\Profiles\0r1k2j18.default\XUL.mfl scheduled to be deleted on reboot.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfully

OTMoveIt3 by OldTimer - Version 1.0.7.2 log created on 12232008_161100


Still working on the rest...I will report back here shortly. Thanks!
  • 0

#21
JON B
Posted 24 December 2008 - 05:02 AM

JON B

    Member

  • Topic Starter
  • Member
  • PipPip
  • 83 posts
:)

HELP!!!! Trying to finish the clean up and constantly losing content. I have lost everything in device manager, its empty, no network connections showing or connecting, computer would not recognize any hardware, and system restore does not work!! What the...???? :) I am at a loss on what to do next. We are 1100 miles apart and he is not computer savy at all...I'm just trying to help a friend but this issue has been consuming my family time with my kids, wife, etc. for the last week.
:)
:)

Edited by JON B, 24 December 2008 - 05:03 AM.

  • 0

#22
JON B
Posted 24 December 2008 - 06:54 AM

JON B

    Member

  • Topic Starter
  • Member
  • PipPip
  • 83 posts
OK, I got him back up and barely limping but we are up. I have no clue what in the world is on his computer but it is nasty! I figured out that 95% of the services had been disabled along with the device manager, no internet, system restore gone, etc. I had him turn back on a couple of services and got him back online so hopefully we can find a fix. Thanks so much for your help. :)
  • 0

#23
Rorschach112
Posted 24 December 2008 - 07:40 AM

Rorschach112

    Ralphie

  • Retired Staff
  • 47,710 posts
The logs are clean

If you have any more issues post in the Windows XP forum about it
  • 0

#24
JON B
Posted 24 December 2008 - 07:47 AM

JON B

    Member

  • Topic Starter
  • Member
  • PipPip
  • 83 posts
Thanks for all of your help!! :) :) I couldn't have done it without you!! :) :)

Edited by JON B, 24 December 2008 - 09:58 AM.

  • 0

#25
Rorschach112
Posted 24 December 2008 - 05:51 PM

Rorschach112

    Ralphie

  • Retired Staff
  • 47,710 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP