Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Keyboard-mouse unstable/ 'timebomb' in scan - D: drive full

Started by CrackerBoy , Nov 29 2009 09:47 AM

  • Please log in to reply

#1
CrackerBoy
Posted 29 November 2009 - 09:47 AM

CrackerBoy

    Member

  • Member
  • PipPip
  • 34 posts
Compaq Presario V5000
XP Media Center Edition SP 2 (NOTE: XO Professional x64 Edition-per Wikepedia)
AMD Turion 64 Mobile (NOTE: Athlon 64 Processor Driver Version 1.2.2.2 in programs)
Technology ML-34
789 Mhz, 896 MB Ram
ACPI Uniprocessor PC
____________
Symptoms:
Keyboard unusable, wrong letters
Mouse <touchpad> unstable, erratic sometime
Warning: Low Disk Space D: <can't resolve with deleting programs, emptying recycle bin

or removing all but the latest restore points>
____________
Avast Thorough Scan Results
Result: Unable to scan the file is a decompression bomb
C:\Documents and Settingsd\User\....\mvs-wanted.avi
C:\Documents and Settingsd\User\....\devise-hancock.avi
C:\Documents and Settingsd\User\....\mvs-wankcock.avi
C:\SWSETUP\HPGame\games\...\msis1.bin
_______________
PROCESS:
Set Restore Point (though the name is funny, keyboard doesn't work)
Ran TFC
Uninstalled
Avast
Games (HP_Bejeweled 2...l, Big Kahuna Reef, Blackhawk Striker 2, Blasterball

2, Boogle Supreme, Bookworm Deluxe, Bounce Symphony, Chuzzle Deluxe, Crystal Maze,

ESPN Motion, FATE, Flip Words, Gemmaster Mystic, HP Game Console and Games
REBOOTED- Add Remove Programs was not responsive..
Ran TFC again, after allowing time for uninstalls to finalize.
REBOOTED
Uninstalled
HP - Imaging Device Functions 6.0
HP - Photosmart Premiere 6.0
HP Rhapsody
Ran TFC & Rebooted
Ran MB, install, update and scan.

____________
HISTORY:
I ran through the process before, without being able to resolve problems with keyboard &

mouse. Tried various scenarios including restoring and updating to SP3; no joy. Here I must admit that I DID NOT FOLLOW INSTRUCTIONS and ran COMBOFIX <I'd noted that it installed the recovery console> this was in direct conflict with the Forum Rules: I apologize, won't do it again. In desperation restored to 'factory delivered condition' and flashed bios, updated all drivers: this produced results for a short period. When browsing through old files, the condition returned. Ran thorough scan with Avast and received the report above. Keyboard still inoperable: I think it possible that after things were good Automatic Updates installed XP updates to the system which were incompatible with this unsupported edition? This report is being posted from another machine, since that keyboard is not available <use of SansDisk>: all windows updates are applied except SP3.
_____________________--
ROOTREPEAL © AD, 2007-2009
==================================================
Scan Start Time: 2009/11/29 10:24
Program Version: Version 1.3.5.0
Windows Version: Windows XP Media Center Edition SP2
==================================================

Drivers
-------------------
Name: 1394BUS.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\1394BUS.SYS
Address: 0xF7542000 Size: 53248 File Visible: - Signed: -
Status: -

Name: ACPI.sys
Image Path: ACPI.sys
Address: 0xF73A3000 Size: 187776 File Visible: - Signed: -
Status: -

Name: ACPI_HAL
Image Path: \Driver\ACPI_HAL
Address: 0x804D7000 Size: 2062976 File Visible: - Signed: -
Status: -

Name: ACPIEC.sys
Image Path: ACPIEC.sys
Address: 0xF78EE000 Size: 11648 File Visible: - Signed: -
Status: -

Name: afd.sys
Image Path: C:\WINDOWS\System32\drivers\afd.sys
Address: 0xEDC89000 Size: 138368 File Visible: - Signed: -
Status: -

Name: aliide.sys
Image Path: aliide.sys
Address: 0xF79DA000 Size: 5248 File Visible: - Signed: -
Status: -

Name: AmdK8.sys
Image Path: C:\WINDOWS\system32\DRIVERS\AmdK8.sys
Address: 0xF76A2000 Size: 57344 File Visible: - Signed: -
Status: -

Name: atapi.sys
Image Path: atapi.sys
Address: 0xF7317000 Size: 95360 File Visible: - Signed: -
Status: -

Name: ati2cqag.dll
Image Path: C:\WINDOWS\System32\ati2cqag.dll
Address: 0xBFA16000 Size: 237568 File Visible: - Signed: -
Status: -

Name: ati2dvag.dll
Image Path: C:\WINDOWS\System32\ati2dvag.dll
Address: 0xBF9D6000 Size: 262144 File Visible: - Signed: -
Status: -

Name: ati2mtag.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
Address: 0xF703F000 Size: 1445888 File Visible: - Signed: -
Status: -

Name: ati3duag.dll
Image Path: C:\WINDOWS\System32\ati3duag.dll
Address: 0xBFA86000 Size: 2494464 File Visible: - Signed: -
Status: -

Name: atikvmag.dll
Image Path: C:\WINDOWS\System32\atikvmag.dll
Address: 0xBFA50000 Size: 221184 File Visible: - Signed: -
Status: -

Name: ativvaxx.dll
Image Path: C:\WINDOWS\System32\ativvaxx.dll
Address: 0xBFCE7000 Size: 606208 File Visible: - Signed: -
Status: -

Name: audstub.sys
Image Path: C:\WINDOWS\system32\DRIVERS\audstub.sys
Address: 0xF7B0A000 Size: 3072 File Visible: - Signed: -
Status: -

Name: BATTC.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\BATTC.SYS
Address: 0xF78EA000 Size: 16384 File Visible: - Signed: -
Status: -

Name: bcmwl5.sys
Image Path: C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
Address: 0xF6DFF000 Size: 1287552 File Visible: - Signed: -
Status: -

Name: Beep.SYS
Image Path: C:\WINDOWS\System32\Drivers\Beep.SYS
Address: 0xF79FA000 Size: 4224 File Visible: - Signed: -
Status: -

Name: BOOTVID.dll
Image Path: C:\WINDOWS\system32\BOOTVID.dll
Address: 0xF78E2000 Size: 12288 File Visible: - Signed: -
Status: -

Name: camc6aud.sys
Image Path: C:\WINDOWS\system32\drivers\camc6aud.sys
Address: 0xF7702000 Size: 38016 File Visible: - Signed: -
Status: -

Name: camc6hal.sys
Image Path: C:\WINDOWS\system32\drivers\camc6hal.sys
Address: 0xF6105000 Size: 349312 File Visible: - Signed: -
Status: -

Name: Cdfs.SYS
Image Path: C:\WINDOWS\System32\Drivers\Cdfs.SYS
Address: 0xEB29C000 Size: 63744 File Visible: - Signed: -
Status: -

Name: cdrom.sys
Image Path: C:\WINDOWS\system32\DRIVERS\cdrom.sys
Address: 0xF76C2000 Size: 49536 File Visible: - Signed: -
Status: -

Name: CLASSPNP.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS
Address: 0xF7512000 Size: 53248 File Visible: - Signed: -
Status: -

Name: CmBatt.sys
Image Path: C:\WINDOWS\system32\DRIVERS\CmBatt.sys
Address: 0xF798E000 Size: 14080 File Visible: - Signed: -
Status: -

Name: compbatt.sys
Image Path: compbatt.sys
Address: 0xF78E6000 Size: 9344 File Visible: - Signed: -
Status: -

Name: disk.sys
Image Path: disk.sys
Address: 0xF7502000 Size: 36352 File Visible: - Signed: -
Status: -

Name: dmio.sys
Image Path: dmio.sys
Address: 0xF732F000 Size: 153344 File Visible: - Signed: -
Status: -

Name: dmload.sys
Image Path: dmload.sys
Address: 0xF79DC000 Size: 5888 File Visible: - Signed: -
Status: -

Name: drmk.sys
Image Path: C:\WINDOWS\system32\drivers\drmk.sys
Address: 0xF7712000 Size: 61440 File Visible: - Signed: -
Status: -

Name: dump_atapi.sys
Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys
Address: 0xEDACB000 Size: 98304 File Visible: No Signed: -
Status: -

Name: dump_WMILIB.SYS
Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS
Address: 0xF7A08000 Size: 8192 File Visible: No Signed: -
Status: -

Name: Dxapi.sys
Image Path: C:\WINDOWS\System32\drivers\Dxapi.sys
Address: 0xF5DEA000 Size: 12288 File Visible: - Signed: -
Status: -

Name: dxg.sys
Image Path: C:\WINDOWS\System32\drivers\dxg.sys
Address: 0xBF9C4000 Size: 73728 File Visible: - Signed: -
Status: -

Name: dxgthk.sys
Image Path: C:\WINDOWS\System32\drivers\dxgthk.sys
Address: 0xF7B5F000 Size: 4096 File Visible: - Signed: -
Status: -

Name: Fastfat.SYS
Image Path: C:\WINDOWS\System32\Drivers\Fastfat.SYS
Address: 0xEDAE3000 Size: 143360 File Visible: - Signed: -
Status: -

Name: Fips.SYS
Image Path: C:\WINDOWS\System32\Drivers\Fips.SYS
Address: 0xF75F2000 Size: 34944 File Visible: - Signed: -
Status: -

Name: fltMgr.sys
Image Path: fltMgr.sys
Address: 0xF72F7000 Size: 128896 File Visible: - Signed: -
Status: -

Name: Fs_Rec.SYS
Image Path: C:\WINDOWS\System32\Drivers\Fs_Rec.SYS
Address: 0xF79F8000 Size: 7936 File Visible: - Signed: -
Status: -

Name: ftdisk.sys
Image Path: ftdisk.sys
Address: 0xF7355000 Size: 125056 File Visible: - Signed: -
Status: -

Name: hal.dll
Image Path: C:\WINDOWS\system32\hal.dll
Address: 0x806CF000 Size: 131712 File Visible: - Signed: -
Status: -

Name: HpqKbFiltr.sys
Image Path: C:\WINDOWS\system32\DRIVERS\HpqKbFiltr.sys
Address: 0xF7802000 Size: 16768 File Visible: - Signed: -
Status: -

Name: HSF_CNXT.sys
Image Path: C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
Address: 0xF5EFB000 Size: 718464 File Visible: - Signed: -
Status: -

Name: HSF_DP.sys
Image Path: C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
Address: 0xF5FAB000 Size: 1035008 File Visible: - Signed: -
Status: -

Name: HSFHWATI.sys
Image Path: C:\WINDOWS\system32\DRIVERS\HSFHWATI.sys
Address: 0xF60A8000 Size: 231424 File Visible: - Signed: -
Status: -

Name: HTTP.sys
Image Path: C:\WINDOWS\System32\Drivers\HTTP.sys
Address: 0xEB173000 Size: 262784 File Visible: - Signed: -
Status: -

Name: i8042prt.sys
Image Path: C:\WINDOWS\system32\DRIVERS\i8042prt.sys
Address: 0xF76E2000 Size: 52736 File Visible: - Signed: -
Status: -

Name: imapi.sys
Image Path: C:\WINDOWS\system32\DRIVERS\imapi.sys
Address: 0xF76B2000 Size: 41856 File Visible: - Signed: -
Status: -

Name: intelide.sys
Image Path: intelide.sys
Address: 0xF79D6000 Size: 5504 File Visible: - Signed: -
Status: -

Name: ipnat.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ipnat.sys
Address: 0xEDBA6000 Size: 134912 File Visible: - Signed: -
Status: -

Name: ipsec.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ipsec.sys
Address: 0xEDD2B000 Size: 74752 File Visible: - Signed: -
Status: -

Name: isapnp.sys
Image Path: isapnp.sys
Address: 0xF74D2000 Size: 35840 File Visible: - Signed: -
Status: -

Name: kbdclass.sys
Image Path: C:\WINDOWS\system32\DRIVERS\kbdclass.sys
Address: 0xF780A000 Size: 24576 File Visible: - Signed: -
Status: -

Name: KDCOM.DLL
Image Path: C:\WINDOWS\system32\KDCOM.DLL
Address: 0xF79D2000 Size: 8192 File Visible: - Signed: -
Status: -

Name: ks.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ks.sys
Address: 0xF6FE5000 Size: 143360 File Visible: - Signed: -
Status: -

Name: KSecDD.sys
Image Path: KSecDD.sys
Address: 0xF72CE000 Size: 92544 File Visible: - Signed: -
Status: -

Name: mdmxsdk.sys
Image Path: C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
Address: 0xEB270000 Size: 11840 File Visible: - Signed: -
Status: -

Name: mnmdd.SYS
Image Path: C:\WINDOWS\System32\Drivers\mnmdd.SYS
Address: 0xF79FC000 Size: 4224 File Visible: - Signed: -
Status: -

Name: Modem.SYS
Image Path: C:\WINDOWS\System32\Drivers\Modem.SYS
Address: 0xF781A000 Size: 30080 File Visible: - Signed: -
Status: -

Name: mouclass.sys
Image Path: C:\WINDOWS\system32\DRIVERS\mouclass.sys
Address: 0xF7812000 Size: 23040 File Visible: - Signed: -
Status: -

Name: MountMgr.sys
Image Path: MountMgr.sys
Address: 0xF74E2000 Size: 42240 File Visible: - Signed: -
Status: -

Name: mrxdav.sys
Image Path: C:\WINDOWS\system32\DRIVERS\mrxdav.sys
Address: 0xEB344000 Size: 179584 File Visible: - Signed: -
Status: -

Name: mrxsmb.sys
Image Path: C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
Address: 0xEDBC7000 Size: 453632 File Visible: - Signed: -
Status: -

Name: Msfs.SYS
Image Path: C:\WINDOWS\System32\Drivers\Msfs.SYS
Address: 0xF785A000 Size: 19072 File Visible: - Signed: -
Status: -

Name: msgpc.sys
Image Path: C:\WINDOWS\system32\DRIVERS\msgpc.sys
Address: 0xF7572000 Size: 35072 File Visible: - Signed: -
Status: -

Name: mssmbios.sys
Image Path: C:\WINDOWS\system32\DRIVERS\mssmbios.sys
Address: 0xF79AA000 Size: 15488 File Visible: - Signed: -
Status: -

Name: Mup.sys
Image Path: Mup.sys
Address: 0xF71F9000 Size: 107904 File Visible: - Signed: -
Status: -

Name: NDIS.sys
Image Path: NDIS.sys
Address: 0xF7214000 Size: 182912 File Visible: - Signed: -
Status: -

Name: ndistapi.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ndistapi.sys
Address: 0xF7992000 Size: 9600 File Visible: - Signed: -
Status: -

Name: ndisuio.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ndisuio.sys
Address: 0xEB947000 Size: 14592 File Visible: - Signed: -
Status: -

Name: ndiswan.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ndiswan.sys
Address: 0xF5EE4000 Size: 91776 File Visible: - Signed: -
Status: -

Name: NDProxy.SYS
Image Path: C:\WINDOWS\System32\Drivers\NDProxy.SYS
Address: 0xF7592000 Size: 38016 File Visible: - Signed: -
Status: -

Name: netbios.sys
Image Path: C:\WINDOWS\system32\DRIVERS\netbios.sys
Address: 0xF75D2000 Size: 34560 File Visible: - Signed: -
Status: -

Name: netbt.sys
Image Path: C:\WINDOWS\system32\DRIVERS\netbt.sys
Address: 0xEDCAB000 Size: 162816 File Visible: - Signed: -
Status: -

Name: Npfs.SYS
Image Path: C:\WINDOWS\System32\Drivers\Npfs.SYS
Address: 0xF7862000 Size: 30848 File Visible: - Signed: -
Status: -

Name: Ntfs.sys
Image Path: Ntfs.sys
Address: 0xF7241000 Size: 574464 File Visible: - Signed: -
Status: -

Name: ntkrnlpa.exe
Image Path: C:\WINDOWS\system32\ntkrnlpa.exe
Address: 0x804D7000 Size: 2062976 File Visible: - Signed: -
Status: -

Name: Null.SYS
Image Path: C:\WINDOWS\System32\Drivers\Null.SYS
Address: 0xF7B9A000 Size: 2944 File Visible: - Signed: -
Status: -

Name: ohci1394.sys
Image Path: ohci1394.sys
Address: 0xF7532000 Size: 61056 File Visible: - Signed: -
Status: -

Name: OPRGHDLR.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\OPRGHDLR.SYS
Address: 0xF7A9B000 Size: 4096 File Visible: - Signed: -
Status: -

Name: PartMgr.sys
Image Path: PartMgr.sys
Address: 0xF775A000 Size: 18688 File Visible: - Signed: -
Status: -

Name: pci.sys
Image Path: pci.sys
Address: 0xF7392000 Size: 68224 File Visible: - Signed: -
Status: -

Name: pciide.sys
Image Path: pciide.sys
Address: 0xF7A9A000 Size: 3328 File Visible: - Signed: -
Status: -

Name: PCIIDEX.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\PCIIDEX.SYS
Address: 0xF7752000 Size: 28672 File Visible: - Signed: -
Status: -

Name: pcmcia.sys
Image Path: pcmcia.sys
Address: 0xF7374000 Size: 119936 File Visible: - Signed: -
Status: -

Name: PnpManager
Image Path: \Driver\PnpManager
Address: 0x804D7000 Size: 2062976 File Visible: - Signed: -
Status: -

Name: portcls.sys
Image Path: C:\WINDOWS\system32\drivers\portcls.sys
Address: 0xF60E1000 Size: 147456 File Visible: - Signed: -
Status: -

Name: psched.sys
Image Path: C:\WINDOWS\system32\DRIVERS\psched.sys
Address: 0xF5E33000 Size: 69120 File Visible: - Signed: -
Status: -

Name: ptilink.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ptilink.sys
Address: 0xF782A000 Size: 17792 File Visible: - Signed: -
Status: -

Name: PxHelp20.sys
Image Path: PxHelp20.sys
Address: 0xF7762000 Size: 20000 File Visible: - Signed: -
Status: -

Name: rasacd.sys
Image Path: C:\WINDOWS\system32\DRIVERS\rasacd.sys
Address: 0xF71B0000 Size: 8832 File Visible: - Signed: -
Status: -

Name: rasl2tp.sys
Image Path: C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
Address: 0xF7722000 Size: 51328 File Visible: - Signed: -
Status: -

Name: raspppoe.sys
Image Path: C:\WINDOWS\system32\DRIVERS\raspppoe.sys
Address: 0xF7732000 Size: 41472 File Visible: - Signed: -
Status: -

Name: raspptp.sys
Image Path: C:\WINDOWS\system32\DRIVERS\raspptp.sys
Address: 0xF7742000 Size: 48384 File Visible: - Signed: -
Status: -

Name: raspti.sys
Image Path: C:\WINDOWS\system32\DRIVERS\raspti.sys
Address: 0xF7832000 Size: 16512 File Visible: - Signed: -
Status: -

Name: RAW
Image Path: \FileSystem\RAW
Address: 0x804D7000 Size: 2062976 File Visible: - Signed: -
Status: -

Name: rdbss.sys
Image Path: C:\WINDOWS\system32\DRIVERS\rdbss.sys
Address: 0xEDC5E000 Size: 174592 File Visible: - Signed: -
Status: -

Name: RDPCDD.sys
Image Path: C:\WINDOWS\System32\DRIVERS\RDPCDD.sys
Address: 0xF79FE000 Size: 4224 File Visible: - Signed: -
Status: -

Name: rdpdr.sys
Image Path: C:\WINDOWS\system32\DRIVERS\rdpdr.sys
Address: 0xF5E02000 Size: 196864 File Visible: - Signed: -
Status: -

Name: redbook.sys
Image Path: C:\WINDOWS\system32\DRIVERS\redbook.sys
Address: 0xF76D2000 Size: 57472 File Visible: - Signed: -
Status: -

Name: rootrepeal.sys
Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys
Address: 0xF6B6F000 Size: 49152 File Visible: No Signed: -
Status: -

Name: Rtnicxp.sys
Image Path: C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
Address: 0xF615B000 Size: 78720 File Visible: - Signed: -
Status: -

Name: Serial.sys
Image Path: Serial.sys
Address: 0xF7522000 Size: 64896 File Visible: - Signed: -
Status: -

Name: sr.sys
Image Path: sr.sys
Address: 0xF72E5000 Size: 73472 File Visible: - Signed: -
Status: -

Name: srv.sys
Image Path: C:\WINDOWS\system32\DRIVERS\srv.sys
Address: 0xEB031000 Size: 333184 File Visible: - Signed: -
Status: -

Name: swenum.sys
Image Path: C:\WINDOWS\system32\DRIVERS\swenum.sys
Address: 0xF79F4000 Size: 4352 File Visible: - Signed: -
Status: -

Name: SynTP.sys
Image Path: C:\WINDOWS\system32\DRIVERS\SynTP.sys
Address: 0xF6F3A000 Size: 193120 File Visible: - Signed: -
Status: -

Name: sysaudio.sys
Image Path: C:\WINDOWS\system32\drivers\sysaudio.sys
Address: 0xEB79B000 Size: 60800 File Visible: - Signed: -
Status: -

Name: tcpip.sys
Image Path: C:\WINDOWS\system32\DRIVERS\tcpip.sys
Address: 0xEDCD3000 Size: 360320 File Visible: - Signed: -
Status: -

Name: TDI.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\TDI.SYS
Address: 0xF7822000 Size: 20480 File Visible: - Signed: -
Status: -

Name: termdd.sys
Image Path: C:\WINDOWS\system32\DRIVERS\termdd.sys
Address: 0xF7582000 Size: 40704 File Visible: - Signed: -
Status: -

Name: update.sys
Image Path: C:\WINDOWS\system32\DRIVERS\update.sys
Address: 0xF5DA6000 Size: 209408 File Visible: - Signed: -
Status: -

Name: USBD.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\USBD.SYS
Address: 0xF79F2000 Size: 8192 File Visible: - Signed: -
Status: -

Name: usbehci.sys
Image Path: C:\WINDOWS\system32\DRIVERS\usbehci.sys
Address: 0xF77FA000 Size: 26624 File Visible: - Signed: -
Status: -

Name: usbhub.sys
Image Path: C:\WINDOWS\system32\DRIVERS\usbhub.sys
Address: 0xF75C2000 Size: 57600 File Visible: - Signed: -
Status: -

Name: usbohci.sys
Image Path: C:\WINDOWS\system32\DRIVERS\usbohci.sys
Address: 0xF77F2000 Size: 17024 File Visible: - Signed: -
Status: -

Name: USBPORT.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\USBPORT.SYS
Address: 0xF7008000 Size: 143360 File Visible: - Signed: -
Status: -

Name: vga.sys
Image Path: C:\WINDOWS\System32\drivers\vga.sys
Address: 0xF7852000 Size: 20992 File Visible: - Signed: -
Status: -

Name: viaide.sys
Image Path: viaide.sys
Address: 0xF79D8000 Size: 5376 File Visible: - Signed: -
Status: -

Name: VIDEOPRT.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\VIDEOPRT.SYS
Address: 0xF702B000 Size: 81920 File Visible: - Signed: -
Status: -

Name: VolSnap.sys
Image Path: VolSnap.sys
Address: 0xF74F2000 Size: 52352 File Visible: - Signed: -
Status: -

Name: wanarp.sys
Image Path: C:\WINDOWS\system32\DRIVERS\wanarp.sys
Address: 0xF7602000 Size: 34560 File Visible: - Signed: -
Status: -

Name: watchdog.sys
Image Path: C:\WINDOWS\System32\watchdog.sys
Address: 0xF789A000 Size: 20480 File Visible: - Signed: -
Status: -

Name: Wdf01000.sys
Image Path: C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
Address: 0xF6F6A000 Size: 503808 File Visible: - Signed: -
Status: -

Name: WDFLDR.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\WDFLDR.SYS
Address: 0xF76F2000 Size: 53248 File Visible: - Signed: -
Status: -

Name: wdmaud.sys
Image Path: C:\WINDOWS\system32\drivers\wdmaud.sys
Address: 0xEB61E000 Size: 82944 File Visible: - Signed: -
Status: -

Name: Win32k
Image Path: \Driver\Win32k
Address: 0xBF800000 Size: 1851392 File Visible: - Signed: -
Status: -

Name: win32k.sys
Image Path: C:\WINDOWS\System32\win32k.sys
Address: 0xBF800000 Size: 1851392 File Visible: - Signed: -
Status: -

Name: wmiacpi.sys
Image Path: C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
Address: 0xF7982000 Size: 8832 File Visible: - Signed: -
Status: -

Name: WMILIB.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\WMILIB.SYS
Address: 0xF79D4000 Size: 8192 File Visible: - Signed: -
Status: -

Name: WMIxWDM
Image Path: \Driver\WMIxWDM
Address: 0x804D7000 Size: 2062976 File Visible: - Signed: -
Status: -

OTL logfile created on: 11/29/2009 10:28:34 AM - Run 1
OTL by OldTimer - Version 3.1.3.3 Folder = C:\Documents and Settings\o\Desktop
Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

894.17 Mb Total Physical Memory | 627.34 Mb Available Physical Memory | 70.16% Memory free
2.12 Gb Paging File | 1.93 Gb Available in Paging File | 91.02% Paging File free
Paging file location(s): C:\pagefile.sys 1344 2688 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 62.67 Gb Total Space | 7.36 Gb Free Space | 11.74% Space Free | Partition Type: NTFS
Drive D: | 11.83 Gb Total Space | 0.00 Gb Free Space | 0.01% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
Drive F: | 3.74 Gb Total Space | 2.58 Gb Free Space | 69.03% Space Free | Partition Type: FAT32
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PC264411574023
Current User Name: o
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2009/11/27 13:56:12 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2009/11/27 13:56:08 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009/11/05 05:22:18 | 00,528,384 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\o\Desktop\OTL.exe
PRC - [2009/02/06 04:41:05 | 00,227,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe
PRC - [2008/12/08 15:50:04 | 00,054,576 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\HP Software Update\hpwuschd2.exe
PRC - [2007/10/19 13:28:02 | 00,202,032 | ---- | M] ( Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
PRC - [2007/06/13 05:23:07 | 01,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/06/16 16:22:46 | 00,794,713 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PRC - [2006/05/02 14:41:28 | 00,135,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
PRC - [2005/12/13 16:45:58 | 00,507,904 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe
PRC - [2005/12/12 13:39:52 | 00,094,208 | ---- | M] (CyberLink Corp.) -- C:\Program Files\HP\QuickPlay\QPService.exe
PRC - [2005/12/08 15:45:12 | 00,516,182 | ---- | M] () -- C:\Program Files\HPQ\shared\HpqToaster.exe
PRC - [2005/11/15 17:23:44 | 00,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2005/11/10 23:05:00 | 00,344,064 | ---- | M] (ATI Technologies, Inc.) -- C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
PRC - [2005/11/10 17:45:00 | 00,389,120 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe
PRC - [2005/11/10 17:45:00 | 00,389,120 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe
PRC - [2005/10/11 08:40:32 | 00,237,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\ehrecvr.exe
PRC - [2005/08/05 23:56:34 | 00,064,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\ehtray.exe
PRC - [2005/08/05 23:56:32 | 00,102,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\ehSched.exe
PRC - [2005/08/05 23:56:28 | 00,046,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\ehmsas.exe
PRC - [2005/08/05 23:27:08 | 00,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\mcrdsvc.exe
PRC - [2004/10/13 11:24:37 | 01,694,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
PRC - [2004/08/10 10:00:00 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
PRC - [2004/07/27 18:50:18 | 00,081,920 | ---- | M] (InstallShield Software Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
PRC - [2004/07/14 15:36:54 | 00,057,344 | ---- | M] (Primax Electronics Ltd.) -- C:\WINDOWS\system32\ICO.EXE


========== Modules (SafeList) ==========

MOD - [2009/11/05 05:22:18 | 00,528,384 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\o\Desktop\OTL.exe
MOD - [2006/08/25 10:45:55 | 01,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
MOD - [2004/08/10 10:00:00 | 00,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll


========== Win32 Services (SafeList) ==========

SRV - [2009/11/27 13:56:08 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2006/05/02 14:41:28 | 00,135,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe -- (hpqwmiex)
SRV - [2005/11/15 17:23:44 | 00,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2005/11/10 17:45:00 | 00,389,120 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller)
SRV - [2005/10/11 08:40:32 | 00,237,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\ehrecvr.exe -- (ehRecvr)
SRV - [2005/08/05 23:56:32 | 00,102,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\ehSched.exe -- (ehSched)
SRV - [2005/08/05 23:27:08 | 00,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\mcrdsvc.exe -- (McrdSvc)
SRV - [2005/08/04 04:29:52 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe -- (UMWdf)
SRV - [2004/10/22 05:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2004/08/10 10:00:00 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll -- (helpsvc)
SRV - [2004/07/15 11:49:26 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe -- (aspnet_state)


========== Driver Services (SafeList) ==========

DRV - [2009/11/28 11:30:17 | 01,294,200 | ---- | M] (Broadcom Corporation) -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2007/11/13 05:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2007/06/18 16:12:04 | 00,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\WINDOWS\system32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2006/06/16 15:40:56 | 00,193,120 | ---- | M] (Synaptics, Inc.) -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2005/11/10 17:51:00 | 01,396,224 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005/09/30 06:11:00 | 00,078,720 | ---- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2005/09/20 05:30:56 | 00,162,432 | ---- | M] (Texas Instruments) -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2005/08/22 04:06:00 | 01,035,008 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2005/08/22 04:06:00 | 00,718,464 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2005/08/22 04:06:00 | 00,231,424 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\HSFHWATI.sys -- (HSFHWATI)
DRV - [2005/08/18 03:22:54 | 00,056,648 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2005/08/01 18:00:00 | 00,349,312 | ---- | M] (Conexant Systems Inc.) -- C:\WINDOWS\system32\drivers\camc6hal.sys -- (CAMCHALA)
DRV - [2005/08/01 17:58:00 | 00,038,016 | ---- | M] (Conexant Systems Inc.) -- C:\WINDOWS\system32\drivers\camc6aud.sys -- (CAMCAUD)
DRV - [2005/04/25 04:03:00 | 00,020,640 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2005/03/09 17:53:00 | 00,036,352 | ---- | M] (Advanced Micro Devices) -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2004/08/10 10:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2004/08/04 01:31:34 | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation) -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139)
DRV - [2004/03/16 23:04:00 | 00,013,059 | ---- | M] (Conexant) -- C:\WINDOWS\system32\drivers\mdmxsdk.sys -- (mdmxsdk)
DRV - [2001/08/17 23:51:56 | 00,005,248 | ---- | M] (Acer Laboratories Inc.) -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...a...o&pf=laptop
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {3112ca9c-de6d-4884-a869-9855de68056c}:6.1.20091019W
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.6

FF - HKLM\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009/11/25 09:28:46 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Netscape Browser 8.0.3.4\Extensions\\Components: C:\Program Files\Netscape\Netscape Browser\Components [2009/11/27 14:29:18 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Netscape Browser 8.0.3.4\Extensions\\Plugins: C:\Program Files\Netscape\Netscape Browser\Plugins [2009/11/27 14:29:29 | 00,000,000 | ---D | M]

[2009/11/28 06:41:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\o\Application Data\Mozilla\Extensions
[2009/11/28 06:41:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\o\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/11/28 06:41:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\o\Application Data\Mozilla\Firefox\Profiles\djih8wzn.default\extensions
[2009/11/27 08:25:59 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/11/26 04:40:33 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/01/20 00:08:56 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2009/01/20 00:08:57 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2009/01/20 00:08:58 | 00,065,528 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2006/10/26 20:12:16 | 00,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
[2009/02/27 13:13:42 | 00,103,792 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
[2009/01/19 18:28:04 | 00,001,394 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom.xml
[2009/01/19 18:28:04 | 00,002,193 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\answers.xml
[2009/01/19 18:28:04 | 00,001,534 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\creativecommons.xml
[2009/01/19 18:28:04 | 00,002,343 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay.xml
[2009/01/19 18:28:04 | 00,001,706 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2009/11/26 04:52:43 | 00,002,024 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\McSiteAdvisor.xml
[2009/11/26 04:40:38 | 00,002,221 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\SafeSearch.xml
[2009/01/19 18:28:04 | 00,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia.xml
[2009/01/19 18:28:04 | 00,000,792 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo.xml

O1 HOSTS File: (734 bytes) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O4 - HKLM..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe (ATI Technologies, Inc.)
O4 - HKLM..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\Cpqset.exe ()
O4 - HKLM..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe (Microsoft Corporation)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\hpwuschd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpWirelessAssistant] C:\Program Files\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [Mouse Suite 98 Daemon] C:\WINDOWS\System32\ICO.EXE (Primax Electronics Ltd.)
O4 - HKLM..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe ( Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [QPService] C:\Program Files\HP\QuickPlay\QPService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RecGuard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [Reminder] C:\WINDOWS\CREATOR\Remind_XP.exe (SoftThinks)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKCU..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\o\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_674125AABFE11C21.dll File not found
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.micr...78f/wvc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1259350053167 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2001/07/27 22:07:38 | 00,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2009/11/27 15:07:26 | 00,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: helpsvc - C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll (Microsoft Corporation)

========== Files/Folders - Created Within 30 Days ==========

[2009/11/29 10:10:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\o\Application Data\Malwarebytes
[2009/11/29 10:10:03 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/11/29 10:10:01 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/11/29 09:23:39 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2009/11/29 09:16:37 | 00,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xmllite.dll
[2009/11/28 16:15:03 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2009/11/28 13:00:58 | 00,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2009/11/28 12:52:17 | 00,000,000 | ---D | C] -- C:\WINDOWS\_PrimaxInstallTempDir1
[2009/11/28 12:25:13 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Comodo
[2009/11/28 12:25:08 | 00,171,552 | ---- | C] (COMODO) -- C:\WINDOWS\System32\guard32.dll
[2009/11/28 12:25:08 | 00,132,808 | ---- | C] (COMODO) -- C:\WINDOWS\System32\drivers\cmdguard.sys
[2009/11/28 12:25:08 | 00,087,104 | ---- | C] (COMODO) -- C:\WINDOWS\System32\drivers\inspect.sys
[2009/11/28 12:25:08 | 00,025,160 | ---- | C] (COMODO) -- C:\WINDOWS\System32\drivers\cmdhlp.sys
[2009/11/28 12:25:04 | 00,000,000 | ---D | C] -- C:\Program Files\COMODO
[2009/11/28 12:18:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\o\My Documents\GeekRecommended
[2009/11/28 11:57:36 | 00,000,000 | RHSD | C] -- C:\cmdcons
[2009/11/28 11:43:28 | 00,000,000 | ---D | C] -- C:\Program Files\HP Wireless Laser Mini Mouse
[2009/11/28 11:39:36 | 00,471,040 | ---- | C] (TODO: <Company name>) -- C:\WINDOWS\System32\NOTIFIER.DLL
[2009/11/28 11:39:36 | 00,159,854 | ---- | C] (Primax Electronics Ltd.) -- C:\WINDOWS\System32\PMARIA.DLL
[2009/11/28 11:39:36 | 00,077,824 | ---- | C] (Primax Electronics Ltd.) -- C:\WINDOWS\System32\PMPoPo.DLL
[2009/11/28 11:39:36 | 00,065,536 | ---- | C] (Primax Electronics Ltd.) -- C:\WINDOWS\System32\PMIBM.DLL
[2009/11/28 11:39:36 | 00,057,344 | ---- | C] (Primax Electronics Ltd.) -- C:\WINDOWS\System32\ICONSPY.EXE
[2009/11/28 11:39:36 | 00,057,344 | ---- | C] (Primax Electronics Ltd.) -- C:\WINDOWS\System32\ICO.EXE
[2009/11/28 11:39:36 | 00,045,056 | ---- | C] (Primax Electronics Ltd.) -- C:\WINDOWS\System32\PELRESS.DLL
[2009/11/28 11:39:36 | 00,040,960 | ---- | C] (Primax Electronics Ltd.) -- C:\WINDOWS\System32\PMTilt3.DLL
[2009/11/28 11:39:36 | 00,040,960 | ---- | C] (Primax Electronics Ltd.) -- C:\WINDOWS\System32\PMPOPO2.dll
[2009/11/28 11:39:35 | 00,024,576 | ---- | C] (Primax Electronics Ltd.) -- C:\WINDOWS\System32\PELSETUP.DLL
[2009/11/28 11:39:35 | 00,009,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\HIDUSB.SYS
[2009/11/28 11:39:35 | 00,009,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidusb.sys
[2009/11/28 11:39:34 | 00,650,532 | ---- | C] (Primax Electronics Ltd.) -- C:\WINDOWS\System32\HPBDO.DLL
[2009/11/28 11:39:34 | 00,294,912 | ---- | C] (Primax Electronics Ltd.) -- C:\WINDOWS\System32\HPWHEEL.DLL
[2009/11/28 11:39:34 | 00,241,664 | ---- | C] (Primax Electronics Ltd.) -- C:\WINDOWS\System32\PELUTIL.DLL
[2009/11/28 11:39:34 | 00,229,376 | ---- | C] (Primax Electronics Ltd.) -- C:\WINDOWS\System32\PMUNINST.EXE
[2009/11/28 11:39:34 | 00,215,040 | ---- | C] (Primax Electronics Ltd.) -- C:\WINDOWS\System32\HPPPM.DLL
[2009/11/28 11:39:34 | 00,147,456 | ---- | C] (Primax Electronics Ltd.) -- C:\WINDOWS\System32\PELMICED.EXE
[2009/11/28 11:39:34 | 00,126,976 | ---- | C] (Primax Electronics Ltd.) -- C:\WINDOWS\System32\PELSCRLL.DLL
[2009/11/28 11:39:34 | 00,094,208 | ---- | C] (Primax Electronics Ltd.) -- C:\WINDOWS\System32\PELZOOM.DLL
[2009/11/28 11:39:34 | 00,073,728 | ---- | C] (Primax Electronics Ltd.) -- C:\WINDOWS\System32\PELHOOKS.DLL
[2009/11/28 11:39:34 | 00,049,152 | ---- | C] (Primax Electronics Ltd.) -- C:\WINDOWS\System32\PELCOMM.DLL
[2009/11/28 11:39:34 | 00,036,864 | ---- | C] (Primax Electronics Ltd.) -- C:\WINDOWS\System32\PMUNINNT.EXE
[2009/11/28 11:39:34 | 00,016,512 | ---- | C] (Primax Electronics Ltd.) -- C:\WINDOWS\System32\drivers\PELMOUSE.SYS
[2009/11/28 11:39:34 | 00,013,184 | ---- | C] (Primax Electronics Ltd.) -- C:\WINDOWS\System32\drivers\PELUSBlf.SYS
[2009/11/28 11:39:32 | 00,000,000 | ---D | C] -- C:\WINDOWS\_PrimaxInstallTempDir0
[2009/11/28 11:38:44 | 00,000,000 | ---D | C] -- C:\Program Files\HP Optical USB Mobile Mouse
[2009/11/28 11:33:29 | 00,000,000 | ---D | C] -- C:\Program Files\HP DVB-T TV Tuner
[2009/11/28 11:30:23 | 00,087,328 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\bcmwlcoi.dll
[2009/11/28 11:30:20 | 00,000,000 | ---D | C] -- C:\Program Files\Broadcom
[2009/11/28 11:29:29 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2009/11/28 11:28:53 | 00,176,128 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\bcmwlu00.EXE
[2009/11/28 11:28:52 | 00,069,632 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\bcmwlD2K.EXE
[2009/11/28 11:12:24 | 00,000,000 | ---D | C] -- C:\Program Files\Intel
[2009/11/28 10:55:32 | 00,000,000 | ---D | C] -- C:\W309BF54
[2009/11/28 10:53:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\o\My Documents\David-Jen
[2009/11/28 09:35:03 | 00,457,448 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\o\Desktop\WindowsXP-KB887742-x86-ENU.exe
[2009/11/28 09:19:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Media Center Shortcuts
[2009/11/28 08:38:27 | 01,560,576 | ---- | C] (Hewlett-Packard Company) -- C:\WINDOWS\System32\BttnCmns_64.dll
[2009/11/28 08:38:27 | 01,560,576 | ---- | C] (Hewlett-Packard Company) -- C:\WINDOWS\System32\BttnCmns.dll
[2009/11/28 08:38:27 | 01,419,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfcoinstaller01005.dll
[2009/11/28 08:38:27 | 00,987,136 | ---- | C] (Hewlett-Packard Company) -- C:\WINDOWS\System32\BttnCmn.dll
[2009/11/28 08:38:27 | 00,016,768 | ---- | C] (Hewlett-Packard Development Company, L.P.) -- C:\WINDOWS\System32\drivers\HpqKbFiltr.sys
[2009/11/28 08:38:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\o\Application Data\InstallShield
[2009/11/28 08:31:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\o\My Documents\New Folder
[2009/11/28 06:51:42 | 26,768,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
[2009/11/28 06:48:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot_bak
[2009/11/28 06:40:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\o\Local Settings\Application Data\Mozilla
[2009/11/28 06:40:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\o\Application Data\Mozilla
[2009/11/27 15:37:17 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltmc.exe
[2009/11/27 15:37:16 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltlib.dll
[2009/11/27 15:37:15 | 00,128,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltmgr.sys
[2009/11/27 15:30:09 | 00,046,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tzchange.exe
[2009/11/27 15:25:57 | 00,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Thawbrkr.dll
[2009/11/27 15:25:57 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\c_iscii.dll
[2009/11/27 15:25:57 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdusa.dll
[2009/11/27 15:25:56 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ftlx041e.dll
[2009/11/27 15:20:03 | 00,153,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\triedit.dll
[2009/11/27 15:16:17 | 00,655,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstscax.dll
[2009/11/27 15:16:01 | 00,128,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dhtmled.ocx
[2009/11/27 15:11:41 | 00,401,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcss.dll
[2009/11/27 15:11:41 | 00,284,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pdh.dll
[2009/11/27 15:11:41 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\colbact.dll
[2009/11/27 15:11:41 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sc.exe
[2009/11/27 15:11:40 | 00,473,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fastprox.dll
[2009/11/27 15:11:40 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvse.exe
[2009/11/27 15:11:40 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\services.exe
[2009/11/27 15:11:39 | 00,715,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntdll.dll
[2009/11/27 15:11:39 | 00,617,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\advapi32.dll
[2009/11/27 15:11:38 | 02,142,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2009/11/27 15:11:36 | 02,185,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2009/11/27 15:11:35 | 02,020,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2009/11/27 15:11:34 | 02,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlpa.exe
[2009/11/27 15:11:07 | 00,215,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wordpad.exe
[2009/11/27 15:09:51 | 00,333,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srv.sys
[2009/11/27 15:08:29 | 01,172,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml3.dll
[2009/11/27 15:08:01 | 00,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll
[2009/11/27 15:05:32 | 00,272,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthport.sys
[2009/11/27 15:05:32 | 00,272,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys
[2009/11/27 15:05:15 | 00,202,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rmcast.sys
[2009/11/27 14:35:37 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2009/11/27 14:32:24 | 00,528,384 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\o\Desktop\OTL.exe
[2009/11/27 14:32:11 | 00,791,393 | ---- | C] (Lars Hederer ) -- C:\Documents and Settings\o\Desktop\erunt_setup.exe
[2009/11/27 14:32:03 | 04,045,536 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\o\Desktop\mbam-setup.exe
[2009/11/27 14:31:58 | 00,472,064 | ---- | C] ( ) -- C:\Documents and Settings\o\Desktop\RootRepeal.exe
[2009/11/27 14:31:55 | 00,339,456 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\o\Desktop\TFC.exe
[2009/11/27 14:31:39 | 03,012,768 | ---- | C] (Javacool Software LLC ) -- C:\Documents and Settings\o\Desktop\spywareblastersetup42.exe
[2009/11/27 14:31:36 | 15,452,536 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\o\Desktop\IE7-WindowsXP-x86-enu.exe
[2009/11/27 14:31:36 | 03,169,488 | ---- | C] (Uniblue Systems Ltd. ) -- C:\Documents and Settings\o\Desktop\driverscanner.exe
[2009/11/27 14:31:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\o\Desktop\FileHippo
[2009/11/27 14:30:26 | 00,026,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\USBSTOR.SYS
[2009/11/27 14:30:26 | 00,026,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbstor.sys
[2009/11/27 14:28:08 | 00,044,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups2.dll
[2009/11/27 14:28:08 | 00,021,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll.mui
[2009/11/27 14:28:07 | 00,017,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng.dll.mui
[2009/11/27 14:28:07 | 00,015,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaucpl.cpl.mui
[2009/11/27 14:28:07 | 00,015,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll.mui
[2009/11/27 14:28:07 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2009/11/27 14:25:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Google
[2009/11/27 14:24:46 | 00,000,000 | ---D | C] -- C:\Documents and Settings\o\Local Settings\Application Data\Temp
[2009/11/27 13:58:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\o\Application Data\HpUpdate
[2009/11/27 13:56:38 | 00,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deploytk.dll
[2009/11/27 13:56:38 | 00,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2009/11/27 13:56:38 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2009/11/27 13:56:38 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2009/11/27 13:56:38 | 00,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2009/11/27 13:54:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\o\Application Data\Sun
[2009/11/27 13:53:52 | 00,000,000 | --SD | C] -- C:\Documents and Settings\o\UserData
[2009/11/27 13:53:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\o\Application Data\Macromedia
[2009/11/27 13:47:34 | 00,047,104 | ---- | C] (Hewlett-Packard Development Company, L.P.) -- C:\WINDOWS\System32\WACntlPnl.cpl
[2009/11/27 13:35:23 | 00,000,000 | ---D | C] -- C:\Documents and Settings\o\Application Data\Intuit
[2009/11/27 13:35:23 | 00,000,000 | ---D | C] -- C:\Documents and Settings\o\Application Data\Identities
[2009/11/27 13:35:22 | 00,000,000 | --SD | C] -- C:\Documents and Settings\o\Application Data\Microsoft
[2009/11/27 13:35:22 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\o\Application Data
[2009/11/27 13:35:22 | 00,000,000 | R--D | C] -- C:\Documents and Settings\o\Favorites
[2009/11/27 13:35:22 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\o\Cookies
[2009/11/27 13:35:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\o\Desktop
[2009/11/27 13:35:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\o\Local Settings\Application Data\HP
[2009/11/27 13:35:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\o\Local Settings\Application Data\Google
[2009/11/27 13:35:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\o\Local Settings\Application Data\ApplicationHistory
[2009/11/27 13:35:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\o\Application Data\Symantec
[2009/11/27 13:35:21 | 00,000,000 | R--D | C] -- C:\Documents and Settings\o\My Documents\My Videos
[2009/11/27 13:35:21 | 00,000,000 | R--D | C] -- C:\Documents and Settings\o\My Documents\My Pictures
[2009/11/27 13:35:21 | 00,000,000 | R--D | C] -- C:\Documents and Settings\o\My Documents\My Music
[2009/11/27 13:35:21 | 00,000,000 | R--D | C] -- C:\Documents and Settings\o\My Documents
[2009/11/27 13:35:21 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\o\Local Settings
[2009/11/27 13:35:21 | 00,000,000 | ---D | C] -- C:\Documents and Settings\o\Local Settings\Application Data\Microsoft
[2009/11/27 13:35:21 | 00,000,000 | ---D | C] -- C:\Documents and Settings\o\Local Settings\Application Data\IsolatedStorage
[2009/11/27 13:35:21 | 00,000,000 | ---D | C] -- C:\Documents and Settings\o\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150060}
[2009/11/27 13:35:20 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\o\SendTo
[2009/11/27 13:35:20 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\o\Recent
[2009/11/27 13:35:20 | 00,000,000 | R--D | C] -- C:\Documents and Settings\o\Start Menu
[2009/11/27 13:35:20 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\o\Templates
[2009/11/27 13:35:20 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\o\PrintHood
[2009/11/27 13:35:20 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\o\NetHood
[2009/11/27 09:49:31 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/11/26 09:47:31 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2009/11/26 09:10:30 | 00,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2009/11/26 07:30:52 | 00,000,000 | ---D | C] -- C:\Program Files\SP36691
[2009/11/26 07:27:32 | 00,000,000 | ---D | C] -- C:\WINDOWS\OPTIONS
[2009/11/26 07:21:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\microsoft
[2009/11/26 07:15:17 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live
[2009/11/26 06:47:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/11/26 06:06:10 | 00,000,000 | ---D | C] -- C:\Program Files\FileHippo.com
[2009/11/26 04:00:03 | 00,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2009/11/26 04:00:03 | 00,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2009/11/26 04:00:03 | 00,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2009/11/26 04:00:03 | 00,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2009/11/26 03:59:33 | 00,000,000 | ---D | C] -- C:\Qoobox
[2009/11/25 19:18:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/11/25 19:15:14 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/11/25 19:14:07 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT

========== Files - Modified Within 30 Days ==========

[2009/11/29 10:29:28 | 01,048,576 | ---- | M] () -- C:\Documents and Settings\o\ntuser.dat
[2009/11/29 10:23:28 | 00,000,015 | ---- | M] () -- C:\Documents and Settings\o\Desktop\settings.dat
[2009/11/29 10:20:51 | 00,000,273 | ---- | M] () -- C:\hpqp.ini
[2009/11/29 10:20:51 | 00,000,039 | ---- | M] () -- C:\XP_TV.ini
[2009/11/29 10:20:43 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/11/29 10:20:40 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/11/29 10:20:36 | 93,767,6800 | -HS- | M] () -- C:\hiberfil.sys
[2009/11/29 10:19:33 | 00,000,178 | -HS- | M] () -- C:\Documents and Settings\o\ntuser.ini
[2009/11/29 10:10:06 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/11/29 10:08:28 | 00,235,960 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/11/29 09:44:10 | 00,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2009/11/29 09:38:50 | 00,000,786 | ---- | M] () -- C:\Documents and Settings\o\Desktop\Windows Media Player.lnk
[2009/11/29 09:18:01 | 00,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/11/28 16:18:13 | 00,000,031 | ---- | M] () -- C:\WINDOWS\QUICKEN.INI
[2009/11/28 12:44:43 | 00,856,064 | ---- | M] () -- C:\Documents and Settings\o\NTUSER.bak
[2009/11/28 12:25:04 | 00,171,552 | ---- | M] (COMODO) -- C:\WINDOWS\System32\guard32.dll
[2009/11/28 12:25:04 | 00,132,808 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\cmdguard.sys
[2009/11/28 12:25:04 | 00,087,104 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\inspect.sys
[2009/11/28 12:25:04 | 00,025,160 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\cmdhlp.sys
[2009/11/28 12:14:46 | 00,000,767 | ---- | M] () -- C:\Documents and Settings\o\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2009/11/28 12:14:35 | 00,000,611 | ---- | M] () -- C:\Documents and Settings\o\Desktop\NTREGOPT.lnk
[2009/11/28 12:14:35 | 00,000,592 | ---- | M] () -- C:\Documents and Settings\o\Desktop\ERUNT.lnk
[2009/11/28 12:04:31 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/11/28 11:57:47 | 00,000,279 | RHS- | M] () -- C:\boot.ini
[2009/11/28 11:31:46 | 00,439,376 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/11/28 11:31:46 | 00,380,918 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/11/28 11:31:46 | 00,053,166 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/11/28 11:30:17 | 01,294,200 | ---- | M] (Broadcom Corporation) -- C:\WINDOWS\System32\drivers\BCMWL5.SYS
[2009/11/28 11:30:17 | 00,087,328 | ---- | M] (Broadcom Corporation) -- C:\WINDOWS\System32\bcmwlcoi.dll
[2009/11/28 11:15:31 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\o\Application Data\wklnhst.dat
[2009/11/28 11:15:30 | 00,000,814 | ---- | M] () -- C:\Documents and Settings\o\Desktop\Microsoft Works Task Launcher.LNK
[2009/11/28 09:35:12 | 00,457,448 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\o\Desktop\WindowsXP-KB887742-x86-ENU.exe
[2009/11/28 09:34:37 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/11/28 09:23:59 | 00,000,555 | ---- | M] () -- C:\Documents and Settings\o\Desktop\Media Center Shortcuts.lnk
[2009/11/28 08:39:47 | 00,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_HpqKbFiltr_01005.Wdf
[2009/11/28 08:39:41 | 00,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
[2009/11/27 15:35:23 | 00,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2009/11/27 13:56:06 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2009/11/27 13:56:05 | 00,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2009/11/27 13:56:05 | 00,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2009/11/27 13:56:05 | 00,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2009/11/27 13:56:03 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deploytk.dll
[2009/11/27 13:51:52 | 00,001,833 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Easy Internet Sign-up.lnk
[2009/11/27 13:40:43 | 00,000,124 | ---- | M] () -- C:\Documents and Settings\o\Local Settings\Application Data\fusioncache.dat
[2009/11/27 13:33:12 | 00,002,740 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2009/11/27 13:32:58 | 00,262,144 | ---- | M] () -- C:\Documents and Settings\All Users\NTUSER.DAT
[2009/11/27 13:32:46 | 00,000,209 | ---- | M] () -- C:\Boot.bak
[2009/11/27 13:31:02 | 00,000,349 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Register your Notebook.URL
[2009/11/26 08:05:42 | 00,000,094 | ---- | M] () -- C:\WINDOWS\family.ini
[2009/11/26 04:40:56 | 00,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2009/11/26 04:40:37 | 00,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2009/11/22 06:23:32 | 03,572,239 | R--- | M] () -- C:\Documents and Settings\o\Desktop\ComboFix.exe
[2009/11/20 10:38:18 | 02,062,665 | ---- | M] () -- C:\Documents and Settings\o\Desktop\spywareguardsetup.exe
[2009/11/20 06:34:40 | 07,265,408 | ---- | M] () -- C:\Documents and Settings\o\Desktop\saSetup3.0.1.152.exe
[2009/11/20 06:27:34 | 00,150,527 | ---- | M] () -- C:\Documents and Settings\o\Desktop\hosts.zip
[2009/11/20 06:25:54 | 03,012,768 | ---- | M] (Javacool Software LLC ) -- C:\Documents and Settings\o\Desktop\spywareblastersetup42.exe
[2009/11/20 06:23:50 | 03,169,488 | ---- | M] (Uniblue Systems Ltd. ) -- C:\Documents and Settings\o\Desktop\driverscanner.exe
[2009/11/19 16:57:34 | 15,452,536 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\o\Desktop\IE7-WindowsXP-x86-enu.exe
[2009/11/14 01:47:57 | 00,260,608 | ---- | M] () -- C:\WINDOWS\PEV.exe
[2009/11/13 05:58:08 | 00,339,456 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\o\Desktop\TFC.exe
[2009/11/05 09:36:22 | 26,768,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
[2009/11/05 05:22:18 | 00,528,384 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\o\Desktop\OTL.exe
[2009/11/05 05:21:14 | 00,472,064 | ---- | M] ( ) -- C:\Documents and Settings\o\Desktop\RootRepeal.exe
[2009/11/05 05:20:10 | 04,045,536 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\o\Desktop\mbam-setup.exe
[2009/11/05 05:19:04 | 00,791,393 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\o\Desktop\erunt_setup.exe

========== Files Created - No Company Name ==========

[2009/11/29 10:21:53 | 00,000,015 | ---- | C] () -- C:\Documents and Settings\o\Desktop\settings.dat
[2009/11/29 10:10:06 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/11/29 09:38:50 | 00,000,786 | ---- | C] () -- C:\Documents and Settings\o\Desktop\Windows Media Player.lnk
[2009/11/28 12:14:46 | 00,000,767 | ---- | C] () -- C:\Documents and Settings\o\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2009/11/28 12:14:35 | 00,000,611 | ---- | C] () -- C:\Documents and Settings\o\Desktop\NTREGOPT.lnk
[2009/11/28 12:14:35 | 00,000,592 | ---- | C] () -- C:\Documents and Settings\o\Desktop\ERUNT.lnk
[2009/11/28 11:57:42 | 00,260,272 | ---- | C] () -- C:\cmldr
[2009/11/28 11:53:52 | 01,048,576 | ---- | C] () -- C:\Documents and Settings\o\ntuser.dat
[2009/11/28 11:53:52 | 00,856,064 | ---- | C] () -- C:\Documents and Settings\o\NTUSER.bak
[2009/11/28 11:39:38 | 02,680,859 | ---- | C] () -- C:\WINDOWS\System32\ms98.cab
[2009/11/28 11:39:38 | 00,030,166 | ---- | C] () -- C:\WINDOWS\System32\phidmou.inf
[2009/11/28 11:39:38 | 00,009,808 | ---- | C] () -- C:\WINDOWS\System32\ms99.cat
[2009/11/28 11:39:38 | 00,008,181 | ---- | C] () -- C:\WINDOWS\System32\Setup2k.ini
[2009/11/28 11:39:38 | 00,000,184 | ---- | C] () -- C:\WINDOWS\System32\presetup.ini
[2009/11/28 11:39:36 | 00,114,688 | ---- | C] () -- C:\WINDOWS\System32\XMOUSE.CPL
[2009/11/28 11:39:36 | 00,003,099 | ---- | C] () -- C:\WINDOWS\System32\HPMICE.PCX
[2009/11/28 11:15:31 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\o\Application Data\wklnhst.dat
[2009/11/28 11:15:30 | 00,000,814 | ---- | C] () -- C:\Documents and Settings\o\Desktop\Microsoft Works Task Launcher.LNK
[2009/11/28 09:23:58 | 00,000,555 | ---- | C] () -- C:\Documents and Settings\o\Desktop\Media Center Shortcuts.lnk
[2009/11/28 08:43:09 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\o\Local Settings\Application Data\QSwitch.txt
[2009/11/28 08:43:09 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\o\Local Settings\Application Data\DSwitch.txt
[2009/11/28 08:43:09 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\o\Local Settings\Application Data\AtStart.txt
[2009/11/28 08:39:47 | 00,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_HpqKbFiltr_01005.Wdf
[2009/11/28 08:39:41 | 00,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
[2009/11/27 15:27:20 | 00,000,349 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Register your Notebook.URL
[2009/11/27 15:25:57 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28596.NLS
[2009/11/27 15:25:57 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10004.nls
[2009/11/27 15:25:56 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_864.nls
[2009/11/27 15:25:56 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_862.nls
[2009/11/27 15:25:56 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_720.nls
[2009/11/27 15:25:56 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_708.nls
[2009/11/27 15:25:56 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10021.nls
[2009/11/27 15:25:56 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10005.nls
[2009/11/27 15:11:08 | 01,193,414 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sysmain.sdb
[2009/11/27 14:32:19 | 03,572,239 | R--- | C] () -- C:\Documents and Settings\o\Desktop\ComboFix.exe
[2009/11/27 14:31:39 | 07,265,408 | ---- | C] () -- C:\Documents and Settings\o\Desktop\saSetup3.0.1.152.exe
[2009/11/27 14:31:39 | 02,062,665 | ---- | C] () -- C:\Documents and Settings\o\Desktop\spywareguardsetup.exe
[2009/11/27 14:31:36 | 00,150,527 | ---- | C] () -- C:\Documents and Settings\o\Desktop\hosts.zip
[2009/11/27 13:38:36 | 00,001,833 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Easy Internet Sign-up.lnk
[2009/11/27 13:35:29 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\o\Application Data\desktop.ini
[2009/11/27 13:35:27 | 00,000,992 | ---- | C] () -- C:\Documents and Settings\o\Desktop\Help and Support.lnk
[2009/11/27 13:35:25 | 00,048,376 | ---- | C] () -- C:\Documents and Settings\o\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/11/27 13:35:25 | 00,000,124 | ---- | C] () -- C:\Documents and Settings\o\Local Settings\Application Data\fusioncache.dat
[2009/11/27 13:35:24 | 04,306,322 | -H-- | C] () -- C:\Documents and Settings\o\Local Settings\Application Data\IconCache.db
[2009/11/27 13:35:20 | 00,000,178 | -HS- | C] () -- C:\Documents and Settings\o\ntuser.ini
[2009/11/27 13:34:42 | 93,767,6800 | -HS- | C] () -- C:\hiberfil.sys
[2009/11/26 08:05:42 | 00,000,094 | ---- | C] () -- C:\WINDOWS\family.ini
[2009/11/26 04:40:56 | 00,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/11/26 04:40:37 | 00,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2009/11/26 04:07:35 | 00,000,209 | ---- | C] () -- C:\Boot.bak
[2009/11/26 04:00:03 | 00,260,608 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2009/11/26 04:00:03 | 00,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2009/11/26 04:00:03 | 00,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2009/11/26 04:00:03 | 00,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2009/11/26 04:00:03 | 00,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2006/06/29 13:58:52 | 00,030,808 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont
[2006/06/29 13:53:56 | 00,026,489 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/06/19 03:55:13 | 00,000,031 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2006/06/19 03:53:19 | 00,000,698 | ---- | C] () -- C:\WINDOWS\NSSetDefaultBrowser.ini
[2006/06/19 03:37:38 | 00,000,059 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2006/06/19 03:18:26 | 00,028,836 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2006/06/19 03:16:00 | 00,003,393 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2006/04/18 14:39:28 | 00,029,779 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/04/18 14:39:28 | 00,026,040 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2005/12/02 05:09:10 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/08/17 12:39:42 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/08/17 12:21:06 | 00,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2005/08/17 11:59:14 | 00,000,477 | ---- | C] () -- C:\WINDOWS\win.ini
[2005/08/17 04:45:30 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
[2005/08/17 04:45:06 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini
[2005/08/06 00:01:54 | 00,239,104 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll

========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >

< %SYSTEMDRIVE%\eventlog.dll /s /md5 >
[2004/08/10 10:00:00 | 00,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
[2004/08/10 10:00:00 | 00,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\ERDNT\cache\eventlog.dll
[2008/04/13 19:11:53 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/13 19:11:53 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\eventlog.dll
[2004/08/10 10:00:00 | 00,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\system32\eventlog.dll

< %SYSTEMDRIVE%\scecli.dll /s /md5 >
[2004/08/10 10:00:00 | 00,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2004/08/10 10:00:00 | 00,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\ERDNT\cache\scecli.dll
[2008/04/13 19:12:05 | 00,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/13 19:12:05 | 00,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\scecli.dll
[2004/08/10 10:00:00 | 00,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\system32\scecli.dll

< %SYSTEMDRIVE%\netlogon.dll /s /md5 >
[2004/08/10 10:00:00 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2004/08/10 10:00:00 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtUninstallKB968389$\netlogon.dll
[2009/02/06 13:46:09 | 00,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$NtUninstallKB975467$\netlogon.dll
[2009/02/06 13:46:09 | 00,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\ERDNT\cache\netlogon.dll
[2008/04/13 19:12:01 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2009/02/06 13:46:09 | 00,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\SoftwareDistribution\Download\78cf8552430e25a8f24bc1e4dfb1970e\sp2qfe\netlogon.dll
[2008/04/13 19:12:01 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\netlogon.dll
[2009/02/06 13:46:09 | 00,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\SoftwareDistribution\Download\de81b460c3abcfc5b8494c785a5f3944\sp2qfe\netlogon.dll
[2009/02/06 13:46:09 | 00,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\system32\netlogon.dll
[2009/02/06 13:46:09 | 00,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\system32\dllcache\netlogon.dll

< %SYSTEMDRIVE%\cngaudit.dll /s /md5 >

< %SYSTEMDRIVE%\sceclt.dll /s /md5 >

< %SYSTEMDRIVE%\ntelogon.dll /s /md5 >

< %SYSTEMDRIVE%\logevent.dll /s /md5 >

< %SYSTEMDRIVE%\iaStor.sys /s /md5 >

< %SYSTEMDRIVE%\nvstor.sys /s /md5 >

< %SYSTEMDRIVE%\atapi.sys /s /md5 >
[2004/08/04 08:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004/08/04 08:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2008/04/13 13:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 13:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\atapi.sys
[2004/08/04 08:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys

< %SYSTEMDRIVE%\IdeChnDr.sys /s /md5 >

< %SYSTEMDRIVE%\viasraid.sys /s /md5 >

< %SYSTEMDRIVE%\AGP440.sys /s /md5 >
[2008/04/13 13:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ERDNT\cache\agp440.sys
[2008/04/13 13:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 13:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\agp440.sys

< %SYSTEMDRIVE%\vaxscsi.sys /s /md5 >
< End of report >
Malwarebytes' Anti-Malware 1.41
Database version: 3256
Windows 5.1.2600 Service Pack 2

11/29/2009 10:17:37 AM
mbam-log-2009-11-29 (10-17-37).txt

Scan type: Quick Scan
Objects scanned: 127415
Time elapsed: 5 minute(s), 55 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
PS>I have the older logs from 11/26/09 and have removed and re-seated the keyboard connector <which worked for a minute or two then reverted to being unusable>.

Edited by CrackerBoy, 29 November 2009 - 11:22 AM.

  • 0

Advertisements

#2
CrackerBoy
Posted 29 November 2009 - 12:30 PM

CrackerBoy

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
Was finally able to boot to safe mode and remove superfluous software, keyboard came back. Am online with it now! Still have a problem cleaning up the D: drive, but that may be another forum. Delete this post in entirety if it seems appropriate.
Thank You
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP