TheTechGuide Forum
General Category => Tech Clinic => Topic started by: kerri191 on May 06, 2009, 01:45:20 AM
-
I recently downloaded Firefox onto my computer, so that I would not have to use Internet Explorer. I have only had the internet for two days, and from all the research I have done in the last two hours, I already have a malware problem. I do not know much about malware (just what I looked up on wikipedia just now) or viruses, but I do know that I don't like what's going on, and everywhere I have looked, no one seems to have a consistent fix for this problem.
What's happening is that my search page switched to Yoog without me doing it myself last night. Because I don't like things happening on my comp that appear weird, I did a check just to be sure, and from what I've learned, my search page switching could be a potential symptom of even bigger problems yet to come. I have not used Yoog to search. I've taken yoog out of my search engines list using the "manage search engines" menu in the upper left corner of Firefox, but the problem persists. I do not know what to do, and from the fixes given to other users, I've discovered that the "fix" may be slightly different for each computer....? I do not know, but I would like some help.
The only anti-virus program that I have on my computer is the demo (i think....) version of Norton that comes with it. I had intended to buy Norton shortly so that I would be permanently protected against threats.
Anyway, I also ran a scan earlier on my comp using Norton to look for threats, and it's telling me that my computer is clean. I happen to know that isn't true. Why isn't this Yoog thing being detected?
As a last resort, my computer is able to run a destructive recovery in the event that I should choose to, but I recently did this because I inadvertently downloaded a virus from my parents' computer to mine when transferring some music before I was able to get the internet. But now that I have my own connection, I've installed the Sims 2 games and most of the expansion packs that come with it, as well as Trillian, Limewire, and other programs that I would like to not have to reinstall should I need to wipe my hard-drive. Not to mention, a destructive recovery takes almost two hours. Please help me avoid all that.
-
Sorry I didn't see this post earlier, do you still need a hand?
-
I would like it. I had planned on running that destructive recovery tonight. But will try this instead. I think I may have posted this in the wrong thread. Think you can help anyway?
-
I moved your topic to the Tech Clinic section of the forums
Download Hijackthis Installer from [color=\"#FF0000\"]HERE[/color] (http://\"http://www.trendsecure.com/portal/en-US/threat_analytics/HJTInstall.exe\")
For an alternate download location, you can try HERE (http://\"http://fileforum.betanews.com/detail/HijackThis/1071179190/1\")
SAVE it to your desktop
Double click on HJTInstall.exe to run it
Choose Install
Hijackthis v2.0.2 will open
Under Main Menu, Select
Do a system scan and save a Log file
A log will open in Notepad
Copy and Paste the Whole log back here to the forum----It is all important!
-
[quote name=\'guestolo\' post=\'462310\' date=\'May 10 2009, 01:11 AM\']I moved your topic to the Tech Clinic section of the forums
Download Hijackthis Installer from [color=\"#ff0000\"]HERE[/color] (http://\"http://www.trendsecure.com/portal/en-US/threat_analytics/HJTInstall.exe\")
For an alternate download location, you can try HERE (http://\"http://fileforum.betanews.com/detail/HijackThis/1071179190/1\")
SAVE it to your desktop
Double click on HJTInstall.exe to run it
Choose Install
Hijackthis v2.0.2 will open
Under Main Menu, Select
Do a system scan and save a Log file
A log will open in Notepad
Copy and Paste the Whole log back here to the forum----It is all important![/quote]
Done. Here is the log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:13:30 AM, on 5/10/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\NETGEAR\WG111v2 Configuration Utility\RtlWake.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\NETGEAR\WG111v2 Configuration Utility\RtWLan.exe
c:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
c:\windows\system\hpsysdrv.exe
C:\Program Files\Trillian\trillian.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop (http://\"http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q106&bd=presario&pf=desktop\")
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop (http://\"http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=presario&pf=desktop\")
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop (http://\"http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=presario&pf=desktop\")
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop (http://\"http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=presario&pf=desktop\")
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www27.yoog.com/ (http://\"http://www27.yoog.com/\")
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop (http://\"http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q106&bd=presario&pf=desktop\")
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop (http://\"http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=presario&pf=desktop\")
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop (http://\"http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=presario&pf=desktop\")
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop (http://\"http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=presario&pf=desktop\")
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop (http://\"http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q106&bd=presario&pf=desktop\")
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop (http://\"http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=presario&pf=desktop\")
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop (http://\"http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q106&bd=presario&pf=desktop\")
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: Ask.com Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\Supertoolbar\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: trueads - {dd92d5ec-5dd2-1177-dfd5-1a81fc8e41eb} - C:\WINDOWS\system32\nsc2A4.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: trueads search enhancer - {F8CC401E-8311-D5FC-2A10-A077A4D27361} - C:\WINDOWS\system32\qvydvdnkkve.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Ask.com Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\Supertoolbar\GenericAskToolbar.dll
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - Global Startup: WG111v2 Smart Wizard Wireless Setting.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
--
End of file - 9661 bytes
-
Good work, I would like to see a couple other logs, then we'll try some fixes
Download [color=\"#FF0000\"]OTListIt2[/color] (http://\"http://oldtimer.geekstogo.com/OTListIt2.exe\")[/url] by OldTimer to your Desktop.
- Close all windows and double click on OTListIt2.exe to run it
- Click Run Scan and let the program run uninterrupted
- It will produce two logs for you, one will pop up - OTListIt2.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
-
Ok, here we are:
OTListIt Extras logfile created on: 5/10/2009 2:20:37 AM - Run 1
OTListIt2 by OldTimer - Version 2.0.15.6 Folder = C:\Documents and Settings\Compaq_Owner\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 100.00% Memory free
4.00 Gb Paging File | 3.95 Gb Available in Paging File | 98.72% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 67.73 Gb Total Space | 39.12 Gb Free Space | 57.75% Space Free | Partition Type: NTFS
Drive D: | 6.77 Gb Total Space | 0.30 Gb Free Space | 4.49% Space Free | Partition Type: FAT32
Drive E: | 1003.03 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: YOUR-D0F670B45A
Current User Name: Compaq_Owner
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Output = Standard
File Age = 30 Days
Company Name Whitelist: On
[color=\"orange\"]========== File Associations ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
[color=\"orange\"]========== Security Center Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall" = 0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List
[color=\"orange\"]========== Authorized Applications List ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[2006/02/23 05:27:45 | 00,036,903 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe:*:Enabled:Compaq Connections
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
[2006/02/23 05:27:45 | 00,036,903 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe:*:Enabled:Compaq Connections
File not found -- C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink
[2009/03/10 16:27:07 | 00,139,776 | ---- | M] (Lime Wire, LLC) -- C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire
[color=\"orange\"]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic RecordNow Data
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{1248C09A-BD6B-47F5-BF3F-CD2B700D9FCB}" = ccCommon
"{12E2B9E9-05B1-407d-B0FD-B5F350535125}" = Norton Internet Security
"{1CB34CE9-0E6B-493F-BB66-3425E5DF76E5}" = CP_CalendarTemplates1
"{23012310-3E05-46A5-88A9-C6CBCABCAC79}" = Customer Experience Enhancement
"{23B35809-5E4A-4F14-8332-1CDEDDFAC089}" = CP_Package_Variety2
"{24BEBF2E-73F3-4599-840B-EDC612CCDD0D}" = Destinations
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(tm) 6 Update 11
"{2818095F-FB6C-42C8-827E-0A406CC9AFF5}" = Quicken 2006
"{2A548002-9042-4083-A270-B67473DE1073}" = SkinsHP1
"{2EBF25F1-F8A2-40EA-92BE-931C142A44E2}" = CC_ccProxyExt
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{30738666-9805-4926-A78F-91DA33B6C437}" = ccPxyCore
"{3248F0A8-6813-11D6-A77B-00B0D0150050}" = J2SE Runtime Environment 5.0 Update 5
"{34F3FCF1-817B-4D61-B6AF-19D9486AFEA0}" = Unload
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36D620AD-EEBA-4973-BA86-0C9AE6396620}" = OptionalContentQFolder
"{38E570C5-BBFE-4D66-B40A-BE8C79DE645C}" = SymNet
"{3BA95526-6AE0-4B87-A62D-17187EF565FC}" = HP Boot Optimizer
"{3FE0CFAB-584A-4AA5-B8CD-C32284CFA308}" = RandMap
"{4041C245-7099-4C96-9738-5EBC23827B3C}" = BufferChm
"{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}" = Microsoft Works
"{449F3A9E-9903-4a0d-A209-08030D45A935}" = Norton Internet Security
"{4817189D-1785-4627-A33C-39FD90919300}" = The Sims 2 Pets
"{48185814-A224-447a-81DA-71BD20580E1B}" = Norton Internet Security
"{494D17B5-3369-4905-8C4B-80C972C5E0FF}" = CP_Panorama1Config
"{4DA4012B-39AF-48c2-B23B-A4D570D233A6}" = cp_LightScribeConfig
"{522D1D79-9C0A-4361-91F8-2AFF8EC6C2E1}" = CP_Package_Variety1
"{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}" = FullDPAppQFolder
"{54F0998F-73C8-4b51-8286-FE903C231BED}" = cp_PosterPrintConfig
"{5677563D-0CB1-485F-9E18-C5025306BB3F}" = Norton AntiSpam
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Sonic Express Labeler
"{766633B3-1AFA-44B6-A3FC-1DE991CD9C52}" = CP_Package_Basic1
"{77772678-817F-4401-9301-ED1D01A8DA56}" = SPBBC
"{79F8E1D4-36C1-439C-95FA-F695050B5B07}" = Sonic_PrimoSDK
"{7B3577F5-1D82-4C9B-008B-69D026FD8BCA}" = The Sims 2 Open For Business
"{80AE27BA-B0ED-4288-A8B9-D8194BCF4115}" = cp_UpdateProjectsConfig
"{82A5BF38-8461-4A5C-B2C9-24F5256D92A6}" = Norton Protection Center
"{869C3062-4745-4949-B6C9-98AF24D89030}" = PhotoGallery
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask.com Toolbar
"{87F6C83D-F949-4d14-B5CB-DC8C75F8932D}" = The Simsâ„¢ 2 FreeTime
"{8AB8D458-939E-403F-0097-9BA1C1F013D5}" = The Sims 2
"{8FD3F4BA-A4A6-4380-00A6-CC6853AB2DC2}" = The Sims 2 University
"{9D4ABB0C-F60B-44A6-956C-A4A63D5495C9}" = CueTour
"{9DABCBE8-ED61-75EC-FEA4-47AB80CD87FC}" = Search Assistant Trueads
"{A93C9E60-29B6-49da-BA21-F70AC6AADE20}" = Norton Internet Security
"{AADFE0B9-F905-4d5f-A144-0ADB2EFA747B}" = Norton Internet Security
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic RecordNow Audio
"{AC76BA86-7AD7-1033-7B44-A70000000000}" = Adobe Reader 7.0
"{B11E71BA-498C-42D4-9F1A-9D7A89D9DA61}" = CP_AtenaShokunin1Config
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic RecordNow Copy
"{B57F2FF0-5A25-4332-B503-4592B370C02F}" = CP_Package_Variety3
"{B6F5B704-06D3-4687-90F3-6195304AD755}" = The Simsâ„¢ 2 Apartment Life
"{B7C61755-DB48-4003-948F-3D34DB8EAF69}" = MSRedist
"{BBD3BF67-5B89-4CBB-BA58-5818ED5F3290}" = cp_OnlineProjectsConfig
"{C6F5B6CF-609C-428E-876F-CA83176C021B}" = Norton AntiVirus 2006
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{DB518BA6-CB74-4EB6-9ABD-880B6D6E1F38}" = HpSdpAppCoreApp
"{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}" = LiveUpdate Notice (Symantec Corporation)
"{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}" = The Simsâ„¢ 2 Seasons
"{E0303B6A-C675-4102-95DA-C013625BFA99}" = GTA San Andreas
"{E0F252A6-DE85-4E93-A93B-DFC3537B3965}" = WG111v2 Configuration Utility
"{E3EFA461-EB83-4C3B-9C47-2C1D58A01555}" = Norton Internet Security
"{E5EE9939-259F-4DE2-8023-5C49E16A4F43}" = Norton Internet Security
"{E85FA9A1-C241-4698-893B-DD99509B8DB0}" = Norton WMI Update
"{ECFDD6BD-E0C0-41CC-A171-E6D6AF4C0E93}" = HP Software Update
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F248ADFA-64E0-4b03-8A83-059078BED6A0}" = The Simsâ„¢ 2 Bon Voyage
"{F64306A5-4C32-41bb-B153-53986527FAB4}" = Norton WMI Update
"{F7529650-B9DB-481B-0089-A2AC3C2821C1}" = The Sims 2 Nightlife
"{FC8D25A7-FF1B-41BB-BB3B-9A06C0A60AE0}" = InstantShareDevices
"{FFB4DD53-28B7-4981-BFF0-9BD801F61095}" = Norton Internet Security
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"ATI Display Driver" = ATI Display Driver
"b25fdfd0-9045-8457-b7b5-cf6678677652" = Contextual Application Trueads
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1" = Data Fax SoftModem with SmartCP
"HijackThis" = HijackThis 2.0.2
"HP Imaging Device Functions" = HP Imaging Device Functions 6.0
"HP Photo & Imaging" = HP Photosmart Premier Software 6.0
"HP Rhapsody" = HP Rhapsody
"HPOOVClient-5577497 Uninstaller" = Compaq Connections (remove only)
"InstallShield_{23012310-3E05-46A5-88A9-C6CBCABCAC79}" = Customer Experience Enhancement
"LimeWire" = LimeWire PRO 5.1.2
"LiveUpdate" = LiveUpdate 3.0 (Symantec Corporation)
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Money2006b" = Microsoft Money 2006
"Mozilla Firefox (3.0.10)" = Mozilla Firefox (3.0.10)
"PartyPoker" = PartyPoker
"PC-Doctor 5 for Windows" = PC-Doctor 5 for Windows
"Python 2.2.3" = Python 2.2.3
"pywin32-py2.2" = Python 2.2 pywin32 extensions (build 203)
"RealPlayer 6.0" = RealPlayer
"SymSetup.{A93C9E60-29B6-49da-BA21-F70AC6AADE20}" = Norton Internet Security 2006 (Symantec Corporation)
"Trillian" = Trillian
"WildTangent CDA" = WildTangent Web Driver
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
[color=\"orange\"]========== Last 10 Event Log Errors ==========[/color]
[ Application Events ]
Error - 4/24/2009 11:40:53 PM | Computer Name = YOUR-D0F670B45A | Source = Application Hang | ID = 1002
Description = Hanging application NMain.exe, version 104.0.1.17, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 5/4/2009 11:53:29 AM | Computer Name = YOUR-D0F670B45A | Source = Application Error | ID = 1000
Description = Faulting application pprekop.exe, version 4.2.0.172, faulting module
ole32.dll, version 5.1.2600.2182, fault address 0x10017bed.
Error - 5/5/2009 11:01:31 PM | Computer Name = YOUR-D0F670B45A | Source = Application Error | ID = 1000
Description = Faulting application rtwlan.exe, version 1.0.2.1, faulting module
wg1v2lib.dll, version 2.3.2006.410, fault address 0x0000b8fc.
Error - 5/5/2009 11:01:39 PM | Computer Name = YOUR-D0F670B45A | Source = Application Error | ID = 1000
Description = Faulting application rtwlan.exe, version 1.0.2.1, faulting module
wg1v2lib.dll, version 2.3.2006.410, fault address 0x0000b8fc.
Error - 5/5/2009 11:02:58 PM | Computer Name = YOUR-D0F670B45A | Source = Application Error | ID = 1000
Description = Faulting application rtwlan.exe, version 1.0.2.1, faulting module
wg1v2lib.dll, version 2.3.2006.410, fault address 0x0000b8fc.
Error - 5/5/2009 11:03:01 PM | Computer Name = YOUR-D0F670B45A | Source = Application Error | ID = 1000
Description = Faulting application rtwlan.exe, version 1.0.2.1, faulting module
wg1v2lib.dll, version 2.3.2006.410, fault address 0x0000b8fc.
Error - 5/6/2009 11:21:30 PM | Computer Name = YOUR-D0F670B45A | Source = Application Error | ID = 1000
Description = Faulting application rtwlan.exe, version 1.0.2.1, faulting module
wg1v2lib.dll, version 2.3.2006.410, fault address 0x0000b8fc.
Error - 5/6/2009 11:21:31 PM | Computer Name = YOUR-D0F670B45A | Source = Application Error | ID = 1000
Description = Faulting application rtwlan.exe, version 1.0.2.1, faulting module
wg1v2lib.dll, version 2.3.2006.410, fault address 0x0000b8fc.
Error - 5/8/2009 1:10:30 PM | Computer Name = YOUR-D0F670B45A | Source = Application Error | ID = 1000
Description = Faulting application rtwlan.exe, version 1.0.2.1, faulting module
wg1v2lib.dll, version 2.3.2006.410, fault address 0x0000b8fc.
Error - 5/8/2009 1:10:34 PM | Computer Name = YOUR-D0F670B45A | Source = Application Error | ID = 1000
Description = Faulting application rtwlan.exe, version 1.0.2.1, faulting module
wg1v2lib.dll, version 2.3.2006.410, fault address 0x0000b8fc.
[ System Events ]
Error - 5/7/2009 5:28:53 AM | Computer Name = YOUR-D0F670B45A | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly failed for Microsoft.VC80.CRT. Reference error
message: The referenced assembly is not installed on your system. .
Error - 5/7/2009 5:28:53 AM | Computer Name = YOUR-D0F670B45A | Source = SideBySide | ID = 16842811
Description = Generate Activation Context failed for C:\Program Files\LimeWire\lib\jacob-1.14.1-x86.dll.
Reference
error message: The operation completed successfully. .
Error - 5/8/2009 9:10:10 AM | Computer Name = YOUR-D0F670B45A | Source = Dhcp | ID = 1001
Description = Your computer was not assigned an address from the network (by the
DHCP Server) for the Network Card with network address 001E2AF0C09B. The following
error occurred: %%1223. Your computer will continue to try and obtain an address
on its own from the network address (DHCP) server.
Error - 5/8/2009 1:28:54 PM | Computer Name = YOUR-D0F670B45A | Source = Dhcp | ID = 1001
Description = Your computer was not assigned an address from the network (by the
DHCP Server) for the Network Card with network address 001E2AF0C09B. The following
error occurred: %%1223. Your computer will continue to try and obtain an address
on its own from the network address (DHCP) server.
Error - 5/8/2009 11:34:33 PM | Computer Name = YOUR-D0F670B45A | Source = Dhcp | ID = 1000
Description = Your computer has lost the lease to its IP address 192.168.0.12 on
the Network Card with network address 001E2AF0C09B.
Error - 5/9/2009 1:15:17 AM | Computer Name = YOUR-D0F670B45A | Source = Dhcp | ID = 1000
Description = Your computer has lost the lease to its IP address 192.168.0.12 on
the Network Card with network address 001E2AF0C09B.
Error - 5/9/2009 5:14:12 AM | Computer Name = YOUR-D0F670B45A | Source = Dhcp | ID = 1001
Description = Your computer was not assigned an address from the network (by the
DHCP Server) for the Network Card with network address 001E2AF0C09B. The following
error occurred: %%1223. Your computer will continue to try and obtain an address
on its own from the network address (DHCP) server.
Error - 5/9/2009 6:00:20 AM | Computer Name = YOUR-D0F670B45A | Source = Dhcp | ID = 1001
Description = Your computer was not assigned an address from the network (by the
DHCP Server) for the Network Card with network address 001E2AF0C09B. The following
error occurred: %%1223. Your computer will continue to try and obtain an address
on its own from the network address (DHCP) server.
Error - 5/9/2009 1:58:09 PM | Computer Name = YOUR-D0F670B45A | Source = Dhcp | ID = 1001
Description = Your computer was not assigned an address from the network (by the
DHCP Server) for the Network Card with network address 001E2AF0C09B. The following
error occurred: %%1223. Your computer will continue to try and obtain an address
on its own from the network address (DHCP) server.
Error - 5/9/2009 4:19:55 PM | Computer Name = YOUR-D0F670B45A | Source = Dhcp | ID = 1001
Description = Your computer was not assigned an address from the network (by the
DHCP Server) for the Network Card with network address 001E2AF0C09B. The following
error occurred: %%1223. Your computer will continue to try and obtain an address
on its own from the network address (DHCP) server.
< End of report >
-
Thanks for posting the contents of Extra.txt
Can you also post the contents of OTListit2.txt
A copy should be found on your desktop
-
I am unable to post the second log. I'm including it as an attachment here.
OTListIt logfile created on: 5/10/2009 2:20:37 AM - Run 1
OTListIt2 by OldTimer - Version 2.0.15.6 Folder = C:\Documents and Settings\Compaq_Owner\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 100.00% Memory free
4.00 Gb Paging File | 3.95 Gb Available in Paging File | 98.72% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 67.73 Gb Total Space | 39.12 Gb Free Space | 57.75% Space Free | Partition Type: NTFS
Drive D: | 6.77 Gb Total Space | 0.30 Gb Free Space | 4.49% Space Free | Partition Type: FAT32
Drive E: | 1003.03 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: YOUR-D0F670B45A
Current User Name: Compaq_Owner
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Output = Standard
File Age = 30 Days
Company Name Whitelist: On
[color=\"orange\"]========== Processes (SafeList) ==========[/color]
PRC - [2006/04/04 21:52:38 | 00,405,504 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\Ati2evxx.exe
PRC - [2006/04/04 21:52:38 | 00,405,504 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\Ati2evxx.exe
PRC - [2004/08/04 07:00:00 | 01,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2008/02/11 17:22:14 | 00,169,320 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
PRC - [2008/02/11 17:22:14 | 00,191,848 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
PRC - [2007/09/13 17:49:48 | 00,202,088 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
PRC - [2008/01/29 17:38:31 | 00,583,048 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
PRC - [2007/10/01 14:50:08 | 00,214,408 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
PRC - [2009/05/05 00:21:09 | 01,251,720 | ---- | M] () -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
PRC - [2006/07/25 18:03:42 | 00,100,032 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
PRC - [2009/05/05 02:06:26 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2003/06/20 10:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
PRC - [2007/05/23 12:13:38 | 00,139,888 | ---- | M] (Symantec Corporation) -- c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
PRC - [2004/08/11 12:45:04 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe
PRC - [2008/02/11 17:22:14 | 00,053,096 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccApp.exe
PRC - [2005/02/17 10:11:42 | 00,049,152 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
PRC - [2006/03/08 05:54:04 | 16,010,240 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE
PRC - [2005/08/14 08:05:00 | 00,344,064 | ---- | M] (ATI Technologies, Inc.) -- C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
PRC - [2009/05/05 02:06:26 | 00,136,600 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2004/10/13 19:24:37 | 01,694,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
PRC - [2006/04/06 20:19:28 | 00,745,472 | ---- | M] () -- C:\Program Files\NETGEAR\WG111v2 Configuration Utility\RtlWake.exe
PRC - [2006/04/18 16:32:26 | 00,483,328 | ---- | M] () -- C:\Program Files\NETGEAR\WG111v2 Configuration Utility\RtWLan.exe
PRC - [2006/12/15 13:36:28 | 00,750,720 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
PRC - [1998/05/07 12:04:38 | 00,052,736 | ---- | M] (Hewlett-Packard Company) -- c:\windows\system\hpsysdrv.exe
PRC - [2008/11/26 00:00:00 | 01,873,280 | ---- | M] (Cerulean Studios) -- C:\Program Files\Trillian\trillian.exe
PRC - [2009/05/10 02:20:04 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\OTListIt2.exe
[color=\"orange\"]========== Win32 Services (SafeList) ==========[/color]
SRV - [2004/07/15 12:49:26 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2006/04/04 21:52:38 | 00,405,504 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\Ati2evxx.exe -- (Ati HotKey Poller [Auto | Running])
SRV - [2006/04/04 21:05:00 | 00,520,192 | ---- | M] () -- C:\WINDOWS\system32\ati2sgag.exe -- (ATI Smart [Auto | Stopped])
SRV - [2006/07/25 18:03:42 | 00,100,032 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler [Auto | Running])
SRV - [2008/02/11 17:22:14 | 00,191,848 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe -- (ccEvtMgr [Auto | Running])
SRV - [2007/01/16 13:52:26 | 00,072,328 | ---- | M] (Symantec Corporation) -- c:\Program Files\Norton Internet Security\ccPwdSvc.exe -- (ccISPwdSvc [On_Demand | Stopped])
SRV - [2007/09/13 17:49:48 | 00,202,088 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccProxy.exe -- (ccProxy [Auto | Running])
SRV - [2008/02/11 17:22:14 | 00,169,320 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe -- (ccSetMgr [Auto | Running])
SRV - [2007/01/16 11:25:28 | 00,045,696 | ---- | M] (Symantec Corporation) -- c:\Program Files\Norton Internet Security\comHost.exe -- (comHost [On_Demand | Stopped])
SRV - [2004/08/04 07:00:00 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2004/10/22 14:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
SRV - [2009/05/05 02:06:26 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
SRV - [2006/07/25 18:03:42 | 02,119,360 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_0.EXE -- (LiveUpdate [On_Demand | Stopped])
SRV - [2008/01/29 17:38:31 | 00,583,048 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -- (LiveUpdate Notice Service [Auto | Running])
SRV - [2003/06/20 10:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM [Auto | Running])
SRV - [2007/05/23 12:13:38 | 00,139,888 | ---- | M] (Symantec Corporation) -- c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe -- (navapsvc [Auto | Running])
SRV - [2006/12/15 13:36:28 | 00,750,720 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE -- (NSCService [On_Demand | Running])
SRV - [2005/08/26 16:22:48 | 00,198,368 | ---- | M] (Symantec Corporation) -- c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe -- (SAVScan [On_Demand | Stopped])
SRV - [2007/10/01 14:50:08 | 00,214,408 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe -- (SNDSrvc [Auto | Running])
SRV - [2005/09/15 18:21:14 | 01,160,800 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe -- (SPBBCSvc [On_Demand | Stopped])
SRV - [2009/05/05 00:21:09 | 01,251,720 | ---- | M] () -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC [Auto | Running])
SRV - [2004/08/11 12:45:04 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe -- (UMWdf [Auto | Running])
[color=\"orange\"]========== Driver Services (SafeList) ==========[/color]
DRV - [2006/04/04 21:58:44 | 01,536,000 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\DRIVERS\ati2mtag.sys -- (ati2mtag [On_Demand | Running])
DRV - [2003/11/05 10:45:12 | 00,017,408 | ---- | M] (Promise Technology, Inc.) -- C:\WINDOWS\system32\DRIVERS\bb-run.sys -- (bb-run [Boot | Running])
DRV - [2005/04/01 11:43:02 | 00,066,048 | ---- | M] (Windows ® 2000 DDK provider) -- C:\WINDOWS\system32\DRIVERS\EAPPkt.sys -- (EAPPkt [Auto | Running])
DRV - [2009/04/15 13:04:26 | 00,371,248 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl [System | Running])
DRV - [2009/04/15 13:04:26 | 00,101,936 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv [On_Demand | Running])
DRV - [2005/06/29 20:03:18 | 00,175,104 | ---- | M] (Promise Technology, Inc.) -- C:\WINDOWS\system32\DRIVERS\ftsata2.sys -- (ftsata2 [Boot | Running])
DRV - [2005/01/08 04:07:18 | 00,138,752 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\system32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running])
DRV - [2005/12/06 14:20:50 | 00,241,664 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\DRIVERS\HSXHWBS2.sys -- (HSXHWBS2 [On_Demand | Running])
DRV - [2005/12/06 14:20:40 | 00,936,448 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\DRIVERS\HSX_DP.sys -- (HSX_DP [On_Demand | Running])
DRV - [2005/06/17 09:33:40 | 00,872,064 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\DRIVERS\iaStor.sys -- (iaStor [Boot | Running])
DRV - [2006/03/08 14:27:12 | 04,246,016 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Running])
DRV - [2005/10/05 18:57:08 | 00,012,544 | ---- | M] (Conexant) -- C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys -- (mdmxsdk [Auto | Running])
DRV - [2009/04/15 13:04:26 | 00,089,104 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20090509.003\NAVENG.SYS -- (NAVENG [On_Demand | Running])
DRV - [2009/04/15 13:04:26 | 00,876,144 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20090509.003\NAVEX15.SYS -- (NAVEX15 [On_Demand | Running])
DRV - [2004/08/04 07:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2005/01/26 13:03:00 | 00,020,576 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
DRV - [2005/09/30 14:11:42 | 00,078,720 | ---- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys -- (RTL8023xp [On_Demand | Running])
DRV - [2004/08/03 17:31:34 | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation) -- C:\WINDOWS\system32\DRIVERS\RTL8139.SYS -- (rtl8139 [On_Demand | Stopped])
DRV - [2006/03/27 17:53:28 | 00,167,808 | ---- | M] (NETGEAR Inc.) -- C:\WINDOWS\system32\DRIVERS\wg111v2.sys -- (RTLWUSB [On_Demand | Running])
DRV - [2005/08/26 16:22:48 | 00,334,984 | ---- | M] (Symantec Corporation) -- c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVRT.SYS -- (SAVRT [On_Demand | Running])
DRV - [2005/08/26 16:22:50 | 00,053,896 | ---- | M] (Symantec Corporation) -- c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVRTPEL.SYS -- (SAVRTPEL [System | Running])
DRV - [2004/08/04 07:00:00 | 00,027,440 | ---- | M] () -- C:\WINDOWS\system32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
DRV - [2002/10/02 08:57:12 | 00,013,532 | ---- | M] (Windows ® 2000 DDK provider) -- C:\WINDOWS\System32\Drivers\SjyPkt.sys -- (SjyPkt [On_Demand | Running])
DRV - [2005/09/15 18:21:14 | 00,389,728 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv [On_Demand | Stopped])
DRV - [2007/10/01 14:48:56 | 00,012,680 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\Drivers\SYMDNS.SYS -- (SYMDNS [On_Demand | Running])
DRV - [2009/05/05 00:20:02 | 00,124,464 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\system32\Drivers\SYMEVENT.SYS -- (SymEvent [On_Demand | Running])
DRV - [2007/10/01 14:49:04 | 00,098,184 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\Drivers\SYMFW.SYS -- (SYMFW [On_Demand | Running])
DRV - [2007/10/01 14:49:16 | 00,031,624 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\Drivers\SYMIDS.SYS -- (SYMIDS [On_Demand | Running])
DRV - [2009/04/04 03:44:06 | 00,251,768 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\SymcData\idsdefs\20090428.001\SymIDSCo.sys -- (SYMIDSCO [On_Demand | Running])
DRV - [2006/02/23 05:42:59 | 00,010,344 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\system32\drivers\symlcbrd.sys -- (symlcbrd [Auto | Running])
DRV - [2007/10/01 14:49:10 | 00,028,040 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\Drivers\SYMNDIS.SYS -- (SYMNDIS [On_Demand | Running])
DRV - [2007/10/01 14:49:20 | 00,023,944 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV [On_Demand | Running])
DRV - [2007/10/01 14:49:26 | 00,189,320 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS -- (SYMTDI [System | Running])
DRV - [2005/12/06 14:20:42 | 00,670,208 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\DRIVERS\HSX_CNXT.sys -- (winachsx [On_Demand | Running])
[color=\"orange\"]========== Standard Registry (SafeList) ==========[/color]
[color=\"orange\"]========== Internet Explorer ==========[/color]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop (http://\"http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q106&bd=presario&pf=desktop\")
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop (http://\"http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=presario&pf=desktop\")
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop (http://\"http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=presario&pf=desktop\")
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop (http://\"http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q106&bd=presario&pf=desktop\")
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm (http://\"http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm\")
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop (http://\"http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=presario&pf=desktop\")
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop (http://\"http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q106&bd=presario&pf=desktop\")
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop (http://\"http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=presario&pf=desktop\")
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop (http://\"http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=presario&pf=desktop\")
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www27.yoog.com/ (http://\"http://www27.yoog.com/\")
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
[color=\"orange\"]========== FireFox ==========[/color]
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Yoog Search"
FF - prefs.js..browser.search.defaulturl: "http://www27.yoog.com/search.php?q="
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Yoog Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www27.yoog.com/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.10
FF - prefs.js..keyword.URL: "http://www27.yoog.com/search.php?q="
FF - user.js..browser.startup.homepage: "http://www27.yoog.com/"
FF - user.js..browser.search.defaultenginename: "Yoog Search"
FF - user.js..browser.search.defaulturl: "http://www27.yoog.com/search.php?q="
FF - user.js..browser.search.selectedEngine: "Yoog Search"
FF - user.js..keyword.URL: "http://www27.yoog.com/search.php?q="
FF - user.js..keyword.enabled: true
FF - HKLM\software\mozilla\Firefox\extensions\\[email protected]: C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2009/05/05 02:06:27 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009/05/06 00:48:07 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009/05/05 02:06:40 | 00,000,000 | ---D | M]
[2009/05/05 02:07:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\mozilla\Extensions
[2009/05/04 08:59:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/05/05 02:07:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\mozilla\Extensions\[email protected]
[2009/05/09 01:57:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\mozilla\Firefox\Profiles\s7lrimvx.default\extensions
[2009/05/04 09:05:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\mozilla\Firefox\Profiles\s7lrimvx.default\extensions\[email protected]
[2009/05/10 02:20:20 | 00,000,247 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\FireFox\Profiles\s7lrimvx.default\searchplugins\Yoog Search.xml
[2009/05/09 01:57:50 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/05/04 08:58:40 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/05/05 02:06:42 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
[2009/04/24 00:38:30 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/04/24 00:38:32 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/04/29 10:43:30 | 00,678,912 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\components\cee46b49-83cf-63b7-fc0a-64717a0fdd95.dll
[2009/04/29 10:46:40 | 00,423,936 | ---- | M] () -- C:\Program Files\mozilla firefox\components\qvydvdnkkve.dll
[2009/04/23 20:39:08 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
O1 HOSTS File: (734 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (CNavExtBho Class) - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll (Symantec Corporation)
O2 - BHO: (Ask.com Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\Supertoolbar\GenericAskToolbar.dll (TODO: <Company name>)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (trueads) - {dd92d5ec-5dd2-1177-dfd5-1a81fc8e41eb} - C:\WINDOWS\system32\nsc2A4.dll ()
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O2 - BHO: (trueads search enhancer) - {F8CC401E-8311-D5FC-2A10-A077A4D27361} - C:\WINDOWS\system32\qvydvdnkkve.dll ()
O3 - HKLM\..\Toolbar: (Norton AntiVirus) - {C4069E3A-68F1-403E-B40E-20066696354B} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Ask.com Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\Supertoolbar\GenericAskToolbar.dll (TODO: <Company name>)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {00000000-0000-0000-0000-000000000000} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Reg Error: Key error. File not found
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Alcmtr] ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" (ATI Technologies, Inc.)
O4 - HKLM..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe" (Symantec Corporation)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe (Hewlett-Packard Co.)
O4 - HKLM..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run (Hewlett-Packard Company)
O4 - HKLM..\Run: [PCDrProfiler] File not found
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE ()
O4 - HKLM..\Run: [RTHDCPL] RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" (Symantec Corporation)
O4 - HKCU..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WG111v2 Smart Wizard Wireless Setting.lnk = C:\Program Files\NETGEAR\WG111v2 Configuration Utility\RtlWake.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 File not found
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe ()
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe ()
O9 - Extra Button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O9 - Extra 'Tools' menuitem : Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (http://\"http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab\") (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (http://\"http://java.sun.com/update/1.5.0/jinstall-1_5_0_05-windows-i586.cab\") (Java Plug-in 1.5.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (http://\"http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab\") (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (http://\"http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab\") (Java Plug-in 1.6.0_11)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shock...ash/swflash.cab (http://\"http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab\") (Shockwave Flash Object)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/12/05 02:50:26 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/27 15:07:38 | 00,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2004/04/30 07:01:14 | 00,000,053 | -HS- | M] () - D:\Autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2008/07/26 10:20:44 | 00,703,552 | R--- | M] (Electronic Arts Inc.) - E:\AutoRun.exe -- [ UDF ]
O32 - AutoRun File - [2008/07/26 10:20:44 | 00,703,552 | R--- | M] (Electronic Arts Inc.) - E:\AutoRun.exe -- [ UDF ]
O32 - AutoRun File - [2008/07/26 10:20:45 | 00,662,592 | R--- | M] (Electronic Arts Inc.) - E:\AutoRunGUI.dll -- [ UDF ]
O32 - AutoRun File - [2008/07/26 10:20:38 | 00,000,156 | R--- | M] () - E:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{9c1e7799-3147-11de-ba7b-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{9c1e7799-3147-11de-ba7b-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{9c1e779a-3147-11de-ba7b-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{9c1e779a-3147-11de-ba7b-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{9c1e779a-3147-11de-ba7b-806d6172696f}\Shell\AutoRun\command - "" = E:\Autorun.exe -- [2008/07/26 10:20:44 | 00,703,552 | R--- | M] (Electronic Arts Inc.)
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
[color=\"orange\"]========== Files/Folders - Created Within 30 Days ==========[/color]
[71 C:\WINDOWS\System32\*.tmp files]
[2009/05/10 02:20:04 | 00,501,248 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\OTListIt2.exe
[2009/05/10 02:13:11 | 00,001,742 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\HijackThis.lnk
[2009/05/10 02:13:11 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/05/10 02:12:50 | 00,812,344 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Compaq_Owner\Desktop\HJTInstall.exe
[2009/05/10 00:39:43 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbprint.sys
[2009/05/10 00:39:43 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbprint.sys
[2009/05/08 04:13:01 | 00,003,270 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\dogface.jpg
[2009/05/08 03:31:34 | 00,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2009/05/06 08:28:07 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot_bak
[2009/05/06 03:15:48 | 00,986,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kernel32.dll
[2009/05/06 03:12:10 | 00,723,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\lsasrv.dll
[2009/05/06 03:12:10 | 00,714,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntdll.dll
[2009/05/06 03:12:10 | 00,616,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\advapi32.dll
[2009/05/06 03:12:09 | 02,057,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntkrnlpa.exe
[2009/05/06 03:12:09 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\services.exe
[2009/05/06 03:12:08 | 02,180,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntoskrnl.exe
[2009/05/06 03:08:21 | 00,000,000 | -HSD | C] -- C:\Config.Msi
[2009/05/06 03:04:06 | 00,360,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tcpip.sys
[2009/05/06 03:04:06 | 00,225,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tcpip6.sys
[2009/05/06 03:04:06 | 00,138,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\afd.sys
[2009/05/06 03:02:44 | 00,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2009/05/05 13:06:02 | 00,059,526 | ---- | C] () -- C:\WINDOWS\System32\qvydvdnkkve.dll-uninst.exe
[2009/05/05 13:05:57 | 00,085,660 | ---- | C] () -- C:\WINDOWS\System32\b25fdfd0-9045-8457-b7b5-cf6678677652.exe
[2009/05/05 13:05:32 | 00,644,106 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\access.exe
[2009/05/05 13:04:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Desktop\License Backup
[2009/05/05 03:06:11 | 02,136,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2009/05/05 03:06:10 | 02,180,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2009/05/05 03:06:09 | 02,015,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2009/05/05 03:06:08 | 02,057,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlpa.exe
[2009/05/05 03:04:45 | 00,272,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthport.sys
[2009/05/05 03:04:45 | 00,272,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys
[2009/05/05 03:01:28 | 00,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tzchange.exe
[2009/05/05 03:00:29 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2009/05/05 02:07:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\My Documents\LimeWire
[2009/05/05 02:07:10 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Application Data\LimeWire
[2009/05/05 02:06:55 | 00,001,594 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\LimeWire PRO 5.1.2.lnk
[2009/05/05 02:06:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Application Data\Sun
[2009/05/05 02:05:50 | 00,000,000 | ---D | C] -- C:\Program Files\LimeWire
[2009/05/05 02:04:24 | 19,603,824 | ---- | C] (Lime Wire LLC) -- C:\Documents and Settings\Compaq_Owner\Desktop\LimeWireWin.exe
[2009/05/05 00:25:12 | 00,453,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2009/05/05 00:18:25 | 00,010,635 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2009/05/05 00:18:25 | 00,000,806 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2009/05/04 13:04:36 | 00,000,000 | ---D | C] -- C:\Program Files\Semagic
[2009/05/04 12:31:55 | 00,167,808 | ---- | C] (NETGEAR Inc.) -- C:\WINDOWS\System32\drivers\wg111v2.sys
[2009/05/04 12:31:53 | 00,001,653 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\NETGEAR WG111v2 Smart Wizard.lnk
[2009/05/04 12:31:52 | 00,200,704 | ---- | C] (NETGEAR Inc.) -- C:\WINDOWS\System32\WG1v2Lib.dll
[2009/05/04 12:31:52 | 00,155,648 | ---- | C] (TODO: <Company name>) -- C:\WINDOWS\System32\IpLib.dll
[2009/05/04 12:31:52 | 00,114,688 | R--- | C] (NETGEAR Inc.) -- C:\WINDOWS\System32\EnumDev111.dll
[2009/05/04 12:31:52 | 00,001,669 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WG111v2 Smart Wizard Wireless Setting.lnk
[2009/05/04 12:31:52 | 00,000,000 | ---D | C] -- C:\WINDOWS\OPTIONS
[2009/05/04 12:31:52 | 00,000,000 | ---D | C] -- C:\Program Files\NETGEAR
[2009/05/04 11:53:06 | 00,001,658 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\PartyPoker.lnk
[2009/05/04 11:52:32 | 00,000,000 | ---D | C] -- C:\Program Files\PartyGaming
[2009/05/04 11:47:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Desktop\Conway Twitty
[2009/05/04 11:28:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Application Data\Help
[2009/05/04 11:25:40 | 00,520,192 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2009/05/04 11:22:38 | 00,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2009/05/04 11:22:38 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2009/05/04 11:22:08 | 00,000,000 | ---D | C] -- C:\Program Files\Realtek
[2009/05/04 09:35:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Application Data\Adobe
[2009/05/04 09:05:56 | 00,000,274 | ---- | C] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2009/05/04 09:05:42 | 00,000,000 | ---D | C] -- C:\Program Files\Ask.com
[2009/05/04 09:03:19 | 00,001,630 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Trillian.lnk
[2009/05/04 09:01:52 | 00,000,000 | ---D | C] -- C:\Program Files\Trillian
[2009/05/04 09:00:48 | 00,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/05/04 08:59:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla
[2009/05/04 08:58:46 | 00,001,610 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2009/05/04 08:58:34 | 00,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2009/05/04 08:54:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Application Data\Netscape
[2009/05/04 08:43:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2009/04/29 10:46:48 | 00,566,272 | ---- | C] () -- C:\WINDOWS\System32\qvydvdnkkve.dll
[2009/04/29 10:43:30 | 00,686,080 | ---- | C] () -- C:\WINDOWS\System32\nsc2A4.dll
[2009/04/27 06:52:51 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos
[2009/04/25 22:42:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\My Documents\GTA San Andreas User Files
[2009/04/25 22:10:44 | 00,001,591 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\GTA San Andreas.lnk
[2009/04/25 22:10:44 | 00,000,000 | ---D | C] -- C:\Program Files\Rockstar Games
[2009/04/25 16:31:34 | 00,107,888 | ---- | C] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll
[2009/04/25 16:14:54 | 00,000,211 | RHS- | C] () -- C:\BOOT.BAK
[2009/04/25 16:14:40 | 00,260,272 | RHS- | C] () -- C:\cmldr
[2009/04/25 16:14:18 | 00,000,000 | RHSD | C] -- C:\cmdcons
[2009/04/25 16:14:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\setup.pss
[2009/04/25 15:58:27 | 00,001,933 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\The Simsâ„¢ 2 Apartment Life.lnk
[2009/04/25 15:36:51 | 00,001,879 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\The Simsâ„¢ 2 FreeTime.lnk
[2009/04/25 15:00:12 | 00,001,897 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\The Simsâ„¢ 2 Bon Voyage.lnk
[2009/04/25 14:46:05 | 00,001,845 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\The Simsâ„¢ 2 Seasons.lnk
[2009/04/25 14:30:49 | 00,001,818 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\The Sims 2 Pets.lnk
[2009/04/25 13:59:23 | 00,001,935 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\The Sims 2 Open For Business.lnk
[2009/04/25 13:56:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Application Data\funkitron
[2009/04/25 13:53:06 | 00,001,863 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\The Sims 2 Nightlife.lnk
[2009/04/25 00:42:30 | 00,001,872 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\The Sims 2 University.lnk
[2009/04/25 00:41:46 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\EA Games
[2009/04/25 00:33:42 | 00,001,748 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\The Sims 2.lnk
[2009/04/25 00:33:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\My Documents\EA Games
[2009/04/25 00:20:51 | 00,000,000 | ---D | C] -- C:\Program Files\EA GAMES
[2009/04/24 23:49:15 | 00,442,368 | R--- | C] (On2.com) -- C:\WINDOWS\System32\vp6vfw.dll
[2009/04/24 23:44:34 | 00,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2009/04/24 23:42:49 | 00,000,000 | -HSD | C] -- C:\RECYCLER
[2009/04/24 23:40:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Application Data\HPQ
[2009/04/24 23:39:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Application Data\Macromedia
[2009/04/24 23:39:06 | 00,000,000 | -HSD | C] -- C:\WINDOWS\ftpcache
[2009/04/24 23:34:41 | 00,000,562 | ---- | C] () -- C:\WINDOWS\tasks\Norton AntiVirus - Run Full System Scan - Compaq_Owner.job
[2009/04/24 23:34:10 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\My Documents\Symantec
[2009/04/24 23:25:14 | 00,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmpns.dll
[2009/04/24 23:25:03 | 00,001,718 | RHS- | C] () -- C:\WINDOWS\System32\drivers\103C_HP_CPC_ER978AA-ABA SR1803WM NA620_YC_0Pres_QCNH613_E62NAhwREA1_48_IAGENA_SASUSTeK Computer INC._V1.02_B3.06_T051219_WXH2_L409_M1983_J80_7Intel_8Celeron_93.2_#060516_N10EC8
139_Z14F12F20_G10025A61.MRK
[2009/04/24 23:25:02 | 26,828,34944 | -HS- | C] () -- C:\hiberfil.sys
[2009/04/24 23:23:33 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\desktop.ini
[2009/04/24 23:23:31 | 00,000,083 | -HS- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\desktop.ini
[2009/04/24 23:23:31 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\desktop.ini
[2009/04/24 23:23:28 | 00,000,084 | -HS- | C] () -- C:\Documents and Settings\Compaq_Owner\Start Menu\Programs\Startup\desktop.ini
[2009/04/24 23:23:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Application Data\Intuit
[2009/04/24 23:23:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Application Data\Identities
[2009/04/24 23:23:27 | 00,000,000 | --SD | C] -- C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files
[2009/04/24 23:23:27 | 00,000,000 | --SD | C] -- C:\Documents and Settings\Compaq_Owner\Local Settings\History
[2009/04/24 23:23:27 | 00,000,000 | --SD | C] -- C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft
[2009/04/24 23:23:27 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Compaq_Owner\My Documents\My Videos
[2009/04/24 23:23:27 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Compaq_Owner\My Documents\My Pictures
[2009/04/24 23:23:27 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Compaq_Owner\My Documents\My Music
[2009/04/24 23:23:27 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data
[2009/04/24 23:23:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Local Settings\Temp
[2009/04/24 23:23:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Application Data\Symantec
[2009/04/24 23:23:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Application Data\Real
[2009/04/24 23:20:58 | 00,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2009/04/24 23:19:59 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\kbdhid.sys
[2009/04/24 23:19:53 | 00,009,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidusb.sys
[2009/04/24 23:18:50 | 00,000,000 | -HSD | C] -- C:\System Volume Information
[2009/04/24 21:49:43 | 00,000,247 | ---- | C] () -- C:\WINDOWS\System\hpsysdrv.dat
[2009/04/24 21:34:53 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2009/04/24 21:34:53 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2009/04/24 21:34:14 | 00,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2009/04/24 21:34:03 | 00,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2009/04/24 21:30:16 | 00,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2006/02/23 05:57:45 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/02/23 05:32:07 | 00,028,848 | ---- | C] () -- C:\WINDOWS\System32\drivers\USBkey.sys
[2006/02/23 05:26:19 | 00,012,994 | ---- | C] () -- C:\WINDOWS\System32\CHODDI.SYS
[2006/02/23 05:26:12 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpreg.dll
[2006/02/23 05:24:07 | 00,000,054 | ---- | C] () -- C:\WINDOWS\Quicken.ini
[2006/02/23 05:22:20 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/02/23 05:09:49 | 00,000,829 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2006/02/23 05:08:03 | 00,000,698 | ---- | C] () -- C:\WINDOWS\NSSetDefaultBrowser.ini
[2006/02/23 05:01:32 | 00,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2006/02/23 04:42:53 | 00,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2006/02/23 04:39:04 | 00,323,584 | ---- | C] () -- C:\WINDOWS\System32\pythoncom22.dll
[2006/02/23 04:39:04 | 00,094,208 | ---- | C] () -- C:\WINDOWS\System32\pywintypes22.dll
[2006/02/23 04:38:34 | 00,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2006/01/09 19:28:18 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/12/05 02:50:26 | 00,000,461 | ---- | C] () -- C:\WINDOWS\win.ini
[2005/12/04 18:44:02 | 00,000,231 | ---- | C] () -- C:\WINDOWS\system.ini
[2004/08/04 07:00:00 | 00,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2004/06/15 17:38:00 | 00,000,592 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[color=\"orange\"]========== Files - Modified Within 30 Days ==========[/color]
[71 C:\WINDOWS\System32\*.tmp files]
[2009/05/10 02:20:04 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\OTListIt2.exe
[2009/05/10 02:13:11 | 00,001,742 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\HijackThis.lnk
[2009/05/10 02:12:50 | 00,812,344 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Compaq_Owner\Desktop\HJTInstall.exe
[2009/05/10 02:01:00 | 00,000,274 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2009/05/10 00:42:23 | 00,001,630 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Trillian.lnk
[2009/05/10 00:41:24 | 00,000,247 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.dat
[2009/05/10 00:39:05 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/05/10 00:38:54 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\desktop.ini
[2009/05/10 00:38:49 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/05/10 00:38:41 | 26,828,34944 | -HS- | M] () -- C:\hiberfil.sys
[2009/05/08 04:13:02 | 00,003,270 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\dogface.jpg
[2009/05/08 00:27:37 | 00,441,690 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/05/08 00:27:37 | 00,382,022 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/05/08 00:27:37 | 00,053,640 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/05/06 04:08:40 | 00,161,136 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/05/06 03:15:39 | 00,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/05/05 13:07:02 | 00,000,829 | ---- | M] () -- C:\WINDOWS\WININIT.INI
[2009/05/05 13:06:57 | 00,059,526 | ---- | M] () -- C:\WINDOWS\System32\qvydvdnkkve.dll-uninst.exe
[2009/05/05 13:06:52 | 00,085,660 | ---- | M] () -- C:\WINDOWS\System32\b25fdfd0-9045-8457-b7b5-cf6678677652.exe
[2009/05/05 13:05:40 | 00,644,106 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\access.exe
[2009/05/05 02:06:55 | 00,001,594 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\LimeWire PRO 5.1.2.lnk
[2009/05/05 02:05:13 | 19,603,824 | ---- | M] (Lime Wire LLC) -- C:\Documents and Settings\Compaq_Owner\Desktop\LimeWireWin.exe
[2009/05/05 00:20:02 | 00,124,464 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2009/05/05 00:20:02 | 00,060,808 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2009/05/05 00:20:02 | 00,010,635 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2009/05/05 00:20:02 | 00,000,806 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2009/05/04 12:31:53 | 00,001,653 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\NETGEAR WG111v2 Smart Wizard.lnk
[2009/05/04 12:31:52 | 00,001,669 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WG111v2 Smart Wizard Wireless Setting.lnk
[2009/05/04 11:53:06 | 00,001,658 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\PartyPoker.lnk
[2009/05/04 09:00:48 | 00,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2009/05/04 08:58:46 | 00,001,610 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2009/05/02 05:39:34 | 00,000,562 | ---- | M] () -- C:\WINDOWS\tasks\Norton AntiVirus - Run Full System Scan - Compaq_Owner.job
[2009/04/29 10:46:48 | 00,566,272 | ---- | M] () -- C:\WINDOWS\System32\qvydvdnkkve.dll
[2009/04/29 10:43:30 | 00,686,080 | ---- | M] () -- C:\WINDOWS\System32\nsc2A4.dll
[2009/04/25 22:10:44 | 00,001,591 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\GTA San Andreas.lnk
[2009/04/25 16:31:34 | 00,107,888 | ---- | M] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll
[2009/04/25 16:18:48 | 00,000,461 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/04/25 16:14:57 | 00,000,281 | RHS- | M] () -- C:\boot. ini
[2009/04/25 15:58:27 | 00,001,933 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\The Simsâ„¢ 2 Apartment Life.lnk
[2009/04/25 15:36:51 | 00,001,879 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\The Simsâ„¢ 2 FreeTime.lnk
[2009/04/25 15:00:12 | 00,001,897 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\The Simsâ„¢ 2 Bon Voyage.lnk
[2009/04/25 14:46:05 | 00,001,845 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\The Simsâ„¢ 2 Seasons.lnk
[2009/04/25 14:30:49 | 00,001,818 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\The Sims 2 Pets.lnk
[2009/04/25 13:59:25 | 00,001,935 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\The Sims 2 Open For Business.lnk
[2009/04/25 13:53:06 | 00,001,863 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\The Sims 2 Nightlife.lnk
[2009/04/25 00:42:30 | 00,001,872 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\The Sims 2 University.lnk
[2009/04/25 00:33:42 | 00,001,748 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\The Sims 2.lnk
[2009/04/24 23:25:18 | 00,000,083 | -HS- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\desktop.ini
[2009/04/24 23:25:06 | 00,001,718 | RHS- | M] () -- C:\WINDOWS\System32\drivers\103C_HP_CPC_ER978AA-ABA SR1803WM NA620_YC_0Pres_QCNH613_E62NAhwREA1_48_IAGENA_SASUSTeK Computer INC._V1.02_B3.06_T051219_WXH2_L409_M1983_J80_7Intel_8Celeron_93.2_#060516_N10EC8
139_Z14F12F20_G10025A61.MRK
[2009/04/24 23:23:17 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/04/24 23:22:26 | 00,001,063 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2009/04/24 23:21:48 | 00,000,211 | RHS- | M] () -- C:\BOOT.BAK
[2009/04/24 23:20:14 | 00,000,231 | ---- | M] () -- C:\WINDOWS\system.ini
< End of report >
-
Close down all browser windows
Access your Add and Remove programs and uninstall the following
Ask.com Toolbar
Double click on OTListit2.exe to run it
Copy the contents of the paths below in Blue to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
[color=\"#0000FF\"]:OTLI
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www27.yoog.com/ (http://\"http://www27.yoog.com/\")
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Yoog Search"
FF - prefs.js..browser.search.defaulturl: "http://www27.yoog.com/search.php?q="
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Yoog Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www27.yoog.com/"
FF - prefs.js..keyword.URL: "http://www27.yoog.com/search.php?q="
FF - user.js..browser.startup.homepage: "http://www27.yoog.com/"
FF - user.js..browser.search.defaultenginename: "Yoog Search"
FF - user.js..browser.search.defaulturl: "http://www27.yoog.com/search.php?q="
FF - user.js..browser.search.selectedEngine: "Yoog Search"
FF - user.js..keyword.URL: "http://www27.yoog.com/search.php?q="
FF - user.js..keyword.enabled: true
O4 - HKLM..\Run: [Alcmtr] ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [] File not found
O2 - BHO: (trueads) - {dd92d5ec-5dd2-1177-dfd5-1a81fc8e41eb} - C:\WINDOWS\system32\nsc2A4.dll ()
O2 - BHO: (trueads search enhancer) - {F8CC401E-8311-D5FC-2A10-A077A4D27361} - C:\WINDOWS\system32\qvydvdnkkve.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {00000000-0000-0000-0000-000000000000} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Reg Error: Key error. File not found
:files
C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\FireFox\Profiles\s7lrimvx.default\searchplugins\Yoog Search.xml
C:\Program Files\Ask.com
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
C:\WINDOWS\System32\qvydvdnkkve.dll
C:\WINDOWS\System32\nsc2A4.dll
C:\WINDOWS\System32\qvydvdnkkve.dll-uninst.exe
C:\WINDOWS\System32\b25fdfd0-9045-8457-b7b5-cf6678677652.exe
C:\Program Files\mozilla firefox\components\qvydvdnkkve.dll
C:\Program Files\mozilla firefox\components\cee46b49-83cf-63b7-fc0a-64717a0fdd95.dll
:commands
[emptytemp]
[start explorer]
[Reboot][/color] - Return to OTListIt2, right click in the "Custom Scans/Fixes" window (under the light green bar) and choose Paste.
- Click the red Run Fix button.
- A fix log in Notepad will appear. Copy the contents of the fix log to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
- Close OTListIt2
If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.
Back in Windows
download Malwarebytes' Anti-Malware from Here (http://\"http://www.besttechie.net/tools/mbam-setup.exe\") or Here (http://\"http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html\")
Save the installer to desktop
Double Click mbam-setup.exe to install the application.- Make sure a checkmark is placed next to [color=\"#006400\"]Update Malwarebytes' Anti-Malware[/color] and [color=\"#006400\"]Launch Malwarebytes' Anti-Malware[/color], then click Finish.
- If an update is found, it will download and install the latest version.
- Once the program has loaded, select "Perform Quick Scan", then click Scan.
- When the scan is complete, click OK, then Show Results to view the results.
- Make sure that everything is checked, and click Remove Selected.
* When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
- The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
- Copy&Paste the entire report in your next reply
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.
Recap: Post the log from OTListit2
and the report from MBAM
Keep me informed how things are running please
Edit>>I may not see your response till later, I'm off to bed soon
-
Just in case you tried the script already with OTListit2 that I supplied above
And it froze at killing explorer
I've edited it, it should work fine now
-
[quote name=\'guestolo\' post=\'462317\' date=\'May 10 2009, 02:15 AM\']Just in case you tried the script already with OTListit2 that I supplied above
And it froze at killing explorer
I've edited it, it should work fine now[/quote]
Thanks. I sat there for ten minutes wondering how long it would take. Before, I run it again. I have another problem I believe is related: Contextual Trueads. It's a program (it came up on the list when I uninstalled Ask.com Toolbar) that seems to be popping up audio ads every so often while I'm browsing. It could be related to the Yoog thing. It might not be. I should remove that as well, I assume.
-
Yes, try and remove Contextual Application Trueads from Add and REmove programs also
If prompted for a verification code, type it in
If you can't type it in, try to copy/paste the code
If it won't uninstall, just carry on with the previous instructions
Take note: After rebooting the system, a copy of OTListit's log of what was cleaned/removed will be placed on desktop
It will be a text file with date of scan as it's name
-
Here are the logs:
========== OTLISTIT ==========
Process explorer.exe killed successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Prefs.js: "Ask.com" removed from browser.search.defaultengine
Prefs.js: "Yoog Search" removed from browser.search.defaultenginename
Prefs.js: "http://www27.yoog.com/search.php?q=" removed from browser.search.defaulturl
Prefs.js: "Ask.com" removed from browser.search.order.1
Prefs.js: "Yoog Search" removed from browser.search.selectedEngine
Prefs.js: true removed from browser.search.useDBForOrder
Prefs.js: "http://www27.yoog.com/" removed from browser.startup.homepage
Prefs.js: "http://www27.yoog.com/search.php?q=" removed from keyword.URL
C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\FireFox\Profiles\s7lrimvx.default\user.js moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Alcmtr deleted successfully.
C:\WINDOWS\ALCMTR.EXE moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{dd92d5ec-5dd2-1177-dfd5-1a81fc8e41eb}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{dd92d5ec-5dd2-1177-dfd5-1a81fc8e41eb}\ deleted successfully.
C:\WINDOWS\system32\nsc2A4.dll unregistered successfully.
C:\WINDOWS\system32\nsc2A4.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F8CC401E-8311-D5FC-2A10-A077A4D27361}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F8CC401E-8311-D5FC-2A10-A077A4D27361}\ deleted successfully.
C:\WINDOWS\system32\qvydvdnkkve.dll unregistered successfully.
C:\WINDOWS\system32\qvydvdnkkve.dll moved successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{00000000-0000-0000-0000-000000000000} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000000-0000-0000-0000-000000000000}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
========== FILES ==========
C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\FireFox\Profiles\s7lrimvx.default\searchplugins\Yoog Search.xml moved successfully.
File\Folder C:\Program Files\Ask.com not found.
File\Folder C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job not found.
File\Folder C:\WINDOWS\System32\qvydvdnkkve.dll not found.
File\Folder C:\WINDOWS\System32\nsc2A4.dll not found.
C:\WINDOWS\System32\qvydvdnkkve.dll-uninst.exe moved successfully.
C:\WINDOWS\System32\b25fdfd0-9045-8457-b7b5-cf6678677652.exe moved successfully.
LoadLibrary failed for C:\Program Files\mozilla firefox\components\qvydvdnkkve.dll
C:\Program Files\mozilla firefox\components\qvydvdnkkve.dll NOT unregistered.
C:\Program Files\mozilla firefox\components\qvydvdnkkve.dll moved successfully.
LoadLibrary failed for C:\Program Files\mozilla firefox\components\cee46b49-83cf-63b7-fc0a-64717a0fdd95.dll
C:\Program Files\mozilla firefox\components\cee46b49-83cf-63b7-fc0a-64717a0fdd95.dll NOT unregistered.
C:\Program Files\mozilla firefox\components\cee46b49-83cf-63b7-fc0a-64717a0fdd95.dll moved successfully.
========== COMMANDS ==========
User's Temp folder emptied.
User's Internet Explorer cache folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat scheduled to be deleted on reboot.
Local Service Temp folder emptied.
Local Service Temporary Internet Files folder emptied.
Network Service Temp folder emptied.
Network Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_2e8.dat scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
Temp folders emptied.
Explorer started successfully
OTListIt2 by OldTimer - Version 2.0.15.6 log created on 05102009_032309
Files moved on Reboot...
File C:\WINDOWS\temp\Perflib_Perfdata_2e8.dat not found!
Registry entries deleted on Reboot...
AND
Malwarebytes' Anti-Malware 1.36
Database version: 2102
Windows 5.1.2600 Service Pack 2
5/10/2009 3:33:56 AM
mbam-log-2009-05-10 (03-33-56).txt
Scan type: Quick Scan
Objects scanned: 72789
Time elapsed: 3 minute(s), 18 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 5
Registry Values Infected: 1
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 1
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CLASSES_ROOT\minibugtransporter.minibugtransporterx (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{3c2d2a1e-031f-4397-9614-87c932a848e0} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{04a38f6b-006f-4247-ba4c-02a139d5531c} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2b96d5cc-c5b5-49a5-a69d-cc0a30f9028c} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\minibugtransporter.minibugtransporterx.1 (Adware.Minibug) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\Program Files\Common Files\Real\WeatherBug\MiniBugTransporter.dll (Adware.Minibug) -> Quarantined and deleted successfully.
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Folders Infected:
(No malicious items detected)
Files Infected:
C:\Program Files\Common Files\Real\WeatherBug\MiniBugTransporter.dll (Adware.Minibug) -> Quarantined and deleted successfully.
-
Yoog has disappeared from my screen. I've yet to experience a Contextual Truead, but it has only been a few minutes, so we'll see. Now that we're done with my computer, could I trouble you to try to help me with my parents' computer? It's eaten up with viruses, spyware, and who knows what else. Do I need to post an entirely new thread?
-
We're not quite done yet with this computer, almost there
So yes please, start a new topic for your Parent's computer in the Tech Clinic section here
Include a Hijackthis log from it
I'll look at it first chance later when I get up
-
I do see an uninstall list from OTListIt2, but can I see a stripped down version please
supply an uninstall list from Hijackthis
Open Hijackthis>>Open MISC TOOLS SECTION>>Open UNINSTALL MANAGER
Click the SAVE LIST... button
Save the list to your desktop then copy>>Paste back here the Whole contents
-
Here's that list you asked for:
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 7.0
ATI Control Panel
ATI Display Driver
CC_ccProxyExt
ccCommon
ccPxyCore
Compaq Connections (remove only)
Customer Experience Enhancement
Data Fax SoftModem with SmartCP
GTA San Andreas
High Definition Audio Driver Package - KB888111
HijackThis 2.0.2
Hotfix for Windows XP (KB893357)
Hotfix for Windows XP (KB906569)
Hotfix for Windows XP (KB935448)
Hotfix for Windows XP (KB952287)
HP Boot Optimizer
HP Imaging Device Functions 6.0
HP Photosmart Premier Software 6.0
HP Rhapsody
HP Software Update
J2SE Runtime Environment 5.0 Update 5
Java(tm) 6 Update 11
LimeWire PRO 5.1.2
LiveUpdate 3.0 (Symantec Corporation)
LiveUpdate Notice (Symantec Corporation)
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft Money 2006
Microsoft Works
Mozilla Firefox (3.0.10)
MSRedist
MSXML 4.0 SP2 (KB954430)
Norton AntiSpam
Norton AntiVirus 2006
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security 2006 (Symantec Corporation)
Norton Protection Center
Norton WMI Update
Norton WMI Update
PartyPoker
PC-Doctor 5 for Windows
Python 2.2 pywin32 extensions (build 203)
Python 2.2.3
Quicken 2006
RealPlayer
Realtek High Definition Audio Driver
Search Assistant Trueads
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905915)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB944338-v2)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB963027)
Sonic Express Labeler
Sonic RecordNow Audio
Sonic RecordNow Copy
Sonic RecordNow Data
Sonic Update Manager
SPBBC
The Sims 2
The Sims 2 Nightlife
The Sims 2 Open For Business
The Sims 2 Pets
The Sims 2 University
The Simsâ„¢ 2 Apartment Life
The Simsâ„¢ 2 Bon Voyage
The Simsâ„¢ 2 FreeTime
The Simsâ„¢ 2 Seasons
Trillian
Update for Windows XP (KB898461)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
WG111v2 Configuration Utility
WildTangent Web Driver
Windows Installer 3.1 (KB893803)
Windows Media Format Runtime
Windows Media Player 10
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB883667
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888239
Windows XP Hotfix - KB890175
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB892050
Windows XP Hotfix - KB893066
-
Access your Add and Remove programs and uninstall the following
Adobe Reader 7.0
J2SE Runtime Environment 5.0 Update 5
Javaâ„¢ 6 Update 11
In addition, if you didn't intentionally install the next one, or if they were preinstalled on your computer, remove them also
PartyPoker
WildTangent Web Driver
Reboot the computer, after any, or all have been removed
Back in Windows
[color=\"blue\"]Updating Java:[/color]- Download the latest version of Java Runtime Environment (JRE) 6 (http://\"http://java.sun.com/javase/downloads/index.jsp\").
- Scroll down to where it says "JRE 6 Update 13".
- Click the "Download" button to the right.
- In the Window that opens, select Windows, beside PLATFORM:>>Check the "agree" box and click Continue.
- Click on the link to download Windows Offline Installation and save to your desktop.
- Then from your desktop double-click on jre-6u13-windows-i586-p.exe that you downloaded to install the newest version.
Delete the installer from desktop after successful installation
Let's update Adobe Reader
Go to the following link
http://get.adobe.com/reader/ (http://\"http://get.adobe.com/reader/\")
Untick any optional Toolbars or software when visiting the site and installing the software, unless you prefer to have them installed
But I suggest you only install the Reader itself
I strongly recommend that you add SpywareBlaster to your protection software
SpywareBlaster by JavaCool (http://\"http://www.javacoolsoftware.com/spywareblaster.html\")
At the link you can read more about it then continue with
Free Download on the right>>Continue Download at next page
Basically it *Will block bad ActiveX Controls
*Block Malevolent cookies in Internet Explorer and Firefox
*Restrict actions of potentially dangerous sites in Internet Explorer
Select Manual updating when installing
After installation, Check for updates
After updating, select "Protection Status" on the Left
Then select "Enable all Protection"
"Check for updates every couple of weeks"
after every update just simply click the "enable protection on all unprotected items"
or again, click on Protection Startus>>enable all protection
When the above is done, come back here and post a fresh Hijackthis log
let me know if you intend on updating your AntiVirus software and Firewall, or would you like to try a free solution
Having outdated AntiVirus software is not that safe on the Internet
-
I'm going to try to get to all that tomorrow hopefully. But I work long hours, so it probably won't happen until this weekend.
But, as for the antivirus problem....that will be updated along with everything else. I bought a copy of McAfee Total Protection 2009 last weekend. If you don't think that will suffice, the box is unopened, and I still have the receipt.
Now, about that firewall, I'm not too familiar with how I would update that. I've never fooled around with firewall settings really.
Also, I have a totally unrelated question (well, sort of...the topic is about this computer; I guess you could say it's related).
I bought a Mem card this weekend along with McAfee. Kingston 1GB. I had previously bought one exactly like it, and put it in. The computer recognizes that card, and worked well with it. However, this one....not so much. See, when I put this one in, I had to take out the original 512MB card that the computer came with. I replaced THAT card with the 1GB. The computer will boot up, and as you can see, I'm on it now. However, when I hit F1 at startup, and go into settings, the computer is still displaying 512 where the 1GB should be. This is confusing me. The 512 card is on my dresser right now. I plan to sell it. It's not in my computer. Why does my computer say that it is?
-
Oh, by the way. I ran a check at Crucial.com to see if the memory was compatible. It is.
However, Crucial is also telling me that the 512 MB card is in. What the...?!
-
I can actually get all that stuff done today. No work. So, I'll just follow the direcs you left, and post the needed info when I'm done.
-
Okay, I followed your instructions to the letter. Almost. I did not remove Party Poker. Is there any reason you suggested removal?
Here's the log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:10:03 PM, on 5/12/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\SiteAdvisor\6172\SAService.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\SiteAdvisor\6172\SiteAdv.exe
C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\NETGEAR\WG111v2 Configuration Utility\RtlWake.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\NETGEAR\WG111v2 Configuration Utility\RtWLan.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop (http://\"http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q106&bd=presario&pf=desktop\")
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop (http://\"http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=presario&pf=desktop\")
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop (http://\"http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=presario&pf=desktop\")
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop (http://\"http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=presario&pf=desktop\")
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop (http://\"http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q106&bd=presario&pf=desktop\")
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop (http://\"http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=presario&pf=desktop\")
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop (http://\"http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=presario&pf=desktop\")
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop (http://\"http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=presario&pf=desktop\")
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop (http://\"http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q106&bd=presario&pf=desktop\")
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop (http://\"http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=presario&pf=desktop\")
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop (http://\"http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q106&bd=presario&pf=desktop\")
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6172\SiteAdv.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6172\SiteAdv.dll
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [ALCMTR] ALCMTR.EXE
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6172\SiteAdv.exe
O4 - HKLM\..\Run: [McAfee Backup] C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe
O4 - HKLM\..\Run: [MBkLogOnHook] C:\Program Files\McAfee\MBK\LogOnHook.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - Global Startup: WG111v2 Smart Wizard Wireless Setting.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: McAfee Application Installer Cleanup (0010811242153837) (0010811242153837mcinstcleanup) - McAfee, Inc. - C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\001081~1.EXE
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: SiteAdvisor Service - Unknown owner - C:\Program Files\SiteAdvisor\6172\SAService.exe
--
End of file - 8721 bytes
-
sorry if i post in the wrong place. i am also a yoog victim and need help please.
-
Ahem. Any news as to what I can do?
-
I asked about Party Poker, because, as I said earlier, it Sometimes gets installed without user consent
It you want to keep it, keep it?
In addition, if you didn't intentionally install the next one, or if they were preinstalled on your computer, remove them also
PartyPoker
About the Ram, can you run the scan at crucial, and link me to the results
The URL address please
In addition, what is the Exact Make/model of your computer?
-
[quote name=\'guestolo\' post=\'462440\' date=\'May 13 2009, 09:23 PM\']I asked about Party Poker, because, as I said earlier, it Sometimes gets installed without user consent
It you want to keep it, keep it?
About the Ram, can you run the scan at crucial, and link me to the results
The URL address please
In addition, what is the Exact Make/model of your computer?[/quote]
http://www.crucial.com/systemscanner/views...E4AA8F531D926C3 (http://\"http://www.crucial.com/systemscanner/viewscanbyid.aspx?id=5E4AA8F531D926C3\")
That should show the results for the RAM test on my computer.
My computer is a HP Compaq Presario SR1803WM. It was purchased in May 2006.
-
I am not sure if I am not posting in the right area. I have left several post in different yoog forums and have not had a response yet. I have yoog on my computer
-
Sona, I posted to the following topic started by you
http://www.thetechguide.com/forum/index.php?showtopic=81629 (http://\"http://www.thetechguide.com/forum/index.php?showtopic=81629\")
Please, only stick to that topic, don't start any new ones, I replied earlier, supply the info from OTListIt2 I asked for please
kerri191, you said the following
I had previously bought one exactly like it, and put it in. The computer recognizes that card, and worked well with it.
that tells me you bought Exactly the memory you bought earlier, but you did buy them at different times
Are you sure they are EXACTLY the same Memory modules?
Take into consideration timing and Dual and Single sided << this is very important
Pull out both sticks, take a look at both, are they Exactly the same
Put the one being recognized as 512 into the computer by itself and boot up, ensure to put it into the slot of the 1 gb module, is it still being recognized as 512 now?