WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. Join 93084 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!

Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

[Resolved] on/off then serious error!

Started by andrew2009 , Nov 16 2009 09:44 PM

This topic is locked

59 replies to this topic

#16 andrew2009

Authentic Member

Authentic Member
42 posts

Posted 23 November 2009 - 09:16 PM

seclogon.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher secpol.msc 2/27/2006 2:5.1 Signed NT5INF.CAT Microsoft Windows Component Publisher secupd.dat 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher secupd.sig 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher secur32(3).dll 2/3/2009 2:5.1 Signed KB959426.cat Microsoft Windows Component Publisher secur32.dll 6/25/2009 2:5.1 Signed KB968389.cat Microsoft Windows Component Publisher security.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher sendcmsg.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher sendmail.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher sens.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher sensapi.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher senscfg.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher serialui.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher servdeps.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher services.exe 2/6/2009 2:5.1 Signed KB956572.cat Microsoft Windows Component Publisher services.msc 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher serwvdrv.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher sessmgr.exe 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher sethc.exe 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher setup.bmp 2/27/2006 2:5.1 Signed NT5INF.CAT Microsoft Windows Component Publisher setup.exe 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher setupapi.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher setupdll.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher setver.exe 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher sfc.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher sfc.exe 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher sfcfiles.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher sfc_os.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher sfmapi.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher shadow.exe 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher share.exe 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher shdoclc.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher shdocvw.dll 9/25/2009 2:5.1 Signed KB974455.cat Microsoft Windows Component Publisher shell.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher shell32.dll 7/3/2008 2:5.1 Signed KB967715.cat Microsoft Windows Component Publisher shellstyle.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher shellvrtf.dll 9/20/2002 1.0.0.1 Not Signed N/A shellvrtf64.dll 10/10/2005 1.1.0.4 Not Signed N/A shfolder.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher shgina.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher shiftjis.uce 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher shimeng.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher shimgvw.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher shlwapi.dll 9/25/2009 2:5.1 Signed KB974455.cat Microsoft Windows Component Publisher shmedia.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher shmgrate.exe 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher shrpubw.exe 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher shscrap.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher shsvcs.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher shutdown.exe 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher sigtab.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher sigverif.exe 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher simpdata.tlb 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher sipr3260.dll 12/10/2002 6.0.7.3922 Not Signed N/A sisbkup.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher skdll.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher skeys.exe 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher slayerxp.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher slbcsp.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher slbiop.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher slbrccsp.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher sl_anet.acm 2/27/2006 2:5.1 Signed NT5INF.CAT Microsoft Windows Component Publisher smbinst.exe 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher smlogcfg.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher smlogsvc.exe 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher smss.exe 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher sndrec32.exe 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher sndvol32.exe 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher snmpapi.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher snmpsnap.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher softpub.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher sol.exe 2/27/2006 2:5.1 Signed NT5INF.CAT Microsoft Windows Component Publisher sort.exe 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher sortkey.nls 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher sorttbls.nls 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher sound.drv 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher spider.exe 2/27/2006 2:5.1 Signed NT5INF.CAT Microsoft Windows Component Publisher spiisupd.exe 2/27/2006 2:5.1 Signed NT5INF.CAT Microsoft Windows Component Publisher splitter.ax 1/10/2009 1.9.42.1 Not Signed N/A spmsg.dll 7/8/2008 None Signed N/A Microsoft Corporation spmsg2.dll 6/29/2006 None Signed N/A Microsoft Corporation spnike.dll 2/27/2006 2:5.1 Signed NT5INF.CAT Microsoft Windows Component Publisher spnpinst.exe 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher spoolss.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher spoolsv.exe 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher sporder.dll 9/11/2006 4.0.1381.1 Not Signed N/A sporder.exe 9/6/2006 4.0.1381.1 Not Signed N/A sprestrt.exe 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher sprio600.dll 2/27/2006 2:5.1 Signed NT5INF.CAT Microsoft Windows Component Publisher sprio800.dll 2/27/2006 2:5.1 Signed NT5INF.CAT Microsoft Windows Component Publisher spupdsvc.exe 7/27/2007 None Signed N/A Microsoft Corporation spxcoins.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher sqlctr90.dll 11/24/2008 None Signed N/A Microsoft Corporation sqlncli.chm 6/14/2006 None Not Signed N/A sqlncli.dll 11/24/2008 None Signed N/A Microsoft Corporation sqlnclir.rll 10/14/2005 None Signed N/A Microsoft Corporation sqlservermanager.msc 7/27/2005 None Not Signed N/A sqlsodbc.chm 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher sqlsrv32.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher sqlsrv32.rll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher sqlunirl.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher sqlwid.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher sqlwoa.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher srclient.dll 2/27/2006 2:5.1 Signed NT5INF.CAT Microsoft Windows Component Publisher srecorder.dll 7/14/2009 None Not Signed N/A srrstr.dll 2/27/2006 2:5.1 Signed NT5INF.CAT Microsoft Windows Component Publisher srsvc.dll 2/27/2006 2:5.1 Signed NT5INF.CAT Microsoft Windows Component Publisher srvsvc.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher ss3dfo.scr 2/27/2006 2:5.1 Signed NT5INF.CAT Microsoft Windows Component Publisher ssbezier.scr 2/27/2006 2:5.1 Signed NT5INF.CAT Microsoft Windows Component Publisher ssdpapi.dll 2/27/2006 2:5.1 Signed NT5INF.CAT Microsoft Windows Component Publisher ssdpsrv.dll 2/27/2006 2:5.1 Signed NT5INF.CAT Microsoft Windows Component Publisher ssflwbox.scr 2/27/2006 2:5.1 Signed NT5INF.CAT Microsoft Windows Component Publisher ssldivx.dll 11/6/2008 0.9.8.2 Not Signed N/A ssmarque.scr 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher ssmypics.scr 2/27/2006 2:5.1 Signed NT5INF.CAT Microsoft Windows Component Publisher ssmyst.scr 2/27/2006 2:5.1 Signed NT5INF.CAT Microsoft Windows Component Publisher sspipes.scr 2/27/2006 2:5.1 Signed NT5INF.CAT Microsoft Windows Component Publisher ssstars.scr 2/27/2006 2:5.1 Signed NT5INF.CAT Microsoft Windows Component Publisher sstext3d.scr 2/27/2006 2:5.1 Signed NT5INF.CAT Microsoft Windows Component Publisher stclient.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher stdole2.tlb 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher stdole32.tlb 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher sti.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher stimon.exe 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher sti_ci.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher stobject.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher storage.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher storprop.dll 8/3/2004 2:5.1 Signed NT5.CAT Microsoft Windows Publisher streamci.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher strmdll.dll 8/26/2009 2:5.1 Signed KB974112.cat Microsoft Windows Component Publisher strmfilt.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher subrange.uce 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher subst.exe 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher svchost.exe 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher svcpack.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher swprv.dll 2/27/2006 2:5.1 Signed NT5INF.CAT Microsoft Windows Component Publisher sxs.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher syncapp.exe 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher synceng.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher syncui.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher sysdm.cpl 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher sysedit.exe 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher sysinv.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher syskey.exe 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher sysmon.ocx 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher sysocmgr.exe 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher sysprint.sep 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher sysprtj.sep 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher syssetup.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher system.drv 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher systeminfo.exe 2/27/2006 2:5.1 Signed NT5INF.CAT Microsoft Windows Component Publisher systray.exe 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher t2embed.dll 6/16/2009 2:5.1 Signed KB961371.cat Microsoft Windows Component Publisher tapi.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher tapi3.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher tapi32.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher tapiperf.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher tapisrv.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher tapiui.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher taskkill.exe 2/27/2006 2:5.1 Signed NT5INF.CAT Microsoft Windows Component Publisher tasklist.exe 2/27/2006 2:5.1 Signed NT5INF.CAT Microsoft Windows Component Publisher taskman.exe 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher taskmgr.exe 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher tcmsetup.exe 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher tcpmib.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher tcpmon.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher tcpmon.ini 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher tcpmonui.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher tcpsvcs.exe 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher tdc.ocx 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher telephon.cpl 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher telnet.exe 6/12/2009 2:5.1 Signed KB960859.cat Microsoft Windows Component Publisher termcap 2/27/2006 2:5.1 Signed NT5INF.CAT Microsoft Windows Component Publisher termmgr.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher termsrv.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher tftp.exe 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher themeui.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher timedate.cpl 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher timer.drv 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher tlntadmn.exe 2/27/2006 2:5.1 Signed NT5INF.CAT Microsoft Windows Component Publisher tlntsess.exe 6/12/2009 2:5.1 Signed KB960859.cat Microsoft Windows Component Publisher tlntsvr.exe 2/27/2006 2:5.1 Signed NT5INF.CAT Microsoft Windows Component Publisher tlntsvrp.dll 2/27/2006 2:5.1 Signed NT5INF.CAT Microsoft Windows Component Publisher tomsmocomp_ff.dll 4/21/2009 None Not Signed N/A toolhelp.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher tourstart.exe 2/27/2006 2:5.1 Signed NT5INF.CAT Microsoft Windows Component Publisher tracerpt.exe 2/27/2006 2:5.1 Signed NT5INF.CAT Microsoft Windows Component Publisher tracert.exe 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher tracert6.exe 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher traffic.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher tree.com 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher trkwks.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher ts.dll 1/10/2009 None Not Signed N/A tsappcmp.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher tsbyuv.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher tscfgwmi.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher tscon.exe 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher tscupgrd.exe 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher tsd32.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher tsddd.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher tsdiscon.exe 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher tskill.exe 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher tslabels.h 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher tslabels.ini 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher tsshutdn.exe 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher tssoft32.acm 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher twext.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher txflog.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher typelib.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher typeperf.exe 2/27/2006 2:5.1 Signed NT5INF.CAT Microsoft Windows Component Publisher tzchange.exe 7/14/2009 2:5.1 Signed KB970653-v3.cat Microsoft Windows Component Publisher tzlog.log 11/16/2009 None Not Signed N/A udhisapi.dll 2/27/2006 2:5.1 Signed NT5INF.CAT Microsoft Windows Component Publisher ufat.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher uiautomationcore.dll 10/20/2006 None Signed N/A Microsoft Corporation ulib.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher umandlg.dll 10/4/2006 2:5.1 Signed sp3_uber.cat Microsoft Windows Component Publisher umdmxfrm.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher umpnpmgr.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher unicode.nls 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher unicows.dll 1/7/2004 None Signed N/A Microsoft Corporation unimdm.tsp 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher unimdmat.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher uniplat.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher unlodctr.exe 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher untfs.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher upnp.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher upnpcont.exe 2/27/2006 2:5.1 Signed NT5INF.CAT Microsoft Windows Component Publisher upnphost.dll 2/27/2006 2:5.1 Signed NT5INF.CAT Microsoft Windows Component Publisher upnpui.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher ups.exe 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher ureg.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher url.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher urlmon.dll 9/25/2009 2:5.1 Signed KB974455.cat Microsoft Windows Component Publisher usbmon.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher usbui.dll 8/4/2004 2:5.1 Signed NT5.CAT Microsoft Windows Publisher user.exe 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher user32.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher userenv.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher userinit.exe 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher usp10.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher usrcntra.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher usrcoina.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher usrdpa.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher usrdtea.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher usrfaxa.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher usrlbva.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher usrlogon.cmd 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher usrmlnka.exe 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher usrprbda.exe 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher usrrtosa.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher usrsdpia.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher usrshuta.exe 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher usrsvpia.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher usrv42a.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher usrv80a.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher usrvoica.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher usrvpa.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher utildll.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher utilman.exe 10/4/2006 2:5.1 Signed sp3_uber.cat Microsoft Windows Component Publisher uxtheme.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher v7vga.rom 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher vbaen32.olb 3/24/1998 2.0.0.5215 Not Signed N/A vbaend32.olb 3/24/1998 2.0.0.5610 Not Signed N/A vbajet32.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher vbame.dll 7/24/2006 None Signed N/A Microsoft Corporation vbicodec.ax 2/27/2006 2:5.1 Signed NT5INF.CAT Microsoft Windows Component Publisher vbisurf.ax 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher vbscript.dll 12/18/2007 2:5.1 Signed sp3_uber.cat Microsoft Windows Component Publisher vc80crtredist.msi 11/6/2008 None Signed N/A DivX, Inc. vcdex.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher vdmdbg.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher vdmredir.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher ven2232.olb 12/3/1996 2.0.0.5924 Not Signed N/A ver.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher verifier.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher verifier.exe 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher version.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher vfpodbc.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher vga.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher vga.drv 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher vga256.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher vga64k.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher view channels.scf 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher vjoy.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher vp6dec.ax 12/10/2004 6.4.2.0 Not Signed N/A vp6dec_settings.cpl 2/17/2004 None Not Signed N/A vp6vfw.dll 12/10/2004 6.4.2.0 Not Signed N/A vp7dec.ax 7/26/2005 7.0.8.0 Not Signed N/A vp7dec_settings.cpl 7/26/2005 None Not Signed N/A vp7vfw.dll 5/11/2006 7.0.8.0 Not Signed N/A vsfilter.dll 8/26/2008 1.0.1.5 Not Signed N/A vssadmin.exe 2/27/2006 2:5.1 Signed NT5INF.CAT Microsoft Windows Component Publisher vssapi.dll 2/27/2006 2:5.1 Signed NT5INF.CAT Microsoft Windows Component Publisher vssvc.exe 2/27/2006 2:5.1 Signed NT5INF.CAT Microsoft Windows Component Publisher vss_ps.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher vwipxspx.dll 2/27/2006 2:5.1 Signed NT5INF.CAT Microsoft Windows Component Publisher vwipxspx.exe 2/27/2006 2:5.1 Signed NT5INF.CAT Microsoft Windows Component Publisher w32time.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher w32tm.exe 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher w32topl.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher w3ssl.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher watchdog.sys 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher wavemsp.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher wbcache.deu 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher wbcache.enu 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher wbcache.esn 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher wbcache.fra 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher wbcache.ita 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher wbcache.nld 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher wbcache.sve 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher wbdbase.deu 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher wbdbase.enu 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher wbdbase.esn 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher wbdbase.fra 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher wbdbase.ita 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher wbdbase.nld 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher wbdbase.sve 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher wdigest(3).dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher wdigest.dll 6/25/2009 2:5.1 Signed KB968389.cat Microsoft Windows Component Publisher wdl.trm 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher wdmaud.drv 8/4/2004 2:5.1 Signed NT5.CAT Microsoft Windows Publisher webcheck.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher webclnt.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher webfldrs.msi 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher webhits.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher webvw.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher wextract.exe 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher wfwnet.drv 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher wgalogon.dll 3/10/2009 None Signed N/A Microsoft Corporation wgatray.exe 3/10/2009 None Signed N/A Microsoft Corporation wiaacmgr.exe 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher wiadefui.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher wiadss.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher wiascr.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher wiaservc.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher wiasf.ax 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher wiashext.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher wiavideo.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher wiavusd.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher wifeman.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher win.com 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher win32k.sys 8/14/2009 2:5.1 Signed KB969947.cat Microsoft Windows Component Publisher win32spl.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher win87em.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher winbrand.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher winchat.exe 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher windowscodecs.dll 10/24/2006 2:5.1,2:5.2 Signed WIC.cat Microsoft Windows windowscodecsext.dll 10/24/2006 2:5.1,2:5.2 Signed WIC.cat Microsoft Windows windowslogon.manifes 4/25/2006 None Not Signed N/A winfax.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher winhelp.hlp 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher winhlp32.exe 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher winhttp.dll 12/16/2008 2:5.1 Signed KB960803.cat Microsoft Windows Component Publisher wininet.dll 9/25/2009 2:5.1 Signed KB974455.cat Microsoft Windows Component Publisher winipsec.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher winlogon.exe 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher winmine.exe 2/27/2006 2:5.1 Signed NT5INF.CAT Microsoft Windows Component Publisher winmm.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher winmsd.exe 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher winnls.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher winntbbu.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher winoldap.mod 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher winrnr.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher winscard.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher winshfhc.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher winsock.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher winspool.drv 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher winspool.exe 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher winsrv.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher winsta.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher winstrm.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher wintrust.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher winver.exe 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher wisptis.exe 10/26/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher wkssvc.dll 6/10/2009 2:5.1 Signed KB971657.cat Microsoft Windows Component Publisher wldap32.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher wlnotify.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher wmadmod.dll 2/27/2006 2:5.1 Signed NT5INF.CAT Microsoft Windows Component Publisher wmadmoe.dll 2/27/2006 2:5.1 Signed NT5INF.CAT Microsoft Windows Component Publisher wmasf.dll 2/27/2006 2:5.1 Signed NT5INF.CAT Microsoft Windows Component Publisher wmdmlog.dll 2/27/2006 2:5.1 Signed NT5INF.CAT Microsoft Windows Component Publisher wmdmps.dll 2/27/2006 2:5.1 Signed NT5INF.CAT Microsoft Windows Component Publisher wmerrenu.dll 2/27/2006 2:5.1 Signed NT5INF.CAT Microsoft Windows Component Publisher wmerror.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher wmi.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher wmidx.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher wmimgmt.msc 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher wmiprop.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher wmiscmgr.dll 2/27/2006 2:5.1 Signed NT5INF.CAT Microsoft Windows Component Publisher wmnetmgr.dll 6/10/2008 2:5.1 Signed KB952069.cat Microsoft Windows Component Publisher wmp.dll 7/13/2009 2:5.1 Signed KB973540.cat Microsoft Windows Component Publisher wmp.ocx 2/27/2006 2:5.1 Signed NT5INF.CAT Microsoft Windows Component Publisher wmpasf.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher wmpcd.dll 2/27/2006 2:5.1 Signed NT5INF.CAT Microsoft Windows Component Publisher wmpcore.dll 2/27/2006 2:5.1 Signed NT5INF.CAT Microsoft Windows Component Publisher wmpdxm.dll 7/13/2009 2:5.1 Signed KB973540.cat Microsoft Windows Component Publisher wmphoto.dll 10/24/2006 2:5.1,2:5.2 Signed WIC.cat Microsoft Windows wmploc.dll 2/27/2006 2:5.1 Signed NT5INF.CAT Microsoft Windows Component Publisher wmpns.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher wmpshell.dll 2/27/2006 2:5.1 Signed NT5INF.CAT Microsoft Windows Component Publisher wmpui.dll 2/27/2006 2:5.1 Signed NT5INF.CAT Microsoft Windows Component Publisher wmsdmod.dll 2/27/2006 2:5.1 Signed NT5INF.CAT Microsoft Windows Component Publisher wmsdmoe.dll 2/27/2006 2:5.1 Signed NT5INF.CAT Microsoft Windows Component Publisher wmsdmoe2.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher wmspdmod.dll 4/3/2009 2:5.1 Signed KB954155.cat Microsoft Windows Component Publisher wmspdmoe.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher wmstream.dll 2/27/2006 2:5.1 Signed NT5INF.CAT Microsoft Windows Component Publisher wmv8ds32.ax 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher wmvcore.dll 5/26/2009 2:5.1 Signed KB968816.cat Microsoft Windows Component Publisher wmvdmod.dll 2/27/2006 2:5.1 Signed NT5INF.CAT Microsoft Windows Component Publisher wmvdmoe2.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher wmvds32.ax 2/27/2006 2:5.1 Signed NT5INF.CAT Microsoft Windows Component Publisher wow32.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher wowdeb.exe 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher wowexec.exe 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher wowfax.dll 2/27/2006 2:5.0,2:5.1 Signed NTPRINT.CAT Microsoft Windows Publisher wowfaxui.dll 2/27/2006 2:5.0,2:5.1 Signed NTPRINT.CAT Microsoft Windows Publisher wpa.dbl 11/23/2009 None Not Signed N/A wpabaln.exe 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher wpnpinst.exe 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher write.exe 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher ws2help.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher ws2_32.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher wscntfy.exe 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher wscript.exe 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher wscsvc.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher wscui.cpl 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher wsecedit.dll 2/27/2006 2:5.1 Signed NT5INF.CAT Microsoft Windows Component Publisher wshatm.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher wshbth.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher wshcon.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher wshext.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher wship6.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher wshisn.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher wshnetbs.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher wshom.ocx 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher wshrm.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher wshtcpip.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher wsnmp32.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher wsock32.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher wstdecod.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher wstpager.ax 2/27/2006 2:5.1 Signed NT5INF.CAT Microsoft Windows Component Publisher wstrenderer.ax 2/27/2006 2:5.1 Signed NT5INF.CAT Microsoft Windows Component Publisher wtsapi32.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher wuapi.dll 8/6/2009 2:5.0,2:5.1,2:5.2 Signed oem15.CAT Microsoft Windows Component Publisher wuapi.dll.mui 8/6/2009 2:5.0,2:5.1,2:5.2 Signed oem15.CAT Microsoft Windows Component Publisher wuauclt.exe 8/6/2009 2:5.0,2:5.1,2:5.2 Signed oem15.CAT Microsoft Windows Component Publisher wuauclt1.exe 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher wuaucpl.cpl 8/6/2009 2:5.0,2:5.1,2:5.2 Signed oem15.CAT Microsoft Windows Component Publisher wuaucpl.cpl.manifest 4/25/2006 None Not Signed N/A wuaucpl.cpl.mui 8/6/2009 2:5.0,2:5.1,2:5.2 Signed oem15.CAT Microsoft Windows Component Publisher wuaueng.dll 8/6/2009 2:5.0,2:5.1,2:5.2 Signed oem15.CAT Microsoft Windows Component Publisher wuaueng.dll.mui 8/6/2009 None Signed N/A Microsoft Windows Component Publisher wuaueng1.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher wuauserv.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher wucltui.dll 8/6/2009 2:5.0,2:5.1,2:5.2 Signed oem15.CAT Microsoft Windows Component Publisher wucltui.dll.mui 8/6/2009 2:5.0,2:5.1,2:5.2 Signed oem15.CAT Microsoft Windows Component Publisher wupdmgr.exe 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher wups.dll 8/6/2009 2:5.0,2:5.1,2:5.2 Signed oem15.CAT Microsoft Windows Component Publisher wups2.dll 8/6/2009 2:5.0,2:5.1,2:5.2 Signed oem15.CAT Microsoft Windows Component Publisher wuweb.dll 8/6/2009 2:5.0,2:5.1,2:5.2 Signed oem15.CAT Microsoft Windows Component Publisher wvc1dmod.dll 5/20/2006 None Signed N/A Microsoft Corporation wwsecure.exe 4/20/2005 6.0.1.2 Not Signed N/A wxbase28u_net_vc_cw. 6/8/2009 2.8.7.0 Not Signed N/A wxbase28u_vc_cw.dll 6/8/2009 2.8.7.0 Not Signed N/A wxbase28u_xml_vc_cw. 6/8/2009 2.8.7.0 Not Signed N/A wxcode_msw28u_wxcurl 6/8/2009 None Not Signed N/A wxcode_msw28u_wxjson 6/8/2009 None Not Signed N/A wxie.dll 6/8/2009 None Signed N/A ContentWatch wxmsw28u_adv_vc_cw.d 6/8/2009 2.8.7.0 Not Signed N/A wxmsw28u_core_vc_cw. 6/8/2009 2.8.7.0 Not Signed N/A wxmsw28u_html_vc_cw. 6/8/2009 2.8.7.0 Not Signed N/A wxmsw28u_media_vc_cw 6/8/2009 2.8.7.0 Not Signed N/A wxmsw28u_xrc_vc_cw.d 6/8/2009 2.8.7.0 Not Signed N/A wzcdlg.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher wzcsapi.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher wzcsvc.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher xactsrv.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher xcdsrc.ax 5/21/2002 8.1.0.0 Not Signed N/A xcopy.exe 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher xenroll.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher xmlprov.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher xmlprovi.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher xolehlp.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher xpob2res.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher xpsp1res.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher xpsp2res.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher xpsp3res.dll 9/18/2009 2:5.1 Signed KB974455.cat Microsoft Windows Component Publisher xpsshhdr.dll 10/14/2006 None Signed N/A Microsoft Corporation xpssvcs.dll 10/14/2006 None Signed N/A Microsoft Corporation xvidcore.dll 11/1/2006 None Not Signed N/A xvidvfw.dll 11/1/2006 None Not Signed N/A zipfldr.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher _000003_.tmp.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher _000005_.tmp.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher _000110_.tmp.dll 2/27/2006 2:5.1 Signed NT5.CAT Microsoft Windows Publisher Unscanned Files: ------------------ [c:\windows\system32] h323log.txt

Advertisements

Register to Remove

#17 OCD

SuperHelper

Malware Team
5,574 posts

Posted 24 November 2009 - 06:16 AM

Hi andrew2009,

Download OTL to your Desktop

Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
When the window appears, underneath Output at the top change it to Minimal Output.
Check the boxes beside LOP Check and Purity Check.
Under the Custom Scan box paste this in

netsvcs
%SYSTEMDRIVE%\*.exe
%SYSTEMDRIVE%\eventlog.dll /s /md5
%SYSTEMDRIVE%\scecli.dll /s /md5
%SYSTEMDRIVE%\netlogon.dll /s /md5
%SYSTEMDRIVE%\cngaudit.dll /s /md5
%SYSTEMDRIVE%\sceclt.dll /s /md5
%SYSTEMDRIVE%\ntelogon.dll /s /md5
%SYSTEMDRIVE%\logevent.dll /s /md5
%SYSTEMDRIVE%\iaStor.sys /s /md5
%SYSTEMDRIVE%\nvstor.sys /s /md5
%SYSTEMDRIVE%\atapi.sys /s /md5
%SYSTEMDRIVE%\IdeChnDr.sys /s /md5
%SYSTEMDRIVE%\viasraid.sys /s /md5
%SYSTEMDRIVE%\AGP440.sys /s /md5
%SYSTEMDRIVE%\vaxscsi.sys /s /md5
%SYSTEMDRIVE%\nvatabus.sys /s /md5
%SYSTEMDRIVE%\viamraid.sys /s /md5
%SYSTEMDRIVE%\nvata.sys /s /md5
%SYSTEMDRIVE%\nvgts.sys /s /md5
%SYSTEMDRIVE%\iastorv.sys /s /md5
%SYSTEMDRIVE%\ViPrt.sys /s /md5
CREATERESTOREPOINT
Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them if you need to start a new topic.

OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days

If you are satisfied with the help you have received, please consider making a donation.

#18 andrew2009

Authentic Member

Authentic Member
42 posts

Posted 24 November 2009 - 10:20 PM

hi OCD here are the logs..

OTL logfile created on: 11/24/2009 10:57:55 PM - Run 1
OTL by OldTimer - Version 3.1.8.0 Folder = K:\
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.97 Gb Total Physical Memory | 1.74 Gb Available Physical Memory | 88.37% Memory free
3.82 Gb Paging File | 3.76 Gb Available in Paging File | 98.48% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 137.03 Gb Total Space | 3.99 Gb Free Space | 2.91% Space Free | Partition Type: NTFS
Drive D: | 12.00 Gb Total Space | 1.20 Gb Free Space | 10.02% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive K: | 15.05 Gb Total Space | 7.12 Gb Free Space | 47.29% Space Free | Partition Type: FAT32

Computer Name: ROXSCOMPUTER
Current User Name: mom
Logged in as Administrator.

Current Boot Mode: SafeMode
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Minimal
Quick Scan

========== Processes (SafeList) ==========

PRC - K:\OTL.exe (OldTimer Tools)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)

========== Modules (SafeList) ==========

MOD - K:\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\system32\guard32.dll (COMODO)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\wbem\framedyn.dll (Microsoft Corporation)

========== Win32 Services (SafeList) ==========

SRV - (0308901243908944mcinstcleanup) McAfee Application Installer Cleanup (0308901243908944) -- File not found
SRV - (cmdAgent) -- C:\Documents and Settings\All Users\Comodo\COMODO Internet Security\cmdagent.exe (COMODO)
SRV - (Adobe LM Service) -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe (Adobe Systems)
SRV - (CwAltaService20) -- C:\Program Files\ContentWatch\Internet Protection\cwsvc.exe (ContentWatch, Inc.)
SRV - (SQLWriter) -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
SRV - (MSSQL$MSSMLBIZ) SQL Server (MSSMLBIZ) -- c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
SRV - (SQLBrowser) -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation)
SRV - (MSSQLServerADHelper) -- c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe (Microsoft Corporation)
SRV - (pdfcDispatcher) -- C:\Program Files\PDF Complete\pdfsvc.exe (PDF Complete Inc)
SRV - (BcmSqlStartupSvc) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation)
SRV - (IviRegMgr) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
SRV - (NetTcpPortSharing) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (idsvc) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (Microsoft Office Groove Audit Service) -- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe (Microsoft Corporation)
SRV - (odserv) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (ose) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (FontCache3.0.0.0) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (PCA) -- C:\WINDOWS\SMINST\PCAngel.exe (SoftThinks)
SRV - (helpsvc) -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (aspnet_state) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (wwSecSvc) -- C:\WINDOWS\system32\wwSecure.exe (Webroot Software, Inc.)
SRV - (NNSvc) -- C:\Program Files\Net Nanny\NNSvc.exe (Net Nanny Software International, Inc.)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...a...all&pf=cmdt
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft...amp;ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...a...all&pf=cmdt
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[2009/06/13 13:04:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\extensions
[2009/06/13 13:04:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}

O1 HOSTS File: (734 bytes) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Comodo VerificationEngine) - {A968A4B4-C492-4834-B651-17602C3885C8} - C:\Program Files\COMODO\VEngine\VEngineIE32.dll (Comodo CA Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (HopSurf toolbar) - {E9FAB13D-4600-49E1-90D1-EE961C859D39} - C:\Program Files\COMODO\HopSurfToolbar\HopSurfToolbar_IE.dll (Comodo Group, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Documents and Settings\All Users\Comodo\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [cwcptray] C:\Program Files\ContentWatch\Internet Protection\cwtray.exe (ContentWatch, Inc.)
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [HTV Agent] C:\Documents and Settings\mom\My Documents\HTV\HTV.exe File not found
O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [IObit Security 360] C:\Program Files\IObit\IObit Security 360\IStray.exe File not found
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [NNTray] C:\Program Files\Net Nanny\NNStart.exe (Net Nanny Software International, Inc.)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [Reminder] C:\WINDOWS\CREATOR\Remind_XP.exe ()
O4 - HKLM..\Run: [Scheduler] C:\WINDOWS\SMINST\Scheduler.exe ()
O4 - HKLM..\Run: [SetRefresh] C:\Program Files\Compaq\SetRefresh\SetRefresh.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [VEngine] C:\Program Files\COMODO\VEngine\VEngine.exe (Comodo CA Ltd.)
O4 - HKCU..\Run: [Advanced SystemCare 3] C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe File not found
O4 - HKCU..\Run: [Window Washer] C:\Program Files\Webroot\Washer\wwDisp.exe ()
O4 - Startup: C:\Documents and Settings\mom\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: HopSurf - {ED98F8D1-09AC-4107-B2FF-91DBE011B0C5} - C:\Program Files\COMODO\HopSurfToolbar\HopSurfToolbar_IE.dll (Comodo Group, Inc.)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\cwalsp.dll (ContentWatch, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\System32\cwalsp.dll (ContentWatch, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\System32\cwalsp.dll (ContentWatch, Inc.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1247615996718 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ash/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\WINDOWS\system32\guard32.dll) - C:\WINDOWS\system32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/04/30 19:01:00 | 00,000,053 | -HS- | M] () - D:\Autorun.inf -- [ NTFS ]
O33 - MountPoints2\D\Shell - "" = AutoRun
O33 - MountPoints2\D\Shell\AutoRun - "" = Auto&Play
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2009/04/22 00:23:39 | 00,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: helpsvc - C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll (Microsoft Corporation)

CREATERESTOREPOINT
Error starting restore point: The function was called in safe mode.
Error closing restore point: The sequence number is invalid.

========== Files/Folders - Created Within 14 Days ==========

[2009/11/20 18:44:47 | 00,000,000 | ---D | C] -- C:\9a716b050791dca3856780
[2009/11/20 18:44:41 | 00,000,000 | ---D | C] -- C:\c7732dfd45af8acb77a203b99d5adf3f
[2009/11/16 21:54:58 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/11/16 21:54:56 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/11/16 21:44:16 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/11/16 20:50:48 | 00,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2009/11/16 15:01:50 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/11/16 14:49:47 | 00,000,000 | ---D | C] -- C:\939f6a48f9d1aedd86f7fef5
[2009/07/23 21:10:10 | 00,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\mom\Application Data\pcouffin.sys
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[138 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 14 Days ==========

[2009/11/24 22:55:42 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/11/24 22:55:02 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/11/23 20:56:17 | 01,572,864 | ---- | M] () -- C:\Documents and Settings\mom\ntuser.dat
[2009/11/23 20:56:17 | 00,000,178 | -HS- | M] () -- C:\Documents and Settings\mom\ntuser.ini
[2009/11/23 15:37:54 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/11/23 15:32:19 | 01,930,896 | -H-- | M] () -- C:\Documents and Settings\mom\Local Settings\Application Data\IconCache.db
[2009/11/20 18:50:11 | 01,474,832 | ---- | M] () -- C:\WINDOWS\System32\drivers\sfi.dat
[2009/11/20 18:47:53 | 00,517,178 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/11/20 18:47:53 | 00,483,398 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/11/20 18:47:53 | 00,087,850 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/11/20 18:47:00 | 00,523,776 | ---- | M] () -- C:\Documents and Settings\mom\Desktop\dds.scr
[2009/11/20 18:25:36 | 00,271,784 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/11/16 22:56:17 | 00,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/11/16 22:54:11 | 00,000,422 | ---- | M] () -- C:\WINDOWS\System32\mapisvc.inf
[2009/11/16 21:55:00 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/11/16 21:44:16 | 00,001,734 | ---- | M] () -- C:\Documents and Settings\mom\Desktop\HijackThis.lnk
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[138 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2009/11/20 18:46:59 | 00,523,776 | ---- | C] () -- C:\Documents and Settings\mom\Desktop\dds.scr
[2009/11/16 21:55:00 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/11/16 21:44:16 | 00,001,734 | ---- | C] () -- C:\Documents and Settings\mom\Desktop\HijackThis.lnk
[2009/07/23 23:04:35 | 00,975,872 | ---- | C] () -- C:\WINDOWS\System32\libxml2_CW.dll
[2009/07/23 23:04:35 | 00,151,552 | ---- | C] () -- C:\WINDOWS\System32\libexpat.dll
[2009/07/23 23:04:34 | 00,991,232 | ---- | C] () -- C:\WINDOWS\System32\wxcode_msw28u_wxcurl_CW.dll
[2009/07/23 23:04:34 | 00,524,288 | ---- | C] () -- C:\WINDOWS\System32\wxmsw28u_xrc_vc_CW.dll
[2009/07/23 23:04:34 | 00,499,712 | ---- | C] () -- C:\WINDOWS\System32\wxmsw28u_html_vc_CW.dll
[2009/07/23 23:04:34 | 00,110,592 | ---- | C] () -- C:\WINDOWS\System32\wxmsw28u_media_vc_CW.dll
[2009/07/23 23:04:34 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\wxcode_msw28u_wxjson_CW.dll
[2009/07/23 23:04:33 | 02,904,064 | ---- | C] () -- C:\WINDOWS\System32\wxmsw28u_core_vc_CW.dll
[2009/07/23 23:04:33 | 01,232,896 | ---- | C] () -- C:\WINDOWS\System32\wxbase28u_vc_CW.dll
[2009/07/23 23:04:33 | 00,712,704 | ---- | C] () -- C:\WINDOWS\System32\wxmsw28u_adv_vc_CW.dll
[2009/07/23 23:04:33 | 00,135,168 | ---- | C] () -- C:\WINDOWS\System32\wxbase28u_xml_vc_CW.dll
[2009/07/23 23:04:33 | 00,135,168 | ---- | C] () -- C:\WINDOWS\System32\wxbase28u_net_vc_CW.dll
[2009/07/23 22:28:42 | 00,001,682 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2009/07/23 21:10:39 | 00,000,671 | ---- | C] () -- C:\Documents and Settings\mom\Application Data\vso_ts_preview.xml
[2009/07/23 21:10:20 | 00,000,074 | ---- | C] () -- C:\Documents and Settings\mom\Application Data\pcouffin.log
[2009/07/23 21:10:10 | 00,087,608 | ---- | C] () -- C:\Documents and Settings\mom\Application Data\inst.exe
[2009/07/23 21:10:10 | 00,007,887 | ---- | C] () -- C:\Documents and Settings\mom\Application Data\pcouffin.cat
[2009/07/23 21:10:10 | 00,001,144 | ---- | C] () -- C:\Documents and Settings\mom\Application Data\pcouffin.inf
[2009/07/14 18:12:26 | 00,000,002 | ---- | C] () -- C:\WINDOWS\System32\srecorder.dll
[2009/06/13 14:06:51 | 00,000,119 | ---- | C] () -- C:\WINDOWS\NNS.INI
[2009/06/01 22:15:02 | 01,930,896 | -H-- | C] () -- C:\Documents and Settings\mom\Local Settings\Application Data\IconCache.db
[2009/06/01 22:15:02 | 00,068,456 | ---- | C] () -- C:\Documents and Settings\mom\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/06/01 22:15:02 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\mom\Application Data\desktop.ini
[2009/06/01 22:15:02 | 00,000,051 | ---- | C] () -- C:\Documents and Settings\mom\Local Settings\Application Data\setup.txt
[2009/05/28 11:41:40 | 04,472,538 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2009/05/25 11:38:22 | 00,830,004 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll
[2009/05/17 18:37:12 | 00,557,469 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2009/04/22 00:52:43 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2009/04/22 00:39:06 | 00,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2009/04/22 00:39:06 | 00,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2009/04/22 00:39:06 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2009/04/22 00:39:06 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2009/04/22 00:39:06 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2009/04/22 00:39:06 | 00,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2009/04/22 00:24:18 | 00,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4964.dll
[2009/04/21 11:38:32 | 00,328,334 | ---- | C] () -- C:\WINDOWS\System32\ff_kernelDeint.dll
[2009/04/21 11:08:22 | 00,425,040 | ---- | C] () -- C:\WINDOWS\System32\TomsMoComp_ff.dll
[2009/04/21 10:54:54 | 00,146,098 | ---- | C] () -- C:\WINDOWS\System32\libmpeg2_ff.dll
[2009/04/21 10:52:08 | 00,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009/04/02 09:23:32 | 00,098,304 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll
[2009/04/02 09:21:50 | 00,084,480 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/03/02 11:19:36 | 00,183,296 | ---- | C] () -- C:\WINDOWS\System32\ff_samplerate.dll
[2009/03/02 11:19:30 | 00,178,688 | ---- | C] () -- C:\WINDOWS\System32\ff_libmad.dll
[2009/03/02 11:19:14 | 00,113,152 | ---- | C] () -- C:\WINDOWS\System32\ff_unrar.dll
[2009/03/02 11:18:46 | 00,146,944 | ---- | C] () -- C:\WINDOWS\System32\ff_tremor.dll
[2009/03/02 11:18:32 | 00,257,024 | ---- | C] () -- C:\WINDOWS\System32\ff_libdts.dll
[2009/03/02 11:18:28 | 00,142,848 | ---- | C] () -- C:\WINDOWS\System32\ff_liba52.dll
[2009/03/02 11:18:18 | 00,486,400 | ---- | C] () -- C:\WINDOWS\System32\ff_libfaad2.dll
[2009/01/10 17:17:32 | 00,163,840 | ---- | C] () -- C:\WINDOWS\System32\ts.dll
[2009/01/10 17:16:56 | 00,148,480 | ---- | C] () -- C:\WINDOWS\System32\mkx.dll
[2009/01/10 17:16:50 | 00,108,032 | ---- | C] () -- C:\WINDOWS\System32\avi.dll
[2009/01/10 17:16:14 | 00,141,312 | ---- | C] () -- C:\WINDOWS\System32\mp4.dll
[2009/01/10 17:15:54 | 00,120,832 | ---- | C] () -- C:\WINDOWS\System32\ogm.dll
[2009/01/10 17:15:44 | 00,159,744 | ---- | C] () -- C:\WINDOWS\System32\mmfinfo.dll
[2009/01/10 17:15:32 | 00,102,400 | ---- | C] () -- C:\WINDOWS\System32\avss.dll
[2009/01/10 17:15:28 | 00,246,784 | ---- | C] () -- C:\WINDOWS\System32\dxr.dll
[2009/01/10 17:15:12 | 00,097,280 | ---- | C] () -- C:\WINDOWS\System32\avs.dll
[2009/01/10 17:14:08 | 00,079,360 | ---- | C] () -- C:\WINDOWS\System32\mkzlib.dll
[2009/01/10 17:14:06 | 00,023,552 | ---- | C] () -- C:\WINDOWS\System32\mkunicode.dll
[2008/12/03 17:11:50 | 00,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2008/11/06 11:37:32 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/11/06 11:34:00 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest
[2008/11/06 11:34:00 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest
[2007/10/13 04:30:20 | 00,000,137 | ---- | C] () -- C:\WINDOWS\System32\Registration.ini
[2007/07/10 12:10:12 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2006/07/03 00:37:12 | 00,030,808 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont
[2006/07/03 00:37:10 | 00,026,489 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/25 12:43:54 | 00,517,178 | ---- | C] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2006/04/25 12:32:32 | 00,000,000 | ---- | C] () -- C:\WINDOWS\control.ini
[2006/04/25 12:32:30 | 00,000,552 | ---- | C] () -- C:\WINDOWS\win.ini
[2006/04/25 12:31:56 | 00,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2006/04/25 12:26:56 | 00,000,037 | ---- | C] () -- C:\WINDOWS\vbaddin.ini
[2006/04/25 12:26:56 | 00,000,036 | ---- | C] () -- C:\WINDOWS\vb.ini
[2006/04/25 05:19:26 | 00,000,231 | ---- | C] () -- C:\WINDOWS\system.ini
[2006/04/25 05:19:02 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini
[2006/04/19 22:21:28 | 00,029,779 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/04/19 22:21:28 | 00,026,040 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/02/27 21:00:00 | 01,290,752 | ---- | C] () -- C:\WINDOWS\System32\quartz.dll
[2006/02/27 21:00:00 | 01,015,477 | ---- | C] () -- C:\WINDOWS\System32\esentprf.ini
[2006/02/27 21:00:00 | 00,733,696 | ---- | C] () -- C:\WINDOWS\System32\qedwipes.dll
[2006/02/27 21:00:00 | 00,562,176 | ---- | C] () -- C:\WINDOWS\System32\qedit.dll
[2006/02/27 21:00:00 | 00,498,205 | ---- | C] () -- C:\WINDOWS\System32\dxmasf.dll
[2006/02/27 21:00:00 | 00,385,024 | ---- | C] () -- C:\WINDOWS\System32\qdvd.dll
[2006/02/27 21:00:00 | 00,279,040 | ---- | C] () -- C:\WINDOWS\System32\qdv.dll
[2006/02/27 21:00:00 | 00,270,848 | ---- | C] () -- C:\WINDOWS\System32\sbe.dll
[2006/02/27 21:00:00 | 00,252,928 | ---- | C] () -- C:\WINDOWS\System32\compatUI.dll
[2006/02/27 21:00:00 | 00,199,168 | ---- | C] () -- C:\WINDOWS\System32\ir32_32.dll
[2006/02/27 21:00:00 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\qcap.dll
[2006/02/27 21:00:00 | 00,186,368 | ---- | C] () -- C:\WINDOWS\System32\encdec.dll
[2006/02/27 21:00:00 | 00,157,696 | ---- | C] () -- C:\WINDOWS\System32\paqsp.dll
[2006/02/27 21:00:00 | 00,094,282 | ---- | C] () -- C:\WINDOWS\System32\msencode.dll
[2006/02/27 21:00:00 | 00,070,656 | ---- | C] () -- C:\WINDOWS\System32\amstream.dll
[2006/02/27 21:00:00 | 00,059,904 | ---- | C] () -- C:\WINDOWS\System32\devenum.dll
[2006/02/27 21:00:00 | 00,053,478 | ---- | C] () -- C:\WINDOWS\System32\tcpmon.ini
[2006/02/27 21:00:00 | 00,042,809 | ---- | C] () -- C:\WINDOWS\System32\key01.sys
[2006/02/27 21:00:00 | 00,042,537 | ---- | C] () -- C:\WINDOWS\System32\keyboard.sys
[2006/02/27 21:00:00 | 00,035,648 | ---- | C] () -- C:\WINDOWS\System32\ntio411.sys
[2006/02/27 21:00:00 | 00,035,424 | ---- | C] () -- C:\WINDOWS\System32\ntio412.sys
[2006/02/27 21:00:00 | 00,035,328 | ---- | C] () -- C:\WINDOWS\System32\mciqtz32.dll
[2006/02/27 21:00:00 | 00,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio804.sys
[2006/02/27 21:00:00 | 00,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio404.sys
[2006/02/27 21:00:00 | 00,033,840 | ---- | C] () -- C:\WINDOWS\System32\ntio.sys
[2006/02/27 21:00:00 | 00,029,370 | ---- | C] () -- C:\WINDOWS\System32\ntdos411.sys
[2006/02/27 21:00:00 | 00,029,274 | ---- | C] () -- C:\WINDOWS\System32\ntdos412.sys
[2006/02/27 21:00:00 | 00,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos804.sys
[2006/02/27 21:00:00 | 00,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos404.sys
[2006/02/27 21:00:00 | 00,027,866 | ---- | C] () -- C:\WINDOWS\System32\ntdos.sys
[2006/02/27 21:00:00 | 00,027,097 | ---- | C] () -- C:\WINDOWS\System32\country.sys
[2006/02/27 21:00:00 | 00,015,360 | ---- | C] () -- C:\WINDOWS\System32\tsd32.dll
[2006/02/27 21:00:00 | 00,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo.dll
[2006/02/27 21:00:00 | 00,013,312 | ---- | C] () -- C:\WINDOWS\System32\win87em.dll
[2006/02/27 21:00:00 | 00,013,223 | ---- | C] () -- C:\WINDOWS\System32\tslabels.ini
[2006/02/27 21:00:00 | 00,012,082 | ---- | C] () -- C:\WINDOWS\System32\rsvp.ini
[2006/02/27 21:00:00 | 00,011,376 | R--- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2006/02/27 21:00:00 | 00,010,240 | ---- | C] () -- C:\WINDOWS\System32\scriptpw.dll
[2006/02/27 21:00:00 | 00,010,110 | ---- | C] () -- C:\WINDOWS\System32\mqperf.ini
[2006/02/27 21:00:00 | 00,009,029 | ---- | C] () -- C:\WINDOWS\System32\ansi.sys
[2006/02/27 21:00:00 | 00,006,877 | ---- | C] () -- C:\WINDOWS\System32\pschdprf.ini
[2006/02/27 21:00:00 | 00,004,768 | ---- | C] () -- C:\WINDOWS\System32\himem.sys
[2006/02/27 21:00:00 | 00,004,126 | ---- | C] () -- C:\WINDOWS\System32\msdxmlc.dll
[2006/02/27 21:00:00 | 00,003,458 | ---- | C] () -- C:\WINDOWS\System32\rasctrs.ini
[2006/02/27 21:00:00 | 00,002,891 | ---- | C] () -- C:\WINDOWS\System32\perfci.ini
[2006/02/27 21:00:00 | 00,002,732 | ---- | C] () -- C:\WINDOWS\System32\perfwci.ini
[2006/02/27 21:00:00 | 00,002,656 | ---- | C] () -- C:\WINDOWS\System32\netware.drv
[2006/02/27 21:00:00 | 00,001,931 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.ini
[2006/02/27 21:00:00 | 00,001,405 | ---- | C] () -- C:\WINDOWS\msdfmap.ini
[2006/02/27 21:00:00 | 00,001,152 | ---- | C] () -- C:\WINDOWS\System32\perffilt.ini
[2006/02/27 21:00:00 | 00,000,343 | ---- | C] () -- C:\WINDOWS\System32\prodspec.ini
[2002/05/08 05:12:22 | 00,000,783 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini

========== LOP Check ==========

[2009/07/14 18:00:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2009/07/14 18:07:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe Systems
[2009/07/23 23:07:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Comodo
[2009/07/23 23:04:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ContentWatch
[2006/04/25 05:19:02 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini
[2009/07/23 22:28:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InstallShield
[2009/06/13 12:47:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IObit
[2009/06/08 22:57:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/07/14 18:32:32 | 00,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2009/11/20 18:44:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help
[2009/07/14 19:28:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/06/08 22:45:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2009/04/22 00:44:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[2009/07/23 21:10:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\mom\Application Data\Adobe
[2009/07/23 22:11:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\mom\Application Data\Comodo
[2009/07/23 22:28:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\mom\Application Data\Corel
[2006/04/25 05:19:02 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\mom\Application Data\desktop.ini
[2009/07/14 17:46:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\mom\Application Data\DivX
[2009/04/22 00:23:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\mom\Application Data\Identities
[2009/07/23 21:10:10 | 00,087,608 | ---- | M] () -- C:\Documents and Settings\mom\Application Data\inst.exe
[2009/04/22 00:38:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\mom\Application Data\InstallShield
[2009/06/13 12:47:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\mom\Application Data\IObit
[2009/07/23 21:14:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\mom\Application Data\Macromedia
[2009/06/08 22:57:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\mom\Application Data\Malwarebytes
[2009/07/14 18:26:02 | 00,000,000 | --SD | M] -- C:\Documents and Settings\mom\Application Data\Microsoft
[2009/06/13 13:04:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\mom\Application Data\Mozilla
[2009/07/23 21:10:10 | 00,007,887 | ---- | M] () -- C:\Documents and Settings\mom\Application Data\pcouffin.cat
[2009/07/23 21:10:10 | 00,001,144 | ---- | M] () -- C:\Documents and Settings\mom\Application Data\pcouffin.inf
[2009/07/23 21:10:20 | 00,000,074 | ---- | M] () -- C:\Documents and Settings\mom\Application Data\pcouffin.log
[2009/07/23 21:10:10 | 00,047,360 | ---- | M] (VSO Software) -- C:\Documents and Settings\mom\Application Data\pcouffin.sys
[2009/04/22 00:49:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\mom\Application Data\SampleView
[2009/04/22 00:47:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\mom\Application Data\SiteAdvisor
[2009/04/22 00:36:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\mom\Application Data\Sun
[2009/11/16 21:19:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\mom\Application Data\uTorrent
[2009/07/23 21:12:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\mom\Application Data\Vso
[2009/07/23 21:12:04 | 00,000,671 | ---- | M] () -- C:\Documents and Settings\mom\Application Data\vso_ts_preview.xml
[2009/07/23 22:45:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\mom\Application Data\Webroot
[2009/07/23 22:17:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\mom\Application Data\WinRAR
[2006/02/27 21:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009/11/23 15:37:54 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >

< %SYSTEMDRIVE%\eventlog.dll /s /md5 >
[2008/04/13 19:11:53 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\eventlog.dll
[2006/02/27 21:00:00 | 00,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\system32\eventlog.dll
[4 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %SYSTEMDRIVE%\scecli.dll /s /md5 >
[2008/04/13 19:12:05 | 00,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\scecli.dll
[2006/02/27 21:00:00 | 00,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\system32\scecli.dll
[4 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %SYSTEMDRIVE%\netlogon.dll /s /md5 >
[2006/02/27 21:00:00 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtUninstallKB968389$\netlogon.dll
[2009/02/06 13:46:09 | 00,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$NtUninstallKB975467$\netlogon.dll
[2009/02/06 13:46:09 | 00,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\SoftwareDistribution\Download\78cf8552430e25a8f24bc1e4dfb1970e\sp2qfe\netlogon.dll
[2008/04/13 19:12:01 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\netlogon.dll
[2009/02/06 13:46:09 | 00,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\SoftwareDistribution\Download\de81b460c3abcfc5b8494c785a5f3944\sp2qfe\netlogon.dll
[2009/02/06 13:46:09 | 00,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\system32\netlogon.dll
[4 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[2009/02/06 13:46:09 | 00,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\system32\dllcache\netlogon.dll

< %SYSTEMDRIVE%\cngaudit.dll /s /md5 >

< %SYSTEMDRIVE%\sceclt.dll /s /md5 >

< %SYSTEMDRIVE%\ntelogon.dll /s /md5 >

< %SYSTEMDRIVE%\logevent.dll /s /md5 >

< %SYSTEMDRIVE%\iaStor.sys /s /md5 >
[2008/08/13 11:08:44 | 00,325,144 | ---- | M] (Intel Corporation) MD5=42BE6406094936A23280D68D9AEC33D0 -- C:\COMPAQ\MSD\IaStor.sys
[2008/08/13 11:08:44 | 00,325,144 | ---- | M] (Intel Corporation) MD5=42BE6406094936A23280D68D9AEC33D0 -- C:\WINDOWS\system32\drivers\iaStor.sys

< %SYSTEMDRIVE%\nvstor.sys /s /md5 >

< %SYSTEMDRIVE%\atapi.sys /s /md5 >
[2008/04/13 13:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\atapi.sys
[2004/08/03 19:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys

< %SYSTEMDRIVE%\IdeChnDr.sys /s /md5 >

< %SYSTEMDRIVE%\viasraid.sys /s /md5 >

< %SYSTEMDRIVE%\AGP440.sys /s /md5 >
[2008/04/13 13:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\agp440.sys

< %SYSTEMDRIVE%\vaxscsi.sys /s /md5 >

< %SYSTEMDRIVE%\nvatabus.sys /s /md5 >

< %SYSTEMDRIVE%\viamraid.sys /s /md5 >

< %SYSTEMDRIVE%\nvata.sys /s /md5 >

< %SYSTEMDRIVE%\nvgts.sys /s /md5 >
[2007/12/13 09:03:34 | 00,102,400 | ---- | M] (NVIDIA Corporation) MD5=4BA137ADC66DBA401718FD6FA6E3F3BC -- C:\COMPAQ\HPBackup\update\DRIVERS\STORAGE\nvgts.sys
[2007/12/13 09:03:34 | 00,102,400 | ---- | M] (NVIDIA Corporation) MD5=4BA137ADC66DBA401718FD6FA6E3F3BC -- C:\WINDOWS\DRIVERS\STORAGE\nvgts.sys

< %SYSTEMDRIVE%\iastorv.sys /s /md5 >

< %SYSTEMDRIVE%\ViPrt.sys /s /md5 >

========== Alternate Data Streams ==========

@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:05EE1EEF
< End of report >

#19 andrew2009

Authentic Member

Authentic Member
42 posts

Posted 24 November 2009 - 10:21 PM

and the other..

OTL Extras logfile created on: 11/24/2009 10:57:55 PM - Run 1
OTL by OldTimer - Version 3.1.8.0 Folder = K:\
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.97 Gb Total Physical Memory | 1.74 Gb Available Physical Memory | 88.37% Memory free
3.82 Gb Paging File | 3.76 Gb Available in Paging File | 98.48% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 137.03 Gb Total Space | 3.99 Gb Free Space | 2.91% Space Free | Partition Type: NTFS
Drive D: | 12.00 Gb Total Space | 1.20 Gb Free Space | 10.02% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive K: | 15.05 Gb Total Space | 7.12 Gb Free Space | 47.29% Space Free | Partition Type: FAT32

Computer Name: ROXSCOMPUTER
Current User Name: mom
Logged in as Administrator.

Current Boot Mode: SafeMode
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Minimal
Quick Scan

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.exe" = C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.exe:*:Enabled:Managed Services Agent -- File not found

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\WINDOWS\SMINST\Scheduler.exe" = C:\WINDOWS\SMINST\Scheduler.exe:*:Enabled:Scheduler -- ()
"C:\Documents and Settings\mom_2\Desktop\uTorrent.exe" = C:\Documents and Settings\mom_2\Desktop\uTorrent.exe:*:Enabled:µTorrent -- File not found
"C:\Documents and Settings\mom\Local Settings\Temporary Internet Files\Content.IE5\8N0LAB2N\utorrent-1.8.2.upx[1].exe" = C:\Documents and Settings\mom\Local Settings\Temporary Internet Files\Content.IE5\8N0LAB2N\utorrent-1.8.2.upx[1].exe:*:Disabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{15095BF3-A3D7-4DDF-B193-3A496881E003}" = Microsoft .NET Framework 3.0
"{1A15507A-8551-4626-915D-3D5FA095CC1B}" = Corel Paint Shop Pro X
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3F9F7336-6DF8-476F-ABF6-C70A17FAF619}" = HP Backup and Recovery Manager
"{491DD792-AD81-429C-9EB4-86DD3D22E333}" = Windows Communication Foundation
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{51945E07-120D-4E78-A368-C4C8D5042D21}" = Net Nanny 5 (Remove Only)
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{56B4002F-671C-49F4-984C-C760FE3806B5}" = Microsoft SQL Server VSS Writer
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{69333A04-5134-40A5-A055-9166A7AA1EC8}" =
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76C24F39-B161-498F-BD8B-C64789812D13}_is1" = ConvertXtoDVD 3.3.4.106e
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0
"{7D1B85BD-AA07-48B8-808D-67A4067FC6BD}" = Windows Workflow Foundation
"{7D8DBB7C-1C55-4950-A107-043C164F379A}" = Altiris Software Virtualization Agent
"{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90A40409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD
"{97C82B44-D408-4F14-9252-47FC1636D23E}_is1" = IZArc 4.0 beta 1
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}" = HP Help and Support
"{B32C4059-6E7A-41EF-AD20-56DF1872B923}" = Business Contact Manager for Outlook 2007 SP1
"{B74D4E10-6884-0000-0000-000000000103}" = Adobe Bridge 1.0
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BD68F46D-8A82-4664-8E68-F87C55BDEFD4}" = Microsoft SQL Server Native Client
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{DDD076BF-C5C3-468C-AA1B-F9A7E47446FE}" = Intel® Network Connections 13.1.33.0
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F18DB86D-BC16-4E01-BCCE-63F62B931D82}" = InterVideo Register Manager
"3GP Video Converter 3" = 3GP Video Converter 3
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"ALTACPHOME_is1" = Net Nanny Parental Controls 6.0
"Ask Toolbar_is1" = Ask Toolbar
"Business Contact Manager" = Business Contact Manager for Outlook 2007 SP1
"CleanUp!" = CleanUp!
"Comodo HopSurf Toolbar" = Comodo HopSurf
"COMODO Internet Security" = COMODO Internet Security
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Fraps" = Fraps (remove only)
"GameSpy Arcade" = GameSpy Arcade
"Halo" = Microsoft Halo
"HDMI" = Intel® Graphics Media Accelerator Driver
"HijackThis" = HijackThis 2.0.2
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Media Player - Codec Pack" = Media Player Codec Pack 3.5.0
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Microsoft .NET Framework 3.0" = Microsoft .NET Framework 3.0
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"MS-MPEG4" = Microsoft MPEG-4 VKI Video Codec V1/V2/V3
"MSNINST" = MSN
"PDF Complete" = PDF Complete
"PowerISO" = PowerISO
"PROHYBRIDR" = 2007 Microsoft Office system
"Verification Engine" = Verification Engine
"WIC" = Windows Imaging Component
"WinAVI Video Converter_is1" = WinAVI Video Converter
"Window Washer" = Window Washer
"WinRAR archiver" = WinRAR archiver
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"xvid" = XviD MPEG-4 Video Codec
"ZD Soft Screen Recorder" = ZD Soft Screen Recorder
"ZDSV" = ZD Soft Screen Video Decoder

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 11/23/2009 4:46:14 PM | Computer Name = ROXSCOMPUTER | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: The specified server cannot perform the requested operation.

Error - 11/23/2009 4:46:14 PM | Computer Name = ROXSCOMPUTER | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: The specified server cannot perform the requested operation.

Error - 11/23/2009 4:46:14 PM | Computer Name = ROXSCOMPUTER | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: The specified server cannot perform the requested operation.

Error - 11/23/2009 4:46:14 PM | Computer Name = ROXSCOMPUTER | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: The specified server cannot perform the requested operation.

Error - 11/23/2009 4:46:14 PM | Computer Name = ROXSCOMPUTER | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: The specified server cannot perform the requested operation.

Error - 11/23/2009 4:46:14 PM | Computer Name = ROXSCOMPUTER | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: The specified server cannot perform the requested operation.

Error - 11/23/2009 4:47:33 PM | Computer Name = ROXSCOMPUTER | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: The specified server cannot perform the requested operation.

Error - 11/23/2009 4:47:33 PM | Computer Name = ROXSCOMPUTER | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: The specified server cannot perform the requested operation.

Error - 11/23/2009 4:47:33 PM | Computer Name = ROXSCOMPUTER | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: The specified server cannot perform the requested operation.

Error - 11/23/2009 4:47:33 PM | Computer Name = ROXSCOMPUTER | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: The specified server cannot perform the requested operation.

< End of report >

#20 OCD

SuperHelper

Malware Team
5,574 posts

Posted 27 November 2009 - 12:30 AM

Hi andrew2009,

Please try to run this fix in Normal Mode, if unsuccessful run in Safe Mode.

Run OTL.exe

Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
O4 - HKLM..\Run: [IObit Security 360] C:\Program Files\IObit\IObit Security 360\IStray.exe File not found
O4 - HKCU..\Run: [Advanced SystemCare 3] C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe File not found
[2009/07/23 21:10:10 | 00,087,608 | ---- | C] () -- C:\Documents and Settings\mom\Application Data\inst.exe

:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]

Then click the Run Fix button at the top
Let the program run unhindered, reboot when it is done
Then post a new OTL log ( don't check the boxes beside LOP Check or Purity this time )

- - - - - Next - - - - -

Re-run MBAM, make sure to get the latest updates prior to scanning.

- - - - - Next - - - - -

Please run the following online scan.
The below scan can take up to an hour or longer, please be patient.

*Note
It is recommended to disable onboard antivirus program and antispyware programs while performing scans so no conflicts and to speed up scan time.
Please don't go surfing while your resident protection is disabled!
Once scan is finished remember to re-enable resident antivirus protection along with whatever antispyware app you use.

Please do a scan with Kaspersky Online Scanner or from here
http://www.kaspersky.com/virusscanner

Note: If you are using Windows Vista, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.

Click on the Accept button and install any components it needs.
The program will install and then begin downloading the latest definition files.
After the files have been downloaded on the left side of the page in the Scan section select My Computer.
This will start the program and scan your system.
The scan will take a while, so be patient and let it run. (At times it may appear to stall)
Once the update is complete, click on My Computer under the green Scan bar to the left to start the scan.
- Once the scan is complete, it will display if your system has been infected. It does not provide an option to clean/disinfect. We only require a report from it.
- Do NOT be alarmed by what you see in the report. Many of the finds have likely been quarantined.
Once the scan is complete, click on View scan report To obtain the report:
Click on: Save Report As
Next, in the Save as prompt, Save in area, select: Desktop
In the File name area, use KScan, or something similar In Save as type, click the drop arrow and select: Text file [*.txt]
Then, click: Save
Please post the Kaspersky Online Scanner Report in your reply.

Animated tutorial
http://i275.photobuc...ng/KAS/KAS9.gif

(Note.. for Internet Explorer 7 users:
If at any time you have trouble with the "Accept" button of the license, click on the "Zoom" tool located at the bottom right of the IE window and set the zoom to 75 %. Once the license has been accepted, reset to 100%.)
Or use Firefox with IE-Tab plugin
https://addons.mozil...efox/addon/1419

- - - - - Next - - - - -

On your next post please provide the following:
New OTL log
MBAM log
Kaspersky Online Scan results
Tell me how your computer is running at the moment.

OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days

If you are satisfied with the help you have received, please consider making a donation.

#21 andrew2009

Authentic Member

Authentic Member
42 posts

Posted 27 November 2009 - 10:41 PM

hi OCD got kind of busy this evening but will be posting everything tomorrow..hope you had a happy..

#22 andrew2009

Authentic Member

Authentic Member
42 posts

Posted 28 November 2009 - 06:16 PM

hia OCD i wasnt able to do any of that in regular mode. when i had first booted up i was getting messages about content watch didnt load correctly and i needed a restart..comodo encountered a bug..then i resarted and was recieving the "recovered from serious error message" constantly again..and the rebooting on its own started..then i did the scans in safe mode, btw even when in safe mode with networking i was unable to access the internet so i wasnt able to update malwarebytes, but the definitions are from around when i started this thread and whatever it found then it found and the computer hasnt been exposed to anything new so i'm assuming that it's ok. unfortunately i wasnt able to do the kapersky Malwarebytes' Anti-Malware 1.41 Database version: 3185 Windows 5.1.2600 Service Pack 2 (Safe Mode) 11/27/2009 9:52:00 PM mbam-log-2009-11-27 (21-52-00).txt Scan type: Full Scan (C:\|D:\|) Objects scanned: 208757 Time elapsed: 16 minute(s), 58 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) All processes killed Error: Unable to interpret <CODE:OTL> in the current context! Error: Unable to interpret <PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)> in the current context! Error: Unable to interpret <O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.> in the current context! Error: Unable to interpret <O4 - HKLM..\Run: [IObit Security 360] C:\Program Files\IObit\IObit Security 360\IStray.exe File not found> in the current context! Error: Unable to interpret <O4 - HKCU..\Run: [Advanced SystemCare 3] C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe File not found> in the current context! Error: Unable to interpret <[2009/07/23 21:10:10 | 00,087,608 | ---- | C] () -- C:\Documents and Settings\mom\Application Data\inst.exe> in the current context! ========== COMMANDS ========== [EMPTYTEMP] User: Administrator ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 67 bytes User: All Users User: angelo ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: LocalService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: mom ->Temp folder emptied: 163908575 bytes ->Temporary Internet Files folder emptied: 105055651 bytes User: mom_2 User: NetworkService ->Temp folder emptied: 49152 bytes ->Temporary Internet Files folder emptied: 33170 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 11223040 bytes %systemroot%\System32 .tmp files removed: 4372369 bytes Windows Temp folder emptied: 3509009 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 274.93 mb OTL by OldTimer - Version 3.1.8.0 log created on 11272009_195204 Files\Folders moved on Reboot... Registry entries deleted on Reboot...

#23 OCD

SuperHelper

Malware Team
5,574 posts

Posted 30 November 2009 - 12:43 PM

Hi andrew2009,

You have a program installed called NetNanny that might be interfering with your ability to access the Internet.

When was the last time you updated this software?
Do you have installation disks, or a download link to re-install the software if needed.

Please save all tools to your root directory - "C"

Start Windows XP in Safe Mode

Restart your computer.
When the machine first starts again it will generally list some equipment that is installed in your machine, amount of memory, hard drives installed etc.
- When you see this information start to gently tap the F8 key repeatedly until you are presented with the Windows XP Advanced Options menu.
Select the Safe Mode option using the arrow keys.
Then press the enter key on your keyboard to boot into Safe Mode.

- - - - - Next - - - - -

Please go to Start Menu > Control Panel > Add/ Remove Programs
Scroll Down and locate the following programs:

Net Nanny 5 (Remove Only)
Net Nanny Parental Controls 6.0

Select the program, then select remove.
(if the program is not listed don't be alarmed, just continue)

Exit the Control Panel when finished.

- - - - - Next - - - - -

Please locate the folder & file in red and delete them.
Be sure to delete the entire folder/file that is designated.

C:\Program Files\ContentWatch
K:\OTL.exe

Right click the file or folder, select Delete.

- - - - - Next - - - - -

Reboot into Normal Mode

- - - - - Next - - - - -

Re-Download OTL to your desktop. (C drive)

Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.

Copy/paste the following text written inside of the code box, do not include the word "code" into the Custom Scans/Fixes box located at the bottom of OTL

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
O4 - HKLM..\Run: [IObit Security 360] C:\Program Files\IObit\IObit Security 360\IStray.exe File not found
O4 - HKCU..\Run: [Advanced SystemCare 3] C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe File not found
[2009/07/23 21:10:10 | 00,087,608 | ---- | C] () -- C:\Documents and Settings\mom\Application Data\inst.exe

:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]

Then click the Run Fix button at the top
Let the program run unhindered

- - - - - Next - - - - -

Please re-run OTL (should still be on your desktop)
Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
When the window appears, underneath Output at the top change it to Minimal Output.
Un-Check the boxes beside LOP Check and Purity Check.
Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt.
Note:These logs can be located in the OTL. folder on you C:\ drive if they fail to open automatically.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.
You may need two posts to fit them both in.

- - - - - Next - - - - -

Please run the following online scan.
The below scan can take up to an hour or longer, please be patient.

*Note
It is recommended to disable on-board anti-virus program and antispyware programs while performing scans so no conflicts and to speed up scan time.
Please don't go surfing while your resident protection is disabled!
Once scan is finished remember to re-enable resident anti-virus protection along with whatever antispyware app you use.

Scan with Kaspersky Online Scanner or from here http://www.kaspersky.com/virusscanner

Note: If you are using Windows Vista, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.

Click on the Accept button and install any components it needs.
The program will install and then begin downloading the latest definition files.
After the files have been downloaded on the left side of the page in the Scan section select My Computer.
This will start the program and scan your system.
The scan will take a while, so be patient and let it run. (At times it may appear to stall)
Once the update is complete, click on My Computer under the green Scan bar to the left to start the scan.
- Once the scan is complete, it will display if your system has been infected. It does not provide an option to clean/disinfect. We only require a report from it.
- Do NOT be alarmed by what you see in the report. Many of the finds have likely been quarantined.
Once the scan is complete, click on View scan report To obtain the report:
Click on: Save Report As
Next, in the Save as prompt, Save in area, select: Desktop
In the File name area, use KScan, or something similar In Save as type, click the drop arrow and select: Text file [*.txt]
Then, click: Save
Please post the Kaspersky Online Scanner Report in your reply.

Animated tutorial
http://i275.photobuc...ng/KAS/KAS9.gif

(Note.. for Internet Explorer 7 users:
If at any time you have trouble with the "Accept" button of the license, click on the "Zoom" tool located at the bottom right of the IE window and set the zoom to 75 %. Once the license has been accepted, reset to 100%.)
Or use Firefox with IE-Tab plugin
https://addons.mozil...efox/addon/1419

If you are unable to run the Kaspersky scan please try this alternative scanner. Only one (1) online scan is needed.

Run the following scan: Eset Online Scanner
(you will need Internet Explorer to run this scan)

Place a check mark in the box YES, I accept the Terms Of Use
Click the Start button.
Now click the Install button.
Click Start. The scanner engine will initialize and update.
Do Not place a check mark in the box beside Remove found threats.
Click the Scan button. The scan will now run, please be patient.
When the scan finishes click the Details tab.
Copy and paste the contents of the C:\ProgramFiles\EsetOnlineScanner\log.txt into your next reply.

- - - - - Next - - - - -

On your next post please provide the following:
NetNanny answers
OTL fix log (log from running the OTL fix)
Kaspersky or Eset Online scan results log
New OTL logs, both OTL.txt & extras.txt
Tell me how your computer is running at the moment.

OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days

If you are satisfied with the help you have received, please consider making a donation.

#24 andrew2009

Authentic Member

Authentic Member
42 posts

Posted 02 December 2009 - 11:09 PM

OCD i will be running those instructions later tonight when i'm done with work. but i will be unable to uninstall the Netnanny 5 because of do not recall the password, is that a problem?

#25 andrew2009

Authentic Member

Authentic Member
42 posts

Posted 03 December 2009 - 10:36 PM

i dont understand what you meant by "Please save all tools to your root directory - "C""....i did go ahead and uninstall those to programs though..i also dont understand what you mean about the RED folders, but i did do a search for netnanny and content watch and deleted whatevers was found. is that fine i have to finish your instruction tomorrow..sorry its taking me some time but i've been pretty busy..thank you for your help and your patience

Advertisements

Register to Remove

#26 CatByte

Classroom Administrator

Classroom Admin
21,060 posts

Posted 03 December 2009 - 11:24 PM

Hi, OCD is away for a couple of days and has asked me to look after you. Please make sure when you save the tools that you save them to the C:\ drive rather than the K:\ drive where you have OTL right now. the red folders are the folders that need to be deleted, so navigate to C:\Program Files\ContentWatch > right click the contentwatch folder and select DELETE. then do the same in your K drive...locate OTL.exe and delete it. Then download a fresh OTL and save it to the C:\ drive.... thanks ~CB

Microsoft MVP 2010, 2011, 2012, 2013, 2014, 2015

#27 andrew2009

Authentic Member

Authentic Member
42 posts

Posted 04 December 2009 - 12:49 PM

hi catbyte, you said.. Please make sure when you save the tools that you save them to the C:\ drive rather than the K:\ drive where you have OTL right now. that is what i dont understand..

#28 andrew2009

Authentic Member

Authentic Member
42 posts

Posted 04 December 2009 - 01:38 PM

oh!! i think i get it.. the k drive is the USB drive that i use to transfer the OTL and other tools to from my good running computer. then when i boot into safe mode on the bad computer i plug the USB in and copy the file from the USB to the desk top of the bad computer and run it..i assume thats where the confusion is coming from. i have to step out but should be able to complete the other steps tonight.

#29 CatByte

Classroom Administrator

Classroom Admin
21,060 posts

Posted 04 December 2009 - 02:26 PM

Hi, can you please advise the status of the infected computer. Are you now able to access the internet? If not - at what stage did you lose your connection? Are you able to boot into normal mode? Are you able to access the internet in safemode?

Microsoft MVP 2010, 2011, 2012, 2013, 2014, 2015

#30 andrew2009

Authentic Member

Authentic Member
42 posts

Posted 04 December 2009 - 02:56 PM

the infected computer never had an issue connecting to the internet regular mode (when it stays on long enough that is with out rebooting), the problem was and as of the last tests run still is that it shuts on and off and a window pops up stating that the system has recovered from a serious error would i like to send a report. no matter how many times i send the report after the box disappears it immediateley returns. i am able to boot in regular mode but it turns on and off and during the time that it actually is on the error that i mentioned above appears (actually sometimes it barely gets past the point after logging on). the only reason i made mention of the internet connection earlier in the thread is because OCD wanted me to update the malwarebytes but being that the only time the computer is stable is in safe mode i alerted him to the fact that i would be unable to update it. he then advised that i do safe mode with networking and i was still unable to connect, but that has always been the case with any computer i've had, when ever in safe mode with or with out networking the internet is not accessible. which is why that any tools i was instructed to download was done on my good computer, put onto a usb drive and then when i booted the infected computer in safe mode i would copy the tools from the usb drive to the desk top of the infected computer and then run it.

Body Background

skin color theme