Please review my HJ log and other logs(Closed) Options

[Steve_11]

I have an older PC that I am reviving and it has been abused. I have cleaned it up as much as I can but am concerned that it is still infected. It was behaving very slow, now better but still not optimum. Items found and eventually cleaned were Win32/Viking.JB and Win32/Emerleox.gen!A.
One sign of a possible problem is that my View settings in Windows Explorer keep re-setting to default. I like to un-hide known file extensions but they keep re-hiding.

Below are my log files. Please let me know if you need more info.
Thanks

HIJACKTHIS LOGFILE:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:43:24 PM, on 7/16/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WIN98\System32\smss.exe
C:\WIN98\system32\winlogon.exe
C:\WIN98\system32\services.exe
C:\WIN98\system32\lsass.exe
C:\WIN98\system32\svchost.exe
c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
C:\WIN98\SYSTEM32\acs.exe
C:\WIN98\system32\svchost.exe
C:\WIN98\Explorer.EXE
C:\WIN98\system32\msiexec.exe
C:\WIN98\system32\svchost.exe
C:\WIN98\system32\wuauclt.exe
C:\WIN98\system32\CTHELPER.EXE
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\WIN98\system32\ctfmon.exe
C:\Program Files\NETGEAR\WG311T\wlancfg5.exe
C:\WIN98\System32\svchost.exe
C:\WIN98\system32\wuauclt.exe
F:\Ad-AwareInstall.exe
F:\HijackThis.exe
c:\Program Files\Microsoft Security Essentials\MpCmdRun.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ycomp_adb.../search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ycomp_adb...//www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ycomp_adb.../search/ie.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [MSSE] "c:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [ctfmon.exe] C:\WIN98\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - Global Startup: NETGEAR WG311T Wireless Assistant.lnk = C:\Program Files\NETGEAR\WG311T\wlancfg5.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1279162089461
O16 - DPF: {9C024426-7859-4B2D-AB4C-B1E370AE7549} - http://us.mcafee.com/Apps/WSC/en-us/WscWlanScannerCtrl.cab
O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\WIN98\SYSTEM32\acs.exe
O23 - Service: Automatic LiveUpdate Scheduler - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)

--
End of file - 3593 bytes

MBAM LOG FILE:
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4317

Windows 5.1.2600 Service Pack 2
Internet Explorer 7.0.5730.11

7/15/2010 11:19:54 PM
mbam-log-2010-07-15 (23-19-54).txt

Scan type: Quick scan
Objects scanned: 132455
Time elapsed: 1 hour(s), 31 minute(s), 29 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\CheckedValue (Hijack.System.Hidden) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
C:\GameSetup.exe (Worm.Fujacks) -> Quarantined and deleted successfully.

My comment - I have apparently cleaned up these findins with MBAM, Lavasoft Ad-Aware and Microsoft Security Essentials. new logfile is clean.


OTL.TXT:
OTL logfile created on: 7/19/2010 10:50:03 PM - Run 1
OTL by OldTimer - Version 3.2.5.0 Folder = F:\
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: enu | Date Format: M/d/yyyy

512.00 Mb Total Physical Memory | 180.00 Mb Available Physical Memory | 35.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 63.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WIN98 | %ProgramFiles% = C:\Program Files
Drive C: | 111.76 Gb Total Space | 96.43 Gb Free Space | 86.29% Space Free | Partition Type: FAT32
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 960.32 Mb Total Space | 698.29 Mb Free Space | 72.71% Space Free | Partition Type: FAT32
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: SUE
Current User Name: S
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/07/15 21:24:50 | 001,093,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Essentials\msseces.exe
PRC - [2010/07/12 03:55:40 | 001,352,832 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2010/07/12 03:55:40 | 000,864,112 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2010/05/22 09:28:48 | 000,571,904 | ---- | M] (OldTimer Tools) -- F:\OTL.exe
PRC - [2010/03/25 21:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
PRC - [2004/12/17 10:55:26 | 007,708,672 | ---- | M] () -- C:\Program Files\NETGEAR\WG311T\wlancfg5.exe
PRC - [2004/12/01 21:44:00 | 000,036,864 | ---- | M] () -- C:\WIN98\SYSTEM32\acs.exe
PRC - [2004/08/04 12:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) -- C:\WIN98\explorer.exe
PRC - [2002/07/02 17:56:00 | 000,024,576 | ---- | M] (Creative Technology Ltd) -- C:\WIN98\SYSTEM32\CTHELPER.EXE


========== Modules (SafeList) ==========

EXTRAS.TXT:
OTL Extras logfile created on: 7/19/2010 10:50:04 PM - Run 1
OTL by OldTimer - Version 3.2.5.0 Folder = F:\
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: enu | Date Format: M/d/yyyy

512.00 Mb Total Physical Memory | 180.00 Mb Available Physical Memory | 35.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 63.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WIN98 | %ProgramFiles% = C:\Program Files
Drive C: | 111.76 Gb Total Space | 96.43 Gb Free Space | 86.29% Space Free | Partition Type: FAT32
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 960.32 Mb Total Space | 698.29 Mb Free Space | 72.71% Space Free | Partition Type: FAT32
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: SUE
Current User Name: S
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" %1 File not found
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader -- (America Online, Inc.)
"C:\Program Files\Common Files\AOL\1128224247\EE\aolsoftware.exe" = C:\Program Files\Common Files\AOL\1128224247\EE\aolsoftware.exe:*:Enabled:AOL Services -- (America Online, Inc.)
"C:\Program Files\Common Files\AOL\1128224247\EE\aim6.exe" = C:\Program Files\Common Files\AOL\1128224247\EE\aim6.exe:*:Enabled:AIM -- (America Online, Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- File not found


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00030409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Small Business
"{00040409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Disc 2
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3CB41017-F5CA-4C56-934C-ED02156251E6}" = iTunes
"{3FCAADB8-EB1B-11D6-AB2D-0090271A23A2}" = Sound Blaster Live! Web 2K/XP
"{50D8FFDD-90CD-4859-841F-AA1961C7767A}" = QuickTime
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A5CC2A09-E9D3-49EC-923D-03874BBD4C2C}" = Windows Defender Signatures
"{AC76BA86-7AD7-1033-7B44-A70000000000}" = Adobe Reader 7.0.5
"{AC76BA86-7AD7-5464-3428-7E8A450000A7}" = Spelling Dictionaries For Adobe Reader Package
"{CA0A1E54-CE0F-4366-B09C-A87B61DC5633}" = Symantec Network Drivers Update
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E62A1F01-07B7-4541-A835-EE5B0BF064C2}" = Microsoft Antimalware
"{EF98A02A-1748-4762-9B7D-5ED1600520D5}" = Microsoft Security Essentials
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{FC321AD2-48B4-4013-B997-A65D5FBBD006}" = NETGEAR Wireless Adapter WG311T
"Ad-Aware" = Ad-Aware
"HijackThis" = HijackThis 2.0.2
"ie8" = Windows Internet Explorer 8
"InstallShield_{FC321AD2-48B4-4013-B997-A65D5FBBD006}" = NETGEAR Wireless Adapter WG311T
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft Security Essentials" = Microsoft Security Essentials
"Need For Speed III" = Need For Speed III
"NVIDIA Drivers" = NVIDIA Drivers
"RealPlayer 6.0" = RealPlayer
"Shockwaveflash" = Macromedia Flash Player 8
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 7/17/2010 5:57:20 PM | Computer Name = SUE | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 microsoft antimalware (bcf43643-a118-4432-aede-d861fcbcfcde),
P2 2.1.6805.0, P3 timeout, P4 1.1.6004.0, P5 local, P6 unspecified, P7 unspecified,
P8 NIL, P9 NIL, P10 NIL.

Error - 7/17/2010 5:57:26 PM | Computer Name = SUE | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 microsoft antimalware (bcf43643-a118-4432-aede-d861fcbcfcde),
P2 2.1.6805.0, P3 timeout, P4 1.1.6004.0, P5 local, P6 unspecified, P7 unspecified,
P8 NIL, P9 NIL, P10 NIL.

Error - 7/17/2010 5:57:34 PM | Computer Name = SUE | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 microsoft antimalware (bcf43643-a118-4432-aede-d861fcbcfcde),
P2 2.1.6805.0, P3 timeout, P4 1.1.6004.0, P5 local, P6 unspecified, P7 unspecified,
P8 NIL, P9 NIL, P10 NIL.

Error - 7/17/2010 5:57:41 PM | Computer Name = SUE | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 microsoft antimalware (bcf43643-a118-4432-aede-d861fcbcfcde),
P2 2.1.6805.0, P3 timeout, P4 1.1.6004.0, P5 local, P6 unspecified, P7 unspecified,
P8 NIL, P9 NIL, P10 NIL.

Error - 7/17/2010 5:57:49 PM | Computer Name = SUE | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 microsoft antimalware (bcf43643-a118-4432-aede-d861fcbcfcde),
P2 2.1.6805.0, P3 timeout, P4 1.1.6004.0, P5 local, P6 unspecified, P7 unspecified,
P8 NIL, P9 NIL, P10 NIL.

Error - 7/17/2010 5:57:56 PM | Computer Name = SUE | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 microsoft antimalware (bcf43643-a118-4432-aede-d861fcbcfcde),
P2 2.1.6805.0, P3 timeout, P4 1.1.6004.0, P5 local, P6 unspecified, P7 unspecified,
P8 NIL, P9 NIL, P10 NIL.

Error - 7/17/2010 5:58:04 PM | Computer Name = SUE | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 microsoft antimalware (bcf43643-a118-4432-aede-d861fcbcfcde),
P2 2.1.6805.0, P3 timeout, P4 1.1.6004.0, P5 local, P6 unspecified, P7 unspecified,
P8 NIL, P9 NIL, P10 NIL.

Error - 7/17/2010 5:58:12 PM | Computer Name = SUE | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 microsoft antimalware (bcf43643-a118-4432-aede-d861fcbcfcde),
P2 2.1.6805.0, P3 timeout, P4 1.1.6004.0, P5 local, P6 unspecified, P7 unspecified,
P8 NIL, P9 NIL, P10 NIL.

Error - 7/17/2010 5:58:21 PM | Computer Name = SUE | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 microsoft antimalware (bcf43643-a118-4432-aede-d861fcbcfcde),
P2 2.1.6805.0, P3 timeout, P4 1.1.6004.0, P5 local, P6 unspecified, P7 unspecified,
P8 NIL, P9 NIL, P10 NIL.

Error - 7/17/2010 10:56:14 PM | Computer Name = SUE | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 8024402c, P2 endsearch, P3 search, P4 2.1.6805.0,
P5 mpsigdwn.dll, P6 2.1.6805.0, P7 microsoft antimalware (bcf43643-a118-4432-aede-d861fcbcfcde),
P8 NIL, P9 NIL, P10 NIL.

[ Application Events ]
Error - 7/17/2010 5:57:20 PM | Computer Name = SUE | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 microsoft antimalware (bcf43643-a118-4432-aede-d861fcbcfcde),
P2 2.1.6805.0, P3 timeout, P4 1.1.6004.0, P5 local, P6 unspecified, P7 unspecified,
P8 NIL, P9 NIL, P10 NIL.

Error - 7/17/2010 5:57:26 PM | Computer Name = SUE | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 microsoft antimalware (bcf43643-a118-4432-aede-d861fcbcfcde),
P2 2.1.6805.0, P3 timeout, P4 1.1.6004.0, P5 local, P6 unspecified, P7 unspecified,
P8 NIL, P9 NIL, P10 NIL.

Error - 7/17/2010 5:57:34 PM | Computer Name = SUE | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 microsoft antimalware (bcf43643-a118-4432-aede-d861fcbcfcde),
P2 2.1.6805.0, P3 timeout, P4 1.1.6004.0, P5 local, P6 unspecified, P7 unspecified,
P8 NIL, P9 NIL, P10 NIL.

Error - 7/17/2010 5:57:41 PM | Computer Name = SUE | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 microsoft antimalware (bcf43643-a118-4432-aede-d861fcbcfcde),
P2 2.1.6805.0, P3 timeout, P4 1.1.6004.0, P5 local, P6 unspecified, P7 unspecified,
P8 NIL, P9 NIL, P10 NIL.

Error - 7/17/2010 5:57:49 PM | Computer Name = SUE | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 microsoft antimalware (bcf43643-a118-4432-aede-d861fcbcfcde),
P2 2.1.6805.0, P3 timeout, P4 1.1.6004.0, P5 local, P6 unspecified, P7 unspecified,
P8 NIL, P9 NIL, P10 NIL.

Error - 7/17/2010 5:57:56 PM | Computer Name = SUE | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 microsoft antimalware (bcf43643-a118-4432-aede-d861fcbcfcde),
P2 2.1.6805.0, P3 timeout, P4 1.1.6004.0, P5 local, P6 unspecified, P7 unspecified,
P8 NIL, P9 NIL, P10 NIL.

Error - 7/17/2010 5:58:04 PM | Computer Name = SUE | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 microsoft antimalware (bcf43643-a118-4432-aede-d861fcbcfcde),
P2 2.1.6805.0, P3 timeout, P4 1.1.6004.0, P5 local, P6 unspecified, P7 unspecified,
P8 NIL, P9 NIL, P10 NIL.

Error - 7/17/2010 5:58:12 PM | Computer Name = SUE | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 microsoft antimalware (bcf43643-a118-4432-aede-d861fcbcfcde),
P2 2.1.6805.0, P3 timeout, P4 1.1.6004.0, P5 local, P6 unspecified, P7 unspecified,
P8 NIL, P9 NIL, P10 NIL.

Error - 7/17/2010 5:58:21 PM | Computer Name = SUE | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 microsoft antimalware (bcf43643-a118-4432-aede-d861fcbcfcde),
P2 2.1.6805.0, P3 timeout, P4 1.1.6004.0, P5 local, P6 unspecified, P7 unspecified,
P8 NIL, P9 NIL, P10 NIL.

Error - 7/17/2010 10:56:14 PM | Computer Name = SUE | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 8024402c, P2 endsearch, P3 search, P4 2.1.6805.0,
P5 mpsigdwn.dll, P6 2.1.6805.0, P7 microsoft antimalware (bcf43643-a118-4432-aede-d861fcbcfcde),
P8 NIL, P9 NIL, P10 NIL.

[ System Events ]
Error - 7/18/2010 2:03:38 PM | Computer Name = SUE | Source = DCOM | ID = 10000
Description = Unable to start a DCOM Server: {98D9A6F1-4696-4B5E-A2E8-36B3F9C1E12C}.
The
error: "%2" Happened while starting this command: "C:\Program Files\Adobe\Acrobat
7.0\Reader\AcroRd32Info.exe" /PDFShell -Embedding

Error - 7/18/2010 2:03:38 PM | Computer Name = SUE | Source = DCOM | ID = 10000
Description = Unable to start a DCOM Server: {98D9A6F1-4696-4B5E-A2E8-36B3F9C1E12C}.
The
error: "%2" Happened while starting this command: "C:\Program Files\Adobe\Acrobat
7.0\Reader\AcroRd32Info.exe" /PDFShell -Embedding

Error - 7/18/2010 3:01:22 PM | Computer Name = SUE | Source = Service Control Manager | ID = 7001
Description = The Print Spooler service depends on the LexBce Server service which
failed to start because of the following error: %%1058

Error - 7/19/2010 9:42:44 PM | Computer Name = SUE | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\D.

Error - 7/19/2010 9:43:44 PM | Computer Name = SUE | Source = Windows Update Agent | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x800f0102: Security Update for Windows XP (KB923561).

Error - 7/19/2010 9:43:44 PM | Computer Name = SUE | Source = Windows Update Agent | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070002: Security Update for Windows XP (KB958644).

Error - 7/19/2010 9:43:44 PM | Computer Name = SUE | Source = Windows Update Agent | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070002: Security Update for Windows XP (KB958470).

Error - 7/19/2010 9:49:38 PM | Computer Name = SUE | Source = Service Control Manager | ID = 7031
Description = The Microsoft Antimalware Service service terminated unexpectedly.
It has done this 1 time(s). The following corrective action will be taken in
15000 milliseconds: Restart the service.

Error - 7/19/2010 9:49:38 PM | Computer Name = SUE | Source = Service Control Manager | ID = 7034
Description = The Atheros Configuration Service service terminated unexpectedly.
It has done this 1 time(s).

Error - 7/19/2010 9:49:51 PM | Computer Name = SUE | Source = Service Control Manager | ID = 7031
Description = The Lavasoft Ad-Aware Service service terminated unexpectedly. It
has done this 1 time(s). The following corrective action will be taken in 5000
milliseconds: Restart the service.


< End of report >

ROOTER.TXT:
Rooter.exe (v1.0.2) by Eric_71
.
SeDebugPrivilege granted successfully ...
.
Windows XP Home Edition (5.1.2600) Service Pack 2
[32_bits] - x86 Family 6 Model 7 Stepping 3, GenuineIntel
.
Error OpenService (wscsvc) : 1060
[SharedAccess] RUNNING (state:4)
Windows Firewall -> Enabled
.
Internet Explorer 8.0.6001.18702
.
A:\ [Removable]
C:\ [Fixed-FAT32] .. ( Total:111 Go - Free:96 Go )
D:\ [Removable]
E:\ [CD_Rom]
F:\ [Removable]
.
Scan : 23:05.03
Path : F:\Rooter.exe
User : S ( Administrator -> YES )
.
----------------------\\ Processes
.
Locked [System Process] (0)
______ System (4)
______ \SystemRoot\System32\smss.exe (276)
______ \??\C:\WIN98\system32\csrss.exe (336)
______ \??\C:\WIN98\system32\winlogon.exe (360)
______ C:\WIN98\system32\services.exe (404)
______ C:\WIN98\system32\lsass.exe (416)
______ C:\WIN98\system32\svchost.exe (576)
______ C:\WIN98\system32\svchost.exe (640)
______ c:\Program Files\Microsoft Security Essentials\MsMpEng.exe (680)
______ C:\WIN98\SYSTEM32\acs.exe (780)
______ C:\WIN98\system32\svchost.exe (836)
______ C:\WIN98\system32\svchost.exe (876)
______ C:\WIN98\system32\svchost.exe (964)
______ C:\WIN98\Explorer.EXE (1100)
______ C:\WIN98\system32\svchost.exe (1400)
______ C:\WIN98\system32\CTHELPER.EXE (1424)
______ C:\Program Files\Microsoft Security Essentials\msseces.exe (1440)
______ C:\WIN98\system32\ctfmon.exe (1448)
______ C:\Program Files\NETGEAR\WG311T\wlancfg5.exe (1480)
______ C:\WIN98\system32\svchost.exe (1792)
______ C:\WIN98\system32\wdfmgr.exe (1848)
______ C:\WIN98\System32\alg.exe (724)
______ C:\WIN98\System32\svchost.exe (2056)
______ C:\WIN98\system32\wuauclt.exe (2392)
______ C:\WIN98\system32\taskmgr.exe (2592)
______ C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (3792)
______ C:\WIN98\system32\wbem\unsecapp.exe (3896)
______ C:\WIN98\system32\wbem\wmiprvse.exe (3960)
______ C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (452)
______ F:\Rooter.exe (1752)
.
----------------------\\ Device\Harddisk0\
.
\Device\Harddisk0 [Sectors : 63 x 512 Bytes]
.
\Device\Harddisk0\Partition1 --[ MBR ]-- (Start_Offset:32256 | Length:120031478784)
.
----------------------\\ Scheduled Tasks
.
C:\WIN98\Tasks\DESKTOP.INI
C:\WIN98\Tasks\SA.DAT
C:\WIN98\Tasks\Tune-up Application Start.job
C:\WIN98\Tasks\Desktop_.ini
C:\WIN98\Tasks\MpIdleTask.job
C:\WIN98\Tasks\MP Scheduled Scan.job
C:\WIN98\Tasks\Ad-Aware Update (Weekly).job
.
----------------------\\ Registry
.
.
----------------------\\ Files & Folders
.
----------------------\\ Scan completed at 23:05.06
.
C:\Rooter$\Rooter_1.txt - (19/07/2010 | 23:05.06)

LOCKSEARC>TXT:
LockSearch by jpshortstuff (05.11.09.1)
Log created at 23:08 on 19/07/2010 (S)
Scanning C:\


C:\hiberfil.sys
-------------------------


C:\pagefile.sys
-------------------------

-=E.O.F=-

CKFILES.TXT:
CKScanner - Additional Security Risks - These are not necessarily bad
scanner sequence 3.MN.11
----- EOF -----

CKFILES.TXT:
CKScanner - Additional Security Risks - These are not necessarily bad
scanner sequence 3.MN.11
----- EOF -----

WVCHECK.EXE:
My comment - program opens and runs but does not open Notepad and no apparent log file generated!

ARK.TXT:
CKScanner - Additional Security Risks - These are not necessarily bad
scanner sequence 3.MN.11
----- EOF -----

[Rorschach112]

you did the otl step wrong, can you try it again

[Rorschach112]

also do this

click start > run > type cmd > Click ok > Type this in the window that appears

WVCheck.exe

press enter, let the program run. If it doesn't, tell me what error gets returned

[Steve_11]

OK, Thanks.

OTL.TXT:
OTL logfile created on: 7/28/2010 8:59:29 PM - Run 2
OTL by OldTimer - Version 3.2.5.0 Folder = C:\Documents and Settings\S\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: enu | Date Format: M/d/yyyy

512.00 Mb Total Physical Memory | 100.00 Mb Available Physical Memory | 20.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 59.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WIN98 | %ProgramFiles% = C:\Program Files
Drive C: | 111.76 Gb Total Space | 95.00 Gb Free Space | 85.01% Space Free | Partition Type: FAT32
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 960.32 Mb Total Space | 692.28 Mb Free Space | 72.09% Space Free | Partition Type: FAT32
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: SUE
Current User Name: S
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/07/15 21:24:50 | 001,093,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Essentials\msseces.exe
PRC - [2010/07/12 03:55:40 | 001,352,832 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2010/07/12 03:55:40 | 000,864,112 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2010/05/22 09:28:48 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\S\Desktop\OTL.exe
PRC - [2010/03/25 21:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
PRC - [2008/04/13 19:12:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WIN98\explorer.exe
PRC - [2007/11/30 07:39:18 | 000,755,576 | ---- | M] (Microsoft Corporation) -- C:\WIN98\SoftwareDistribution\Download\fa57c84fa6e4dd9d9b877015ac8c16fd\update\update.exe
PRC - [2004/12/17 10:55:26 | 007,708,672 | ---- | M] () -- C:\Program Files\NETGEAR\WG311T\wlancfg5.exe
PRC - [2004/12/01 21:44:00 | 000,036,864 | ---- | M] () -- C:\WIN98\SYSTEM32\acs.exe
PRC - [2002/07/02 17:56:00 | 000,024,576 | ---- | M] (Creative Technology Ltd) -- C:\WIN98\SYSTEM32\CTHELPER.EXE


========== Modules (SafeList) ==========

MOD - [2010/05/22 09:28:48 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\S\Desktop\OTL.exe
MOD - [2008/04/13 19:11:52 | 000,367,616 | ---- | M] (Microsoft Corporation) -- C:\WIN98\SYSTEM32\dsound.dll
MOD - [2008/04/13 19:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WIN98\SYSTEM32\msscript.ocx
MOD - [2002/11/05 11:05:30 | 000,061,440 | ---- | M] (Creative Technology Ltd) -- C:\WIN98\SYSTEM32\CTAGENT.DLL


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (Automatic LiveUpdate Scheduler)
SRV - [2010/07/12 03:55:40 | 001,352,832 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2010/03/25 21:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc)
SRV - [2004/12/01 21:44:00 | 000,036,864 | ---- | M] () [Auto | Running] -- C:\WIN98\SYSTEM32\acs.exe -- (ACS)


========== Driver Services (SafeList) ==========

DRV - [2010/07/12 03:55:40 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WIN98\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2010/03/25 21:30:22 | 000,151,216 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WIN98\SYSTEM32\DRIVERS\MpFilter.sys -- (MpFilter)
DRV - [2008/04/13 13:45:32 | 000,059,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WIN98\SYSTEM32\DRIVERS\GcKernel.sys -- (GcKernel)
DRV - [2008/04/13 13:45:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WIN98\SYSTEM32\DRIVERS\gameenum.sys -- (gameenum)
DRV - [2006/02/14 12:10:52 | 000,123,248 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WIN98\SYSTEM32\DRIVERS\SYMEVENT.SYS -- (SymEvent)
DRV - [2006/01/01 23:51:42 | 000,008,413 | ---- | M] (RealNetworks, Inc.) [Kernel | Auto | Running] -- C:\WIN98\SYSTEM32\DRIVERS\mcstrm.sys -- (MCSTRM)
DRV - [2005/12/26 10:32:10 | 000,015,781 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WIN98\SYSTEM32\DRIVERS\mdc8021x.sys -- (MDC8021X) AEGIS Protocol (IEEE 802.1x)
DRV - [2005/04/05 11:17:02 | 000,267,192 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WIN98\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2005/04/05 11:17:00 | 000,017,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WIN98\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2005/04/05 11:16:58 | 000,036,984 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WIN98\System32\Drivers\SYMIDS.SYS -- (SYMIDS)
DRV - [2005/04/05 11:16:56 | 000,047,192 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WIN98\System32\Drivers\SYMNDIS.SYS -- (SYMNDIS)
DRV - [2005/04/05 11:16:54 | 000,173,208 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WIN98\System32\Drivers\SYMFW.SYS -- (SYMFW)
DRV - [2005/04/05 11:16:52 | 000,011,512 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WIN98\System32\Drivers\SYMDNS.SYS -- (SYMDNS)
DRV - [2004/12/14 17:47:18 | 000,400,096 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WIN98\SYSTEM32\DRIVERS\WG311T13.sys -- (AR5211)
DRV - [2004/08/03 22:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WIN98\SYSTEM32\DRIVERS\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2004/08/03 22:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WIN98\SYSTEM32\DRIVERS\nv4_mini.sys -- (nv)
DRV - [2002/07/24 13:52:26 | 000,998,004 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WIN98\SYSTEM32\DRIVERS\ha10kx2k.sys -- (ha10kx2k)
DRV - [2002/07/19 10:48:32 | 000,156,604 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WIN98\SYSTEM32\DRIVERS\emupia2k.sys -- (emupia)
DRV - [2002/07/19 10:48:22 | 000,213,860 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WIN98\SYSTEM32\DRIVERS\ctsfm2k.sys -- (ctsfm2k)
DRV - [2002/07/19 10:48:08 | 000,011,068 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WIN98\SYSTEM32\DRIVERS\ctprxy2k.sys -- (ctprxy2k)
DRV - [2002/07/19 10:48:04 | 000,195,432 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WIN98\SYSTEM32\DRIVERS\ctoss2k.sys -- (ossrv)
DRV - [2002/07/19 10:47:52 | 000,837,548 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WIN98\SYSTEM32\DRIVERS\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
DRV - [2002/07/19 10:46:28 | 000,127,948 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WIN98\SYSTEM32\DRIVERS\ctac32k.sys -- (ctac32k)
DRV - [2002/06/14 13:49:56 | 000,010,194 | ---- | M] (Creative Technology Ltd.) [Kernel | Auto | Running] -- C:\WIN98\SYSTEM32\PFMODNT.SYS -- (PfModNT)
DRV - [2001/08/17 14:02:50 | 000,002,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WIN98\SYSTEM32\DRIVERS\HIDSwvd.sys -- (HIDSwvd)
DRV - [2001/08/17 13:28:02 | 000,907,456 | ---- | M] (Conexant) [Kernel | On_Demand | Running] -- C:\WIN98\SYSTEM32\DRIVERS\HCF_MSFT.sys -- (HCF_MSFT)
DRV - [2001/08/17 12:19:34 | 000,036,480 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WIN98\SYSTEM32\DRIVERS\sfmanm.sys -- (sfman) Creative SoundFont Manager Driver (WDM)
DRV - [2001/08/17 12:19:28 | 000,006,912 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WIN98\SYSTEM32\DRIVERS\ctlfacem.sys -- (emu10k1) Creative Interface Manager Driver (WDM)
DRV - [2001/08/17 12:19:26 | 000,283,904 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WIN98\SYSTEM32\DRIVERS\emu10k1m.sys -- (emu10k) Creative SB Live! (WDM)
DRV - [2001/08/17 12:19:20 | 000,003,712 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WIN98\SYSTEM32\DRIVERS\ctljystk.sys -- (ctljystk)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WIN98\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WIN98\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ycomp_adb...//www.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTe...-8&fr=b1ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://login.yahoo.com/config/login_verify...=us&.src=ym
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 20 2C 60 EA 4D 29 CB 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



O1 HOSTS File: ([2004/08/04 12:00:00 | 000,000,734 | ---- | M]) - C:\WIN98\SYSTEM32\DRIVERS\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [MSSE] c:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [WINDVDPatch] C:\WIN98\System32\CTHELPER.EXE (Creative Technology Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/download/C/B.../OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftu...b?1279162089461 (MUWebControl Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shock...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: Microsoft XML Parser for Java file://C:\WIN98\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\ms-its51 {F6F1E82D-DE4D-11D2-875C-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\itss51.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WIN98\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:1 (Internet Explorer Channel Bar) - 131A6951-7F78-11D0-A979-00C04FD705A2
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/09/28 21:39:12 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.NAV -- [ FAT32 ]
O32 - AutoRun File - [2005/10/10 21:20:00 | 000,000,056 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2010/07/16 12:16:50 | 000,000,081 | RHS- | M] () - F:\autorun.inf -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WIN98\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WIN98\SYSTEM32\ias [2005/09/28 22:06:14 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WIN98\SYSTEM32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found

MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk - C:\PROGRA~1\Adobe\ACROBA~2.0\Reader\READER~1.EXE - File not found
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk - C:\PROGRA~1\MICROS~2\Office\OSA9.EXE - File not found
MsConfig - StartUpFolder: C:^Documents and Settings^S^Start Menu^Programs^Startup^InterAct Profile Activator.lnk - C:\PROGRA~1\InterAct\GAMING~1\JoyAct.exe - File not found
MsConfig - StartUpFolder: C:^Documents and Settings^S^Start Menu^Programs^Startup^LimeWire On Startup.lnk - C:\PROGRA~1\LimeWire\LimeWire.exe - File not found
MsConfig - StartUpReg: HostManager - hkey= - key= - C:\Program Files\Common Files\AOL\1128224247\ee\aolsoftware.exe (America Online, Inc.)
MsConfig - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files\iTunes\iTunesHelper.exe File not found
MsConfig - StartUpReg: Jet Detection - hkey= - key= - C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe File not found
MsConfig - StartUpReg: KernelFaultCheck - hkey= - key= - File not found
MsConfig - StartUpReg: MSMSGS - hkey= - key= - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
MsConfig - StartUpReg: NeroCheck - hkey= - key= - File not found
MsConfig - StartUpReg: PlaxoUpdate - hkey= - key= - C:\Program Files\Plaxo\2.5.10.17\PlaxoHelper.exe File not found
MsConfig - StartUpReg: PrinTray - hkey= - key= - File not found
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\qttask.exe (Apple Computer, Inc.)
MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe File not found
MsConfig - StartUpReg: svcshare - hkey= - key= - File not found
MsConfig - StartUpReg: Symantec NetDriver Monitor - hkey= - key= - C:\PROGRA~1\SYMNET~1\SNDMon.exe File not found
MsConfig - StartUpReg: SystemTray - hkey= - key= - File not found
MsConfig - StartUpReg: UpdReg - hkey= - key= - C:\WIN98\UpdReg.EXE File not found
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: Lavasoft Ad-Aware Service - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SafeBootMin: MsMpSvc - c:\Program Files\Microsoft Security Essentials\MsMpEng.exe (Microsoft Corporation)
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: Lavasoft Ad-Aware Service - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SafeBootNet: MsMpSvc - c:\Program Files\Microsoft Security Essentials\MsMpEng.exe (Microsoft Corporation)
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {03F998B2-0E00-11D3-A498-00104B6EB52E} - Viewpoint Media Player
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 7.0.0
ActiveX: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - Viewpoint Media Player
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEEC729} - Macromedia Shockwave Flash
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Macromedia Shockwave Director 7.0.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WIN98\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WIN98\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - Internet Connection Wizard
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WIN98\system32\ie4uinit.exe -BaseSettings
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CA0A4247-44BE-11d1-A005-00805F8ABE06} - RunDLL setupx.dll,InstallHinfSection PowerCfg.user 0 powercfg.inf
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WIN98\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WIN98\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WIN98\system32\rundll32.exe" "C:\WIN98\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
ActiveX: MmoptPreferredAudioDevices - Windows Setup - Multimedia

Drivers32: midi - C:\WIN98\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midimapper - C:\WIN98\System32\midimap.dll (Microsoft Corporation)
Drivers32: mixer - C:\WIN98\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: msacm.iac2 - C:\WIN98\SYSTEM32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.imaadpcm - C:\WIN98\System32\imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\WIN98\SYSTEM32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lhacm - C:\WIN98\System32\LHACM.ACM (Microsoft Corporation)
Drivers32: msacm.msadpcm - C:\WIN98\System32\msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msaudio1 - C:\WIN98\System32\msaud32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - C:\WIN98\System32\msg711.acm (Microsoft Corporation)
Drivers32: msacm.msg723 - C:\WIN98\System32\msg723.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - C:\WIN98\System32\msgsm32.acm (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WIN98\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WIN98\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WIN98\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.I420 - C:\WIN98\System32\msh263.drv (Microsoft Corporation)
Drivers32: vidc.iv31 - C:\WIN98\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WIN98\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WIN98\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WIN98\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.iyuv - C:\WIN98\System32\iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.M261 - C:\WIN98\System32\msh261.drv (Microsoft Corporation)
Drivers32: vidc.M263 - C:\WIN98\System32\msh263.drv (Microsoft Corporation)
Drivers32: vidc.mrle - C:\WIN98\System32\msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msvc - C:\WIN98\System32\msvidc32.dll (Microsoft Corporation)
Drivers32: vidc.uyvy - C:\WIN98\System32\msyuv.dll (Microsoft Corporation)
Drivers32: vidc.yuy2 - C:\WIN98\System32\msyuv.dll (Microsoft Corporation)
Drivers32: vidc.yvu9 - C:\WIN98\System32\iyvu9_32.dll ()
Drivers32: vidc.yvyu - C:\WIN98\System32\msyuv.dll (Microsoft Corporation)
Drivers32: wave - C:\WIN98\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wavemapper - C:\WIN98\System32\msacm32.drv (Microsoft Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (16902109354000384)

========== Files/Folders - Created Within 90 Days ==========

[2010/07/28 20:57:55 | 000,571,904 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\S\Desktop\OTL.exe
[2010/07/26 21:41:55 | 000,000,000 | ---D | C] -- C:\WIN98\LastGood
[2010/07/26 20:59:09 | 000,000,000 | ---D | C] -- C:\WIN98\LastGood.Tmp
[2010/07/26 20:51:50 | 000,000,000 | ---D | C] -- C:\WIN98\System32\scripting
[2010/07/26 20:51:48 | 000,000,000 | ---D | C] -- C:\WIN98\l2schemas
[2010/07/26 20:51:47 | 000,000,000 | ---D | C] -- C:\Program Files\msn
[2010/07/26 20:51:47 | 000,000,000 | ---D | C] -- C:\WIN98\System32\en
[2010/07/26 20:51:47 | 000,000,000 | ---D | C] -- C:\WIN98\System32\bits
[2010/07/26 20:49:02 | 000,000,000 | ---D | C] -- C:\WIN98\ServicePackFiles
[2010/07/26 20:46:54 | 000,000,000 | ---D | C] -- C:\WIN98\network diagnostic
[2010/07/26 20:39:45 | 000,000,000 | -H-D | C] -- C:\WIN98\$NtServicePackUninstall$
[2010/07/26 20:39:39 | 000,000,000 | ---D | C] -- C:\WIN98\EHome
[2010/07/21 22:28:12 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\S\IECompatCache
[2010/07/19 20:48:28 | 000,000,000 | ---D | C] -- C:\ERDNT
[2010/07/18 12:40:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\S\Desktop\backups
[2010/07/17 22:26:46 | 000,444,416 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\S\Desktop\Total File Cleaner.exe
[2010/07/17 22:25:26 | 000,000,000 | ---D | C] -- C:\Program Files\PhotoEd
[2010/07/17 01:29:21 | 000,095,024 | ---- | C] (Sunbelt Software) -- C:\WIN98\System32\drivers\SBREDrv.sys
[2010/07/17 00:40:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
[2010/07/17 00:20:07 | 000,396,288 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\S\Desktop\HijackThis.exe
[2010/07/16 22:19:20 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\S\PrivacIE
[2010/07/16 21:44:42 | 000,064,288 | ---- | C] (Lavasoft AB) -- C:\WIN98\System32\drivers\Lbd.sys
[2010/07/16 21:44:42 | 000,000,000 | ---D | C] -- C:\WIN98\System32\DRVSTORE
[2010/07/16 20:54:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2010/07/16 19:35:42 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\S\IETldCache
[2010/07/16 19:16:03 | 000,000,000 | ---D | C] -- C:\WIN98\ie8updates
[2010/07/16 19:12:00 | 000,000,000 | -H-D | C] -- C:\WIN98\ie8
[2010/07/16 16:13:04 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2010/07/16 13:49:50 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{BD986C1B-72EC-4B82-B47B-6CAC4E6F494E}
[2010/07/16 05:14:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\PCHealth
[2010/07/16 02:02:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\S\Local Settings\Application Data\PCHealth
[2010/07/15 21:15:51 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Essentials
[2010/07/15 06:15:41 | 000,000,000 | ---D | C] -- C:\79c4d407314e55fb6c5b
[2010/07/15 05:59:55 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2010/07/14 23:39:41 | 000,000,000 | ---D | C] -- C:\WIN98\SxsCaPendDel
[2010/07/14 20:50:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\S\Application Data\Malwarebytes
[2010/07/14 20:49:54 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WIN98\System32\drivers\mbamswissarmy.sys
[2010/07/14 20:49:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/07/14 20:49:47 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WIN98\System32\drivers\mbam.sys
[2010/07/14 20:49:47 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2005/10/06 23:09:13 | 000,065,536 | ---- | C] ( ) -- C:\WIN98\System32\a3d.dll
[2 C:\WIN98\*.tmp files -> C:\WIN98\*.tmp -> ]

========== Files - Modified Within 90 Days ==========

[2010/07/28 21:01:46 | 000,000,374 | -H-- | M] () -- C:\WIN98\tasks\MpIdleTask.job
[2010/07/26 22:53:16 | 000,024,672 | ---- | M] () -- C:\WIN98\System32\BMXCtrlState-{00000000-00000000-0000000E-00001102-00000002-80221102}.rfx
[2010/07/26 22:53:16 | 000,024,672 | ---- | M] () -- C:\WIN98\System32\BMXBkpCtrlState-{00000000-00000000-0000000E-00001102-00000002-80221102}.rfx
[2010/07/26 22:53:16 | 000,016,420 | ---- | M] () -- C:\WIN98\System32\BMXStateBkp-{00000000-00000000-0000000E-00001102-00000002-80221102}.rfx
[2010/07/26 22:53:16 | 000,016,420 | ---- | M] () -- C:\WIN98\System32\BMXState-{00000000-00000000-0000000E-00001102-00000002-80221102}.rfx
[2010/07/26 22:53:16 | 000,001,080 | ---- | M] () -- C:\WIN98\System32\settingsbkup.sfm
[2010/07/26 22:53:16 | 000,001,080 | ---- | M] () -- C:\WIN98\System32\settings.sfm
[2010/07/26 22:53:16 | 000,000,024 | ---- | M] () -- C:\WIN98\System32\DVCStateBkp-{00000000-00000000-0000000E-00001102-00000002-80221102}.dat
[2010/07/26 22:53:16 | 000,000,024 | ---- | M] () -- C:\WIN98\System32\DVCState-{00000000-00000000-0000000E-00001102-00000002-80221102}.dat
[2010/07/26 22:21:10 | 000,000,472 | ---- | M] () -- C:\WIN98\tasks\Ad-Aware Update (Weekly).job
[2010/07/26 21:28:18 | 000,000,408 | -H-- | M] () -- C:\WIN98\tasks\MP Scheduled Scan.job
[2010/07/26 21:25:48 | 000,347,268 | ---- | M] () -- C:\WIN98\System32\PerfStringBackup.INI
[2010/07/26 21:25:48 | 000,305,318 | ---- | M] () -- C:\WIN98\System32\perfh009.dat
[2010/07/26 21:25:48 | 000,037,760 | ---- | M] () -- C:\WIN98\System32\perfc009.dat
[2010/07/26 21:24:52 | 000,063,200 | ---- | M] () -- C:\Documents and Settings\S\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/07/26 21:24:34 | 003,373,917 | ---- | M] () -- C:\WIN98\{00000000-00000000-0000000E-00001102-00000002-80221102}.CDF
[2010/07/26 21:24:34 | 003,373,917 | ---- | M] () -- C:\WIN98\{00000000-00000000-0000000E-00001102-00000002-80221102}.BAK
[2010/07/26 21:23:54 | 000,013,698 | ---- | M] () -- C:\WIN98\System32\wpa.dbl
[2010/07/26 21:21:18 | 000,316,640 | ---- | M] () -- C:\WIN98\WMSysPr9.prx
[2010/07/26 21:20:56 | 000,000,006 | -H-- | M] () -- C:\WIN98\tasks\SA.DAT
[2010/07/26 21:20:36 | 000,002,048 | --S- | M] () -- C:\WIN98\bootstat.dat
[2010/07/26 21:20:22 | 536,453,120 | -HS- | M] () -- C:\hiberfil.sys
[2010/07/26 21:20:22 | 000,245,512 | ---- | M] () -- C:\WIN98\System32\FNTCACHE.DAT
[2010/07/26 21:19:38 | 003,932,160 | -H-- | M] () -- C:\Documents and Settings\S\NTUSER.DAT
[2010/07/26 21:19:16 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\S\ntuser.ini
[2010/07/26 20:46:34 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/07/21 22:31:14 | 000,000,762 | ---- | M] () -- C:\Documents and Settings\S\Desktop\Shortcut to MSPUB.EXE.lnk
[2010/07/21 22:31:08 | 000,000,762 | ---- | M] () -- C:\Documents and Settings\S\Desktop\Shortcut to EXCEL.EXE.lnk
[2010/07/21 22:31:02 | 000,000,774 | ---- | M] () -- C:\Documents and Settings\S\Desktop\Shortcut to WINWORD.EXE.lnk
[2010/07/18 13:59:28 | 000,001,596 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\NETGEAR WG311T Wireless Assistant.lnk
[2010/07/17 13:48:08 | 003,513,237 | ---- | M] () -- C:\Documents and Settings\S\Desktop\WVCheck.exe
[2010/07/17 01:29:22 | 000,095,024 | ---- | M] (Sunbelt Software) -- C:\WIN98\System32\drivers\SBREDrv.sys
[2010/07/16 20:57:18 | 000,000,817 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2010/07/15 21:15:54 | 000,000,770 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Security Essentials.lnk
[2010/07/15 20:41:32 | 000,001,140 | ---- | M] () -- C:\WIN98\win.ini
[2010/07/15 20:41:32 | 000,000,553 | ---- | M] () -- C:\WIN98\system.ini
[2010/07/15 20:41:32 | 000,000,213 | -HS- | M] () -- C:\boot.ini
[2010/07/15 00:27:32 | 000,000,009 | RHS- | M] () -- C:\WIN98\tasks\Desktop_.ini
[2010/07/15 00:25:28 | 000,000,009 | RHS- | M] () -- C:\WIN98\System\Desktop_.ini
[2010/07/15 00:25:28 | 000,000,009 | RHS- | M] () -- C:\WIN98\Desktop_.ini
[2010/07/15 00:11:06 | 000,000,009 | RHS- | M] () -- C:\Program Files\Desktop_.ini
[2010/07/14 23:24:18 | 000,001,427 | ---- | M] () -- C:\Documents and Settings\S\Desktop\Windows Explorer.lnk
[2010/07/14 20:49:58 | 000,000,646 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/07/12 03:55:40 | 000,064,288 | ---- | M] (Lavasoft AB) -- C:\WIN98\System32\drivers\Lbd.sys
[2010/07/12 03:55:40 | 000,015,880 | ---- | M] () -- C:\WIN98\System32\lsdelete.exe
[2010/05/23 21:49:40 | 000,444,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\S\Desktop\Total File Cleaner.exe
[2010/05/22 09:28:48 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\S\Desktop\OTL.exe
[2010/05/11 21:23:26 | 000,396,288 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\S\Desktop\HijackThis.exe
[2 C:\WIN98\*.tmp files -> C:\WIN98\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/07/23 19:57:10 | 003,513,237 | ---- | C] () -- C:\Documents and Settings\S\Desktop\WVCheck.exe
[2010/07/21 22:31:13 | 000,000,762 | ---- | C] () -- C:\Documents and Settings\S\Desktop\Shortcut to MSPUB.EXE.lnk
[2010/07/21 22:31:07 | 000,000,762 | ---- | C] () -- C:\Documents and Settings\S\Desktop\Shortcut to EXCEL.EXE.lnk
[2010/07/21 22:31:00 | 000,000,774 | ---- | C] () -- C:\Documents and Settings\S\Desktop\Shortcut to WINWORD.EXE.lnk
[2010/07/17 18:01:34 | 000,015,880 | ---- | C] () -- C:\WIN98\System32\lsdelete.exe
[2010/07/16 21:47:59 | 000,000,472 | ---- | C] () -- C:\WIN98\tasks\Ad-Aware Update (Weekly).job
[2010/07/16 20:57:17 | 000,000,817 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2010/07/16 14:11:10 | 000,067,866 | ---- | C] () -- C:\WIN98\System32\drivers\netwlan5.img
[2010/07/16 14:11:06 | 000,129,045 | ---- | C] () -- C:\WIN98\System32\drivers\cxthsfs2.cty
[2010/07/16 14:11:00 | 000,064,352 | ---- | C] () -- C:\WIN98\System32\drivers\ativmc20.cod
[2010/07/15 21:27:40 | 000,000,374 | -H-- | C] () -- C:\WIN98\tasks\MpIdleTask.job
[2010/07/15 21:21:05 | 000,000,408 | -H-- | C] () -- C:\WIN98\tasks\MP Scheduled Scan.job
[2010/07/15 21:15:53 | 000,000,770 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Security Essentials.lnk
[2010/07/15 21:11:27 | 536,453,120 | -HS- | C] () -- C:\hiberfil.sys
[2010/07/14 23:55:36 | 000,000,009 | RHS- | C] () -- C:\WIN98\tasks\Desktop_.ini
[2010/07/14 20:49:57 | 000,000,646 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/07/14 20:45:40 | 000,000,009 | RHS- | C] () -- C:\Program Files\Desktop_.ini
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WIN98\System32\OGACheckControl.DLL
[2007/02/14 16:24:53 | 000,000,429 | ---- | C] () -- C:\WIN98\cdplayer.ini
[2007/01/18 16:30:39 | 000,000,009 | RHS- | C] () -- C:\WIN98\Desktop_.ini
[2006/01/01 12:06:08 | 000,000,082 | ---- | C] () -- C:\WIN98\WSST_Screen_Saver.ini
[2005/11/08 19:12:10 | 000,000,000 | ---- | C] () -- C:\WIN98\OpPrintServer.INI
[2005/10/30 01:06:13 | 000,001,863 | ---- | C] () -- C:\WIN98\MediaShout EV3.ini
[2005/10/12 23:08:55 | 000,000,000 | ---- | C] () -- C:\WIN98\JoyAct.INI
[2005/10/10 21:17:47 | 001,236,992 | ---- | C] () -- C:\WIN98\System32\IAIFFCtrl.dll
[2005/10/10 21:17:47 | 000,831,488 | ---- | C] () -- C:\WIN98\System32\IAI285Ctrl.dll
[2005/10/10 21:17:47 | 000,720,896 | ---- | C] () -- C:\WIN98\System32\IAIGameCtrl.dll
[2005/10/10 21:17:46 | 001,032,192 | ---- | C] () -- C:\WIN98\System32\IAI286Ctrl.dll
[2005/10/06 23:11:34 | 000,000,128 | ---- | C] () -- C:\WIN98\SBWIN.INI
[2005/10/06 23:11:29 | 000,000,231 | ---- | C] () -- C:\WIN98\AC3API.INI
[2005/10/06 23:09:15 | 000,037,727 | ---- | C] () -- C:\WIN98\System32\Emu10kx.ini
[2005/10/06 23:09:15 | 000,000,029 | ---- | C] () -- C:\WIN98\System32\ctzapxx.ini
[2005/10/06 23:09:07 | 000,000,180 | ---- | C] () -- C:\WIN98\System32\KILL.INI
[2005/10/04 21:02:23 | 000,056,832 | ---- | C] () -- C:\WIN98\System32\iyvu9_32.dll
[2005/10/02 22:16:35 | 000,000,370 | ---- | C] () -- C:\WIN98\ODBC.INI
[2005/10/02 20:45:10 | 000,000,643 | ---- | C] () -- C:\WIN98\LEXSTAT.INI
[2005/10/01 22:12:31 | 000,000,028 | ---- | C] () -- C:\WIN98\atid.ini
[2005/09/28 22:36:02 | 000,012,327 | ---- | C] () -- C:\WIN98\IOS.INI
[2005/09/28 22:36:02 | 000,007,885 | ---- | C] () -- C:\WIN98\NETDET.INI
[2005/09/28 22:36:02 | 000,003,550 | ---- | C] () -- C:\WIN98\HTMLHELP.INI
[2005/09/28 22:36:02 | 000,000,865 | ---- | C] () -- C:\WIN98\DOSREP.INI
[2005/09/28 22:36:02 | 000,000,787 | ---- | C] () -- C:\WIN98\SCANREG.INI
[2005/09/28 22:36:02 | 000,000,225 | ---- | C] () -- C:\WIN98\TELEPHON.INI
[2005/09/28 22:36:02 | 000,000,120 | ---- | C] () -- C:\WIN98\PROTOCOL.INI
[2005/09/28 22:36:02 | 000,000,068 | ---- | C] () -- C:\WIN98\FPXPRESS.INI
[2005/09/28 22:36:02 | 000,000,060 | ---- | C] () -- C:\WIN98\POWERPNT.INI
[2005/09/28 22:36:02 | 000,000,028 | ---- | C] () -- C:\WIN98\QTW.INI
[2005/09/28 22:36:02 | 000,000,026 | ---- | C] () -- C:\WIN98\MSOFFICE.INI
[2005/09/28 22:36:02 | 000,000,000 | ---- | C] () -- C:\WIN98\progman.ini
[1999/01/22 13:46:58 | 000,065,536 | ---- | C] () -- C:\WIN98\System32\MSRTEDIT.DLL
[1998/01/12 03:00:00 | 000,040,448 | ---- | C] () -- C:\WIN98\System32\REGOBJ.DLL
[1980/01/01 00:00:00 | 000,188,416 | ---- | C] () -- C:\WIN98\System32\MEMBG.DLL
[1980/01/01 00:00:00 | 000,057,344 | ---- | C] () -- C:\WIN98\System32\ICMFILTER.DLL
[1980/01/01 00:00:00 | 000,000,025 | ---- | C] () -- C:\WIN98\System32\OEMINFO.INI

========== LOP Check ==========

[2005/10/31 22:28:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2010/07/16 13:49:52 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{BD986C1B-72EC-4B82-B47B-6CAC4E6F494E}
[2008/03/01 19:00:02 | 000,000,502 | ---- | M] () -- C:\WIN98\Tasks\Tune-up Application Start.job
[2010/07/15 00:27:32 | 000,000,009 | RHS- | M] () -- C:\WIN98\Tasks\Desktop_.ini
[2010/07/28 21:01:46 | 000,000,374 | -H-- | M] () -- C:\WIN98\Tasks\MpIdleTask.job
[2010/07/26 21:28:18 | 000,000,408 | -H-- | M] () -- C:\WIN98\Tasks\MP Scheduled Scan.job
[2010/07/26 22:21:10 | 000,000,472 | ---- | M] () -- C:\WIN98\Tasks\Ad-Aware Update (Weekly).job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2010/07/26 21:20:22 | 536,453,120 | -HS- | M] () -- C:\hiberfil.sys
[2010/07/26 21:20:14 | 000,001,877 | ---- | M] () -- C:\aaw7boot.log
[2005/09/28 21:37:10 | 000,001,672 | RHS- | M] () -- C:\MSDOS.SYS
[2005/09/28 21:39:12 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/07/26 21:20:20 | 805,306,368 | -HS- | M] () -- C:\pagefile.sys
[2005/09/28 21:39:12 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.NAV
[1998/05/11 19:01:00 | 000,222,390 | RHS- | M] () -- C:\IO.SYS
[2005/09/28 22:04:08 | 000,000,512 | -HS- | M] () -- C:\BOOTSECT.DOS
[2010/07/26 20:46:34 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2004/08/04 12:00:00 | 000,047,564 | RHS- | M] () -- C:\ntdetect.com
[2010/07/15 20:41:32 | 000,000,213 | -HS- | M] () -- C:\boot.ini
[2006/09/09 13:01:54 | 000,027,465 | ---- | M] () -- C:\ac5e8ad3-8158-4c5e-a446-7897c7cfa3c5.xml
[2005/10/10 21:20:00 | 000,000,056 | ---- | M] () -- C:\AUTOEXEC.BAT

< %systemroot%\system32\Spool\prtprocs\w32x86\*.* >
[2000/08/16 14:25:04 | 000,058,880 | ---- | M] (Lexmark International) -- C:\WIN98\SYSTEM32\spool\prtprocs\w32x86\LMPRINT.DLL
[2002/03/29 04:40:52 | 000,073,728 | ---- | M] (Lexmark International) -- C:\WIN98\SYSTEM32\spool\prtprocs\w32x86\Lxacpp.DLL

< %systemroot%\system32\*.wt >

< %systemroot%\system32\*.ruy >

< %systemroot%\Fonts\*.com >

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2005/09/28 22:34:50 | 000,000,067 | -HS- | M] () -- C:\WIN98\FONTS\desktop.ini
[2010/07/15 00:27:14 | 000,000,009 | RHS- | M] () -- C:\WIN98\FONTS\Desktop_.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >
[2010/07/15 00:00:46 | 000,000,009 | RHS- | M] () -- C:\WIN98\repair\Desktop_.ini

< %systemroot%\system32\*.jpg >

< %systemroot%\*.scr >

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Update\*.* >

< %APPDATA%\Microsoft\*.* >
[2005/12/26 10:52:42 | 000,001,682 | -H-- | M] () -- C:\Documents and Settings\S\Application Data\Microsoft\LastFlashConfig.WFC

< %PROGRAMFILES%\*.* >
[2005/09/28 21:38:14 | 000,011,079 | -H-- | M] () -- C:\Program Files\folder.htt
[2005/09/28 21:38:14 | 000,000,266 | -HS- | M] () -- C:\Program Files\desktop.ini
[2007/02/14 17:11:20 | 036,808,256 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\iTunesSetup.exe
[2010/07/15 00:11:06 | 000,000,009 | RHS- | M] () -- C:\Program Files\Desktop_.ini

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2005/09/28 22:20:30 | 000,860,160 | ---- | M] () -- C:\WIN98\SYSTEM32\config\system.sav
[2005/09/28 22:20:30 | 000,634,880 | ---- | M] () -- C:\WIN98\SYSTEM32\config\software.sav
[2005/09/28 22:20:30 | 000,094,208 | ---- | M] () -- C:\WIN98\SYSTEM32\config\default.sav

< %systemroot%\system32\user32.dll /md5 >
[2008/04/13 19:12:08 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=B26B135FF1B9F60C9388B4A7D16F600B -- C:\WIN98\SYSTEM32\user32.dll

< %systemroot%\system32\ws2_32.dll /md5 >
[2008/04/13 19:12:10 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WIN98\SYSTEM32\ws2_32.dll

< %systemroot%\system32\ws2help.dll /md5 >
[2008/04/13 19:12:10 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=9789E95E1D88EEB4B922BF3EA7779C28 -- C:\WIN98\SYSTEM32\ws2help.dll

< %PROGRAMFILES%\*. >
[2005/09/28 21:22:00 | 000,000,000 | R--D | M] -- C:\Program Files\Common Files
[2005/09/28 21:22:02 | 000,000,000 | ---D | M] -- C:\Program Files\PLUS!
[2005/09/28 21:22:00 | 000,000,000 | R--D | M] -- C:\Program Files\NetMeeting
[2005/09/28 21:22:00 | 000,000,000 | R--D | M] -- C:\Program Files\Accessories
[2005/09/28 21:22:00 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2005/09/28 21:22:00 | 000,000,000 | R--D | M] -- C:\Program Files\FrontPage Express
[2005/09/28 21:22:02 | 000,000,000 | R--D | M] -- C:\Program Files\Outlook Express
[2005/09/28 22:29:32 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2005/09/28 22:29:48 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Gaming Zone
[2005/09/28 22:29:50 | 000,000,000 | ---D | M] -- C:\Program Files\Messenger
[2005/09/28 22:30:00 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2005/09/28 22:31:16 | 000,000,000 | ---D | M] -- C:\Program Files\ComPlus Applications
[2005/09/28 22:32:02 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2005/09/28 22:32:54 | 000,000,000 | -H-D | M] -- C:\Program Files\WindowsUpdate
[2005/09/28 22:36:58 | 000,000,000 | ---D | M] -- C:\Program Files\microsoft frontpage
[2005/09/28 22:36:58 | 000,000,000 | ---D | M] -- C:\Program Files\xerox
[2005/09/28 23:12:44 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2005/10/02 22:13:06 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2005/10/02 22:25:46 | 000,000,000 | ---D | M] -- C:\Program Files\Snapshot Viewer
[2005/10/02 22:32:18 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Encarta
[2005/10/04 20:59:52 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Games
[2005/10/04 21:26:28 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2005/10/04 21:34:40 | 000,000,000 | ---D | M] -- C:\Program Files\Electronic Arts
[2005/10/06 23:05:48 | 000,000,000 | ---D | M] -- C:\Program Files\Creative
[2005/10/10 21:17:40 | 000,000,000 | ---D | M] -- C:\Program Files\InterAct
[2005/10/31 22:28:56 | 000,000,000 | ---D | M] -- C:\Program Files\Viewpoint
[2005/12/04 00:59:40 | 000,000,000 | ---D | M] -- C:\Program Files\Real
[2005/12/26 10:31:26 | 000,000,000 | ---D | M] -- C:\Program Files\NETGEAR
[2006/01/25 22:15:16 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2006/04/23 18:56:54 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2010/07/14 20:49:48 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/07/15 05:59:56 | 000,000,000 | ---D | M] -- C:\Program Files\Lavasoft
[2010/07/15 21:15:52 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Security Essentials
[2010/07/16 16:13:06 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2010/07/17 22:25:28 | 000,000,000 | ---D | M] -- C:\Program Files\PhotoEd
[2010/07/26 20:51:48 | 000,000,000 | ---D | M] -- C:\Program Files\msn

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-07-27 02:42:00

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
< End of report >


I ran WVCheck.exe as you said and it opened in a DOS window, I pressed enter and it ran. It displayed the attached screenshot for about 30 seconds, then flashed one more line that I could not capture, then it closed. No error message or nxt file opened.

Attached File(s)

 wvcheck_message.jpg ( 54.8K ) Number of downloads: 9

 

[Rorschach112]

do you have the gmer and locksearch logs ?


Run OTL

• Under the Custom Scans/Fixes box at the bottom, paste in the following
  
  
  CODE
  :OTL
  MsConfig - StartUpReg: svcshare - hkey= - key= - File not found
  
  :Services
  
  :Reg
  
  :Files
  ipconfig /flushdns /c
  
  :Commands
  [purity]
  [resethosts]
  [emptytemp]
  [EMPTYFLASH]
  [CREATERESTOREPOINT]
  [Reboot]
  
  
• Then click the Run Fix button at the top
• Let the program run unhindered, reboot the PC when it is done

Download TFC to your desktop

• Open the file and close any other windows.
• It will close all programs itself when run, make sure to let it run uninterrupted.
• Click the Start button to begin the process. The program should not take long to finish its job
• Once its finished it should reboot your machine, if not, do this yourself to ensure a complete clean

Please download Malwarebytes' Anti-Malware from Here

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
• If an update is found, it will download and install the latest version.
• Once the program has loaded, select "Perform Quick Scan", then click Scan.
• The scan may take some time to finish,so please be patient.
• When the scan is complete, click OK, then Show Results to view the results.
• Make sure that everything is checked, and click Remove Selected.
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
• Copy&Paste the entire report in your next reply.

Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.






Go to Kaspersky website and perform an online antivirus scan.

1. Read through the requirements and privacy statement and click on Accept button.
2. It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
3. When the downloads have finished, click on Settings.
4. Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:
   Spyware, Adware, Dialers, and other potentially dangerous programs
   Archives
   Mail databases
5. Click on My Computer under Scan.
6. Once the scan is complete, it will display the results. Click on View Scan Report.
7. You will see a list of infected items there. Click on Save Report As....
8. Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button. Then post it here.

[Steve_11]

I re-ran GMER and Locksearch and the logs are below.
I did the OTL fix as you instructed.
Already had TFC and MBAM but re-ran anyway. I use those regularly.
Pleae note the Kaspersy link to their free scan has changed, must be a new version?: http://usa.kaspersky.com/downloads/free-virus-scanner.php
I downloaded and installed thier 30 day free trial. Ran the update. Ran Quick Scan. I did not find a View Scan Report but there is are a couple of reports you can get. I chose the Save Detailed Report. Results of Quick Scan are below.
BTW, the sympton I am concerned with is overall slowness of my computer. I probably need to clean up the registry but do not feel comfortable with that. Also, the automatic re-setting of my Windows Explorer Tools Folder Options View settings concerns me.

GMER LOGFILE:
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-07-30 09:21:14
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOCUME~1\S\LOCALS~1\Temp\fgtdypow.sys


---- System - GMER 1.0.15 ----

SSDT Lbd.sys (Boot Driver/Lavasoft AB) ZwCreateKey [0xF888587E]
SSDT Lbd.sys (Boot Driver/Lavasoft AB) ZwSetValueKey [0xF8885BFE]

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\Tcpip \Device\Ip SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Tcp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Udp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\RawIp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----


LOCKSEARCH LOGFILE:
LockSearch by jpshortstuff (05.11.09.1)
Log created at 12:05 on 30/07/2010 (S)
Scanning C:\WIN98\

No locked files found.

-=E.O.F=-


OTL FIX LOGFILE:
All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\svcshare\ deleted successfully.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Documents and Settings\S\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\S\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
C:\WIN98\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: S
->Temp folder emptied: 93136 bytes
->Temporary Internet Files folder emptied: 3092580 bytes
->Flash cache emptied: 548 bytes

User: NetworkService
->Temp folder emptied: 24336 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 19569 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 107562 bytes
Session Manager Temp folder emptied: 0 bytes
Session Manager Tmp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 456934 bytes

Total Files Cleaned = 4.00 mb

[EMPTYFLASH]

User: Default User

User: All Users

User: S
->Flash cache emptied: 0 bytes

User: NetworkService

User: LocalService

User: Administrator

Total Flash Files Cleaned = 0.00 mb

Restore point Set: OTL Restore Point (0)

OTL by OldTimer - Version 3.2.5.0 log created on 07302010_092517

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...


MBAM LOGFILE:
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4336

Windows 5.1.2600 Service Pack 2
Internet Explorer 8.0.6001.18702

7/23/2010 8:12:07 PM
mbam-log-2010-07-23 (20-12-07).txt

Scan type: Quick scan
Objects scanned: 127873
Time elapsed: 20 minute(s), 5 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

LOCKSEARCH LOG FILE:
LockSearch by jpshortstuff (05.11.09.1)
Log created at 12:05 on 30/07/2010 (S)
Scanning C:\WIN98\

No locked files found.

-=E.O.F=-

MBAM REPORT:
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4336

Windows 5.1.2600 Service Pack 2
Internet Explorer 8.0.6001.18702

7/23/2010 8:12:07 PM
mbam-log-2010-07-23 (20-12-07).txt

Scan type: Quick scan
Objects scanned: 127873
Time elapsed: 20 minute(s), 5 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


KASPERSKY QUICK SCAN LOG FILE:
Date: Today (events: 96)
My Protection (events: 5)
7/30/2010 12:02:12 PM Some components cannot be enabled Kaspersky Internet Security
7/30/2010 11:47:47 AM Threats have been detected Kaspersky Internet Security
7/30/2010 11:47:45 AM Threats have been detected Kaspersky Internet Security
7/30/2010 10:42:23 AM Databases are obsolete Kaspersky Internet Security
7/30/2010 10:40:43 AM Databases are obsolete Kaspersky Internet Security
File Anti-Virus (events: 10)
7/30/2010 12:11:49 PM Task started Kaspersky Internet Security File Anti-Virus
7/30/2010 12:02:14 PM Unable to start tasks Kaspersky Internet Security File Anti-Virus Database is corrupted
7/30/2010 11:59:22 AM Task started Kaspersky Internet Security File Anti-Virus
7/30/2010 11:47:47 AM Disinfected: Worm.Win32.Fujack.p LOCKSEARCH.EXE C:\System Volume Information\_restore{D753C52C-01E5-4655-A9D0-C462B36D2A67}\RP303\A0197207.exe
7/30/2010 11:47:47 AM Disinfected: Worm.Win32.Fujack.p LOCKSEARCH.EXE C:\System Volume Information\_restore{D753C52C-01E5-4655-A9D0-C462B36D2A67}\RP303\A0197207.exe
7/30/2010 11:47:47 AM Detected: Worm.Win32.Fujack.p LOCKSEARCH.EXE C:\System Volume Information\_restore{D753C52C-01E5-4655-A9D0-C462B36D2A67}\RP303\A0197207.exe
7/30/2010 11:47:46 AM Disinfected: Worm.Win32.Fujack.p LOCKSEARCH.EXE C:\System Volume Information\_restore{D753C52C-01E5-4655-A9D0-C462B36D2A67}\RP303\A0197206.exe
7/30/2010 11:47:46 AM Disinfected: Worm.Win32.Fujack.p LOCKSEARCH.EXE C:\System Volume Information\_restore{D753C52C-01E5-4655-A9D0-C462B36D2A67}\RP303\A0197206.exe
7/30/2010 11:47:45 AM Detected: Worm.Win32.Fujack.p LOCKSEARCH.EXE C:\System Volume Information\_restore{D753C52C-01E5-4655-A9D0-C462B36D2A67}\RP303\A0197206.exe
7/30/2010 10:40:43 AM Task started Kaspersky Internet Security File Anti-Virus
Mail Anti-Virus (events: 4)
7/30/2010 12:11:49 PM Task started Kaspersky Internet Security Mail Anti-Virus
7/30/2010 12:02:12 PM Unable to start tasks Kaspersky Internet Security Mail Anti-Virus Database is corrupted
7/30/2010 11:59:23 AM Task started Kaspersky Internet Security Mail Anti-Virus
7/30/2010 10:40:43 AM Task started Kaspersky Internet Security Mail Anti-Virus
Web Anti-Virus (events: 4)
7/30/2010 12:11:49 PM Task started Kaspersky Internet Security Web Anti-Virus
7/30/2010 12:02:12 PM Unable to start tasks Kaspersky Internet Security Web Anti-Virus
7/30/2010 11:59:23 AM Task started Kaspersky Internet Security Web Anti-Virus
7/30/2010 10:40:47 AM Task started Kaspersky Internet Security Web Anti-Virus
Network Attack Blocker (events: 2)
7/30/2010 11:59:23 AM Task started Kaspersky Internet Security Network Attack Blocker
7/30/2010 10:40:43 AM Task started Kaspersky Internet Security Network Attack Blocker
Anti-Spam (events: 2)
7/30/2010 11:59:22 AM Task started Kaspersky Internet Security Anti-Spam
7/30/2010 10:40:43 AM Task started Kaspersky Internet Security Anti-Spam
Application Control (events: 41)
7/30/2010 1:26:17 PM Disk Defragmenter FAT File System Module Placed in group Trusted Signed by the digital signature of entrusted manufacturers
7/30/2010 1:26:04 PM Disk Defragmenter Module Placed in group Trusted Signed by the digital signature of entrusted manufacturers
7/30/2010 12:16:18 PM Allowed: Setting debug privileges Notepad Setting debug privileges Setting debug privileges
7/30/2010 12:02:32 PM Notepad Placed in group Trusted Signed by the digital signature of entrusted manufacturers
7/30/2010 12:02:21 PM Watson Subscriber for SENS Network Notifications Placed in group Trusted Signed by the digital signature of entrusted manufacturers
7/30/2010 12:00:35 PM Windows Genuine Advantage Notification Placed in group Trusted Signed by the digital signature of entrusted manufacturers
7/30/2010 12:00:10 PM Image Mastering API Placed in group Trusted Signed by the digital signature of entrusted manufacturers
7/30/2010 12:00:10 PM Windows Security Center Notification App Placed in group Trusted Signed by the digital signature of entrusted manufacturers
7/30/2010 11:59:23 AM Task started Kaspersky Internet Security Application Control
7/30/2010 11:56:42 AM Allowed: Changing object access rights ACS.EXE Changing object access rights REGISTRY\MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E972-E325-11CE-BFC1-08002bE10318}\0008 Changing object access rights
7/30/2010 11:56:35 AM Allowed: Setting debug privileges ACS.EXE Setting debug privileges Setting debug privileges
7/30/2010 11:56:13 AM Windows Logon UI Placed in group Trusted Signed by the digital signature of entrusted manufacturers
7/30/2010 11:09:16 AM Default Screen Saver Placed in group Trusted Signed by the digital signature of entrusted manufacturers
7/30/2010 10:56:41 AM Windows Shell Common Dll Placed in group Trusted Signed by the digital signature of entrusted manufacturers
7/30/2010 10:45:14 AM Windows Command Processor Placed in group Trusted Signed by the digital signature of entrusted manufacturers
7/30/2010 10:45:11 AM LOCKSEARCH.EXE Placed in group Low Restricted High value of threat rating calculated heuristically
7/30/2010 10:42:53 AM Task Scheduler Engine Placed in group Trusted Signed by the digital signature of entrusted manufacturers
7/30/2010 10:42:15 AM WMI Placed in group Trusted Signed by the digital signature of entrusted manufacturers
7/30/2010 10:42:02 AM Verify Class ID Placed in group Trusted Signed by the digital signature of entrusted manufacturers
7/30/2010 10:41:53 AM Microsoft© Register Server Placed in group Trusted Signed by the digital signature of entrusted manufacturers
7/30/2010 10:41:49 AM Microsoft Malware Protection Command Line Utility Placed in group Trusted Signed by the digital signature of entrusted manufacturers
7/30/2010 10:41:48 AM Kaspersky Anti-Virus GUI Windows part Placed in group Trusted Signed by the digital signature of entrusted manufacturers
7/30/2010 10:41:39 AM NetgearCUv2 MFC Application Placed in group Low Restricted High value of threat rating calculated heuristically
7/30/2010 10:41:31 AM CTF Loader Placed in group Trusted Signed by the digital signature of entrusted manufacturers
7/30/2010 10:41:30 AM Microsoft Security Essentials User Interface Placed in group Trusted Signed by the digital signature of entrusted manufacturers
7/30/2010 10:41:29 AM CtHelper Application Placed in group Trusted Known on the database of the known software
7/30/2010 10:41:29 AM Windows Update Placed in group Trusted Signed by the digital signature of entrusted manufacturers
7/30/2010 10:41:27 AM Application Layer Gateway Service Placed in group Trusted Signed by the digital signature of entrusted manufacturers
7/30/2010 10:41:25 AM Windows User Mode Driver Manager Placed in group Trusted Signed by the digital signature of entrusted manufacturers
7/30/2010 10:41:22 AM Windows® installer Placed in group Trusted Signed by the digital signature of entrusted manufacturers
7/30/2010 10:41:13 AM Windows Explorer Placed in group Trusted Signed by the digital signature of entrusted manufacturers
7/30/2010 10:41:08 AM Kaspersky Internet Security Placed in group Trusted Signed by the digital signature of entrusted manufacturers
7/30/2010 10:41:07 AM ACS.EXE Placed in group Low Restricted High value of threat rating calculated heuristically
7/30/2010 10:41:04 AM AntiMalware Service Executable Placed in group Trusted Signed by the digital signature of entrusted manufacturers
7/30/2010 10:40:58 AM Generic Host Process for Win32 Services Placed in group Trusted Signed by the digital signature of entrusted manufacturers
7/30/2010 10:40:56 AM LSA Shell (Export Version) Placed in group Trusted Signed by the digital signature of entrusted manufacturers
7/30/2010 10:40:55 AM Services and Controller app Placed in group Trusted Signed by the digital signature of entrusted manufacturers
7/30/2010 10:40:54 AM Windows NT Logon Application Placed in group Trusted Signed by the digital signature of entrusted manufacturers
7/30/2010 10:40:52 AM Client Server Runtime Process Placed in group Trusted Signed by the digital signature of entrusted manufacturers
7/30/2010 10:40:52 AM Windows NT Session Manager Placed in group Trusted Signed by the digital signature of entrusted manufacturers
7/30/2010 10:40:43 AM Task started Kaspersky Internet Security Application Control
Proactive Defense (events: 2)
7/30/2010 11:59:23 AM Task started Kaspersky Internet Security Proactive Defense
7/30/2010 10:40:43 AM Task started Kaspersky Internet Security Proactive Defense
Firewall (events: 2)
7/30/2010 11:59:22 AM Task started Kaspersky Internet Security Firewall
7/30/2010 10:40:43 AM Task started Kaspersky Internet Security Firewall
IM Anti-Virus (events: 4)
7/30/2010 12:11:49 PM Task started Kaspersky Internet Security IM Anti-Virus
7/30/2010 12:02:13 PM Unable to start tasks Kaspersky Internet Security IM Anti-Virus Database is corrupted
7/30/2010 11:59:23 AM Task started Kaspersky Internet Security IM Anti-Virus
7/30/2010 10:40:43 AM Task started Kaspersky Internet Security IM Anti-Virus
Objects Scan (events: 11)
7/30/2010 4:10:03 PM Task completed Kaspersky Internet Security Quick Scan
7/30/2010 4:03:55 PM Task started Kaspersky Internet Security Quick Scan
7/30/2010 3:41:17 PM Task completed Kaspersky Internet Security Quick Scan
7/30/2010 3:35:29 PM Task started Kaspersky Internet Security Quick Scan
7/30/2010 2:58:35 PM Task completed Kaspersky Internet Security Objects Scan
7/30/2010 2:55:35 PM Task completed Kaspersky Internet Security Rootkit Scan
7/30/2010 12:31:23 PM Task started Kaspersky Internet Security Objects Scan
7/30/2010 12:29:27 PM Task started Kaspersky Internet Security Rootkit Scan
7/30/2010 11:36:37 AM Task completed Kaspersky Internet Security Virus Scan
7/30/2010 11:29:15 AM Task started Kaspersky Internet Security Virus Scan
7/30/2010 11:10:47 AM Task started Kaspersky Internet Security Rootkit Scan
My Update Center (events: 9)
7/30/2010 3:57:22 PM Task completed Kaspersky Internet Security My Update Center
7/30/2010 3:50:23 PM Task started Kaspersky Internet Security My Update Center
7/30/2010 2:58:43 PM Task completed Kaspersky Internet Security My Update Center Not all components were updated
7/30/2010 2:14:36 PM Task started Kaspersky Internet Security My Update Center
7/30/2010 12:12:35 PM Task completed Kaspersky Internet Security My Update Center Not all components were updated
7/30/2010 12:02:11 PM Task started Kaspersky Internet Security My Update Center
7/30/2010 10:43:09 AM Task started Kaspersky Internet Security My Update Center
7/30/2010 10:42:23 AM Task stopped Kaspersky Internet Security My Update Center Operation cancelled by the user
7/30/2010 10:40:59 AM Task started Kaspersky Internet Security My Update Center

[Rorschach112]

looks good to me

• Download OTC to your desktop and run it
• Click Yes to beginning the Cleanup process and remove these components, including this application.
• You will be asked to reboot the machine to finish the Cleanup process. Choose Yes.

[Steve_11]

Alright I will do that.
Thank you for your help.
Can you recommend anything I should remove manually from my registry?
Also, what is a good way to clean up and keep a registry "tidy"?

[Rorschach112]

I wouldn't mess around with your registry, too dangerous

Your PC seems to be running the bare minimum, not much I can suggest really.

[Rorschach112]

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter.

Everyone else please begin a New Topic.

Thank You !