Issues and need tissues

**cv18sro** · 2011-03-28, 19:14

It is running much better the only thing is the Windows Security Alerts will not turn on. Seems that is the only thing left.

**ken545** · 2011-03-28, 23:31

Do me a favor and run OTL Scan again and post a new log

**cv18sro** · 2011-03-29, 01:21

as per your request I ran the OTL below

OTL logfile created on: 3/28/2011 4:08:42 PM - Run 4
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Mom and Dad\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 60.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 84.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232.82 Gb Total Space | 214.02 Gb Free Space | 91.93% Space Free | Partition Type: NTFS

Computer Name: HUFF | User Name: Mom and Dad | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/03/26 17:29:50 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mom and Dad\Desktop\OTL.exe
PRC - [2011/02/25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/01/13 01:47:34 | 003,396,624 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2011/01/13 01:47:33 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010/12/20 18:08:58 | 000,363,344 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2010/12/20 18:08:56 | 000,443,728 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2010/12/10 05:29:00 | 000,092,008 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2010/12/10 05:28:56 | 000,247,144 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
PRC - [2010/07/26 05:49:56 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN\MSNCoreFiles\msn.exe
PRC - [2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/02/10 07:56:12 | 000,479,232 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
PRC - [1997/09/04 00:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Greetings Workshop\GWREMIND.EXE

========== Modules (SafeList) ==========

MOD - [2011/03/26 17:29:50 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mom and Dad\Desktop\OTL.exe
MOD - [2011/01/13 01:47:35 | 000,189,728 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\snxhk.dll
MOD - [2010/08/23 09:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (nosGetPlusHelper) getPlus(R)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/02/28 18:44:14 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2011/01/13 01:47:33 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/12/20 18:08:58 | 000,363,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2010/12/10 05:29:00 | 000,092,008 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)

========== Driver Services (SafeList) ==========

DRV - [2011/01/13 01:41:16 | 000,294,608 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/01/13 01:40:16 | 000,047,440 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/01/13 01:40:04 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/01/13 01:37:30 | 000,023,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/01/13 01:37:11 | 000,029,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/01/13 01:37:09 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/12/20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2009/05/16 03:58:46 | 004,069,888 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2007/05/02 16:21:22 | 004,403,712 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = B0 9B F1 1A 86 EA CB 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: MapShare-status@tomtom.com:1.7.1
FF - prefs.js..extensions.enabledItems: baseTheme@tomtom.com:1.0.2

[2011/02/09 21:57:51 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mom and Dad\Application Data\Mozilla\Extensions
[2011/02/09 21:57:51 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mom and Dad\Application Data\Mozilla\Extensions\home2@tomtom.com
[2011/02/09 21:57:36 | 000,000,000 | ---D | M] (Map status indicator) -- C:\PROGRAM FILES\TOMTOM HOME 2\XUL\EXTENSIONS\MAPSHARE-STATUS@TOMTOM.COM

O1 HOSTS File: ([2011/03/27 15:08:50 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKCU..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Photosmart Premier Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Development Company, L.P.)
O4 - Startup: C:\Documents and Settings\Mom and Dad\Start Menu\Programs\Startup\Greetings Workshop Reminders.lnk = C:\Program Files\Greetings Workshop\GWREMIND.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisallowRun = 1
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O15 - HKCU\..Trusted Domains: //@mail.mar@/ ([]msn in Local intranet)
O15 - HKCU\..Trusted Domains: //@signup.mar@/ ([]msn in My Computer)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/s...irector/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/micr...?1279841975171 (MUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {83A4D5A6-E2C1-4EDD-AD48-1A1C50BD06EF} http://www.gunbroker.com/WebResource...30999680000000 (Image Uploader Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {924B4927-D3BA-41EA-9F7E-8A89194AB3AC} http://panda-plugin.disney.go.com/pl...p3dactivex.cab (P3DActiveX Control)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 205.171.3.65
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Mom and Dad\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Mom and Dad\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/07/22 15:54:09 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{e4bd539f-34aa-11e0-9b84-001d09990735}\Shell\AutoRun\command - "" = J:\InstallTomTomHOME.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKCU\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/03/27 15:03:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Desktop\erunt
[2011/03/27 14:53:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\My Documents\New Folder
[2011/03/27 10:50:08 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011/03/26 17:59:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\pdf995
[2011/03/26 17:59:26 | 000,249,856 | ---- | C] (TODO: <Company name>) -- C:\WINDOWS\System32\pdfmona.dll
[2011/03/26 17:59:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Software995
[2011/03/26 17:59:02 | 000,000,000 | ---D | C] -- C:\pdf995
[2011/03/26 17:30:59 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/03/26 17:29:46 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Mom and Dad\Desktop\OTL.exe
[2011/03/25 14:36:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Local Settings\Application Data\Mozilla
[2011/03/25 13:02:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/03/25 13:01:58 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2011/03/25 13:01:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ERUNT
[2011/03/21 16:23:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Start Menu\Programs\InContext Solutions
[2011/03/21 16:23:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Local Settings\Application Data\InContext Solutions
[2011/03/20 16:07:01 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/03/20 16:07:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/03/20 16:06:58 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/03/20 16:06:58 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/03/20 15:49:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Spybot - Search & Destroy
[2011/03/20 15:49:38 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2011/03/20 15:49:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2011/03/20 15:25:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/03/17 16:33:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Local Settings\Application Data\Help
[2011/03/17 16:33:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Application Data\Help
[2011/03/17 16:33:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Start Menu\Programs\Sierra
[2011/03/17 16:33:15 | 000,000,000 | ---D | C] -- C:\Sierra
[2011/03/09 15:30:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\My Documents\lead pot
[2011/03/04 18:58:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Desktop\Favorites
[2011/03/03 19:17:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Desktop\Kittens
[2011/03/01 18:49:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mom and Dad\Citrix

========== Files - Modified Within 30 Days ==========

[2011/03/28 15:20:00 | 000,000,896 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/03/28 10:09:39 | 000,000,892 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/03/28 10:09:31 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/03/27 15:08:50 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2011/03/27 15:02:17 | 000,513,320 | ---- | M] () -- C:\Documents and Settings\Mom and Dad\Desktop\erunt.zip
[2011/03/27 14:54:09 | 000,157,696 | ---- | M] () -- C:\Documents and Settings\Mom and Dad\My Documents\ERUNT.EXE
[2011/03/27 14:54:09 | 000,140,288 | ---- | M] () -- C:\Documents and Settings\Mom and Dad\My Documents\NTREGOPT.EXE
[2011/03/27 14:54:09 | 000,038,912 | ---- | M] () -- C:\Documents and Settings\Mom and Dad\My Documents\AUTOBACK.EXE
[2011/03/27 14:54:09 | 000,005,417 | ---- | M] () -- C:\Documents and Settings\Mom and Dad\My Documents\LOC_GER.ZIP
[2011/03/27 14:54:09 | 000,004,090 | ---- | M] () -- C:\Documents and Settings\Mom and Dad\My Documents\ERUNT.LOC
[2011/03/27 14:54:09 | 000,001,960 | ---- | M] () -- C:\Documents and Settings\Mom and Dad\My Documents\NTREGOPT.LOC
[2011/03/27 13:27:46 | 000,002,515 | ---- | M] () -- C:\Documents and Settings\Mom and Dad\Desktop\Microsoft Office Word 2007.lnk
[2011/03/27 10:58:48 | 000,000,192 | ---- | M] () -- C:\Documents and Settings\Mom and Dad\Desktop\ESET Online Scanner.url
[2011/03/26 17:59:27 | 000,000,025 | ---- | M] () -- C:\WINDOWS\wpd99.drv
[2011/03/26 17:59:26 | 000,249,856 | ---- | M] (TODO: <Company name>) -- C:\WINDOWS\System32\pdfmona.dll
[2011/03/26 17:59:26 | 000,051,716 | ---- | M] () -- C:\WINDOWS\System32\pdf995mon.dll
[2011/03/26 17:29:50 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mom and Dad\Desktop\OTL.exe
[2011/03/25 14:36:46 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2011/03/25 13:47:53 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2011/03/24 19:13:45 | 000,000,933 | ---- | M] () -- C:\Documents and Settings\Mom and Dad\Desktop\Spybot - Search & Destroy.lnk
[2011/03/22 17:01:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/03/20 16:07:01 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/03/20 15:37:05 | 000,018,114 | -HS- | M] () -- C:\Documents and Settings\Mom and Dad\Local Settings\Application Data\8q1gjv45b1b2ny58w4voq16g4u2
[2011/03/20 15:37:05 | 000,018,114 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\8q1gjv45b1b2ny58w4voq16g4u2
[2011/03/19 12:36:26 | 000,870,128 | ---- | M] () -- C:\Documents and Settings\Mom and Dad\Application Data\mcs.rma
[2011/03/19 12:36:26 | 000,000,004 | ---- | M] () -- C:\Documents and Settings\Mom and Dad\Application Data\7B25EC
[2011/03/17 16:36:53 | 000,000,277 | ---- | M] () -- C:\WINDOWS\SIERRA.INI
[2011/03/17 16:25:26 | 000,002,473 | ---- | M] () -- C:\Documents and Settings\Mom and Dad\Desktop\Microsoft Office Excel 2007.lnk
[2011/03/09 01:44:30 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/03/01 18:50:02 | 000,000,081 | ---- | M] () -- C:\CTX.DAT

========== Files Created - No Company Name ==========

[2011/03/27 15:02:17 | 000,513,320 | ---- | C] () -- C:\Documents and Settings\Mom and Dad\Desktop\erunt.zip
[2011/03/27 10:58:48 | 000,000,192 | ---- | C] () -- C:\Documents and Settings\Mom and Dad\Desktop\ESET Online Scanner.url
[2011/03/26 17:59:27 | 000,000,025 | ---- | C] () -- C:\WINDOWS\wpd99.drv
[2011/03/26 17:59:26 | 000,051,716 | ---- | C] () -- C:\WINDOWS\System32\pdf995mon.dll
[2011/03/25 14:36:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011/03/24 19:13:45 | 000,000,933 | ---- | C] () -- C:\Documents and Settings\Mom and Dad\Desktop\Spybot - Search & Destroy.lnk
[2011/03/20 16:07:01 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/03/19 21:16:28 | 000,018,114 | -HS- | C] () -- C:\Documents and Settings\Mom and Dad\Local Settings\Application Data\8q1gjv45b1b2ny58w4voq16g4u2
[2011/03/19 21:16:28 | 000,018,114 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\8q1gjv45b1b2ny58w4voq16g4u2
[2011/03/17 16:36:16 | 000,000,277 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2011/03/01 18:50:02 | 000,000,081 | ---- | C] () -- C:\CTX.DAT
[2010/12/29 12:39:03 | 000,870,128 | ---- | C] () -- C:\Documents and Settings\Mom and Dad\Application Data\mcs.rma
[2010/12/29 12:39:03 | 000,000,004 | ---- | C] () -- C:\Documents and Settings\Mom and Dad\Application Data\7B25EC
[2010/12/27 13:01:18 | 000,011,970 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2010/12/13 16:15:28 | 000,000,213 | ---- | C] () -- C:\WINDOWS\1STLADY.INI
[2010/11/28 14:49:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\hpqEmlSz.INI
[2010/07/30 16:21:06 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/07/23 10:47:57 | 000,000,134 | ---- | C] () -- C:\Documents and Settings\Mom and Dad\Local Settings\Application Data\fusioncache.dat
[2010/07/22 18:02:41 | 000,000,221 | ---- | C] () -- C:\WINDOWS\NCLogConfig.ini
[2010/07/22 17:56:02 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll
[2010/07/22 17:54:27 | 000,117,088 | ---- | C] () -- C:\WINDOWS\hpoins11.dat.temp
[2010/07/22 17:54:27 | 000,011,634 | ---- | C] () -- C:\WINDOWS\hpomdl11.dat.temp
[2010/07/22 17:54:03 | 000,011,634 | ---- | C] () -- C:\WINDOWS\hpomdl11.dat
[2010/07/22 17:32:14 | 000,116,734 | ---- | C] () -- C:\WINDOWS\hpoins11.dat
[2010/07/22 16:50:30 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2010/07/22 16:40:21 | 000,000,165 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2010/07/22 16:03:14 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2010/07/22 15:55:41 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/07/22 15:52:09 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/07/22 08:46:16 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010/07/22 08:45:20 | 000,266,208 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/05/16 02:54:02 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2009/05/16 02:54:02 | 000,000,003 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2009/04/23 19:04:54 | 000,189,051 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2009/02/18 17:55:22 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\ATIODE.exe
[2009/02/03 20:52:04 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ATIODCLI.exe
[2008/05/26 21:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/26 21:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2007/09/27 10:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 10:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 10:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2005/03/22 11:48:43 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005/03/22 11:48:43 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/04 03:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/04 03:00:00 | 000,526,100 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/04 03:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/04 03:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/04 03:00:00 | 000,095,448 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/04 03:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/04 03:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/04 03:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/04 03:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/04 03:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2001/07/07 03:00:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini

========== Alternate Data Streams ==========

@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8

< End of report >

**ken545** · 2011-03-29, 01:34

Hi,

I was looking for entries that may be blocking windows updates but dont see none.

Why dont you post here for help as we just do malware removal on this forum
http://forums.whatthetech.com/index.php?showforum=119

All us forums work together so you can tell them your having issues with Windows Updates , you can link them to this thread if you wish so they can see what we have done.

Good luck,
Ken

**cv18sro** · 2011-03-29, 01:54

Ken545
Thank you for all you have done, other than the alert problem the computer is working 100% better

**ken545** · 2011-03-29, 01:58

Great

When you post at the other forum I will check and follow your post and offer any info that I can so we can resolve this

**ken545** · 2011-04-01, 01:18

Looks like Doug and Paws got you up and running

Thread: Issues and need tissues

Thread Tools

Display

Posting Permissions