System restore software

[bluesstrummer24]

MY system restore doesn't work, and I've tried all the suggestions given here, to no avail. I was wondering if there was any software available that does the same function as the Windows system restore utility.

[evilfantasy]

Download  systemrestore.reg to your Desktop right click the file and select merge.

Accept any warnings.

[bluesstrummer24]

Ok Evil. I've done what you've suggested.  Now What?

[evilfantasy]

Restsrt the computer and see if it is working.

[bluesstrummer24]

WoooHooooo Evil!!!!  You da man!!!!!
The system restore works, but only in the safe mode. But that's good enough for me.
   I've been trying to fix this for months. I can't thank you enough Evil.
Thanks so much!!!

[evilfantasy]

It should work in any mode. Malware will sometimes do this.

Download Malwarebytes' Anti-Malware (MBAM)

• Double-click mbam-setup.exe and follow the prompts to install the program.
  
• At the end, be sure a checkmark is placed next to the following:
• Update Malwarebytes' Anti-Malware
  
• Launch Malwarebytes' Anti-Malware

• Then click Finish.
  
• If an update is found, it will download and install the latest version.
• Once the program has loaded, select Perform quick scan, then click Scan.
  
• When the scan is complete, click OK, then Show Results to view the results.
  
• Be sure that everything is checked, and click Remove Selected.
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
• Copy and Paste the entire report in your next reply.

.
Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.

[bluesstrummer24]

SCANNING NOW

[bluesstrummer24]

Malwarebytes' Anti-Malware 1.35
Database version: 1945
Windows 5.1.2600 Service Pack 3

4/6/2009 8:20:10 AM
mbam-log-2009-04-06 (08-20-10).txt

Scan type: Quick Scan
Objects scanned: 77971
Time elapsed: 4 minute(s), 39 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

[evilfantasy]

Download from DDS by sUBs and save it to your Desktop. Alternate DDS download link

Vista users right click on dds and select Run as administrator (you will receive a UAC prompt, please allow it)

* XP users Double click on dds to run it.
* If your antivirus or forewall try to block DDS then please allow it to run.
* When finished DDS will open two (2) logs:

1) DDS.txt
2) Attach.txt

* Save both logs to your desktop.
* Please include the entire contents of both logs in your next reply.

Note: DDS will instruct you to post the Attach.txt log as an attachment.
Please just post it as you would any other log by copy and pasting it into the reply.

[bluesstrummer24]

DDS (Ver_09-03-16.01) - NTFSx86 
Run by HP_Administrator at 17:43:32.71 on Mon 04/06/2009
Internet Explorer: 7.0.5730.11 BrowserJavaVersion: 1.6.0_05
Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.958.147 [GMT -7:00]

AV: AVG Anti-Virus *On-access scanning enabled* (Updated)

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
svchost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACA.EXE
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Billeo\billeo.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Documents and Settings\HP_Administrator\Application Data\mjusbsp\magicJack.exe
c:\windows\system\hpsysdrv.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
c:\program files\internet explorer\iexplore.exe
C:\PROGRA~1\Inbox\Toolbar\CToolbar.exe
C:\WINDOWS\system32\SNDVOL32.EXE
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
c:\progra~1\inbox\ssaver\CSSaver.exe
C:\Documents and Settings\HP_Administrator\Desktop\dds.pif

============== Pseudo HJT Report ===============

uSearch Bar = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = 127.0.0.1
uSearchURL,(Default) = hxxp://red.clientapps.yahoo.com/customize/ie/defaults/su/sbcydsl/*http://www.yahoo.com
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: : {1cb20bf0-bbae-40a7-93f4-6435ff3d0411} - c:\progra~1\inbox\toolbar\ctbr.dll
BHO: AskBar BHO: {201f27d4-3704-41d6-89c1-aa35e39143ed} - c:\program files\askbardis\bar\bin\askBar1.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: Billeo: {465e08e7-f005-4389-980f-1d8764b3486c} - c:\program files\billeo\billeo.dll
BHO: hpWebHelper Class: {aaae832a-5fff-4661-9c8f-369692d1dcb9} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\plugin\WebHelper.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll
TB: Billeo: {6adb0f93-1aa5-4bcf-9df4-cea689a3c111} - c:\program files\billeo\billeo.dll
TB: &Inbox.com Toolbar: {4b3803ea-5230-4dc3-a7fc-33638f3d3542} - c:\progra~1\inbox\toolbar\ctbr.dll
TB: ZoneAlarm Spy Blocker Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - c:\program files\askbardis\bar\bin\askBar1.dll
TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File
TB: {71576546-354D-41C9-AAE8-31F2EC22BF0D} - No File
EB: Billeo: {6576ebaa-b570-4345-98e4-96153c77cf24} - c:\program files\billeo\billeo.dll
uRun: [EPSON Stylus CX3800 Series] c:\windows\system32\spool\drivers\w32x86\3\E_FATIACA.EXE /P26 "EPSON Stylus CX3800 Series" /M "Stylus CX3800" /EF "HKCU"
uRun: [cdloader] "c:\documents and settings\hp_administrator\application data\mjusbsp\cdloader2.exe" MAGICJACK
uRun: [LDM] c:\program files\logitech\desktop messenger\8876480\program\LogitechDesktopMessenger.exe
mRun: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
mRun: [HPBootOp] "c:\program files\hewlett-packard\hp boot optimizer\HPBootOp.exe" /run
mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
mRun: [LogitechCommunicationsManager] "c:\program files\common files\logishrd\lcommgr\Communications_Helper.exe"
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [ZoneAlarm Client] "c:\program files\zone labs\zonealarm\zlclient.exe"
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
dRun: [Picasa Media Detector] c:\program files\picasa2\PicasaMediaDetector.exe
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
StartupFolder: c:\docume~1\hp_adm~1\startm~1\programs\startup\erunta~1.lnk - c:\program files\erunt\AUTOBACK.EXE
StartupFolder: c:\docume~1\hp_adm~1\startm~1\programs\startup\shortc~1.lnk - c:\program files\logitech\setpoint\SetPoint.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\billeo.lnk - c:\program files\billeo\billeo.exe
IE: Inbox Search - tbr:iemenu
IE: {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - c:\program files\paltalk messenger\Paltalk.exe
IE: {CDAFD956-97BE-443D-8EF7-F4F094EB5766} - c:\progra~1\inbox\ssaver\CSSaver.exe
IE: {E2D4D26B-0180-43a4-B05F-462D6D54C789} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\iebutton\support.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office11\REFIEBAR.DLL
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://dl8-cdn-09.sun.com/s/ESD7/JSCDL/jdk/6u13-b03/jinstall-6u13-windows-i586-jc.cab?e=1238784487514&h=bb82124d3f2ddc8cd687fe79e8c3bd84/&filename=jinstall-6u13-windows-i586-jc.cab
DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} - hxxp://office.microsoft.com/officeupdate/content/opuc4.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\logitech\desktop messenger\8876480\program\GAPlugProtocol-8876480.dll
Handler: intu-help-qb1 - {9B0F96C7-2E4B-433e-ABF3-043BA1B54AE3} - c:\program files\intuit\quickbooks 2008\HelpAsyncPluggableProtocol.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - c:\windows\system32\mscoree.dll
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\inbox\toolbar\ctbr.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll
Notify: avgrsstarter - avgrsstx.dll
Notify: LBTWlgn - c:\program files\common files\logitech\bluetooth\LBTWlgn.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL

============= SERVICES / DRIVERS ===============

R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [2009-2-26 12552]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-2-26 325640]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-2-26 27656]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-2-26 108552]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2009-3-23 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2009-3-23 72944]
R1 vsdatant;vsdatant;c:\windows\system32\vsdatant.sys [2009-3-30 353672]
R2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe [2009-2-26 908056]
R2 avg8wd;AVG8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-2-26 298264]
R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
R2 vsmon;TrueVector Internet Monitor;c:\windows\system32\zonelabs\vsmon.exe -service --> c:\windows\system32\zonelabs\vsmon.exe -service [?]
S2 mrtRate;mrtRate;

S2 ucyvusjw;ucyvusjw;\??\c:\windows\system32\drivers\ucyvusjw.sys --> c:\windows\system32\drivers\ucyvusjw.sys [?]
S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2009-3-23 7408]
S4 ASKService;ASKService;c:\program files\askbardis\bar\bin\AskService.exe [2009-3-30 464264]

=============== Created Last 30 ================

2009-04-05 16:48   <DIR>   --d-----   c:\program files\Citrix
2009-04-05 15:56   <DIR>   --d-----   c:\program files\CCleaner
2009-04-03 09:32   <DIR>   --d-----   c:\program files\Belarc
2009-04-02 13:54   <DIR>   --d-----   c:\program files\Trend Micro
2009-04-02 13:06   <DIR>   --d-----   c:\docume~1\hp_adm~1\applic~1\Malwarebytes
2009-04-02 13:06   15,504   a-------   c:\windows\system32\drivers\mbam.sys
2009-04-02 13:06   38,496   a-------   c:\windows\system32\drivers\mbamswissarmy.sys
2009-04-02 13:05   <DIR>   --d-----   c:\program files\Malwarebytes' Anti-Malware
2009-04-02 13:05   <DIR>   --d-----   c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-04-02 12:01   <DIR>   --d-----   c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com
2009-04-02 12:01   <DIR>   --d-----   c:\program files\SUPERAntiSpyware
2009-04-02 12:01   <DIR>   --d-----   c:\docume~1\hp_adm~1\applic~1\SUPERAntiSpyware.com
2009-04-02 11:57   <DIR>   --d-----   c:\program files\common files\Wise Installation Wizard
2009-03-30 18:43   1,221,512   a-------   c:\windows\system32\zpeng25.dll
2009-03-30 18:43   <DIR>   --d-----   c:\windows\system32\ZoneLabs
2009-03-30 18:43   <DIR>   --d-----   c:\program files\Zone Labs
2009-03-30 18:43   350,192   a-------   c:\windows\system32\vsconfig.xml
2009-03-30 18:36   0   a-------   C:\XESD.tmp
2009-03-30 18:36   0   a-------   C:\XESB.tmp
2009-03-30 10:21   <DIR>   --d-----   c:\program files\AskBarDis
2009-03-17 02:30   <DIR>   --d-----   c:\program files\Jetico
2009-03-16 18:42   524,288   a-------   c:\windows\opuc.dll
2009-03-15 14:40   <DIR>   --d-----   c:\windows\system32\IOSUBSYS

==================== Find3M  ====================

2009-03-30 18:44   4,212   a---h---   c:\windows\system32\zllictbl.dat
2009-03-24 09:39   108,552   a-------   c:\windows\system32\drivers\avgtdix.sys
2009-03-13 08:05   325,640   a-------   c:\windows\system32\drivers\avgldx86.sys
2009-03-13 08:05   10,520   a-------   c:\windows\system32\avgrsstx.dll
2009-03-09 05:19   410,984   a-------   c:\windows\system32\deploytk.dll
2009-03-03 00:03   208,896   --------   c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\plugin\WebHelper.dll
2009-03-03 00:03   45,056   -c------   c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\uninstallui\eHelpSetup.exe
2009-03-03 00:03   341,048   -c------   c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\plugin\HPBasicDetection3.dll
2009-03-03 00:03   44,032   -c------   c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\scripts\devcon.exe
2009-03-03 00:03   163,840   --------   c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\plugin\modemcheck.dll
2009-03-03 00:03   61,440   --------   c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\plugin\modemutil.dll
2009-03-03 00:03   40,960   --------   c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\plugin\ScDmi.dll
2009-03-03 00:03   32,768   --------   c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\plugin\uploadHSC.dll
2009-03-03 00:03   32,768   --------   c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\plugin\Scom.dll
2009-02-26 09:16   12,552   --------   c:\windows\system32\drivers\avgrkx86.sys
2009-02-09 04:13   1,846,784   a-------   c:\windows\system32\win32k.sys
2009-02-09 04:13   1,846,784   --------   c:\windows\system32\dllcache\win32k.sys
2009-01-16 22:35   3,594,752   --------   c:\windows\system32\dllcache\mshtml.dll
2007-01-31 21:24   22   -c-sh---   c:\windows\sminst\HPCD.sys

============= FINISH: 17:44:21.96 ===============

[bluesstrummer24]

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-03-16.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 1/9/2007 10:20:37 PM
System Uptime: 4/6/2009 11:15:16 AM (6 hours ago)

Motherboard: ASUSTek Computer INC. |  | NODUSM3
Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 4200+ | Socket AM2  | 2204/200mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 224 GiB total, 206.563 GiB free.
D: is FIXED (FAT32) - 9 GiB total, 0.557 GiB free.
E: is CDROM ()
F: is Removable
G: is Removable
H: is Removable
I: is Removable
J: is CDROM (CDFS)
K: is FIXED (FAT32) - 112 GiB total, 111.694 GiB free.
L: is Removable
M: is FIXED (NTFS) - 466 GiB total, 431.699 GiB free.

==== Disabled Device Manager Items =============

Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: Serial
Device ID: ROOT\LEGACY_SERIAL\0000
Manufacturer:
Name: Serial
PNP Device ID: ROOT\LEGACY_SERIAL\0000
Service: Serial

==== System Restore Points ===================

RP13: 4/6/2009 6:48:11 AM - System Checkpoint
RP14: 4/6/2009 6:49:15 AM - folder
RP15: 4/6/2009 6:57:29 AM - Restore Operation
RP16: 4/6/2009 7:07:36 AM - no folder
RP17: 4/6/2009 7:11:36 AM - Restore Operation
RP18: 4/6/2009 8:02:05 AM - clean
RP19: 4/6/2009 8:44:14 AM - CLEANEST

==== Installed Programs ======================

Adaptec UDF Reader
Adobe Download Manager 2.0 (Remove Only)
Adobe Flash Player 10 ActiveX
Adobe Reader 7.1.0
AnswerWorks 4.0 Runtime - English
AT&T Yahoo! Applications
AT&T Yahoo! DSL Activation
AVG 8.5
Browser Mouse
CCleaner (remove only)
CCScore
CDDRV_Installer
Citrix XenApp Web Plugin
Compatibility Pack for the 2007 Office system
Data Fax SoftModem with SmartCP
Destinations
DeviceManagementQFolder
EPSON Printer Software
EPSON Scan
erLT
ERUNT 1.1j
ESSBrwr
ESSCDBK
ESScore
ESSgui
ESSini
ESSPCD
ESSPDock
ESSSONIC
ESSTOOLS
essvatgt
fflink
Free Password Manager Plus
High Definition Audio Driver Package - KB888111
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 10 (KB910393)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB961118)
HP Boot Optimizer
HP DVD Play 2.1
HP Imaging Device Functions 7.0
HP Photosmart for Media Center PC
HP Product Detection
HP Update
HP Web Helper
HPPhotoSmartExpress
HpSdpAppCoreApp
Inbox.com 3D Marine & Tropical Aquarium Screensaver
Inbox.com Toolbar
Java(TM) 6 Update 13
Java(TM) 6 Update 7
kgcbase
kgcmove
kgcvday
KhalInstallWrapper
Kodak EasyShare software
LightScribe  1.4.105.1
LimeWire 4.16.6
Logitech Communications Manager
Logitech Desktop Messenger
Logitech SetPoint
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft National Language Support Downlevel APIs
Microsoft Office Standard Edition 2003
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 Parser and SDK
muvee autoProducer 5.0
muvee autoProducer unPlugged 2.0
My HP Games
netbrdg
NVIDIA Drivers
OfotoXMI
Paltalk Messenger Interop
PaltalkScene
PC-Doctor 5 for Windows
Picasa 2
QuickBooks Pro 2008
Quicken 2007
Realtek High Definition Audio Driver
Registry Cleaner 4.0
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953155)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB960715)
SFR
SHASTA
skin0001
SKINXSDK
Sonic Express Labeler
Sonic MyDVD Plus
Sonic RecordNow Audio
Sonic RecordNow Copy
Sonic RecordNow Data
Sonic Update Manager
staticcr
Super GameHouse Solitaire Vol. 1
SUPERAntiSpyware Free Edition
tooltips
Unload
Update for Windows Media Player 10 (KB913800)
Update for Windows Media Player 10 (KB926251)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB953356)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Updates from HP (remove only)
VC 9.0 Runtime
Viewpoint Media Player
VPRINTOL
WD Diagnostics
WebFldrs XP
WexTech AnswerWorks
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Media Center Edition 2005 KB908246
Windows XP Media Center Edition 2005 KB925766
Windows XP Service Pack 3
WIRELESS
ZoneAlarm
ZoneAlarm Spy Blocker Toolbar

==== Event Viewer Messages From Past Week ========

3/30/2009 10:24:41 AM, error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  ftsata2 szkg
3/30/2009 10:24:27 AM, error: Service Control Manager [7000]  - The ucyvusjw service failed to start due to the following error:  The system cannot find the file specified.
3/30/2009 10:24:27 AM, error: Service Control Manager [7000]  - The mrtRate service failed to start due to the following error:  The system cannot find the file specified.
3/30/2009 11:01:31 PM, error: DCOM [10005]  - DCOM got error "%1058" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
4/2/2009 1:52:11 PM, error: sr [1]  - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume1'.  It has stopped monitoring the volume.
4/2/2009 1:52:37 PM, error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  ftsata2 iaStor IntelIde szkg ViaIde
4/5/2009 4:25:26 PM, error: sr [1]  - The System Restore filter encountered the unexpected error '0xC000003A' while processing the file '_filelst.cfg' on the volume 'HarddiskVolume1'.  It has stopped monitoring the volume.
4/5/2009 4:31:55 PM, error: sr [1]  - The System Restore filter encountered the unexpected error '0xC0000034' while processing the file '_filelst.cfg' on the volume 'HarddiskVolume1'.  It has stopped monitoring the volume.
4/6/2009 6:56:09 AM, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
4/6/2009 6:56:49 AM, error: Service Control Manager [7001]  - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error:  A device attached to the system is not functioning.
4/6/2009 6:56:49 AM, error: Service Control Manager [7001]  - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error:  A device attached to the system is not functioning.
4/6/2009 6:56:49 AM, error: Service Control Manager [7001]  - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error:  A device attached to the system is not functioning.
4/6/2009 6:56:49 AM, error: Service Control Manager [7001]  - The TrueVector Internet Monitor service depends on the vsdatant service which failed to start because of the following error:  A device attached to the system is not functioning.
4/6/2009 6:56:49 AM, error: Service Control Manager [7001]  - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error:  A device attached to the system is not functioning.
4/6/2009 6:56:49 AM, error: Service Control Manager [7001]  - The Simple Mail Transfer Protocol (SMTP) service depends on the IIS Admin service which failed to start because of the following error:  The dependency service or group failed to start.
4/6/2009 6:56:49 AM, error: Service Control Manager [7001]  - The World Wide Web Publishing service depends on the IIS Admin service which failed to start because of the following error:  The dependency service or group failed to start.
4/6/2009 6:56:49 AM, error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  AFD AmdK8 AvgLdx86 AvgMfx86 AvgTdiX Fips ftsata2 IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss SASDIFSV SASKUTIL szkg Tcpip vsdatant
4/6/2009 6:57:26 AM, error: DCOM [10005]  - DCOM got error "%1068" attempting to start the service IISADMIN with arguments "" in order to run the server: {A9E69610-B80D-11D0-B9B9-00A0C922E750}

==== End Of File ===========================

[bluesstrummer24]

I really apreciate all this help Evil. You da man!!!!

[evilfantasy]

I really apreciate all this help Evil. You da man!!!!

Your welcome!

I have found a few things that need to be fixed but first...

Go to Add or Remove Programs and uninstall:

- Java(TM) 6 Update 7
- Registry Cleaner 4.0 <- This is a malicious program. See here: http://www.mywot.com/en/scorecard/sammsoft.com
- Viewpoint Media Player
.
----------

Do you use the Inbox.com Toolbar and the Inbox.com 3D Marine & Tropical Aquarium Screensaver?

This toolbar is not malicious but is powered by Crawler so I need to know if you installed it on purpose or not before we continue.

[bluesstrummer24]

i installed it on purpose but not a problem if you think i should uninstall it.  uninstalling registry cleaner

[bluesstrummer24]

I've uninstalled the java update and registry cleaner.  not sure why you posted the wot link