[Kikit]

Quote:

Cookiegal

Administrator Posts: 48,368
Join Date: Aug 2003
Location: Quebec, Canada

Well you're in the right place under System Tools but there should be a scroller bar down the right side. You'll find the Open Uninstall Manager right below Open ADS Spy.

Scrolled and there it was...hiding (almost) in plain sight.

Here is the saved uninstall list.

HijackThis 2.0.2
Panda ActiveScan

*******************************

UPDATE: I made a mental note to tell you I've been getting Error Message screenshots again, but very infrequently. The episodes differ now in that I can click on "Send Error Report" to get rid of the box, but I don't get disconnected from the internet afterward.

They've come representing several different places, not just Internet Explorer. It will show on whatever I go to open -- last night I got 'Microsoft Support Center has encountered a problem and needs to close", "Windows Explorer has encountered a problem....etc." This behavior is also new, different from earlier error problems. With all the junk found by scans, it's not too surprising.

[Cookiegal]

There has to be more on that list than just two items. Did you save the list in Notepad?

[Kikit]

Quote:

Originally Posted by Cookiegal

There has to be more on that list than just two items. Did you save the list in Notepad?

Yes, indeed I did, and I still have that Notepad filed away on my computer in case of any need to refer back to it. I do that with all logs and result reports.

Those two items on the uninstall list are absolutely, positively ALL that was on it when I clicked the "Save List" button. I recall being a bit shocked and puzzled when I saw it. I thought how is it possible to target whole programs to be removed. I dismissed trying to make sense of things and just continued to follow step-by-step directions to get done what I was told to do.

Double-checking myself, I opened HJT again a few minutes ago. Did not scan again. The last scan log and everything was still in place. I clicked the Save List button again. I got the very same list of those two items, identical to yesterday. Kept the Notepad.

So what should I do, another HJT scan & post log and visit the Uninstall Manager again? Or...other...?

This is me struggling to keep my frustration level down. lol And you, Cookiegal, are a very patient person. Thanks.

[Cookiegal]

What happens when you go to the Control Panel - Add/Remove programs? Do you see only those two items there as well or are there several more?

[Kikit]

I looked at the Add/Remove Programs tool by two avenues -- through my computer's Control Panel and also by going to HJT's Uninstall Manager, clicking on the button titled "Open Add/Remove Software list". Both views showed the same thing -- A long list of programs which I usually see, that are on my computer (Panda and HJT are among the list).

Something strangely different about Add/Remove is that when I click on a program name where you'll see the buttons for "Change" or "Remove", those buttons are missing on every program name EXCEPT for HijackThis 2..0.2 and Panda -- they are the only two which have a Change/Remove option. All the others are blank in that spot.

[Cookiegal]

The key may have been damaged in the registry so we will take a look at it.

I'm attaching a LookUninstall.zip to this post to get a look at the uninstall list in your registry. Save it to your desktop. Unzip it and double click the LookUninstall.bat file and allow it to run. It will open up a report in Notepad automatically. Please copy and paste the contents of that report here.

[Kikit]

Here is the report.

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\getP lus(R)_ocx]
"DisplayIcon"="C:\\WINDOWS\\Downloaded Program Files\\gp.ocx"
"DisplayName"="getPlus(R)_ocx"
"UninstallString"="rundll32.exe advpack.dll,LaunchINFSection C:\\WINDOWS\\inf\\GETPLUSo.INF, DefaultUninstall"
"NoModify"=dword:00000001
"NoRepair"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Hija ckThis]
"DisplayName"="HijackThis 2.0.2"
"UninstallString"="\"C:\\Program Files\\Trend Micro\\HijackThis\\HijackThis.exe\" /uninstall"
"DisplayIcon"="C:\\Program Files\\Trend Micro\\HijackThis\\HijackThis.exe"
"DisplayVersion"="2.0.2"
"Publisher"="TrendMicro"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB90 2344]
"DisplayName"="Hotfix for Windows Media Format SDK (KB902344)"
"UninstallString"="\"C:\\WINDOWS\\$NtUninstallKB902344$\\spuninst\\spuninst .exe\""
"TSAware"=dword:00000001
"NoModify"=dword:00000001
"Publisher"="Microsoft Corporation"
"NoRepair"=dword:00000001
"HelpLink"="http://support.microsoft.com?kbid=902344"
"URLInfoAbout"="http://support.microsoft.com"
"DisplayIcon"=hex(2):22,00,25,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,00, 46,\
00,69,00,6c,00,65,00,73,00,25,00,5c,00,77,00,69,00,6e,00,64,00,6f,00,77,00, \
73,00,20,00,6d,00,65,00,64,00,69,00,61,00,20,00,70,00,6c,00,61,00,79,00,65, \
00,72,00,5c,00,77,00,6d,00,70,00,6c,00,61,00,79,00,65,00,72,00,2e,00,65,00, \
78,00,65,00,22,00,00,00
"ParentKeyName"="OperatingSystem"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Micr osoft .NET Framework 2.0]
"DisplayIcon"="C:\\WINDOWS\\system32\\msiexec.exe"
"DisplayName"="Microsoft .NET Framework 2.0"
"UninstallString"="C:\\WINDOWS\\Microsoft.NET\\Framework\\v2.0.50727\\Micro soft .NET Framework 2.0\\install.exe"
"VersionMinor"="0"
"VersionMajor"="2"
"Publisher"="Microsoft Corporation"
"InstallLocation"="C:\\WINDOWS\\Microsoft.NET\\Framework\\v2.0.50727\\"
"UninstallPath"="C:\\WINDOWS\\Microsoft.NET\\Framework\\v2.0.50727\\Microso ft .NET Framework 2.0\\install.exe"
"URLUpdateInfo"="http://go.microsoft.com/fwlink/?LinkId=45660"
"HelpLink"="http://go.microsoft.com/fwlink/?LinkId=45396"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Pand a ActiveScan]
"DisplayIcon"="C:\\WINDOWS\\system32\\pavas.ico"
"UninstallString"="C:\\WINDOWS\\system32\\ASUninst.exe Panda ActiveScan"
"Publisher"="Panda Software S.L."
"DisplayName"="Panda ActiveScan"
"Icono4"="pavas"
"Idioma"="2"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wind ows Live OneCare safety scanner]
"NoModify"=dword:00000001
"NoRepair"=dword:00000001
"DisplayName"="Windows Live OneCare safety scanner"
"UninstallString"="RunDll32.exe \"C:\\Program Files\\Windows Live Safety Center\\wlscCore.dll\",UninstallFunction WLSC_SCANNER_PRODUCT"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{324 8F0A8-6813-11D6-A77B-00B0D0160050}]
"DisplayIcon"="C:\\Program Files\\Java\\jre1.6.0_05\\\\bin\\javaws.exe"
"AuthorizedCDFPrefix"=""
"Comments"=""
"Contact"="http://java.com"
"DisplayVersion"="1.6.0.50"
"HelpLink"=hex(2):68,00,74,00,74,00,70,00,3a,00,2f,00,2f,00,6a,00,61,00,76, 00,\
61,00,2e,00,63,00,6f,00,6d,00,00,00
"HelpTelephone"=""
"InstallDate"="20080329"
"InstallLocation"=""
"InstallSource"="http://javadl.sun.com/webapps/download/GetFile/1.6.0_05-b13/windows-i586/"
"ModifyPath"=hex(2):4d,00,73,00,69,00,45,00,78,00,65,00,63,00,2e,00,65,00,7 8,\
00,65,00,20,00,2f,00,49,00,7b,00,33,00,32,00,34,00,38,00,46,00,30,00,41,00, \
38,00,2d,00,36,00,38,00,31,00,33,00,2d,00,31,00,31,00,44,00,36,00,2d,00,41, \
00,37,00,37,00,42,00,2d,00,30,00,30,00,42,00,30,00,44,00,30,00,31,00,36,00, \
30,00,30,00,35,00,30,00,7d,00,00,00
"NoRepair"=dword:00000001
"Publisher"="Sun Microsystems, Inc."
"Readme"=hex(2):43,00,3a,00,5c,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,00 ,20,\
00,46,00,69,00,6c,00,65,00,73,00,5c,00,4a,00,61,00,76,00,61,00,5c,00,6a,00, \
72,00,65,00,31,00,2e,00,36,00,2e,00,30,00,5f,00,30,00,35,00,5c,00,52,00,45, \
00,41,00,44,00,4d,00,45,00,2e,00,74,00,78,00,74,00,00,00
"Size"=""
"EstimatedSize"=dword:0001c8de
"UninstallString"=hex(2):4d,00,73,00,69,00,45,00,78,00,65,00,63,00,2e,00,65 ,00,\
78,00,65,00,20,00,2f,00,49,00,7b,00,33,00,32,00,34,00,38,00,46,00,30,00,41, \
00,38,00,2d,00,36,00,38,00,31,00,33,00,2d,00,31,00,31,00,44,00,36,00,2d,00, \
41,00,37,00,37,00,42,00,2d,00,30,00,30,00,42,00,30,00,44,00,30,00,31,00,36, \
00,30,00,30,00,35,00,30,00,7d,00,00,00
"URLInfoAbout"="http://java.com"
"URLUpdateInfo"="http://java.sun.com"
"VersionMajor"=dword:00000001
"VersionMinor"=dword:00000006
"WindowsInstaller"=dword:00000001
"Version"=dword:01060000
"Language"=dword:00000000
"DisplayName"="Java(TM) 6 Update 5"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{713 1646D-CD3C-40F4-97B9-CD9E4E6262EF}]
"DisplayIcon"="C:\\WINDOWS\\Microsoft.NET\\Framework\\v2.0.50727\\ndpsetup. ico"
"AuthorizedCDFPrefix"=""
"Comments"=""
"Contact"=""
"DisplayVersion"="2.0.50727"
"HelpLink"=""
"HelpTelephone"=""
"InstallDate"="20080330"
"InstallLocation"=""
"InstallSource"="C:\\DOCUME~1\\HP_Owner\\LOCALS~1\\Temp\\IXP000.TMP\\"
"NoModify"=dword:00000001
"NoRemove"=dword:00000001
"NoRepair"=dword:00000001
"Publisher"="Microsoft Corporation"
"Readme"=""
"Size"=""
"EstimatedSize"=dword:0003428f
"SystemComponent"=dword:00000001
"URLInfoAbout"=""
"URLUpdateInfo"=""
"VersionMajor"=dword:00000002
"VersionMinor"=dword:00000000
"WindowsInstaller"=dword:00000001
"Version"=dword:0200c627
"Language"=dword:00000000
"DisplayName"="Microsoft .NET Framework 2.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AC7 6BA86-7AD7-1033-7B44-A81200000003}]
"AuthorizedCDFPrefix"=""
"Comments"=" "
"Contact"="Customer Support"
"DisplayVersion"="8.1.2"
"HelpLink"=hex(2):68,00,74,00,74,00,70,00,3a,00,2f,00,2f,00,77,00,77,00,77, 00,\
2e,00,61,00,64,00,6f,00,62,00,65,00,2e,00,63,00,6f,00,6d,00,2f,00,73,00,75, \
00,70,00,70,00,6f,00,72,00,74,00,2f,00,6d,00,61,00,69,00,6e,00,2e,00,68,00, \
74,00,6d,00,6c,00,00,00
"HelpTelephone"=""
"InstallDate"="20080329"
"InstallLocation"=""
"InstallSource"="C:\\DOCUME~1\\HP_Owner\\LOCALS~1\\Temp\\Adobe Reader 8\\"
"ModifyPath"=hex(2):4d,00,73,00,69,00,45,00,78,00,65,00,63,00,2e,00,65,00,7 8,\
00,65,00,20,00,2f,00,49,00,7b,00,41,00,43,00,37,00,36,00,42,00,41,00,38,00, \
36,00,2d,00,37,00,41,00,44,00,37,00,2d,00,31,00,30,00,33,00,33,00,2d,00,37, \
00,42,00,34,00,34,00,2d,00,41,00,38,00,31,00,32,00,30,00,30,00,30,00,30,00, \
30,00,30,00,30,00,33,00,7d,00,00,00
"NoRepair"=dword:00000001
"Publisher"="Adobe Systems Incorporated"
"Readme"=hex(2):5b,00,49,00,4e,00,53,00,54,00,41,00,4c,00,4c,00,44,00,49,00 ,52,\
00,5d,00,52,00,65,00,61,00,64,00,65,00,72,00,5c,00,52,00,65,00,61,00,64,00, \
6d,00,65,00,2e,00,68,00,74,00,6d,00,00,00
"Size"=""
"EstimatedSize"=dword:00015a3f
"UninstallString"=hex(2):4d,00,73,00,69,00,45,00,78,00,65,00,63,00,2e,00,65 ,00,\
78,00,65,00,20,00,2f,00,49,00,7b,00,41,00,43,00,37,00,36,00,42,00,41,00,38, \
00,36,00,2d,00,37,00,41,00,44,00,37,00,2d,00,31,00,30,00,33,00,33,00,2d,00, \
37,00,42,00,34,00,34,00,2d,00,41,00,38,00,31,00,32,00,30,00,30,00,30,00,30, \
00,30,00,30,00,30,00,33,00,7d,00,00,00
"URLInfoAbout"="http://www.adobe.com"
"URLUpdateInfo"="http://www.adobe.com/products/acrobat/readstep.html"
"VersionMajor"=dword:00000008
"VersionMinor"=dword:00000001
"WindowsInstaller"=dword:00000001
"Version"=dword:08010002
"Language"=dword:00000409
"DisplayName"="Adobe Reader 8.1.2"

[Kikit]

The "Add/Remove" area is a fragmented mess. Never seen these before (items below). Can you tell by looking, if they are legitimate things that should be here or invaders into Add/Remove. Some of the names look odd to me and there's no drop down menu or right-clicking that identifies what the program is.

CC_ccProxyExt

ccCommon

ccPxyCore

CP_Atena_Shokunin1Config

CP_CalendarTemplates1

CP_Package_Basic1
Variety1
Variety2
Variety3

CueTour

Destinations

DeviceManagementQFolder

DocProc

Fax

SPBBC

Status

WebReg

Unload

ALSO changed from normal is that the Size of the files, and the Date they were installed is MISSING on all but a few programs. And all that information was there just a couple of days ago when I was in "Add/Remove" to uninstall the outdated versions of HijackThis before downloading the current version. There were also some software updates recently installed that are now missing from the list.

In addition, not all programs installed on my computer are showing up on the list. Everything on the Start Menu > Programs list and icons on the Desktop are not represented in "Add/Remove". I'm almost certain I saw stuff here before that isn't here now. On the other hand Norton Security has NINE entries. (?!)

[Cookiegal]

Some of the programs you're asking about are related to Norton and the rest are HP products.

It does indeed look like the Uninstall key has been damaged.

Download OTScanIt.exe to your Desktop and double-click on it to extract the files. It will create a folder named OTScanIt on your desktop.

1. Close any open browsers.
2. Disconnect from the Internet.
3. Close/disable all anti-virus and anti-malware programs so they do not interfere with the running of OTScanIt.
4. Open the OTScanIt folder and double-click on OTScanIt.exe to start the program.
5. Check the box that says Scan All User Accounts
6. Check the Radio buttons for Files/Folders Created Within 60 Days and Files/Folders Modified Within 30 Days
7. Under Additional Scans uncheck "Non-Microsoft Only" and click on "Select All"
8. Now click the Run Scan button on the toolbar.
9. The program will be scanning huge amounts of data so depending on your system it could take a long time to complete. Let it run unhindered until it finishes.
10. When the scan is complete Notepad will open with the report file loaded in it automatically.
11. Save that Notepad file. Click the Format menu and make sure that Word wrap is not checked. If it is then click on it to uncheck it.

Use the Reply button and upload the Notepad file here as an attachment please.

[Kikit]

Ran OTScanIt, got report on Notepad, saved to Desktop, tried to upload here (TSG) as an attachment, got the following message:

Close this window Manage Attachments
Upload Errors
OTScanIt.Txt:
Your file of 1.41 MB bytes exceeds the forum's limit of 500.0 KB for this filetype.

[Cookiegal]

You'll have to split it into 3 separate uploads please.

[Kikit]

It took splitting up into four sections, Attachment Mgr. wouldn't upload html files. Never zipped a file before or posted an attachment at this site, but attempted this time. Succeeded in uploading attachment, I hope it works okay Hope I did it correctly.

Very, very long tedious process with this scan. I'm sorry but my back is killing me...I have to take a rest from this chair. Back in a while.

[Cookiegal]

Click here to download ATF Cleaner by Atribune and save it to your desktop.

• Double-click ATF-Cleaner.exe to run the program. (Vista users right-click and slect "Run As Administrator").
• Under Main choose: Select All
• Click the Empty Selected button.
  • If you use Firefox:
    • Click Firefox at the top and choose: Select All
    • Click the Empty Selected button.
    • NOTE: If you would like to keep your saved passwords, please click No at the prompt.
  • If you use Opera:
    • Click Opera at the top and choose: Select All
    • Click the Empty Selected button.
      
    • NOTE: If you would like to keep your saved passwords, please click No at the prompt.
• Click Exit on the Main menu to close the program.

Then, start OTScanIt. Copy/Paste the information in the code box below into the pane where it says "Paste fix here" and then click the "Run Fix" button.

The fix should only take a very short time. When the fix is completed a message box will popup telling you that it is finished. CLick the OK button and Notepad will open with a log of actions taken during the fix. [b]Post that information back here along with a new HijackThis log please.

Code:

[Kill Explorer]
[Registry - Non-Microsoft Only]
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\
YN -> 1 domain(s) and sub-domain(s) not assigned to a zone. -> 
< Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\
YN -> 27 domain(s) and sub-domain(s) not assigned to a zone. -> 
< Trusted Sites Domains [HKEY_USERS\S-1-5-21-4001180559-3063497806-3815849170-1009\] > -> HKEY_USERS\S-1-5-21-4001180559-3063497806-3815849170-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\
YN -> 27 domain(s) and sub-domain(s) not assigned to a zone. -> 
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
YY -> {FCBCCB87-9224-4B8D-B117-F56D924BEB18} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Freeze.com Toolbar\freeze_us.dll [TBSB04757 Class]
[Files/Folders - Created Within 60 days]
YY -> 2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp
[Files Created - Additional Folder Scans - Non-Microsoft Only]
NY -> WinBatch -> %AppData%\WinBatch
[Files/Folders - Modified Within 30 days]
NY -> 2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp
NY -> TX0000.DAT -> C:\Documents and Settings\HP_Owner\Local Settings\Temp\TX0000.DAT
NY -> TX0001.DAT -> C:\Documents and Settings\HP_Owner\Local Settings\Temp\TX0001.DAT
NY -> TX0002.DAT -> C:\Documents and Settings\HP_Owner\Local Settings\Temp\TX0002.DAT
NY -> TX0003.DAT -> C:\Documents and Settings\HP_Owner\Local Settings\Temp\TX0003.DAT
NY -> TX0004.DAT -> C:\Documents and Settings\HP_Owner\Local Settings\Temp\TX0004.DAT
NY -> TX0005.DAT -> C:\Documents and Settings\HP_Owner\Local Settings\Temp\TX0005.DAT
NY -> TX0006.DAT -> C:\Documents and Settings\HP_Owner\Local Settings\Temp\TX0006.DAT
NY -> TX0007.DAT -> C:\Documents and Settings\HP_Owner\Local Settings\Temp\TX0007.DAT
NY -> TX0008.DAT -> C:\Documents and Settings\HP_Owner\Local Settings\Temp\TX0008.DAT
NY -> TX0009.DAT -> C:\Documents and Settings\HP_Owner\Local Settings\Temp\TX0009.DAT
NY -> TX0010.DAT -> C:\Documents and Settings\HP_Owner\Local Settings\Temp\TX0010.DAT
NY -> TX0011.DAT -> C:\Documents and Settings\HP_Owner\Local Settings\Temp\TX0011.DAT
NY -> TX0012.DAT -> C:\Documents and Settings\HP_Owner\Local Settings\Temp\TX0012.DAT
NY -> TX0013.DAT -> C:\Documents and Settings\HP_Owner\Local Settings\Temp\TX0013.DAT
NY -> TX0014.DAT -> C:\Documents and Settings\HP_Owner\Local Settings\Temp\TX0014.DAT
NY -> TX0015.DAT -> C:\Documents and Settings\HP_Owner\Local Settings\Temp\TX0015.DAT
NY -> TX0016.DAT -> C:\Documents and Settings\HP_Owner\Local Settings\Temp\TX0016.DAT
NY -> TX0017.DAT -> C:\Documents and Settings\HP_Owner\Local Settings\Temp\TX0017.DAT
NY -> TX0018.DAT -> C:\Documents and Settings\HP_Owner\Local Settings\Temp\TX0018.DAT
NY -> TX0019.DAT -> C:\Documents and Settings\HP_Owner\Local Settings\Temp\TX0019.DAT
NY -> TX0020.DAT -> C:\Documents and Settings\HP_Owner\Local Settings\Temp\TX0020.DAT
NY -> TX0021.DAT -> C:\Documents and Settings\HP_Owner\Local Settings\Temp\TX0021.DAT
NY -> TX0022.DAT -> C:\Documents and Settings\HP_Owner\Local Settings\Temp\TX0022.DAT
NY -> TX0023.DAT -> C:\Documents and Settings\HP_Owner\Local Settings\Temp\TX0023.DAT
NY -> TX0024.DAT -> C:\Documents and Settings\HP_Owner\Local Settings\Temp\TX0024.DAT
NY -> TX0025.DAT -> C:\Documents and Settings\HP_Owner\Local Settings\Temp\TX0025.DAT
NY -> TX0026.DAT -> C:\Documents and Settings\HP_Owner\Local Settings\Temp\TX0026.DAT
NY -> TX0027.DAT -> C:\Documents and Settings\HP_Owner\Local Settings\Temp\TX0027.DAT
NY -> TX0028.DAT -> C:\Documents and Settings\HP_Owner\Local Settings\Temp\TX0028.DAT
NY -> TX0029.DAT -> C:\Documents and Settings\HP_Owner\Local Settings\Temp\TX0029.DAT
NY -> Au_.exe -> C:\WINDOWS\Temp\~nsu.tmp\Au_.exe
[File - Lop Check: Additional Folder Scans - Non-Microsoft Only]
NY -> @Alternate Data Stream - 119 bytes -> %AllUsersProfile%\Application Data\TEMP:18B7103A
NY -> Viewpoint -> C:\Documents and Settings\All Users\Application Data\Viewpoint
NY -> Viewpoint -> C:\Documents and Settings\HP_Owner\Application Data\Viewpoint
[Empty Temp Folders]
[Start Explorer]
[Reboot]

[Cookiegal]

Also, can you tell me what files are in this folder please? You will have to unhide files first:

Click on My Computer. Go to Tools > Folder Options. Click on the View tab and make sure that "Show hidden files and folders" is checked. Also uncheck "Hide protected operating system files" and "Hide extensions for known file types" . Now click "Apply to all folders".
Click "Apply" then "OK".


C:\Documents and Settings\HP_Owner\Application Data\WinBatch

[Kikit]

Quote:

Originally Posted by Cookiegal

Also, can you tell me what files are in this folder please? You will have to unhide files first:

Click on My Computer. Go to Tools > Folder Options. Click on the View tab and make sure that "Show hidden files and folders" is checked. Also uncheck "Hide protected operating system files" and "Hide extensions for known file types" . Now click "Apply to all folders".
Click "Apply" then "OK".


C:\Documents and Settings\HP_Owner\Application Data\WinBatch

I used Search Companion to look for that folder and found it. Under WinBatch, it was marked as having Settings inside, but the folder is EMPTY. The only other info listed is Size: 0 Bytes Date: 3/28/2008

Off to run ATF-Cleaner now.