Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Virus/malware stopped Mcafee and Internet Explorer from working!

Started by Lamarie78 , Sep 12 2010 10:04 PM

  • This topic is locked This topic is locked

#31
Thunderbird1988
Posted 11 October 2010 - 09:14 AM

Thunderbird1988

    Member 2k

  • Member
  • PipPipPipPipPip
  • 2,416 posts
Hello,

Ok, You don't experience any problems anymore?

Thunderbird1988
  • 0

Advertisements

#32
Lamarie78
Posted 11 October 2010 - 01:16 PM

Lamarie78

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts
So far I am not experiencing any problems. What do you think of the report? Is there anything I should do to keep malware or virus from happening again to my computer?
  • 0

#33
Thunderbird1988
Posted 12 October 2010 - 03:28 AM

Thunderbird1988

    Member 2k

  • Member
  • PipPipPipPipPip
  • 2,416 posts
Hello,

What do you think of the report?


Your report contains no more signs of malware. So far I can see, your computer is clean.

Is there anything I should do to keep malware or virus from happening again to my computer?


Yes, we should clean up the removal tools.

The following will implement some cleanup procedures as well as reset System Restore points:

Click Start > Run and copy/paste the following bolded text into the Run box and click OK:

ComboFix /Uninstall


  • Download OTC to your desktop and run it
  • Click Yes to beginning the Cleanup process and remove these components, including this application.
  • You will be asked to reboot the machine to finish the Cleanup process. Choose Yes.

You can read more about how to prevent your computer against infections here.


Please reply one more time so I we can consider this case solved.

Thunderbird1988
  • 0

#34
Lamarie78
Posted 17 October 2010 - 11:12 AM

Lamarie78

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts
Here is the OTL results. What do you think?

OTL logfile created on: 10/17/2010 1:02:11 PM - Run 4
OTL by OldTimer - Version 3.2.15.2 Folder = C:\Users\Lisa\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18975)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 47.00% Memory free
6.00 Gb Paging File | 4.00 Gb Available in Paging File | 64.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 283.40 Gb Total Space | 201.93 Gb Free Space | 71.25% Space Free | Partition Type: NTFS
Drive D: | 14.65 Gb Total Space | 8.62 Gb Free Space | 58.82% Space Free | Partition Type: NTFS

Computer Name: MFAMILY-PC | User Name: Lisa | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 90 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Lisa\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Windows\System32\Macromed\Flash\FlashUtil10k_ActiveX.exe (Adobe Systems, Inc.)
PRC - C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.)
PRC - C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe (McAfee, Inc.)
PRC - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe (McAfee, Inc.)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe (Google Inc.)
PRC - C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
PRC - C:\Program Files\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.)
PRC - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
PRC - C:\Program Files\Upromise\UpromiseTray.exe ()
PRC - C:\Program Files\Upromise\dca-ua.exe (Compete Inc)
PRC - C:\Program Files\Dell Remote Access\ezi_ra.exe (Dell Inc.)
PRC - C:\Program Files\Common Files\Dell\Advanced Networking Service\hnm_svc.exe (Dell Inc.)
PRC - C:\Program Files\Pure Networks\Network Magic\nmapp.exe (Cisco Systems, Inc.)
PRC - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe (Cisco Systems, Inc.)
PRC - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe (Cisco Systems, Inc.)
PRC - C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe ()
PRC - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\atashost.exe (WebEx Communications, Inc.)
PRC - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
PRC - C:\Program Files\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
PRC - C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
PRC - C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
PRC - C:\Program Files\Dell\DellDock\DockLogin.exe (Stardock Corporation)
PRC - C:\Program Files\Dell V505\dldwmsdmon.exe ()
PRC - C:\Program Files\Dell V505\dldwmon.exe ()
PRC - C:\Windows\System32\dldwcoms.exe ( )
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
PRC - C:\Program Files\palmOne\Hotsync.exe (PalmSource, Inc)


========== Modules (SafeList) ==========

MOD - C:\Users\Lisa\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll (Microsoft Corporation)
MOD - c:\Program Files\McAfee\SiteAdvisor\sahook.dll (McAfee, Inc.)
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.)
SRV - (McShield) -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe ()
SRV - (mfevtp) -- C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe (McAfee, Inc.)
SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (GameConsoleService) -- C:\Program Files\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe (WildTangent, Inc.)
SRV - (McODS) -- C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SRV - (McAfee SiteAdvisor Service) -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.)
SRV - (WPFFontCache_v0400) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (MSK80Service) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McProxy) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McNASvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McNaiAnn) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (mcmscsvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McMPFSvc) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (SwitchBoard) -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (hnmsvc) -- C:\Program Files\Common Files\Dell\Advanced Networking Service\hnm_svc.exe (Dell Inc.)
SRV - (nmservice) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe (Cisco Systems, Inc.)
SRV - (GoToAssist) -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe (Citrix Online, a division of Citrix Systems, Inc.)
SRV - (atashost) -- C:\Windows\System32\atashost.exe (WebEx Communications, Inc.)
SRV - (YahooAUService) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
SRV - (sprtsvc_DellSupportCenter) SupportSoft Sprocket Service (DellSupportCenter) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
SRV - (DockLoginService) -- C:\Program Files\Dell\DellDock\DockLogin.exe (Stardock Corporation)
SRV - (dldwCATSCustConnectService) -- C:\Windows\System32\spool\DRIVERS\W32X86\3\\dldwserv.exe ()
SRV - (dldw_device) -- C:\Windows\System32\dldwcoms.exe ( )
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found
DRV - (catchme) -- C:\Users\Lisa\AppData\Local\Temp\catchme.sys File not found
DRV - (mfehidk) -- C:\Windows\system32\drivers\mfehidk.sys (McAfee, Inc.)
DRV - (mfefirek) -- C:\Windows\System32\drivers\mfefirek.sys (McAfee, Inc.)
DRV - (mfewfpk) -- C:\Windows\System32\drivers\mfewfpk.sys (McAfee, Inc.)
DRV - (mfeavfk) -- C:\Windows\System32\drivers\mfeavfk.sys (McAfee, Inc.)
DRV - (mfeapfk) -- C:\Windows\System32\drivers\mfeapfk.sys (McAfee, Inc.)
DRV - (mferkdet) -- C:\Windows\System32\drivers\mferkdet.sys (McAfee, Inc.)
DRV - (mfenlfk) -- C:\Windows\System32\drivers\mfenlfk.sys (McAfee, Inc.)
DRV - (cfwids) -- C:\Windows\System32\drivers\cfwids.sys (McAfee, Inc.)
DRV - (mfebopk) -- C:\Windows\System32\drivers\mfebopk.sys (McAfee, Inc.)
DRV - (purendis) -- C:\Windows\System32\drivers\purendis.sys (Cisco Systems, Inc.)
DRV - (pnarp) -- C:\Windows\System32\drivers\pnarp.sys (Cisco Systems, Inc.)
DRV - (PalmUSBD) -- C:\Windows\System32\drivers\PalmUSBD.sys (PalmSource, Inc.)
DRV - (Packet) -- C:\Windows\System32\drivers\packet.sys (SingleClick Systems)
DRV - (LVUVC) Logitech QuickCam Pro 5000(UVC) -- C:\Windows\System32\drivers\lvuvc.sys (Logitech Inc.)
DRV - (LVUSBSta) -- C:\Windows\System32\drivers\LVUSBSta.sys (Logitech Inc.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation )
DRV - (RtNdPt60) -- C:\Windows\System32\drivers\RtNdPt60.sys (Windows ® Codename Longhorn DDK provider)
DRV - (iaStor) -- C:\Windows\system32\drivers\iastor.sys (Intel Corporation)
DRV - (igfx) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation)
DRV - (USB_RNDIS) -- C:\Windows\System32\drivers\usb8023.sys (Microsoft Corporation)
DRV - (MegaSR) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (e1express) Intel® -- C:\Windows\System32\drivers\e1e6032.sys (Intel Corporation)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (E1G60) Intel® -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (usbaudio) USB Audio Driver (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (R300) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://my.yahoo.com/linksys

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2010/10/13 07:49:11 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2010/01/25 07:00:36 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2010/10/03 18:31:50 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O2 - BHO: (Dell Toolbar) - {09B71986-2AC5-482d-B6CB-42EA34F4F85B} - C:\Program Files\Dell Toolbar\toolband.dll ()
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\McAfee\MSK\mskapbho.dll ()
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20100918073840.dll (McAfee, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (DCA BHO) - {B49699FC-1665-4414-A1CB-C4A2A4A13EEC} - C:\Program Files\Upromise\dca-bho.dll (Compete, Inc.)
O2 - BHO: (Upromise TurboSaver) - {EDC0F17F-F4B7-47e4-B73E-887FAEB376FA} - C:\Program Files\Upromise\upromisetoolbar.dll (Upromise, Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Upromise TurboSaver) - {06E58E5E-F8CB-4049-991E-A41C03BD419E} - C:\Program Files\Upromise\upromisetoolbar.dll (Upromise, Inc.)
O3 - HKLM\..\Toolbar: (Dell Toolbar) - {09B71986-2AC5-482d-B6CB-42EA34F4F85B} - C:\Program Files\Dell Toolbar\toolband.dll ()
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Dell Toolbar) - {09B71986-2AC5-482D-B6CB-42EA34F4F85B} - C:\Program Files\Dell Toolbar\toolband.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Upromise TurboSaver) - {06E58E5E-F8CB-4049-991E-A41C03BD419E} - C:\Program Files\Upromise\upromisetoolbar.dll (Upromise, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe ()
O4 - HKLM..\Run: [Dell V505 Fax Server] C:\Program Files\Dell V505\fm3032.exe ()
O4 - HKLM..\Run: [dellsupportcenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [dldwamon] C:\Program Files\Dell V505\dldwamon.exe ()
O4 - HKLM..\Run: [dldwmon.exe] C:\Program Files\Dell V505\dldwmon.exe ()
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [nmapp] C:\Program Files\Pure Networks\Network Magic\nmapp.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [nmctxth] C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [Upromise Tray] C:\Program Files\Upromise\UpromiseTray.exe ()
O4 - HKCU..\Run: [Upromise Update] C:\Program Files\Upromise\dca-ua.exe (Compete Inc)
O4 - Startup: C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O9 - Extra Button: Upromise TurboSaver - {06E58E5E-F8CB-4049-991E-A41C03BD419E} - C:\Program Files\Upromise\upromisetoolbar.dll (Upromise, Inc.)
O9 - Extra 'Tools' menuitem : Upromise TurboSaver - {06E58E5E-F8CB-4049-991E-A41C03BD419E} - C:\Program Files\Upromise\upromisetoolbar.dll (Upromise, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {59E937ED-AC7E-407D-B40B-6545B1EECDE7} http://www.always.co...b.Installer.exe (CDFusionActiveXCtl Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {BF985246-09BF-11D2-BE62-006097DF57F6} http://simcity.ea.co...ic/SimCityX.cab (SimCityX Control)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\GoToAssist: DllName - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll - C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\Lisa\Pictures\LisaVinDiesel.Pics\3093450_gal.jpg
O24 - Desktop BackupWallPaper: C:\Users\Lisa\Pictures\LisaVinDiesel.Pics\3093450_gal.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 90 Days ==========

[2010/10/17 12:55:52 | 000,574,464 | ---- | C] (OldTimer Tools) -- C:\Users\Lisa\Desktop\OTL.exe
[2010/10/08 23:29:40 | 000,093,056 | ---- | C] (GMER) -- C:\pwtdifoc.sys
[2010/10/08 23:29:01 | 000,000,000 | ---D | C] -- C:\Users\Lisa\Documents\gmer[1]
[2010/10/08 23:21:06 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010/10/03 18:33:27 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010/10/03 18:33:24 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Local\temp
[2010/10/03 18:14:16 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2010/10/03 18:14:16 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2010/10/03 18:14:16 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2010/10/03 18:13:47 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2010/10/03 18:01:51 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/10/03 17:07:02 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/10/03 12:34:53 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/10/03 12:34:51 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/09/24 22:45:38 | 000,000,000 | ---D | C] -- C:\Users\Lisa\Desktop\Misc
[2010/09/24 22:36:26 | 000,000,000 | ---D | C] -- C:\Users\Lisa\Desktop\Geekstogo
[2010/09/24 20:36:26 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Roaming\Malwarebytes
[2010/09/24 20:34:04 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/09/24 20:34:03 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/09/24 20:34:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/09/24 20:34:02 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/09/22 20:11:41 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/09/22 20:11:20 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/09/12 23:48:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Office Genuine Advantage
[2010/09/12 12:42:54 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/09/12 12:37:56 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/09/10 17:39:05 | 000,000,000 | ---D | C] -- C:\Users\Lisa\Documents\Adobe
[2010/09/06 23:01:11 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
[2010/09/06 22:54:42 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe Media Player
[2010/09/06 20:13:46 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/08/27 12:59:23 | 000,009,344 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfeclnk.sys
[2010/08/27 12:58:51 | 000,386,712 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfehidk.sys
[2010/08/27 12:58:51 | 000,312,904 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfefirek.sys
[2010/08/27 12:58:51 | 000,164,808 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfewfpk.sys
[2010/08/27 12:58:51 | 000,152,992 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfeavfk.sys
[2010/08/27 12:58:51 | 000,095,600 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfeapfk.sys
[2010/08/27 12:58:51 | 000,084,264 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mferkdet.sys
[2010/08/27 12:58:51 | 000,064,304 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfenlfk.sys
[2010/08/27 12:58:51 | 000,055,840 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\cfwids.sys
[2010/08/27 12:58:51 | 000,052,104 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfebopk.sys
[2010/08/06 16:25:03 | 000,000,000 | ---D | C] -- C:\Program Files\Coupons
[2009/07/29 13:57:30 | 008,653,312 | ---- | C] (Dell, Inc. ) -- C:\Users\Lisa\AppData\Roaming\DataSafeDotNet.exe
[2009/03/22 19:18:03 | 000,438,272 | ---- | C] ( ) -- C:\Windows\System32\DLDWhcp.dll
[2009/03/22 19:18:02 | 001,069,056 | ---- | C] ( ) -- C:\Windows\System32\dldwserv.dll
[2009/03/22 19:18:02 | 000,851,968 | ---- | C] ( ) -- C:\Windows\System32\dldwusb1.dll
[2009/03/22 19:18:02 | 000,651,264 | ---- | C] ( ) -- C:\Windows\System32\dldwpmui.dll
[2009/03/22 19:18:02 | 000,364,544 | ---- | C] ( ) -- C:\Windows\System32\dldwinpa.dll
[2009/03/22 19:18:02 | 000,339,968 | ---- | C] ( ) -- C:\Windows\System32\dldwiesc.dll
[2009/03/22 19:18:01 | 000,679,936 | ---- | C] ( ) -- C:\Windows\System32\dldwhbn3.dll
[2009/03/22 19:18:01 | 000,577,536 | ---- | C] ( ) -- C:\Windows\System32\dldwlmpm.dll
[2009/03/22 19:18:00 | 000,765,952 | ---- | C] ( ) -- C:\Windows\System32\dldwcomc.dll
[2009/03/22 19:18:00 | 000,376,832 | ---- | C] ( ) -- C:\Windows\System32\dldwcomm.dll
[12 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[12 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

========== Files - Modified Within 90 Days ==========

[2010/10/17 13:05:00 | 000,000,422 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{388ADA8A-6992-4AE3-86AB-8012FF67BAA8}.job
[2010/10/17 13:03:00 | 000,000,426 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{03504457-88CB-46EA-B9D7-8EBA938430C7}.job
[2010/10/17 12:56:45 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Users\Lisa\Desktop\OTL.exe
[2010/10/17 12:41:18 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/10/17 12:41:18 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/10/17 12:25:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/10/17 11:14:30 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/10/17 11:14:28 | 000,000,276 | ---- | M] () -- C:\Windows\tasks\RtlNICDiagVistaStart.job
[2010/10/17 02:41:17 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/10/17 02:41:13 | 3209,875,456 | -HS- | M] () -- C:\hiberfil.sys
[2010/10/16 19:05:56 | 000,000,416 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{6E4D0893-8A99-4E54-A0A2-2C1255957ED3}.job
[2010/10/16 13:59:49 | 000,000,420 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{0A228B0B-1839-4945-B7B4-233C3FEFCDE9}.job
[2010/10/14 18:18:27 | 000,010,584 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\wklnhst.dat
[2010/10/14 09:58:03 | 000,302,960 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/10/10 03:18:57 | 000,000,138 | ---- | M] () -- C:\Users\Lisa\Desktop\Alpine Access Admissions Home.url
[2010/10/09 21:06:53 | 305,891,919 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/10/08 23:29:40 | 000,093,056 | ---- | M] (GMER) -- C:\pwtdifoc.sys
[2010/10/03 18:31:50 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010/10/03 12:35:39 | 000,001,804 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/09/21 10:08:58 | 000,000,945 | ---- | M] () -- C:\Users\Lisa\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/09/10 19:14:18 | 000,000,000 | ---- | M] () -- C:\Windows\System32\drivers\lvuvc.hs
[2010/09/06 23:24:07 | 000,013,863 | ---- | M] () -- C:\Users\Lisa\Documents\Flash.Pic.9.6.10.fla
[2010/09/06 22:00:35 | 898,984,124 | ---- | M] () -- C:\Users\Lisa\Documents\FlashPro_11_LS1.7z
[2010/08/24 14:57:38 | 000,386,712 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfehidk.sys
[2010/08/24 14:57:38 | 000,312,904 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfefirek.sys
[2010/08/24 14:57:38 | 000,164,808 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfewfpk.sys
[2010/08/24 14:57:38 | 000,152,992 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfeavfk.sys
[2010/08/24 14:57:38 | 000,095,600 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfeapfk.sys
[2010/08/24 14:57:38 | 000,084,264 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mferkdet.sys
[2010/08/24 14:57:38 | 000,064,304 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfenlfk.sys
[2010/08/24 14:57:38 | 000,055,840 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\cfwids.sys
[2010/08/24 14:57:38 | 000,052,104 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfebopk.sys
[2010/08/24 14:57:38 | 000,009,344 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfeclnk.sys
[2010/08/11 05:01:18 | 000,033,792 | ---- | M] () -- C:\Users\Lisa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[12 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[12 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/10/10 03:18:57 | 000,000,138 | ---- | C] () -- C:\Users\Lisa\Desktop\Alpine Access Admissions Home.url
[2010/10/08 23:20:43 | 305,891,919 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010/10/03 18:14:16 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2010/10/03 18:14:16 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2010/10/03 18:14:16 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2010/10/03 18:14:16 | 000,077,312 | ---- | C] () -- C:\Windows\MBR.exe
[2010/10/03 18:14:16 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2010/10/03 12:35:39 | 000,001,804 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/09/24 22:33:40 | 3209,875,456 | -HS- | C] () -- C:\hiberfil.sys
[2010/09/19 14:37:59 | 000,057,667 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2010/09/06 23:24:07 | 000,013,863 | ---- | C] () -- C:\Users\Lisa\Documents\Flash.Pic.9.6.10.fla
[2010/09/06 22:00:04 | 898,984,124 | ---- | C] () -- C:\Users\Lisa\Documents\FlashPro_11_LS1.7z
[2010/03/12 17:27:53 | 000,036,352 | ---- | C] () -- C:\Windows\System32\SX32W.DLL
[2010/03/12 17:27:51 | 000,106,496 | ---- | C] () -- C:\Windows\System32\BrtRTECG.dll
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/07/03 22:07:53 | 008,892,928 | ---- | C] () -- C:\ProgramData\atscie.msi
[2009/03/27 16:58:56 | 000,005,216 | ---- | C] () -- C:\Users\Lisa\AppData\Local\d3d9caps.dat
[2009/03/27 15:03:10 | 000,010,584 | ---- | C] () -- C:\Users\Lisa\AppData\Roaming\wklnhst.dat
[2009/03/26 21:49:35 | 000,033,792 | ---- | C] () -- C:\Users\Lisa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/03/22 19:25:13 | 000,360,448 | ---- | C] () -- C:\Windows\System32\dldwcoin.dll
[2009/03/22 19:20:49 | 000,045,056 | ---- | C] () -- C:\Windows\System32\DLDWPMON.DLL
[2009/03/22 19:20:49 | 000,032,768 | ---- | C] () -- C:\Windows\System32\DLDWFXPU.DLL
[2009/03/22 19:20:29 | 000,057,344 | ---- | C] () -- C:\Windows\System32\dldwoem.dll
[2009/03/22 19:19:17 | 000,352,256 | ---- | C] () -- C:\Windows\System32\DLDWwupd.dll
[2009/03/22 19:18:03 | 000,389,120 | ---- | C] () -- C:\Windows\System32\DLDWinst.dll
[2009/03/22 19:18:02 | 000,520,192 | ---- | C] () -- C:\Windows\System32\dldwutil.dll
[2009/03/22 19:18:01 | 000,180,224 | ---- | C] () -- C:\Windows\System32\dldwinsb.dll
[2009/03/22 19:18:01 | 000,176,128 | ---- | C] () -- C:\Windows\System32\dldwins.dll
[2009/03/22 19:18:01 | 000,147,456 | ---- | C] () -- C:\Windows\System32\dldwjswr.dll
[2009/03/22 19:18:01 | 000,106,496 | ---- | C] () -- C:\Windows\System32\dldwinsr.dll
[2009/03/22 19:18:00 | 000,208,896 | ---- | C] () -- C:\Windows\System32\dldwgrd.dll
[2009/03/22 19:18:00 | 000,086,016 | ---- | C] () -- C:\Windows\System32\dldwcub.dll
[2009/03/22 19:18:00 | 000,077,824 | ---- | C] () -- C:\Windows\System32\dldwcu.dll
[2009/03/22 19:18:00 | 000,036,864 | ---- | C] () -- C:\Windows\System32\dldwcur.dll
[2009/03/22 19:17:59 | 000,077,906 | ---- | C] () -- C:\Windows\System32\DLDWcfg.dll
[2009/03/12 05:14:13 | 001,953,696 | ---- | C] () -- C:\Windows\System32\igklg400.dll
[2009/03/12 05:14:13 | 001,533,360 | ---- | C] () -- C:\Windows\System32\igklg450.dll
[2009/03/12 05:14:13 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1409.dll
[2009/03/12 05:14:13 | 000,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll
[2008/07/26 15:42:52 | 000,066,482 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2008/05/07 16:42:00 | 001,036,288 | ---- | C] () -- C:\Windows\System32\dldwdrs.dll
[2008/04/23 03:53:14 | 000,081,920 | ---- | C] () -- C:\Windows\System32\dldwcaps.dll
[2008/02/26 15:24:06 | 000,069,632 | ---- | C] () -- C:\Windows\System32\dldwcnv4.dll
[2007/07/11 00:57:31 | 000,040,960 | ---- | C] () -- C:\Windows\System32\dldwvs.dll
[2006/11/02 08:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 06:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

========== LOP Check ==========

[2009/06/15 00:09:16 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Amazon
[2010/09/06 20:13:46 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2009/06/14 23:44:59 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\HotSync
[2009/04/11 22:04:19 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\iWin
[2010/05/02 17:35:11 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Merscom
[2009/12/23 00:06:29 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\SecondLife
[2009/03/27 15:03:11 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Template
[2009/10/31 13:25:59 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\upromise
[2009/07/28 19:39:17 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\V505 Series
[2009/05/25 19:51:38 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\W Photo Studio Viewer
[2009/03/25 20:46:53 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\WildTangent
[2009/03/26 21:48:31 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Windows Live Writer
[2010/10/17 11:14:28 | 000,000,276 | ---- | M] () -- C:\Windows\Tasks\RtlNICDiagVistaStart.job
[2010/10/16 21:25:34 | 000,032,644 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010/10/17 13:03:00 | 000,000,426 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{03504457-88CB-46EA-B9D7-8EBA938430C7}.job
[2010/10/16 13:59:49 | 000,000,420 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{0A228B0B-1839-4945-B7B4-233C3FEFCDE9}.job
[2010/10/17 13:05:00 | 000,000,422 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{388ADA8A-6992-4AE3-86AB-8012FF67BAA8}.job
[2010/10/16 19:05:56 | 000,000,416 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{6E4D0893-8A99-4E54-A0A2-2C1255957ED3}.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:5D432CE3

< End of report >
  • 0

#35
Thunderbird1988
Posted 20 October 2010 - 06:10 AM

Thunderbird1988

    Member 2k

  • Member
  • PipPipPipPipPip
  • 2,416 posts
Hello,

Have you done the steps in my previous post?

Besides there are leftovers form the tools we have used, the log is clean.

Thunderbird1988
  • 0

#36
Thunderbird1988
Posted 06 November 2010 - 04:05 AM

Thunderbird1988

    Member 2k

  • Member
  • PipPipPipPipPip
  • 2,416 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :D

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP