Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Bitdefender found and cleaned issues but things not right now

Started by harrisonsimon , Nov 13 2010 09:31 AM

  • Please log in to reply

#1
harrisonsimon
Posted 13 November 2010 - 09:31 AM

harrisonsimon

    New Member

  • Member
  • Pip
  • 1 posts
Hi,
Bitdefender encountered some virus/malware issues last week and apparently dealt with them but since then IE has been slow such that it appears to hang for a minute or so and then carries on, a process which is repeated every couple of minutes or so and Task Manager no longer has its header so you can go from processes to program etc.

i'm thinking something has crept in!

OTL as follows. Hope you guys can help, you sorted me out once before about 6 or 7 years ago with a smitfraud c issue.

So thanks in advance.

Simon

OTL logfile created on: 13/11/2010 15:16:49 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\The Harrisons\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

958.00 Mb Total Physical Memory | 467.00 Mb Available Physical Memory | 49.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 63.00% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55.88 Gb Total Space | 41.77 Gb Free Space | 74.75% Space Free | Partition Type: NTFS

Computer Name: HARRISON-LAPTOP | User Name: The Harrisons | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/11/13 15:16:04 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\The Harrisons\Desktop\OTL.exe
PRC - [2010/04/26 14:01:54 | 001,615,688 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe
PRC - [2010/03/18 15:25:08 | 001,123,360 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe
PRC - [2010/03/18 15:04:52 | 001,091,984 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2010\seccenter.exe
PRC - [2010/01/11 13:02:46 | 000,308,552 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
PRC - [2008/04/14 00:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/12/15 02:23:27 | 000,075,520 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
PRC - [2006/08/03 13:53:02 | 000,053,248 | ---- | M] (S3 Graphics, Inc.) -- C:\WINDOWS\system32\VTTimer.exe
PRC - [2006/07/27 15:06:46 | 000,122,880 | ---- | M] () -- C:\Program Files\Hotkey 1.0.4\FuncKey.exe
PRC - [2006/07/11 01:33:16 | 000,176,128 | ---- | M] (S3 Graphics Co., Ltd.) -- C:\WINDOWS\system32\S3Trayp.exe


========== Modules (SafeList) ==========

MOD - [2010/11/13 15:16:04 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\The Harrisons\Desktop\OTL.exe
MOD - [2010/10/17 17:44:06 | 000,667,648 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_68\plugin_fragments.m32
MOD - [2010/10/17 17:44:06 | 000,286,720 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_68\plugin_nt.m32
MOD - [2010/10/17 17:44:06 | 000,176,128 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_68\plugin_extra.m32
MOD - [2010/10/17 17:44:06 | 000,151,552 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_68\plugin_base.m32
MOD - [2010/10/17 17:44:06 | 000,098,304 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_68\plugin_net.m32
MOD - [2010/10/17 17:44:05 | 000,237,504 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_68\midas32.dll
MOD - [2010/10/17 17:44:05 | 000,126,976 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_68\plugin_registry.m32
MOD - [2010/08/23 16:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010/04/26 14:01:54 | 001,615,688 | ---- | M] (BitDefender S.R.L.) [Auto | Running] -- C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe -- (VSSERV)
SRV - [2010/03/12 15:40:10 | 000,315,392 | ---- | M] (S.C. BitDefender S.R.L) [On_Demand | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\scan.dll -- (scan)
SRV - [2010/01/11 13:02:46 | 000,308,552 | ---- | M] (BitDefender S.R.L.) [Auto | Running] -- C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe -- (LIVESRV)
SRV - [2009/10/19 16:06:10 | 000,183,880 | ---- | M] (BitDefender S.R.L. http://www.bitdefender.com) [On_Demand | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe -- (Arrakis3)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\UIUSYS.SYS -- (UIUSys)
DRV - [2010/07/10 20:22:05 | 000,039,808 | ---- | M] (BitDefender S.R.L.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\trufos.sys -- (Trufos)
DRV - [2010/07/10 20:22:05 | 000,014,720 | ---- | M] (BitDefender S.R.L.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\profos.sys -- (Profos)
DRV - [2010/07/10 20:22:04 | 000,119,504 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdftdif.sys -- (bdftdif)
DRV - [2010/07/10 20:22:02 | 000,111,312 | ---- | M] (BitDefender LLC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bdfndisf.sys -- (Bdfndisf)
DRV - [2010/04/23 16:43:52 | 000,058,368 | ---- | M] (BitDefender) [Kernel | On_Demand | Running] -- C:\Program Files\BitDefender\BitDefender 2010\bdselfpr.sys -- (BDSelfPr)
DRV - [2010/02/22 13:58:40 | 000,291,352 | ---- | M] (BitDefender) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\bdfsfltr.sys -- (bdfsfltr)
DRV - [2010/02/03 12:57:36 | 000,153,448 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bdfm.sys -- (bdfm)
DRV - [2010/01/19 18:32:40 | 000,085,128 | ---- | M] (BitDefender) [Kernel | Auto | Running] -- C:\Program Files\BitDefender\BitDefender 2010\bdvedisk.sys -- (BDVEDISK)
DRV - [2008/04/13 18:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/13 16:36:05 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2006/09/12 09:43:38 | 000,659,456 | ---- | M] (S3 Graphics Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\S3gIGPm.sys -- (S3GIGP)
DRV - [2006/08/24 15:05:32 | 000,594,432 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CHDAud.sys -- (HdAudAddService)
DRV - [2006/03/23 00:27:10 | 000,488,992 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)
DRV - [2006/03/09 15:56:58 | 000,995,712 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2006/03/09 15:56:16 | 000,206,976 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2006/03/09 15:56:10 | 000,726,400 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2005/10/12 11:07:12 | 000,874,240 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\iaStor.sys -- (iaStor)
DRV - [2005/09/09 18:56:14 | 000,006,144 | ---- | M] (http://www.internals.com) [Kernel | System | Running] -- C:\WINDOWS\system32\WinIo.sys -- (WINIO)
DRV - [2005/04/23 08:54:50 | 000,112,751 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2004/08/03 22:29:52 | 000,166,912 | ---- | M] (S3 Graphics, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s3gnbm.sys -- (S3SavageNB)
DRV - [2001/08/17 14:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 14:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 14:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 14:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 14:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 13:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 13:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 13:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 13:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 13:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 13:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 13:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 13:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 13:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 13:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



O1 HOSTS File: ([2004/08/04 12:00:00 | 000,000,709 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (BitDefender Toolbar) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2010\ietoolbar.dll (BitDefender S.R.L.)
O4 - HKLM..\Run: [BDAgent] C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe (BitDefender S.R.L.)
O4 - HKLM..\Run: [BitDefender Antiphishing Helper] C:\Program Files\BitDefender\BitDefender 2010\IEShow.exe (BitDefender S.R.L.)
O4 - HKLM..\Run: [FuncKey] C:\Program Files\Hotkey 1.0.4\FuncKey.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [S3Trayp] C:\WINDOWS\System32\S3Trayp.exe (S3 Graphics Co., Ltd.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [VTTimer] C:\WINDOWS\System32\VTTimer.exe (S3 Graphics, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\NPJPI150_11.dll (Sun Microsystems, Inc.)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.appl...ex/qtplugin.cab (QuickTime Object)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1174140889546 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_11)
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} http://www.sibelius....tiveXPlugin.cab (ScorchPlugin Class)
O16 - DPF: {CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_07)
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_11)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logme...trl.cab?lmi=100 (Performance Viewer Activex Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\The Harrisons\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\The Harrisons\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/02/13 17:49:51 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/11/13 15:16:02 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\The Harrisons\Desktop\OTL.exe
[2010/10/24 20:56:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2010/10/24 20:55:41 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010/10/24 20:54:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2010/10/24 20:54:01 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2010/10/24 20:54:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple
[2010/10/17 17:41:35 | 000,953,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40u.dll
[2010/10/17 17:41:34 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc42.dll
[2010/10/17 17:41:15 | 000,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comctl32.dll
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/11/13 15:16:04 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\The Harrisons\Desktop\OTL.exe
[2010/11/13 15:03:36 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/11/13 15:03:14 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/11/13 15:03:09 | 1004,711,936 | -HS- | M] () -- C:\hiberfil.sys
[2010/11/13 13:05:28 | 000,000,052 | ---- | M] () -- C:\WINDOWS\System32\ashttpstats.csv
[2010/11/13 12:40:05 | 000,000,376 | ---- | M] () -- C:\Documents and Settings\The Harrisons\Application Dataprivacy.xml
[2010/10/31 11:52:48 | 000,382,260 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/10/31 11:52:48 | 000,053,838 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/10/24 20:56:53 | 000,001,610 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2010/10/24 20:54:07 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/10/19 19:12:14 | 000,119,744 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/10/18 16:00:58 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/10/24 20:56:50 | 000,001,610 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2010/08/28 21:12:07 | 000,000,025 | ---- | C] () -- C:\Documents and Settings\The Harrisons\Application Data\bdfvconp.ini
[2009/01/15 12:45:34 | 000,181,248 | ---- | C] () -- C:\WINDOWS\System32\txmlutil.dll
[2008/12/24 14:42:28 | 000,000,335 | ---- | C] () -- C:\Documents and Settings\The Harrisons\Application Data\BonsaiErrorLog.txt
[2007/12/04 21:42:49 | 000,000,040 | ---- | C] () -- C:\WINDOWS\opt_1430.ini
[2007/12/04 21:41:47 | 000,000,410 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2007/12/04 21:41:47 | 000,000,026 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2007/05/22 18:14:58 | 000,008,784 | ---- | C] () -- C:\WINDOWS\System32\ractrlkeyhook.dll
[2007/03/17 18:23:56 | 000,020,480 | ---- | C] () -- C:\Documents and Settings\The Harrisons\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/03/17 17:08:46 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007/03/17 16:50:08 | 000,598,016 | ---- | C] () -- C:\WINDOWS\System32\viscomqtde.dll
[2007/03/17 16:50:07 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2007/03/17 14:44:39 | 000,000,125 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\.zreglib
[2007/01/31 13:50:32 | 000,913,408 | ---- | C] () -- C:\WINDOWS\System32\xreglib.dll
[2007/01/10 10:22:49 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2007/01/10 10:21:53 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\vuins32.dll
[2007/01/10 10:21:51 | 002,702,848 | ---- | C] () -- C:\WINDOWS\System32\s3gcil_inv.dll
[2006/02/13 18:11:03 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2006/02/13 17:55:28 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2006/02/13 17:40:57 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2006/02/13 16:33:23 | 000,000,976 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini

========== Alternate Data Streams ==========

@Alternate Data Stream - 236 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:6C3C9B83

< End of report >
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP