Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Hijack

Started by simplify , Mar 08 2011 12:48 PM

  • Please log in to reply

#1
simplify
Posted 08 March 2011 - 12:48 PM

simplify

    New Member

  • Member
  • Pip
  • 2 posts
HI there,

Sorry I had wrong link at start. This topic I mean. http://www.geekstogo...cked-computer/.

I had exactly same problem as behind that link.
I did as you said and here are OTL file
----
OTL logfile created on: 3/8/2011 8:35:06 PM - Run
OTLPE by OldTimer - Version 3.1.45.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 7.0.5730.13)
Locale: 0000040B | Country: Suomi | Language: FIN | Date Format: d.M.yyyy

1,015.00 Mb Total Physical Memory | 818.00 Mb Available Physical Memory | 81.00% Memory free
903.00 Mb Paging File | 835.00 Mb Available in Paging File | 93.00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 81.65 Gb Total Space | 57.65 Gb Free Space | 70.60% Space Free | Partition Type: NTFS
Drive D: | 62.47 Gb Total Space | 62.40 Gb Free Space | 99.89% Space Free | Partition Type: NTFS
Drive X: | 3.73 Gb Total Space | 3.33 Gb Free Space | 89.22% Space Free | Partition Type: FAT

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet003

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand] -- -- (AppMgmt)
SRV - [2010/06/15 04:01:54 | 001,837,464 | ---- | M] () [Auto] -- C:\Program Files\Mobiililaajakaista\Mobiililaajakaista\BecHelperService.exe -- (BecHelperService)
SRV - [2010/04/23 18:10:54 | 000,209,768 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2010/04/23 18:10:44 | 000,483,688 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2010/01/20 16:03:39 | 000,117,640 | R--- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe -- (Norton Internet Security)
SRV - [2006/03/03 13:03:10 | 000,069,632 | ---- | M] (HP) [Auto] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (SYMREDRV)
DRV - File not found [Kernel | On_Demand] -- -- (SYMDNS)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand] -- -- (hwdatacard)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - File not found [Kernel | Unavailable] -- -- (2022E2)
DRV - File not found [Kernel | Unavailable] -- -- (18026B)
DRV - [2011/03/07 07:37:02 | 000,030,560 | ---- | M] () [Kernel | System] -- C:\WINDOWS\system32\drivers\wcscd.sys -- (wcscd)
DRV - [2011/03/07 07:37:02 | 000,030,560 | ---- | M] () [Kernel | System] -- C:\Documents and Settings\skkoski\Local Settings\Temp\cdfss -- (cdfss)
DRV - [2010/12/16 04:00:00 | 001,360,760 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20110119.037\NAVEX15.SYS -- (NAVEX15)
DRV - [2010/12/16 04:00:00 | 000,086,008 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20110119.037\NAVENG.SYS -- (NAVENG)
DRV - [2010/11/08 19:50:31 | 000,341,944 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20110118.001\IDSXpx86.sys -- (IDSxpx86)
DRV - [2010/06/15 04:47:16 | 000,105,856 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - [2010/06/15 04:47:16 | 000,105,856 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - [2010/06/15 04:47:16 | 000,105,856 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - [2010/06/15 04:47:16 | 000,009,216 | ---- | M] (MBB Incorporated) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\massfilter.sys -- (massfilter)
DRV - [2010/06/15 03:48:52 | 000,010,240 | ---- | M] () [Kernel | Auto] -- C:\WINDOWS\system32\drivers\mdvrmng.sys -- (mdvrmng)
DRV - [2010/05/26 03:00:00 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/05/26 03:00:00 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/04/23 18:10:54 | 000,018,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Sftvolxp.sys -- (Sftvol)
DRV - [2010/04/23 18:10:52 | 000,020,584 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\system32\drivers\Sftredirxp.sys -- (Sftredir)
DRV - [2010/04/23 18:10:50 | 000,211,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Sftplayxp.sys -- (Sftplay)
DRV - [2010/04/23 18:10:44 | 000,554,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Sftfsxp.sys -- (Sftfs)
DRV - [2010/02/24 02:22:12 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010/02/24 02:21:35 | 000,482,432 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\WINDOWS\System32\Drivers\NIS\1008000.029\ccHPx86.sys -- (ccHP)
DRV - [2010/01/20 16:03:40 | 000,217,136 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\WINDOWS\System32\Drivers\NIS\1008000.029\SYMTDI.SYS -- (SYMTDI)
DRV - [2010/01/20 16:03:40 | 000,089,904 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\Drivers\NIS\1008000.029\SYMFW.SYS -- (SYMFW)
DRV - [2010/01/20 16:03:40 | 000,036,400 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\Drivers\NIS\1008000.029\SYMNDIS.SYS -- (SYMNDIS)
DRV - [2010/01/20 16:03:40 | 000,033,072 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\Drivers\NIS\1008000.029\SYMIDS.SYS -- (SYMIDS)
DRV - [2010/01/20 16:03:39 | 000,310,320 | ---- | M] (Symantec Corporation) [File_System | Boot] -- C:\WINDOWS\system32\drivers\NIS\1008000.029\SymEFA.sys -- (SymEFA)
DRV - [2010/01/20 16:03:39 | 000,308,272 | ---- | M] (Symantec Corporation) [File_System | On_Demand] -- C:\WINDOWS\System32\Drivers\NIS\1008000.029\SRTSP.SYS -- (SRTSP)
DRV - [2010/01/20 16:03:39 | 000,259,632 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\WINDOWS\System32\Drivers\NIS\1008000.029\BHDrvx86.sys -- (BHDrvx86)
DRV - [2010/01/20 16:03:39 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\NIS\1008000.029\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2010/01/20 16:03:28 | 000,036,400 | R--- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIMMP)
DRV - [2010/01/20 16:03:28 | 000,036,400 | R--- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIM)
DRV - [2009/08/05 14:48:42 | 000,054,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2009/02/13 19:49:30 | 005,029,376 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/09/23 12:15:00 | 000,038,400 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\l1e51x86.sys -- (L1e)
DRV - [2008/09/18 12:44:38 | 001,326,528 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\athw.sys -- (AR5416)
DRV - [2008/08/19 09:16:36 | 000,991,656 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2008/08/19 09:16:28 | 000,047,272 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2008/08/05 23:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2008/07/24 04:37:10 | 000,156,816 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2008/05/29 22:46:12 | 000,534,568 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2008/04/15 07:00:00 | 000,051,840 | ---- | M] () [Kernel | Boot] -- C:\WINDOWS\System32\drivers\volsnap.sys -- (VolSnap)
DRV - [2008/04/08 08:59:28 | 000,010,752 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ASUSACPI.SYS -- (AsusACPI)
DRV - [2008/03/10 05:18:42 | 000,057,384 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\btwhid.sys -- (btwhid)
DRV - [2008/02/04 04:57:44 | 000,037,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2006/01/04 18:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\skkoski_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\skkoski_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\ShopperReports3\bin\3.0.268.0\firefox\firefoxtoolbar\extensions
FF - HKLM\software\mozilla\Firefox\Extensions\\{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\ [2010/04/27 00:53:40 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/03/05 13:59:27 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/03/05 13:59:27 | 000,000,000 | ---D | M]

[2011/03/08 03:47:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/10/07 23:22:43 | 000,002,062 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bookplus-fi.xml
[2010/10/07 23:22:43 | 000,001,069 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\creativecommons-fi.xml
[2010/10/07 23:22:43 | 000,002,677 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\huuto-fi.xml
[2010/10/07 23:22:43 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fi.xml
[2010/10/07 23:22:43 | 000,001,100 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-fi.xml

O1 HOSTS File: ([2008/04/15 07:00:00 | 000,000,665 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader -linkkiavustaja) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\16.8.0.41\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\16.8.0.41\IPSBHO.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\16.8.0.41\CoIEPlg.dll (Symantec Corporation)
O3 - HKU\skkoski_ON_C\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\16.8.0.41\CoIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AsusACPIServer] C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [AsusEPCMonitor] C:\Program Files\EeePC\ACPI\AsEPCMon.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [AsusTray] C:\Program Files\EeePC\ACPI\AsTray.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELANTECH Devices Corp.)
O4 - HKLM..\Run: [Regedit32] File not found
O4 - HKLM..\Run: [wuaucldt] C:\WINDOWS\system32\wuaucldt.exe ()
O4 - HKU\skkoski_ON_C..\Run: [wuaucldt] C:\Documents and Settings\skkoski\wuaucldt.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Käynnistä-valikko\Ohjelmat\Käynnistys\BTTray.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\All Users\Käynnistä-valikko\Ohjelmat\Käynnistys\SuperHybridEngine.lnk = C:\Program Files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe (ASUSTeK Computer Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\skkoski_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\skkoski_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicr...osoft/wrc32.ocx (WRC Class)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\16.8.0.41\CoIEPlg.dll (Symantec Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/01/21 03:31:48 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 09:06:42 | 000,000,053 | ---- | M] () - X:\AUTORUN.INF -- [ FAT ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: AppSecDll - (C:\Documents and Settings\All Users\Application Data\KDfipsQcxuWorYT.dll) - C:\Documents and Settings\All Users\Application Data\KDfipsQcxuWorYT.dll ()
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/03/08 03:23:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\skkoski\Käynnistä-valikko\Ohjelmat\Windows Safemode
[2011/02/23 17:34:26 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011/02/22 17:00:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\skkoski\Local Settings\Application Data\SoftGrid Client
[2011/02/22 17:00:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\skkoski\Application Data\SoftGrid Client
[2011/02/22 17:00:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32\config\systemprofile\Application Data\{90140011-0062-040B-0000-0000000FF1CE}
[2011/02/22 16:59:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32\config\systemprofile\Application Data\SoftGrid Client
[2011/02/22 16:58:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\SoftGrid Client
[2011/02/22 16:57:38 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2011/02/22 16:57:32 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Application Virtualization Client
[2011/02/22 16:55:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\skkoski\Application Data\TP
[2011/02/08 02:25:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\skkoski\Local Settings\Application Data\Spotify
[2011/02/08 02:25:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\skkoski\Application Data\Spotify
[2011/02/08 02:25:43 | 000,000,000 | ---D | C] -- C:\Program Files\Spotify
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/03/08 13:27:24 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/03/08 11:22:18 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/03/08 03:52:27 | 000,081,408 | ---- | M] () -- C:\WINDOWS\System32\drivers\18026B.sys
[2011/03/08 03:48:28 | 000,000,801 | ---- | M] () -- C:\Documents and Settings\skkoski\Työpöytä\Windows Safemode.lnk
[2011/03/07 07:37:02 | 000,030,560 | ---- | M] () -- C:\WINDOWS\System32\drivers\wcscd.sys
[2011/03/07 07:36:57 | 000,032,256 | ---- | M] () -- C:\Documents and Settings\skkoski\wuaucldt.exe
[2011/03/07 07:36:56 | 000,032,256 | ---- | M] () -- C:\WINDOWS\System32\wuaucldt.exe
[2011/03/01 11:07:58 | 000,035,448 | ---- | M] () -- C:\Documents and Settings\skkoski\Omat tiedostot\lord of the flies.rtf
[2011/02/23 17:34:47 | 000,445,120 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/02/23 17:34:47 | 000,420,300 | ---- | M] () -- C:\WINDOWS\System32\perfh00B.dat
[2011/02/23 17:34:47 | 000,086,998 | ---- | M] () -- C:\WINDOWS\System32\perfc00B.dat
[2011/02/23 17:34:47 | 000,072,738 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/02/11 02:35:24 | 000,295,664 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/02/10 18:21:47 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/02/08 02:25:44 | 000,000,666 | ---- | M] () -- C:\Documents and Settings\skkoski\Työpöytä\Spotify.lnk
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/03/08 03:52:27 | 000,081,408 | ---- | C] () -- C:\WINDOWS\System32\drivers\18026B.sys
[2011/03/08 03:48:28 | 000,000,801 | ---- | C] () -- C:\Documents and Settings\skkoski\Työpöytä\Windows Safemode.lnk
[2011/03/07 07:37:02 | 000,030,560 | ---- | C] () -- C:\WINDOWS\System32\drivers\wcscd.sys
[2011/03/07 07:36:56 | 000,032,256 | ---- | C] () -- C:\WINDOWS\System32\wuaucldt.exe
[2011/03/07 07:36:56 | 000,032,256 | ---- | C] () -- C:\Documents and Settings\skkoski\wuaucldt.exe
[2011/03/01 11:07:57 | 000,035,448 | ---- | C] () -- C:\Documents and Settings\skkoski\Omat tiedostot\lord of the flies.rtf
[2011/02/08 02:25:44 | 000,000,672 | ---- | C] () -- C:\Documents and Settings\skkoski\Käynnistä-valikko\Ohjelmat\Spotify.lnk
[2011/02/08 02:25:44 | 000,000,666 | ---- | C] () -- C:\Documents and Settings\skkoski\Työpöytä\Spotify.lnk
[2010/10/30 08:51:37 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\drivers\mdvrmng.sys
[2010/06/29 12:19:42 | 000,012,288 | ---- | C] () -- C:\Documents and Settings\skkoski\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/06/15 04:47:20 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\RemoveDevice.dll
[2010/05/21 03:46:29 | 000,110,415 | ---- | C] () -- C:\WINDOWS\hpoins11.dat
[2010/05/21 03:46:18 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll
[2010/05/21 03:46:07 | 000,006,947 | ---- | C] () -- C:\WINDOWS\hpomdl11.dat
[2009/11/24 03:52:02 | 000,000,620 | ---- | C] () -- C:\Documents and Settings\skkoski\Application Data\wklnhst.dat
[2009/11/02 16:18:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/10/31 14:16:08 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\skkoski\Local Settings\Application Data\fusioncache.dat
[2009/10/31 14:15:51 | 000,000,131 | ---- | C] () -- C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\fusioncache.dat
[2009/03/02 07:08:19 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\drivers\rtkhdaud.dat
[2009/03/02 06:28:53 | 000,040,960 | ---- | C] () -- C:\WINDOWS\uvcrecordfix.exe
[2009/03/02 06:28:53 | 000,024,576 | ---- | C] () -- C:\WINDOWS\Sleep.exe
[2009/01/21 06:36:27 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2009/01/21 05:23:01 | 000,004,381 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/01/21 05:22:05 | 000,295,664 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/01/21 05:15:46 | 000,005,312 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2009/01/21 05:15:42 | 000,243,832 | ---- | C] () -- C:\WINDOWS\System32\perfi00B.dat
[2009/01/21 05:15:42 | 000,034,270 | ---- | C] () -- C:\WINDOWS\System32\perfd00B.dat
[2009/01/21 05:15:41 | 000,420,300 | ---- | C] () -- C:\WINDOWS\System32\perfh00B.dat
[2009/01/21 05:15:41 | 000,086,998 | ---- | C] () -- C:\WINDOWS\System32\perfc00B.dat
[2009/01/21 05:15:37 | 000,051,840 | ---- | C] () -- C:\WINDOWS\System32\drivers\volsnap.sys
[2009/01/21 05:15:35 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2009/01/21 05:15:34 | 000,445,120 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2009/01/21 05:15:34 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2009/01/21 05:15:34 | 000,072,738 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2009/01/21 05:15:34 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2009/01/21 05:15:34 | 000,004,562 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2009/01/21 05:15:33 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2009/01/21 05:15:33 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2009/01/21 05:15:32 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2009/01/21 05:15:32 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2009/01/21 05:15:29 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2009/01/21 05:15:27 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2009/01/21 04:37:40 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4906.dll
[2009/01/21 04:35:23 | 000,000,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\SamSfPa.dat
[2009/01/21 03:34:25 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/01/21 03:29:22 | 000,021,672 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/11/14 11:12:56 | 000,012,208 | ---- | C] () -- C:\WINDOWS\AsTrayLang.ini
[2008/09/02 00:25:26 | 002,854,912 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll
[2008/08/27 22:10:24 | 000,000,173 | ---- | C] () -- C:\WINDOWS\explorer.exe.config
[2008/07/30 12:31:52 | 000,021,864 | ---- | C] () -- C:\WINDOWS\AsAcpiSvrLang.ini
[2001/11/14 06:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll

========== LOP Check ==========

[2011/03/08 11:27:27 | 000,000,000 | ---D | M] -- C:\WINDOWS\system32\config\systemprofile\Application Data\SoftGrid Client
[2011/02/22 17:00:18 | 000,000,000 | ---D | M] -- C:\WINDOWS\system32\config\systemprofile\Application Data\{90140011-0062-040B-0000-0000000FF1CE}
[2010/10/30 08:52:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Birdstep Technology
[2010/10/30 08:52:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\skkoski\Application Data\Birdstep Technology
[2010/02/17 11:10:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\skkoski\Application Data\GetRightToGo
[2009/12/26 12:36:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\skkoski\Application Data\ShopperReports3
[2011/03/05 17:55:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\skkoski\Application Data\SoftGrid Client
[2011/03/07 05:50:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\skkoski\Application Data\Spotify
[2010/11/23 15:11:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\skkoski\Application Data\Template
[2011/02/22 17:02:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\skkoski\Application Data\TP

========== Purity Check ==========


< End of report >
-----

Can you please help me?

Edited by simplify, 09 March 2011 - 03:47 AM.

  • 0

Advertisements

#2
simplify
Posted 09 March 2011 - 11:49 PM

simplify

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
Anyone please?
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP