Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Unable to install or uninstall softwares

Started by ashleyttm , Mar 12 2011 10:39 PM

  • Please log in to reply

#1
ashleyttm
Posted 12 March 2011 - 10:39 PM

ashleyttm

    New Member

  • Member
  • Pip
  • 1 posts
Hi there,

I have difficulties trying to install or uninstall antivirus softwares and even basic softwares. After reading few articles from forum I think i am infected by malwares. I have tried couple methods and even VipreRescue8665.exe but it doesnt help the situation as I would like to install antivirus software to clean the virus. Is there any other way i can solve this issue?

Your help will be highly appreciated.



I did a quick scan from OTL and this is the log:


OTL logfile created on: 3/12/2011 10:32:43 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Thai\My Documents\Downloads
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 44.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 78.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 186.31 Gb Total Space | 147.33 Gb Free Space | 79.08% Space Free | Partition Type: NTFS

Computer Name: THAITAN | User Name: Thai | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/03/12 22:32:36 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Thai\My Documents\Downloads\OTL.exe
PRC - [2011/03/12 13:56:29 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/09/15 03:34:02 | 001,094,224 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Essentials\msseces.exe
PRC - [2010/03/25 20:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
PRC - [2010/01/15 06:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009/12/16 15:44:36 | 003,750,400 | ---- | M] (SafeNet Inc.) -- C:\WINDOWS\system32\hasplms.exe
PRC - [2009/12/13 02:25:38 | 000,065,536 | ---- | M] (New Boundary Technologies, Inc.) -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
PRC - [2009/10/14 13:32:46 | 009,085,760 | ---- | M] (Western Digital) -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
PRC - [2009/10/14 13:32:46 | 002,049,344 | ---- | M] (WDC) -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
PRC - [2009/10/14 13:31:02 | 000,098,304 | ---- | M] (WDC) -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
PRC - [2009/06/16 08:58:08 | 000,020,480 | ---- | M] (Memeo) -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
PRC - [2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/04/13 18:12:15 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\conime.exe
PRC - [2007/05/21 07:37:00 | 000,124,512 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
PRC - [2007/02/12 15:38:04 | 000,355,096 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2007/02/12 15:37:58 | 000,174,872 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2007/01/27 09:42:48 | 000,044,384 | ---- | M] (Antony Lewis) -- C:\Program Files\WordWeb\wweb32.exe
PRC - [2006/12/11 16:35:34 | 000,561,213 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2006/09/27 18:26:00 | 000,573,440 | ---- | M] (Motorola Inc.) -- C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
PRC - [2005/12/27 09:20:14 | 000,413,696 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe


========== Modules (SafeList) ==========

MOD - [2011/03/12 22:32:36 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Thai\My Documents\Downloads\OTL.exe
MOD - [2010/08/23 10:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2006/12/11 16:41:30 | 000,077,824 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\BtMmHook.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/03/25 20:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc)
SRV - [2010/01/15 06:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/12/16 15:44:36 | 003,750,400 | ---- | M] (SafeNet Inc.) [Auto | Running] -- C:\WINDOWS\System32\hasplms.exe -- (hasplms)
SRV - [2009/12/13 02:25:38 | 000,065,536 | ---- | M] (New Boundary Technologies, Inc.) [Auto | Running] -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS -- (PrismXL)
SRV - [2009/10/14 13:31:02 | 000,098,304 | ---- | M] (WDC) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe -- (WDDMService)
SRV - [2009/06/16 08:58:08 | 000,020,480 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe -- (WDSmartWareBackgroundService)
SRV - [2007/02/12 15:38:04 | 000,355,096 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®


========== Driver Services (SafeList) ==========

DRV - [2011/03/12 15:01:37 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{80055D4A-D55A-4C4A-AF3D-6066A76476C3}\MpKslb1b26dcf.sys -- (MpKslb1b26dcf)
DRV - [2010/11/09 13:56:12 | 000,098,392 | ---- | M] (Sunbelt Software) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\SBREDrv.sys -- (SBRE)
DRV - [2010/05/10 12:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Documents and Settings\Thai\Local Settings\Temp\SAS_SelfExtract\saskutil.sys -- (SASKUTIL)
DRV - [2010/02/17 12:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Documents and Settings\Thai\Local Settings\Temp\SAS_SelfExtract\sasdifsv.sys -- (SASDIFSV)
DRV - [2009/12/09 20:27:18 | 000,588,800 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\hardlock.sys -- (hardlock)
DRV - [2009/08/20 06:01:50 | 000,356,864 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\aksfridge.sys -- (aksfridge)
DRV - [2009/02/13 11:02:52 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2008/11/17 15:23:16 | 003,636,864 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw5x32.sys -- (NETw5x32) Intel®
DRV - [2007/12/14 11:21:56 | 000,290,816 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2006/11/28 13:50:16 | 000,863,402 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2006/11/28 13:48:10 | 000,047,907 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwhid.sys -- (btwhid)
DRV - [2006/10/15 13:02:18 | 000,329,901 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2006/10/15 13:01:54 | 000,149,123 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2006/10/09 21:00:24 | 000,030,459 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2006/09/27 18:26:00 | 000,893,952 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smserial.sys -- (smserial)
DRV - [2006/06/15 14:28:04 | 001,179,784 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2005/11/10 08:46:00 | 000,243,328 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2005/02/23 14:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2004/02/13 10:02:00 | 000,090,214 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbvm302.sys -- (ZSMC302)
DRV - [2002/10/01 13:43:32 | 000,119,798 | ---- | M] (SP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SPCA561.SYS -- (CA561) ICatch (VI)
DRV - [2001/08/17 07:57:26 | 000,012,160 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\fsvga.sys -- (FsVga)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/...UGO&form=ZGAPHP
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.9223.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..browser.startup.homepage: "http://www.bing.com/...GO&form=ZGAPHP"
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:3.5.11
FF - prefs.js..extensions.enabledItems: {195A3098-0BD5-4e90-AE22-BA1C540AFD1E}:2.9.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: [email protected]:3.2.5.2
FF - prefs.js..extensions.enabledItems: {88c7f2aa-f93f-432c-8f0e-b7d85967a527}:3.2.5.2
FF - prefs.js..extensions.enabledItems: [email protected]:1.2
FF - prefs.js..keyword.URL: "http://www.google.co...ient&gfns=1&q="

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/03/12 13:57:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/03/12 13:57:00 | 000,000,000 | ---D | M]

[2009/12/13 02:36:30 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Thai\Application Data\Mozilla\Extensions
[2011/03/12 03:33:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Thai\Application Data\Mozilla\Firefox\Profiles\3q3a1iqa.default\extensions
[2010/05/24 16:13:44 | 000,000,000 | ---D | M] ("Garmin Communicator") -- C:\Documents and Settings\Thai\Application Data\Mozilla\Firefox\Profiles\3q3a1iqa.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2009/12/14 14:50:37 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Thai\Application Data\Mozilla\Firefox\Profiles\3q3a1iqa.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/01/06 03:23:46 | 000,000,000 | ---D | M] (BitTorrentBar Community Toolbar) -- C:\Documents and Settings\Thai\Application Data\Mozilla\Firefox\Profiles\3q3a1iqa.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
[2011/01/06 03:23:46 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Documents and Settings\Thai\Application Data\Mozilla\Firefox\Profiles\3q3a1iqa.default\extensions\[email protected]
[2010/04/05 14:08:44 | 000,000,000 | ---D | M] ("Xmarks") -- C:\Documents and Settings\Thai\Application Data\Mozilla\Firefox\Profiles\3q3a1iqa.default\extensions\[email protected]
[2011/03/11 02:38:32 | 000,000,000 | ---D | M] (Search Toolbar) -- C:\Documents and Settings\Thai\Application Data\Mozilla\Firefox\Profiles\3q3a1iqa.default\extensions\[email protected]
[2011/03/11 02:38:33 | 000,001,919 | ---- | M] () -- C:\Documents and Settings\Thai\Application Data\Mozilla\Firefox\Profiles\3q3a1iqa.default\searchplugins\bing-zugo.xml
[2011/03/12 03:33:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/05/24 22:50:09 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/09/24 22:13:41 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/05/24 22:49:52 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2010/07/17 04:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2004/08/10 13:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\tbBitT.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\tbBitT.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (BitTorrentBar Toolbar) - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - C:\Program Files\BitTorrentBar\tbBitT.dll (Conduit Ltd.)
O4 - HKLM..\Run: [BigDogPath] File not found
O4 - HKLM..\Run: [EPSON Stylus CX6000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBIA.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IJNetworkScanUtility] C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE (CANON INC.)
O4 - HKLM..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\imekrmig.exe (Microsoft Corporation)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [MSSE] c:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
O4 - HKCU..\Run: [DW6] C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe (The Weather Channel Interactive, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NAC Assessment Agent.lnk = C:\Program Files\Enterasys Networks\NAC Agent\NacAgent.exe (Enterasys Networks, Inc)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WDDMStatus.lnk = C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe (WDC)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WDSmartWare.lnk = C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe (Western Digital)
O4 - Startup: C:\Documents and Settings\Thai\Start Menu\Programs\Startup\PPS.lnk = C:\Program Files\PPStream\PPStream.exe (PPStream Inc.)
O4 - Startup: C:\Documents and Settings\Thai\Start Menu\Programs\Startup\WordWeb Pro.lnk = C:\Program Files\WordWeb\wweb32.exe (Antony Lewis)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: kuaiche.com ([software] http in Trusted sites)
O15 - HKCU\..Trusted Domains: pps.tv ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: ppstream.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: webscache.com ([]http in Trusted sites)
O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} http://messenger.zon...S.cab109791.cab ()
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zon...1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 67.152.3.146 68.234.128.70
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Thai\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Thai\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/06/17 03:41:16 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{0b5a2b7a-ec3d-11de-b094-0018de70b65b}\Shell\AutoRun\command - "" = restore\restorestarter.exe
O33 - MountPoints2\{bac016e8-7417-11df-b1d7-0018de70b65b}\Shell - "" = AutoRun
O33 - MountPoints2\{bac016e8-7417-11df-b1d7-0018de70b65b}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{bac016e8-7417-11df-b1d7-0018de70b65b}\Shell\AutoRun\command - "" = "E:\WD SmartWare.exe" autoplay=true
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/03/12 14:10:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Thai\Application Data\SUPERAntiSpyware.com
[2011/03/12 14:10:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2011/03/12 04:22:00 | 000,098,392 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2011/03/12 04:22:00 | 000,027,984 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\sbbd.exe
[2011/03/12 04:21:41 | 000,000,000 | ---D | C] -- C:\VIPRERESCUE
[2011/03/12 01:52:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2011/03/11 03:20:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
[2011/03/11 02:38:29 | 000,000,000 | ---D | C] -- C:\Program Files\Search Toolbar
[2011/03/11 02:37:44 | 000,000,000 | ---D | C] -- C:\Program Files\Driver-Soft
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/03/12 15:27:42 | 000,002,106 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2011/03/12 15:06:38 | 000,000,408 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011/03/12 15:04:49 | 000,001,520 | ---- | M] () -- C:\WINDOWS\powerlist.ini
[2011/03/12 15:04:48 | 000,002,874 | ---- | M] () -- C:\WINDOWS\psnetwork.ini
[2011/03/12 15:04:46 | 000,002,304 | ---- | M] () -- C:\WINDOWS\powerplayer.ini
[2011/03/12 15:04:04 | 000,000,027 | ---- | M] () -- C:\WINDOWS\OOIIEProxy.ini
[2011/03/12 15:03:44 | 000,000,060 | ---- | M] () -- C:\WINDOWS\MediaList.ini
[2011/03/12 15:01:20 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/03/12 13:51:25 | 000,274,968 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/03/12 02:44:57 | 000,052,224 | ---- | M] () -- C:\Documents and Settings\Thai\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/03/11 02:38:23 | 000,000,095 | ---- | M] () -- C:\WINDOWS\PCDNSetting.ini
[2011/03/11 02:36:32 | 1073,741,824 | ---- | M] () -- C:\ppsds.pgf
[2011/03/10 23:01:37 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/03/10 01:41:12 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/02/28 22:06:02 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/02/26 17:53:44 | 004,141,822 | ---- | M] () -- C:\Documents and Settings\Thai\Desktop\Born this way.mp3
[2011/02/26 09:10:36 | 000,208,885 | ---- | M] () -- C:\Documents and Settings\Thai\Desktop\IMG_1650.JPG
[2011/02/26 09:07:55 | 000,178,529 | ---- | M] () -- C:\Documents and Settings\Thai\Desktop\IMG_1530.JPG
[2011/02/17 22:03:05 | 004,540,294 | ---- | M] () -- C:\Documents and Settings\Thai\Desktop\矜持王菲.mp3
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/03/03 02:49:48 | 002,192,680 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/02/26 17:52:35 | 004,141,822 | ---- | C] () -- C:\Documents and Settings\Thai\Desktop\Born this way.mp3
[2011/02/26 09:03:02 | 001,587,272 | ---- | C] () -- C:\Documents and Settings\Thai\Desktop\IMG_1552.JPG
[2011/02/26 09:03:02 | 001,335,564 | ---- | C] () -- C:\Documents and Settings\Thai\Desktop\IMG_1551.JPG
[2011/02/26 09:03:02 | 001,266,360 | ---- | C] () -- C:\Documents and Settings\Thai\Desktop\IMG_1550.JPG
[2011/02/26 09:03:02 | 000,208,885 | ---- | C] () -- C:\Documents and Settings\Thai\Desktop\IMG_1650.JPG
[2011/02/26 09:03:02 | 000,178,529 | ---- | C] () -- C:\Documents and Settings\Thai\Desktop\IMG_1530.JPG
[2011/02/26 09:03:01 | 001,816,276 | ---- | C] () -- C:\Documents and Settings\Thai\Desktop\IMG_1548.JPG
[2011/02/26 09:03:01 | 001,529,985 | ---- | C] () -- C:\Documents and Settings\Thai\Desktop\IMG_1549.JPG
[2011/01/08 11:01:37 | 000,000,027 | ---- | C] () -- C:\WINDOWS\OOIIEProxy.ini
[2010/11/26 11:02:38 | 000,815,104 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010/11/26 11:02:37 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010/11/23 23:21:19 | 000,000,065 | ---- | C] () -- C:\WINDOWS\minitab.ini
[2010/11/03 09:38:00 | 000,000,013 | ---- | C] () -- C:\WINDOWS\msgtn.ini
[2010/09/25 19:12:51 | 000,014,385 | ---- | C] () -- C:\WINDOWS\Tw561a.ini
[2010/09/25 19:12:50 | 000,000,081 | ---- | C] () -- C:\WINDOWS\Setup8a.ini
[2010/09/25 19:12:49 | 000,118,784 | ---- | C] () -- C:\WINDOWS\ShowBmp.exe
[2010/09/12 20:36:30 | 000,258,113 | ---- | C] () -- C:\WINDOWS\System32\MPLEX.DLL
[2010/09/12 20:35:30 | 000,049,152 | ---- | C] () -- C:\WINDOWS\amcap.exe
[2010/06/09 19:20:17 | 000,063,564 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/03/10 17:11:51 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Graphing Calculator Viewer.INI
[2010/03/08 14:15:39 | 000,000,095 | ---- | C] () -- C:\WINDOWS\PCDNSetting.ini
[2010/03/08 14:14:57 | 000,001,520 | ---- | C] () -- C:\WINDOWS\powerlist.ini
[2010/03/08 14:14:57 | 000,000,060 | ---- | C] () -- C:\WINDOWS\MediaList.ini
[2010/03/08 14:14:17 | 000,002,304 | ---- | C] () -- C:\WINDOWS\powerplayer.ini
[2010/03/08 14:14:13 | 000,002,874 | ---- | C] () -- C:\WINDOWS\psnetwork.ini
[2010/03/07 15:21:01 | 000,000,025 | ---- | C] () -- C:\WINDOWS\libem.INI
[2010/03/07 15:20:37 | 000,000,336 | ---- | C] () -- C:\WINDOWS\System32\secustat.dat
[2010/03/07 15:20:34 | 000,000,891 | ---- | C] () -- C:\WINDOWS\System32\secushr.dat
[2010/01/21 23:43:29 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009/12/22 00:47:39 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2009/12/22 00:47:38 | 000,073,220 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
[2009/12/22 00:47:38 | 000,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat
[2009/12/22 00:47:38 | 000,029,114 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
[2009/12/22 00:47:38 | 000,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat
[2009/12/22 00:47:38 | 000,021,021 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat
[2009/12/22 00:47:38 | 000,015,670 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat
[2009/12/22 00:47:38 | 000,013,280 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat
[2009/12/22 00:47:38 | 000,010,673 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat
[2009/12/22 00:47:38 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat
[2009/12/22 00:47:38 | 000,001,140 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat
[2009/12/22 00:47:38 | 000,001,140 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat
[2009/12/22 00:47:38 | 000,001,137 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat
[2009/12/22 00:47:38 | 000,001,130 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat
[2009/12/22 00:47:38 | 000,001,130 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat
[2009/12/22 00:47:38 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat
[2009/12/22 00:45:49 | 000,000,054 | ---- | C] () -- C:\WINDOWS\System32\EAL32.INI
[2009/12/22 00:44:31 | 000,000,044 | ---- | C] () -- C:\WINDOWS\EPCX6000.ini
[2009/12/18 19:20:27 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\Thai\Local Settings\Application Data\fusioncache.dat
[2009/12/15 12:39:18 | 000,052,224 | ---- | C] () -- C:\Documents and Settings\Thai\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/12/13 02:36:25 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/12/12 12:40:30 | 000,000,060 | ---- | C] () -- C:\WINDOWS\System32\SYSDRV.DAT
[2009/12/12 12:34:29 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2009/12/12 12:34:05 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2009/12/12 12:34:05 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2009/12/12 12:33:58 | 000,005,151 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2009/12/12 12:33:49 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2009/12/12 12:33:37 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2009/12/12 12:32:51 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2009/12/12 12:32:50 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2009/12/12 12:30:54 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2009/12/12 12:30:03 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2006/12/11 16:19:08 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2006/06/21 03:48:15 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/06/21 03:12:42 | 000,352,256 | ---- | C] () -- C:\WINDOWS\System32\HotlineClient.exe
[2006/06/17 03:44:22 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2006/06/17 03:37:18 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2006/06/17 03:24:58 | 000,000,376 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2006/06/17 03:24:57 | 000,000,445 | ---- | C] () -- C:\WINDOWS\System32\emver.ini
[2006/06/17 03:23:22 | 000,444,362 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006/06/17 03:23:22 | 000,072,238 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006/06/16 20:31:45 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2006/06/16 20:30:47 | 000,274,968 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005/08/05 22:01:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2001/11/14 12:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll

========== LOP Check ==========

[2010/03/15 21:31:02 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2011/03/12 14:06:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2010/10/25 19:53:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Minitab
[2010/11/10 11:51:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NAC Assessment Agent
[2010/08/17 08:50:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters Inc
[2010/06/29 22:21:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WD_SmartWareCommon
[2010/06/09 16:42:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Western Digital
[2010/05/24 16:49:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2010/01/20 00:55:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2010/03/07 20:53:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Thai\Application Data\BITS
[2011/03/11 16:44:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Thai\Application Data\BitTorrent
[2010/02/08 07:31:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Thai\Application Data\EPSON
[2010/06/04 13:59:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Thai\Application Data\Facebook
[2010/03/07 15:20:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Thai\Application Data\FlashGet
[2010/03/07 15:20:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Thai\Application Data\FlashGetBHO
[2010/03/08 10:29:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Thai\Application Data\FlashgetSetup
[2010/05/24 16:14:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Thai\Application Data\GARMIN
[2010/08/17 08:49:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Thai\Application Data\GetRightToGo
[2010/12/04 11:00:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Thai\Application Data\GlarySoft
[2009/12/22 00:51:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Thai\Application Data\Leadertech
[2011/03/10 23:28:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Thai\Application Data\PPStream
[2011/03/02 23:03:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Thai\Application Data\PriceGong
[2010/06/09 16:42:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Thai\Application Data\Western Digital
[2010/02/20 01:00:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Thai\Application Data\WordWeb
[2011/03/12 15:06:38 | 000,000,408 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job

========== Purity Check ==========



< End of report >
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Forum
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP