Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Patched.CJ

Started by LemonWho , Mar 14 2011 09:59 PM

  • Please log in to reply

#1
LemonWho
Posted 14 March 2011 - 09:59 PM

LemonWho

    New Member

  • Member
  • Pip
  • 1 posts
Hi,

I'm using AVG Free 8.5 and it told me I have a Patched.CJ virus. I would give more information, but that's all I remember - I closed AVG after it said that and now I can't find mention of it again in AVG. But it did say "atapi" in there somewhere. Sorry. :S

I know there are topics on this virus already but I read through them and the people helping said the instructions were specific to the person being helped and not to use them, even if your problems were the same.

I'm not sure how I got this virus as I haven't used this computer in ages.

Any help with this would be greatly appreciated.

I downloaded OTL and it gave me this log:

OTL logfile created on: 2011-03-14 23:35:26 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Fiona\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000C0C | Country: Canada | Language: FRC | Date Format: yyyy-MM-dd

1 012,00 Mb Total Physical Memory | 250,00 Mb Available Physical Memory | 25,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 72,00% Paging File free
Paging file location(s): C:\pagefile.sys 1512 3024 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 144,17 Gb Total Space | 132,56 Gb Free Space | 91,95% Space Free | Partition Type: NTFS

Computer Name: FIONACOOKE | User Name: Fiona | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011-03-14 23:25:53 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Fiona\Desktop\OTL.scr
PRC - [2010-10-17 23:58:43 | 000,693,016 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgcsrvx.exe
PRC - [2010-10-17 23:58:35 | 002,048,352 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgtray.exe
PRC - [2010-03-31 16:32:02 | 000,307,672 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009-09-17 13:40:06 | 000,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe
PRC - [2009-09-17 13:39:54 | 000,595,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgnsx.exe
PRC - [2009-09-17 13:39:47 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe
PRC - [2009-09-17 13:39:43 | 000,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe
PRC - [2009-06-13 22:42:52 | 000,386,480 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jucheck.exe
PRC - [2009-04-23 06:48:56 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2009-04-23 06:48:54 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2008-06-04 21:10:02 | 000,114,688 | ---- | M] (InterVideo Inc.) -- C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
PRC - [2008-04-14 23:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007-01-04 22:48:52 | 000,112,152 | R--- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe


========== Modules (SafeList) ==========

MOD - [2011-03-14 23:25:53 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Fiona\Desktop\OTL.scr
MOD - [2008-04-14 23:00:00 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2009-09-17 13:39:47 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd)
SRV - [2009-09-17 13:39:43 | 000,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG8\avgemc.exe -- (avg8emc)
SRV - [2007-01-04 22:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)


========== Driver Services (SafeList) ==========

DRV - [2009-09-17 13:40:07 | 000,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2009-09-17 13:40:05 | 000,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2009-06-13 22:25:45 | 000,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2008-08-07 06:14:56 | 000,111,360 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2008-07-07 21:16:26 | 000,096,856 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\jmcr.sys -- (JMCR)
DRV - [2008-05-20 20:31:26 | 001,312,576 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\athw.sys -- (AR5416)
DRV - [2008-05-20 05:53:00 | 004,800,000 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007-10-01 14:59:46 | 001,769,984 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2007-01-31 13:45:06 | 000,127,376 | ---- | M] (Deterministic Networks, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\dne2000.sys -- (DNE)
DRV - [2007-01-18 14:28:02 | 000,005,275 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CVirtA.sys -- (CVirtA)
DRV - [2005-01-13 14:46:16 | 000,069,632 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Acer\Empowering Technology\eRecovery\int15.sys -- (int15.sys)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...d=0609&m=aoa150
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer...d=0609&m=aoa150

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...d=0609&m=aoa150
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer...d=0609&m=aoa150
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: [email protected]:1.0

FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG8\Firefox [2009-12-21 15:51:30 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-03-31 16:32:11 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-03-31 16:32:11 | 000,000,000 | ---D | M]

[2009-06-13 22:17:52 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Fiona\Application Data\Mozilla\Extensions
[2011-03-14 23:03:22 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Fiona\Application Data\Mozilla\Firefox\Profiles\itqhk8iu.default\extensions
[2009-09-20 10:36:43 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Fiona\Application Data\Mozilla\Firefox\Profiles\itqhk8iu.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011-03-14 23:03:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2009-06-13 22:42:52 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2009-09-17 13:44:18 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
[2009-09-17 13:44:18 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
[2009-09-17 13:44:18 | 000,000,748 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\MediaDICO-fr.xml
[2009-09-17 13:44:18 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2009-09-17 13:44:18 | 000,000,652 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2008-04-14 23:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found.
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [AzMixerSel] C:\Program Files\Realtek\Audio\InstallShield\AzMixerSel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe (Acer Inc.)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [LaunchApp] C:\WINDOWS\Alaunch.exe (Acer Inc.)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE (Dritek System Inc.)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PLFSetL] C:\WINDOWS\PLFSetL.exe (sonix)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe (InterVideo Inc.)
O4 - Startup: C:\Documents and Settings\Fiona\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop WallPaper: C:\Documents and Settings\Fiona\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Fiona\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008-08-15 13:37:44 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{2111c8a3-f8f2-11de-9415-00234e746b7a}\Shell - "" = AutoRun
O33 - MountPoints2\{2111c8a3-f8f2-11de-9415-00234e746b7a}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{2111c8a3-f8f2-11de-9415-00234e746b7a}\Shell\AutoRun\command - "" = D:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011-03-14 23:25:53 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Fiona\Desktop\OTL.scr
[2011-03-14 23:24:00 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Fiona\Desktop\OTL.com
[2011-03-14 23:02:05 | 037,027,915 | ---- | C] (spydig.com, Inc. ) -- C:\Documents and Settings\Fiona\Desktop\Spydig_Setup.exe
[2011-03-14 22:58:09 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011-03-14 22:14:46 | 002,228,534 | ---- | C] ( ) -- C:\Documents and Settings\Fiona\My Documents\audacity-win-1.2.6.exe
[2011-03-14 22:03:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2010-02-20 17:08:55 | 086,394,656 | ---- | C] (AVG Technologies) -- C:\Program Files\avg_free_stf_eu_90_730a1834.exe
[2009-06-13 22:04:59 | 000,016,384 | ---- | C] ( ) -- C:\WINDOWS\System32\ClearEvent.exe
[2007-04-02 00:40:54 | 000,172,032 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnp2uvc.dll
[2005-11-22 19:55:32 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp2uvc.dll
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011-03-14 23:28:25 | 001,006,747 | ---- | M] () -- C:\Documents and Settings\Fiona\Desktop\rkill.com
[2011-03-14 23:25:53 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Fiona\Desktop\OTL.scr
[2011-03-14 23:24:01 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Fiona\Desktop\OTL.com
[2011-03-14 23:21:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 3).job
[2011-03-14 23:16:01 | 000,001,054 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011-03-14 23:07:54 | 004,281,003 | ---- | M] () -- C:\Documents and Settings\Fiona\Desktop\ComboFix(2).exe
[2011-03-14 23:04:56 | 037,027,915 | ---- | M] (spydig.com, Inc. ) -- C:\Documents and Settings\Fiona\Desktop\Spydig_Setup.exe
[2011-03-14 22:56:45 | 004,286,894 | ---- | M] () -- C:\Documents and Settings\Fiona\Desktop\ComboFix.exe
[2011-03-14 22:14:47 | 002,228,534 | ---- | M] ( ) -- C:\Documents and Settings\Fiona\My Documents\audacity-win-1.2.6.exe
[2011-03-14 22:07:26 | 000,001,594 | ---- | M] () -- C:\WINDOWS\VPNUnInstall.MIF
[2011-03-14 22:05:49 | 000,443,034 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011-03-14 22:05:49 | 000,072,134 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011-03-14 22:00:32 | 000,001,050 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011-03-14 22:00:25 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011-03-14 22:00:23 | 1061,105,664 | -HS- | M] () -- C:\hiberfil.sys
[2011-03-14 21:57:23 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011-03-14 21:54:08 | 072,473,215 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2011-03-14 21:49:34 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011-03-14 23:28:24 | 001,006,747 | ---- | C] () -- C:\Documents and Settings\Fiona\Desktop\rkill.com
[2011-03-14 23:07:26 | 004,281,003 | ---- | C] () -- C:\Documents and Settings\Fiona\Desktop\ComboFix(2).exe
[2011-03-14 22:56:34 | 004,286,894 | ---- | C] () -- C:\Documents and Settings\Fiona\Desktop\ComboFix.exe
[2011-03-14 22:06:11 | 000,001,594 | ---- | C] () -- C:\WINDOWS\VPNUnInstall.MIF
[2010-02-18 11:41:45 | 000,015,031 | ---- | C] () -- C:\WINDOWS\_000008_.tmp.dll
[2010-02-18 11:41:45 | 000,010,795 | ---- | C] () -- C:\WINDOWS\_000005_.tmp.dll
[2010-02-18 11:41:45 | 000,007,391 | ---- | C] () -- C:\WINDOWS\_000004_.tmp.dll
[2010-02-18 11:41:43 | 000,014,051 | ---- | C] () -- C:\WINDOWS\_000009_.tmp.dll
[2010-01-16 00:06:07 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\11478.exe
[2010-01-15 23:46:07 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\15724.exe
[2010-01-15 23:26:07 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\19169.exe
[2010-01-15 23:06:06 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\26500.exe
[2010-01-15 22:46:05 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\6334.exe
[2010-01-15 22:26:04 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\18467.exe
[2009-09-03 14:10:28 | 000,008,192 | ---- | C] () -- C:\Documents and Settings\Fiona\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-06-13 22:17:53 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2008-08-15 16:38:12 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008-08-15 16:37:42 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2008-08-15 15:59:22 | 000,443,034 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2008-08-15 15:59:22 | 000,072,134 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2008-08-15 15:55:04 | 000,267,008 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008-08-15 13:37:26 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008-08-15 13:35:34 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008-07-30 22:37:26 | 000,006,782 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2008-06-06 10:08:56 | 000,000,164 | ---- | C] () -- C:\WINDOWS\System32\drivers\SamSfPa.dat
[2008-05-16 04:12:30 | 000,000,036 | ---- | C] () -- C:\WINDOWS\PidList.ini
[2008-04-14 23:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2008-04-14 23:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2008-04-14 23:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2008-04-14 23:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2008-04-14 23:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2008-04-14 23:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2008-04-14 23:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2008-04-14 23:00:00 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2008-04-14 23:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2008-02-15 01:21:56 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4926.dll
[2007-10-01 02:59:46 | 001,769,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\snp2uvc.sys
[2007-07-13 02:11:56 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\drivers\rtkhdaud.dat
[2007-05-09 03:16:40 | 000,028,160 | ---- | C] () -- C:\WINDOWS\System32\drivers\sncduvc.sys
[2006-08-01 03:02:32 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2005-06-26 17:29:50 | 000,000,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTEQEX0.dat
[2005-06-26 17:29:28 | 000,000,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTEQEX1.dat
[2005-03-28 18:45:26 | 000,000,153 | ---- | C] () -- C:\WINDOWS\ALaunch.ini
[2002-11-22 05:57:26 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2002-11-22 05:57:26 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2002-11-22 05:57:26 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2002-11-22 05:57:26 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2002-11-22 05:57:26 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2002-11-22 05:57:24 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2002-05-24 19:34:46 | 000,032,768 | ---- | C] () -- C:\WINDOWS\AMove.exe
[2001-08-26 20:04:08 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001-08-26 20:02:42 | 000,004,524 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat

========== LOP Check ==========

[2010-01-27 22:31:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RegCure
[2010-01-18 14:59:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009-09-03 14:10:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fiona\Application Data\InterVideo
[2009-06-13 22:45:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fiona\Application Data\OpenOffice.org
[2010-03-31 11:21:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Daily 1).job
[2010-03-27 17:21:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Daily 2).job
[2011-03-14 23:21:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Daily 3).job
[2010-02-05 06:21:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Daily 4).job
[2010-01-23 12:21:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8
@Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2

< End of report >
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP