Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Internet Explorer Randomly Opening, new programs not working

Started by moonyboy99 , Apr 16 2011 03:50 AM

  • Please log in to reply

#1
moonyboy99
Posted 16 April 2011 - 03:50 AM

moonyboy99

    New Member

  • Member
  • Pip
  • 1 posts
Hi Guys,

Basically what it says in the topic, randomly one day on bootup my PC launched 7 IE windows, for no reason, i thought nothing off it, and carried on, later i went out and left the PC on and came back to another 7.

I got supicious and ran full scans of Malware Antibytes and Super Anti Spyware, which normally clear all my issues (in safe mode).

However the web pop ups still happen in safe mode!!

And now I am completely lost as to what to do :D

Furthermore, i DL'd Skype yesterday and it had trouble installing and now won't run, and that seems to be the way with most files i've tried DL'ing since then, any help would be greatley appreciated.


I have attached the OTL logfile as requested

OTL logfile created on: 16/04/2011 10:44:07 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Will\DLs
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19048)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 29.00% Memory free
6.00 Gb Paging File | 4.00 Gb Available in Paging File | 65.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 589.33 Gb Total Space | 138.41 Gb Free Space | 23.49% Space Free | Partition Type: NTFS
Drive E: | 426.68 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: WILL-PC | User Name: Will | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/04/16 10:43:51 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Will\DLs\OTL.exe
PRC - [2011/03/28 15:41:12 | 001,242,504 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
PRC - [2010/10/30 18:08:22 | 000,232,912 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10k_ActiveX.exe
PRC - [2010/10/03 23:43:16 | 001,266,920 | ---- | M] (Trusteer Ltd.) -- C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
PRC - [2010/10/03 23:43:16 | 000,767,208 | ---- | M] (Trusteer Ltd.) -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
PRC - [2008/11/05 14:18:30 | 000,064,880 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe
PRC - [2008/11/05 14:18:04 | 001,132,912 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Windows OneCare Live\winss.exe
PRC - [2008/11/05 14:16:44 | 000,025,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Windows OneCare Live\OcHealthMon.exe
PRC - [2008/10/29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/07/09 17:05:22 | 000,018,704 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exe
PRC - [2008/04/17 04:50:00 | 006,111,232 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007/11/27 22:45:02 | 000,869,952 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Windows OneCare Live\Firewall\msfwsvc.exe
PRC - [2007/07/10 10:13:48 | 000,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\ACFXAU32.exe


========== Modules (SafeList) ==========

MOD - [2011/04/16 10:43:51 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Will\DLs\OTL.exe
MOD - [2010/10/03 23:43:42 | 000,431,336 | ---- | M] (Trusteer Ltd.) -- C:\Program Files\Trusteer\Rapport\bin\rooksbas.dll
MOD - [2010/08/31 16:39:57 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/04/16 07:33:32 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/03/28 15:41:12 | 001,242,504 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2011/03/01 18:29:58 | 000,130,976 | ---- | M] (Futuremark Corporation) [On_Demand | Stopped] -- C:\Program Files\Futuremark\Futuremark SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service)
SRV - [2010/10/03 23:43:16 | 000,767,208 | ---- | M] (Trusteer Ltd.) [Auto | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe -- (RapportMgmtService)
SRV - [2008/11/05 14:18:04 | 001,132,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Windows OneCare Live\winss.exe -- (winss)
SRV - [2008/11/05 14:16:44 | 000,025,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Windows OneCare Live\OcHealthMon.exe -- (OcHealthMon)
SRV - [2008/07/09 17:05:22 | 000,018,704 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exe -- (OneCareMP)
SRV - [2008/01/21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/11/27 22:45:02 | 000,869,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Windows OneCare Live\Firewall\msfwsvc.exe -- (msfwsvc)
SRV - [2007/07/10 10:13:48 | 000,386,560 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\System32\drivers\ACFXAU32.exe -- (XAudioService)


========== Driver Services (SafeList) ==========

DRV - [2011/04/13 19:29:42 | 000,057,144 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\25973\RapportCerberus_25973.sys -- (RapportCerberus_25973)
DRV - [2010/10/03 23:43:44 | 000,169,320 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys -- (RapportPG)
DRV - [2010/10/03 23:43:44 | 000,059,240 | ---- | M] (Trusteer Ltd.) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\RapportKELL.sys -- (RapportKELL)
DRV - [2010/05/10 19:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/02/17 19:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2010/02/03 15:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2009/09/07 15:55:58 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - [2009/09/07 15:55:58 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - [2009/09/07 15:55:58 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - [2009/09/07 15:55:58 | 000,007,168 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\massfilter.sys -- (massfilter)
DRV - [2008/09/08 17:03:40 | 000,945,920 | ---- | M] (NXP Semiconductors Germany GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\3xHybrid.sys -- (3xHybrid)
DRV - [2008/08/24 12:11:00 | 007,373,568 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008/07/10 02:49:14 | 000,242,712 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\RsFx0102.sys -- (RsFx0102)
DRV - [2008/01/25 09:46:40 | 000,106,496 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008/01/21 03:23:26 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\irsir.sys -- (irsir)
DRV - [2007/11/27 22:45:00 | 000,091,200 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\msfwdrv.sys -- (MSFWDrv)
DRV - [2007/11/27 22:44:54 | 000,037,440 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\msfwhlpr.sys -- (MSFWHLPR)
DRV - [2007/11/14 11:30:16 | 000,029,856 | ---- | M] (Exent Technologies Ltd.) [Kernel | Auto | Running] -- C:\Program Files\Metaboli Player\X4HSX32Ex.sys -- (X4HSX32Ex)
DRV - [2007/07/10 10:13:38 | 000,028,800 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ACFDCP32.sys -- (dgcfltr)
DRV - [2007/07/10 10:13:32 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\ACFXAU32.sys -- (XAudio)
DRV - [2007/06/29 12:39:46 | 000,086,656 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ACFVA32.sys -- (acfva)
DRV - [2007/03/15 11:52:34 | 000,012,672 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\ACFSDK32.sys -- (mdmxsdk)
DRV - [2005/01/19 11:14:38 | 000,211,712 | ---- | M] (Labtec Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LV561AV.SYS -- (PID_0928) Labtec WebCam(PID_0928)
DRV - [2005/01/19 11:11:16 | 000,022,016 | ---- | M] (Labtec Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LVUSBSta.sys -- (LVUSBSta)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local



O1 HOSTS File: ([2006/09/18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Veoh Video Compass) - {52836EB0-631A-47B1-94A6-61F9D9112DAE} - C:\Program Files\Veoh Networks\Veoh Video Compass\SearchRecsPlugin.dll (Veoh Networks)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found.
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [OneCareUI] C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe (Microsoft Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Steam] C:\Program Files\Steam\steam.exe (Valve Corporation)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe ()
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} http://content.syste...ri_4.1.71.0.cab (SysInfo Class)
O16 - DPF: {6678BE91-1E04-4A4A-9C32-63145EA79C2A} http://fifa-online.e...3AXLauncher.cab (EAFO3AXLauncher Control)
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class)
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2....re/HPDEXAXO.cab (HP Download Manager)
O16 - DPF: {80AEEC0E-A2BE-4B8D-985F-350FE869DC40} http://h20264.www2.h...osticsVista.cab (HPDDClientExec Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} http://clients.futur...deploy/FMSI.cab (FuturemarkSystemInfoX Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} http://content.syste...ri_4.4.21.0.cab (SysInfo Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Program Files\iuvdacqv\qbnpkcam.exe) - C:\Program Files\iuvdacqv\qbnpkcam.exe File not found
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2003/04/06 05:33:26 | 000,020,369 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{456e0047-38ab-11df-98e7-001fe20c9cca}\Shell - "" = AutoRun
O33 - MountPoints2\{456e0047-38ab-11df-98e7-001fe20c9cca}\Shell\AutoRun\command - "" = D:\VersionControl.exe
O33 - MountPoints2\{cd41a66a-8fd0-11dd-b199-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{cd41a66a-8fd0-11dd-b199-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Setup.exe -- [2003/03/05 12:52:16 | 000,602,112 | R--- | M] (Hewlett-Packard)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKCU\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/04/16 10:32:08 | 000,000,000 | ---D | C] -- C:\FSDownloader
[2011/04/16 10:30:27 | 000,000,000 | ---D | C] -- C:\Program Files\Baseball
[2011/04/16 10:30:10 | 000,000,000 | ---D | C] -- C:\Users\Will\AppData\Local\PMB Files
[2011/04/16 10:30:09 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2011/04/16 10:30:00 | 000,000,000 | ---D | C] -- C:\Program Files\Pando Networks
[2011/04/16 10:28:50 | 000,000,000 | ---D | C] -- C:\Users\Will\DLs
[2011/04/15 22:51:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2011/04/15 22:51:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011/04/15 18:49:53 | 000,000,000 | ---D | C] -- C:\Users\Will\AppData\Roaming\skypePM
[2011/04/15 18:49:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype Extras
[2011/04/15 18:48:44 | 000,000,000 | ---D | C] -- C:\Users\Will\AppData\Roaming\Skype
[2011/04/15 18:43:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011/04/15 18:43:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2011/04/15 18:43:40 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2011/04/15 18:17:35 | 001,029,000 | ---- | C] (Skype Technologies S.A.) -- C:\Users\Will\Desktop\SkypeSetup.exe
[2011/04/15 18:11:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2011/04/14 18:02:26 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2011/04/14 06:31:10 | 000,000,000 | ---D | C] -- C:\Program Files\iuvdacqv
[2011/04/02 15:23:26 | 000,000,000 | ---D | C] -- C:\ProgramData\oJb06511fNkNh06511
[2011/03/31 20:55:47 | 000,000,000 | ---D | C] -- C:\Program Files\Futuremark
[2011/03/30 06:47:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2011/03/30 06:47:40 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Hamachi
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/04/16 10:33:14 | 000,000,735 | ---- | M] () -- C:\Users\Will\Desktop\FS_Installer.exe - Shortcut.lnk
[2011/04/16 10:31:06 | 000,002,337 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2011/04/16 10:30:48 | 000,000,870 | ---- | M] () -- C:\Users\Will\Desktop\Resume Download of MLB Dugout Heroes.url
[2011/04/16 10:02:00 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3031861344-592495807-314425187-1000UA.job
[2011/04/16 09:28:34 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/04/16 09:28:34 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/04/16 08:26:33 | 000,293,019 | ---- | M] () -- C:\Users\Will\Desktop\gmer.zip
[2011/04/16 08:23:32 | 000,625,664 | ---- | M] () -- C:\Users\Will\Desktop\dds.scr
[2011/04/16 07:38:48 | 000,674,072 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/04/16 07:38:48 | 000,132,670 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/04/16 07:31:50 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/04/16 07:31:44 | 3219,316,736 | -HS- | M] () -- C:\hiberfil.sys
[2011/04/16 07:26:06 | 000,174,955 | ---- | M] () -- C:\Windows\Explorermgr.exe
[2011/04/16 07:02:00 | 000,000,850 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3031861344-592495807-314425187-1000Core.job
[2011/04/16 06:38:39 | 000,246,368 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/04/15 22:43:02 | 000,174,955 | ---- | M] () -- C:\Windows\System32\MsiExecmgr.exe
[2011/04/15 18:50:03 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat
[2011/04/15 18:17:39 | 001,029,000 | ---- | M] (Skype Technologies S.A.) -- C:\Users\Will\Desktop\SkypeSetup.exe
[2011/04/13 18:56:18 | 000,008,268 | ---- | M] () -- C:\Users\Will\AppData\Local\d3d9caps.dat
[2011/04/13 18:35:21 | 000,214,528 | ---- | M] () -- C:\Users\Will\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/06 06:52:42 | 000,011,336 | -HS- | M] () -- C:\Users\Will\AppData\Local\3lhqy33xpt11p
[2011/04/06 06:52:42 | 000,011,336 | -HS- | M] () -- C:\ProgramData\3lhqy33xpt11p
[2011/03/29 19:28:39 | 000,000,988 | ---- | M] () -- C:\Users\Will\Desktop\WILLSTAX.tac
[2011/03/26 09:02:48 | 000,002,078 | ---- | M] () -- C:\Users\Will\Desktop\Google Chrome.lnk
[2011/03/26 09:02:48 | 000,002,040 | ---- | M] () -- C:\Users\Will\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/03/22 21:42:26 | 002,861,578 | ---- | M] () -- C:\Users\Will\Desktop\CERTIFICATE.jpg
[2011/03/20 17:07:56 | 000,301,568 | ---- | M] () -- C:\Users\Will\Desktop\gmer.exe
[2011/03/17 18:15:19 | 000,137,498 | ---- | M] () -- C:\Users\Will\Desktop\Balfour.jpg
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/04/16 10:33:14 | 000,000,735 | ---- | C] () -- C:\Users\Will\Desktop\FS_Installer.exe - Shortcut.lnk
[2011/04/16 10:30:48 | 000,000,870 | ---- | C] () -- C:\Users\Will\Desktop\Resume Download of MLB Dugout Heroes.url
[2011/04/16 08:26:50 | 000,301,568 | ---- | C] () -- C:\Users\Will\Desktop\gmer.exe
[2011/04/16 08:26:31 | 000,293,019 | ---- | C] () -- C:\Users\Will\Desktop\gmer.zip
[2011/04/16 08:23:17 | 000,625,664 | ---- | C] () -- C:\Users\Will\Desktop\dds.scr
[2011/04/16 07:31:44 | 3219,316,736 | -HS- | C] () -- C:\hiberfil.sys
[2011/04/16 07:26:06 | 000,174,955 | ---- | C] () -- C:\Windows\Explorermgr.exe
[2011/04/15 22:41:06 | 000,174,955 | ---- | C] () -- C:\Windows\System32\MsiExecmgr.exe
[2011/04/15 18:50:03 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/04/15 18:43:45 | 000,002,337 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2011/04/06 06:51:05 | 000,011,336 | -HS- | C] () -- C:\Users\Will\AppData\Local\3lhqy33xpt11p
[2011/04/06 06:51:05 | 000,011,336 | -HS- | C] () -- C:\ProgramData\3lhqy33xpt11p
[2011/03/29 19:28:39 | 000,000,988 | ---- | C] () -- C:\Users\Will\Desktop\WILLSTAX.tac
[2011/03/29 18:57:51 | 000,009,644 | ---- | C] () -- C:\Users\Will\Desktop\ZAPGRAB2.zip
[2011/03/22 21:43:16 | 002,861,578 | ---- | C] () -- C:\Users\Will\Desktop\CERTIFICATE.jpg
[2011/03/17 18:15:19 | 000,137,498 | ---- | C] () -- C:\Users\Will\Desktop\Balfour.jpg
[2011/03/15 21:40:12 | 000,013,432 | -HS- | C] () -- C:\Users\Will\AppData\Local\352723942
[2011/03/15 21:40:12 | 000,013,432 | -HS- | C] () -- C:\ProgramData\352723942
[2011/03/10 15:12:19 | 000,000,235 | ---- | C] () -- C:\Users\Will\AppData\Roaming\devices.xml
[2011/03/10 15:12:19 | 000,000,012 | ---- | C] () -- C:\Users\Will\AppData\Roaming\settings.xml
[2011/03/10 14:56:46 | 000,016,622 | ---- | C] () -- C:\Windows\hpomdl01.dat
[2011/02/26 02:23:00 | 000,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2011/01/28 17:21:26 | 002,434,856 | ---- | C] () -- C:\Windows\System32\pbsvc_bc2.exe
[2011/01/26 19:41:04 | 000,000,286 | ---- | C] () -- C:\Windows\reimage.ini
[2010/12/20 19:08:40 | 000,000,262 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2010/10/14 02:36:44 | 000,179,263 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2010/06/10 15:46:30 | 000,000,118 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2010/02/16 20:17:29 | 000,010,094 | -HS- | C] () -- C:\Users\Will\AppData\Local\qKbiKFB76
[2010/02/10 19:10:03 | 000,000,120 | ---- | C] () -- C:\Users\Will\AppData\Local\Lgajow.dat
[2010/02/10 19:10:03 | 000,000,000 | ---- | C] () -- C:\Users\Will\AppData\Local\Gvakutewotevig.bin
[2010/01/26 21:28:56 | 001,228,854 | ---- | C] () -- C:\ProgramData\OrbError.bmp
[2009/05/11 17:19:17 | 000,000,040 | ---- | C] () -- C:\Windows\ujf635.bin
[2009/04/05 21:04:01 | 000,008,268 | ---- | C] () -- C:\Users\Will\AppData\Local\d3d9caps.dat
[2008/10/24 22:53:15 | 000,794,408 | ---- | C] () -- C:\Windows\System32\pbsvc.exe
[2008/10/15 20:19:37 | 000,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2008/10/07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2008/10/04 19:18:20 | 000,138,416 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2008/10/04 19:18:20 | 000,138,056 | ---- | C] () -- C:\Users\Will\AppData\Roaming\PnkBstrK.sys
[2008/10/04 19:18:06 | 000,270,904 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2008/10/04 19:18:05 | 000,075,136 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2008/10/04 19:18:01 | 000,000,319 | ---- | C] () -- C:\Windows\game.ini
[2008/10/01 17:37:39 | 000,214,528 | ---- | C] () -- C:\Users\Will\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/10/01 17:18:57 | 000,000,068 | ---- | C] () -- C:\Windows\GPlrLanc.dat
[2008/09/09 00:08:58 | 000,009,760 | ---- | C] () -- C:\Windows\System32\34CoInstaller.dll
[2008/09/08 23:56:32 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2008/09/08 23:56:32 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/09/08 17:19:13 | 000,001,324 | ---- | C] () -- C:\Windows\TVP3XDrv.ini
[2008/06/05 08:58:26 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2006/11/02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 13:47:37 | 000,246,368 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 11:33:01 | 000,674,072 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 11:33:01 | 000,132,670 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/08/16 15:13:34 | 001,382,280 | ---- | C] () -- C:\Windows\System32\fftw3.dll
[2005/01/19 09:30:54 | 000,009,255 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2003/04/06 05:33:26 | 000,020,475 | ---- | C] () -- C:\Windows\hpoins01.dat

========== LOP Check ==========

[2008/11/14 18:34:27 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\avidemux
[2010/03/25 18:55:47 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\Birdstep Technology
[2010/09/02 15:52:56 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\Cuvily
[2010/07/01 14:01:09 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\Doyco
[2009/10/22 21:37:39 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\EA
[2010/09/10 21:27:06 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\GetRightToGo
[2008/11/15 14:04:38 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\gtk-2.0
[2010/09/02 15:04:47 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\Itivk
[2009/07/22 14:02:02 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\Leadertech
[2010/02/25 20:24:10 | 000,000,000 | -HSD | M] -- C:\Users\Will\AppData\Roaming\lowsec
[2010/10/06 14:13:24 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\MSA
[2011/03/03 12:18:11 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\OpenCandy
[2009/03/19 16:35:05 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\OpenOffice.org
[2009/12/16 17:38:29 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\PMS
[2009/12/16 17:37:25 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\Red Kawa
[2011/03/03 14:17:07 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\Sports Interactive
[2011/04/09 19:31:09 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\Spotify
[2011/01/05 18:13:33 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\The Creative Assembly
[2010/03/22 11:01:04 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\Trusteer
[2010/07/01 10:03:15 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\Ukbe
[2010/09/10 21:30:13 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\United Football
[2011/04/01 21:06:18 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\uTorrent
[2011/04/15 22:08:33 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\Uvop
[2008/10/01 20:35:15 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\Windows Live Writer
[2011/03/15 17:17:18 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\Yneko
[2011/04/16 07:22:58 | 000,032,622 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 55838 bytes -> C:\ProgramData\Sports Interactive:$ES_DESCRIPTOR_MVPUV1PKSVXJKX69UK1CWPP0DTVNYKM1UVXPJCEPP4DMJ3K1XYE7LRJEM53EPPJCFPLP45168LPSB5PL0EM6REGXHCTVVVVVVVVVVVVV

< End of report >
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP