Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Hi jack by Adfarm Mediaplex

Started by Canelly , Apr 19 2011 04:27 AM

  • Please log in to reply

#1
Canelly
Posted 19 April 2011 - 04:27 AM

Canelly

    New Member

  • Member
  • Pip
  • 1 posts
When i click on usually the first result of a web search i appear to get re directed to a blank page and the tab at the top says "Adfarm Mediaplex" followed by loads of numbers. I1ve tried "cleaning" with the usual tools including my paid for Kaspersky but its still there.Sometimes the words "double click" appears in the tab !!!!

Regards


Paul


OTL logfile created on: 19/04/2011 10:44:39 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Paul\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 48.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 71.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 24.41 Gb Total Space | 2.63 Gb Free Space | 10.79% Space Free | Partition Type: NTFS
Drive D: | 124.56 Gb Total Space | 83.18 Gb Free Space | 66.78% Space Free | Partition Type: NTFS
Drive G: | 1.86 Gb Total Space | 1.68 Gb Free Space | 90.26% Space Free | Partition Type: FAT

Computer Name: PAUL-PC | User Name: Paul | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/04/19 10:41:04 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Paul\Desktop\OTL.exe
PRC - [2011/04/11 14:34:02 | 001,190,168 | ---- | M] (Lavasoft Limited) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2011/04/11 14:33:54 | 001,753,048 | ---- | M] (Lavasoft Limited) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2010/11/02 22:06:06 | 000,365,336 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
PRC - [2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/07/14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/07/14 02:14:12 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
PRC - [2007/01/11 05:02:00 | 000,113,664 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE


========== Modules (SafeList) ==========

MOD - [2011/04/19 10:41:04 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Paul\Desktop\OTL.exe
MOD - [2010/08/21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/04/11 14:33:54 | 001,753,048 | ---- | M] (Lavasoft Limited) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2010/11/02 22:06:06 | 000,365,336 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe -- (AVP)
SRV - [2010/06/24 16:15:57 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/01/11 05:02:00 | 000,113,664 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE -- (EPSON_PM_RPCV4_01) EPSON V3 Service4(01)
SRV - [2005/09/19 16:24:00 | 000,856,064 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxMediaDB.exe -- (RoxMediaDB)


========== Driver Services (SafeList) ==========

DRV - [2011/04/01 08:22:02 | 000,064,512 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2011/04/01 08:22:01 | 000,015,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\kernexplorer.sys -- (Lavasoft Kernexplorer)
DRV - [2010/10/01 10:37:42 | 000,488,536 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\System32\drivers\klif.sys -- (KLIF)
DRV - [2010/06/09 16:43:52 | 000,011,352 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\kl2.sys -- (kl2)
DRV - [2010/06/09 16:43:50 | 000,132,184 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\kl1.sys -- (kl1)
DRV - [2010/05/10 19:41:32 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- G:\New folder\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/04/22 18:07:34 | 000,022,104 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\klim6.sys -- (KLIM6)
DRV - [2010/02/17 19:25:50 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- G:\New folder\sasdifsv.sys -- (SASDIFSV)
DRV - [2009/11/02 19:27:16 | 000,019,984 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2009/07/14 02:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
DRV - [2009/07/14 02:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)
DRV - [2009/07/14 02:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
DRV - [2009/07/14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009/07/14 00:45:45 | 000,025,088 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\fdc.sys -- (fdc)
DRV - [2009/07/14 00:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
DRV - [2009/07/14 00:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)
DRV - [2009/07/13 23:02:49 | 000,046,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2009/06/10 22:19:48 | 009,853,248 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2005/09/19 18:08:50 | 000,050,176 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\Windows\System32\drivers\RxFilter.sys -- (RxFilter)
DRV - [2004/04/26 23:31:04 | 000,474,304 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvcd.sys -- (QCDonner) Logitech QuickCam Express(PID_0840)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 80 BA 82 07 6F FE CB 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========


FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/04/09 19:45:30 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.9\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011/03/07 15:20:24 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.9\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2010/11/19 18:47:15 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{8C17574E-F5C5-41b8-8B36-333FC7E67980}: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\THBExt_2_x [2011/03/29 12:27:43 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{FD9B3EC6-8265-41fb-8A2F-4C5A22A95A7B}: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\THBExt_3_1_x [2011/03/29 12:27:43 | 000,000,000 | ---D | M]

[2010/06/26 11:53:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Paul\AppData\Roaming\Mozilla\Extensions
[2010/06/26 11:53:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Paul\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010/06/22 14:55:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Paul\AppData\Roaming\Mozilla\Extensions\[email protected]
[2011/04/10 11:20:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/04/10 11:20:09 | 000,000,000 | ---D | M] (Anti-Banner) -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
[2011/04/10 11:20:08 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
File not found (No name found) --
[2011/03/18 18:53:24 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2010/01/01 09:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml

O1 HOSTS File: ([2011/03/31 15:31:53 | 000,431,614 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 123fporn.info
O1 - Hosts: 14854 more lines...
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {37483B40-C254-4A72-BDA4-22EE90182C1E} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO)
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil10o_ActiveX.exe (Adobe Systems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 60
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm ()
O9 - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~2\mzvkbd3.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\mzvkbd3.dll (Kaspersky Lab ZAO)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~2\kloehk.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\kloehk.dll (Kaspersky Lab ZAO)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\klogon: DllName - C:\Windows\system32\klogon.dll - C:\Windows\System32\klogon.dll (Kaspersky Lab ZAO)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\Windows\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/04/19 10:40:58 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Paul\Desktop\OTL.exe
[2011/04/18 21:10:38 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\{0517992F-EBF7-43EB-8CEC-63B3C13ABDC7}
[2011/04/17 20:56:02 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\{6A5CA7CD-9BB4-438B-AF7A-C204AA8A4A6A}
[2011/04/16 21:19:21 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\{2A002413-3424-48F6-ABF6-106AC0F4F7D5}
[2011/04/15 11:57:52 | 000,000,000 | ---D | C] -- C:\Users\Paul\Documents\Quiz 23 dave
[2011/04/15 00:12:50 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\{7DCEFEA5-9964-4ADD-BE5C-549B746EE954}
[2011/04/13 11:32:08 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\{8DD0171E-84CA-4775-BD56-8D418E13D14E}
[2011/04/12 20:51:30 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\{C6A1F911-B34A-42F1-A2D5-C06EED4A19EF}
[2011/04/10 23:23:45 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\{AE9C743D-A6AB-433C-9D4C-D7698FC33371}
[2011/04/10 20:37:23 | 000,064,512 | ---- | C] (Lavasoft AB) -- C:\Windows\System32\drivers\Lbd.sys
[2011/04/10 20:36:56 | 000,098,392 | ---- | C] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys
[2011/04/10 20:28:46 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\Sunbelt Software
[2011/04/10 20:27:01 | 000,000,000 | -H-D | C] -- C:\ProgramData\{6A395471-4AA3-4072-AE1B-9B69A97AD164}
[2011/04/10 20:26:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
[2011/04/10 20:26:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2011/04/10 20:26:48 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2011/04/10 16:30:19 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\SUPERAntiSpyware.com
[2011/04/10 16:30:19 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2011/04/10 16:30:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2011/04/10 11:23:05 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\{6295FB32-18DE-4ADE-9FBA-D9535B902F8F}
[2011/04/09 19:45:38 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\Mozilla
[2011/04/09 19:45:29 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2011/04/09 14:00:11 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\{3D51B878-CFEE-4885-AC38-03ECF581982D}
[2011/04/09 13:33:51 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\avz4.zip
[2011/04/08 11:36:19 | 000,000,000 | ---D | C] -- C:\Users\Paul\Documents\Quiz 22 Dave
[2011/04/08 10:53:32 | 000,000,000 | ---D | C] -- C:\Users\Paul\Documents\Quiz 21 Dave
[2011/04/07 22:12:49 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\{BDC28C74-5050-4B0B-9E76-5D5403239C51}
[2011/04/06 14:05:23 | 000,218,112 | ---- | C] (Soeperman Enterprises Ltd.) -- C:\Users\Paul\Desktop\HijackThis.exe
[2011/04/06 14:02:54 | 000,611,624 | ---- | C] (Kaspersky Lab) -- C:\Users\Paul\Desktop\GetSystemInfo.exe
[2011/04/05 18:12:38 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\Conduit
[2011/04/05 18:12:24 | 000,000,000 | ---D | C] -- C:\ProgramData\NCH Software
[2011/04/04 20:36:42 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\{6C929A5F-5CD3-4466-8279-62420B380BD2}
[2011/04/02 20:28:35 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\{7CC0979B-FB04-4116-BA83-D20A82880A6D}
[2011/04/01 16:58:46 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\{0B363CA8-F7CA-48C1-B890-98482D924118}
[2011/03/31 21:54:40 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\{2709A7BE-6198-444C-A879-536BFB90CB94}
[2011/03/31 15:05:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2011/03/31 11:00:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011/03/31 10:59:38 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/03/31 10:59:37 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/03/31 10:59:37 | 000,000,000 | ---D | C] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011/03/31 10:58:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011/03/31 10:58:27 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2011/03/31 10:58:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2011/03/31 10:58:11 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2011/03/31 10:57:16 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011/03/30 10:34:38 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\dvd of show 2011
[2011/03/29 23:07:29 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\firefox
[2011/03/29 22:56:49 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2011/03/29 12:29:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security 2011
[2011/03/22 14:41:41 | 000,000,000 | ---D | C] -- C:\Users\Paul\Documents\quiz 20 dave
[2011/03/22 13:58:56 | 000,000,000 | ---D | C] -- C:\Users\Paul\Documents\Quiz 19 Dave
[1 C:\Users\Paul\Documents\*.tmp files -> C:\Users\Paul\Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/04/19 10:41:04 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Paul\Desktop\OTL.exe
[2011/04/19 10:34:03 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/04/19 09:55:12 | 000,628,024 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/04/19 09:55:12 | 000,110,208 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/04/19 09:49:13 | 000,000,370 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2011/04/19 09:49:06 | 000,000,876 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/04/19 09:49:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/04/19 09:48:57 | 1559,093,248 | -HS- | M] () -- C:\hiberfil.sys
[2011/04/18 12:33:35 | 000,001,407 | ---- | M] () -- C:\Users\Paul\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/04/16 22:52:16 | 000,009,808 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/04/16 22:52:16 | 000,009,808 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/04/15 23:31:27 | 000,013,312 | ---- | M] () -- C:\Windows\System32\drivers\vdq0nzuw.sys
[2011/04/15 12:56:02 | 001,829,744 | ---- | M] () -- C:\Users\Paul\AppData\Local\rx_audio.Cache
[2011/04/15 10:55:34 | 000,352,728 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/04/10 20:36:55 | 000,098,392 | ---- | M] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys
[2011/04/10 20:26:59 | 000,001,124 | ---- | M] () -- C:\Users\Paul\Application Data\Microsoft\Internet Explorer\Quick Launch\Ad-Aware.lnk
[2011/04/10 20:26:59 | 000,001,100 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware.lnk
[2011/04/10 16:30:13 | 000,000,554 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/04/09 21:13:54 | 000,001,023 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/04/09 19:45:31 | 000,001,092 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/04/07 08:59:03 | 000,016,432 | ---- | M] () -- C:\Windows\System32\lsdelete.exe
[2011/04/06 14:12:06 | 000,197,189 | ---- | M] () -- C:\Users\Paul\Desktop\GetSystemInfo_PAUL-PC_Paul_2011_04_06_14_10_07.zip
[2011/04/06 14:05:45 | 000,218,112 | ---- | M] (Soeperman Enterprises Ltd.) -- C:\Users\Paul\Desktop\HijackThis.exe
[2011/04/06 14:02:55 | 000,611,624 | ---- | M] (Kaspersky Lab) -- C:\Users\Paul\Desktop\GetSystemInfo.exe
[2011/04/04 20:41:45 | 000,115,267 | ---- | M] () -- C:\Windows\System32\drivers\klin.dat
[2011/04/04 20:41:44 | 000,097,859 | ---- | M] () -- C:\Windows\System32\drivers\klick.dat
[2011/04/01 08:22:02 | 000,064,512 | ---- | M] (Lavasoft AB) -- C:\Windows\System32\drivers\Lbd.sys
[2011/03/31 15:31:53 | 000,431,614 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011/03/31 11:00:22 | 000,001,753 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/03/31 10:58:39 | 000,001,815 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[1 C:\Users\Paul\Documents\*.tmp files -> C:\Users\Paul\Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/04/18 12:44:21 | 000,000,370 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2011/04/18 12:33:35 | 000,001,413 | ---- | C] () -- C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011/04/18 12:33:35 | 000,001,407 | ---- | C] () -- C:\Users\Paul\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/04/15 23:31:27 | 000,013,312 | ---- | C] () -- C:\Windows\System32\drivers\vdq0nzuw.sys
[2011/04/10 23:26:44 | 000,016,432 | ---- | C] () -- C:\Windows\System32\lsdelete.exe
[2011/04/10 20:26:59 | 000,001,124 | ---- | C] () -- C:\Users\Paul\Application Data\Microsoft\Internet Explorer\Quick Launch\Ad-Aware.lnk
[2011/04/10 20:26:59 | 000,001,100 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Aware.lnk
[2011/04/10 16:30:13 | 000,000,554 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/04/09 19:45:31 | 000,001,104 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011/04/09 19:45:31 | 000,001,092 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/04/06 14:10:57 | 000,197,189 | ---- | C] () -- C:\Users\Paul\Desktop\GetSystemInfo_PAUL-PC_Paul_2011_04_06_14_10_07.zip
[2011/03/31 11:00:22 | 000,001,753 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/03/31 10:58:39 | 000,001,815 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2011/03/31 10:58:11 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2010/10/09 21:59:11 | 000,175,548 | ---- | C] () -- C:\Users\Paul\AppData\Local\imageCache7.db
[2010/10/05 14:26:05 | 001,829,744 | ---- | C] () -- C:\Users\Paul\AppData\Local\rx_audio.Cache
[2010/10/05 14:25:19 | 000,000,000 | ---- | C] () -- C:\Users\Paul\AppData\Local\rx_image.Cache
[2010/09/09 16:28:01 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2010/06/30 13:17:51 | 000,111,932 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
[2010/06/30 13:17:51 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat
[2010/06/30 13:17:51 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat
[2010/06/30 13:17:51 | 000,026,154 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat
[2010/06/30 13:17:51 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat
[2010/06/30 13:17:51 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat
[2010/06/30 13:17:51 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2010/06/30 13:17:51 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat
[2010/06/30 13:17:51 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat
[2010/06/30 13:17:51 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat
[2010/06/30 13:17:51 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
[2010/06/30 13:17:51 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
[2010/06/30 13:17:51 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
[2010/06/30 13:17:51 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
[2010/06/30 13:17:51 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
[2010/06/30 13:17:51 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat
[2010/06/30 13:17:51 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat
[2010/06/30 13:17:51 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
[2010/06/30 13:17:51 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2010/06/30 13:13:54 | 000,000,025 | ---- | C] () -- C:\Windows\CDE DX7400DEFGIPS.ini
[2010/06/30 11:44:08 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2010/06/21 17:38:46 | 000,115,267 | ---- | C] () -- C:\Windows\System32\drivers\klin.dat
[2010/06/21 17:38:46 | 000,097,859 | ---- | C] () -- C:\Windows\System32\drivers\klick.dat
[2009/09/09 18:01:40 | 000,027,675 | ---- | C] () -- C:\Windows\System32\drivers\klopp.dat
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009/07/14 05:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 05:33:53 | 000,352,728 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/14 03:05:48 | 000,628,024 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/14 03:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/14 03:05:48 | 000,110,208 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/14 03:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/14 03:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/14 03:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/14 01:19:49 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2009/07/14 00:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/07/13 21:29:46 | 000,018,896 | ---- | C] () -- C:\Windows\System32\sysedit.exe
[2009/06/10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2005/09/19 16:15:52 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll
[2005/09/15 09:05:36 | 003,596,288 | R--- | C] () -- C:\Windows\System32\qt-dx331.dll
[2005/09/15 09:05:36 | 000,831,488 | R--- | C] () -- C:\Windows\System32\libeay32.dll
[2005/09/15 09:05:36 | 000,159,744 | R--- | C] () -- C:\Windows\System32\ssleay32.dll
[2005/09/15 09:05:36 | 000,110,592 | R--- | C] () -- C:\Windows\System32\dtu100.dll
[2005/08/30 06:29:04 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2004/03/26 09:56:40 | 000,017,191 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini

========== LOP Check ==========

[2010/08/05 17:59:46 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\BitComet
[2010/06/30 13:41:40 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\EPSON
[2010/10/08 12:21:15 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Foxit
[2010/10/08 12:21:18 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Foxit Software
[2011/04/15 23:31:13 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\FrostWire
[2010/11/02 16:31:47 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\GetRightToGo
[2010/11/02 16:00:37 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\LimeWire
[2010/10/06 13:15:16 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Sony
[2010/06/26 11:53:20 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Thunderbird
[2011/04/19 09:49:13 | 000,000,370 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job
[2011/03/30 10:29:28 | 000,032,620 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 76 bytes -> C:\Users\Paul\Documents\Quiz 8 Sun:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Paul\Documents\Quiz 7 sun:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Paul\Documents\Quiz 6 sun:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Paul\Documents\Quiz 6 dave:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Paul\Documents\Quiz 5 sun:Roxio EMC Stream

< End of report >
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Forum
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP