Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Can only connect to Internet in safe Mode

Started by RahKnee , Apr 20 2011 10:51 PM

  • Please log in to reply

#1
RahKnee
Posted 20 April 2011 - 10:51 PM

RahKnee

    Member

  • Member
  • PipPip
  • 35 posts
Can someone please help me figure out what's going on with mylaptop? I can only connect to the internet in safe mode but I'm unable to connect in normal mode. I ran a full scan with both mbam and super anti spyware and everyhing appears to be okay. Here is the file the OTL results
________________________________________________________

OTL logfile created on: 4/21/2011 12:40:38 AM - Run 2
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\taypowell\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19019)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 67.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 86.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 139.71 Gb Total Space | 78.19 Gb Free Space | 55.97% Space Free | Partition Type: NTFS
Drive D: | 9.34 Gb Total Space | 1.70 Gb Free Space | 18.17% Space Free | Partition Type: NTFS
Unable to calculate disk information.

Computer Name: TAYPOWELL-PC | User Name: taypowell | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/04/21 00:39:13 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\taypowell\Desktop\OTL.exe
PRC - [2010/06/24 20:16:40 | 002,998,560 | ---- | M] (Webroot Software, Inc. ) -- C:\Program Files\Webroot\Security\Current\Framework\WRConsumerService.exe
PRC - [2010/06/17 15:49:06 | 003,857,832 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) -- C:\Program Files\Webroot\Security\Current\plugins\antimalware\AEI.exe
PRC - [2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/01/20 22:33:37 | 000,498,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\HelpPane.exe


========== Modules (SafeList) ==========

MOD - [2011/04/21 00:39:13 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\taypowell\Desktop\OTL.exe
MOD - [2010/08/31 11:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/06/24 20:16:40 | 002,998,560 | ---- | M] (Webroot Software, Inc. ) [Auto | Running] -- C:\Program Files\Webroot\Security\Current\Framework\WRConsumerService.exe -- (WRConsumerService)
SRV - [2010/06/17 15:49:06 | 003,857,832 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) [Auto | Running] -- C:\Program Files\Webroot\Security\current\plugins\antimalware\AEI.exe -- (WebrootSpySweeperService)
SRV - [2008/04/26 04:15:26 | 000,361,808 | ---- | M] () [Auto | Stopped] -- C:\Windows\SMINST\BLService.exe -- (Recovery Service for Windows)
SRV - [2008/01/20 22:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/01/04 17:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Stopped] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2006/11/22 05:11:36 | 000,537,520 | ---- | M] ( ) [Auto | Stopped] -- C:\Windows\System32\lxctcoms.exe -- (lxct_device)


========== Driver Services (SafeList) ==========

DRV - [2010/06/17 15:49:10 | 000,182,056 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\ssidrv.sys -- (ssidrv)
DRV - [2010/06/17 15:49:10 | 000,045,072 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\ssfmonm.sys -- (ssfmonm)
DRV - [2010/06/17 15:49:10 | 000,024,496 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\sshrmd.sys -- (sshrmd)
DRV - [2010/05/10 14:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/02/17 14:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2009/02/19 11:31:18 | 000,041,008 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\SYMNDISV.SYS -- (SYMNDISV)
DRV - [2009/02/19 11:31:16 | 000,184,496 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2009/02/19 11:31:16 | 000,096,560 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\SYMFW.SYS -- (SYMFW)
DRV - [2009/02/19 11:31:16 | 000,022,320 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2009/02/19 11:31:16 | 000,013,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\SYMDNS.SYS -- (SYMDNS)
DRV - [2009/01/10 09:32:46 | 000,124,464 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2008/06/10 14:54:36 | 000,123,904 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008/06/05 12:58:42 | 000,222,208 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2008/06/04 13:54:22 | 000,113,664 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel®
DRV - [2008/04/27 14:07:44 | 000,909,824 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2007/10/17 19:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/06/18 20:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2006/11/02 03:30:56 | 000,429,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm60x32.sys -- (NVENETFD)
DRV - [2000/04/04 14:27:38 | 000,019,824 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\Windows\System32\Drivers\Parclass.sys -- (Parclass)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...resario&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...resario&pf=cnnb

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...resario&pf=cnnb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/02/04 13:55:19 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/04/20 23:50:43 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2010/12/27 15:42:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\taypowell\AppData\Roaming\Mozilla\Extensions
[2009/02/25 22:41:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\taypowell\AppData\Roaming\Mozilla\Extensions\[email protected]
[2009/03/28 12:46:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\taypowell\AppData\Roaming\Mozilla\Firefox\extensions
[2009/03/28 12:46:12 | 000,000,000 | ---D | M] ("Ask Toolbar for Firefox") -- C:\Users\taypowell\AppData\Roaming\Mozilla\Firefox\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2011/04/20 23:50:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) --
[2009/11/19 03:28:20 | 000,000,000 | ---D | M] (Move Media Player) -- C:\USERS\TAYPOWELL\APPDATA\ROAMING\MOVE NETWORKS
[2009/09/02 03:01:09 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2011/03/18 13:53:24 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2010/01/01 04:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml

O1 HOSTS File: ([2010/12/27 12:32:39 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Common Files\Symantec Shared\IDS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKLM\..\Toolbar: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ccApp] c:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [EzPrint] C:\Program Files\Lexmark 5400 Series\ezprint.exe (Lexmark International Inc.)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpqSRMon] File not found
O4 - HKLM..\Run: [Lexmark 5400 Series Fax Server] C:\Program Files\Lexmark 5400 Series\fm3032.exe ()
O4 - HKLM..\Run: [LXCTCATS] C:\Windows\System32\spool\DRIVERS\W32X86\3\LXCTtime.DLL (Lexmark International Inc.)
O4 - HKLM..\Run: [lxctmon.exe] C:\Program Files\Lexmark 5400 Series\lxctmon.exe ()
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [WebrootTrayApp] C:\Program Files\Webroot\Security\Current\Framework\WRTray.exe (Webroot Software, Inc. )
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [CRLMousesvc] C:\Users\taypowell\AppData\Local\MSNcrt64\CRLMousesvc.dll ()
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [WindowsWelcomeCenter] File not found
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - File not found
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - File not found
O9 - Extra Button: Bodog Poker - {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - File not found
O13 - gopher Prefix: missing
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files/Chessmaster%20Challenge/Images/stg_drm.ocx (SpinTop DRM Control)
O16 - DPF: {2AB1C516-6654-4D3A-B3D6-2185BBCEB409} https://sslvpn.south...svrloader32.cab (Reg Error: Key error.)
O16 - DPF: {2AB1C516-D654-4D3A-B3D6-2185BBCEB409} https://sslvpn.south...COL /relayp.cab (Cisco Systems WebVPN Relay Loader)
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} http://lads.myspace....ploader1006.cab (MySpace Uploader Control)
O16 - DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} http://www.linkedin....nderControl.cab (LinkedIn ContactFinderControl)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx1.hotmail....NPUplden-us.cab (MSN Photo Upload Tool)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files/Chessmaster%20Challenge/Images/armhelper.ocx (ArmHelper Control)
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx1.hotmail....NPUplden-us.cab (Windows Live Hotmail Photo Upload Tool)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 192.168.2.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\Sunset.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\Sunset.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/07/26 02:01:12 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/04/21 00:39:11 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\taypowell\Desktop\OTL.exe
[2011/04/20 22:35:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2011/04/20 22:35:31 | 010,940,984 | ---- | C] (SUPERAntiSpyware.com) -- C:\Users\taypowell\Desktop\SUPERAntiSpywarePro.exe
[2011/04/20 20:05:02 | 000,000,000 | ---D | C] -- C:\Users\taypowell\AppData\Roaming\HpUpdate
[2011/04/20 20:04:54 | 000,000,000 | ---D | C] -- C:\Windows\Hewlett-Packard
[2011/04/20 19:04:41 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/04/20 19:04:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/04/20 19:04:38 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/04/20 19:04:38 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/04/20 19:04:05 | 007,734,208 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\taypowell\Desktop\mbam-setup-1.50.1.1100.exe
[2010/08/25 19:59:08 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
[2010/03/09 20:42:19 | 000,323,584 | ---- | C] ( ) -- C:\Windows\System32\LXCThcp.dll
[2010/03/09 20:42:18 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\lxctinpa.dll
[2010/03/09 20:42:18 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\lxctiesc.dll
[2010/03/09 20:42:17 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\lxctserv.dll
[2010/03/09 20:42:17 | 000,991,232 | ---- | C] ( ) -- C:\Windows\System32\lxctusb1.dll
[2010/03/09 20:42:16 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\lxctpmui.dll
[2010/03/09 20:42:16 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\lxctprox.dll
[2010/03/09 20:42:16 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\lxctpplc.dll
[2010/03/09 20:42:15 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\lxctlmpm.dll
[2010/03/09 20:42:14 | 000,696,320 | ---- | C] ( ) -- C:\Windows\System32\lxcthbn3.dll
[2010/03/09 20:42:14 | 000,385,968 | ---- | C] ( ) -- C:\Windows\System32\lxctih.exe
[2010/03/09 20:42:12 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\lxctcomc.dll
[2010/03/09 20:42:12 | 000,537,520 | ---- | C] ( ) -- C:\Windows\System32\lxctcoms.exe
[2010/03/09 20:42:12 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\lxctcomm.dll
[2010/03/09 20:42:11 | 000,381,872 | ---- | C] ( ) -- C:\Windows\System32\lxctcfg.exe
[7 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[7 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[3 C:\Users\taypowell\Documents\*.tmp files -> C:\Users\taypowell\Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/04/21 00:39:13 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\taypowell\Desktop\OTL.exe
[2011/04/21 00:29:02 | 000,604,452 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/04/21 00:29:02 | 000,104,120 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/04/21 00:06:02 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/04/21 00:06:02 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/04/20 23:56:00 | 000,000,284 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini
[2011/04/20 23:53:54 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/04/20 23:51:16 | 000,000,000 | ---- | M] () -- C:\Windows\nsreg.dat
[2011/04/20 23:50:44 | 000,000,870 | ---- | M] () -- C:\Users\taypowell\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/04/20 23:50:44 | 000,000,846 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/04/20 22:35:55 | 000,001,800 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
[2011/04/20 22:35:44 | 010,940,984 | ---- | M] (SUPERAntiSpyware.com) -- C:\Users\taypowell\Desktop\SUPERAntiSpywarePro.exe
[2011/04/20 21:28:04 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/04/20 19:04:41 | 000,000,930 | ---- | M] () -- C:\Users\taypowell\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/04/20 19:04:41 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/04/20 19:04:18 | 007,734,208 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\taypowell\Desktop\mbam-setup-1.50.1.1100.exe
[2011/04/20 18:33:36 | 000,320,472 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/04/20 09:22:05 | 000,000,430 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{390F5B96-24A1-48A6-9EAC-CAE641ABB861}.job
[2011/04/03 21:21:50 | 000,000,009 | ---- | M] () -- C:\Windows\Crypkey.ini
[2011/04/03 21:21:02 | 000,045,208 | ---- | M] () -- C:\Windows\PeachWLog.XML
[2011/03/28 03:04:48 | 000,001,971 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011/03/27 19:04:31 | 000,000,338 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleFortaypowell.job
[7 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[7 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[3 C:\Users\taypowell\Documents\*.tmp files -> C:\Users\taypowell\Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/04/20 23:51:16 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011/04/20 23:50:44 | 000,000,870 | ---- | C] () -- C:\Users\taypowell\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/04/20 23:50:44 | 000,000,858 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011/04/20 23:50:44 | 000,000,846 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/04/20 22:35:55 | 000,001,800 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
[2011/04/20 19:04:41 | 000,000,930 | ---- | C] () -- C:\Users\taypowell\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/04/20 19:04:41 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/12/27 12:31:48 | 000,030,424 | ---- | C] () -- C:\Windows\System32\wrLZMA.dll
[2010/08/25 20:30:02 | 000,439,308 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin
[2010/08/25 20:30:00 | 000,982,240 | ---- | C] () -- C:\Windows\System32\igkrng500.bin
[2010/08/25 20:30:00 | 000,092,356 | ---- | C] () -- C:\Windows\System32\igfcg500m.bin
[2010/08/25 19:57:00 | 000,000,151 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config
[2010/08/25 19:52:00 | 000,208,896 | ---- | C] () -- C:\Windows\System32\iglhsip32.dll
[2010/08/25 19:52:00 | 000,143,360 | ---- | C] () -- C:\Windows\System32\iglhcp32.dll
[2010/03/16 22:04:41 | 000,000,495 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2010/03/16 20:03:45 | 000,000,004 | ---- | C] () -- C:\Windows\vx86036.dat
[2010/03/16 20:02:53 | 000,000,009 | ---- | C] () -- C:\Windows\Crypkey.ini
[2010/03/09 20:49:32 | 000,344,064 | ---- | C] () -- C:\Windows\System32\lxctcoin.dll
[2010/03/09 20:45:54 | 000,045,056 | ---- | C] () -- C:\Windows\System32\lxctpmon.dll
[2010/03/09 20:45:54 | 000,032,768 | ---- | C] () -- C:\Windows\System32\LXCTFXPU.DLL
[2010/03/09 20:42:19 | 000,274,432 | ---- | C] () -- C:\Windows\System32\LXCTinst.dll
[2010/03/09 20:42:13 | 000,204,800 | ---- | C] () -- C:\Windows\System32\lxctgrd.dll
[2010/03/08 13:55:21 | 000,253,952 | ---- | C] () -- C:\Windows\msfxinfz.dat
[2010/03/08 13:44:38 | 000,000,138 | ---- | C] () -- C:\Windows\asym.ini
[2010/02/04 13:54:39 | 000,023,090 | ---- | C] () -- C:\Windows\hpqins15.dat
[2009/12/28 17:31:12 | 000,361,328 | ---- | C] () -- C:\Windows\bb.exe
[2009/12/28 17:31:12 | 000,070,894 | ---- | C] () -- C:\Windows\Bestrmt.exe
[2009/12/28 17:31:12 | 000,041,984 | ---- | C] () -- C:\Windows\KEYSETUP.EXE
[2009/12/28 17:31:12 | 000,036,282 | ---- | C] () -- C:\Windows\Klutil.exe
[2009/12/28 17:31:12 | 000,030,720 | ---- | C] () -- C:\Windows\System32\PARCLASS.EXE
[2009/12/28 17:31:12 | 000,023,248 | ---- | C] () -- C:\Windows\System32\USBKEY.SYS
[2009/12/28 17:31:12 | 000,023,248 | ---- | C] () -- C:\Windows\System32\drivers\usbkey.sys
[2009/12/28 17:31:12 | 000,012,048 | ---- | C] () -- C:\Windows\System32\PPMON.EXE
[2009/12/28 17:31:12 | 000,007,440 | ---- | C] () -- C:\Windows\System32\PPMON.DLL
[2009/12/28 17:31:11 | 000,041,984 | ---- | C] () -- C:\Windows\System32\KEYSETUP.EXE
[2009/09/16 20:28:11 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/09/16 20:28:11 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009/06/20 09:50:13 | 000,000,128 | ---- | C] () -- C:\Users\taypowell\AppData\Roaming\wklnhst.dat
[2009/04/22 20:15:42 | 000,012,288 | ---- | C] () -- C:\Users\taypowell\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/04/19 10:59:27 | 000,006,648 | ---- | C] () -- C:\Users\taypowell\AppData\Local\d3d9caps.dat
[2008/11/21 04:18:21 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/07/26 02:16:18 | 000,101,605 | ---- | C] () -- C:\Windows\hpqins13.dat
[2008/06/12 14:59:22 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1502.dll
[2008/06/12 14:41:18 | 000,147,172 | ---- | C] () -- C:\Windows\System32\igfcg550.bin
[2008/06/04 13:54:12 | 000,004,608 | ---- | C] () -- C:\Windows\System32\HdmiCoin.dll
[2006/11/02 08:44:53 | 000,320,472 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 06:33:01 | 000,604,452 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 06:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 06:33:01 | 000,104,120 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 06:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 06:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 04:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 04:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 03:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/08/14 13:17:14 | 000,065,536 | ---- | C] () -- C:\Windows\System32\lxctcaps.dll
[2006/08/08 11:58:04 | 000,692,224 | ---- | C] () -- C:\Windows\System32\lxctdrs.dll
[2006/05/03 10:31:04 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxctcnv4.dll
[2006/04/24 23:11:18 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxctvs.dll
[2006/03/09 05:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2001/08/06 23:16:34 | 000,045,056 | ---- | C] () -- C:\Windows\OTS_UI.EXE

========== LOP Check ==========

[2010/08/10 13:57:57 | 000,000,000 | ---D | M] -- C:\Users\taypowell\AppData\Roaming\5400 Series
[2009/10/30 10:38:53 | 000,000,000 | ---D | M] -- C:\Users\taypowell\AppData\Roaming\BitZipper
[2009/07/25 20:44:04 | 000,000,000 | ---D | M] -- C:\Users\taypowell\AppData\Roaming\Chessmaster Challenge
[2010/03/16 20:03:39 | 000,000,000 | ---D | M] -- C:\Users\taypowell\AppData\Roaming\EISI
[2009/01/02 15:07:31 | 000,000,000 | ---D | M] -- C:\Users\taypowell\AppData\Roaming\iWin
[2009/02/26 00:05:17 | 000,000,000 | ---D | M] -- C:\Users\taypowell\AppData\Roaming\LimeWire
[2010/12/27 13:50:46 | 000,000,000 | ---D | M] -- C:\Users\taypowell\AppData\Roaming\mp3rocket
[2010/03/16 22:25:20 | 000,000,000 | ---D | M] -- C:\Users\taypowell\AppData\Roaming\Peachtree
[2009/07/24 23:58:18 | 000,000,000 | ---D | M] -- C:\Users\taypowell\AppData\Roaming\SpinTop
[2009/06/20 09:50:15 | 000,000,000 | ---D | M] -- C:\Users\taypowell\AppData\Roaming\Template
[2009/01/02 03:09:32 | 000,000,000 | ---D | M] -- C:\Users\taypowell\AppData\Roaming\WildTangent
[2011/04/21 00:06:03 | 000,032,606 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011/04/20 09:22:05 | 000,000,430 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{390F5B96-24A1-48A6-9EAC-CAE641ABB861}.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 81 bytes -> C:\Program Files\DoylesRoom:MID
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:93E9C78D
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:D158BAF9

< End of report >
  • 0

Advertisements

#2
RahKnee
Posted 22 April 2011 - 03:46 PM

RahKnee

    Member

  • Topic Starter
  • Member
  • PipPip
  • 35 posts
can someone at least lead me to some documentation that I can use to figure this out myself?
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Forum
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP