Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Something is Wrong

Started by jds2207 , May 15 2011 04:47 PM

  • This topic is locked This topic is locked

#1
jds2207
Posted 15 May 2011 - 04:47 PM

jds2207

    Member

  • Member
  • PipPip
  • 36 posts
Hello,

I have had some malware and virus issues recently. I have run Malwarebytes and eliminated some of the infections as well as Microsoft Security Essentials to eliminate some infections. Nevertheless, the computer continues to be picking up something still. One issue is that firefox continues to redirect on occasion. Secondly, the computer keeps "spinning" and the process that is using up the resources is svchost. A third issue is that the Malwarebytes and MSE continue to pick up viruses/malware. I have no idea what to do other than running these two programs though, but know something is not right! Here is my OTL log:

OTL logfile created on: 5/15/2011 6:29:33 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 65.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 82.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232.82 Gb Total Space | 149.42 Gb Free Space | 64.18% Space Free | Partition Type: NTFS

Computer Name: OWNER-630B7ABCA | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/15 18:28:53 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
PRC - [2011/05/04 20:44:06 | 000,359,032 | ---- | M] (Sub Sidekick) -- C:\Program Files\Sub Sidekick\subsidekick.exe
PRC - [2011/04/29 17:04:01 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/03/27 20:30:29 | 000,400,760 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\BitTorrent\BitTorrent.exe
PRC - [2011/03/21 14:56:16 | 001,230,704 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2010/12/08 17:15:44 | 000,063,360 | ---- | M] (DivX, LLC) -- C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe
PRC - [2010/11/30 13:20:36 | 000,997,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2010/11/11 12:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2010/05/14 01:19:46 | 000,090,912 | ---- | M] () -- C:\Program Files\Gbridge LLC\Gbridge\pstartw.exe
PRC - [2010/05/14 01:19:36 | 003,681,560 | ---- | M] (Gbridge LLC) -- C:\Program Files\Gbridge LLC\Gbridge\Gbridge.exe
PRC - [2010/03/05 00:38:00 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe
PRC - [2009/09/03 02:18:52 | 001,691,416 | ---- | M] (UltraVNC) -- C:\Program Files\Gbridge LLC\Gbridge\gbwinvnc.exe
PRC - [2008/07/03 07:38:24 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (SafeList) ==========

MOD - [2011/05/15 18:28:53 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
MOD - [2010/08/23 12:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (WPFFontCache_v0400)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2010/11/11 12:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2010/03/05 00:38:00 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)
SRV - [2009/09/03 02:18:52 | 001,691,416 | ---- | M] (UltraVNC) [Auto | Running] -- C:\Program Files\Gbridge LLC\Gbridge\gbwinvnc.exe -- (uvnc_service_gs)
SRV - [2008/10/31 17:33:46 | 000,276,480 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Auto | Running] -- C:\Program Files\UPHClean\uphclean.dll -- (UPHClean)


========== Driver Services (SafeList) ==========

DRV - [2011/05/15 13:41:24 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A85876EF-C6B1-4D55-AE1A-FB3DF015F5D4}\MpKsl20415014.sys -- (MpKsl20415014)
DRV - [2009/11/12 15:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009/08/18 08:50:49 | 000,009,472 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\dumpdrv.sys -- (DumpDrv)
DRV - [2009/05/10 13:46:02 | 000,041,216 | ---- | M] (Gbridge LLC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gbridge.sys -- (gbridge)
DRV - [2006/02/09 21:57:46 | 001,502,208 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005/11/16 16:36:00 | 001,047,816 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://vshare.toolbarhome.com/?hp=df
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 66 14 71 FA 9E 07 CC 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Web Search..."
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "igoogle.com"
FF - prefs.js..extensions.enabledItems: [email protected]:3.9.9
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900
FF - prefs.js..extensions.enabledItems: [email protected]:2
FF - prefs.js..extensions.enabledItems: 5
FF - prefs.js..extensions.enabledItems: 3
FF - prefs.js..extensions.enabledItems: 1
FF - prefs.js..keyword.URL: "http://vshare.toolba...spx?srch=ku&q="

FF - HKLM\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2010/12/28 00:07:46 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2010/12/28 00:07:46 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/04/29 17:04:06 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/30 19:28:34 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011/01/31 15:07:17 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2011/04/30 19:28:34 | 000,000,000 | ---D | M]

[2010/12/27 19:24:27 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions
[2011/05/03 12:14:47 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\gzgfwt96.default\extensions
[2010/12/28 22:59:14 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\gzgfwt96.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/02/05 23:06:38 | 000,000,000 | ---D | M] (TVU Web Player) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\gzgfwt96.default\extensions\[email protected]
[2011/05/03 12:14:47 | 000,000,000 | ---D | M] ("Xmarks") -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\gzgfwt96.default\extensions\[email protected]
[2011/04/30 23:13:06 | 000,000,000 | ---D | M] (vShare) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\gzgfwt96.default\extensions\vshare@toolbar
[2011/04/30 23:13:14 | 000,001,583 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\gzgfwt96.default\searchplugins\web-search.xml
[2010/11/29 13:11:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) --
[2011/04/29 17:04:00 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2011/04/08 23:50:23 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml

Hosts file not found
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O4 - HKLM..\Run: [DivX Download Manager] C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe (DivX, LLC)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [UserFaultCheck] File not found
O4 - HKCU..\Run: [BitTorrent] C:\Program Files\BitTorrent\BitTorrent.exe (BitTorrent, Inc.)
O4 - HKCU..\Run: [Gbridge] C:\Program Files\Gbridge LLC\Gbridge\pstartw.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Sub Sidekick.lnk = C:\Program Files\Sub Sidekick\subsidekick.exe (Sub Sidekick)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.239.255.254
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\RailNotification: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/11/29 12:29:42 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/05/15 18:28:47 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2011/05/15 18:27:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/05/15 18:26:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\Erunt
[2011/05/14 20:07:42 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Owner\Recent
[2011/05/08 22:07:06 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2011/05/06 23:42:09 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Owner\IECompatCache
[2011/05/05 16:37:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Apple Computer
[2011/05/05 09:42:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Sub Sidekick
[2011/04/30 23:32:56 | 000,000,000 | ---D | C] -- C:\Program Files\Veetle
[2011/04/30 16:11:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Apple
[2011/04/30 09:47:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Identities
[2011/04/28 23:42:17 | 000,000,000 | -HSD | C] -- C:\WINDOWS\System32\AI_RecycleBin
[2011/04/28 00:01:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple Computer
[2011/04/20 10:30:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Sun
[2011/04/19 22:49:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\VideoLAN
[2011/04/18 22:44:26 | 022,253,776 | ---- | C] (Sub Sidekick) -- C:\Documents and Settings\Owner\Desktop\SubSidekickInstaller.exe
[2011/04/16 20:52:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Malwarebytes
[2011/04/16 20:51:50 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/04/16 20:51:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/04/16 20:51:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/04/16 20:51:46 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/04/16 20:51:45 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/04/16 20:47:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\U3
[2011/04/16 20:26:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2011/04/16 19:34:19 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2011/04/15 23:32:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Adobe
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/05/15 18:28:53 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2011/05/15 17:27:49 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/05/15 13:46:25 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011/05/15 13:41:52 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/05/15 13:40:57 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/05/15 12:57:34 | 000,049,664 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\Wedding Signs.pub
[2011/05/15 00:38:58 | 000,079,872 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/15 00:30:38 | 000,000,306 | ---- | M] () -- C:\WINDOWS\Gbridge.INI
[2011/05/09 23:39:00 | 000,001,757 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\DivX Plus Converter.lnk
[2011/05/09 23:39:00 | 000,001,469 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\DivX Movies.lnk
[2011/05/09 14:46:59 | 021,953,536 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\Table Numbers 2.pub
[2011/05/09 14:13:05 | 000,046,592 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\Weekend Itinerary.pub
[2011/05/09 14:12:53 | 000,089,600 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\Favor Labels.pub
[2011/05/09 08:11:49 | 000,045,568 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\Bus Schedule.pub
[2011/05/08 23:52:18 | 000,002,048 | -H-- | M] () -- C:\Documents and Settings\Owner\My Documents\Default.rdp
[2011/05/07 16:11:02 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/05/05 09:43:15 | 000,000,739 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Sub Sidekick.lnk
[2011/05/05 09:43:15 | 000,000,727 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Sub Sidekick.lnk
[2011/05/05 09:40:03 | 022,253,776 | ---- | M] (Sub Sidekick) -- C:\Documents and Settings\Owner\Desktop\SubSidekickInstaller.exe
[2011/04/30 19:28:34 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2011/04/26 20:55:29 | 001,100,800 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\Hot Spots.pub
[2011/04/25 19:33:52 | 001,704,448 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\Getting Around the World.pub
[2011/04/25 18:47:31 | 000,944,640 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\Beyond the Parks.pub
[2011/04/25 18:12:55 | 000,046,080 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\Welcome Letter.pub
[2011/04/24 23:00:45 | 000,013,028 | -HS- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\6go3ux61o681d7ae7wey20cj3e7i4jsiihv7eb12f3u6q8v
[2011/04/24 23:00:45 | 000,013,028 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\6go3ux61o681d7ae7wey20cj3e7i4jsiihv7eb12f3u6q8v
[2011/04/19 22:49:03 | 000,000,719 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2011/04/16 20:51:51 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/04/16 20:44:52 | 000,001,134 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\FixNCR.reg
[2011/04/16 20:28:50 | 000,013,520 | -HS- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\els427htvirr14cj2377x148y7yrk
[2011/04/16 20:28:50 | 000,013,520 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\els427htvirr14cj2377x148y7yrk
[2011/04/16 20:27:17 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2011/04/16 19:42:16 | 000,002,198 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2011/04/16 03:01:50 | 000,466,666 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/04/16 03:01:50 | 000,080,356 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/05/05 09:43:15 | 000,000,739 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Sub Sidekick.lnk
[2011/05/05 09:43:15 | 000,000,727 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Sub Sidekick.lnk
[2011/04/25 20:50:06 | 000,046,592 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\Weekend Itinerary.pub
[2011/04/24 18:41:23 | 000,013,028 | -HS- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\6go3ux61o681d7ae7wey20cj3e7i4jsiihv7eb12f3u6q8v
[2011/04/24 18:41:23 | 000,013,028 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\6go3ux61o681d7ae7wey20cj3e7i4jsiihv7eb12f3u6q8v
[2011/04/19 22:49:03 | 000,000,719 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2011/04/16 20:51:51 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/04/16 20:48:16 | 000,001,134 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\FixNCR.reg
[2011/04/16 19:40:12 | 000,000,424 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011/04/16 19:40:06 | 000,002,198 | ---- | C] () -- C:\WINDOWS\epplauncher.mif
[2011/04/16 14:15:54 | 000,013,520 | -HS- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\els427htvirr14cj2377x148y7yrk
[2011/04/16 14:15:54 | 000,013,520 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\els427htvirr14cj2377x148y7yrk
[2011/04/05 15:55:15 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/02/12 00:28:39 | 000,000,306 | ---- | C] () -- C:\WINDOWS\Gbridge.INI
[2011/01/31 16:06:20 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010/12/29 12:28:21 | 000,130,496 | ---- | C] () -- C:\WINDOWS\HPHins13.dat
[2010/12/29 12:28:21 | 000,002,977 | ---- | C] () -- C:\WINDOWS\hphmdl13.dat
[2010/12/28 00:42:46 | 000,079,872 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/12/27 19:24:25 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/11/29 16:16:24 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2010/11/29 15:48:36 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\default_user_class.dat
[2010/11/29 13:09:00 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2010/11/29 12:32:09 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/11/29 12:13:24 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/11/29 12:12:29 | 000,052,836 | ---- | C] () -- C:\WINDOWS\System32\zlib1.dll
[2010/11/29 12:12:18 | 000,162,304 | ---- | C] () -- C:\WINDOWS\System32\libpng13.dll
[2010/11/29 12:08:45 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2010/11/29 12:08:44 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2010/11/29 12:08:44 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2010/11/29 12:08:44 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2010/11/29 12:08:43 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2010/11/29 06:07:13 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2010/11/29 05:56:50 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010/11/29 05:46:27 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2010/11/29 05:46:27 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2010/11/29 05:46:27 | 000,114,630 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2010/11/29 05:42:19 | 000,215,264 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/07/16 14:23:50 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2008/04/14 05:55:28 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2004/08/04 08:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/04 08:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/04 08:00:00 | 000,466,666 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/04 08:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/04 08:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/04 08:00:00 | 000,080,356 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/04 08:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/04 08:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/04 08:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/04 08:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2003/01/07 16:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

========== LOP Check ==========

[2011/01/31 15:08:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011/05/14 23:29:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\.purple
[2011/05/15 18:31:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\BitTorrent
[2010/12/28 11:54:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Gbridge
[2010/12/28 00:07:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Local
[2010/12/29 17:43:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\OpenOffice.org
[2010/11/29 13:02:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Windows Desktop Search
[2011/01/17 18:01:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Windows Search
[2011/05/15 13:46:25 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job

========== Purity Check ==========



< End of report >
  • 0

Advertisements

#2
Salagubang
Posted 22 May 2011 - 01:16 AM

Salagubang

    Trusted Helper

  • Malware Removal
  • 3,891 posts
Hi jds2207,

My name is Salagubang and welcome to GeekstoGo. :)

Sorry for the delay. Can you please update me how is the computer running now?
  • 0

#3
Salagubang
Posted 28 May 2011 - 08:05 AM

Salagubang

    Trusted Helper

  • Malware Removal
  • 3,891 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP