Symptoms are a fake alert that warns my system is being attached,a screen pops up and begins to run a scan that immeidiatly identifies numerous viruses and other maladies.I cannot run McAffe's total protection scan or access the internet
I have 4 profiles in this computer and it began in the administrator account, a second accounts worked well for a couple of days but now I cannot access the internet on it as well. I'm currently working of our guest account.
Please help, I cannot afford another 89+ tax, I will follow all your instructions with great detail.
Here's the OLT reading:
TL logfile created on: 5/26/2011 11:17:13 AM - Run 1
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\Guest\Downloads
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.87 Gb Total Physical Memory | 1.51 Gb Available Physical Memory | 52.52% Memory free
5.75 Gb Paging File | 4.18 Gb Available in Paging File | 72.69% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 286.46 Gb Total Space | 175.65 Gb Free Space | 61.32% Space Free | Partition Type: NTFS
Drive D: | 11.63 Gb Total Space | 1.59 Gb Free Space | 13.63% Space Free | Partition Type: NTFS
Computer Name: TROELSTRUPPC | User Name: Guest | NOT logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/05/26 11:16:10 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Guest\Downloads\OTL.exe
PRC - [2011/05/01 08:13:28 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/04/05 11:50:44 | 001,195,408 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2011/02/26 00:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/12/15 11:20:54 | 000,223,400 | ---- | M] (Visicom Media Inc. (Powered by Panda Security)) -- C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe
PRC - [2010/11/11 13:55:46 | 000,159,472 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Zune\ZuneLauncher.exe
PRC - [2010/07/19 11:33:58 | 000,606,216 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfeeMOBK\WrapperTrayIcon.exe
PRC - [2010/01/15 07:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009/07/13 20:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/07/13 20:14:41 | 000,354,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\StikyNot.exe
PRC - [2008/09/30 16:06:50 | 000,485,208 | ---- | M] (Nikon Corporation) -- C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
PRC - [2007/04/29 22:57:42 | 000,103,344 | ---- | M] (Lexmark International Inc.) -- C:\Program Files\Lexmark 2300 Series\ezprint.exe
PRC - [2007/04/29 22:55:32 | 000,205,744 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files\Lexmark 2300 Series\lxcgmon.exe
========== Modules (SafeList) ==========
MOD - [2011/05/26 11:16:10 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Guest\Downloads\OTL.exe
MOD - [2011/05/12 03:02:13 | 000,653,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.5570_none_509463cabcb6ef2a\msvcr90.dll
MOD - [2011/05/12 03:02:13 | 000,569,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.5570_none_509463cabcb6ef2a\msvcp90.dll
MOD - [2011/04/15 19:33:08 | 000,043,520 | ---- | M] (RealNetworks, Inc.) -- C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchrome10browserrecordhelper.dll
MOD - [2011/04/08 16:56:28 | 000,018,176 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\SiteAdvisor\sahook.dll
MOD - [2010/12/15 11:20:56 | 000,383,656 | ---- | M] (Visicom Media Inc. (Powered by Panda Security)) -- C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.dll
MOD - [2010/08/21 00:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
========== Win32 Services (SafeList) ==========
========== Driver Services (SafeList) ==========
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A0 C9 D6 7E DA 1A CC 01 [binary data]
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3
FF - HKLM\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2010/10/27 03:06:51 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/04/15 19:33:10 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2011/05/25 07:30:15 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/05/09 15:53:55 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/19 20:43:40 | 000,000,000 | ---D | M]
[2011/01/17 19:17:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Guest\AppData\Roaming\Mozilla\Extensions
[2011/01/17 19:17:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\rwsaxmjo.default\extensions
[2011/04/19 19:38:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/12/17 06:17:44 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
File not found (No name found) --
[2011/05/25 07:30:15 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES\MCAFEE\SITEADVISOR
[2011/04/15 19:33:10 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT
[2011/05/01 08:13:28 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2011/04/14 14:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Mozilla Firefox\components\Scriptff.dll
[2010/11/12 19:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/01/01 03:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml
[2010/11/20 22:38:50 | 000,002,024 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\McSiteAdvisor.xml
O1 HOSTS File: ([2009/06/10 16:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\McAfee\MSK\mskapbho.dll ()
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\Mcafee\SystemCore\ScriptSn.20110509155355.dll (McAfee, Inc.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers Client\YontooIEClient.dll (Yontoo Technology, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - No CLSID value found.
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Anti-phishing Domain Advisor] C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe (Visicom Media Inc. (Powered by Panda Security))
O4 - HKLM..\Run: [EzPrint] C:\Program Files\Lexmark 2300 Series\ezprint.exe (Lexmark International Inc.)
O4 - HKLM..\Run: [LXCGCATS] C:\Windows\System32\spool\DRIVERS\W32X86\3\LXCGtime.DLL ()
O4 - HKLM..\Run: [lxcgmon.exe] C:\Program Files\Lexmark 2300 Series\lxcgmon.exe (Lexmark International, Inc.)
O4 - HKLM..\Run: [McAfeeWrapperApplication] C:\Program Files\McAfeeMOBK\WrapperTrayIcon.exe (McAfee, Inc.)
O4 - HKLM..\Run: [McPvTray] File not found
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [Nikon Transfer Monitor] C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe (Nikon Corporation)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [Zune Launcher] C:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
O4 - HKCU..\Run: [swg] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} http://ak.exe.imgfar...etup1.0.1.1.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx2.hotmail....NPUplden-us.cab (Windows Live Hotmail Photo Upload Tool)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.254.254 192.168.254.254
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 16:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKCU\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/05/26 05:24:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2011/05/25 14:56:36 | 003,350,512 | ---- | C] (McAfee, Inc.) -- C:\Users\Guest\Desktop\SecurityScan_Release.exe
[2011/05/25 14:42:48 | 007,267,847 | ---- | C] (McAfee Inc.) -- C:\Users\Guest\Desktop\stinger10101619.exe
[2011/05/25 13:21:56 | 000,000,000 | ---D | C] -- C:\Users\Guest\AppData\Local\Citrix
[2011/05/25 13:21:22 | 000,000,000 | ---D | C] -- C:\Users\Guest\AppData\Local\Deployment
[2011/05/25 13:21:22 | 000,000,000 | ---D | C] -- C:\Users\Guest\AppData\Local\Apps
[2011/05/25 07:48:52 | 000,026,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys
[2011/05/23 16:42:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2011/05/23 16:42:52 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2011/05/11 18:45:49 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\poqexec.exe
[2011/05/11 06:23:26 | 000,284,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2011/05/11 06:23:25 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys
[2011/05/11 06:23:20 | 003,957,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2011/05/11 06:23:19 | 003,901,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2011/05/02 17:34:22 | 000,000,000 | ---D | C] -- C:\Program Files\DRPU Barcode Label Maker (Professional)
[2011/05/02 17:14:01 | 000,415,176 | ---- | C] (Microsoft Corporation ) -- C:\Windows\System32\COMCT332.OCX
[2011/05/02 17:14:01 | 000,209,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tabctl32.ocx
[2011/05/02 17:14:01 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.ocx
[2011/05/02 17:14:01 | 000,000,000 | ---D | C] -- C:\Program Files\Naxter
[2011/04/29 18:19:55 | 000,000,000 | ---D | C] -- C:\ProgramData\NCH Swift Sound
[2011/04/29 18:19:35 | 000,000,000 | ---D | C] -- C:\Program Files\NCH Swift Sound
[2011/04/29 18:14:34 | 000,028,776 | ---- | C] (TuneClone Software) -- C:\Windows\System32\drivers\tclondrv.sys
[2011/04/29 18:14:33 | 000,000,000 | ---D | C] -- C:\Program Files\TuneClone
[2011/04/28 22:27:24 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2011/04/28 17:58:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zune
[2011/04/28 17:58:12 | 000,000,000 | ---D | C] -- C:\Program Files\Zune
[2011/04/28 17:56:40 | 000,547,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2011/04/27 09:38:15 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prevhost.exe
[2011/04/27 09:38:04 | 001,686,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\esent.dll
[2011/04/27 09:38:03 | 000,146,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\storport.sys
[2011/04/27 09:38:03 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fsutil.exe
[2011/04/27 09:37:41 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2011/04/27 09:37:36 | 002,614,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2010/10/02 10:45:52 | 000,995,328 | ---- | C] ( ) -- C:\Windows\System32\lxcgusb1.dll
[2010/10/02 10:45:52 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\lxcginpa.dll
[2010/10/02 10:45:52 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\lxcgiesc.dll
[2010/10/02 10:45:52 | 000,323,584 | ---- | C] ( ) -- C:\Windows\System32\lxcghcp.dll
[2010/10/02 10:45:51 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\lxcgserv.dll
[2010/10/02 10:45:51 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\lxcgpmui.dll
[2010/10/02 10:45:51 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\lxcglmpm.dll
[2010/10/02 10:45:51 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\lxcgprox.dll
[2010/10/02 10:45:51 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\lxcgpplc.dll
[2010/10/02 10:45:50 | 000,696,320 | ---- | C] ( ) -- C:\Windows\System32\lxcghbn3.dll
[2010/10/02 10:45:50 | 000,385,968 | ---- | C] ( ) -- C:\Windows\System32\lxcgih.exe
[2010/10/02 10:45:49 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\lxcgcomc.dll
[2010/10/02 10:45:49 | 000,537,520 | ---- | C] ( ) -- C:\Windows\System32\lxcgcoms.exe
[2010/10/02 10:45:49 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\lxcgcomm.dll
[2010/10/02 10:45:49 | 000,381,872 | ---- | C] ( ) -- C:\Windows\System32\lxcgcfg.exe
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/05/26 11:02:00 | 000,014,816 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/05/26 11:02:00 | 000,014,816 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/05/26 05:24:35 | 000,001,749 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Total Protection.lnk
[2011/05/26 05:22:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/05/26 05:22:01 | 2314,117,120 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/25 22:57:37 | 000,008,618 | -HS- | M] () -- C:\ProgramData\t2342bpnbb47w8
[2011/05/25 19:55:25 | 000,000,012 | ---- | M] () -- C:\Users\Guest\Desktop\stinger10101619.opt
[2011/05/25 14:57:19 | 003,350,512 | ---- | M] (McAfee, Inc.) -- C:\Users\Guest\Desktop\SecurityScan_Release.exe
[2011/05/25 14:50:38 | 000,668,792 | ---- | M] () -- C:\Users\Guest\Desktop\bremove.exe
[2011/05/25 14:45:41 | 000,669,304 | ---- | M] () -- C:\Users\Guest\Desktop\kremove.exe
[2011/05/25 14:43:53 | 007,267,847 | ---- | M] (McAfee Inc.) -- C:\Users\Guest\Desktop\stinger10101619.exe
[2011/05/25 13:21:55 | 000,103,784 | ---- | M] () -- C:\Users\Guest\GoToAssistDownloadHelper.exe
[2011/05/25 08:09:26 | 000,093,149 | ---- | M] () -- C:\Users\Guest\Desktop\APPLICATION marshall.pdf
[2011/05/25 07:45:58 | 000,002,017 | ---- | M] () -- C:\Users\Public\Desktop\Configure McAfee Online Backup Service.lnk
[2011/05/23 16:42:57 | 000,001,967 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/05/23 16:42:27 | 000,623,940 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/05/23 16:42:27 | 000,106,316 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/05/22 12:10:59 | 000,130,552 | -H-- | M] () -- C:\Windows\System32\mlfcache.dat
[2011/05/21 08:50:25 | 000,007,996 | -HS- | M] () -- C:\ProgramData\605mcc14d74nw837
[2011/04/28 17:58:50 | 000,000,929 | ---- | M] () -- C:\Users\Public\Desktop\Zune.lnk
[2011/04/28 09:00:00 | 000,028,776 | ---- | M] (TuneClone Software) -- C:\Windows\System32\drivers\tclondrv.sys
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/05/25 19:55:25 | 000,000,012 | ---- | C] () -- C:\Users\Guest\Desktop\stinger10101619.opt
[2011/05/25 14:50:33 | 000,668,792 | ---- | C] () -- C:\Users\Guest\Desktop\bremove.exe
[2011/05/25 14:45:34 | 000,669,304 | ---- | C] () -- C:\Users\Guest\Desktop\kremove.exe
[2011/05/25 13:21:52 | 000,103,784 | ---- | C] () -- C:\Users\Guest\GoToAssistDownloadHelper.exe
[2011/05/25 08:09:25 | 000,093,149 | ---- | C] () -- C:\Users\Guest\Desktop\APPLICATION marshall.pdf
[2011/05/25 07:45:58 | 000,002,017 | ---- | C] () -- C:\Users\Public\Desktop\Configure McAfee Online Backup Service.lnk
[2011/05/24 22:17:50 | 000,008,618 | -HS- | C] () -- C:\ProgramData\t2342bpnbb47w8
[2011/05/23 16:42:57 | 000,001,967 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/05/22 12:10:59 | 000,130,552 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2011/05/20 10:02:57 | 000,007,996 | -HS- | C] () -- C:\ProgramData\605mcc14d74nw837
[2011/04/28 17:58:50 | 000,000,929 | ---- | C] () -- C:\Users\Public\Desktop\Zune.lnk
[2011/04/24 10:27:35 | 000,008,634 | -HS- | C] () -- C:\Users\Guest\AppData\Local\p035dbpjt3svb8585w6y4q3422bq336n0wyhmjh
[2011/04/24 10:27:35 | 000,008,634 | -HS- | C] () -- C:\ProgramData\p035dbpjt3svb8585w6y4q3422bq336n0wyhmjh
[2011/04/23 15:24:40 | 000,007,468 | -HS- | C] () -- C:\ProgramData\o0sd122fjvcq817q7r722h74dfs2m7kd5d185pd472
[2011/04/19 15:47:44 | 000,010,654 | -HS- | C] () -- C:\ProgramData\kb3d4720c61k408a38l6xyp5885epa3y3yi
[2010/10/31 17:17:08 | 000,000,000 | ---- | C] () -- C:\Windows\GStar.INI
[2010/10/02 10:45:52 | 000,274,432 | ---- | C] () -- C:\Windows\System32\lxcginst.dll
[2010/03/12 20:14:49 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/02/23 23:22:20 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Digital Basic
[2010/02/23 23:22:20 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLdw.DAT
[2010/02/23 23:17:33 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Dialogs
[2010/02/23 23:17:33 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLdu.DAT
[2009/08/03 16:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 16:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009/07/13 23:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 23:33:53 | 000,313,832 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/13 21:05:48 | 000,623,940 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/13 21:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/13 21:05:48 | 000,106,316 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/13 21:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/13 21:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/13 21:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/13 18:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 18:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/06/10 16:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2007/02/22 18:32:00 | 000,344,064 | ---- | C] () -- C:\Windows\System32\lxcgcoin.dll
[2005/08/18 06:26:46 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxcgvs.dll
[2005/03/13 14:32:14 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxcgcnv4.dll
[1999/02/22 18:27:36 | 000,280,064 | ---- | C] () -- C:\Windows\System32\Cncs232.dll
========== Alternate Data Streams ==========
@Alternate Data Stream - 153 bytes -> C:\ProgramData\TEMP:41C283B2
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:DFC5A2B2
< End of report >