Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

explorer.exe © logan estudos Operating System ?

Started by babydollstar , Jun 02 2011 08:44 PM

  • Please log in to reply

#1
babydollstar
Posted 02 June 2011 - 08:44 PM

babydollstar

    New Member

  • Member
  • Pip
  • 1 posts
Help. I have something running as explorer.exe but its not. Came from a keygen a friend ran. I know its a virus. I ran windows in safe mode and deleted the file and its folder (spynet). It seems to have went away...but im not sure. Also see if there is anything else wrong? Here is the scan log from OT. Thanks!!

OTL logfile created on: 6/2/2011 9:38:58 PM - Run 1
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\Babydoll\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.94 Gb Total Physical Memory | 1.06 Gb Available Physical Memory | 54.67% Memory free
3.87 Gb Paging File | 2.85 Gb Available in Paging File | 73.62% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 233.66 Gb Total Space | 177.68 Gb Free Space | 76.04% Space Free | Partition Type: NTFS
Drive D: | 176.78 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: BABYDOLLSPC | User Name: Babydoll | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/06/02 21:38:30 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Babydoll\Desktop\OTL.exe
PRC - [2011/05/13 08:35:15 | 000,307,376 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011/01/07 22:06:12 | 000,803,432 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
PRC - [2011/01/07 20:48:56 | 000,378,984 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010/11/20 07:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2007/06/05 13:20:32 | 000,177,704 | ---- | M] () -- C:\Windows\System32\PSIService.exe


========== Modules (SafeList) ==========

MOD - [2011/06/02 21:38:30 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Babydoll\Desktop\OTL.exe
MOD - [2010/11/20 06:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/02/06 22:15:55 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2011/01/07 20:48:56 | 000,378,984 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/07/13 20:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 20:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/06/05 13:20:32 | 000,177,704 | ---- | M] () [Auto | Running] -- C:\Windows\System32\PSIService.exe -- (ProtexisLicensing)


========== Driver Services (SafeList) ==========

DRV - [2011/02/23 08:27:00 | 010,468,360 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2011/02/05 12:53:35 | 000,464,384 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netr73.sys -- (netr73)
DRV - [2010/11/20 05:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 04:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009/07/13 18:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\serial.sys -- (Serial)
DRV - [2009/07/13 17:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD)
DRV - [2007/10/02 04:06:40 | 000,451,968 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rt73.sys -- (RT73)
DRV - [2007/03/15 09:56:52 | 000,627,840 | ---- | M] (VIA - IC Ensemble, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Envy24HF.sys -- (Envy24HFS)
DRV - [2004/08/13 10:56:20 | 000,005,810 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 91 8D 1B 71 5E C5 CB 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: [email protected]:3.3.5
FF - prefs.js..extensions.enabledItems: {786ed4c5-a408-4066-ad19-9270ba42e4f3}:1.8.71

FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.10\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011/05/01 16:39:34 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.10\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins

[2011/04/24 15:22:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Babydoll\AppData\Roaming\Mozilla\Extensions
[2011/04/24 15:22:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Babydoll\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011/04/25 12:11:26 | 000,000,000 | ---D | M] (ThunderBrowse) -- C:\USERS\BABYDOLL\APPDATA\ROAMING\THUNDERBIRD\PROFILES\XRJD1T6E.DEFAULT\EXTENSIONS\[email protected]

O1 HOSTS File: ([2009/06/10 16:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O4 - HKLM..\Run: [F5D7050v3] C:\Program Files\Belkin\F5D7050v3\Belkinwcui.exe (Belkin)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll (Google Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 16:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2006/04/29 10:51:26 | 000,000,044 | R--- | M] () - D:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{214f02cb-3160-11e0-bcaa-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{214f02cb-3160-11e0-bcaa-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Setup.exe -- [2008/04/29 16:57:07 | 005,214,208 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/06/02 21:38:30 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Users\Babydoll\Desktop\OTL.exe
[2011/06/02 16:04:05 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Toolbar
[2011/05/24 23:09:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Super nude patch 3
[2011/05/24 22:33:49 | 000,000,000 | ---D | C] -- C:\Users\Babydoll\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Super nude patch 3
[2011/05/24 22:33:47 | 000,000,000 | ---D | C] -- C:\Windows\Super nude patch 3
[2011/05/24 20:28:25 | 000,000,000 | ---D | C] -- C:\Users\Babydoll\Desktop\Sims 2 stuff
[2011/05/24 19:37:51 | 000,000,000 | ---D | C] -- C:\Users\Babydoll\Desktop\World Adventures
[2011/05/19 21:35:05 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
[2011/05/19 21:21:02 | 000,000,000 | ---D | C] -- C:\Users\Babydoll\Desktop\Webwoosite
[2011/05/19 21:10:58 | 000,000,000 | ---D | C] -- C:\Users\Babydoll\New folder
[2011/05/19 21:09:52 | 000,000,000 | ---D | C] -- C:\Users\Babydoll\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2011/05/19 21:09:49 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe Download Assistant
[2011/05/18 08:46:00 | 000,000,000 | ---D | C] -- C:\Users\Babydoll\AppData\Local\Ibibi_HB
[2011/05/18 08:45:59 | 000,000,000 | ---D | C] -- C:\Users\Babydoll\AppData\Roaming\TSRWorkshop
[2011/05/18 08:45:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TSR Workshop
[2011/05/15 07:40:49 | 000,000,000 | ---D | C] -- C:\Users\Babydoll\Desktop\Downloadssss
[2011/05/11 14:25:15 | 000,000,000 | ---D | C] -- C:\Program Files\The Sims Resource
[2011/05/08 14:44:55 | 000,000,000 | ---D | C] -- C:\Users\Babydoll\AppData\Local\IsolatedStorage
[2004/11/16 18:29:28 | 000,254,000 | ---- | C] ( ) -- C:\Windows\System32\Audio3D.dll
[2004/11/16 18:29:28 | 000,254,000 | ---- | C] ( ) -- C:\Windows\System32\A3D.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/06/02 21:38:30 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Babydoll\Desktop\OTL.exe
[2011/06/02 21:35:53 | 000,014,832 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/06/02 21:35:53 | 000,014,832 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/06/02 21:33:08 | 000,623,940 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/06/02 21:33:08 | 000,106,316 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/06/02 21:28:50 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/06/02 21:28:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/06/02 21:28:36 | 1559,781,376 | -HS- | M] () -- C:\hiberfil.sys
[2011/06/02 21:24:44 | 000,006,232 | -H-- | M] () -- C:\Users\Babydoll\AppData\Roaming\logs.dat
[2011/06/02 21:19:00 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/06/02 21:12:47 | 003,647,968 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/06/02 19:08:26 | 000,002,068 | ---- | M] () -- C:\Users\Public\Desktop\The Sims™ 3.lnk
[2011/06/02 17:56:56 | 000,001,101 | ---- | M] () -- C:\Users\Public\Desktop\EA Download Manager.lnk
[2011/06/02 16:23:53 | 000,058,158 | ---- | M] () -- C:\Users\Babydoll\AppData\Roaming\SQLite3.dll
[2011/06/02 14:04:02 | 000,059,285 | ---- | M] () -- C:\Users\Babydoll\Desktop\scones.odt
[2011/06/02 13:17:16 | 000,109,254 | ---- | M] () -- C:\Users\Babydoll\Desktop\3.jpg
[2011/06/02 13:16:21 | 000,086,223 | ---- | M] () -- C:\Users\Babydoll\Desktop\2.jpg
[2011/06/02 13:16:11 | 000,075,002 | ---- | M] () -- C:\Users\Babydoll\Desktop\1.jpg
[2011/05/31 18:52:46 | 110,753,579 | ---- | M] () -- C:\Users\Babydoll\Desktop\The Notebook.Sims3Pack
[2011/05/31 03:05:40 | 000,030,150 | ---- | M] () -- C:\Users\Babydoll\Documents\DarkAgesGame.odt
[2011/05/26 13:39:24 | 177,503,886 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/05/24 15:48:53 | 001,876,770 | ---- | M] () -- C:\Users\Babydoll\Documents\Femcuppycakewrappers.jpg
[2011/05/24 15:48:38 | 015,216,244 | ---- | M] () -- C:\Users\Babydoll\Documents\Femcuppycakewrappers.psd
[2011/05/24 15:33:26 | 000,588,166 | ---- | M] () -- C:\Users\Babydoll\Documents\rosesprig.jpg
[2011/05/24 15:02:41 | 000,085,096 | ---- | M] () -- C:\Users\Babydoll\Documents\Gift%20voucher%20banner.jpg
[2011/05/24 15:01:24 | 000,054,217 | ---- | M] () -- C:\Users\Babydoll\Documents\CR%20SS11.jpg
[2011/05/24 15:00:50 | 000,009,710 | ---- | M] () -- C:\Users\Babydoll\Documents\288958.jpg
[2011/05/24 15:00:49 | 000,082,735 | ---- | M] () -- C:\Users\Babydoll\Documents\Button%20rose.jpg
[2011/05/24 15:00:32 | 000,084,953 | ---- | M] () -- C:\Users\Babydoll\Documents\Briar%20Rose.jpg
[2011/05/24 14:58:31 | 000,113,881 | ---- | M] () -- C:\Users\Babydoll\Documents\Cowboy.jpg
[2011/05/24 13:44:52 | 013,176,484 | ---- | M] () -- C:\Users\Babydoll\Documents\CupcakeWrappers1.psd
[2011/05/24 13:44:33 | 001,721,611 | ---- | M] () -- C:\Users\Babydoll\Documents\cuppycakewrappers.jpg
[2011/05/24 13:07:09 | 000,176,742 | ---- | M] () -- C:\Users\Babydoll\Documents\239271.jpg
[2011/05/24 13:06:31 | 000,021,648 | ---- | M] () -- C:\Users\Babydoll\Documents\255127.jpg
[2011/05/24 13:05:36 | 000,013,934 | ---- | M] () -- C:\Users\Babydoll\Documents\302883.jpg
[2011/05/23 14:08:08 | 000,014,539 | ---- | M] () -- C:\Users\Babydoll\Desktop\Springy Mint Green Stripes.Sims3Pack
[2011/05/23 10:51:46 | 000,007,600 | ---- | M] () -- C:\Users\Babydoll\AppData\Local\Resmon.ResmonCfg
[2011/05/20 10:51:54 | 000,096,821 | ---- | M] () -- C:\Users\Babydoll\background2.jpg
[2011/05/19 22:28:57 | 000,202,498 | ---- | M] () -- C:\Users\Babydoll\Desktop\cookeee.jpg
[2011/05/17 22:13:32 | 000,077,009 | ---- | M] () -- C:\Users\Babydoll\background.jpg
[2011/05/17 09:44:10 | 000,096,630 | ---- | M] () -- C:\Users\Babydoll\Desktop\tumblr_ll9fumt5eB1qgzy04o1_500.jpg
[2011/05/17 07:44:22 | 001,497,935 | ---- | M] () -- C:\Users\Babydoll\Desktop\paleo-recipe-book-preview.pdf
[2011/05/09 13:59:21 | 000,005,642 | -HS- | M] () -- C:\Windows\System32\KGyGaAvL.sys
[2011/05/09 13:59:21 | 000,000,088 | RHS- | M] () -- C:\Windows\System32\C0E78F9C31.sys
[2011/05/07 17:32:08 | 000,001,799 | ---- | M] () -- C:\Users\Babydoll\Desktop\S3Launcher.exe - Shortcut.lnk
[2011/05/07 09:08:12 | 000,014,065 | ---- | M] () -- C:\Users\Babydoll\Documents\girlinhercar.gif
[2011/05/07 08:29:24 | 000,311,343 | ---- | M] () -- C:\Users\Babydoll\Documents\car.jpg
[2011/05/06 13:47:36 | 000,039,924 | ---- | M] () -- C:\Users\Babydoll\Documents\card2.gif
[2011/05/06 13:25:17 | 000,007,636 | ---- | M] () -- C:\Users\Babydoll\Documents\734994861_1741880.gif
[2011/05/06 13:14:57 | 000,001,305 | ---- | M] () -- C:\Users\Babydoll\Documents\me.gif
[2011/05/06 13:07:42 | 000,027,869 | ---- | M] () -- C:\Users\Babydoll\Documents\card.jpg
[2011/05/06 12:35:15 | 000,025,520 | ---- | M] () -- C:\Users\Babydoll\Documents\417s9FW8mRL.jpg
[2011/05/06 12:29:05 | 000,337,224 | ---- | M] () -- C:\Users\Babydoll\Documents\mg188d234.jpg
[2011/05/06 11:29:28 | 000,005,690 | ---- | M] () -- C:\Users\Babydoll\Documents\bow.jpg
[2011/05/06 11:21:15 | 000,091,284 | ---- | M] () -- C:\Users\Babydoll\Documents\fabric.jpg
[2011/05/06 10:55:51 | 000,000,043 | ---- | M] () -- C:\Users\Babydoll\Documents\spaceball.gif
[2011/05/06 09:21:23 | 000,030,600 | ---- | M] () -- C:\Users\Babydoll\Documents\4732.jpg
[2011/05/06 09:21:11 | 000,092,315 | ---- | M] () -- C:\Users\Babydoll\Documents\Bow%20and%20Polka%20Dots%20-%20Pink%20White2_lrg.jpg
[2011/05/05 10:20:53 | 000,026,953 | ---- | M] () -- C:\Users\Babydoll\Documents\2 (3).jpg
[2011/05/05 10:09:16 | 000,033,687 | ---- | M] () -- C:\Users\Babydoll\Documents\1 (3).jpg
[2011/05/04 08:46:42 | 000,051,330 | ---- | M] () -- C:\Users\Babydoll\Documents\almondbutter.odt
[2011/05/04 08:41:57 | 000,016,385 | ---- | M] () -- C:\Users\Babydoll\Documents\fishsticks.odt
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/06/02 19:08:26 | 000,002,068 | ---- | C] () -- C:\Users\Public\Desktop\The Sims™ 3.lnk
[2011/06/02 17:56:56 | 000,001,101 | ---- | C] () -- C:\Users\Public\Desktop\EA Download Manager.lnk
[2011/06/02 16:23:53 | 000,058,158 | ---- | C] () -- C:\Users\Babydoll\AppData\Roaming\SQLite3.dll
[2011/06/02 13:17:21 | 000,109,254 | ---- | C] () -- C:\Users\Babydoll\Desktop\3.jpg
[2011/06/02 13:17:07 | 000,086,223 | ---- | C] () -- C:\Users\Babydoll\Desktop\2.jpg
[2011/06/02 13:16:56 | 000,059,285 | ---- | C] () -- C:\Users\Babydoll\Desktop\scones.odt
[2011/06/02 13:16:17 | 000,075,002 | ---- | C] () -- C:\Users\Babydoll\Desktop\1.jpg
[2011/05/31 23:50:32 | 110,753,579 | ---- | C] () -- C:\Users\Babydoll\Desktop\The Notebook.Sims3Pack
[2011/05/31 23:50:29 | 002,387,097 | ---- | C] () -- C:\Users\Babydoll\Desktop\Wisteria Lane 001_no sims.Sims3Pack
[2011/05/30 21:41:38 | 000,030,150 | ---- | C] () -- C:\Users\Babydoll\Documents\DarkAgesGame.odt
[2011/05/27 14:39:13 | 026,188,052 | ---- | C] () -- C:\Users\Babydoll\Desktop\The Shabby Chic cottage4.Sims3Pack
[2011/05/24 15:48:50 | 001,876,770 | ---- | C] () -- C:\Users\Babydoll\Documents\Femcuppycakewrappers.jpg
[2011/05/24 15:48:35 | 015,216,244 | ---- | C] () -- C:\Users\Babydoll\Documents\Femcuppycakewrappers.psd
[2011/05/24 15:33:39 | 000,588,166 | ---- | C] () -- C:\Users\Babydoll\Documents\rosesprig.jpg
[2011/05/24 15:02:46 | 000,085,096 | ---- | C] () -- C:\Users\Babydoll\Documents\Gift%20voucher%20banner.jpg
[2011/05/24 15:01:33 | 000,054,217 | ---- | C] () -- C:\Users\Babydoll\Documents\CR%20SS11.jpg
[2011/05/24 15:01:10 | 000,009,710 | ---- | C] () -- C:\Users\Babydoll\Documents\288958.jpg
[2011/05/24 15:00:52 | 000,082,735 | ---- | C] () -- C:\Users\Babydoll\Documents\Button%20rose.jpg
[2011/05/24 15:00:47 | 000,084,953 | ---- | C] () -- C:\Users\Babydoll\Documents\Briar%20Rose.jpg
[2011/05/24 15:00:42 | 000,113,881 | ---- | C] () -- C:\Users\Babydoll\Documents\Cowboy.jpg
[2011/05/24 13:44:50 | 013,176,484 | ---- | C] () -- C:\Users\Babydoll\Documents\CupcakeWrappers1.psd
[2011/05/24 13:44:30 | 001,721,611 | ---- | C] () -- C:\Users\Babydoll\Documents\cuppycakewrappers.jpg
[2011/05/24 13:06:35 | 000,021,648 | ---- | C] () -- C:\Users\Babydoll\Documents\255127.jpg
[2011/05/24 13:06:14 | 000,176,742 | ---- | C] () -- C:\Users\Babydoll\Documents\239271.jpg
[2011/05/24 13:05:48 | 000,013,934 | ---- | C] () -- C:\Users\Babydoll\Documents\302883.jpg
[2011/05/23 14:08:01 | 000,014,539 | ---- | C] () -- C:\Users\Babydoll\Desktop\Springy Mint Green Stripes.Sims3Pack
[2011/05/23 10:51:46 | 000,007,600 | ---- | C] () -- C:\Users\Babydoll\AppData\Local\Resmon.ResmonCfg
[2011/05/20 10:51:53 | 000,096,821 | ---- | C] () -- C:\Users\Babydoll\background2.jpg
[2011/05/20 10:15:39 | 000,003,169 | ---- | C] () -- C:\Users\Babydoll\Desktop\Dark Vintage Action.atn
[2011/05/20 10:15:39 | 000,001,719 | ---- | C] () -- C:\Users\Babydoll\Desktop\Light Vinage Action.atn
[2011/05/19 22:29:24 | 000,202,498 | ---- | C] () -- C:\Users\Babydoll\Desktop\cookeee.jpg
[2011/05/19 21:34:49 | 000,001,181 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5.1.lnk
[2011/05/19 21:32:49 | 000,001,143 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS5.1.lnk
[2011/05/19 21:32:24 | 000,001,236 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS5.5.lnk
[2011/05/19 21:31:10 | 000,001,337 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS5.5.lnk
[2011/05/19 21:30:45 | 000,001,509 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.5.lnk
[2011/05/19 21:30:10 | 000,000,967 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
[2011/05/19 21:09:49 | 000,001,013 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Download Assistant.lnk
[2011/05/19 11:33:14 | 000,183,128 | ---- | C] () -- C:\Users\Babydoll\Desktop\Free Sites.pdf
[2011/05/19 08:51:10 | 008,644,142 | ---- | C] () -- C:\Users\Babydoll\Desktop\lolita_yoyo_by_LL.Sims3Pack
[2011/05/18 16:56:49 | 003,379,827 | ---- | C] () -- C:\Users\Babydoll\Desktop\TheSeaBreeze_byLhonna.Sims3Pack
[2011/05/17 19:18:03 | 000,096,630 | ---- | C] () -- C:\Users\Babydoll\Desktop\tumblr_ll9fumt5eB1qgzy04o1_500.jpg
[2011/05/17 09:27:09 | 000,077,009 | ---- | C] () -- C:\Users\Babydoll\background.jpg
[2011/05/17 07:44:19 | 001,497,935 | ---- | C] () -- C:\Users\Babydoll\Desktop\paleo-recipe-book-preview.pdf
[2011/05/10 08:15:53 | 003,493,214 | ---- | C] () -- C:\Users\Babydoll\Desktop\Larkspur Manor.Sims3Pack
[2011/05/07 17:32:08 | 000,001,799 | ---- | C] () -- C:\Users\Babydoll\Desktop\S3Launcher.exe - Shortcut.lnk
[2011/05/07 09:03:07 | 000,014,065 | ---- | C] () -- C:\Users\Babydoll\Documents\girlinhercar.gif
[2011/05/07 08:29:37 | 000,311,343 | ---- | C] () -- C:\Users\Babydoll\Documents\car.jpg
[2011/05/06 13:47:36 | 000,039,924 | ---- | C] () -- C:\Users\Babydoll\Documents\card2.gif
[2011/05/06 13:17:48 | 000,007,636 | ---- | C] () -- C:\Users\Babydoll\Documents\734994861_1741880.gif
[2011/05/06 13:14:57 | 000,001,305 | ---- | C] () -- C:\Users\Babydoll\Documents\me.gif
[2011/05/06 13:07:42 | 000,027,869 | ---- | C] () -- C:\Users\Babydoll\Documents\card.jpg
[2011/05/06 12:35:25 | 000,025,520 | ---- | C] () -- C:\Users\Babydoll\Documents\417s9FW8mRL.jpg
[2011/05/06 12:29:15 | 000,337,224 | ---- | C] () -- C:\Users\Babydoll\Documents\mg188d234.jpg
[2011/05/06 11:29:28 | 000,005,690 | ---- | C] () -- C:\Users\Babydoll\Documents\bow.jpg
[2011/05/06 11:21:15 | 000,091,284 | ---- | C] () -- C:\Users\Babydoll\Documents\fabric.jpg
[2011/05/06 10:56:04 | 000,000,043 | ---- | C] () -- C:\Users\Babydoll\Documents\spaceball.gif
[2011/05/06 09:21:28 | 000,030,600 | ---- | C] () -- C:\Users\Babydoll\Documents\4732.jpg
[2011/05/06 09:21:17 | 000,092,315 | ---- | C] () -- C:\Users\Babydoll\Documents\Bow%20and%20Polka%20Dots%20-%20Pink%20White2_lrg.jpg
[2011/05/05 10:09:47 | 000,026,953 | ---- | C] () -- C:\Users\Babydoll\Documents\2 (3).jpg
[2011/05/05 10:09:16 | 000,033,687 | ---- | C] () -- C:\Users\Babydoll\Documents\1 (3).jpg
[2011/05/04 08:46:39 | 000,051,330 | ---- | C] () -- C:\Users\Babydoll\Documents\almondbutter.odt
[2011/05/04 08:41:55 | 000,016,385 | ---- | C] () -- C:\Users\Babydoll\Documents\fishsticks.odt
[2011/05/02 09:03:05 | 000,000,088 | RHS- | C] () -- C:\Windows\System32\C0E78F9C31.sys
[2011/04/20 19:12:23 | 000,200,704 | ---- | C] () -- C:\Windows\System32\UpdateDriver.exe
[2011/04/20 19:12:23 | 000,005,224 | ---- | C] () -- C:\Windows\System32\ucuiinfo.ini
[2011/03/13 10:19:49 | 000,003,584 | ---- | C] () -- C:\Users\Babydoll\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/03/13 10:19:03 | 000,002,828 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2011/03/13 10:19:03 | 000,000,088 | RHS- | C] () -- C:\ProgramData\C0E78F9C31.sys
[2011/03/13 10:13:17 | 000,005,642 | -HS- | C] () -- C:\Windows\System32\KGyGaAvL.sys
[2011/02/26 11:00:20 | 000,016,968 | ---- | C] () -- C:\Windows\System32\drivers\hitmanpro35.sys
[2009/07/13 23:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 23:33:53 | 003,647,968 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/13 21:05:48 | 000,623,940 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/13 21:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/13 21:05:48 | 000,106,316 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/13 21:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/13 21:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/13 21:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/13 18:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 18:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/06/10 16:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2007/06/05 13:20:32 | 000,177,704 | ---- | C] () -- C:\Windows\System32\PSIService.exe
[2005/04/07 21:16:43 | 000,006,232 | -H-- | C] () -- C:\Users\Babydoll\AppData\Roaming\logs.dat
[2004/08/13 10:56:20 | 000,005,810 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys

========== LOP Check ==========

[2011/03/09 21:47:26 | 000,000,000 | ---D | M] -- C:\Users\Babydoll\AppData\Roaming\.minecraft
[2011/02/05 13:28:58 | 000,000,000 | ---D | M] -- C:\Users\Babydoll\AppData\Roaming\AVG10
[2011/05/19 21:09:52 | 000,000,000 | ---D | M] -- C:\Users\Babydoll\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2011/05/02 08:12:49 | 000,000,000 | ---D | M] -- C:\Users\Babydoll\AppData\Roaming\com.Shutterfly.ExpressUploader
[2011/04/07 12:10:03 | 000,000,000 | ---D | M] -- C:\Users\Babydoll\AppData\Roaming\OpenOffice.org
[2011/03/06 11:46:00 | 000,000,000 | ---D | M] -- C:\Users\Babydoll\AppData\Roaming\SecondLife
[2011/04/24 15:22:17 | 000,000,000 | ---D | M] -- C:\Users\Babydoll\AppData\Roaming\Thunderbird
[2011/05/18 08:45:59 | 000,000,000 | ---D | M] -- C:\Users\Babydoll\AppData\Roaming\TSRWorkshop
[2011/02/08 13:49:54 | 000,000,000 | ---D | M] -- C:\Users\Babydoll\AppData\Roaming\Watchtower
[2011/04/09 07:44:52 | 000,032,566 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP