Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

OTL Log File

Started by armour54 , Jun 14 2011 10:00 PM

  • Please log in to reply

#1
armour54
Posted 14 June 2011 - 10:00 PM

armour54

    New Member

  • Member
  • Pip
  • 1 posts
OTL logfile created on: 6/14/2011 11:53:06 PM - Run 1
OTL by OldTimer - Version 3.2.24.0 Folder = C:\Documents and Settings\Justin\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1014.11 Mb Total Physical Memory | 430.14 Mb Available Physical Memory | 42.42% Memory free
2.75 Gb Paging File | 2.29 Gb Available in Paging File | 83.10% Paging File free
Paging file location(s): C:\pagefile.sys 1900 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.48 Gb Total Space | 39.39 Gb Free Space | 52.88% Space Free | Partition Type: NTFS

Computer Name: BOSTON-D709C454 | User Name: Justin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/06/14 23:51:16 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Justin\My Documents\Downloads\OTL.exe
PRC - [2011/06/13 19:52:23 | 001,011,768 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Justin\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2011/06/11 12:54:29 | 000,389,872 | ---- | M] () -- C:\Program Files\cacaoweb\cacaoweb.exe
PRC - [2010/11/11 13:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2010/03/17 08:48:28 | 000,541,080 | ---- | M] (Affinegy, Inc.) -- C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe
PRC - [2010/03/17 08:04:26 | 000,086,016 | ---- | M] (CACE Technologies) -- C:\Program Files\WinPcap\rpcapd.exe
PRC - [2009/10/07 02:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
PRC - [2009/09/22 16:00:00 | 000,226,624 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Network Associates\Common Framework\naPrdMgr.exe
PRC - [2009/09/22 16:00:00 | 000,136,512 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Network Associates\Common Framework\UdaterUI.exe
PRC - [2009/09/22 16:00:00 | 000,103,744 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
PRC - [2009/09/22 16:00:00 | 000,091,456 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Network Associates\Common Framework\McTray.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005/12/28 12:04:56 | 000,262,217 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe


========== Modules (SafeList) ==========

MOD - [2011/06/14 23:51:16 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Justin\My Documents\Downloads\OTL.exe
MOD - [2010/08/23 12:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2010/11/11 13:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2010/03/17 08:48:28 | 000,541,080 | ---- | M] (Affinegy, Inc.) [Auto | Running] -- C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe -- (AffinegyService)
SRV - [2010/03/17 08:04:26 | 000,086,016 | ---- | M] (CACE Technologies) [Auto | Running] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2009/10/07 02:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2009/09/22 16:00:00 | 000,103,744 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Network Associates\Common Framework\FrameworkService.exe -- (McAfeeFramework)
SRV - [2005/12/28 12:04:56 | 000,262,217 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe -- (WLANKEEPER) Intel®


========== Driver Services (SafeList) ==========

DRV - [2011/06/14 20:49:18 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F24264D4-BA0D-4D49-A6A2-CBC20C9909AF}\MpKsle7e57aa4.sys -- (MpKsle7e57aa4)
DRV - [2010/03/17 08:16:00 | 000,027,072 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AFGSp50.sys -- (AFGSp50)
DRV - [2010/03/17 08:04:26 | 000,032,512 | ---- | M] (CACE Technologies) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2009/10/07 02:46:36 | 000,025,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2009/04/30 23:56:32 | 000,495,768 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LV561AV.SYS -- (PID_0928) Logitech QuickCam Express(PID_0928)
DRV - [2008/09/29 18:47:18 | 000,049,904 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BVRPMPR5.SYS -- (BVRPMPR5)
DRV - [2006/01/12 17:45:46 | 000,060,544 | ---- | M] (O2Micro) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\oz776.sys -- (guardian2)
DRV - [2005/12/28 13:22:08 | 000,013,568 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2005/12/05 00:55:30 | 001,428,096 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w39n51.sys -- (w39n51) Intel®
DRV - [2005/11/16 15:36:00 | 001,047,816 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2005/10/26 10:01:02 | 000,142,720 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2005/09/28 20:57:18 | 000,113,847 | R--- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2005/08/12 16:50:46 | 000,016,128 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS -- (APPDRV)
DRV - [2005/05/13 17:27:56 | 000,028,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbccid.sys -- (USBCCID)
DRV - [1999/09/10 07:06:00 | 000,025,244 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\aspi32.sys -- (Aspi32)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ytdstart....ion=5.1-x86-SP3
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = socks=127.0.0.1:4021

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "BearShare Web Search"
FF - prefs.js..browser.search.order.1: "BearShare Web Search"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=634471"
FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.ytdstart....on=5.1-x86-SP3"
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0.%(version)s
FF - prefs.js..extensions.enabledItems: [email protected]:0.9.5
FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.9
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..keyword.URL: "http://www.ytdstart....5.1-x86-SP3&q="

FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/04/29 15:48:44 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/26 17:02:49 | 000,000,000 | ---D | M]

[2010/02/26 21:14:56 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Justin\Application Data\Mozilla\Extensions
[2010/02/26 21:14:56 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Justin\Application Data\Mozilla\Extensions\[email protected]
[2011/06/12 21:30:24 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\i17y90z5.default\extensions
[2011/06/12 21:30:25 | 000,000,000 | ---D | M] (YTD Toolbar) -- C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\i17y90z5.default\extensions\{9B596622-FDDA-4e28-97F8-998C522FA58E}
[2011/04/13 20:38:55 | 000,000,000 | ---D | M] (cacaoweb) -- C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\i17y90z5.default\extensions\[email protected]
[2009/12/03 11:54:24 | 000,002,476 | ---- | M] () -- C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\i17y90z5.default\searchplugins\BearShareWebSearch.xml
[2011/06/12 21:30:15 | 000,002,284 | ---- | M] () -- C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\i17y90z5.default\searchplugins\bing-zugo.xml
[2011/04/12 22:43:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) --
[2010/03/20 11:36:15 | 000,000,000 | ---D | M] (Move Media Player) -- C:\DOCUMENTS AND SETTINGS\JUSTIN\APPLICATION DATA\MOVE NETWORKS
() (No name found) -- C:\DOCUMENTS AND SETTINGS\JUSTIN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\I17Y90Z5.DEFAULT\EXTENSIONS\{455D905A-D37C-4643-A9E2-F6FEFAA0424A}.XPI
[2011/04/29 15:48:32 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2009/12/03 11:54:24 | 000,002,476 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\BearShareWebSearch.xml
[2010/01/01 04:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml.old

O1 HOSTS File: ([2011/05/19 21:10:18 | 000,434,682 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 14962 more lines...
O2 - BHO: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - No CLSID value found.
O2 - BHO: (YTD Toolbar Helper) - {C462528A-E3B6-4ffb-B639-51EFBBB5B77D} - C:\Program Files\YTD Toolbar\Toolbar32.dll (BienneSoft)
O3 - HKLM\..\Toolbar: (YTD Toolbar) - {9B596622-FDDA-4e28-97F8-998C522FA58E} - C:\Program Files\YTD Toolbar\Toolbar32.dll (BienneSoft)
O3 - HKLM\..\Toolbar: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - No CLSID value found.
O4 - HKCU..\Run: [cacaoweb] C:\Program Files\cacaoweb\cacaoweb.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Free YouTube to iPod Converter - C:\Documents and Settings\Justin\Application Data\DVDVideoSoftIEHelpers\freeyoutubetoipodconverter.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.ma...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} http://office.micros...ntent/opuc3.cab (Office Update Installation Engine)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onec...lscbase6087.cab (Windows Live Safety Center Base Module)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1145463550984 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Justin\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Justin\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/04/19 10:32:34 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{04277f7d-310d-11df-ba51-0015c53a5201}\Shell\AutoRun\command - "" = E:\setupSNK.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/06/13 23:05:18 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Justin\Recent
[2011/06/12 21:30:23 | 000,000,000 | ---D | C] -- C:\Program Files\YTD Toolbar
[2011/06/12 21:30:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\YouTube Downloader
[2011/06/12 21:29:41 | 000,000,000 | ---D | C] -- C:\Program Files\YouTube Downloader
[2011/06/12 21:14:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Justin\Start Menu\Programs\HiJackThis
[2011/06/12 21:14:02 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011/06/12 21:09:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Justin\Start Menu\Programs\Google Chrome
[2011/06/11 15:37:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/06/11 15:37:40 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/06/11 15:37:30 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/05/18 23:47:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\CCleaner
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/06/14 23:31:05 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/06/14 23:24:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/06/14 23:11:00 | 000,000,982 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3648458149-3732743338-842306383-1019UA.job
[2011/06/14 21:11:03 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3648458149-3732743338-842306383-1019Core.job
[2011/06/14 20:13:05 | 000,002,271 | ---- | M] () -- C:\Documents and Settings\Justin\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/06/14 20:13:04 | 000,002,293 | ---- | M] () -- C:\Documents and Settings\Justin\Desktop\Google Chrome.lnk
[2011/06/14 20:09:22 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011/06/14 20:06:18 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/06/14 20:06:17 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/06/14 20:04:06 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/06/13 20:08:14 | 000,002,449 | ---- | M] () -- C:\Documents and Settings\Justin\Desktop\HiJackThis.lnk
[2011/06/12 21:30:05 | 000,000,797 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\YouTube Downloader.lnk
[2011/06/11 15:37:42 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/05/29 09:11:20 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/05/19 21:10:18 | 000,434,682 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/05/18 23:47:46 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/06/12 21:30:05 | 000,000,797 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\YouTube Downloader.lnk
[2011/06/12 21:14:05 | 000,002,449 | ---- | C] () -- C:\Documents and Settings\Justin\Desktop\HiJackThis.lnk
[2011/06/12 21:09:43 | 000,002,293 | ---- | C] () -- C:\Documents and Settings\Justin\Desktop\Google Chrome.lnk
[2011/06/12 21:09:43 | 000,002,271 | ---- | C] () -- C:\Documents and Settings\Justin\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/06/12 21:06:15 | 000,000,982 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3648458149-3732743338-842306383-1019UA.job
[2011/06/12 21:06:15 | 000,000,930 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3648458149-3732743338-842306383-1019Core.job
[2011/06/11 15:37:42 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/04/03 19:10:24 | 000,000,120 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\~18734900r
[2011/04/03 19:10:24 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\~18734900
[2011/04/03 19:01:00 | 000,000,336 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\18734900
[2011/04/03 16:43:01 | 000,000,120 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\~19783476r
[2011/04/03 16:43:01 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\~19783476
[2011/04/03 16:42:54 | 000,000,328 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\19783476
[2011/01/17 15:40:40 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\ssresources.dll
[2011/01/17 15:40:40 | 000,020,481 | ---- | C] () -- C:\WINDOWS\System32\SystemsHook.dll
[2010/12/23 22:43:21 | 000,055,524 | ---- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/11/03 20:57:10 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/06/27 16:54:06 | 000,057,395 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2010/03/28 19:25:57 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Justin\Local Settings\Application Data\housecall.guid.cache
[2010/03/02 13:23:50 | 000,011,264 | ---- | C] () -- C:\Documents and Settings\Justin\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/12/29 00:11:41 | 000,000,082 | ---- | C] () -- C:\WINDOWS\MPLAYER.INI
[2009/11/25 01:52:05 | 000,000,056 | ---- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009/10/07 02:46:36 | 000,025,752 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2009/10/07 02:23:08 | 000,013,584 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll
[2009/08/03 16:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/08/03 16:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe
[2009/04/30 23:39:36 | 000,082,289 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2006/04/24 05:37:14 | 000,000,173 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/04/20 07:03:03 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/04/19 14:27:11 | 000,000,603 | ---- | C] () -- C:\Program Files\UIS.lnk
[2006/04/19 14:19:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2006/04/19 14:18:14 | 000,107,134 | ---- | C] () -- C:\WINDOWS\UninstallFirefox.exe
[2006/04/19 14:18:03 | 000,003,243 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2006/04/19 12:36:02 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/04/19 10:59:34 | 000,000,004 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QSLLPSVCShare
[2006/04/19 10:35:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2006/04/19 10:29:19 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2006/04/19 06:19:09 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2006/04/19 06:17:52 | 000,266,208 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005/01/21 12:02:28 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\RMDevice.dll
[2004/08/04 08:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/04 08:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/04 08:00:00 | 000,435,828 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/04 08:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/04 08:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/04 08:00:00 | 000,068,558 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/04 08:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/04 08:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/04 08:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/04 08:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/04 08:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/04 08:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/09/18 01:45:00 | 000,119,808 | ---- | C] () -- C:\WINDOWS\lsb_un20.exe

========== LOP Check ==========

[2010/06/27 18:01:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Affinegy
[2010/11/04 18:45:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2009/11/28 23:09:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2010/06/27 18:00:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Belkin
[2010/09/07 22:00:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IObit
[2010/01/14 23:48:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Network Associates
[2010/07/27 23:36:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2011/02/01 21:57:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/02/09 20:57:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WildTangent
[2010/12/23 22:16:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/01/12 19:56:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2011/05/21 22:22:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Justin\Application Data\cacaoweb
[2011/01/22 17:19:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Justin\Application Data\DVDVideoSoftIEHelpers
[2009/11/26 14:44:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Justin\Application Data\GrabPro
[2006/04/24 05:41:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Justin\Application Data\Leadertech
[2009/12/29 00:11:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Justin\Application Data\MyFamily.com
[2009/12/29 00:00:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Justin\Application Data\NewsLeecher
[2009/11/26 14:48:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Justin\Application Data\Orbit
[2009/12/28 23:53:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Justin\Application Data\SuperNZB
[2010/06/21 22:05:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Justin\Application Data\Webshots
[2011/06/14 20:09:22 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:13EDD51B

< End of report >
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP