Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Icons missing, Folders hidden, fake security popups


  • Please log in to reply

#1
shinejah

shinejah

    Member

  • Member
  • PipPip
  • 20 posts
Thank you in advance for your time in regard to this matter.

Last night while surfing the web, I got an Avira security popup (looked legit), followed almost instantly by fake windows security popups, hard drive failure warnings, mouse low battery warning. I immediately went to run a Malwarebytes scan, and found that my startmenu programs list was empty. Opened Mycomputer>C:>Program files, to find it empty also. Checked folder options and found that settings had changed to "do not show hidden folders" and when I changed it back, all of my folders reappeared as if they are now "hidden" folder types.

Could not update malwarebytes. error "Program_Error_Updating" access denied.

Rebooted in safemode and ran malwarebytes with existing virus definitions (40 days old)
first scan found several items - removed
rebooted and scanned again
second scan found two items - removed
rebooted and scanned again
third scan clean

Rebooted into regular mode, Popups seem to be gone, but settings are still mucked up and still cannot update malwarbytes from regular user account or Admin user account.


Current OTL log

OTL logfile created on: 6/15/2011 7:50:32 PM - Run 1
OTL by OldTimer - Version 3.2.24.0 Folder = C:\Documents and Settings\Administrator\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: | Country: | Language: | Date Format:

2.00 Gb Total Physical Memory | 1.53 Gb Available Physical Memory | 76.32% Memory free
3.85 Gb Paging File | 3.45 Gb Available in Paging File | 89.70% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 3.66 Gb Free Space | 4.91% Space Free | Partition Type: NTFS
Drive G: | 465.65 Gb Total Space | 293.26 Gb Free Space | 62.98% Space Free | Partition Type: FAT32

Computer Name: JOHNANDLILIES | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/06/15 19:50:05 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\My Documents\Downloads\OTL.exe
PRC - [2010/12/17 06:22:56 | 000,136,584 | -H-- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\RaMaint.exe
PRC - [2010/12/17 06:22:50 | 000,390,528 | -H-- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe
PRC - [2010/12/17 06:22:40 | 000,374,152 | -H-- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
PRC - [2010/07/28 18:22:10 | 000,014,808 | -H-- | M] (Mozilla Corporation) -- C:\program files\firefox\plugin-container.exe
PRC - [2010/07/28 18:22:08 | 000,910,296 | -H-- | M] (Mozilla Corporation) -- C:\program files\firefox\firefox.exe
PRC - [2010/05/04 13:07:22 | 000,503,080 | -H-- | M] (Nero AG) -- C:\Program Files\Nero\Update\NASvc.exe
PRC - [2009/09/29 09:17:50 | 000,013,088 | -H-- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
PRC - [2009/07/21 14:34:33 | 000,185,089 | -H-- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2009/05/13 16:48:22 | 000,108,289 | -H-- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2008/11/07 15:20:40 | 000,025,824 | -H-- | M] (Memeo) -- C:\Program Files\WD\WD Anywhere Backup\MemeoBackgroundService.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2007/09/04 19:25:44 | 000,131,072 | -H-- | M] (NVIDIA) -- C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
PRC - [2007/01/11 04:02:00 | 000,113,664 | -H-- | M] (SEIKO EPSON CORPORATION) -- C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.EXE


========== Modules (SafeList) ==========

MOD - [2011/06/15 19:50:05 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\My Documents\Downloads\OTL.exe
MOD - [2010/08/23 12:12:02 | 001,054,208 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (MSDTC)
SRV - [2010/12/17 06:22:56 | 000,136,584 | -H-- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\RaMaint.exe -- (LMIMaint)
SRV - [2010/12/17 06:22:50 | 000,390,528 | -H-- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LogMeIn.exe -- (LogMeIn)
SRV - [2010/12/17 06:22:40 | 000,374,152 | -H-- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2010/05/04 13:07:22 | 000,503,080 | -H-- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2009/09/29 09:17:50 | 000,013,088 | -H-- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2009/07/21 14:34:33 | 000,185,089 | -H-- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009/07/20 13:28:10 | 000,121,360 | -H-- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2009/05/13 16:48:22 | 000,108,289 | -H-- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2008/11/07 15:20:40 | 000,025,824 | -H-- | M] (Memeo) [Auto | Running] -- C:\Program Files\WD\WD Anywhere Backup\MemeoBackgroundService.exe -- (MemeoBackgroundService)
SRV - [2008/07/24 15:22:50 | 000,102,400 | -H-- | M] (WDC) [On_Demand | Stopped] -- C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe -- (WDBtnMgrSvc.exe)
SRV - [2007/09/04 19:25:44 | 000,131,072 | -H-- | M] (NVIDIA) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe -- (nTuneService)
SRV - [2007/01/11 04:02:00 | 000,113,664 | -H-- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.EXE -- (EPSON_PM_RPCV4_01) EPSON V3 Service4(01)


========== Driver Services (SafeList) ==========

DRV - [2010/12/17 06:22:41 | 000,083,360 | -H-- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2010/06/25 16:01:20 | 000,041,936 | -H-- | M] (Oracle Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\DRIVERS\VBoxUSBMon.sys -- (VBoxUSBMon)
DRV - [2010/06/25 16:01:16 | 000,142,992 | -H-- | M] (Oracle Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\DRIVERS\VBoxDrv.sys -- (VBoxDrv)
DRV - [2010/06/25 16:01:16 | 000,100,496 | -H-- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DRIVERS\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV - [2010/06/01 21:19:24 | 000,013,824 | -H-- | M] (LoteSoft Co.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DRIVERS\splitcam.sys -- (SPLITCAM)
DRV - [2010/05/11 16:29:52 | 000,013,192 | -H-- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\epmntdrv.sys -- (epmntdrv)
DRV - [2010/05/11 16:29:50 | 000,008,456 | -H-- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\EuGdiDrv.sys -- (EuGdiDrv)
DRV - [2010/02/24 14:43:35 | 000,056,816 | -H-- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\System32\DRIVERS\avgntflt.sys -- (avgntflt)
DRV - [2009/09/23 10:41:58 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\hamachi.sys -- (hamachi)
DRV - [2009/09/01 15:06:02 | 000,024,576 | -H-- | M] (NeoRouter Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\nrtap.sys -- (nrtap)
DRV - [2009/06/23 14:38:26 | 000,189,464 | -H-- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\hap17v2k.sys -- (hap17v2k)
DRV - [2009/06/23 14:38:16 | 000,162,840 | -H-- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\hap16v2k.sys -- (hap16v2k)
DRV - [2009/06/23 14:38:06 | 000,798,744 | -H-- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\ha10kx2k.sys -- (ha10kx2k)
DRV - [2009/06/23 14:37:54 | 000,092,696 | -H-- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\emupia2k.sys -- (emupia)
DRV - [2009/06/23 14:37:32 | 000,157,208 | -H-- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2009/06/23 14:37:22 | 000,014,360 | -H-- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV - [2009/06/23 14:37:10 | 000,127,512 | -H-- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2009/06/23 14:36:36 | 000,347,080 | -H-- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\ctdvda2k.sys -- (ctdvda2k)
DRV - [2009/06/23 14:36:24 | 000,528,408 | -H-- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
DRV - [2009/06/23 14:36:14 | 000,511,000 | -H-- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\ctac32k.sys -- (ctac32k)
DRV - [2009/06/23 14:35:04 | 000,100,888 | -H-- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\CTERFXFX.SYS -- (CTERFXFX.SYS)
DRV - [2009/06/23 14:35:04 | 000,100,888 | -H-- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\CTERFXFX.SYS -- (CTERFXFX)
DRV - [2009/06/23 14:34:52 | 000,566,296 | -H-- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\CTSBLFX.SYS -- (CTSBLFX.SYS)
DRV - [2009/06/23 14:34:52 | 000,566,296 | -H-- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\CTSBLFX.SYS -- (CTSBLFX)
DRV - [2009/06/23 14:34:40 | 000,555,032 | -H-- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\CTAUDFX.SYS -- (CTAUDFX.SYS)
DRV - [2009/06/23 14:34:40 | 000,555,032 | -H-- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\CTAUDFX.SYS -- (CTAUDFX)
DRV - [2009/06/23 14:34:30 | 000,099,352 | -H-- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\COMMONFX.SYS -- (COMMONFX.SYS)
DRV - [2009/06/23 14:34:30 | 000,099,352 | -H-- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\COMMONFX.SYS -- (COMMONFX)
DRV - [2009/06/17 12:56:16 | 000,037,392 | -H-- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DRIVERS\LMouFilt.Sys -- (LMouFilt)
DRV - [2009/06/17 12:56:06 | 000,035,472 | -H-- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DRIVERS\LHidFilt.Sys -- (LHidFilt)
DRV - [2009/06/17 12:55:18 | 000,020,240 | -H-- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DRIVERS\L8042Kbd.sys -- (L8042Kbd)
DRV - [2009/06/10 17:49:32 | 000,024,576 | -H-- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\ANDROIDUSB.sys -- (HTCAND32)
DRV - [2009/05/11 10:12:24 | 000,028,520 | -H-- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\System32\DRIVERS\ssmdrv.sys -- (ssmdrv)
DRV - [2009/05/05 10:59:02 | 000,022,168 | -H-- | M] (VIA Technologies,Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\xfilt.sys -- (xfilt)
DRV - [2009/05/05 10:58:30 | 000,013,976 | -H-- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\videX32.sys -- (videX32)
DRV - [2009/03/30 10:33:07 | 000,096,104 | -H-- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\System32\DRIVERS\avipbb.sys -- (avipbb)
DRV - [2009/02/13 12:35:05 | 000,011,608 | -H-- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009/01/15 18:29:12 | 000,030,656 | -H-- | M] (Eutron) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\eusk2par.sys -- (eusk2par)
DRV - [2008/08/11 12:41:00 | 000,047,640 | -H-- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2008/08/11 12:41:00 | 000,012,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files\LogMeIn\x86\RaInfo.sys -- (LMIInfo)
DRV - [2008/06/16 09:02:34 | 000,017,024 | -H-- | M] (BIOSTAR Group) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\BS_I2cIo.sys -- (BS_I2cIo)
DRV - [2008/04/13 14:46:22 | 000,015,232 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\MPE.sys -- (MPE)
DRV - [2008/04/13 14:45:30 | 000,010,624 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DRIVERS\gameenum.sys -- (gameenum)
DRV - [2007/09/04 19:26:32 | 000,029,696 | -H-- | M] (NVidia Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\nvoclock.sys -- (NVR0Dev)
DRV - [2007/08/16 10:09:38 | 000,003,604 | -H-- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\BIOS\BIOS Flash\BS_Flash.sys -- (BS_Flash)
DRV - [2007/06/22 19:14:40 | 004,432,384 | -H-- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006/12/12 11:16:06 | 000,022,528 | -H-- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\emAudio.sys -- (emAudio)
DRV - [2006/09/24 09:28:46 | 000,005,248 | -H-- | M] (Windows ® 2000 DDK provider) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2005/12/21 10:14:52 | 000,100,957 | -H-- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\emDevice.sys -- (DCamUSBEMPIA)
DRV - [2005/12/21 10:14:52 | 000,005,245 | -H-- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\emFilter.sys -- (FiltUSBEMPIA)
DRV - [2005/12/21 10:14:52 | 000,004,493 | -H-- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\emScan.sys -- (ScanUSBEMPIA)
DRV - [2005/03/16 02:23:54 | 000,013,696 | RH-- | M] (BIOSTAR Group) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\BIOS.sys -- (BIOS)
DRV - [2005/02/23 14:58:56 | 000,011,776 | -H-- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\Afc.sys -- (Afc)
DRV - [2003/06/26 23:05:38 | 000,472,332 | -H-- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\LVCM.sys -- (QCMerced)
DRV - [2003/05/01 16:23:02 | 000,016,128 | RH-- | M] (Cypress Semiconductor / NAVMAN NZ Limited) [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\DRIVERS\NvMnUSB.SYS -- (NavManUSB)
DRV - [2002/09/26 06:41:00 | 000,076,288 | -H-- | M] (Rainbow Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\Drivers\SENTINEL.SYS -- (Sentinel)
DRV - [2001/08/17 13:19:34 | 000,040,704 | -H-- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\es1371mp.sys -- (es1371) Creative AudioPCI (ES1371,ES1373) (WDM)
DRV - [1996/04/03 15:33:26 | 000,005,248 | -H-- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files\Firefox\components [2010/09/08 00:27:05 | 000,000,000 | -H-D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files\Firefox\plugins [2010/09/05 15:42:53 | 000,000,000 | -H-D | M]

[2011/06/15 19:44:46 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\VGPVVYAM.DEFAULT\EXTENSIONS\{20A82645-C095-46ED-80E3-08825760534B}
[2008/06/22 08:38:55 | 000,000,000 | -H-D | M] (Java Console) -- C:\PROGRAM FILES\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
[2009/09/14 11:51:53 | 000,000,000 | -H-D | M] (Java Console) -- C:\PROGRAM FILES\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
[2010/01/03 00:25:02 | 000,000,000 | -H-D | M] (Java Console) -- C:\PROGRAM FILES\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
[2010/04/15 20:31:08 | 000,000,000 | -H-D | M] (Java Console) -- C:\PROGRAM FILES\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/01/03 00:24:44 | 000,000,000 | -H-D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF

O1 HOSTS File: ([2011/03/09 18:18:19 | 000,000,734 | -H-- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - File not found
O2 - BHO: (Somoto Toolbar) - {c3721e85-f0ac-4b7e-ae4c-3e738011dc9d} - C:\Program Files\somototoolbar\vmntemplateX.dll ()
O2 - BHO: (SMTTB2009 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\SplitCam Toolbar\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (SplitCam Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files\SplitCam Toolbar\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (Somoto Toolbar) - {c3721e85-f0ac-4b7e-ae4c-3e738011dc9d} - C:\Program Files\somototoolbar\vmntemplateX.dll ()
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [CTHelper] C:\WINDOWS\System32\CtHelper.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [USB2Check] C:\WINDOWS\System32\PCLECoInst.dll (Pinnacle Systems)
O4 - HKLM..\Run: [WD Anywhere Backup] C:\Program Files\WD\WD Anywhere Backup\MemeoLauncher2.exe (Memeo Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} https://supportcente...oad/tgctlcm.cab (Reg Error: Key error.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1213975415703 (WUWebControl Class)
O16 - DPF: {6CE31B8D-8340-4DBD-B78E-BF59620924DC} http://www.quest3d.c...t3dactivex2.cab (Quest3DCtlr2 Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creat...15111/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.10.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O20 - Winlogon\Notify\LMIinit: DllName - LMIinit.dll - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2008/06/20 10:13:21 | 000,000,000 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2008/12/17 17:34:12 | 000,000,000 | ---D | M] - G:\autorun -- [ FAT32 ]
O32 - AutoRun File - [2008/12/17 17:34:12 | 000,000,000 | ---D | M] - G:\autorun -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/06/15 19:41:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla
[2011/06/15 19:26:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2009/06/23 12:49:14 | 000,010,752 | -H-- | C] ( ) -- C:\WINDOWS\System32\a3d.dll
[2009/06/23 12:20:00 | 000,010,240 | -H-- | C] ( ) -- C:\WINDOWS\System32\killapps.exe

========== Files - Modified Within 30 Days ==========

[2011/06/15 19:48:03 | 000,000,902 | -H-- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/06/15 19:39:13 | 000,013,646 | -H-- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/06/15 19:39:13 | 000,000,898 | -H-- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/06/15 19:23:30 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/06/15 15:55:02 | 000,000,336 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\18079524
[2011/06/15 01:59:07 | 000,000,128 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\~19128100r
[2011/06/15 01:59:07 | 000,000,128 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\~19128100
[2011/06/15 01:59:03 | 000,000,336 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\19128100
[2011/06/09 10:12:35 | 000,162,159 | -H-- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2011/06/08 14:33:00 | 000,000,286 | -H-- | M] () -- C:\WINDOWS\tasks\prismShakeIcon.job
[2011/06/08 14:21:00 | 000,000,316 | -H-- | M] () -- C:\WINDOWS\tasks\expressburnShakeIcon.job
[2011/05/23 12:13:25 | 000,000,040 | -H-- | M] () -- C:\WINDOWS\nero.INI

========== Files Created - No Company Name ==========

[2011/06/15 15:55:02 | 000,000,336 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\18079524
[2011/06/15 01:59:07 | 000,000,128 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\~19128100r
[2011/06/15 01:59:07 | 000,000,128 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\~19128100
[2011/06/15 01:59:03 | 000,000,336 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\19128100
[2011/05/21 14:33:07 | 000,000,286 | -H-- | C] () -- C:\WINDOWS\tasks\prismShakeIcon.job
[2011/05/21 14:21:36 | 000,000,316 | -H-- | C] () -- C:\WINDOWS\tasks\expressburnShakeIcon.job
[2011/03/08 03:09:28 | 001,228,854 | -H-- | C] () -- \fsqwr.bmp
[2010/11/18 03:07:15 | 000,000,552 | -H-- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2010/10/13 17:20:27 | 000,044,544 | -H-- | C] () -- C:\WINDOWS\System32\GIF89.DLL
[2010/10/13 17:20:25 | 000,484,352 | -H-- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2010/07/28 21:12:14 | 001,503,232 | -H-- | C] () -- C:\WINDOWS\System32\ptj.exe
[2010/07/28 21:12:14 | 001,103,360 | -H-- | C] () -- C:\WINDOWS\System32\cidfont.dll
[2010/07/28 21:12:12 | 004,369,408 | -H-- | C] () -- C:\WINDOWS\System32\pdftk.exe
[2010/07/28 21:12:12 | 000,235,008 | -H-- | C] () -- C:\WINDOWS\System32\office.exe
[2010/07/18 17:33:16 | 000,014,848 | -H-- | C] () -- C:\WINDOWS\System32\EuEpmGdi.dll
[2010/07/18 17:33:15 | 001,774,720 | -H-- | C] () -- C:\WINDOWS\System32\BootMan.exe
[2010/07/18 17:33:15 | 000,086,408 | -H-- | C] () -- C:\WINDOWS\System32\setupempdrv03.exe
[2010/07/18 17:33:15 | 000,013,192 | -H-- | C] () -- C:\WINDOWS\System32\epmntdrv.sys
[2010/07/18 17:33:15 | 000,008,456 | -H-- | C] () -- C:\WINDOWS\System32\EuGdiDrv.sys
[2010/02/23 15:11:55 | 000,147,456 | -H-- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2010/02/22 02:46:15 | 000,049,152 | -H-- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2009/12/19 18:21:03 | 000,363,520 | -H-- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2009/11/12 23:08:52 | 000,000,219 | -H-- | C] () -- C:\WINDOWS\System32\MRT.INI
[2009/10/27 22:58:17 | 000,001,024 | -H-- | C] () -- \.rnd
[2009/09/26 22:09:55 | 000,016,384 | -H-- | C] () -- C:\WINDOWS\System32\FileOps.exe
[2009/08/03 18:41:16 | 000,000,211 | -H-- | C] () -- \Boot.bak
[2009/08/03 18:41:10 | 000,260,272 | -H-- | C] () -- \cmldr
[2009/08/03 14:56:45 | 000,000,083 | -H-- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2009/07/21 00:47:24 | 000,003,604 | -H-- | C] () -- C:\WINDOWS\System32\drivers\BS_Flash.sys
[2009/06/23 13:29:50 | 000,049,719 | -H-- | C] () -- C:\WINDOWS\System32\instwdm.ini
[2009/06/23 13:29:48 | 000,000,054 | -H-- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2009/06/23 12:51:00 | 000,043,520 | -H-- | C] () -- C:\WINDOWS\System32\CTBurst.dll
[2009/06/23 12:48:16 | 000,037,888 | -H-- | C] () -- C:\WINDOWS\System32\psconv.exe
[2009/06/23 12:28:48 | 000,386,852 | -H-- | C] () -- C:\WINDOWS\System32\ctdnlstr.dat
[2009/06/23 12:28:48 | 000,051,787 | -H-- | C] () -- C:\WINDOWS\System32\ctdlang.dat
[2009/06/23 12:23:20 | 000,013,312 | -H-- | C] () -- C:\WINDOWS\System32\regplib.exe
[2009/06/23 12:22:36 | 000,149,838 | -H-- | C] () -- C:\WINDOWS\System32\ctbas2w.dat
[2009/06/23 12:20:44 | 000,274,587 | -H-- | C] () -- C:\WINDOWS\System32\ctsbas2w.dat
[2009/06/23 12:20:34 | 000,241,084 | -H-- | C] () -- C:\WINDOWS\System32\CTSBASW.DAT
[2009/06/23 12:20:34 | 000,115,166 | -H-- | C] () -- C:\WINDOWS\System32\CTBASICW.DAT
[2009/06/23 12:20:08 | 000,313,207 | -H-- | C] () -- C:\WINDOWS\System32\ctstatic.dat
[2009/06/23 12:20:08 | 000,053,932 | -H-- | C] () -- C:\WINDOWS\System32\ctdaught.dat
[2009/06/23 12:20:06 | 000,005,120 | -H-- | C] () -- C:\WINDOWS\System32\enlocstr.exe
[2009/04/16 21:44:53 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2008/11/19 22:43:38 | 000,000,040 | -H-- | C] () -- C:\WINDOWS\nero.INI
[2008/08/16 09:25:34 | 000,196,608 | -H-- | C] () -- C:\WINDOWS\System32\avisynth.dll
[2008/08/06 20:53:01 | 000,000,028 | -H-- | C] () -- C:\WINDOWS\MotionDVSTUDIO.INI
[2008/07/23 12:50:52 | 003,596,288 | -H-- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/07/23 12:46:38 | 000,012,288 | -H-- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2008/06/22 06:30:52 | 000,000,031 | -H-- | C] () -- C:\WINDOWS\popcinfo.dat
[2008/06/22 06:26:40 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\Mavis Beacon Teaches Typing.INI
[2008/06/22 06:17:29 | 000,000,000 | -H-- | C] () -- C:\Program Files\temp01
[2008/06/22 05:27:23 | 000,001,185 | -H-- | C] () -- C:\WINDOWS\mozver.dat
[2008/06/22 05:21:21 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\nsreg.dat
[2008/06/22 04:52:41 | 000,073,220 | -H-- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
[2008/06/22 04:52:41 | 000,031,053 | -H-- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat
[2008/06/22 04:52:41 | 000,029,114 | -H-- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
[2008/06/22 04:52:41 | 000,027,417 | -H-- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat
[2008/06/22 04:52:41 | 000,021,021 | -H-- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat
[2008/06/22 04:52:41 | 000,015,670 | -H-- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat
[2008/06/22 04:52:41 | 000,013,280 | -H-- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat
[2008/06/22 04:52:41 | 000,010,673 | -H-- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat
[2008/06/22 04:52:41 | 000,004,943 | -H-- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat
[2008/06/22 04:52:41 | 000,001,140 | -H-- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat
[2008/06/22 04:52:41 | 000,001,140 | -H-- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat
[2008/06/22 04:52:41 | 000,001,137 | -H-- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat
[2008/06/22 04:52:41 | 000,001,130 | -H-- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat
[2008/06/22 04:52:41 | 000,001,130 | -H-- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat
[2008/06/22 04:52:41 | 000,001,104 | -H-- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat
[2008/06/22 04:52:41 | 000,000,097 | -H-- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2008/06/22 04:52:01 | 000,000,044 | -H-- | C] () -- C:\WINDOWS\EPSPR280.ini
[2008/06/22 04:34:07 | 000,014,938 | -H-- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2008/06/20 11:57:48 | 000,056,880 | -H-- | C] () -- C:\WINDOWS\System32\scvideo.dll
[2008/06/20 10:37:11 | 000,069,632 | -H-- | C] () -- C:\WINDOWS\System32\vuins32.dll
[2008/06/20 10:15:40 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008/06/20 10:13:21 | 000,000,000 | RHS- | C] () -- \MSDOS.SYS
[2008/06/20 10:13:21 | 000,000,000 | RHS- | C] () -- \IO.SYS
[2008/06/20 10:13:21 | 000,000,000 | -H-- | C] () -- \CONFIG.SYS
[2008/06/20 10:13:21 | 000,000,000 | -H-- | C] () -- \AUTOEXEC.BAT
[2008/06/20 10:10:05 | 000,021,640 | -H-- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/06/20 07:48:34 | 000,004,161 | -H-- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008/06/20 07:47:22 | 000,169,896 | -H-- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/06/20 07:45:35 | 000,000,281 | RHS- | C] () -- \boot.ini
[2008/06/20 07:40:22 | 2145,386,496 | -HS- | C] () --
[2007/11/06 21:30:00 | 001,703,936 | -H-- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2007/11/06 21:30:00 | 001,630,208 | -H-- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2007/11/06 21:30:00 | 001,486,848 | -H-- | C] () -- C:\WINDOWS\System32\nview.dll
[2007/11/06 21:30:00 | 001,339,392 | -H-- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2007/11/06 21:30:00 | 001,019,904 | -H-- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2007/11/06 21:30:00 | 000,466,944 | -H-- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2007/11/06 21:30:00 | 000,442,368 | -H-- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2007/11/06 21:30:00 | 000,425,984 | -H-- | C] () -- C:\WINDOWS\System32\keystone.exe
[2007/11/06 21:30:00 | 000,286,720 | -H-- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2007/08/13 21:45:02 | 000,077,824 | -H-- | C] () -- C:\WINDOWS\System32\ctmmactl.dll
[2007/04/12 08:10:28 | 000,105,728 | -H-- | C] () -- C:\WINDOWS\System32\APOMgrH.dll
[2007/03/12 12:01:30 | 000,217,088 | -H-- | C] () -- C:\WINDOWS\NVGfxOgl.dll
[2006/10/02 18:25:18 | 000,000,307 | -H-- | C] () -- C:\WINDOWS\System32\kill.ini
[2004/08/04 08:00:00 | 013,107,200 | -H-- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/04 08:00:00 | 000,673,088 | -H-- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/04 08:00:00 | 000,441,552 | -H-- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/04 08:00:00 | 000,272,128 | -H-- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/04 08:00:00 | 000,250,048 | RHS- | C] () -- \ntldr
[2004/08/04 08:00:00 | 000,218,003 | -H-- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/04 08:00:00 | 000,071,488 | -H-- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/04 08:00:00 | 000,047,564 | RHS- | C] () -- \NTDETECT.COM
[2004/08/04 08:00:00 | 000,046,258 | -H-- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/04 08:00:00 | 000,028,626 | -H-- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/04 08:00:00 | 000,004,569 | -H-- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/04 08:00:00 | 000,004,461 | -H-- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/04 08:00:00 | 000,001,804 | -H-- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/04 08:00:00 | 000,000,741 | -H-- | C] () -- C:\WINDOWS\System32\noise.dat
[1999/01/27 13:39:06 | 000,065,024 | -H-- | C] () -- C:\WINDOWS\System32\indounin.dll
[1997/06/13 07:56:08 | 000,056,832 | -H-- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
[1996/04/03 15:33:26 | 000,005,248 | -H-- | C] () -- C:\WINDOWS\System32\giveio.sys

========== LOP Check ==========

[2011/06/08 14:21:00 | 000,000,316 | -H-- | M] () -- C:\WINDOWS\Tasks\expressburnShakeIcon.job
[2011/06/08 14:33:00 | 000,000,286 | -H-- | M] () -- C:\WINDOWS\Tasks\prismShakeIcon.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 487 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:05EE1EEF
@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:6F1F66C0

< End of report >
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP