Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Vista security 2012 virus

Started by remember_jordana , Jun 19 2011 10:26 AM

  • This topic is locked This topic is locked

#46
remember_jordana
Posted 28 June 2011 - 02:48 PM

remember_jordana

    Member

  • Topic Starter
  • Member
  • PipPip
  • 61 posts
Pc seems to be running just fine. Have not had any popups in a while. Internet work good as well.

here is the quick scan OTL log

OTL logfile created on: 6/28/2011 5:45:28 PM - Run 4
OTL by OldTimer - Version 3.2.24.1 Folder = C:\Users\Jennifer\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18999)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.87 Gb Total Physical Memory | 1.63 Gb Available Physical Memory | 56.72% Memory free
5.96 Gb Paging File | 4.87 Gb Available in Paging File | 81.65% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 288.09 Gb Total Space | 133.90 Gb Free Space | 46.48% Space Free | Partition Type: NTFS
Drive I: | 963.70 Mb Total Space | 950.14 Mb Free Space | 98.59% Space Free | Partition Type: FAT

Computer Name: JENNIFER-PC | User Name: Jennifer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/06/19 17:20:40 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Jennifer\Desktop\OTL.exe
PRC - [2011/06/15 23:17:34 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/05/25 21:24:16 | 001,306,216 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2011/03/13 11:45:14 | 000,148,520 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\mfevtps.exe
PRC - [2011/03/13 11:41:50 | 000,159,832 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
PRC - [2011/03/13 11:41:36 | 000,165,000 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
PRC - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
PRC - [2008/10/29 01:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/07/23 13:25:32 | 006,183,456 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008/07/22 21:14:28 | 000,012,800 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
PRC - [2008/06/11 14:18:30 | 000,024,576 | ---- | M] () -- C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe
PRC - [2007/12/05 11:25:58 | 000,364,192 | -H-- | M] () -- C:\Windows\System32\atwtusb.exe
PRC - [2007/11/13 13:23:18 | 001,969,824 | -H-- | M] () -- C:\Windows\System32\WTMKM.exe
PRC - [2007/09/11 03:45:04 | 000,124,832 | ---- | M] () -- C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
PRC - [2007/05/15 18:08:40 | 000,182,576 | ---- | M] (ActivIdentity) -- C:\Program Files\ActivIdentity\ActivClient\accoca.exe
PRC - [2007/05/15 18:08:38 | 000,095,024 | ---- | M] (ActivIdentity) -- C:\Program Files\ActivIdentity\ActivClient\acevents.exe
PRC - [2007/04/19 16:44:18 | 000,074,672 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files\Lexmark 1200 Series\LXCZbmgr.exe
PRC - [2007/04/19 16:44:12 | 000,058,288 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files\Lexmark 1200 Series\LXCZbmon.exe
PRC - [2007/04/19 16:43:42 | 000,537,520 | -H-- | M] ( ) -- C:\Windows\System32\lxczcoms.exe
PRC - [2007/04/13 10:49:00 | 000,101,528 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
PRC - [2006/12/11 11:12:06 | 000,537,520 | -H-- | M] ( ) -- C:\Windows\System32\lxcrcoms.exe
PRC - [2006/12/11 11:11:54 | 000,291,760 | ---- | M] () -- C:\Program Files\Lexmark 2400 Series\lxcrmon.exe
PRC - [2006/11/02 07:35:35 | 000,176,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wpcumi.exe
PRC - [2003/08/29 19:05:35 | 000,360,448 | ---- | M] () -- C:\Program Files\SpywareGuard\sgmain.exe
PRC - [2003/08/29 11:14:56 | 000,233,472 | ---- | M] () -- C:\Program Files\SpywareGuard\sgbhp.exe


========== Modules (SafeList) ==========

MOD - [2011/06/19 17:20:40 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Jennifer\Desktop\OTL.exe
MOD - [2011/04/08 16:56:28 | 000,018,176 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\SiteAdvisor\sahook.dll
MOD - [2010/08/31 10:39:57 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (npggsvc)
SRV - [2011/03/17 16:38:42 | 000,361,712 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2011/03/13 11:45:14 | 000,148,520 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Windows\System32\mfevtps.exe -- (mfevtp)
SRV - [2011/03/13 11:41:50 | 000,159,832 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV - [2011/03/13 11:41:36 | 000,165,000 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV - [2009/02/23 23:38:32 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008/07/22 21:14:28 | 000,012,800 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2008/06/11 14:18:30 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe -- (ETService)
SRV - [2008/05/05 17:25:46 | 000,165,416 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\eMachines Games\eMachines Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2008/01/20 21:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/12/05 11:25:58 | 000,364,192 | -H-- | M] () [Auto | Running] -- C:\Windows\System32\atwtusb.exe -- (WTService)
SRV - [2007/09/11 03:45:04 | 000,124,832 | ---- | M] () [Auto | Running] -- C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor6.0)
SRV - [2007/05/15 18:08:40 | 000,182,576 | ---- | M] (ActivIdentity) [Auto | Running] -- C:\Program Files\ActivIdentity\ActivClient\accoca.exe -- (accoca)
SRV - [2007/04/19 16:43:42 | 000,537,520 | -H-- | M] ( ) [Auto | Running] -- C:\Windows\System32\lxczcoms.exe -- (lxcz_device)
SRV - [2007/04/13 10:49:00 | 000,101,528 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2006/12/11 11:12:06 | 000,537,520 | -H-- | M] ( ) [Auto | Running] -- C:\Windows\System32\lxcrcoms.exe -- (lxcr_device)


========== Driver Services (SafeList) ==========

DRV - [2011/03/13 11:20:10 | 000,459,728 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2011/03/13 11:20:10 | 000,337,912 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\mfefirek.sys -- (mfefirek)
DRV - [2011/03/13 11:20:10 | 000,179,248 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2011/03/13 11:20:10 | 000,163,400 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\mfewfpk.sys -- (mfewfpk)
DRV - [2011/03/13 11:20:10 | 000,118,784 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2011/03/13 11:20:10 | 000,085,984 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\mferkdet.sys -- (mferkdet)
DRV - [2011/03/13 11:20:10 | 000,064,648 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfenlfk.sys -- (mfenlfk)
DRV - [2011/03/13 11:20:10 | 000,059,288 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2011/03/13 11:20:10 | 000,057,432 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\cfwids.sys -- (cfwids)
DRV - [2010/01/07 17:07:14 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2008/07/22 21:14:24 | 001,203,808 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2008/06/11 14:13:24 | 000,015,392 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\int15.sys -- (int15)
DRV - [2008/05/02 09:46:00 | 007,460,320 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008/03/25 00:38:20 | 001,048,480 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2008/01/25 07:02:02 | 000,140,832 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvstor32.sys -- (nvstor32)
DRV - [2008/01/20 21:23:27 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbccid.sys -- (USBCCID)
DRV - [2008/01/08 14:52:40 | 000,238,072 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WUSB54GSCV2_X86.sys -- (WUSB54GSCv2.NTx86)
DRV - [2007/10/18 01:11:00 | 000,056,448 | ---- | M] (SCM Microsystems Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SCR3XX2K.sys -- (SCR3XX2K)
DRV - [2007/07/23 10:56:58 | 000,042,624 | ---- | M] (Ideazon Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Alpham1.sys -- (Alpham1)
DRV - [2007/03/20 12:49:52 | 000,018,432 | ---- | M] (Ideazon Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Alpham2.sys -- (Alpham2)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.emac...109&m=et1161-07
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.msn.com
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://yahoo.com/"
FF - prefs.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2011/06/22 10:50:28 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/06/22 17:39:55 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2009/02/23 18:20:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jennifer\AppData\Roaming\mozilla\Extensions
[2009/02/23 18:20:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jennifer\AppData\Roaming\mozilla\Extensions\[email protected]
[2010/06/08 20:52:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jennifer\AppData\Roaming\mozilla\Firefox\extensions
[2010/06/08 20:52:07 | 000,000,000 | ---D | M] (XfireXO Toolbar) -- C:\Users\Jennifer\AppData\Roaming\mozilla\Firefox\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}
[2011/06/22 11:15:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) --
[2009/09/20 03:03:22 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2011/06/15 23:17:34 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2011/03/24 08:41:42 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Mozilla Firefox\components\Scriptff.dll
[2010/01/01 03:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml
[2010/09/22 03:26:30 | 000,002,040 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fcmdSrchstonicus.xml

O1 HOSTS File: ([2011/06/27 19:39:38 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - File not found
O2 - BHO: (SpywareGuardDLBLOCK.CBrowserHelper) - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll ()
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20110622175522.dll (McAfee, Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [lxcrmon.exe] C:\Program Files\Lexmark 2400 Series\lxcrmon.exe ()
O4 - HKLM..\Run: [lxczbmgr.exe] C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe (Lexmark International, Inc.)
O4 - HKLM..\Run: [MacrokeyManager] C:\Windows\System32\WTMKM.exe ()
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Users\Jennifer\Desktop\security\Malwarebytes' Anti-Malware\gogetum2.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [P2Go_Menu] C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [WPCUMI] C:\Windows\System32\wpcumi.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 2
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O15 - HKCU\..Trusted Domains: army.mil ([rw3] https in Trusted sites)
O15 - HKCU\..Trusted Domains: armyfrg.org ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: battle.net ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: blizzard.com ([us] https in Trusted sites)
O15 - HKCU\..Trusted Domains: yahoo.com ([www] https in Trusted sites)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} http://cdn.scan.onec...s/wlscctrl2.cab (Windows Live OneCare safety scanner control)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {75A6AEA3-F26E-4608-AE9B-8DA78C87576E} https://kingsisle.hs...ameLauncher.CAB (Wizard101GameLauncher)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F94859F2-3810-48FA-8403-0E163FD67CAD} https://video.global...idplayer8.2.cab (canvidplayer8ctrl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - File not found
O24 - Desktop WallPaper: C:\Users\Jennifer\Pictures\WereWolf-1.jpg
O24 - Desktop BackupWallPaper: C:\Users\Jennifer\Pictures\WereWolf-1.jpg
O28 - HKLM ShellExecuteHooks: {81559C35-8464-49F7-BB0E-07A383BEF910} - C:\Program Files\SpywareGuard\spywareguard.dll ()
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2011/06/23 10:46:02 | 000,000,016 | -H-- | M] () - I:\AUTORUN.INF -- [ FAT ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKCU\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/06/28 12:39:31 | 000,579,072 | ---- | C] (OldTimer Tools) -- C:\Users\Jennifer\Desktop\OTL.exe
[2011/06/28 12:31:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2011/06/27 20:08:09 | 000,000,000 | ---D | C] -- C:\Users\Jennifer\DoctorWeb
[2011/06/27 19:46:32 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2011/06/27 19:46:32 | 000,000,000 | ---D | C] -- C:\Users\Jennifer\AppData\Local\temp
[2011/06/27 19:40:50 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011/06/27 19:16:49 | 000,000,000 | ---D | C] -- C:\ComboFix
[2011/06/27 17:30:43 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011/06/27 17:30:43 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011/06/27 17:30:43 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011/06/26 14:07:11 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/06/26 12:46:41 | 002,234,368 | R--- | C] (OldTimer Tools) -- C:\OTLPE.exe
[2011/06/26 12:45:19 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/06/23 10:55:37 | 000,000,000 | ---D | C] -- C:\Users\Jennifer\Desktop\RK_Quarantine
[2011/06/22 21:25:00 | 000,000,000 | ---D | C] -- C:\Users\Jennifer\Desktop\Chris & Brianna
[2011/06/22 11:16:01 | 000,000,000 | ---D | C] -- C:\Users\Jennifer\AppData\Local\Mozilla
[2011/06/22 11:09:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareGuard
[2011/06/22 11:09:58 | 000,000,000 | ---D | C] -- C:\Program Files\SpywareGuard
[2011/06/22 10:43:49 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee.com
[2011/06/21 11:05:13 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011/06/19 23:49:06 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/06/19 23:48:54 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW
[2011/06/19 17:26:12 | 000,000,000 | ---D | C] -- C:\Users\Jennifer\Desktop\security
[2011/06/19 16:42:18 | 000,009,344 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfeclnk.sys
[2011/06/19 16:41:52 | 000,148,520 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\mfevtps.exe
[2011/06/19 16:41:36 | 000,163,400 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfewfpk.sys
[2011/06/19 16:41:36 | 000,064,648 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfenlfk.sys
[2011/06/19 16:41:35 | 000,459,728 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfehidk.sys
[2011/06/19 16:41:35 | 000,337,912 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfefirek.sys
[2011/06/19 16:41:35 | 000,085,984 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mferkdet.sys
[2011/06/19 16:41:34 | 000,179,248 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfeavfk.sys
[2011/06/19 16:41:34 | 000,118,784 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfeapfk.sys
[2011/06/19 16:41:34 | 000,059,288 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfebopk.sys
[2011/06/19 16:41:33 | 000,057,432 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\cfwids.sys
[2011/06/17 12:46:58 | 000,000,000 | -H-D | C] -- C:\Windows\System32\Updates
[2011/06/17 12:43:03 | 000,000,000 | -H-D | C] -- C:\Windows\System32\Data
[2011/06/14 00:24:27 | 000,000,000 | ---D | C] -- C:\Users\Jennifer\AppData\Local\Conduit
[2011/05/29 23:14:14 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2011/05/29 22:59:18 | 000,000,000 | ---D | C] -- C:\Users\Jennifer\Desktop\New Folder (2)
[2011/03/01 19:01:41 | 000,413,696 | -H-- | C] ( ) -- C:\Windows\System32\lxczinpa.dll
[2011/03/01 19:01:41 | 000,397,312 | -H-- | C] ( ) -- C:\Windows\System32\lxcziesc.dll
[2011/03/01 19:01:41 | 000,323,584 | -H-- | C] ( ) -- C:\Windows\System32\LXCZhcp.dll
[2011/03/01 19:01:40 | 001,224,704 | -H-- | C] ( ) -- C:\Windows\System32\lxczserv.dll
[2011/03/01 19:01:40 | 000,991,232 | -H-- | C] ( ) -- C:\Windows\System32\lxczusb1.dll
[2011/03/01 19:01:40 | 000,696,320 | -H-- | C] ( ) -- C:\Windows\System32\lxczhbn3.dll
[2011/03/01 19:01:40 | 000,643,072 | -H-- | C] ( ) -- C:\Windows\System32\lxczpmui.dll
[2011/03/01 19:01:40 | 000,585,728 | -H-- | C] ( ) -- C:\Windows\System32\lxczlmpm.dll
[2011/03/01 19:01:40 | 000,385,968 | -H-- | C] ( ) -- C:\Windows\System32\lxczih.exe
[2011/03/01 19:01:40 | 000,163,840 | -H-- | C] ( ) -- C:\Windows\System32\lxczprox.dll
[2011/03/01 19:01:40 | 000,094,208 | -H-- | C] ( ) -- C:\Windows\System32\lxczpplc.dll
[2011/03/01 19:01:39 | 000,684,032 | -H-- | C] ( ) -- C:\Windows\System32\lxczcomc.dll
[2011/03/01 19:01:39 | 000,537,520 | -H-- | C] ( ) -- C:\Windows\System32\lxczcoms.exe
[2011/03/01 19:01:39 | 000,421,888 | -H-- | C] ( ) -- C:\Windows\System32\lxczcomm.dll
[2011/03/01 19:01:39 | 000,381,872 | -H-- | C] ( ) -- C:\Windows\System32\lxczcfg.exe
[2009/04/27 22:15:57 | 001,224,704 | -H-- | C] ( ) -- C:\Windows\System32\lxcrserv.dll
[2009/04/27 22:15:57 | 000,991,232 | -H-- | C] ( ) -- C:\Windows\System32\lxcrusb1.dll
[2009/04/27 22:15:57 | 000,684,032 | -H-- | C] ( ) -- C:\Windows\System32\lxcrcomc.dll
[2009/04/27 22:15:57 | 000,643,072 | -H-- | C] ( ) -- C:\Windows\System32\lxcrpmui.dll
[2009/04/27 22:15:57 | 000,585,728 | -H-- | C] ( ) -- C:\Windows\System32\lxcrlmpm.dll
[2009/04/27 22:15:57 | 000,537,520 | -H-- | C] ( ) -- C:\Windows\System32\lxcrcoms.exe
[2009/04/27 22:15:57 | 000,421,888 | -H-- | C] ( ) -- C:\Windows\System32\lxcrcomm.dll
[2009/04/27 22:15:57 | 000,413,696 | -H-- | C] ( ) -- C:\Windows\System32\lxcrinpa.dll
[2009/04/27 22:15:57 | 000,397,312 | -H-- | C] ( ) -- C:\Windows\System32\lxcriesc.dll
[2009/04/27 22:15:57 | 000,385,968 | -H-- | C] ( ) -- C:\Windows\System32\lxcrih.exe
[2009/04/27 22:15:57 | 000,323,584 | -H-- | C] ( ) -- C:\Windows\System32\LXCRhcp.dll
[2009/04/27 22:15:57 | 000,163,840 | -H-- | C] ( ) -- C:\Windows\System32\lxcrprox.dll
[2009/04/27 22:15:57 | 000,094,208 | -H-- | C] ( ) -- C:\Windows\System32\lxcrpplc.dll

========== Files - Modified Within 30 Days ==========

[2011/06/28 17:44:00 | 000,000,442 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{B1976C9C-5D04-4CBD-A895-6745F90D2F60}.job
[2011/06/28 16:31:10 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/06/28 16:31:10 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/06/28 12:31:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/06/28 12:31:06 | 3085,312,000 | -HS- | M] () -- C:\hiberfil.sys
[2011/06/28 12:31:04 | 385,780,238 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/06/27 19:39:38 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011/06/27 17:28:57 | 000,000,293 | ---- | M] () -- C:\Users\Jennifer\Desktop\ComboFix - Shortcut.lnk
[2011/06/22 21:35:45 | 000,043,520 | ---- | M] () -- C:\Users\Jennifer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/06/22 11:15:57 | 000,000,872 | ---- | M] () -- C:\Users\Jennifer\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/06/22 11:09:58 | 000,000,798 | ---- | M] () -- C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SpywareGuard.lnk
[2011/06/22 10:24:37 | 000,395,624 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/06/19 17:25:10 | 000,595,446 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/06/19 17:25:10 | 000,101,144 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/06/19 17:20:40 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Jennifer\Desktop\OTL.exe
[2011/06/18 01:39:35 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\LogConfigTemp.xml

========== Files Created - No Company Name ==========

[2011/06/27 17:30:43 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2011/06/27 17:30:43 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011/06/27 17:30:43 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/06/27 17:30:43 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/06/27 17:30:43 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/06/27 17:28:57 | 000,000,293 | ---- | C] () -- C:\Users\Jennifer\Desktop\ComboFix - Shortcut.lnk
[2011/06/22 11:15:57 | 000,000,872 | ---- | C] () -- C:\Users\Jennifer\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/06/22 11:15:57 | 000,000,860 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011/06/22 11:09:58 | 000,000,798 | ---- | C] () -- C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SpywareGuard.lnk
[2011/03/01 19:05:05 | 000,000,311 | -H-- | C] () -- C:\Windows\Lexstat.ini
[2011/03/01 19:01:41 | 000,413,696 | -H-- | C] () -- C:\Windows\System32\lxczutil.dll
[2011/03/01 19:01:41 | 000,274,432 | -H-- | C] () -- C:\Windows\System32\LXCZinst.dll
[2010/11/23 11:55:02 | 000,000,552 | ---- | C] () -- C:\Users\Jennifer\AppData\Local\d3d8caps.dat
[2010/02/18 13:32:01 | 000,238,072 | ---- | C] () -- C:\Windows\System32\drivers\WUSB54GSCV2_X86.sys
[2010/02/18 13:32:00 | 000,000,758 | -H-- | C] () -- C:\Windows\System32\WLAN.INI
[2010/01/04 00:51:54 | 000,230,752 | -H-- | C] () -- C:\Windows\patchw32.dll
[2010/01/04 00:51:53 | 000,118,176 | -H-- | C] () -- C:\Windows\patchw.dll
[2009/08/03 01:21:54 | 000,197,912 | -H-- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2009/08/03 01:21:54 | 000,058,648 | -H-- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2009/08/03 01:21:54 | 000,058,648 | -H-- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2009/08/03 01:21:54 | 000,058,648 | -H-- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2009/08/03 01:21:54 | 000,058,648 | -H-- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2009/08/03 01:21:54 | 000,058,648 | -H-- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2009/08/03 01:21:54 | 000,058,648 | -H-- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2009/08/03 01:21:54 | 000,058,648 | -H-- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2009/08/03 01:21:52 | 000,058,648 | -H-- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2009/08/03 01:21:52 | 000,058,648 | -H-- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2009/07/17 19:44:43 | 000,007,063 | ---- | C] () -- C:\ProgramData\N360BUOptions.ini
[2009/07/06 22:17:05 | 000,000,114 | ---- | C] () -- C:\Users\Jennifer\AppData\Roaming\wklnhst.dat
[2009/07/06 20:54:03 | 000,364,192 | -H-- | C] () -- C:\Windows\System32\atwtusb.exe
[2009/07/06 20:54:02 | 001,969,824 | -H-- | C] () -- C:\Windows\System32\WTMKM.exe
[2009/07/06 20:54:02 | 000,045,056 | -H-- | C] () -- C:\Windows\System32\InstallService.exe
[2009/07/06 20:54:01 | 000,180,224 | -H-- | C] () -- C:\Windows\System32\ATWTINK.DLL
[2009/07/06 20:54:01 | 000,102,048 | -H-- | C] () -- C:\Windows\RmTablet.exe
[2009/07/06 20:54:01 | 000,021,784 | -H-- | C] () -- C:\Windows\System32\Photoshop Elements.ini
[2009/07/06 20:54:01 | 000,014,446 | -H-- | C] () -- C:\Windows\System32\PhotoImpact XL SE.ini
[2009/07/06 20:54:01 | 000,011,125 | -H-- | C] () -- C:\Windows\System32\Vista.ini
[2009/07/06 20:54:01 | 000,010,438 | -H-- | C] () -- C:\Windows\System32\XP_2000.INI
[2009/07/06 20:54:01 | 000,000,619 | -H-- | C] () -- C:\Windows\System32\MKProfile.ini
[2009/07/06 20:54:00 | 000,006,874 | ---- | C] () -- C:\Windows\aiptbl.ini
[2009/04/27 22:15:57 | 000,274,432 | -H-- | C] () -- C:\Windows\System32\LXCRinst.dll
[2009/04/27 22:04:45 | 000,000,680 | ---- | C] () -- C:\Users\Jennifer\AppData\Local\d3d9caps.dat
[2009/04/12 14:35:14 | 000,000,000 | -H-- | C] () -- C:\Windows\nsreg.dat
[2009/02/28 16:01:14 | 000,000,000 | -H-- | C] () -- C:\Windows\setup32.INI
[2009/02/23 23:33:48 | 000,000,209 | -H-- | C] () -- C:\Windows\ODBCINST.INI
[2009/02/23 23:24:51 | 000,000,000 | -H-- | C] () -- C:\Windows\popcinfo.dat
[2009/02/22 20:27:02 | 000,043,520 | ---- | C] () -- C:\Users\Jennifer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/02/22 20:13:07 | 000,000,295 | -H-- | C] () -- C:\Windows\wininit.ini
[2009/01/14 13:40:17 | 000,487,424 | -H-- | C] () -- C:\Windows\System32\INT15.dll
[2008/10/29 21:15:35 | 000,003,948 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2008/10/29 21:01:46 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2008/10/29 21:01:46 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2007/02/07 19:58:12 | 000,039,899 | ---- | C] () -- C:\Windows\System32\rtsicis.ini
[2007/01/22 10:49:34 | 000,344,064 | -H-- | C] () -- C:\Windows\System32\lxczcoin.dll
[2006/11/30 11:32:52 | 000,344,064 | -H-- | C] () -- C:\Windows\System32\lxcrcoin.dll
[2006/11/22 17:16:18 | 000,003,612 | -H-- | C] () -- C:\Windows\ReaderString.ini
[2006/11/21 13:50:06 | 000,000,037 | -H-- | C] () -- C:\Windows\sunkist.ini
[2006/11/02 07:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 07:47:37 | 000,395,624 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 05:33:01 | 000,595,446 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 05:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 05:33:01 | 000,101,144 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 05:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 05:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 03:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 03:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 02:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/08/14 16:01:48 | 000,065,536 | ---- | C] () -- C:\Windows\System32\lxcrcaps.dll
[2006/08/08 14:58:04 | 000,692,224 | ---- | C] () -- C:\Windows\System32\lxcrdrs.dll
[2006/06/07 15:23:04 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxczcnv7.dll
[2006/03/27 13:19:14 | 000,040,960 | -H-- | C] () -- C:\Windows\System32\lxczvs.dll
[2006/03/23 03:33:20 | 000,040,960 | -H-- | C] () -- C:\Windows\System32\lxcrvs.dll
[2006/03/07 13:59:04 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxczcnv6.dll
[2006/01/10 19:11:06 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxczcnv5.dll
[2006/01/10 19:11:06 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxczcnv4.dll
[2005/12/20 11:54:04 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxcrcnv4.dll
[1997/11/17 17:13:16 | 000,010,240 | -H-- | C] () -- C:\Windows\System32\vidx16.dll

========== LOP Check ==========

[2011/06/21 11:49:33 | 000,000,000 | ---D | M] -- C:\Users\Jennifer\AppData\Roaming\7BFC6CB9824A6E610F33ECA95451ED4F
[2009/11/20 18:34:29 | 000,000,000 | ---D | M] -- C:\Users\Jennifer\AppData\Roaming\Acoustica
[2010/03/20 09:36:15 | 000,000,000 | ---D | M] -- C:\Users\Jennifer\AppData\Roaming\LimeWire
[2011/06/21 23:39:59 | 000,000,000 | ---D | M] -- C:\Users\Jennifer\AppData\Roaming\NeopleLauncherDFO
[2009/02/22 19:31:23 | 000,000,000 | ---D | M] -- C:\Users\Jennifer\AppData\Roaming\PlayFirst
[2011/03/14 00:40:25 | 000,000,000 | ---D | M] -- C:\Users\Jennifer\AppData\Roaming\SPORE
[2010/11/23 12:30:11 | 000,000,000 | ---D | M] -- C:\Users\Jennifer\AppData\Roaming\Template
[2009/02/22 19:30:41 | 000,000,000 | ---D | M] -- C:\Users\Jennifer\AppData\Roaming\WildTangent
[2011/06/27 19:47:53 | 000,032,580 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011/06/28 17:44:00 | 000,000,442 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{B1976C9C-5D04-4CBD-A895-6745F90D2F60}.job

========== Purity Check ==========



< End of report >
  • 0

Advertisements

#47
ali.B
Posted 28 June 2011 - 03:07 PM

ali.B

    Trusted Helper

  • Malware Removal
  • 3,086 posts
hi

Congratulations your logs appear clean :)

Reset and Re-enable your System Restore

The following will implement some cleanup procedures as well as reset System Restore points:
  • Click START then RUN
  • Now type ComboFix /Uninstall in the runbox and click OK. Note the space between the X and the U, it needs to be there.

    Posted Image

NEXT

  • Open OTL to run it. (Vista users, right click on OTL and "Run as administrator")
  • Click on the CleanUp button.
  • Click Yes to begin the cleanup process and remove tools, including this application
  • You may be asked to reboot the machine to finish the cleanup process - if so, choose Yes


Recommendations

See Here for a list of recommendations for free Antivirus\AntiSpyware applications.


  • Keep Your windows up to date by regularly checking their website at:
    http://windowsupdate.microsoft.com/

  • SpywareBlaster protects against bad ActiveX, it immunizes your PC against them.

  • SpywareGuard offers realtime protection from spyware installation attempts. Make sure you are only running one real-time anti-spyware protection program ( eg : TeaTimer, Windows Defender ) or there will be a conflict.

  • Make Internet Explorer more secure
    • Click Start > Run
    • Type Inetcpl.cpl & click OK
    • Click on the Security tab
    • Click Reset all zones to default level
    • Make sure the Internet Zone is selected & Click Custom level
    • In the ActiveX section, set the first two options ("Download signed and unsigned ActiveX controls) to "Prompt", and ("Initialize and Script ActiveX controls not marked as safe") to "Disable".
    • Next Click OK, then Apply button and then OK to exit the Internet Properties page.


  • MVPS Hosts file replaces your current HOSTS file with one containing well known ad sites and other bad sites. Basically, this prevents your computer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer, meaning it will be difficult to infect yourself in the future.

  • Please consider using an alternate browser. Mozilla's Firefox browser is fantastic; it is much more
    secure than Internet Explorer, immune to almost all known browser hijackers, and also has the best built-in pop up
    blocker (as an added benefit!) that I have ever seen. If you are interested, Firefox may be downloaded from
    Here

    If you choose to use Firefox, I highly recommend these add-ons to keep your PC even more secure.
    • NoScript - for blocking ads and other potential website attacks
    • McAfee SiteAdvisor - this tells you whether the sites you are about to visit are safe or not. A must if you do a lot of Googling

  • Click Here to learn how to keep a backup of your important files

  • FileHippo Update Checkker is an extremely helpful program that will tell you which of your programs need to be updated. Its important to keep programs up to date so that malware doesn't exploit any old security flaws.


Thank you :unsure:
  • 0

#48
ali.B
Posted 29 June 2011 - 01:01 PM

ali.B

    Trusted Helper

  • Malware Removal
  • 3,086 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP