I've had problems with things like this in the past and when sent to the cheapest computer fixer we could find, he usually just backs up pictures and music (ignoring itunes) and wipes the computer clean. It is a horrible process and I'd like to remove these viruses myself (with your help of course(: )
I ran the Microsoft Security Essentials scan (full) and these are the detected items it has found the past few days:
Trojan:DOS/Alureon.A
Exploit:Win32/Pdfjsc.RF
The Trojan has not been removable, but has been quarentined by MSE.
The Exploit one has been "removed" but it keeps coming back.
Also, sometimes while running my internet explorer, the bottom tool bar and the tool bars on the top of the browser go into this weird boxy mode looking a bit like the classic windows appearances but different. If it happens again I will take a screen shot to show you.
In advance, thank you for the help.
I ran the OTL like asked, and here are my logs:
OTL logfile created on: 8/30/2011 10:58:15 PM - Run 1
OTL by OldTimer - Version 3.2.26.7 Folder = C:\Users\Emma\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18882)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 0.15 Gb Available Physical Memory | 7.52% Memory free
4.21 Gb Paging File | 1.66 Gb Available in Paging File | 39.33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222.78 Gb Total Space | 98.66 Gb Free Space | 44.29% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 5.00 Gb Free Space | 49.95% Space Free | Partition Type: NTFS
Computer Name: SARA-PC | User Name: Emma | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/08/30 22:57:03 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Emma\Desktop\OTL.exe
PRC - [2011/07/29 11:40:57 | 000,307,376 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2011/06/15 15:16:48 | 000,997,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2011/05/04 04:52:35 | 000,023,328 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jp2launcher.exe
PRC - [2011/05/04 04:52:32 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\java.exe
PRC - [2011/04/27 15:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2011/04/27 13:19:15 | 000,235,168 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10p_ActiveX.exe
PRC - [2011/04/27 12:00:35 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011/03/09 04:53:20 | 000,393,216 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2011/03/09 04:52:56 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2009/12/10 11:13:56 | 004,562,944 | ---- | M] () -- C:\Program Files\NETGEAR\WNA1100\WNA1100.exe
PRC - [2009/11/27 12:04:44 | 000,278,528 | ---- | M] () -- C:\Program Files\NETGEAR\WNA1100\WifiSvc.exe
PRC - [2008/01/17 07:22:20 | 004,907,008 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007/12/05 06:17:24 | 000,077,824 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTSrv.exe
PRC - [2007/05/11 03:06:38 | 000,341,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
PRC - [2007/01/12 14:57:28 | 000,292,336 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 926\dlcxmon.exe
PRC - [2006/11/03 20:07:04 | 000,537,480 | ---- | M] ( ) -- C:\Windows\System32\dlcxcoms.exe
PRC - [2006/11/03 20:04:46 | 000,304,008 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 926\memcard.exe
========== Modules (No Company Name) ==========
MOD - [2011/08/23 17:56:25 | 000,052,736 | -H-- | M] () -- C:\Windows\System32\chknsync.dll
MOD - [2011/03/21 17:30:20 | 000,067,872 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/03/21 17:30:06 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/03/21 17:30:06 | 000,324,896 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libtidy.dll
MOD - [2009/12/10 11:13:56 | 004,562,944 | ---- | M] () -- C:\Program Files\NETGEAR\WNA1100\WNA1100.exe
MOD - [2009/08/28 16:50:18 | 000,282,624 | ---- | M] () -- C:\Program Files\NETGEAR\WNA1100\WifiSvcLib.dll
MOD - [2007/01/12 14:57:28 | 000,292,336 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 926\dlcxmon.exe
MOD - [2006/11/03 20:04:46 | 000,304,008 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 926\memcard.exe
MOD - [2006/09/06 08:13:14 | 000,073,728 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 926\DLCXcfg.dll
MOD - [2006/08/08 17:54:18 | 000,278,528 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 926\dlcxscw.dll
MOD - [2006/03/14 19:38:24 | 000,143,360 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 926\dlcxdrec.dll
========== Win32 Services (SafeList) ==========
SRV - [2011/04/27 15:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2011/03/09 04:52:56 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009/11/27 12:04:44 | 000,278,528 | ---- | M] () [Auto | Running] -- C:\Program Files\NETGEAR\WNA1100\WifiSvc.exe -- (WSWNA1100)
SRV - [2009/11/05 16:10:22 | 000,954,368 | ---- | M] (Atheros Communications, Inc.) [On_Demand | Stopped] -- C:\Program Files\NETGEAR\WNA1100\jswpsapi.exe -- (jswpsapi)
SRV - [2007/12/19 22:50:11 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/12/05 06:17:24 | 000,077,824 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AERTSrv.exe -- (AERTFilters)
SRV - [2007/05/31 09:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 09:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2006/11/03 20:07:04 | 000,537,480 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\dlcxcoms.exe -- (dlcx_device)
========== Driver Services (SafeList) ==========
DRV - [2011/08/30 21:06:03 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{A85A1309-D9E8-4387-A4C0-F61AB760B734}\MpKslddc7107c.sys -- (MpKslddc7107c)
DRV - [2011/04/18 13:18:50 | 000,043,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2011/03/09 09:21:36 | 007,723,008 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2011/03/09 09:21:36 | 007,723,008 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2011/03/09 09:21:36 | 007,723,008 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2011/03/09 04:17:26 | 000,239,616 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2009/11/27 03:47:00 | 001,384,448 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athur.sys -- (athur)
DRV - [2008/05/15 02:28:00 | 000,020,384 | ---- | M] (Atheros Communications, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\jswpslwf.sys -- (jswpslwf)
DRV - [2007/10/29 04:40:28 | 001,062,048 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2007/08/09 18:12:30 | 000,110,624 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvstor32.sys -- (nvstor32)
DRV - [2007/01/19 18:20:54 | 000,021,728 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\scmndisp.sys -- (SCMNdisP)
DRV - [2006/11/02 02:30:55 | 000,200,704 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel®
DRV - [2006/10/18 13:08:18 | 000,258,048 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2006/08/04 19:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...=us&ibd=2071220
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
Hosts file not found
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [DLCXCATS] C:\Windows\System32\spool\DRIVERS\W32X86\3\DLCXtime.DLL ()
O4 - HKLM..\Run: [dlcxmon.exe] C:\Program Files\Dell Photo AIO Printer 926\dlcxmon.exe ()
O4 - HKLM..\Run: [FaxCenterServer] C:\Program Files\Dell PC Fax\fm3032.exe ()
O4 - HKLM..\Run: [jswtrayutil] File not found
O4 - HKLM..\Run: [MemoryCardManager] C:\Program Files\Dell Photo AIO Printer 926\memcard.exe ()
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll (Google Inc.)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 24.196.64.53 68.113.206.10
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Emma\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Emma\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{18f56935-782d-11e0-9cbb-001aa080f56c}\Shell\AutoRun\command - "" = G:\Setup.exe
O33 - MountPoints2\{18f56935-782d-11e0-9cbb-001aa080f56c}\Shell\Install\command - "" = G:\Setup.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: dpapched - (C:\Windows\system32\chknsync.dll) - C:\Windows\System32\chknsync.dll ()
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/08/30 22:56:49 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Emma\Desktop\OTL.exe
[2011/08/25 03:44:57 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2011/04/28 10:12:39 | 000,323,584 | ---- | C] ( ) -- C:\Windows\System32\dlcxhcp.dll
[2007/12/19 22:58:53 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\dlcxserv.dll
[2007/12/19 22:58:53 | 000,991,232 | ---- | C] ( ) -- C:\Windows\System32\dlcxusb1.dll
[2007/12/19 22:58:53 | 000,696,320 | ---- | C] ( ) -- C:\Windows\System32\dlcxhbn3.dll
[2007/12/19 22:58:53 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\dlcxcomc.dll
[2007/12/19 22:58:53 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\dlcxpmui.dll
[2007/12/19 22:58:53 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\dlcxlmpm.dll
[2007/12/19 22:58:53 | 000,537,480 | ---- | C] ( ) -- C:\Windows\System32\dlcxcoms.exe
[2007/12/19 22:58:53 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\dlcxcomm.dll
[2007/12/19 22:58:53 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\dlcxinpa.dll
[2007/12/19 22:58:53 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\dlcxiesc.dll
[2007/12/19 22:58:53 | 000,385,928 | ---- | C] ( ) -- C:\Windows\System32\dlcxih.exe
[2007/12/19 22:58:53 | 000,381,832 | ---- | C] ( ) -- C:\Windows\System32\dlcxcfg.exe
[2007/12/19 22:58:53 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\dlcxprox.dll
[2007/12/19 22:58:53 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\dlcxpplc.dll
[5 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[5 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/08/30 22:57:03 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Emma\Desktop\OTL.exe
[2011/08/30 22:20:37 | 000,618,410 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/08/30 22:20:37 | 000,103,818 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/08/30 22:06:08 | 000,003,456 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/08/30 22:06:08 | 000,003,456 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/08/30 21:55:30 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/08/30 21:25:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/08/30 21:05:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/08/30 21:05:42 | 2145,902,592 | -HS- | M] () -- C:\hiberfil.sys
[2011/08/30 21:04:40 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011/08/23 17:56:25 | 000,052,736 | -H-- | M] () -- C:\Windows\System32\chknsync.dll
[2011/08/23 14:09:55 | 000,001,052 | -HS- | M] () -- C:\Users\Emma\AppData\Local\om5voeys5440gb80u7x13asrjy5wa168v45301t877ht
[2011/08/23 14:09:55 | 000,001,052 | -HS- | M] () -- C:\ProgramData\om5voeys5440gb80u7x13asrjy5wa168v45301t877ht
[2011/08/23 14:09:55 | 000,000,000 | ---- | M] () -- C:\Users\Emma\AppData\Local\vppp.exe
[2011/08/23 14:09:55 | 000,000,000 | ---- | M] () -- C:\ProgramData\qixd.exe
[2011/08/23 14:09:55 | 000,000,000 | ---- | M] () -- C:\Users\Emma\AppData\Local\nkub.exe
[2011/08/23 14:09:55 | 000,000,000 | ---- | M] () -- C:\ProgramData\lxvt.exe
[2011/08/23 14:09:55 | 000,000,000 | ---- | M] () -- C:\Users\Emma\AppData\Local\jpjj.exe
[2011/08/23 14:09:55 | 000,000,000 | ---- | M] () -- C:\ProgramData\gnaq.exe
[2011/08/23 14:09:55 | 000,000,000 | ---- | M] () -- C:\Users\Emma\AppData\Local\ewhb.exe
[2011/08/23 14:09:55 | 000,000,000 | ---- | M] () -- C:\ProgramData\cbio.exe
[2011/08/14 21:09:28 | 000,044,544 | ---- | M] () -- C:\Users\Emma\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[5 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[5 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/08/23 17:56:25 | 000,052,736 | -H-- | C] () -- C:\Windows\System32\chknsync.dll
[2011/08/23 14:09:55 | 000,001,052 | -HS- | C] () -- C:\Users\Emma\AppData\Local\om5voeys5440gb80u7x13asrjy5wa168v45301t877ht
[2011/08/23 14:09:55 | 000,001,052 | -HS- | C] () -- C:\ProgramData\om5voeys5440gb80u7x13asrjy5wa168v45301t877ht
[2011/08/23 14:09:55 | 000,000,000 | ---- | C] () -- C:\Users\Emma\AppData\Local\vppp.exe
[2011/08/23 14:09:55 | 000,000,000 | ---- | C] () -- C:\ProgramData\qixd.exe
[2011/08/23 14:09:55 | 000,000,000 | ---- | C] () -- C:\Users\Emma\AppData\Local\nkub.exe
[2011/08/23 14:09:55 | 000,000,000 | ---- | C] () -- C:\ProgramData\lxvt.exe
[2011/08/23 14:09:55 | 000,000,000 | ---- | C] () -- C:\Users\Emma\AppData\Local\jpjj.exe
[2011/08/23 14:09:55 | 000,000,000 | ---- | C] () -- C:\ProgramData\gnaq.exe
[2011/08/23 14:09:55 | 000,000,000 | ---- | C] () -- C:\Users\Emma\AppData\Local\ewhb.exe
[2011/08/23 14:09:55 | 000,000,000 | ---- | C] () -- C:\ProgramData\cbio.exe
[2011/04/28 10:13:37 | 000,045,056 | ---- | C] () -- C:\Windows\System32\DLPRMON.DLL
[2011/04/28 10:13:37 | 000,032,768 | ---- | C] () -- C:\Windows\System32\DLPMONUI.DLL
[2011/04/28 10:12:39 | 000,274,432 | ---- | C] () -- C:\Windows\System32\dlcxinst.dll
[2011/04/27 14:39:05 | 000,044,544 | ---- | C] () -- C:\Users\Emma\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/03/09 04:16:26 | 000,023,040 | ---- | C] () -- C:\Windows\System32\atitmpxx.dll
[2011/02/01 22:01:14 | 000,227,586 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2011/01/13 03:03:20 | 000,003,155 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2007/12/19 22:58:58 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2007/12/19 22:58:53 | 000,454,656 | ---- | C] () -- C:\Windows\System32\dlcxutil.dll
[2007/12/19 22:58:53 | 000,344,064 | ---- | C] () -- C:\Windows\System32\dlcxcoin.dll
[2007/12/19 22:58:53 | 000,188,416 | ---- | C] () -- C:\Windows\System32\dlcxgrd.dll
[2007/12/19 22:58:53 | 000,040,960 | ---- | C] () -- C:\Windows\System32\dlcxvs.dll
[2007/12/19 22:58:52 | 000,176,128 | ---- | C] () -- C:\Windows\System32\dlcxinsb.dll
[2007/12/19 22:58:52 | 000,176,128 | ---- | C] () -- C:\Windows\System32\dlcxins.dll
[2007/12/19 22:58:52 | 000,139,264 | ---- | C] () -- C:\Windows\System32\dlcxjswr.dll
[2007/12/19 22:58:52 | 000,106,496 | ---- | C] () -- C:\Windows\System32\dlcxinsr.dll
[2007/12/19 22:58:52 | 000,086,016 | ---- | C] () -- C:\Windows\System32\dlcxcub.dll
[2007/12/19 22:58:52 | 000,073,728 | ---- | C] () -- C:\Windows\System32\dlcxcu.dll
[2007/12/19 22:58:52 | 000,036,864 | ---- | C] () -- C:\Windows\System32\dlcxcur.dll
[2007/12/19 22:58:50 | 000,692,224 | ---- | C] () -- C:\Windows\System32\dlcxdrs.dll
[2007/12/19 22:58:50 | 000,073,728 | ---- | C] () -- C:\Windows\System32\dlcxcfg.dll
[2007/12/19 22:58:50 | 000,065,536 | ---- | C] () -- C:\Windows\System32\dlcxcaps.dll
[2007/12/19 22:58:50 | 000,061,440 | ---- | C] () -- C:\Windows\System32\dlcxcnv4.dll
[2007/12/19 15:33:24 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2007/12/19 15:16:03 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2007/12/19 15:04:54 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2007/03/19 05:04:58 | 000,003,584 | ---- | C] () -- C:\Windows\System32\namResES.dll
[2007/03/19 05:04:58 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResIT.dll
[2007/03/19 05:04:58 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResFR.dll
[2007/03/19 05:04:58 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResENG.dll
[2007/03/19 05:04:58 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResDE.dll
[2007/03/19 05:04:56 | 000,003,584 | ---- | C] () -- C:\Windows\System32\namResPTB.dll
[2007/03/19 05:04:56 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResZHC.dll
[2007/03/19 05:04:56 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResKO.dll
[2007/03/19 05:04:56 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResJA.dll
[2007/03/19 05:04:54 | 000,022,016 | ---- | C] () -- C:\Windows\System32\nam_page.dll
[2007/03/19 05:04:54 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResZHT.dll
[2006/11/07 14:25:58 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2006/11/02 07:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 07:47:37 | 000,381,512 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 05:33:01 | 000,618,410 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 05:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 05:33:01 | 000,103,818 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 05:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 05:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 03:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 03:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 02:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/11/02 02:22:43 | 000,099,999 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2006/11/02 02:22:43 | 000,018,271 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2006/09/16 23:36:50 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
[2006/09/16 23:36:50 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll
[2006/02/13 08:56:04 | 000,000,438 | ---- | C] () -- C:\Windows\System32\dlcxplc.ini
========== LOP Check ==========
[2011/07/19 19:00:30 | 000,000,000 | ---D | M] -- C:\Users\Emma\AppData\Roaming\PhotoScape
[2011/08/30 22:14:14 | 000,032,620 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report >