Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

suspect malware infection

Started by nellee62 , Sep 18 2011 03:40 PM

  • Please log in to reply

#1
nellee62
Posted 18 September 2011 - 03:40 PM

nellee62

    New Member

  • Member
  • Pip
  • 1 posts
Thanks for taking a look at my issue. I cannot run any virus or malware programs with any success. I have Trend Titanium and Malware bytes. I cannot load any new software, I cannot defrag and I cannot update Windows. I get a message that "location cannot be found, or I do not have administrative permissions. I am the only person setup to run this computer. Any help you can give me would be very much appreciate!! Thank You!!


OTL logfile created on: 9/18/2011 5:14:57 PM - Run 1
OTL by OldTimer - Version 3.2.28.0 Folder = C:\Users\Jessica\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19120)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.50 Gb Total Physical Memory | 2.99 Gb Available Physical Memory | 85.58% Memory free
7.17 Gb Paging File | 6.87 Gb Available in Paging File | 95.80% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 111.71 Gb Total Space | 18.25 Gb Free Space | 16.34% Space Free | Partition Type: NTFS

Computer Name: JESSICALT | User Name: Jessica | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/09/15 21:20:56 | 000,581,632 | ---- | M] (OldTimer Tools) -- C:\Users\Jessica\Desktop\OTL.scr
PRC - [2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2011/09/14 05:41:53 | 000,412,728 | ---- | M] () -- C:\Users\Jessica\AppData\Local\Google\Chrome\Application\14.0.835.163\ppgooglenaclpluginchrome.dll
MOD - [2011/09/14 05:41:51 | 003,696,184 | ---- | M] () -- C:\Users\Jessica\AppData\Local\Google\Chrome\Application\14.0.835.163\pdf.dll
MOD - [2011/09/14 05:40:26 | 000,142,568 | ---- | M] () -- C:\Users\Jessica\AppData\Local\Google\Chrome\Application\14.0.835.163\avutil-51.dll
MOD - [2011/09/14 05:40:24 | 000,253,320 | ---- | M] () -- C:\Users\Jessica\AppData\Local\Google\Chrome\Application\14.0.835.163\avformat-53.dll
MOD - [2011/09/14 05:40:23 | 002,403,240 | ---- | M] () -- C:\Users\Jessica\AppData\Local\Google\Chrome\Application\14.0.835.163\avcodec-53.dll
MOD - [2011/09/14 03:17:25 | 006,338,720 | ---- | M] () -- C:\Users\Jessica\AppData\Local\Google\Chrome\Application\14.0.835.163\gcswf32.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/02/16 15:26:04 | 000,188,272 | ---- | M] (Trend Micro Inc.) [Auto | Stopped] -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe -- (Amsp)
SRV - [2009/10/16 17:06:32 | 000,589,824 | ---- | M] ( ) [Auto | Stopped] -- C:\Windows\System32\lxducoms.exe -- (lxdu_device)
SRV - [2009/09/26 00:32:18 | 000,189,736 | ---- | M] (Seagate Technology LLC) [Auto | Stopped] -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe -- (FreeAgentGoNext Service)
SRV - [2008/01/19 03:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/09/20 15:31:10 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Stopped] -- C:\Windows\System32\AEstSrv.exe -- (AESTFilters)
SRV - [2007/09/13 15:45:38 | 000,102,400 | ---- | M] (IDT, Inc.) [Auto | Stopped] -- C:\Windows\System32\stacsv.exe -- (STacSV)
SRV - [2007/02/12 15:38:04 | 000,355,096 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®


========== Driver Services (SafeList) ==========

DRV - [2010/12/16 22:38:00 | 000,189,520 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\tmcomm.sys -- (tmcomm)
DRV - [2010/12/16 22:38:00 | 000,092,112 | ---- | M] (Trend Micro Inc.) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\tmtdi.sys -- (tmtdi)
DRV - [2010/12/16 22:38:00 | 000,080,464 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\tmactmon.sys -- (tmactmon)
DRV - [2010/12/16 22:38:00 | 000,064,080 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\tmevtmgr.sys -- (tmevtmgr)
DRV - [2009/06/16 15:59:00 | 009,768,640 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2007/10/10 18:03:00 | 000,235,648 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\OEM02Dev.sys -- (OEM02Dev)
DRV - [2007/09/26 09:12:00 | 002,251,776 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Intel®
DRV - [2007/09/13 15:46:06 | 000,330,240 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007/04/12 17:02:56 | 000,157,184 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007/03/05 19:45:00 | 000,007,424 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\OEM02Vfx.sys -- (OEM02Vfx)
DRV - [2006/11/15 01:16:24 | 000,032,256 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2006/11/14 20:42:46 | 000,043,520 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/11/14 18:35:20 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2006/11/02 03:30:54 | 001,781,760 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel®
DRV - [2006/08/04 17:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A0 EB 6C 58 7A 70 CC 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Jessica\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Jessica\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Jessica\AppData\Local\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Jessica\AppData\Local\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2011/01/14 16:43:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2011/01/14 16:43:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1464\6.6.1081\firefoxextension\ [2011/08/23 09:39:55 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2006/09/18 17:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1464\6.6.1081\TmIEPlg.dll (Trend Micro Inc.)
O2 - BHO: (Ant.com browser helper (video detector)) - {346FDE31-DFF9-418A-90C8-BA31DC9FF2EF} - C:\Program Files\Ant.com\IE add-on\Download.dll (Ant.com)
O2 - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe32.dll (Trend Micro Inc.)
O3 - HKLM\..\Toolbar: (Ant.com Download Toolbar) - {2E924F4F-67F0-4BD8-9560-49F468E843D2} - C:\Program Files\Ant.com\IE add-on\AntToolbar.dll (Ant.com)
O3 - HKCU\..\Toolbar\WebBrowser: (Ant.com Download Toolbar) - {2E924F4F-67F0-4BD8-9560-49F468E843D2} - C:\Program Files\Ant.com\IE add-on\AntToolbar.dll (Ant.com)
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [MaxMenuMgr] C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe (Seagate LLC)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NVHotkey] C:\Windows\System32\nvHotkey.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [Trend Micro Client Framework] C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [Win7_Upgrade] C:\Users\Jessica\AppData\Local\DellWin7Upgrade\Win7_Upgrade_Start.exe (Dell Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Download videos by Ant.com - {70AF6C9F-0818-4cf7-924A-BBDBB24211D3} - C:\Program Files\Ant.com\IE add-on\Download.dll (Ant.com)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 209.55.5.10 209.55.5.11
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{79515D0F-C12C-4FE2-AF97-F9D3E168D936}: DhcpNameServer = 192.168.1.1 209.55.5.10 209.55.5.11
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe32.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1464\6.6.1081\TmIEPlg.dll (Trend Micro Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Jessica\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Jessica\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{89d01122-63fa-11df-b864-001dd9e76960}\Shell\AutoRun\command - "" = E:\setupSNK.exe
O33 - MountPoints2\{8e17dc1d-a083-11df-bde1-001dd9e76960}\Shell\AutoRun\command - "" = E:\Connect.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/09/15 21:27:52 | 000,258,560 | ---- | C] (OldTimer Tools) -- C:\Users\Jessica\Desktop\OTH.scr
[2011/09/15 21:27:45 | 000,581,632 | ---- | C] (OldTimer Tools) -- C:\Users\Jessica\Desktop\OTL.scr
[2011/09/15 19:01:58 | 000,000,000 | ---D | C] -- C:\Users\Jessica\AppData\Roaming\Malwarebytes
[2011/09/15 19:01:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/09/15 19:01:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/09/15 19:01:28 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/09/15 19:01:27 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/09/15 19:00:22 | 009,852,544 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Jessica\Desktop\mbam-setup-1.51.2.1300.exe
[2011/09/15 18:43:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2011/09/15 18:43:37 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011/09/15 18:42:29 | 003,480,352 | ---- | C] (Piriform Ltd) -- C:\Users\Jessica\Desktop\ccsetup310.exe
[2011/09/15 16:04:45 | 000,000,000 | ---D | C] -- C:\Users\Jessica\Desktop\Artificial Heart
[2011/09/14 20:26:19 | 000,000,000 | ---D | C] -- C:\Users\Jessica\AppData\Roaming\Mozilla
[2010/02/04 00:00:00 | 000,139,264 | ---- | C] ( ) -- C:\Windows\sipr3260.dll
[2010/01/13 09:53:29 | 001,069,056 | ---- | C] ( ) -- C:\Windows\System32\lxduserv.dll
[2010/01/13 09:53:27 | 000,651,264 | ---- | C] ( ) -- C:\Windows\System32\lxdupmui.dll
[2010/01/13 09:53:27 | 000,589,824 | ---- | C] ( ) -- C:\Windows\System32\lxducoms.exe
[2010/01/13 09:53:26 | 000,577,536 | ---- | C] ( ) -- C:\Windows\System32\lxdulmpm.dll
[2010/01/13 09:53:23 | 000,376,832 | ---- | C] ( ) -- C:\Windows\System32\lxducomm.dll
[2010/01/13 09:53:22 | 000,364,544 | ---- | C] ( ) -- C:\Windows\System32\lxduinpa.dll
[2010/01/13 09:53:21 | 000,761,856 | ---- | C] ( ) -- C:\Windows\System32\lxducomc.dll
[2010/01/13 09:53:21 | 000,339,968 | ---- | C] ( ) -- C:\Windows\System32\lxduiesc.dll
[2010/01/13 09:53:19 | 000,860,160 | ---- | C] ( ) -- C:\Windows\System32\lxduusb1.dll
[2010/01/13 09:53:18 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\lxduhbn3.dll
[2010/01/13 09:53:15 | 000,364,544 | ---- | C] ( ) -- C:\Windows\System32\lxducfg.exe
[2010/01/13 09:53:10 | 000,323,584 | ---- | C] ( ) -- C:\Windows\System32\lxduih.exe
[2009/10/15 22:32:46 | 000,409,600 | ---- | C] ( ) -- C:\Windows\System32\lxducoin.dll
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/09/18 17:12:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/09/18 17:11:55 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/09/18 17:11:54 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/09/18 17:11:54 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011/09/18 16:24:06 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1454512320-169297219-1033336557-1000UA.job
[2011/09/18 16:23:49 | 000,002,052 | ---- | M] () -- C:\Users\Jessica\Desktop\Google Chrome.lnk
[2011/09/18 16:23:49 | 000,002,014 | ---- | M] () -- C:\Users\Jessica\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/09/18 15:57:35 | 000,000,422 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{E2451D94-D8D5-4A03-932C-2F4BECDA9800}.job
[2011/09/18 15:44:10 | 000,615,914 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/09/18 15:44:10 | 000,107,922 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/09/18 15:37:33 | 000,145,393 | ---- | M] () -- C:\ProgramData\nvModes.001
[2011/09/18 15:37:29 | 000,145,393 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2011/09/15 21:20:56 | 000,581,632 | ---- | M] (OldTimer Tools) -- C:\Users\Jessica\Desktop\OTL.scr
[2011/09/15 21:12:13 | 000,258,560 | ---- | M] (OldTimer Tools) -- C:\Users\Jessica\Desktop\OTH.scr
[2011/09/15 20:21:00 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1454512320-169297219-1033336557-1000Core.job
[2011/09/15 19:01:31 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/09/15 19:00:22 | 009,852,544 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Jessica\Desktop\mbam-setup-1.51.2.1300.exe
[2011/09/15 18:43:49 | 000,000,804 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011/09/15 18:42:43 | 003,480,352 | ---- | M] (Piriform Ltd) -- C:\Users\Jessica\Desktop\ccsetup310.exe
[2011/09/13 20:57:55 | 000,150,528 | ---- | M] () -- C:\Users\Jessica\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/09/12 16:02:13 | 000,002,627 | ---- | M] () -- C:\Users\Jessica\Desktop\Microsoft Office Word 2007.lnk
[2011/09/04 07:41:11 | 000,000,878 | ---- | M] () -- C:\Users\Jessica\.recently-used.xbel
[2011/09/01 05:51:07 | 000,000,000 | ---- | M] () -- C:\Users\Jessica\Documents\ch.1writingprompt
[2011/08/31 17:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/09/15 21:25:40 | 081,133,568 | ---- | C] () -- C:\Users\Jessica\Desktop\VIPRERescue7702.exe
[2011/09/15 21:25:33 | 000,660,787 | ---- | C] () -- C:\Users\Jessica\Desktop\rkill.exe
[2011/09/15 19:01:31 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/09/15 18:43:49 | 000,000,804 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011/09/04 07:41:11 | 000,000,878 | ---- | C] () -- C:\Users\Jessica\.recently-used.xbel
[2011/09/01 05:51:07 | 000,000,000 | ---- | C] () -- C:\Users\Jessica\Documents\ch.1writingprompt
[2010/10/30 13:57:02 | 000,095,232 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2010/06/23 12:35:52 | 000,790,528 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2010/06/23 12:35:52 | 000,134,144 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2010/05/20 06:20:28 | 000,148,906 | ---- | C] () -- C:\Windows\hpoins19.dat
[2010/05/20 06:19:49 | 000,026,952 | ---- | C] () -- C:\Windows\hpomdl19.dat
[2010/05/08 08:09:43 | 000,000,145 | ---- | C] () -- C:\Windows\BRVIDEO.INI
[2010/05/08 08:09:43 | 000,000,059 | ---- | C] () -- C:\Windows\brmx2001.ini
[2010/05/08 08:09:43 | 000,000,023 | ---- | C] () -- C:\Windows\Brownie.ini
[2010/05/08 08:09:42 | 000,000,114 | ---- | C] () -- C:\Windows\System32\brlmw03a.ini
[2010/05/08 08:09:41 | 000,011,567 | ---- | C] () -- C:\Windows\HL-1440.INI
[2010/03/15 05:31:48 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2010/01/13 09:53:15 | 000,208,896 | ---- | C] () -- C:\Windows\System32\lxdugrd.dll
[2010/01/13 09:53:10 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxduvs.dll
[2010/01/13 09:49:21 | 001,036,288 | ---- | C] () -- C:\Windows\System32\lxdudrs.dll
[2010/01/13 09:49:21 | 000,081,920 | ---- | C] () -- C:\Windows\System32\lxducaps.dll
[2010/01/13 09:49:21 | 000,069,632 | ---- | C] () -- C:\Windows\System32\lxducnv4.dll
[2009/12/28 07:44:50 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/12/27 16:38:06 | 000,150,528 | ---- | C] () -- C:\Users\Jessica\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/12/27 16:32:06 | 000,000,410 | ---- | C] () -- C:\Windows\brwmark.ini
[2009/12/27 16:32:06 | 000,000,052 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2009/12/23 20:45:35 | 000,000,327 | ---- | C] () -- C:\Users\Jessica\AppData\Local\Win7_tmp1.htm
[2009/12/23 18:28:41 | 000,002,528 | ---- | C] () -- C:\Windows\FCIC.INI
[2009/12/23 18:16:47 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/12/23 18:16:46 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/12/22 23:01:34 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009/12/21 06:44:33 | 000,145,393 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009/12/21 06:44:28 | 000,145,393 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009/12/20 20:00:26 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2009/12/20 19:22:59 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2009/12/20 17:08:05 | 000,001,356 | ---- | C] () -- C:\Users\Jessica\AppData\Local\d3d9caps.dat
[2009/08/03 16:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 16:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2007/02/21 12:26:58 | 000,995,328 | ---- | C] () -- C:\Windows\System32\WLIHVUI.dll
[2007/02/05 20:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2006/11/03 18:25:56 | 000,389,120 | ---- | C] () -- C:\Windows\System32\btwhidcs.dll
[2006/11/02 08:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 08:47:37 | 000,885,496 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 08:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 06:33:01 | 000,615,914 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 06:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 06:33:01 | 000,107,922 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 06:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 06:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 04:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 04:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 03:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2001/11/14 13:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll

========== LOP Check ==========

[2011/07/10 12:38:51 | 000,000,000 | ---D | M] -- C:\Users\Jessica\AppData\Roaming\.minecraft
[2010/07/14 22:21:23 | 000,000,000 | ---D | M] -- C:\Users\Jessica\AppData\Roaming\acccore
[2011/05/01 07:21:55 | 000,000,000 | ---D | M] -- C:\Users\Jessica\AppData\Roaming\Audacity
[2010/11/24 08:30:06 | 000,000,000 | ---D | M] -- C:\Users\Jessica\AppData\Roaming\gtk-2.0
[2010/06/23 16:14:11 | 000,000,000 | ---D | M] -- C:\Users\Jessica\AppData\Roaming\Image Zone Express
[2009/12/22 22:15:04 | 000,000,000 | ---D | M] -- C:\Users\Jessica\AppData\Roaming\Leadertech
[2010/12/25 19:02:41 | 000,000,000 | ---D | M] -- C:\Users\Jessica\AppData\Roaming\Leawo
[2010/12/25 19:02:41 | 000,000,000 | ---D | M] -- C:\Users\Jessica\AppData\Roaming\Moyea
[2010/06/09 19:52:30 | 000,000,000 | ---D | M] -- C:\Users\Jessica\AppData\Roaming\Printer Info Cache
[2010/05/15 12:53:01 | 000,000,000 | ---D | M] -- C:\Users\Jessica\AppData\Roaming\Smilebox
[2010/12/20 21:08:21 | 000,000,000 | ---D | M] -- C:\Users\Jessica\AppData\Roaming\VistaCodecs
[2011/09/18 17:11:54 | 000,032,572 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011/09/18 15:57:35 | 000,000,422 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{E2451D94-D8D5-4A03-932C-2F4BECDA9800}.job

========== Purity Check ==========



< End of report >
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP