Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

XP Security 2012 Virus [Closed]


  • This topic is locked This topic is locked

#1
mrbocrunch

mrbocrunch

    New Member

  • Member
  • Pip
  • 1 posts
Was able to get Norton Power Eraser to remove virus after several tries. I would like to make sure PC is really clean. Still runs slow and hard drive is constantly busy.


OTL logfile created on: 1/23/2012 9:46:24 AM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Arvid\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

502.05 Mb Total Physical Memory | 187.39 Mb Available Physical Memory | 37.33% Memory free
1.20 Gb Paging File | 0.51 Gb Available in Paging File | 42.59% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 64.34 Gb Total Space | 25.12 Gb Free Space | 39.04% Space Free | Partition Type: NTFS
Drive D: | 10.16 Gb Total Space | 1.00 Gb Free Space | 9.84% Space Free | Partition Type: FAT32

Computer Name: ARVIDLAPTOP | User Name: Arvid | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/01/23 09:45:13 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Arvid\Desktop\OTL.exe
PRC - [2011/12/02 06:25:52 | 001,114,112 | ---- | M] (Inbox.com, Inc.) -- C:\Program Files\RebateInformer\RebateInf.exe
PRC - [2011/04/16 16:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Security Suite\Engine\5.1.0.29\ccsvchst.exe
PRC - [2008/04/13 16:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/11/22 01:11:36 | 000,537,520 | ---- | M] ( ) -- C:\WINDOWS\system32\lxctcoms.exe
PRC - [2006/11/22 01:11:22 | 000,291,760 | ---- | M] () -- C:\Program Files\Lexmark 5400 Series\lxctmon.exe
PRC - [2005/12/24 03:44:26 | 000,491,606 | ---- | M] () -- C:\Program Files\HPQ\Shared\HpqToaster.exe
PRC - [2005/09/24 14:42:32 | 000,475,136 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe


========== Modules (No Company Name) ==========

MOD - [2012/01/09 12:52:06 | 001,232,896 | ---- | M] () -- c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll
MOD - [2012/01/09 12:52:02 | 002,064,384 | ---- | M] () -- c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll
MOD - [2006/11/22 01:11:22 | 000,291,760 | ---- | M] () -- C:\Program Files\Lexmark 5400 Series\lxctmon.exe
MOD - [2006/11/12 19:35:12 | 000,118,784 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\lxctdrpp.dll
MOD - [2006/10/17 22:36:02 | 000,045,056 | ---- | M] () -- C:\WINDOWS\system32\lxctpmon.dll
MOD - [2006/10/17 21:30:10 | 000,032,768 | ---- | M] () -- C:\Program Files\Lexmark 5400 Series\ipcmt.dll
MOD - [2006/08/08 07:54:18 | 000,278,528 | ---- | M] () -- C:\Program Files\Lexmark 5400 Series\lxctscw.dll
MOD - [2006/06/29 17:47:56 | 000,774,144 | ---- | M] () -- c:\windows\assembly\gac\hpqbakup\3.0.0.0__a53cf5803f4c3827\hpqbakup.dll
MOD - [2006/06/29 17:47:56 | 000,069,632 | ---- | M] () -- c:\windows\assembly\gac\hpqisrtb\4.0.0.0__a53cf5803f4c3827\hpqisrtb.dll
MOD - [2006/06/29 17:47:48 | 001,044,480 | ---- | M] () -- c:\windows\assembly\gac\hpqedit\3.0.0.0__a53cf5803f4c3827\hpqedit.dll
MOD - [2006/06/29 17:47:44 | 000,163,840 | ---- | M] () -- c:\windows\assembly\gac\hpqvideo\3.0.0.0__a53cf5803f4c3827\hpqvideo.dll
MOD - [2006/06/29 17:47:44 | 000,065,536 | ---- | M] () -- c:\windows\assembly\gac\hpqmdmr\4.0.0.0__a53cf5803f4c3827\hpqmdmr.dll
MOD - [2006/06/29 17:47:44 | 000,057,344 | ---- | M] () -- c:\windows\assembly\gac\hpqprrsc\4.0.0.0__a53cf5803f4c3827\hpqprrsc.dll
MOD - [2006/06/29 17:47:44 | 000,053,248 | ---- | M] () -- c:\windows\assembly\gac\hpqovskn\3.0.0.0__a53cf5803f4c3827\hpqovskn.dll
MOD - [2006/06/29 17:47:40 | 000,512,000 | ---- | M] () -- c:\windows\assembly\gac\hpqimvlt\3.0.0.0__a53cf5803f4c3827\hpqimvlt.dll
MOD - [2006/06/29 17:47:40 | 000,430,080 | ---- | M] () -- c:\windows\assembly\gac\lead.wrapper\13.0.0.113__9cf889f53ea9b907\lead.wrapper.dll
MOD - [2006/06/29 17:47:40 | 000,192,512 | ---- | M] () -- c:\windows\assembly\gac\hpqimgrc\4.0.0.0__a53cf5803f4c3827\hpqimgrc.dll
MOD - [2006/06/29 17:47:40 | 000,090,112 | ---- | M] () -- c:\windows\assembly\gac\lead.drawing.imaging.imageprocessing\13.0.0.113__9cf889f53ea9b907\lead.drawing.imaging.imageprocessing.dll
MOD - [2006/06/29 17:47:40 | 000,086,016 | ---- | M] () -- c:\windows\assembly\gac\lead.drawing\13.0.0.113__9cf889f53ea9b907\lead.drawing.dll
MOD - [2006/06/29 17:47:40 | 000,081,920 | ---- | M] () -- c:\windows\assembly\gac\lead.drawing.imaging.codecs\13.0.0.113__9cf889f53ea9b907\lead.drawing.imaging.codecs.dll
MOD - [2006/06/29 17:47:40 | 000,077,824 | ---- | M] () -- c:\windows\assembly\gac\lead\13.0.0.113__9cf889f53ea9b907\lead.dll
MOD - [2006/06/29 17:47:40 | 000,069,632 | ---- | M] () -- c:\windows\assembly\gac\lead.windows.forms.drawingcontainer\13.0.0.113__9cf889f53ea9b907\lead.windows.forms.drawingcontainer.dll
MOD - [2006/06/29 17:47:40 | 000,069,632 | ---- | M] () -- c:\windows\assembly\gac\hpqntrop\4.0.0.0__a53cf5803f4c3827\hpqntrop.dll
MOD - [2006/06/29 17:47:40 | 000,040,960 | ---- | M] () -- c:\windows\assembly\gac\lead.windows.forms\13.0.0.113__9cf889f53ea9b907\lead.windows.forms.dll
MOD - [2006/06/29 17:47:40 | 000,036,864 | ---- | M] () -- c:\windows\assembly\gac\interop.hpqcxm08\3.0.0.0__a53cf5803f4c3827\interop.hpqcxm08.dll
MOD - [2006/06/29 17:47:40 | 000,014,848 | ---- | M] () -- c:\windows\assembly\gac\interop.hpqvideo\4.0.0.0__a53cf5803f4c3827\interop.hpqvideo.dll
MOD - [2006/06/29 17:47:40 | 000,010,240 | ---- | M] () -- c:\windows\assembly\gac\interop.hpqimgr\4.0.0.0__a53cf5803f4c3827\interop.hpqimgr.dll
MOD - [2006/06/29 17:47:40 | 000,004,096 | ---- | M] () -- c:\windows\assembly\gac\interop.hprblog\3.0.0.0__a53cf5803f4c3827\interop.hprblog.dll
MOD - [2006/06/29 17:47:38 | 000,589,824 | ---- | M] () -- c:\windows\assembly\gac\hpqcc2\3.0.0.0__a53cf5803f4c3827\hpqcc2.dll
MOD - [2006/06/29 17:47:38 | 000,385,024 | ---- | M] () -- c:\windows\assembly\gac\hpqcprsc\3.0.0.0__a53cf5803f4c3827\hpqcprsc.dll
MOD - [2006/06/29 17:47:38 | 000,368,640 | ---- | M] () -- c:\windows\assembly\gac\hpqtray\4.0.0.0__a53cf5803f4c3827\hpqtray.dll
MOD - [2006/06/29 17:47:38 | 000,225,280 | ---- | M] () -- c:\windows\assembly\gac\hpqutils\4.0.0.0__a53cf5803f4c3827\hpqutils.dll
MOD - [2006/06/29 17:47:38 | 000,073,728 | ---- | M] () -- c:\windows\assembly\gac\hpqthumb\3.0.0.0__a53cf5803f4c3827\hpqthumb.dll
MOD - [2006/06/29 17:47:38 | 000,069,632 | ---- | M] () -- c:\windows\assembly\gac\hpqglutl\4.0.0.0__a53cf5803f4c3827\hpqglutl.dll
MOD - [2006/06/29 17:47:38 | 000,057,344 | ---- | M] () -- c:\windows\assembly\gac\hpqimlib\3.0.0.0__a53cf5803f4c3827\hpqimlib.dll
MOD - [2006/06/29 17:47:38 | 000,036,864 | ---- | M] () -- c:\windows\assembly\gac\hpqfmrsc\4.0.0.0__a53cf5803f4c3827\hpqfmrsc.dll
MOD - [2006/06/29 17:47:38 | 000,024,576 | ---- | M] () -- c:\windows\assembly\gac\hpqasset\4.0.0.0__a53cf5803f4c3827\hpqasset.dll
MOD - [2006/06/29 17:47:38 | 000,020,480 | ---- | M] () -- c:\windows\assembly\gac\hpqiface\4.0.0.0__a53cf5803f4c3827\hpqiface.dll
MOD - [2006/06/29 17:22:38 | 001,339,392 | ---- | M] () -- c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll
MOD - [2006/06/29 17:22:36 | 000,466,944 | ---- | M] () -- c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll
MOD - [2006/06/29 17:20:32 | 000,007,680 | ---- | M] () -- c:\windows\assembly\gac\accessibility\1.0.5000.0__b03f5f7f11d50a3a\accessibility.dll
MOD - [2006/06/08 18:39:54 | 000,143,360 | ---- | M] () -- C:\Program Files\Lexmark 5400 Series\lxctdrec.dll
MOD - [2005/12/24 03:44:26 | 000,491,606 | ---- | M] () -- C:\Program Files\HPQ\Shared\HpqToaster.exe


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011/12/12 09:47:15 | 000,512,848 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\InstallBrainService\InstallBrainService.exe -- (InstallBrainService)
SRV - [2011/04/16 16:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton Security Suite\Engine\5.1.0.29\ccSvcHst.exe -- (N360)
SRV - [2006/11/22 01:11:36 | 000,537,520 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\System32\lxctcoms.exe -- (lxct_device)
SRV - [2006/05/08 10:49:02 | 000,098,304 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Stopped] -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe -- (AddFiltr)


========== Driver Services (SafeList) ==========

DRV - [2012/01/19 19:12:12 | 000,126,584 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2012/01/19 16:54:12 | 000,356,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120120.002\IDSXpx86.sys -- (IDSxpx86)
DRV - [2012/01/19 01:00:00 | 001,576,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120122.004\NAVEX15.SYS -- (NAVEX15)
DRV - [2012/01/19 01:00:00 | 000,374,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2012/01/19 01:00:00 | 000,106,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012/01/19 01:00:00 | 000,086,136 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120122.004\NAVENG.SYS -- (NAVENG)
DRV - [2011/12/23 22:17:32 | 000,820,344 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20111223.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2011/03/30 19:00:09 | 000,516,216 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\N360\0501000.01D\SRTSP.SYS -- (SRTSP)
DRV - [2011/03/30 19:00:09 | 000,050,168 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0501000.01D\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2011/03/21 16:39:49 | 000,369,784 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\N360\0501000.01D\SYMTDI.SYS -- (SYMTDI)
DRV - [2011/03/14 18:31:23 | 000,744,568 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\0501000.01D\SYMEFA.SYS -- (SymEFA)
DRV - [2011/01/26 22:47:10 | 000,340,088 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\0501000.01D\SYMDS.SYS -- (SymDS)
DRV - [2010/11/15 17:45:33 | 000,136,312 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0501000.01D\Ironx86.SYS -- (SymIRON)
DRV - [2010/02/25 00:02:56 | 000,014,904 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CPQBttn.sys -- (HBtnKey)
DRV - [2008/10/23 01:58:36 | 001,391,104 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2008/02/25 12:54:56 | 000,105,088 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2007/05/01 02:11:54 | 000,630,272 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CHDAud.sys -- (HdAudAddService)
DRV - [2005/09/19 14:24:20 | 000,005,760 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EabUsb.sys -- (eabusb)
DRV - [2005/09/19 14:23:52 | 000,007,808 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\eabfiltr.sys -- (eabfiltr)
DRV - [2005/08/21 23:07:00 | 001,035,008 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2005/08/21 23:06:16 | 000,201,600 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2005/08/21 23:06:10 | 000,718,464 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2004/08/04 05:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://toolbar.inbox...aspx?tbid=80273
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://toolbar.inbox...id=80273&lng=en

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://toolbar.inbox...tb_id&%language
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.n...id=tbid12032011
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - No CLSID value found
IE - HKCU\..\URLSearchHook: {26842a09-ffa8-4e2c-ae12-0c80f01c3295} - No CLSID value found
IE - HKCU\..\URLSearchHook: {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - No CLSID value found
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@MapsGalaxy_39.com/Plugin: C:\Program Files\MapsGalaxy_39\bar\1.bin\NP39Stub.dll (MindSpark)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]_39.com: C:\Program Files\MapsGalaxy_39\bar\1.bin [2012/01/19 08:41:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\IPSFFPlgn\ [2012/01/21 16:34:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\coFFPlgn_2011_7_4_3 [2012/01/23 05:48:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Netscape Browser 8.0.4.0\Extensions\\Components: C:\Program Files\Netscape\Netscape Browser\Components [2011/12/02 14:52:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Netscape Browser 8.0.4.0\Extensions\\Plugins: C:\Program Files\Netscape\Netscape Browser\Plugins [2011/12/02 14:52:52 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{ED76C299-85BC-4891-9237-74A140C28832}: C:\Program Files\RebateInformer\Firefox\ [2011/12/03 15:55:02 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\WhiteSmokeTranslator\WCaptureMoz

[2011/08/10 11:07:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/07/07 23:16:28 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010/01/01 00:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml.old

O1 HOSTS File: ([2006/03/16 03:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Security Suite\Engine\5.1.0.29\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Security Suite\Engine\5.1.0.29\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (AppGraffiti) - {6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} - C:\Program Files\AppGraffiti\AppGraffiti.dll (Omega Partners Ltd)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (CNavExtBho Class) - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll File not found
O2 - BHO: (Updater For XFIN_PORTAL) - {bb46be07-13eb-4c49-b0f0-fc78b9ea4983} - C:\Program Files\xfin_portal\auxi\comcastAu.dll File not found
O2 - BHO: (no name) - {CCB69577-088B-4004-9ED8-FF5BCC83A039} - C:\Program Files\RebateInformer\RebateI.dll (Inbox.com, Inc.)
O3 - HKLM\..\Toolbar: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKLM\..\Toolbar: (no name) - {364ea597-e728-4ce4-bb4a-ed846ef47970} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security Suite\Engine\5.1.0.29\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\ShellBrowser: (Norton AntiVirus) - {C4069E3A-68F1-403E-B40E-20066696354B} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security Suite\Engine\5.1.0.29\coieplg.dll (Symantec Corporation)
O4 - HKLM..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\Cpqset.exe ()
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\CHDAudPropShortcut.exe (Windows ® Server 2003 DDK provider)
O4 - HKLM..\Run: [Lexmark 5400 Series Fax Server] C:\Program Files\Lexmark 5400 Series\fm3032.exe ()
O4 - HKLM..\Run: [LXCTCATS] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCTtime.DLL (Lexmark International Inc.)
O4 - HKLM..\Run: [lxctmon.exe] C:\Program Files\Lexmark 5400 Series\lxctmon.exe ()
O4 - HKLM..\Run: [RecGuard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)
O4 - HKCU..\Run: [ComcastAntispyClient] "C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntispy.exe" /hide File not found
O4 - HKCU..\Run: [RavenBleuSA] "C:\Documents and Settings\Arvid\Local Settings\Application Data\RavenBleuSA\bin\1.0.11.0\RavenBleuSA.exe" File not found
O4 - HKCU..\Run: [RebateInformer] C:\Program Files\RebateInformer\RebateInf.exe (Inbox.com, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\StartUp\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\StartUp\HP Photosmart Premier Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Development Company, L.P.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Search - http://tbedits.mapsg...36&n=2012011320 File not found
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{568E85AC-75AB-454A-958F-063FF88ECB4D}: DhcpNameServer = 75.75.75.75 75.75.76.76
O18 - Protocol\Handler\rebinfo {AF808758-C780-404C-A4EE-4526323FD9B6} - C:\Program Files\RebateInformer\RebateI.dll (Inbox.com, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\Userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop BackupWallPaper: C:\WINDOWS\Digicode.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2001/07/27 23:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2004/04/30 15:01:14 | 000,000,053 | -HS- | M] () - D:\Autorun.inf -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/01/23 09:45:10 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Arvid\Desktop\OTL.exe
[2012/01/23 08:58:17 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2012/01/23 08:58:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Arvid\Start Menu\Programs\HiJackThis
[2012/01/19 19:12:08 | 000,369,784 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0501000.01D\symtdi.sys
[2012/01/19 19:12:08 | 000,331,384 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0501000.01D\symtdiv.sys
[2012/01/19 19:12:08 | 000,296,568 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0501000.01D\symnets.sys
[2012/01/19 19:12:07 | 000,744,568 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0501000.01D\symefa.sys
[2012/01/19 19:12:07 | 000,516,216 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0501000.01D\srtsp.sys
[2012/01/19 19:12:07 | 000,340,088 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0501000.01D\symds.sys
[2012/01/19 19:12:07 | 000,136,312 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0501000.01D\ironx86.sys
[2012/01/19 19:12:07 | 000,050,168 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0501000.01D\srtspx.sys
[2012/01/19 19:11:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\N360\0501000.01D
[2012/01/19 17:24:01 | 000,126,584 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2012/01/19 17:24:01 | 000,060,872 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2012/01/19 17:24:00 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2012/01/19 17:23:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\N360
[2012/01/19 17:23:02 | 000,000,000 | ---D | C] -- C:\Program Files\Norton Security Suite
[2012/01/19 17:23:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Norton Security Suite
[2012/01/19 17:13:04 | 000,000,000 | ---D | C] -- C:\Program Files\NortonInstaller
[2012/01/19 17:08:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\White Sky, Inc
[2012/01/19 16:50:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2012/01/19 08:07:05 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/01/19 06:45:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2012/01/19 06:32:48 | 000,205,072 | ---- | C] (Trend Micro Inc.) -- C:\WINDOWS\System32\drivers\tmcomm.sys
[2012/01/19 06:16:03 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2012/01/19 00:36:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2012/01/17 17:36:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Ask
[2012/01/17 14:17:04 | 000,000,000 | ---D | C] -- C:\Program Files\Angle Interactive
[2012/01/13 17:02:17 | 000,000,000 | ---D | C] -- C:\Program Files\MapsGalaxy_39
[2012/01/13 16:22:14 | 000,000,000 | ---D | C] -- C:\Program Files\MapsGalaxy_39EI
[2012/01/08 12:43:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Arvid\Application Data\WildTangent
[2012/01/08 12:42:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Arvid\Application Data\Real
[2012/01/05 11:25:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Arvid\My Documents\My Albums
[2011/12/02 17:50:42 | 000,413,696 | ---- | C] ( ) -- C:\WINDOWS\System32\lxctinpa.dll
[2011/12/02 17:50:42 | 000,397,312 | ---- | C] ( ) -- C:\WINDOWS\System32\lxctiesc.dll
[2011/12/02 17:50:42 | 000,323,584 | ---- | C] ( ) -- C:\WINDOWS\System32\LXCThcp.dll
[2011/12/02 17:50:41 | 000,991,232 | ---- | C] ( ) -- C:\WINDOWS\System32\lxctusb1.dll
[2011/12/02 17:50:40 | 001,224,704 | ---- | C] ( ) -- C:\WINDOWS\System32\lxctserv.dll
[2011/12/02 17:50:39 | 000,643,072 | ---- | C] ( ) -- C:\WINDOWS\System32\lxctpmui.dll
[2011/12/02 17:50:39 | 000,163,840 | ---- | C] ( ) -- C:\WINDOWS\System32\lxctprox.dll
[2011/12/02 17:50:39 | 000,094,208 | ---- | C] ( ) -- C:\WINDOWS\System32\lxctpplc.dll
[2011/12/02 17:50:38 | 000,585,728 | ---- | C] ( ) -- C:\WINDOWS\System32\lxctlmpm.dll
[2011/12/02 17:50:35 | 000,696,320 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcthbn3.dll
[2011/12/02 17:50:35 | 000,385,968 | ---- | C] ( ) -- C:\WINDOWS\System32\lxctih.exe
[2011/12/02 17:50:33 | 000,537,520 | ---- | C] ( ) -- C:\WINDOWS\System32\lxctcoms.exe
[2011/12/02 17:50:33 | 000,421,888 | ---- | C] ( ) -- C:\WINDOWS\System32\lxctcomm.dll
[2011/12/02 17:50:32 | 000,684,032 | ---- | C] ( ) -- C:\WINDOWS\System32\lxctcomc.dll
[2011/12/02 17:50:32 | 000,381,872 | ---- | C] ( ) -- C:\WINDOWS\System32\lxctcfg.exe
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[5 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp -> ]
[27 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/01/23 09:50:00 | 000,000,438 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{8222DF2F-F023-4C2D-81DF-D254F87DC886}.job
[2012/01/23 09:48:00 | 000,000,432 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{A3A1703E-E855-4E39-A255-0A340AE71E58}.job
[2012/01/23 09:45:13 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Arvid\Desktop\OTL.exe
[2012/01/23 09:43:00 | 000,000,894 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1cb93484aafd2da.job
[2012/01/23 09:38:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At20.job
[2012/01/23 09:38:00 | 000,000,344 | ---- | M] () -- C:\WINDOWS\tasks\At19.job
[2012/01/23 09:11:00 | 000,000,982 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2685482299-1676136017-1629172560-1006UA.job
[2012/01/23 08:58:18 | 000,001,984 | ---- | M] () -- C:\Documents and Settings\Arvid\Desktop\HiJackThis.lnk
[2012/01/23 08:54:00 | 000,001,036 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1423863161-661791338-3082622276-1005UA.job
[2012/01/23 07:38:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At16.job
[2012/01/23 07:38:00 | 000,000,344 | ---- | M] () -- C:\WINDOWS\tasks\At15.job
[2012/01/23 06:38:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At14.job
[2012/01/23 06:38:00 | 000,000,344 | ---- | M] () -- C:\WINDOWS\tasks\At13.job
[2012/01/23 06:05:34 | 000,000,890 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cb93484aab0e26.job
[2012/01/23 05:47:44 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/01/23 05:47:37 | 526,503,936 | -HS- | M] () -- C:\hiberfil.sys
[2012/01/22 21:38:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At44.job
[2012/01/22 21:38:00 | 000,000,344 | ---- | M] () -- C:\WINDOWS\tasks\At43.job
[2012/01/22 20:38:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At42.job
[2012/01/22 20:38:00 | 000,000,344 | ---- | M] () -- C:\WINDOWS\tasks\At41.job
[2012/01/22 19:53:39 | 000,004,608 | ---- | M] () -- C:\Documents and Settings\Arvid\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/01/22 19:38:08 | 000,602,518 | ---- | M] () -- C:\Documents and Settings\Arvid\My Documents\cus.JPG
[2012/01/22 19:38:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At40.job
[2012/01/22 19:38:00 | 000,000,344 | ---- | M] () -- C:\WINDOWS\tasks\At39.job
[2012/01/22 19:37:31 | 000,003,747 | ---- | M] () -- C:\Documents and Settings\Arvid\My Documents\Resume1.rtf
[2012/01/22 18:38:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At38.job
[2012/01/22 18:38:00 | 000,000,344 | ---- | M] () -- C:\WINDOWS\tasks\At37.job
[2012/01/22 17:38:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At36.job
[2012/01/22 17:38:00 | 000,000,344 | ---- | M] () -- C:\WINDOWS\tasks\At35.job
[2012/01/22 16:54:00 | 000,000,984 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1423863161-661791338-3082622276-1005Core.job
[2012/01/22 16:38:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At34.job
[2012/01/22 16:38:00 | 000,000,344 | ---- | M] () -- C:\WINDOWS\tasks\At33.job
[2012/01/20 23:38:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At48.job
[2012/01/20 23:38:00 | 000,000,344 | ---- | M] () -- C:\WINDOWS\tasks\At47.job
[2012/01/20 22:38:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At46.job
[2012/01/20 22:38:00 | 000,000,344 | ---- | M] () -- C:\WINDOWS\tasks\At45.job
[2012/01/20 19:01:13 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/01/20 18:29:27 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/01/20 18:25:18 | 000,610,252 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\Cat.DB
[2012/01/20 18:22:44 | 000,391,638 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/01/20 18:22:44 | 000,056,124 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/01/20 11:11:00 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2685482299-1676136017-1629172560-1006Core.job
[2012/01/20 10:38:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At22.job
[2012/01/20 10:38:00 | 000,000,344 | ---- | M] () -- C:\WINDOWS\tasks\At21.job
[2012/01/20 10:24:40 | 000,002,021 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Norton Security Suite.LNK
[2012/01/20 10:23:36 | 000,272,576 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/01/20 02:38:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At6.job
[2012/01/20 02:38:00 | 000,000,344 | ---- | M] () -- C:\WINDOWS\tasks\At5.job
[2012/01/20 01:38:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At4.job
[2012/01/20 01:38:00 | 000,000,344 | ---- | M] () -- C:\WINDOWS\tasks\At3.job
[2012/01/20 00:38:01 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
[2012/01/20 00:38:00 | 000,000,344 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2012/01/19 19:12:12 | 000,126,584 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2012/01/19 19:12:12 | 000,060,872 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2012/01/19 19:12:12 | 000,007,468 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2012/01/19 19:12:12 | 000,000,806 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2012/01/19 17:22:46 | 000,000,313 | ---- | M] () -- C:\hpqp.ini
[2012/01/19 17:22:35 | 000,000,039 | ---- | M] () -- C:\XP_TV.ini
[2012/01/19 16:25:28 | 000,000,218 | RHS- | M] () -- C:\boot.ini
[2012/01/19 08:07:06 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/01/19 06:53:50 | 000,008,857 | ---- | M] () -- C:\Documents and Settings\Arvid\Local Settings\Application Data\984ea6e
[2012/01/19 06:53:50 | 000,008,835 | ---- | M] () -- C:\Documents and Settings\Arvid\Application Data\3823046a
[2012/01/19 06:53:50 | 000,008,812 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\4df1625a
[2012/01/19 06:44:19 | 000,205,072 | ---- | M] (Trend Micro Inc.) -- C:\WINDOWS\System32\drivers\tmcomm.sys
[2012/01/18 13:38:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At28.job
[2012/01/18 13:38:00 | 000,000,344 | ---- | M] () -- C:\WINDOWS\tasks\At27.job
[2012/01/17 14:38:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At30.job
[2012/01/17 14:38:00 | 000,000,344 | ---- | M] () -- C:\WINDOWS\tasks\At29.job
[2012/01/16 15:38:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At32.job
[2012/01/16 15:38:00 | 000,000,344 | ---- | M] () -- C:\WINDOWS\tasks\At31.job
[2012/01/16 12:38:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At26.job
[2012/01/16 12:38:00 | 000,000,344 | ---- | M] () -- C:\WINDOWS\tasks\At25.job
[2012/01/16 11:38:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At24.job
[2012/01/16 11:38:00 | 000,000,344 | ---- | M] () -- C:\WINDOWS\tasks\At23.job
[2012/01/16 08:38:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At18.job
[2012/01/16 08:38:00 | 000,000,344 | ---- | M] () -- C:\WINDOWS\tasks\At17.job
[2012/01/13 16:01:28 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/01/08 12:35:34 | 000,000,251 | ---- | M] () -- C:\Program Files\wt3d.ini
[2012/01/08 12:28:37 | 000,001,460 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Media Center.lnk
[2012/01/07 05:38:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At12.job
[2012/01/07 05:38:00 | 000,000,344 | ---- | M] () -- C:\WINDOWS\tasks\At11.job
[2012/01/07 04:38:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At10.job
[2012/01/07 04:38:00 | 000,000,344 | ---- | M] () -- C:\WINDOWS\tasks\At9.job
[2012/01/07 03:38:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At8.job
[2012/01/07 03:38:00 | 000,000,344 | ---- | M] () -- C:\WINDOWS\tasks\At7.job
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[5 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp -> ]
[27 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/01/23 08:58:18 | 000,001,984 | ---- | C] () -- C:\Documents and Settings\Arvid\Desktop\HiJackThis.lnk
[2012/01/20 18:20:52 | 000,873,374 | ---- | C] () -- C:\WINDOWS\System32\oem20.inf
[2012/01/20 10:16:46 | 000,610,252 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\Cat.DB
[2012/01/19 19:12:08 | 000,007,877 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\symnetv.cat
[2012/01/19 19:12:08 | 000,001,474 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\symnetv.inf
[2012/01/19 19:12:07 | 000,007,528 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\iron.cat
[2012/01/19 19:12:07 | 000,007,458 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\symnet.cat
[2012/01/19 19:12:07 | 000,007,456 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\symefa.cat
[2012/01/19 19:12:07 | 000,007,454 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\srtspx.cat
[2012/01/19 19:12:07 | 000,007,450 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\srtsp.cat
[2012/01/19 19:12:07 | 000,003,373 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\symefa.inf
[2012/01/19 19:12:07 | 000,002,792 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\symds.inf
[2012/01/19 19:12:07 | 000,001,446 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\symnet.inf
[2012/01/19 19:12:07 | 000,001,389 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\srtspx.inf
[2012/01/19 19:12:07 | 000,001,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\srtsp.inf
[2012/01/19 19:12:07 | 000,000,742 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\iron.inf
[2012/01/19 19:11:30 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\symds.cat
[2012/01/19 19:11:28 | 000,000,172 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\isolate.ini
[2012/01/19 17:24:01 | 000,007,468 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2012/01/19 17:24:01 | 000,000,806 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2012/01/19 17:23:51 | 000,002,021 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Norton Security Suite.LNK
[2012/01/19 16:15:11 | 000,001,757 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
[2012/01/19 08:43:55 | 526,503,936 | -HS- | C] () -- C:\hiberfil.sys
[2012/01/19 08:07:06 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/01/15 11:06:48 | 000,000,982 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2685482299-1676136017-1629172560-1006UA.job
[2012/01/15 11:06:45 | 000,000,930 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2685482299-1676136017-1629172560-1006Core.job
[2012/01/14 17:41:29 | 000,008,835 | ---- | C] () -- C:\Documents and Settings\Arvid\Application Data\3823046a
[2012/01/14 17:41:28 | 000,008,857 | ---- | C] () -- C:\Documents and Settings\Arvid\Local Settings\Application Data\984ea6e
[2012/01/14 17:41:28 | 000,008,812 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\4df1625a
[2012/01/08 12:35:34 | 000,000,251 | ---- | C] () -- C:\Program Files\wt3d.ini
[2012/01/08 12:31:12 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/01/06 18:31:40 | 000,602,518 | ---- | C] () -- C:\Documents and Settings\Arvid\My Documents\cus.JPG
[2011/12/24 19:12:16 | 000,003,747 | ---- | C] () -- C:\Documents and Settings\Arvid\My Documents\Resume1.rtf
[2011/12/02 17:55:21 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\lxctpmon.dll
[2011/12/02 17:55:21 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\LXCTFXPU.DLL
[2011/12/02 17:50:43 | 000,274,432 | ---- | C] () -- C:\WINDOWS\System32\LXCTinst.dll
[2011/12/02 17:50:35 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\lxctgrd.dll
[2011/12/02 16:46:38 | 000,016,286 | -HS- | C] () -- C:\Documents and Settings\Arvid\Local Settings\Application Data\0x38ec6a46v417
[2011/12/02 16:46:38 | 000,004,608 | ---- | C] () -- C:\Documents and Settings\Arvid\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/12/02 16:46:38 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Arvid\Local Settings\Application Data\fusioncache.dat
[2011/12/02 10:07:24 | 000,000,112 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\DE7e2E.dat
[2011/12/02 09:55:31 | 000,016,286 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\0x38ec6a46v417
[2011/09/13 11:39:34 | 000,000,064 | ---- | C] () -- C:\WINDOWS\GPlrLanc.dat
[2011/08/12 10:57:37 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxctvs.dll
[2011/08/12 10:57:34 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\lxctcoin.dll
[2011/08/12 10:57:17 | 000,692,224 | ---- | C] () -- C:\WINDOWS\System32\lxctdrs.dll
[2011/08/12 10:57:17 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\lxctcaps.dll
[2011/08/12 10:57:17 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\lxctcnv4.dll
[2010/07/28 20:37:32 | 000,000,027 | ---- | C] () -- C:\WINDOWS\SmartAudio.INI
[2010/06/30 08:16:58 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/01/07 22:17:29 | 000,000,174 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2010/01/07 22:14:50 | 000,045,929 | ---- | C] () -- C:\WINDOWS\NSSetDefaultBrowser.EXE
[2010/01/07 22:14:50 | 000,000,698 | ---- | C] () -- C:\WINDOWS\NSSetDefaultBrowser.ini
[2010/01/07 22:00:37 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010/01/07 21:52:14 | 000,028,836 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2006/06/29 18:18:28 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2006/06/29 18:18:14 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/06/29 17:49:18 | 000,087,268 | ---- | C] () -- C:\WINDOWS\hpqins69.dat
[2006/06/29 17:46:56 | 000,000,059 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2006/06/29 17:43:40 | 000,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2006/06/29 17:27:08 | 000,391,638 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006/06/29 17:27:08 | 000,056,124 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006/06/29 17:18:06 | 000,272,576 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2006/06/29 17:13:00 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2006/06/29 17:08:28 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2006/03/16 03:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2006/03/16 03:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2006/03/16 03:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2006/03/16 03:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2006/03/16 03:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2006/03/16 03:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006/03/16 03:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2006/03/16 03:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2006/03/04 06:07:34 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/12/02 17:09:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/08/26 15:28:34 | 000,143,360 | ---- | C] () -- C:\WINDOWS\unzip.exe
[2005/08/26 15:27:58 | 000,045,056 | ---- | C] () -- C:\WINDOWS\devenum.exe
[2004/09/16 12:24:26 | 003,375,104 | ---- | C] () -- C:\WINDOWS\System32\qt-mt331.dll
[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/05/28 20:55:42 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2002/05/28 20:54:40 | 000,004,605 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat

========== LOP Check ==========

[2010/01/11 11:39:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\5400 Series
[2011/12/08 21:54:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AlawarWrapper
[2012/01/17 17:36:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ask
[2011/08/10 15:28:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/11/14 21:49:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Big Fish Games
[2010/09/07 11:40:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Chasing Dogs Studios
[2011/03/04 21:22:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DFX
[2011/12/02 14:34:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DIGStream
[2011/08/30 22:33:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Driver Whiz
[2011/04/16 07:06:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EmailNotifier
[2011/04/25 19:38:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Games.com Toolbar
[2011/08/10 11:31:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hitman Pro
[2011/11/19 09:38:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InterAction studios
[2011/09/20 21:53:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NeoEdge Networks
[2011/08/30 22:28:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2011/08/18 17:56:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCPowerSpeed
[2010/07/12 08:50:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCSettings
[2010/08/05 20:56:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap
[2011/04/16 07:01:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer
[2011/12/16 19:10:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/08/30 22:33:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UAB
[2010/06/30 08:18:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2012/01/19 17:08:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\White Sky, Inc
[2012/01/08 12:43:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WildTangent
[2011/12/02 18:00:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Arvid\Application Data\5400 Series
[2011/08/18 17:57:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Arvid\Application Data\AppGraffiti
[2011/12/10 17:18:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Arvid\Application Data\CallingID
[2011/10/25 16:56:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Arvid\Application Data\comcasttb
[2011/08/29 08:12:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Arvid\Application Data\FCSB000063447
[2012/01/19 08:50:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Arvid\Application Data\Inbox Toolbar
[2011/08/10 15:16:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Arvid\Application Data\IObit
[2011/10/31 18:08:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Arvid\Application Data\PCPowerSpeed
[2011/12/03 12:50:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Arvid\Application Data\RebateInformer
[2012/01/08 12:43:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Arvid\Application Data\WildTangent
[2011/12/02 18:03:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Arvid\Application Data\xfin_portal
[2012/01/20 00:38:00 | 000,000,344 | ---- | M] () -- C:\WINDOWS\Tasks\At1.job
[2012/01/07 04:38:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\Tasks\At10.job
[2012/01/07 05:38:00 | 000,000,344 | ---- | M] () -- C:\WINDOWS\Tasks\At11.job
[2012/01/07 05:38:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\Tasks\At12.job
[2012/01/23 06:38:00 | 000,000,344 | ---- | M] () -- C:\WINDOWS\Tasks\At13.job
[2012/01/23 06:38:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\Tasks\At14.job
[2012/01/23 07:38:00 | 000,000,344 | ---- | M] () -- C:\WINDOWS\Tasks\At15.job
[2012/01/23 07:38:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\Tasks\At16.job
[2012/01/16 08:38:00 | 000,000,344 | ---- | M] () -- C:\WINDOWS\Tasks\At17.job
[2012/01/16 08:38:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\Tasks\At18.job
[2012/01/23 09:38:00 | 000,000,344 | ---- | M] () -- C:\WINDOWS\Tasks\At19.job
[2012/01/20 00:38:01 | 000,000,346 | ---- | M] () -- C:\WINDOWS\Tasks\At2.job
[2012/01/23 09:38:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\Tasks\At20.job
[2012/01/20 10:38:00 | 000,000,344 | ---- | M] () -- C:\WINDOWS\Tasks\At21.job
[2012/01/20 10:38:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\Tasks\At22.job
[2012/01/16 11:38:00 | 000,000,344 | ---- | M] () -- C:\WINDOWS\Tasks\At23.job
[2012/01/16 11:38:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\Tasks\At24.job
[2012/01/16 12:38:00 | 000,000,344 | ---- | M] () -- C:\WINDOWS\Tasks\At25.job
[2012/01/16 12:38:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\Tasks\At26.job
[2012/01/18 13:38:00 | 000,000,344 | ---- | M] () -- C:\WINDOWS\Tasks\At27.job
[2012/01/18 13:38:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\Tasks\At28.job
[2012/01/17 14:38:00 | 000,000,344 | ---- | M] () -- C:\WINDOWS\Tasks\At29.job
[2012/01/20 01:38:00 | 000,000,344 | ---- | M] () -- C:\WINDOWS\Tasks\At3.job
[2012/01/17 14:38:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\Tasks\At30.job
[2012/01/16 15:38:00 | 000,000,344 | ---- | M] () -- C:\WINDOWS\Tasks\At31.job
[2012/01/16 15:38:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\Tasks\At32.job
[2012/01/22 16:38:00 | 000,000,344 | ---- | M] () -- C:\WINDOWS\Tasks\At33.job
[2012/01/22 16:38:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\Tasks\At34.job
[2012/01/22 17:38:00 | 000,000,344 | ---- | M] () -- C:\WINDOWS\Tasks\At35.job
[2012/01/22 17:38:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\Tasks\At36.job
[2012/01/22 18:38:00 | 000,000,344 | ---- | M] () -- C:\WINDOWS\Tasks\At37.job
[2012/01/22 18:38:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\Tasks\At38.job
[2012/01/22 19:38:00 | 000,000,344 | ---- | M] () -- C:\WINDOWS\Tasks\At39.job
[2012/01/20 01:38:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\Tasks\At4.job
[2012/01/22 19:38:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\Tasks\At40.job
[2012/01/22 20:38:00 | 000,000,344 | ---- | M] () -- C:\WINDOWS\Tasks\At41.job
[2012/01/22 20:38:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\Tasks\At42.job
[2012/01/22 21:38:00 | 000,000,344 | ---- | M] () -- C:\WINDOWS\Tasks\At43.job
[2012/01/22 21:38:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\Tasks\At44.job
[2012/01/20 22:38:00 | 000,000,344 | ---- | M] () -- C:\WINDOWS\Tasks\At45.job
[2012/01/20 22:38:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\Tasks\At46.job
[2012/01/20 23:38:00 | 000,000,344 | ---- | M] () -- C:\WINDOWS\Tasks\At47.job
[2012/01/20 23:38:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\Tasks\At48.job
[2012/01/20 02:38:00 | 000,000,344 | ---- | M] () -- C:\WINDOWS\Tasks\At5.job
[2012/01/20 02:38:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\Tasks\At6.job
[2012/01/07 03:38:00 | 000,000,344 | ---- | M] () -- C:\WINDOWS\Tasks\At7.job
[2012/01/07 03:38:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\Tasks\At8.job
[2012/01/07 04:38:00 | 000,000,344 | ---- | M] () -- C:\WINDOWS\Tasks\At9.job
[2011/09/15 20:32:11 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\McDefragTask.job
[2011/09/01 00:00:00 | 000,000,328 | ---- | M] () -- C:\WINDOWS\Tasks\McQcTask.job
[2011/10/27 12:55:33 | 000,000,388 | ---- | M] () -- C:\WINDOWS\Tasks\RegCure.job
[2012/01/23 09:50:00 | 000,000,438 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{8222DF2F-F023-4C2D-81DF-D254F87DC886}.job
[2012/01/23 09:48:00 | 000,000,432 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{A3A1703E-E855-4E39-A255-0A340AE71E58}.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:322D2CD3
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8C6D2EC3
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:70B3C619
@Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:AF54CFFD
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1

< End of report >
  • 0

Advertisements


#2
Gammo

Gammo

    Trusted Helper

  • Malware Removal
  • 2,299 posts
Hello and welcome to Geekstogo!

We apologize for the delay in responding to your request for help.
If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

Please include a clear description of the problems you're having, along with any steps you may have performed so far.

Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.

If you haven't done so yet, please go to Malware and Spyware Cleaning Guide and follow the steps instructed there. If you have already done this, we still need a new log to see what has changed since you originally posted your problem.

We need to create an OTL Report
Download OTL to your Desktop
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Check the box that says Scan All Users.
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic.

In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. I suggest you do this and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

After 5 days if a topic is not replied to we assume it has been abandoned and it is closed.
  • 0

#3
Gammo

Gammo

    Trusted Helper

  • Malware Removal
  • 2,299 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP