Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Redirect virus


  • Please log in to reply

#1
Roach63

Roach63

    New Member

  • Member
  • Pip
  • 8 posts
Good evening,

It seems my Win XP desktop PC has some form of issue with links ont he web that lead to other related but not selected sites. I have ESET NOD 32 on this PC but my schedule for scans has seemingly dissapeared and the "live" protection did not catch this. I ran a scane with EST yeasterday and found some zip files in the java directory that were then subsequently deleted. Of course this was not going to do the trick. MBAM scan did not find anything either and a subsequent scan using ESET has nto found anythign since my last scan yesterday. This AM I found myself being rerouted to non chosen sites when clicking links on sites I use frequently (local newspaper website, company site, etc...). This leads me to believe I still have issues.

OTL LOG
OTL logfile created on: 3/27/2012 7:41:10 PM - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.50 Gb Total Physical Memory | 0.62 Gb Available Physical Memory | 41.28% Memory free
2.01 Gb Paging File | 1.27 Gb Available in Paging File | 63.50% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 70.80 Gb Total Space | 26.65 Gb Free Space | 37.65% Space Free | Partition Type: NTFS
Drive D: | 3.72 Gb Total Space | 1.68 Gb Free Space | 45.07% Space Free | Partition Type: FAT32
Drive K: | 232.88 Gb Total Space | 64.70 Gb Free Space | 27.78% Space Free | Partition Type: NTFS

Computer Name: NEWPC | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/03/27 19:40:45 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OT_L.exe
PRC - [2012/03/15 19:48:25 | 000,374,152 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
PRC - [2011/04/01 00:11:52 | 000,428,640 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe
PRC - [2011/03/07 12:21:00 | 000,107,008 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\KODAK Share Button App\Listener.exe
PRC - [2011/01/12 16:41:42 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2011/01/12 16:41:24 | 002,219,184 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2010/07/28 15:14:04 | 000,554,328 | ---- | M] (LeapFrog Enterprises, Inc.) -- C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe
PRC - [2010/07/28 14:39:22 | 001,156,440 | ---- | M] (LeapFrog Enterprises, Inc.) -- C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
PRC - [2010/04/05 14:55:01 | 000,116,104 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
PRC - [2010/03/24 20:50:00 | 002,516,296 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2009/09/25 23:32:20 | 000,202,024 | ---- | M] (Seagate Technology LLC) -- C:\Program Files\Seagate\SeagateManager\Sync\MaxSync.exe
PRC - [2009/09/25 23:32:18 | 000,189,736 | ---- | M] (Seagate Technology LLC) -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
PRC - [2009/02/03 08:15:18 | 000,111,856 | ---- | M] (Yahoo! Inc) -- C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/02/04 12:02:14 | 000,079,400 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe
PRC - [2005/04/15 11:01:46 | 000,077,824 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
PRC - [2005/03/24 18:39:11 | 000,172,032 | ---- | M] (New Boundary Technologies, Inc.) -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
PRC - [2004/11/15 18:04:32 | 000,135,168 | ---- | M] (Alcor Micro, Corp.) -- C:\Program Files\Digital Media Reader\shwiconEM.exe
PRC - [2004/08/13 13:48:00 | 000,049,152 | ---- | M] (S3 Graphics, Inc.) -- C:\WINDOWS\system32\VTTimer.exe
PRC - [2004/05/17 21:30:04 | 000,543,232 | ---- | M] () -- C:\WINDOWS\zHotkey.exe


========== Modules (No Company Name) ==========

MOD - [2012/03/27 18:09:57 | 003,417,376 | ---- | M] () -- c:\Program Files\Common Files\Akamai\netsession_win_6c825ce.dll
MOD - [2010/04/05 14:55:01 | 000,116,104 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
MOD - [2010/01/31 23:52:12 | 008,347,648 | ---- | M] () -- C:\Program Files\LeapFrog\LeapFrog Connect\QtGui4.dll
MOD - [2010/01/31 23:52:12 | 002,244,608 | ---- | M] () -- C:\Program Files\LeapFrog\LeapFrog Connect\QtCore4.dll
MOD - [2009/09/25 23:32:18 | 000,066,856 | ---- | M] () -- C:\Program Files\Seagate\SeagateManager\Sync\ExtensionFilter.dll
MOD - [2007/04/19 12:26:00 | 000,212,992 | ---- | M] () -- C:\WINDOWS\system32\nvapi.dll
MOD - [2004/05/17 21:30:04 | 000,543,232 | ---- | M] () -- C:\WINDOWS\zHotkey.exe
MOD - [2001/07/02 23:36:30 | 000,024,576 | ---- | M] () -- C:\WINDOWS\HKNTDLL.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012/03/27 18:09:57 | 003,417,376 | ---- | M] () [Auto | Running] -- c:\program files\common files\akamai/netsession_win_6c825ce.dll -- (Akamai)
SRV - [2012/03/15 19:48:46 | 000,136,584 | ---- | M] (LogMeIn, Inc.) [Auto | Stopped] -- C:\Program Files\LogMeIn\x86\ramaint.exe -- (LMIMaint)
SRV - [2012/03/15 19:48:25 | 000,374,152 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2011/04/01 00:11:52 | 000,428,640 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2011/01/12 16:44:02 | 000,033,584 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2011/01/12 16:41:42 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2010/12/15 16:40:28 | 000,097,792 | ---- | M] () [Auto | Stopped] -- C:\Program Files\stunnel\stunnel.exe -- (stunnel)
SRV - [2010/11/08 13:04:20 | 000,390,528 | ---- | M] (LogMeIn, Inc.) [Auto | Stopped] -- C:\Program Files\LogMeIn\x86\LogMeIn.exe -- (LogMeIn)
SRV - [2010/07/28 14:39:22 | 001,156,440 | ---- | M] (LeapFrog Enterprises, Inc.) [Auto | Running] -- C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe -- (LeapFrog Connect Device Service)
SRV - [2010/04/05 14:55:01 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2009/09/25 23:32:18 | 000,189,736 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe -- (FreeAgentGoNext Service)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2005/03/24 18:39:11 | 000,172,032 | ---- | M] (New Boundary Technologies, Inc.) [Auto | Running] -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS -- (PrismXL)
SRV - [2003/03/09 15:31:02 | 000,065,795 | ---- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\TiglUsb.sys -- (TiglUsb)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\Drivers\neokdss.sys -- (neokdss)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS -- (MRENDIS5)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS -- (MREMPR5)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\CF\mbr.sys -- (mbr)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | System | Stopped] -- -- (cdrbsvsd)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\DOCUME~1\Owner\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2012/03/15 19:48:27 | 000,083,360 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2011/04/01 00:11:10 | 004,333,280 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC) Logitech HD Webcam C310(UVC)
DRV - [2011/04/01 00:09:48 | 000,291,424 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS)
DRV - [2010/12/21 15:04:06 | 000,141,264 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2010/12/21 15:04:06 | 000,115,008 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2010/12/21 13:47:38 | 000,094,872 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir)
DRV - [2010/11/08 16:29:52 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2010/11/08 16:29:40 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2010/09/17 16:40:06 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2010/09/17 16:40:06 | 000,012,856 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Stopped] -- C:\Program Files\LogMeIn\x86\rainfo.sys -- (LMIInfo)
DRV - [2010/05/14 17:04:20 | 000,023,904 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvcflt.sys -- (FilterService)
DRV - [2010/05/14 17:02:14 | 000,114,784 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvpopflt.sys -- (lvpopflt)
DRV - [2010/05/07 19:43:30 | 000,025,824 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2009/05/07 16:50:02 | 000,018,560 | ---- | M] (LeapFrog) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\FlyUsb.sys -- (FlyUsb)
DRV - [2009/03/25 06:29:52 | 000,130,432 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2007/04/16 21:46:00 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM)
DRV - [2006/08/10 06:32:14 | 000,204,672 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vinyl97.sys -- (VIAudio) Vinyl AC'97 Audio Controller (WDM)
DRV - [2005/04/19 10:40:52 | 002,317,504 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2004/12/11 15:28:20 | 000,371,584 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2004/11/15 20:41:54 | 000,036,804 | ---- | M] (Alcor Micro Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Sunkfilt.sys -- (SunkFilt)
DRV - [2004/08/13 13:49:00 | 000,065,280 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Rtlnic51.sys -- (RTL8023)
DRV - [2004/08/04 01:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2004/06/17 17:56:22 | 000,220,032 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2004/06/17 17:55:38 | 000,685,056 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2004/06/17 17:55:04 | 001,041,536 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2004/03/08 12:55:50 | 000,013,567 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS -- (cdrbsdrv)
DRV - [2004/01/28 16:03:26 | 000,021,456 | ---- | M] (Texas Instruments Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SilvrLnk.sys -- (SilverLink) Texas Instruments SilverLink (USB GraphLink)
DRV - [2003/12/09 14:16:00 | 000,400,384 | ---- | M] (Sensaura) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS -- (ALCXSENS)
DRV - [2003/07/02 08:42:00 | 000,027,904 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\VIAAGP1.SYS -- (viaagp1)
DRV - [2002/10/15 22:41:06 | 000,102,220 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sonypvs1.sys -- (sonypvs1)
DRV - [2001/08/17 15:49:32 | 000,019,968 | ---- | M] (Macronix International Co., Ltd. ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mxnic.sys -- (mxnic)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\..\SearchScopes,DefaultScope = {BE28C22E-F666-424d-B5FD-125C4AFEE34E}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\SearchScopes\{BE28C22E-F666-424d-B5FD-125C4AFEE34E}: "URL" = http://search.myheri...q={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo....=utf-8&fr=b1ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://my.yahoo.com/
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...Box&Form=IE8SRC
IE - HKCU\..\SearchScopes\{302D43DF-5E55-412D-AE24-CB2E84344F88}: "URL" = http://search.yahoo....rtPage?}&fr=ie8
IE - HKCU\..\SearchScopes\{3551B254-83A3-4986-9508-014C39E9B5E1}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...&rlz=1I7GGLL_en
IE - HKCU\..\SearchScopes\{88F546F5-C11E-44F7-BD46-C4B49A1C9FB0}: "URL" = http://en.wikipedia....h={searchTerms}
IE - HKCU\..\SearchScopes\{A4E5BD18-9DDC-4A1D-B07F-F453223D7EEF}: "URL" = http://search.yahoo....=utf-8&fr=b1ie7
IE - HKCU\..\SearchScopes\{BE28C22E-F666-424d-B5FD-125C4AFEE34E}: "URL" = http://search.myheri...q={searchTerms}
IE - HKCU\..\SearchScopes\{C5679EF2-D662-4DF2-B17F-FECE0DD1D021}: "URL" = http://search.yahoo....=utf-8&fr=b2ie7
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421;<local>


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.4: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Motive.com/NpMotive,version=1.0: C:\Program Files\Common Files\Motive\npMotive.dll (Alcatel-Lucent)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\@virtools.com/3DviaPlayer: C:\Program Files\Virtools\3D Life Player\npvirtools.dll (Virtools SA)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.1: C:\Documents and Settings\Owner\Application Data\Facebook\npfbplugin_1_0_1.dll ( )
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\Owner\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Documents and Settings\Owner\Local Settings\Application Data\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2011/06/13 10:17:21 | 000,000,000 | ---D | M]

[2009/04/25 22:48:11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions

O1 HOSTS File: ([2012/03/27 07:15:11 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll File not found
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll File not found
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll File not found
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-DFC4-6BAE8BAD3DC9} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll File not found
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [CHotkey] C:\WINDOWS\zHotkey.exe ()
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [KodakShareButtonApp] C:\Program Files\Kodak\KODAK Share Button App\Listener.exe (Eastman Kodak Company)
O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [MaxMenuMgr] C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe (Seagate LLC)
O4 - HKLM..\Run: [Monitor] C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe (LeapFrog Enterprises, Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [OpwareSE4] C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [ShowWnd] C:\WINDOWS\ShowWnd.exe ()
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunKistEM] C:\Program Files\Digital Media Reader\shwiconEM.exe (Alcor Micro, Corp.)
O4 - HKLM..\Run: [VTTimer] C:\WINDOWS\System32\VTTimer.exe (S3 Graphics, Inc.)
O4 - HKLM..\Run: [VTTrayp] C:\WINDOWS\System32\VTTrayp.exe (S3 Graphics Co., Ltd.)
O4 - HKLM..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Documents and Settings\Owner\Local Settings\Application Data\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKCU..\Run: [ISUSPM] C:\Documents and Settings\All Users\Application Data\Macrovision\FLEXnet Connect\6\ISUSPM.exe (Macrovision Corporation)
O4 - HKCU..\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKCU..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Event Planner Reminder 2009.lnk = C:\WINDOWS\Installer\{C4609419-C11E-4CE6-B369-F3F8A7DDD94C}\Shortcut_EventPlan_E2FBA8F7F7FD4C5EAA7D652BB0CAAA9D.exe (Macrovision Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowLegacyWebView = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowUnhashedWebView = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogOff = 0
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_21.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...n/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} http://www.stonyfiel...criptX/smsx.cab (MeadCo ScriptX)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.ma...director/sw.cab (Reg Error: Key error.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {315B0BFB-2BD4-481B-80A3-A9B80727C61B} http://webiq005.webi...6-6D5536C585C9} (WebIQ Engine Application Object)
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} http://office.micros...ntent/opuc3.cab (Office Update Installation Engine)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://photos.walmar...martActivia.cab (Snapfish Activia)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.aka...vex-2.2.4.1.cab (DLM Control)
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} http://lads.myspace....ploader1006.cab (MySpace Uploader Control)
O16 - DPF: {55027008-315F-4F45-BBC3-8BE119764741} http://www.slide.com...ageUploader.cab (Slide Image Uploader Control)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1136689571531 (MUWebControl Class)
O16 - DPF: {712362BF-E411-4F43-99D2-EB15F80AF1DB} http://entimg.msn.co...snediag4421.cab (Reg Error: Key error.)
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} http://www.nick.com/.../GrooveAX27.cab (Reg Error: Key error.)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8A0019EB-51FA-4AE5-A40B-C0496BBFC739} http://picture.vzw.c...loadControl.cab (Verizon Wireless Media Upload)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {924C1588-90C3-4910-B6CA-D57A1C0418FE} http://us.bookmarks....m/YbConvFav.CAB (YbUploadFavsCtl Class)
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} http://web1.shutterf...ds/Uploader.cab (Shutterfly Picture Upload Plugin)
O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} http://lads.myspace....ceUploader2.cab (MySpace Uploader Control)
O16 - DPF: {A30FBBDC-FA29-4606-8565-14AADCCA6708} https://photos.ritea...PhotoOnline.cab (Rite Aid One Hour Photo Online Control)
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} http://a532.g.akamai...0/installer.exe (Virtools WebPlayer Class)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} http://3dlifeplayer....l/installer.exe (Virtools WebPlayer Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {ED28050F-D713-43BA-A376-DCC5C35407D5} http://entimg.msn.co...snmusax4421.cab (Reg Error: Key error.)
O16 - DPF: Garmin Communicator Plug-In https://static.garmi...inAxControl.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5C82A33E-5412-4656-8C88-7FDC0B3A6D4D}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LMIinit: DllName - (LMIinit.dll) - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/08/01 15:05:56 | 000,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2003/08/08 17:24:26 | 000,000,045 | -HS- | M] () - D:\autorun.inf.aug.8 -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/03/27 19:40:36 | 000,593,920 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OT_L.exe
[2012/03/27 06:13:13 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2012/03/27 06:09:26 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2012/03/27 06:09:26 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2012/03/27 06:09:26 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2012/03/27 06:09:26 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2012/03/27 06:09:15 | 000,000,000 | ---D | C] -- C:\CF
[2012/03/27 06:08:48 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/03/27 06:08:41 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\My Documents\My Videos
[2012/03/27 06:08:41 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\My Documents\My Music
[2012/03/27 06:08:11 | 004,447,641 | R--- | C] (Swearware) -- C:\Documents and Settings\Owner\Desktop\CF.exe
[10 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/03/27 19:40:45 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OT_L.exe
[2012/03/27 07:15:11 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012/03/27 06:13:21 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2012/03/27 06:08:21 | 004,447,641 | R--- | M] (Swearware) -- C:\Documents and Settings\Owner\Desktop\CF.exe
[2012/03/26 11:50:14 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/03/25 09:28:13 | 000,002,633 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Hallmark Card Studio 2009 Deluxe.lnk
[2012/03/24 11:45:41 | 000,230,808 | R--- | M] (Coupons, Inc.) -- C:\WINDOWS\System32\cpnprt2.cid
[2012/03/15 20:25:35 | 000,001,170 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/03/15 20:25:26 | 000,001,024 | ---- | M] () -- C:\.rnd
[2012/03/15 20:25:10 | 000,002,527 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Event Planner Reminder 2009.lnk
[2012/03/15 20:25:06 | 000,088,723 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2012/03/15 20:24:57 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/03/15 20:24:55 | 1609,093,120 | -HS- | M] () -- C:\hiberfil.sys
[2012/03/15 19:48:27 | 000,083,360 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIRfsClientNP.dll
[2012/03/15 19:48:26 | 000,087,424 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIinit.dll
[2012/03/15 19:48:26 | 000,030,592 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIport.dll
[2012/03/14 03:24:55 | 000,465,538 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/03/14 03:24:55 | 000,079,424 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/03/14 03:22:27 | 000,411,080 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/03/14 03:03:07 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/02/29 20:49:28 | 000,000,096 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[10 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/03/27 06:13:21 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2012/03/27 06:13:14 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2012/03/27 06:09:26 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012/03/27 06:09:26 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012/03/27 06:09:26 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012/03/27 06:09:26 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012/03/27 06:09:26 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012/03/26 11:50:14 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/02/15 15:59:59 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/03/22 23:58:22 | 000,014,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll
[2011/01/18 20:35:50 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/09/05 19:46:01 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2010/09/05 19:46:01 | 001,626,112 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2010/09/05 19:46:01 | 001,474,560 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2010/09/05 19:46:01 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2010/09/05 19:46:01 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2010/09/05 19:46:00 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2010/09/05 19:46:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2010/09/05 19:46:00 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2010/09/05 19:44:47 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2010/09/05 19:44:42 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2010/09/05 19:44:20 | 000,212,992 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2010/06/30 10:59:11 | 000,264,376 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/05/14 16:56:06 | 010,877,272 | ---- | C] () -- C:\WINDOWS\System32\LogiDPP.dll
[2010/05/14 16:56:06 | 000,102,744 | ---- | C] () -- C:\WINDOWS\System32\LogiDPPApp.exe
[2010/05/14 16:55:58 | 000,331,608 | ---- | C] () -- C:\WINDOWS\System32\DevManagerCore.dll
[2010/05/14 16:47:00 | 000,027,872 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2010/05/07 19:43:30 | 000,025,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys

========== LOP Check ==========

[2008/09/22 22:06:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Autodesk
[2006/12/14 12:31:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CA
[2010/08/05 14:45:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Cached Installations
[2011/06/14 20:44:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Canon IJ Network Tool
[2008/05/19 18:45:51 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2011/06/14 20:46:10 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonEPP
[2011/06/17 21:48:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJ
[2011/11/28 20:04:16 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJEPPEX
[2011/06/14 20:46:10 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJEPPEX2
[2011/06/14 20:28:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJMSetup
[2011/06/20 20:32:33 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJMyPrinter
[2012/03/12 20:19:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJPLM
[2011/06/17 20:37:06 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJScan
[2011/06/14 20:46:11 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJSolutionMenuEX
[2011/06/14 20:26:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJWSpt
[2011/06/13 10:17:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET
[2009/07/23 13:22:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\espionServerData
[2009/07/06 12:52:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Leapfrog
[2012/03/27 07:09:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LogMeIn
[2012/02/03 14:15:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Napster
[2009/05/03 22:54:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\National Instruments
[2008/08/13 14:00:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2008/05/19 18:55:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2009/04/12 20:40:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Seagate
[2007/09/19 05:21:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2010/08/16 19:43:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Yahoo
[2011/04/05 20:18:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{A2A58654-12AA-408A-B411-58A76959BE7F}
[2007/07/04 23:11:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Autodesk
[2011/11/28 20:02:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Canon
[2009/05/24 15:04:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2007/06/13 15:08:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\DataCast
[2008/09/22 22:01:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Dev-Cpp
[2007/07/04 18:54:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Downloaded Installations
[2010/02/14 12:27:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Facebook
[2010/06/06 23:38:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\GARMIN
[2008/12/03 16:34:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Hallmark
[2005/09/25 18:27:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Individual Software
[2011/01/18 22:01:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Leadertech
[2009/12/31 13:55:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\LEGO Company
[2005/06/04 23:02:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\MyPublisher
[2008/08/13 13:38:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\NCH Swift Sound
[2009/02/27 20:08:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\NewSoft
[2009/08/14 22:28:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Nova Development
[2007/10/19 17:47:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Picaboo
[2010/06/21 15:42:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Reward_Tracker
[2005/03/24 19:02:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\SampleView
[2008/05/19 18:55:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\ScanSoft
[2007/02/27 20:23:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Smith Micro
[2006/10/28 21:52:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Snapfish
[2005/06/13 14:00:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Template
[2007/09/19 05:21:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Viewpoint
[2008/01/21 18:38:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Walgreens
[2009/08/14 23:04:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Windows Desktop Search
[2009/10/15 20:38:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Windows Search

========== Purity Check ==========



< End of report >


MBAM LOG from last night:
Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Database version: v2012.03.26.04

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Owner :: NEWPC [administrator]

3/26/2012 11:55:18 AM
mbam-log-2012-03-26 (11-55-18).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 190624
Time elapsed: 3 hour(s), 23 minute(s), 28 second(s) [aborted]

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


Any help is greatly appreciated and I cannot stress enough how important the time is you all put in for these annoying and citme consuming issues.

BR

Added a few minutes after posting...this is what ESET found:
Scan Log
Version of virus signature database: 7000 (20120326)
Date: 3/26/2012 Time: 2:43:43 PM
Scanned disks, folders and files: Operating memory;C:\Boot sector;D:\Boot sector;K:\Boot sector;C:\;D:\;K:\
C:\hiberfil.sys - error opening [4]
C:\pagefile.sys - error opening [4]
C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\6.0\56\6f962db8-6c5bddb9 » ZIP » json/Option.class - a variant of Java/Exploit.Blacole.AF trojan
C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\6.0\56\6f962db8-6c5bddb9 » ZIP » json/Search.class - a variant of Java/Exploit.Blacole.AG trojan
C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\6.0\56\6f962db8-6c5bddb9 » ZIP » json/ThreadParser.class - a variant of Java/Exploit.Blacole.AI trojan
C:\Documents and Settings\Owner\Local Settings\Application Data\Identities\{9F3F1FB5-9CCB-44C4-8345-B1DFB7F0F848}\Microsoft\Outlook Express\Inbox.dbx » DBX - is OK (internal scanning not performed)
C:\Program Files\BigFix\__Data\BigFix\bf-500.fxf » MIME - is OK (internal scanning not performed)
C:\Program Files\BigFix\__Data\BigFix\conf-100.fxf » MIME - is OK (internal scanning not performed)
C:\Program Files\BigFix\__Data\BigFix\conf-900.fxf » MIME - is OK (internal scanning not performed)
C:\Program Files\BigFix\__Data\BigFix\gather-now.fxf » MIME - is OK (internal scanning not performed)
C:\Program Files\BigFix\__Data\BigFix\ie7conflict.fxf » MIME - is OK (internal scanning not performed)
C:\Program Files\BigFix\__Data\BigFix\notes.fxf » MIME - is OK (internal scanning not performed)
C:\Program Files\BigFix\__Data\BigFix\partner-700.fxf » MIME - is OK (internal scanning not performed)
C:\Program Files\BigFix\__Data\BigFix\subscrip-2000.fxf » MIME - is OK (internal scanning not performed)
C:\Program Files\BigFix\__Data\BigFix\survey.fxf » MIME - is OK (internal scanning not performed)
C:\Program Files\BigFix\__Data\BigFix\updates-300.fxf » MIME - is OK (internal scanning not performed)
C:\Program Files\BigFix\__Data\BigFix\urgent-800.fxf » MIME - is OK (internal scanning not performed)
C:\Program Files\BigFix\__Data\BigFix\__Local\Masthead » MIME - is OK (internal scanning not performed)
C:\Program Files\BigFix\__Data\emachines\eMachines_Vista.fxf » MIME - is OK (internal scanning not performed)
C:\Program Files\BigFix\__Data\emachines\eMachine_Specific.fxf » MIME - is OK (internal scanning not performed)
C:\Program Files\BigFix\__Data\emachines\General.fxf » MIME - is OK (internal scanning not performed)
C:\Program Files\BigFix\__Data\emachines\Security.fxf » MIME - is OK (internal scanning not performed)
C:\Program Files\BigFix\__Data\emachines\Security_UK.fxf » MIME - is OK (internal scanning not performed)
C:\Program Files\BigFix\__Data\emachines\UK_Specific.fxf » MIME - is OK (internal scanning not performed)
C:\Program Files\BigFix\__Data\emachines\Urgent.fxf » MIME - is OK (internal scanning not performed)
C:\Program Files\BigFix\__Data\emachines\Virus.fxf » MIME - is OK (internal scanning not performed)
C:\Program Files\BigFix\__Data\emachines\Welcome.fxf » MIME - is OK (internal scanning not performed)
C:\Program Files\BigFix\__Data\emachines\WinXP.fxf » MIME - is OK (internal scanning not performed)
C:\Program Files\BigFix\__Data\emachines\__Local\Masthead » MIME - is OK (internal scanning not performed)
C:\Program Files\Common Files\LogiShrd\Installer\{D40EB009-0499-459c-A8AF-C9C110766215}\uninstall.exe » NSIS - archive damaged
C:\Program Files\Microsoft CAPICOM 2.1.0.2\License\license.mht » MIME - is OK (internal scanning not performed)
C:\Program Files\Microsoft Office\OFFICE11\1033\VIDEO.MHT » MIME - is OK (internal scanning not performed)
C:\WINDOWS\Downloaded Installations\{526DEA13-3565-48BD-BD60-F2F936C4DCB8}\URGE.msi » MSI » Data1.cab » CAB » urge_offline.mht » MIME - is OK (internal scanning not performed)
D:\i386\Apps\App10224\ie\ient_s1.cab » CAB » IENT_1.CAB » CAB » MSHTML.DLL - next archive volume not found
D:\i386\Apps\App10224\ie\ie_s1.cab » CAB » IE_1.CAB » CAB » MSHTML.TLB - next archive volume not found
D:\i386\Apps\App12148\msc\agentins.ui » ZIP » agentins.ini - error - password-protected file
D:\i386\Apps\App12148\msc\agentins.ui » ZIP » agntcons.vbs - error - password-protected file
D:\i386\Apps\App12148\msc\agentins.ui » ZIP » agntinst.htm - error - password-protected file
D:\i386\Apps\App12148\msc\agentins.ui » ZIP » agntinst.vbs - error - password-protected file
D:\i386\Apps\App12148\msc\agentins.ui » ZIP » agntlang.vbs - error - password-protected file
D:\i386\Apps\App12148\msc\agentins.ui » ZIP » default.htm - error - password-protected file
D:\i386\Apps\App12148\msc\agentins.ui » ZIP » header.vbs - error - password-protected file
D:\i386\Apps\App12148\msc\agentins.ui » ZIP » HtmlUtil.vbs - error - password-protected file
D:\i386\Apps\App12148\msc\agentins.ui » ZIP » images/bg_left_1x314.gif - error - password-protected file
D:\i386\Apps\App12148\msc\agentins.ui » ZIP » images/bg_left_MSC_165x314.gif - error - password-protected file
D:\i386\Apps\App12148\msc\agentins.ui » ZIP » images/icon_info_16x16.gif - error - password-protected file
D:\i386\Apps\App12148\msc\agentins.ui » ZIP » images/icon_mcafee_61x61.gif - error - password-protected file
D:\i386\Apps\App12148\msc\agentins.ui » ZIP » images/icon_progress_checked_13x13.gif - error - password-protected file
D:\i386\Apps\App12148\msc\agentins.ui » ZIP » images/icon_progress_hot_13x13.gif - error - password-protected file
D:\i386\Apps\App12148\msc\agentins.ui » ZIP » images/icon_progress_unchecked_13x13.gif - error - password-protected file
D:\i386\Apps\App12148\msc\agentins.ui » ZIP » InstUtil.vbs - error - password-protected file
D:\i386\Apps\App12148\msc\agentins.ui » ZIP » instwiz.css - error - password-protected file
D:\i386\Apps\App12148\msc\agentins.ui » ZIP » instxp.css - error - password-protected file
D:\i386\Apps\App12148\msc\agentins.ui » ZIP » mcccom.lpk - error - password-protected file
D:\i386\Apps\App12148\msc\agentins.ui » ZIP » pbar.vbs - error - password-protected file
D:\i386\Apps\App12148\msc\agentins.ui » ZIP » setcss.vbs - error - password-protected file
D:\i386\Apps\App12148\msc\agentins.ui » ZIP » SubInfoData.vbs - error - password-protected file
D:\i386\Apps\App12148\msc\shared\agentcfg.cab » CAB » screm.ui » ZIP » agntcons.vbs - error - password-protected file
D:\i386\Apps\App12148\msc\shared\agentcfg.cab » CAB » screm.ui » ZIP » agntlang.vbs - error - password-protected file
D:\i386\Apps\App12148\msc\shared\agentcfg.cab » CAB » screm.ui » ZIP » comctl.lpk - error - password-protected file
D:\i386\Apps\App12148\msc\shared\agentcfg.cab » CAB » screm.ui » ZIP » config.ini - error - password-protected file
D:\i386\Apps\App12148\msc\shared\agentcfg.cab » CAB » screm.ui » ZIP » pbar.vbs - error - password-protected file
D:\i386\Apps\App12148\msc\shared\agentcfg.cab » CAB » screm.ui » ZIP » UnInsStr.vbs - error - password-protected file
D:\i386\Apps\App12148\msc\shared\agentcfg.cab » CAB » screm.ui » ZIP » uninst.vbs - error - password-protected file
D:\i386\Apps\App12148\msc\shared\agentcfg.cab » CAB » screm.ui » ZIP » uninstall.htm - error - password-protected file
D:\i386\Apps\App23257\comps\vwpt\vwpt.exe » NSIS - unpack error
K:\Older Docs\Brad\Archived info 10-25-11\PowerDesignPro\Application Files\PowerDesignPro_2009_10_09_003\paxdata.zip.deploy » ZIP » paxdata.xml - error - password-protected file
K:\Older Docs\Brad\Archived info 10-25-11\Programs\GenLink_DCP_2_24_8_20081013.msi » MSI » _74B52E91FB6E1B4D4437ABF57CE3E63F » CAB » _02AE53D1E14A43FEBBC94C0EC895D600 » INNO » file0001.bin » ZIP » - archive damaged
K:\Older Docs\Brad\Archived info 10-25-11\Programs\experimental\GenLink_DCP_3_7_8_432_20100329.zip » ZIP » GenLink_DCP_3_7_8_432_20100329.iso » ISO » REALVNC_.EXE » INNO » file0001.bin » ZIP » - archive damaged
K:\Older Docs\Brad\Archived info 10-25-11\Programs\experimental\GenLink_DCP_3_7_8_432_20100329.zip » ZIP » GenLink_DCP_3_7_8_432_20100329.iso » ISO » DOTNETFX.EXE - archive damaged
K:\Older Docs\Brad\Archived info 10-25-11\Programs\preliminary\GenLink_DCP_3_10_0_475_20100809.zip » ZIP » GenLink_DCP_3_10_0_475_20100809.iso » ISO » REALVNC_.EXE » INNO » file0001.bin » ZIP » - archive damaged
K:\Older Docs\Brad\Archived info 10-25-11\Programs\preliminary\GenLink_DCP_3_8_0_448_20100616.zip » ZIP » GenLink_DCP_3_8_0_448_20100616.iso » ISO » REALVNC_.EXE » INNO » file0001.bin » ZIP » - archive damaged
K:\Older Docs\Brad\Archived info 10-25-11\Programs\preliminary\GenLink_DCP_3_8_2_450_20100617.zip » ZIP » GenLink_DCP_3_8_2_450_20100617.iso » ISO » REALVNC_.EXE » INNO » file0001.bin » ZIP » - archive damaged
K:\Older Docs\Brad\Archived info 10-25-11\Programs\preliminary\GenLink_DCP_3_8_2_450_20100617.zip » ZIP » GenLink_DCP_3_8_2_450_20100617.iso » ISO » DOTNETFX.EXE - archive damaged
K:\Older Docs\Brad\Archived info 10-25-11\Programs\preliminary\GenLink_DCP_3_8_2_450_20100617.zip » ZIP » - archive damaged
K:\Older Docs\Brad\Archived info 10-25-11\Trips\2006\DHL Allentown\DHL Allentown\New G-Panel Firmware version 2.2G released.txt » MIME - is OK (internal scanning not performed)
K:\Older Docs\Brad\Archived info 10-25-11\Trips\2007\Eastbay\Email traffic eastbay.txt » MIME - is OK (internal scanning not performed)
K:\Older Docs\Brad\Archived info 10-25-11\Trips\2007\Orange Beach Pump Station\Orange Beach Emails.txt » MIME - is OK (internal scanning not performed)
K:\Older Docs\Brad\Archived info 10-25-11\Trips\2007\Qualex Server\emails.txt » MIME - is OK (internal scanning not performed)
K:\Older Docs\Brad\Docs at GPS\Convention 08\blessing to go.txt » MIME - is OK (internal scanning not performed)
K:\Older Docs\Brad\Docs at GPS\PowerDesignPro\Application Files\PowerDesignPro_2009_10_09_003\paxdata.zip.deploy » ZIP » paxdata.xml - error - password-protected file
K:\Older Docs\Brad\Docs at GPS\Programs\GenLink_DCP_2_24_8_20081013.msi » MSI » _74B52E91FB6E1B4D4437ABF57CE3E63F » CAB » _02AE53D1E14A43FEBBC94C0EC895D600 » INNO » file0001.bin » ZIP » - archive damaged
K:\Older Docs\Brad\Docs at GPS\Trips\2006\DHL Allentown\DHL Allentown\New G-Panel Firmware version 2.2G released.txt » MIME - is OK (internal scanning not performed)
K:\Older Docs\Brad\Docs at GPS\Trips\2007\Eastbay\Email traffic eastbay.txt » MIME - is OK (internal scanning not performed)
K:\Older Docs\Brad\Docs at GPS\Trips\2007\Orange Beach Pump Station\Orange Beach Emails.txt » MIME - is OK (internal scanning not performed)
K:\Older Docs\Brad\Docs at GPS\Trips\2007\Qualex Server\emails.txt » MIME - is OK (internal scanning not performed)
K:\Older Docs\Brad\Personal info 10-25-11\Yahoo Email Info\Personal emails GPS.zip » ZIP » college emails GPS.txt » MIME - is OK (internal scanning not performed)
K:\Older Docs\Brad\Personal info 10-25-11\Yahoo Email Info\Personal emails GPS.zip » ZIP » med GPS.txt » MIME - is OK (internal scanning not performed)
K:\Older Docs\Brad\Personal info 10-25-11\Yahoo Email Info\Personal emails GPS.zip » ZIP » Personal Emails GPS.txt » MIME - is OK (internal scanning not performed)
K:\Older Docs\Brad\USB Drive BU 11-2-10\Current Classes\QA Prac 400\SNAP_Configured_Unit_Order_Process\Emails\02Jun10_MtgMin_HurstFeedback.txt » MIME - is OK (internal scanning not performed)
K:\Older Docs\Brad School\Past Classes and tools\Eng 102\Paper\Works Cited Annotated Bib\Jerene.mht » MIME - is OK (internal scanning not performed)
K:\Older Docs\Brad School\Past Classes and tools\QA Prac 400\SNAP_Configured_Unit_Order_Process\Emails\02Jun10_MtgMin_HurstFeedback.txt » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\6.0\56\6f962db8-6c5bddb9 » ZIP » json/Option.class - a variant of Java/Exploit.Blacole.AF trojan - was a part of the deleted object
C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\6.0\56\6f962db8-6c5bddb9 » ZIP » json/Search.class - a variant of Java/Exploit.Blacole.AG trojan - was a part of the deleted object
C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\6.0\56\6f962db8-6c5bddb9 » ZIP » json/ThreadParser.class - a variant of Java/Exploit.Blacole.AI trojan - was a part of the deleted object
Number of scanned objects: 463569
Number of threats found: 3
Number of cleaned objects: 3
Time of completion: 4:52:20 PM Total scanning time: 7717 sec (02:08:37)

Notes:
[4] Object cannot be opened. It may be in use by another application or operating system.

Edited by Roach63, 27 March 2012 - 07:18 PM.

  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP