Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

bloodhound.maIPE on Norton scan

Started by at47626 , Jun 29 2012 02:08 PM

  • Please log in to reply

#1
at47626
Posted 29 June 2012 - 02:08 PM

at47626

    Member

  • Member
  • PipPip
  • 24 posts
Page File usage hits over 1G causing CPU to crawl. Norton scan found bloodhound.maIPE virus. It was unable to remove. I went thru all the malware procedures to no avail. I have attached is the OTL log. Any help is much appreicated.



OTL logfile created on: 6/29/2012 3:44:56 PM - Run 2
OTL by OldTimer - Version 3.2.53.0 Folder = C:\Documents and Settings\Siracusa\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

510.48 Mb Total Physical Memory | 55.59 Mb Available Physical Memory | 10.89% Memory free
864.23 Mb Paging File | 243.98 Mb Available in Paging File | 28.23% Paging File free
Paging file location(s): C:\pagefile.sys 384 768 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.04 Gb Total Space | 89.74 Gb Free Space | 60.21% Space Free | Partition Type: NTFS

Computer Name: SIRACUSA-7F0E40 | User Name: Siracusa | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/06/25 22:28:40 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Siracusa\Desktop\OTL.exe
PRC - [2008/04/13 19:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (No Company Name) ==========


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2011/08/10 16:52:54 | 000,138,760 | R--- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe -- (NSL)
SRV - [2011/04/16 20:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Norton 360\Engine\5.2.0.13\ccSvcHst.exe -- (N360)
SRV - [2003/05/05 19:30:22 | 000,065,536 | ---- | M] (Brother Industries, Ltd.) [Auto | Stopped] -- C:\WINDOWS\system32\Brmfrmps.exe -- (brmfrmps)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{EBC5C733-0522-4ABC-B930-1B10D8C5E905}\MpKslff297370.sys -- (MpKslff297370)
DRV - File not found [Kernel | System | Stopped] -- C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{7BA55E52-1EE9-4148-BEA7-38A52905AA92}\MpKslfaeb4894.sys -- (MpKslfaeb4894)
DRV - File not found [Kernel | System | Stopped] -- C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{5C49281F-6798-4EEE-880A-D7AF0EF89D93}\MpKslc6745e65.sys -- (MpKslc6745e65)
DRV - File not found [Kernel | System | Stopped] -- C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{5C49281F-6798-4EEE-880A-D7AF0EF89D93}\MpKslbb58bcd8.sys -- (MpKslbb58bcd8)
DRV - File not found [Kernel | System | Stopped] -- C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{EFDCB16B-2E59-468E-A575-735018C933AB}\MpKslab3a3368.sys -- (MpKslab3a3368)
DRV - File not found [Kernel | System | Stopped] -- C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{7745C454-1ECB-4762-A364-0614FCED91D7}\MpKslaa1e7009.sys -- (MpKslaa1e7009)
DRV - File not found [Kernel | System | Stopped] -- C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{ADCFFDD9-C159-49E1-8752-06151FCF4894}\MpKsl97fb7156.sys -- (MpKsl97fb7156)
DRV - File not found [Kernel | System | Stopped] -- C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{5E282151-3BE5-4B9E-A0EF-7803588FD2FE}\MpKsl8f14e1db.sys -- (MpKsl8f14e1db)
DRV - File not found [Kernel | System | Stopped] -- C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{ED40DEA6-F6EF-4642-83E2-3D63A34084E8}\MpKsl8311726d.sys -- (MpKsl8311726d)
DRV - File not found [Kernel | System | Stopped] -- C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{C38B492F-EBC3-4042-BC78-8AA300602579}\MpKsl7ff518fa.sys -- (MpKsl7ff518fa)
DRV - File not found [Kernel | System | Stopped] -- C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{E89CD5CE-F35B-45F1-8153-2BABC8DB72C8}\MpKsl6c996c60.sys -- (MpKsl6c996c60)
DRV - File not found [Kernel | System | Stopped] -- C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{1E82DFF5-D277-4D86-B072-A43356095A68}\MpKsl530554ca.sys -- (MpKsl530554ca)
DRV - File not found [Kernel | System | Stopped] -- C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{145327A9-CB96-4992-A76C-30A4553C6318}\MpKsl4e07cfbd.sys -- (MpKsl4e07cfbd)
DRV - File not found [Kernel | System | Stopped] -- C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{98DA76A3-CEB5-4438-B928-A156397B81C3}\MpKsl46e8989d.sys -- (MpKsl46e8989d)
DRV - File not found [Kernel | System | Stopped] -- C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{65120445-33BE-4A9E-9AE3-79D396926E4D}\MpKsl2b8acf04.sys -- (MpKsl2b8acf04)
DRV - File not found [Kernel | System | Stopped] -- C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{1E82DFF5-D277-4D86-B072-A43356095A68}\MpKsl04c3821e.sys -- (MpKsl04c3821e)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | Boot | Stopped] -- -- (cerc6)
DRV - [2012/06/29 15:09:21 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2012/06/21 21:20:18 | 001,589,752 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20120621.018\navex15.sys -- (NAVEX15)
DRV - [2012/06/21 21:20:18 | 000,376,480 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2012/06/21 21:20:18 | 000,087,928 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20120621.018\naveng.sys -- (NAVENG)
DRV - [2012/06/21 21:10:52 | 000,126,584 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2012/06/19 00:03:24 | 000,821,920 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\BASHDefs\20120619.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2012/06/18 19:18:10 | 000,369,632 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\IPSDefs\20120623.002\IDSXpx86.sys -- (IDSxpx86)
DRV - [2011/08/08 19:38:11 | 000,132,744 | R--- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\NST\0200000.010\ccSetx86.sys -- (ccSet_NST)
DRV - [2011/07/22 12:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 17:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/04/20 21:37:49 | 000,369,784 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\N360\0502000.00D\symtdi.sys -- (SYMTDI)
DRV - [2011/03/30 23:00:09 | 000,516,216 | R--- | M] (Symantec Corporation) [File_System | System | Stopped] -- C:\WINDOWS\system32\drivers\N360\0502000.00D\srtsp.sys -- (SRTSP)
DRV - [2011/03/30 23:00:09 | 000,050,168 | R--- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\N360\0502000.00D\srtspx.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2011/03/14 22:31:23 | 000,744,568 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\0502000.00D\symefa.sys -- (SymEFA)
DRV - [2011/01/27 02:47:10 | 000,340,088 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\0502000.00D\symds.sys -- (SymDS)
DRV - [2011/01/27 01:07:05 | 000,136,312 | R--- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\N360\0502000.00D\ironx86.sys -- (SymIRON)
DRV - [2003/08/29 04:59:24 | 001,101,696 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BCMSM.sys -- (BCMModem)
DRV - [2003/06/30 18:11:52 | 000,043,136 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {09971cee-01b8-42bc-9d91-456b1faad6be}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.mywebsea...022D5&si=165806
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 64 3B 8B AF BB 05 CC 01 [binary data]
IE - HKCU\..\URLSearchHook: {7846ae31-bea2-438a-8f5e-2d899361656c} - C:\Program Files\Game_Master_1.1\prxtbGam2.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://findgala.com/...q={searchTerms}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...&rlz=1I7ADSA_en
IE - HKCU\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/w...il&geo=US&ver=5
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2856449
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:25504


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Program Files\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpWinExt,version=5.0: C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\npwinext.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\Firefox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\IPSFFPlgn\ [2012/06/29 12:44:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\coFFPlgn_2011_7_5_1 [2012/06/29 14:55:29 | 000,000,000 | ---D | M]

[2010/11/07 17:30:23 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Siracusa\Application Data\Mozilla\Extensions

========== Chrome ==========

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\19.0.1084.56\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\19.0.1084.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.220.4 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U22 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: NPCIG.dll (Enabled) = C:\Program Files\Canon\ZoomBrowser EX\Program\NPCIG.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Documents and Settings\Siracusa\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
CHR - Extension: Google Search = C:\Documents and Settings\Siracusa\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
CHR - Extension: Gmail = C:\Documents and Settings\Siracusa\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\

O1 HOSTS File: ([2012/06/25 22:29:55 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Oryte Games 1.19 Toolbar) - {3654b12a-a3b9-40e9-988a-582f1fe2d265} - C:\Program Files\Oryte_Games_1.19\prxtbOry1.dll (Conduit Ltd.)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\5.2.0.13\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\5.2.0.13\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (no name) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - No CLSID value found.
O2 - BHO: (Game Master 1.1 Toolbar) - {7846ae31-bea2-438a-8f5e-2d899361656c} - C:\Program Files\Game_Master_1.1\prxtbGam2.dll (Conduit Ltd.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O2 - BHO: (no name) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - No CLSID value found.
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Oryte Games 1.19 Toolbar) - {3654b12a-a3b9-40e9-988a-582f1fe2d265} - C:\Program Files\Oryte_Games_1.19\prxtbOry1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Game Master 1.1 Toolbar) - {7846ae31-bea2-438a-8f5e-2d899361656c} - C:\Program Files\Game_Master_1.1\prxtbGam2.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\5.2.0.13\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - {8dcb7100-df86-4384-8842-8fa844297b3f} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Oryte Games 1.19 Toolbar) - {3654B12A-A3B9-40E9-988A-582F1FE2D265} - C:\Program Files\Oryte_Games_1.19\prxtbOry1.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Game Master 1.1 Toolbar) - {7846AE31-BEA2-438A-8F5E-2D899361656C} - C:\Program Files\Game_Master_1.1\prxtbGam2.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\5.2.0.13\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl04b\BrStDvPt.exe (Brother Industories, Ltd.)
O4 - HKCU..\Run: [PhotoShow Deluxe Media Manager] C:\Program Files\Nero\data\Xtras\mssysmgr.exe (Ahead Software)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisallowRun = 1
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1287697842560 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DB43E950-295E-46D9-8777-6F2C6A6EE409}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxsrvc.dll) - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/10/21 12:25:54 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/06/29 15:09:21 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2012/06/29 13:39:20 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Siracusa\Recent
[2012/06/25 23:49:58 | 000,448,512 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Siracusa\Desktop\TFC.exe
[2012/06/25 23:36:54 | 000,050,688 | ---- | C] (Atribune.org) -- C:\Documents and Settings\Siracusa\Desktop\ATF-Cleaner.exe
[2012/06/25 23:26:45 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2012/06/25 23:26:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Siracusa\Start Menu\Programs\Revo Uninstaller
[2012/06/25 23:18:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Chrome
[2012/06/25 23:14:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Siracusa\Application Data\SUPERAntiSpyware.com
[2012/06/25 23:13:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware
[2012/06/25 23:13:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2012/06/25 23:13:46 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2012/06/25 22:31:00 | 000,369,784 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0502000.00D\symtdi.sys
[2012/06/25 22:31:00 | 000,331,384 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0502000.00D\symtdiv.sys
[2012/06/25 22:30:59 | 000,744,568 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0502000.00D\symefa.sys
[2012/06/25 22:30:59 | 000,340,088 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0502000.00D\symds.sys
[2012/06/25 22:30:59 | 000,299,640 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0502000.00D\symnets.sys
[2012/06/25 22:30:58 | 000,516,216 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0502000.00D\srtsp.sys
[2012/06/25 22:30:58 | 000,136,312 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0502000.00D\ironx86.sys
[2012/06/25 22:30:58 | 000,050,168 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0502000.00D\srtspx.sys
[2012/06/25 22:30:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\N360\0502000.00D
[2012/06/25 22:29:02 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/06/25 22:28:38 | 000,596,992 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Siracusa\Desktop\OTL.exe
[2012/06/25 22:06:57 | 000,000,000 | ---D | C] -- C:\NBRT
[2012/06/25 22:01:37 | 000,000,000 | --SD | C] -- C:\ComboFix
[2012/06/25 22:01:07 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/06/25 21:59:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2012/06/25 21:58:39 | 004,569,239 | R--- | C] (Swearware) -- C:\Documents and Settings\Siracusa\Desktop\ComboFix.exe
[2012/06/25 21:42:56 | 000,000,000 | -HSD | C] -- C:\found.000
[2012/06/23 21:19:44 | 000,646,656 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Siracusa\My Documents\OTS.exe
[2012/06/21 21:10:52 | 000,126,584 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2012/06/21 21:10:52 | 000,060,872 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2012/06/21 21:10:52 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2012/06/21 21:10:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\N360
[2012/06/21 21:10:05 | 000,000,000 | ---D | C] -- C:\Program Files\Norton 360
[2012/06/21 21:10:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Norton 360
[2012/06/19 14:34:23 | 000,132,744 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NST\0200000.010\ccSetx86.sys
[2012/06/19 14:34:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\NST
[2012/06/19 14:34:19 | 000,000,000 | ---D | C] -- C:\Program Files\Norton Safe Web Lite
[2012/06/19 14:34:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\NST\0200000.010
[2012/06/18 13:55:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Siracusa\Application Data\Tific
[2012/06/18 13:55:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Siracusa\Local Settings\Application Data\Symantec
[2012/06/18 09:54:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Siracusa\Desktop\Aryeh-Justin 061712 Joe
[2012/06/18 09:43:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Siracusa\Desktop\kkk
[2012/06/18 01:33:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Siracusa\Desktop\nyc
[2012/06/15 18:50:25 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Siracusa\Start Menu\Programs\Administrative Tools
[2012/06/05 05:31:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2012/06/05 05:31:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe

========== Files - Modified Within 30 Days ==========

[2012/06/29 15:32:48 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/06/29 15:32:21 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/06/29 15:09:21 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2012/06/29 14:59:57 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/06/29 12:44:52 | 000,000,428 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{B36DD9EF-AE4E-4930-8A1A-937195E8A5AE}.job
[2012/06/25 23:49:58 | 000,448,512 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Siracusa\Desktop\TFC.exe
[2012/06/25 23:36:55 | 000,050,688 | ---- | M] (Atribune.org) -- C:\Documents and Settings\Siracusa\Desktop\ATF-Cleaner.exe
[2012/06/25 23:26:45 | 000,000,917 | ---- | M] () -- C:\Documents and Settings\Siracusa\Desktop\Revo Uninstaller.lnk
[2012/06/25 23:22:13 | 001,114,576 | ---- | M] () -- C:\Documents and Settings\Siracusa\Desktop\revosetup.exe
[2012/06/25 23:18:12 | 000,001,791 | ---- | M] () -- C:\Documents and Settings\Siracusa\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/06/25 23:18:11 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2012/06/25 23:13:56 | 000,001,678 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012/06/25 22:34:24 | 000,001,900 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Norton 360.LNK
[2012/06/25 22:33:36 | 000,594,448 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0502000.00D\Cat.DB
[2012/06/25 22:29:55 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2012/06/25 22:28:40 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Siracusa\Desktop\OTL.exe
[2012/06/25 22:06:56 | 606,076,928 | -HS- | M] () -- C:\NBRTPage.sys
[2012/06/25 21:58:51 | 004,569,239 | R--- | M] (Swearware) -- C:\Documents and Settings\Siracusa\Desktop\ComboFix.exe
[2012/06/23 21:19:44 | 000,646,656 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Siracusa\My Documents\OTS.exe
[2012/06/22 16:43:33 | 000,000,770 | ---- | M] () -- C:\Documents and Settings\Siracusa\Desktop\Norton Installation Files.lnk
[2012/06/21 21:10:52 | 000,126,584 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2012/06/21 21:10:52 | 000,060,872 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2012/06/21 21:10:52 | 000,007,468 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2012/06/21 21:10:52 | 000,000,806 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2012/06/16 03:23:48 | 000,436,064 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/06/16 03:23:48 | 000,068,834 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/06/15 10:55:09 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/06/14 11:24:40 | 000,002,576 | ---- | M] () -- C:\{F494C6D9-CEA9-48D3-8166-6E67F6693C6E}
[2012/06/04 11:17:13 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012/06/01 13:05:28 | 000,136,312 | ---- | M] () -- C:\{4BBF4D4B-8B0A-4FA4-8B69-076F59F357CB}
[2012/05/30 18:50:05 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job

========== Files Created - No Company Name ==========

[2012/06/25 23:26:45 | 000,000,917 | ---- | C] () -- C:\Documents and Settings\Siracusa\Desktop\Revo Uninstaller.lnk
[2012/06/25 23:22:11 | 001,114,576 | ---- | C] () -- C:\Documents and Settings\Siracusa\Desktop\revosetup.exe
[2012/06/25 23:18:12 | 000,001,791 | ---- | C] () -- C:\Documents and Settings\Siracusa\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/06/25 23:18:11 | 000,001,813 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2012/06/25 23:13:56 | 000,001,678 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012/06/25 22:33:17 | 000,594,448 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0502000.00D\Cat.DB
[2012/06/25 22:30:59 | 000,007,877 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0502000.00D\symnetv.cat
[2012/06/25 22:30:59 | 000,007,458 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0502000.00D\symnet.cat
[2012/06/25 22:30:59 | 000,007,456 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0502000.00D\symefa.cat
[2012/06/25 22:30:59 | 000,003,373 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0502000.00D\symefa.inf
[2012/06/25 22:30:59 | 000,002,792 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0502000.00D\symds.inf
[2012/06/25 22:30:59 | 000,001,473 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0502000.00D\symnetv.inf
[2012/06/25 22:30:59 | 000,001,445 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0502000.00D\symnet.inf
[2012/06/25 22:30:58 | 000,007,528 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0502000.00D\iron.cat
[2012/06/25 22:30:58 | 000,007,454 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0502000.00D\srtspx.cat
[2012/06/25 22:30:58 | 000,007,450 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0502000.00D\srtsp.cat
[2012/06/25 22:30:58 | 000,001,389 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0502000.00D\srtspx.inf
[2012/06/25 22:30:58 | 000,001,383 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0502000.00D\srtsp.inf
[2012/06/25 22:30:58 | 000,000,742 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0502000.00D\iron.inf
[2012/06/25 22:30:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0502000.00D\symds.cat
[2012/06/25 22:30:16 | 000,000,172 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0502000.00D\isolate.ini
[2012/06/25 22:06:56 | 606,076,928 | -HS- | C] () -- C:\NBRTPage.sys
[2012/06/21 21:10:52 | 000,007,468 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2012/06/21 21:10:52 | 000,000,806 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2012/06/21 21:10:38 | 000,001,900 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Norton 360.LNK
[2012/06/21 21:08:04 | 000,000,770 | ---- | C] () -- C:\Documents and Settings\Siracusa\Desktop\Norton Installation Files.lnk
[2012/06/19 14:34:19 | 000,007,510 | R--- | C] () -- C:\WINDOWS\System32\drivers\NST\0200000.010\ccSetx86.cat
[2012/06/19 14:34:19 | 000,000,828 | R--- | C] () -- C:\WINDOWS\System32\drivers\NST\0200000.010\ccSetx86.inf
[2012/06/19 14:34:19 | 000,000,172 | ---- | C] () -- C:\WINDOWS\System32\drivers\NST\0200000.010\isolate.ini
[2012/06/15 10:55:09 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/06/14 11:24:40 | 000,002,576 | ---- | C] () -- C:\{F494C6D9-CEA9-48D3-8166-6E67F6693C6E}
[2012/06/01 13:05:28 | 000,136,312 | ---- | C] () -- C:\{4BBF4D4B-8B0A-4FA4-8B69-076F59F357CB}
[2012/05/29 12:08:16 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2012/02/15 02:04:59 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/04/21 15:46:51 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/10/30 10:05:53 | 000,000,111 | ---- | C] () -- C:\Documents and Settings\Siracusa\default.pls
[2010/10/30 10:05:07 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010/10/27 11:22:18 | 000,103,720 | ---- | C] () -- C:\Documents and Settings\Siracusa\GoToAssistDownloadHelper.exe
[2010/10/26 19:37:23 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Brownie.ini
[2010/10/26 19:30:53 | 000,000,030 | ---- | C] () -- C:\WINDOWS\System32\brss01a.ini
[2010/10/26 19:29:19 | 000,000,419 | ---- | C] () -- C:\WINDOWS\brwmark.ini
[2010/10/26 19:29:19 | 000,000,236 | ---- | C] () -- C:\WINDOWS\Brpfx04a.ini
[2010/10/26 19:29:19 | 000,000,092 | ---- | C] () -- C:\WINDOWS\brpcfx.ini
[2010/10/26 19:29:19 | 000,000,079 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2010/10/26 19:29:19 | 000,000,050 | ---- | C] () -- C:\WINDOWS\System32\BRIDF04A.dat
[2010/10/26 19:28:35 | 000,000,000 | ---- | C] () -- C:\WINDOWS\brdfxspd.dat
[2010/10/26 19:27:15 | 000,027,019 | ---- | C] () -- C:\WINDOWS\maxlink.ini
[2010/10/26 17:14:34 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010/10/21 12:28:59 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/10/21 12:22:23 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/10/21 07:23:54 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010/10/21 07:22:18 | 000,210,488 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

< End of report >
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP