Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

IRP Hook, infection, Help to remove please

Started by derrickch , Jan 06 2011 06:31 AM

  • Please log in to reply

#1
derrickch
Posted 06 January 2011 - 06:31 AM

derrickch

    New Member

  • Member
  • Pip
  • 1 posts
Hi I ran an AVG 2011 scan and was informed that I was infected with an IRP hook in the system, it gave me the following descriptions but said the object was hidden, I would be very gratefull for any assistance in rmoving the said infection. I have followed instructions from forum, but have not tried to remove the infection on my own as I am self taught and not that clever.
File. C:Winows/system 32/dla/tfsnifs.system
Infection. IRPHOOK/FileSystem/cdfs/IRP_...
and the information that the object was hidden. Many Thanks for any assistance.

OTL logfile created on: 06/01/2011 12:00:28 - Run 1
OTL by OldTimer - Version 3.2.20.1 Folder = C:\Documents and Settings\Derrick\My Documents
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

190.00 Mb Total Physical Memory | 15.00 Mb Available Physical Memory | 8.00% Memory free
752.00 Mb Paging File | 198.00 Mb Available in Paging File | 26.00% Paging File free
Paging file location(s): C:\pagefile.sys 575 900 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55.89 Gb Total Space | 46.80 Gb Free Space | 83.73% Space Free | Partition Type: NTFS
Drive E: | 40.13 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: YOUR-E0367A1424 | User Name: Derrick | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/01/06 11:51:13 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Derrick\My Documents\OTL.exe
PRC - [2010/11/10 19:08:04 | 000,724,048 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2010/11/10 19:08:02 | 006,127,184 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2010/10/27 05:15:24 | 001,073,504 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgnsx.exe
PRC - [2010/10/27 05:14:50 | 001,047,904 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgemcx.exe
PRC - [2010/10/25 05:15:46 | 003,988,320 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgui.exe
PRC - [2010/10/22 04:58:18 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe
PRC - [2010/10/22 04:57:54 | 002,745,696 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgtray.exe
PRC - [2010/10/22 04:57:38 | 000,652,640 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgrsx.exe
PRC - [2010/10/22 04:56:58 | 000,845,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgcsrvx.exe
PRC - [2010/10/22 04:56:56 | 000,647,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgchsvx.exe
PRC - [2010/04/28 20:26:44 | 000,252,928 | ---- | M] (Vodafone) -- C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe
PRC - [2008/04/14 00:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005/08/01 21:25:44 | 001,093,632 | ---- | M] (TOSHIBA Inc.) -- C:\Program Files\Toshiba\Windows Utilities\Hotkey.exe
PRC - [2005/07/08 00:13:14 | 000,036,864 | ---- | M] () -- C:\WINDOWS\system32\acs.exe
PRC - [2005/05/12 09:31:38 | 000,118,784 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\TOSHIBA Zooming Utility\SmoothView.exe
PRC - [2005/04/22 18:54:14 | 000,962,560 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
PRC - [2005/04/11 10:26:06 | 000,065,536 | ---- | M] (TOSHIBA) -- C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
PRC - [2005/01/17 23:38:38 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe
PRC - [2004/11/17 09:56:10 | 001,077,327 | ---- | M] (TOSHIBA) -- C:\Program Files\Toshiba\Touch and Launch\PadExe.exe
PRC - [2004/10/08 21:44:24 | 000,098,394 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
PRC - [2004/08/05 16:23:10 | 000,308,352 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe


========== Modules (SafeList) ==========

MOD - [2011/01/06 11:51:13 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Derrick\My Documents\OTL.exe
MOD - [2010/08/23 16:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2004/10/08 21:44:16 | 000,069,722 | ---- | M] (Synaptics, Inc.) -- C:\WINDOWS\system32\SynTPFcs.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010/11/10 19:08:02 | 006,127,184 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2010/10/22 04:58:18 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010/04/28 20:26:26 | 000,009,216 | ---- | M] (Vodafone) [Auto | Stopped] -- C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe -- (VmbService)
SRV - [2005/07/08 00:13:14 | 000,036,864 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\acs.exe -- (ACS)
SRV - [2005/01/17 23:38:38 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe -- (CFSvcs)
SRV - [2004/08/05 16:23:10 | 000,308,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe -- (SymWSC)


========== Driver Services (SafeList) ==========

DRV - [2010/11/09 22:20:58 | 000,299,984 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2010/09/13 15:27:24 | 000,025,680 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2010/09/07 03:48:56 | 000,034,384 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2010/09/07 03:48:54 | 000,249,424 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2010/09/07 03:48:50 | 000,026,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2010/08/19 20:42:38 | 000,030,288 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2010/08/19 20:42:36 | 000,123,472 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2010/08/19 20:42:34 | 000,026,192 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2010/04/19 15:42:40 | 000,105,856 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - [2010/04/19 15:42:40 | 000,105,856 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - [2010/04/19 15:42:38 | 000,105,856 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\zteusbvoice.sys -- (ZTEusbvoice)
DRV - [2010/04/19 15:42:38 | 000,105,856 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - [2010/03/25 18:09:48 | 000,114,688 | R--- | M] (ZTE Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ZTEusbnet.sys -- (ZTEusbnet)
DRV - [2005/06/29 06:01:58 | 001,241,088 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005/06/17 22:17:48 | 000,352,000 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\camc6hal.sys -- (CAMCHALA)
DRV - [2005/06/17 22:17:00 | 000,038,144 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\camc6aud.sys -- (CAMCAUD)
DRV - [2005/06/11 04:42:40 | 000,005,504 | ---- | M] (Quanta Computer Corp) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BoiHwSetup.sys -- (BoiHwsetup)
DRV - [2005/05/31 04:33:00 | 000,100,605 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnudfa.sys -- (tfsnudfa)
DRV - [2005/05/31 04:33:00 | 000,098,716 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnudf.sys -- (tfsnudf)
DRV - [2005/05/31 04:33:00 | 000,086,876 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnifs.sys -- (tfsnifs)
DRV - [2005/05/31 04:33:00 | 000,034,845 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsncofs.sys -- (tfsncofs)
DRV - [2005/05/31 04:33:00 | 000,025,725 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnboio.sys -- (tfsnboio)
DRV - [2005/05/31 04:33:00 | 000,015,069 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnopio.sys -- (tfsnopio)
DRV - [2005/05/31 04:33:00 | 000,006,365 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnpool.sys -- (tfsnpool)
DRV - [2005/05/31 04:33:00 | 000,004,125 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsndrct.sys -- (tfsndrct)
DRV - [2005/05/31 04:33:00 | 000,002,241 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsndres.sys -- (tfsndres)
DRV - [2005/05/25 00:39:44 | 000,465,952 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)
DRV - [2005/05/13 09:37:28 | 000,005,627 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\sscdbhk5.sys -- (sscdbhk5)
DRV - [2005/05/13 09:37:20 | 000,023,545 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\ssrtln.sys -- (ssrtln)
DRV - [2005/05/09 14:17:06 | 000,031,360 | ---- | M] (Quanta Computer, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\qkbfiltr.sys -- (qkbfiltr)
DRV - [2005/05/05 13:27:38 | 000,007,936 | ---- | M] (Quanta Computer, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\qmofiltr.sys -- (qmofiltr)
DRV - [2005/04/22 02:22:00 | 000,088,352 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\drvmcdb.sys -- (drvmcdb)
DRV - [2005/04/21 01:56:00 | 000,040,544 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\drvnddm.sys -- (drvnddm)
DRV - [2005/04/01 00:08:02 | 000,211,200 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWATI.sys -- (HSFHWATI)
DRV - [2005/03/31 23:08:46 | 001,034,240 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2005/03/31 23:08:00 | 000,714,880 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2004/12/02 23:36:08 | 000,070,912 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp)
DRV - [2004/10/08 21:33:46 | 000,185,824 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2004/08/03 22:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2003/01/29 21:35:00 | 000,012,032 | ---- | M] (TOSHIBA Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Netdevio.sys -- (Netdevio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.co.uk/0...S01?FORM=TOOLBR
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bbc.co.uk/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG10\Firefox\ [2010/12/22 20:22:37 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2004/08/04 12:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [MobileBroadband] C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe (Vodafone)
O4 - HKLM..\Run: [NDSTray.exe] File not found
O4 - HKLM..\Run: [PadTouch] C:\Program Files\Toshiba\Touch and Launch\PadExe.exe (TOSHIBA)
O4 - HKLM..\Run: [SmoothView] C:\Program Files\Toshiba\TOSHIBA Zooming Utility\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [Toshiba Hotkey Utility] C:\Program Files\Toshiba\Windows Utilities\Hotkey.exe (TOSHIBA Inc.)
O4 - HKCU..\Run: [TOSCDSPD] C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\NPJPI150_02.dll (Sun Microsystems, Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_02)
O16 - DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_02)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.206.65.68 10.206.65.68
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/08/04 12:37:42 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/04/28 22:49:17 | 000,000,118 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{875fe5b8-0de2-11e0-86fa-00c09fced352}\Shell - "" = AutoRun
O33 - MountPoints2\{875fe5b8-0de2-11e0-86fa-00c09fced352}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{875fe5b8-0de2-11e0-86fa-00c09fced352}\Shell\AutoRun\command - "" = E:\setup_vmb_lite.exe -- [2010/04/16 16:39:09 | 000,274,432 | R--- | M] (Vodafone)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/01/06 11:50:48 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Derrick\My Documents\OTL.exe
[2011/01/06 11:19:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2011/01/01 10:03:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Derrick\Local Settings\Application Data\Identities
[2010/12/27 10:59:59 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2010/12/24 10:26:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Works
[2010/12/24 10:15:17 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2010/12/23 07:58:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2010/12/23 07:58:37 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2010/12/23 07:58:12 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2010/12/23 07:56:49 | 000,000,000 | ---D | C] -- C:\decdb5cd91cf4f1214e47a1adaa6d4
[2010/12/22 21:25:34 | 000,000,000 | -H-D | C] -- C:\$AVG
[2010/12/22 20:34:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Derrick\Application Data\AVG10
[2010/12/22 20:28:36 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2010/12/22 20:27:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AVG 2011
[2010/12/22 20:22:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2010/12/22 20:22:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\AVG
[2010/12/22 20:21:39 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2010/12/22 20:10:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2010/12/22 19:16:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2010/12/22 18:59:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2010/12/22 18:59:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2010/12/22 18:59:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2010/12/22 18:59:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2010/12/22 18:55:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2010/12/22 18:50:45 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2010/12/22 18:50:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\EHome
[2010/12/22 18:18:03 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Derrick\IECompatCache
[2010/12/22 18:17:14 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Derrick\PrivacIE
[2010/12/22 18:15:10 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Derrick\IETldCache
[2010/12/22 18:02:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2010/12/22 18:01:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2010/12/22 18:00:12 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2010/12/22 18:00:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2010/12/22 17:54:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2010/12/22 17:20:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2010/12/22 17:19:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2010/12/22 17:17:08 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Derrick\UserData
[2010/12/22 17:02:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Derrick\Application Data\Macromedia
[2010/12/22 17:00:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Derrick\Application Data\FLEXnet
[2010/12/22 16:56:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2010/12/22 15:52:37 | 000,114,688 | R--- | C] (ZTE Corporation) -- C:\WINDOWS\System32\drivers\ZTEusbnet.sys
[2010/12/22 15:52:31 | 000,105,856 | R--- | C] (ZTE Incorporated) -- C:\WINDOWS\System32\drivers\ZTEusbmdm6k.sys
[2010/12/22 15:52:27 | 000,105,856 | R--- | C] (ZTE Incorporated) -- C:\WINDOWS\System32\drivers\zteusbvoice.sys
[2010/12/22 15:52:23 | 000,105,856 | R--- | C] (ZTE Incorporated) -- C:\WINDOWS\System32\drivers\ZTEusbnmea.sys
[2010/12/22 15:52:19 | 000,105,856 | R--- | C] (ZTE Incorporated) -- C:\WINDOWS\System32\drivers\ZTEusbser6k.sys
[2010/12/22 15:51:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Derrick\Application Data\Vodafone
[2010/12/22 15:51:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Vodafone
[2010/12/22 15:51:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2010/12/22 15:50:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Vodafone
[2010/12/22 15:50:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Vodafone
[2010/12/22 15:50:29 | 000,000,000 | ---D | C] -- C:\Program Files\Vodafone
[2010/12/22 15:50:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\FLEXnet
[2010/12/22 15:50:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Derrick\Local Settings\Application Data\{FA6F1E64-A6BD-4822-A094-03171A37E8C6}
[2010/12/22 15:37:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Derrick\Nethood
[2010/12/22 15:37:00 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Derrick\Application Data\Microsoft
[2010/12/22 15:37:00 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Derrick\Application Data
[2010/12/22 15:37:00 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Derrick\My Documents\My Pictures
[2010/12/22 15:37:00 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Derrick\My Documents\My Music
[2010/12/22 15:37:00 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Derrick\My Documents
[2010/12/22 15:37:00 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Derrick\Favorites
[2010/12/22 15:37:00 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Derrick\Cookies
[2010/12/22 15:37:00 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Derrick\Local Settings
[2010/12/22 15:37:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Derrick\Application Data\toshiba
[2010/12/22 15:37:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Derrick\Application Data\Symantec
[2010/12/22 15:37:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Derrick\Application Data\Sonic
[2010/12/22 15:37:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Derrick\Local Settings\Application Data\Microsoft
[2010/12/22 15:37:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Derrick\Application Data\Identities
[2010/12/22 15:37:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Derrick\Local Settings\Application Data\Help
[2010/12/22 15:37:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Derrick\Application Data\Help
[2010/12/22 15:37:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Derrick\Desktop
[2010/12/22 15:37:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Derrick\Local Settings\Application Data\ApplicationHistory
[2010/12/22 15:37:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Derrick\Local Settings\Application Data\Adobe
[2010/12/22 15:37:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Derrick\Application Data\Adobe
[2010/12/22 15:37:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Derrick\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150020}
[2010/12/22 15:36:59 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Derrick\SendTo
[2010/12/22 15:36:59 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Derrick\Recent
[2010/12/22 15:36:59 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Derrick\Start Menu\Programs\Startup
[2010/12/22 15:36:59 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Derrick\Start Menu
[2010/12/22 15:36:59 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Derrick\Start Menu\Programs\Accessories
[2010/12/22 15:36:59 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Derrick\Templates
[2010/12/22 15:36:59 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Derrick\PrintHood
[2010/12/22 15:35:56 | 000,028,672 | ---- | C] (ASKEY COMPUTER CORP.) -- C:\WINDOWS\System32\DelRunOnceReg.exe
[2010/12/22 15:35:53 | 000,352,256 | ---- | C] (Atheros) -- C:\WINDOWS\System32\athcfg11.dll
[2010/12/22 15:35:53 | 000,237,568 | ---- | C] (Atheros) -- C:\WINDOWS\System32\wgapi.dll
[2010/12/22 15:35:53 | 000,233,472 | ---- | C] (Atheros) -- C:\WINDOWS\System32\wcapi.dll
[2010/12/22 15:35:53 | 000,077,824 | ---- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\athcfg11res.dll
[2010/12/22 15:35:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Atheros
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/01/06 11:57:44 | 000,000,491 | ---- | M] () -- C:\Documents and Settings\Derrick\My Documents\Shortcut to OTL.lnk
[2011/01/06 11:51:13 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Derrick\My Documents\OTL.exe
[2011/01/06 11:03:30 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/01/06 11:03:20 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/01/06 11:03:00 | 199,479,296 | -HS- | M] () -- C:\hiberfil.sys
[2011/01/01 10:05:34 | 103,143,768 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2011/01/01 09:43:01 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\Derrick\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/12/31 22:30:42 | 000,002,515 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SMS.lnk
[2010/12/27 09:24:40 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/12/25 04:37:48 | 000,209,696 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/12/24 11:59:16 | 000,441,692 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/12/24 11:59:16 | 000,071,462 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/12/24 10:50:58 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Derrick\Application Data\wklnhst.dat
[2010/12/24 10:49:10 | 000,000,814 | ---- | M] () -- C:\Documents and Settings\Derrick\Desktop\Microsoft Works.LNK
[2010/12/22 20:27:44 | 000,000,690 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 2011.lnk
[2010/12/22 19:16:34 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2010/12/22 18:54:50 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/12/22 18:15:15 | 000,001,503 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Browser Choice.lnk
[2010/12/22 15:50:45 | 000,001,911 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Vodafone Mobile Broadband.lnk
[2010/12/22 15:37:35 | 000,000,786 | ---- | M] () -- C:\Documents and Settings\Derrick\Desktop\Windows Media Player.lnk
[2010/12/22 15:37:22 | 000,000,000 | RHS- | M] () -- C:\WINDOWS\System32\drivers\TOSHIBA_Satellite L20_03471000-EN_PSL2XE-01P00.MRK
[2010/12/22 15:36:03 | 000,000,332 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2010/12/22 15:35:37 | 000,000,597 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Additional Software.lnk
[2010/12/22 15:35:35 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2010/12/22 15:35:33 | 000,000,258 | ---- | M] () -- C:\WINDOWS\tasks\Registration reminder 3.job
[2010/12/22 15:35:33 | 000,000,258 | ---- | M] () -- C:\WINDOWS\tasks\Registration reminder 2.job
[2010/12/22 15:35:32 | 000,000,258 | ---- | M] () -- C:\WINDOWS\tasks\Registration reminder 1.job
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/01/06 11:57:42 | 000,000,491 | ---- | C] () -- C:\Documents and Settings\Derrick\My Documents\Shortcut to OTL.lnk
[2011/01/01 10:05:34 | 103,143,768 | ---- | C] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2010/12/24 10:50:58 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Derrick\Application Data\wklnhst.dat
[2010/12/24 10:48:55 | 000,000,814 | ---- | C] () -- C:\Documents and Settings\Derrick\Desktop\Microsoft Works.LNK
[2010/12/22 20:27:44 | 000,000,690 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG 2011.lnk
[2010/12/22 18:42:16 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2010/12/22 18:42:06 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2010/12/22 18:41:02 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2010/12/22 18:15:14 | 000,001,503 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Browser Choice.lnk
[2010/12/22 15:50:45 | 000,002,515 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SMS.lnk
[2010/12/22 15:50:45 | 000,001,911 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Vodafone Mobile Broadband.lnk
[2010/12/22 15:40:38 | 000,000,075 | ---- | C] () -- C:\Documents and Settings\Derrick\LuResult.txt
[2010/12/22 15:37:35 | 000,000,786 | ---- | C] () -- C:\Documents and Settings\Derrick\Desktop\Windows Media Player.lnk
[2010/12/22 15:37:22 | 000,000,000 | RHS- | C] () -- C:\WINDOWS\System32\drivers\TOSHIBA_Satellite L20_03471000-EN_PSL2XE-01P00.MRK
[2010/12/22 15:37:01 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\Derrick\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/12/22 15:37:01 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\Derrick\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2010/12/22 15:35:56 | 000,266,240 | ---- | C] () -- C:\WINDOWS\System32\ControlWZCS.exe
[2010/12/22 15:35:53 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\acs.exe
[2010/12/22 15:35:45 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\AegisI5.exe
[2010/12/22 15:35:37 | 000,000,597 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Additional Software.lnk
[2010/12/22 15:35:33 | 000,000,258 | ---- | C] () -- C:\WINDOWS\tasks\Registration reminder 3.job
[2010/12/22 15:35:32 | 000,000,258 | ---- | C] () -- C:\WINDOWS\tasks\Registration reminder 2.job
[2010/12/22 15:35:32 | 000,000,258 | ---- | C] () -- C:\WINDOWS\tasks\Registration reminder 1.job
[2010/12/22 15:31:37 | 199,479,296 | -HS- | C] () -- C:\hiberfil.sys
[2010/04/22 19:37:02 | 000,155,474 | R--- | C] () -- C:\Documents and Settings\All Users\Application Data\DeviceManager.xml.rc4
[2005/08/05 10:54:46 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/08/05 06:13:52 | 000,006,757 | ---- | C] () -- C:\WINDOWS\TcdsASC2.ini
[2005/08/05 06:00:25 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/08/04 13:51:26 | 000,000,228 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2005/08/04 13:49:45 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2005/08/04 13:49:45 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2005/08/04 13:49:45 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2005/08/04 13:49:45 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2005/08/04 13:49:45 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2005/08/04 13:49:45 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2005/08/04 13:47:47 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NDSTray.INI
[2005/08/04 13:45:38 | 000,011,122 | ---- | C] () -- C:\WINDOWS\HWSetupStr.ini
[2005/08/04 13:45:38 | 000,002,036 | R--- | C] () -- C:\WINDOWS\SVPW32Str.ini
[2005/08/04 13:40:57 | 000,128,113 | ---- | C] () -- C:\WINDOWS\System32\csellang.ini
[2005/08/04 13:40:57 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\csellang.dll
[2005/08/04 13:40:57 | 000,009,362 | ---- | C] () -- C:\WINDOWS\System32\tosmreg.ini
[2005/08/04 13:40:57 | 000,007,671 | ---- | C] () -- C:\WINDOWS\System32\cseltbl.ini
[2005/08/04 13:28:44 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2005/08/04 12:40:58 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2005/08/04 11:21:40 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\ToshBIOS.dll
[2005/08/04 11:21:40 | 000,000,083 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/06/30 20:15:40 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/11/12 04:08:36 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\tsbwls.dll

========== LOP Check ==========

[2010/12/22 20:31:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2010/12/22 20:28:36 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2010/12/22 20:21:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2010/12/22 15:50:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Vodafone
[2010/12/22 20:34:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Derrick\Application Data\AVG10
[2005/08/04 13:47:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Derrick\Application Data\toshiba
[2010/12/22 15:51:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Derrick\Application Data\Vodafone
[2010/12/22 15:35:32 | 000,000,258 | ---- | M] () -- C:\WINDOWS\Tasks\Registration reminder 1.job
[2010/12/22 15:35:33 | 000,000,258 | ---- | M] () -- C:\WINDOWS\Tasks\Registration reminder 2.job
[2010/12/22 15:35:33 | 000,000,258 | ---- | M] () -- C:\WINDOWS\Tasks\Registration reminder 3.job

========== Purity Check ==========



< End of report >
  • 0

Advertisements

#2
kahdah
Posted 07 January 2011 - 06:34 AM

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Hello derrickch

Welcome to Geeks to Go.
====================
That file belongs to Sonic the dla is how I can tell it belongs to Sonic > http://www.roxio.com...a/overview.html

DLA is now called Roxio Burn.

It is nothing to worry about and I see no infection in your logs.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP