Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojan SPM/LX


  • This topic is locked This topic is locked
2 replies to this topic

#1 wldktty

wldktty

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Texas
  • Local time:02:13 AM

Posted 13 February 2010 - 07:26 PM

I think my son has gotten this virus on his laptop.. His laptop goes to the log in screen and then logs back off.... then returns to log in screen. Computer will not boot in safe mode or anything. This problem occurred when he downloaded something ( music ) from limewire. I have been reading post by others and I have run the OTLPE program that was listed and I have copied the results here........ If anyone can please help me solve this problem I would greatly appreciate it.....

OTL logfile created on: 2/13/2010 6:16:57 PM - Run
OTLPE by OldTimer - Version 3.1.27.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,014.00 Mb Total Physical Memory | 829.00 Mb Available Physical Memory | 82.00% Memory free
901.00 Mb Paging File | 847.00 Mb Available in Paging File | 94.00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 142.05 Gb Total Space | 128.67 Gb Free Space | 90.58% Space Free | Partition Type: NTFS
Drive D: | 1.87 Gb Total Space | 1.87 Gb Free Space | 100.00% Space Free | Partition Type: FAT
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive X: | 276.79 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO
Current User Name: SYSTEM
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 60 Days
Output = Standard
using ControlSet: ControlSet002

========== Win32 Services (SafeList) ==========

SRV - [2010/01/25 02:21:59 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) [Auto] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2010/01/19 23:06:16 | 01,201,640 | ---- | M] (Webroot Software, Inc. ) [Auto] -- C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe -- (WRConsumerService)
SRV - [2009/11/06 13:00:22 | 04,048,240 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) [Auto] -- C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe -- (WebrootSpySweeperService)
SRV - [2009/03/12 00:05:19 | 00,295,424 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\termsrv32.dll -- (TermService)
SRV - [2009/02/05 10:14:56 | 00,237,568 | ---- | M] (Acer Incorporated) [Auto] -- C:\Program Files\Acer\Acer VCM\RS_Service.exe -- (RS_Service)
SRV - [2009/01/27 23:37:24 | 00,073,728 | ---- | M] (Hewlett-Packard Company) [Auto] -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2008/11/09 15:48:14 | 00,602,392 | ---- | M] (Yahoo! Inc.) [Auto] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/08/08 12:28:12 | 00,053,032 | ---- | M] (Nero AG) [Auto] -- C:\Program Files\Nero\Nero8\InCD\NBHRegInCDSrv.exe -- (NeroRegInCDSrv)
SRV - [2008/08/08 12:28:10 | 01,442,088 | ---- | M] (Nero AG) [Auto] -- C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe -- (InCDsrv)
SRV - [2008/06/24 16:05:56 | 00,537,896 | ---- | M] (Nero AG) [On_Demand] -- C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe -- (NMIndexingService)
SRV - [2008/04/15 19:54:42 | 00,354,840 | ---- | M] (Intel Corporation) [Auto] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://global.acer.com
IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\HelpAssistant_ON_C\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&a...mp;m=aspire_one
IE - HKU\HelpAssistant_ON_C\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\HelpAssistant_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\Phillip_ON_C\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&a...mp;m=aspire_one
IE - HKU\Phillip_ON_C\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\Phillip_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0




O1 HOSTS File: ([2010/01/19 23:13:47 | 00,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\HelpAssistant_ON_C\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\Phillip_ON_C\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AzMixerSel] C:\Program Files\Realtek\Audio\Drivers\AzMixerSel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [InCD] C:\Program Files\Nero\Nero8\InCD\InCD.exe (Nero AG)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [Persistence] C:\WINDOWS\System32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PLFSetL] C:\WINDOWS\PLFSetL.exe (sonix)
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SecurDisc] C:\Program Files\Nero\Nero8\InCD\NBHGui.exe (Nero AG)
O4 - HKLM..\Run: [smss32.exe] C:\WINDOWS\System32\smss32.exe File not found
O4 - HKLM..\Run: [snp2uvc] C:\WINDOWS\System32\csnp2uvc.DLL ( )
O4 - HKLM..\Run: [SpySweeper] C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe (Webroot Software, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated)
O4 - HKU\HelpAssistant_ON_C..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
O4 - HKU\HelpAssistant_ON_C..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company)
O4 - HKU\HelpAssistant_ON_C..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKU\Phillip_ON_C..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
O4 - HKU\Phillip_ON_C..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company)
O4 - HKU\Phillip_ON_C..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKU\Administrator_ON_C..\RunOnce: [NeroHomeFirstStart] C:\Program Files\Common Files\Nero\Lib\NMFirstStart.exe (Nero AG)
O4 - HKU\Administrator_ON_C..\RunOnce: [ScrSav] C:\WINDOWS\Screensavers\Acer\run_Acer.exe (TODO: <Company name>)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\HelpAssistant_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\HelpAssistant_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 1
O7 - HKU\HelpAssistant_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O7 - HKU\HelpAssistant_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Phillip_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Phillip_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 1
O7 - HKU\Phillip_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O7 - HKU\Phillip_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\HelpAssistant_ON_C\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKU\HelpAssistant_ON_C\..Trusted Ranges: GD ([http] in Local intranet)
O15 - HKU\Phillip_ON_C\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKU\Phillip_ON_C\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_16)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 24.116.2.50 24.116.2.34
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Acer\Acer VCM\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\progra~1\google\google~1\goec62~1.dll) - c:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\winlogon32.exe) - C:\WINDOWS\System32\winlogon32.exe File not found
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Acer.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Acer.bmp
O30 - LSA: Authentication Packages - (OWS\S) - File not found
O30 - LSA: Security Packages - (| ---- | m] (microsoft corpora) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/03/12 00:07:49 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 06:06:41 | 00,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 60 Days ==========

[2010/02/13 17:39:07 | 00,000,000 | --SD | C] -- C:\Documents and Settings\Administrator\IETldCache
[2010/01/30 20:34:34 | 00,000,000 | --SD | C] -- C:\Documents and Settings\Administrator\Application Data\Microsoft
[2010/01/30 20:34:34 | 00,000,000 | --SD | C] -- C:\Documents and Settings\Administrator\Cookies
[2010/01/30 20:34:34 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\SendTo
[2010/01/30 20:34:34 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent
[2010/01/30 20:34:34 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Application Data
[2010/01/30 20:34:34 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Start Menu
[2010/01/30 20:34:34 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\My Documents\My Pictures
[2010/01/30 20:34:34 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\My Documents\My Music
[2010/01/30 20:34:34 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\My Documents
[2010/01/30 20:34:34 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Favorites
[2010/01/30 20:34:34 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\Templates
[2010/01/30 20:34:34 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\PrintHood
[2010/01/30 20:34:34 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\NetHood
[2010/01/30 20:34:34 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\Local Settings
[2010/01/30 20:34:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Super-Cow
[2010/01/30 20:34:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Oberon Games
[2010/01/30 20:34:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\My Google Gadgets
[2010/01/30 20:34:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft Help
[2010/01/30 20:34:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft
[2010/01/30 20:34:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Macromedia
[2010/01/30 20:34:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\InstallShield
[2010/01/30 20:34:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Identities
[2010/01/30 20:34:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Grubby Games
[2010/01/30 20:34:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Google
[2010/01/30 20:34:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop
[2010/01/30 20:34:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Adobe
[2010/01/30 20:34:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Acer GameZone Console
[2010/01/30 20:34:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Acer
[2010/01/27 01:31:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2010/01/27 01:31:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phillip\Local Settings\Application Data\Adobe
[2010/01/26 22:23:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phillip\Desktop\Incomplete
[2010/01/25 03:35:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phillip\Desktop\new music fold
[2010/01/25 02:52:20 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phillip\Desktop\music
[2010/01/25 02:24:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phillip\My Documents\LimeWire
[2010/01/25 02:24:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phillip\Application Data\Mozilla
[2010/01/25 02:23:05 | 00,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deploytk.dll
[2010/01/25 02:23:05 | 00,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/01/25 02:23:05 | 00,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010/01/25 02:23:04 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/01/25 02:23:04 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/01/25 02:21:48 | 00,000,000 | ---D | C] -- C:\Program Files\Java
[2010/01/25 02:21:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phillip\Application Data\Sun
[2010/01/23 12:37:59 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\LightScribe
[2010/01/23 12:36:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phillip\Local Settings\Application Data\Ahead
[2010/01/23 12:34:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phillip\Application Data\Nero
[2010/01/23 12:27:31 | 00,000,000 | ---D | C] -- C:\Program Files\Nero
[2010/01/23 12:27:31 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Nero
[2010/01/23 12:25:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\RegisteredPackages
[2010/01/23 12:24:03 | 02,388,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_30.dll
[2010/01/23 12:24:01 | 02,323,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_28.dll
[2010/01/23 12:19:14 | 00,057,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\redbook.sys
[2010/01/23 12:19:10 | 00,026,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbstor.sys
[2010/01/20 09:15:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phillip\Local Settings\Application Data\Identities
[2010/01/20 07:39:46 | 00,000,000 | -HSD | C] -- C:\RECYCLER
[2010/01/20 07:39:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phillip\Desktop\keepers
[2010/01/20 06:31:29 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\Phillip\IECompatCache
[2010/01/20 06:29:52 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\Phillip\PrivacIE
[2010/01/20 06:18:34 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2010/01/20 06:18:28 | 00,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2010/01/20 06:18:16 | 00,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2010/01/20 06:17:36 | 00,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe
[2010/01/20 06:17:36 | 00,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll
[2010/01/20 06:17:36 | 00,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll
[2010/01/20 06:17:36 | 00,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll
[2010/01/20 06:17:35 | 01,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll
[2010/01/20 06:17:35 | 01,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll
[2010/01/20 06:17:34 | 00,000,000 | ---D | C] -- C:\f7ba587107c1fb682f58b23a7baca6c1
[2010/01/20 06:08:18 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\Phillip\IETldCache
[2010/01/20 06:01:16 | 00,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2010/01/20 05:59:39 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2010/01/20 05:41:05 | 00,000,000 | ---D | C] -- C:\WINDOWS\ie7updates
[2010/01/20 00:31:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2010/01/20 00:08:43 | 00,000,000 | ---D | C] -- C:\WINDOWS\3G
[2010/01/19 23:19:28 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2010/01/19 23:15:30 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax
[2010/01/19 23:15:22 | 00,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax
[2010/01/19 23:15:22 | 00,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kswdmcap.ax
[2010/01/19 23:15:22 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax
[2010/01/19 23:15:22 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kstvtune.ax
[2010/01/19 23:15:22 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vfwwdm32.dll
[2010/01/19 23:15:22 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vfwwdm32.dll
[2010/01/19 23:15:22 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax
[2010/01/19 23:15:22 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vidcap.ax
[2010/01/19 23:15:21 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax
[2010/01/19 23:15:21 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksxbar.ax
[2010/01/19 23:15:21 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dshowext.ax
[2010/01/19 23:14:56 | 00,000,000 | -HSD | C] -- C:\System Volume Information
[2010/01/19 23:05:53 | 00,511,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\capicom.dll
[2010/01/19 23:05:12 | 00,000,000 | ---D | C] -- C:\Program Files\MSSOAP
[2010/01/19 23:04:53 | 01,563,008 | ---- | C] (Webroot Software, Inc.) -- C:\WINDOWS\WRSetup.dll
[2010/01/19 23:04:53 | 00,000,000 | ---D | C] -- C:\Program Files\Webroot
[2010/01/19 23:04:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phillip\Application Data\Webroot
[2010/01/19 22:48:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phillip\Local Settings\Application Data\Yahoo
[2010/01/19 22:45:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phillip\Application Data\Yahoo!
[2010/01/19 22:43:05 | 00,000,000 | ---D | C] -- C:\Program Files\Yahoo!
[2010/01/19 22:34:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phillip\Application Data\Google
[2010/01/19 22:32:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2010/01/19 22:26:11 | 00,000,000 | ---D | C] -- C:\WINDOWS\Screensavers
[2010/01/19 22:24:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\BTW
[2010/01/19 22:23:15 | 00,286,720 | ---- | C] (Sonix) -- C:\WINDOWS\System32\vsnp2uvc.dll
[2010/01/19 22:23:15 | 00,196,608 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp2uvc.dll
[2010/01/19 22:23:15 | 00,094,208 | ---- | C] (sonix) -- C:\WINDOWS\PLFSetL.exe
[2010/01/19 22:23:12 | 00,172,032 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnp2uvc.dll
[2010/01/19 22:23:12 | 00,000,000 | ---D | C] -- C:\WINDOWS\SUYIN NB Cam
[2010/01/19 22:23:12 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\SNP2UVC
[2010/01/19 22:20:45 | 00,000,000 | --SD | C] -- C:\Documents and Settings\Phillip\Application Data\Microsoft
[2010/01/19 22:20:45 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Phillip\SendTo
[2010/01/19 22:20:45 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Phillip\Recent
[2010/01/19 22:20:45 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Phillip\Application Data
[2010/01/19 22:20:45 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Phillip\Start Menu
[2010/01/19 22:20:45 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Phillip\My Documents\My Pictures
[2010/01/19 22:20:45 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Phillip\My Documents\My Music
[2010/01/19 22:20:45 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Phillip\My Documents
[2010/01/19 22:20:45 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Phillip\Favorites
[2010/01/19 22:20:45 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\Phillip\Cookies
[2010/01/19 22:20:45 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\Phillip\Templates
[2010/01/19 22:20:45 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\Phillip\PrintHood
[2010/01/19 22:20:45 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\Phillip\NetHood
[2010/01/19 22:20:45 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\Phillip\Local Settings
[2010/01/19 22:20:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phillip\Application Data\Super-Cow
[2010/01/19 22:20:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phillip\Local Settings\Application Data\Oberon Games
[2010/01/19 22:20:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phillip\My Documents\My Google Gadgets
[2010/01/19 22:20:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phillip\Local Settings\Application Data\Microsoft Help
[2010/01/19 22:20:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phillip\Local Settings\Application Data\Microsoft
[2010/01/19 22:20:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phillip\Application Data\Macromedia
[2010/01/19 22:20:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phillip\Application Data\InstallShield
[2010/01/19 22:20:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phillip\Application Data\Identities
[2010/01/19 22:20:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phillip\Local Settings\Application Data\Grubby Games
[2010/01/19 22:20:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phillip\Local Settings\Application Data\Google
[2010/01/19 22:20:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phillip\Desktop
[2010/01/19 22:20:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phillip\Application Data\Adobe
[2010/01/19 22:20:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phillip\Application Data\Acer GameZone Console
[2010/01/19 22:20:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Phillip\Application Data\Acer
[2009/03/11 07:53:14 | 00,049,152 | ---- | C] ( ) -- C:\WINDOWS\Interop.IWshRuntimeLibrary.dll
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 60 Days ==========

[2010/02/13 19:04:53 | 01,572,864 | -H-- | M] () -- C:\Documents and Settings\Phillip\NTUSER.DAT
[2010/02/13 19:04:53 | 00,000,178 | -HS- | M] () -- C:\Documents and Settings\Phillip\ntuser.ini
[2010/02/13 19:04:42 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/02/13 19:04:42 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/02/13 19:04:40 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/02/13 19:04:38 | 10,631,98720 | -HS- | M] () -- C:\hiberfil.sys
[2010/02/01 08:52:25 | 00,262,144 | -H-- | M] () -- C:\Documents and Settings\LocalService\NTUSER.DAT
[2010/02/01 08:52:25 | 00,241,664 | -H-- | M] () -- C:\Documents and Settings\NetworkService\NTUSER.DAT
[2010/02/01 08:00:19 | 00,511,030 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/02/01 08:00:19 | 00,434,266 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/02/01 08:00:19 | 00,068,386 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/02/01 07:21:12 | 01,048,576 | -H-- | M] () -- C:\Documents and Settings\Administrator\NTUSER.DAT
[2010/02/01 07:21:12 | 00,000,178 | -HS- | M] () -- C:\Documents and Settings\Administrator\ntuser.ini
[2010/01/30 18:47:42 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\6334.exe
[2010/01/30 18:27:42 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\18467.exe
[2010/01/30 18:07:42 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\41.exe
[2010/01/30 18:07:41 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\IS15.exe
[2010/01/30 18:07:40 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\helper32.dll
[2010/01/27 01:32:04 | 00,000,001 | ---- | M] () -- C:\s
[2010/01/25 04:01:56 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/01/25 02:33:31 | 00,000,790 | ---- | M] () -- C:\Documents and Settings\Phillip\Desktop\Windows Media Player.lnk
[2010/01/25 02:21:56 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/01/25 02:21:56 | 00,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/01/25 02:21:56 | 00,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/01/25 02:21:56 | 00,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010/01/25 02:21:53 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deploytk.dll
[2010/01/25 02:14:00 | 00,781,779 | ---- | M] () -- C:\Documents and Settings\Phillip\Desktop\Picture.jpg
[2010/01/25 01:18:43 | 00,000,177 | ---- | M] () -- C:\Documents and Settings\Phillip\Application Data\default.pls
[2010/01/25 01:17:40 | 00,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010/01/23 12:44:18 | 04,837,526 | -H-- | M] () -- C:\Documents and Settings\Phillip\Local Settings\Application Data\IconCache.db
[2010/01/23 12:41:00 | 00,005,632 | ---- | M] () -- C:\Documents and Settings\Phillip\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/01/23 12:33:00 | 00,001,024 | ---- | M] () -- C:\Documents and Settings\Phillip\.rnd
[2010/01/23 12:25:33 | 00,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2010/01/20 06:26:52 | 00,059,832 | ---- | M] () -- C:\Documents and Settings\Phillip\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/01/20 06:26:42 | 00,246,312 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/01/19 23:17:20 | 00,005,208 | ---- | M] () -- C:\WINDOWS\System32\pid.PNF
[2010/01/19 23:15:38 | 00,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2010/01/19 23:13:47 | 00,000,734 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\HOSTS
[2010/01/19 23:13:28 | 00,001,624 | ---- | M] () -- C:\WINDOWS\tasks\wrSpySweeper_L6895D5156109491AB55157346BBD32FD.job
[2010/01/19 22:59:57 | 00,000,164 | ---- | M] () -- C:\WINDOWS\install.dat
[2010/01/19 22:24:41 | 00,002,574 | ---- | M] () -- C:\WINDOWS\CLEANUP.CMD
[2010/01/19 22:20:00 | 00,037,761 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2010/01/19 22:19:57 | 00,000,211 | RHS- | M] () -- C:\boot.ini
[2009/12/21 14:14:05 | 01,208,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\urlmon.dll
[2009/12/21 14:14:05 | 00,916,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wininet.dll
[2009/12/21 14:14:04 | 05,942,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2009/12/21 14:14:04 | 00,206,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\occache.dll
[2009/12/21 14:14:03 | 01,985,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2009/12/21 14:14:03 | 01,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcpl.cpl
[2009/12/21 14:14:03 | 01,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcpl.cpl
[2009/12/21 14:14:03 | 00,594,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeeds.dll
[2009/12/21 14:14:03 | 00,594,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2009/12/21 14:14:03 | 00,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iepeers.dll
[2009/12/21 14:14:03 | 00,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iepeers.dll
[2009/12/21 14:14:03 | 00,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeedsbs.dll
[2009/12/21 14:14:03 | 00,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2009/12/21 14:14:03 | 00,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\jsproxy.dll
[2009/12/21 14:14:03 | 00,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsproxy.dll
[2009/12/21 14:14:02 | 11,070,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2009/12/21 14:14:01 | 00,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iedkcs32.dll
[2009/12/21 14:14:01 | 00,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedkcs32.dll
[2009/12/21 08:19:18 | 00,173,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ie4uinit.exe
[2009/12/21 08:19:18 | 00,173,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ie4uinit.exe
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/02/01 07:23:25 | 10,631,98720 | -HS- | C] () -- C:\hiberfil.sys
[2010/01/30 20:34:34 | 01,048,576 | -H-- | C] () -- C:\Documents and Settings\Administrator\NTUSER.DAT
[2010/01/30 20:34:34 | 00,000,178 | -HS- | C] () -- C:\Documents and Settings\Administrator\ntuser.ini
[2010/01/30 18:47:42 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\6334.exe
[2010/01/28 02:51:05 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\18467.exe
[2010/01/27 02:09:26 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\IS15.exe
[2010/01/27 02:09:26 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\41.exe
[2010/01/27 02:09:24 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\helper32.dll
[2010/01/27 01:32:04 | 00,000,001 | ---- | C] () -- C:\s
[2010/01/25 02:33:31 | 00,000,790 | ---- | C] () -- C:\Documents and Settings\Phillip\Desktop\Windows Media Player.lnk
[2010/01/25 01:11:47 | 00,000,177 | ---- | C] () -- C:\Documents and Settings\Phillip\Application Data\default.pls
[2010/01/25 01:11:09 | 00,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010/01/23 12:32:58 | 00,001,024 | ---- | C] () -- C:\Documents and Settings\Phillip\.rnd
[2010/01/20 07:45:56 | 00,005,632 | ---- | C] () -- C:\Documents and Settings\Phillip\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/01/19 23:15:38 | 00,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2010/01/19 23:13:28 | 00,001,624 | ---- | C] () -- C:\WINDOWS\tasks\wrSpySweeper_L6895D5156109491AB55157346BBD32FD.job
[2010/01/19 22:59:52 | 00,000,164 | ---- | C] () -- C:\WINDOWS\install.dat
[2010/01/19 22:23:15 | 01,769,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\snp2uvc.sys
[2010/01/19 22:23:15 | 00,028,160 | ---- | C] () -- C:\WINDOWS\System32\drivers\sncduvc.sys
[2010/01/19 22:23:15 | 00,000,245 | ---- | C] () -- C:\WINDOWS\PidList.ini
[2010/01/19 22:20:45 | 00,000,178 | -HS- | C] () -- C:\Documents and Settings\Phillip\ntuser.ini
[2010/01/19 22:20:44 | 01,572,864 | -H-- | C] () -- C:\Documents and Settings\Phillip\NTUSER.DAT
[2009/03/12 01:47:07 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2009/03/12 00:55:36 | 00,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4926.dll
[2009/03/12 00:10:15 | 00,006,782 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2009/03/12 00:05:25 | 00,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini

========== LOP Check ==========

[2009/03/12 01:32:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Acer
[2009/03/12 01:06:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Acer GameZone Console
[2009/03/12 01:27:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Super-Cow
[2009/03/12 01:32:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Phillip\Application Data\Acer
[2009/03/12 01:06:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Phillip\Application Data\Acer GameZone Console
[2009/03/12 01:27:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Phillip\Application Data\Super-Cow
[2010/01/19 23:13:28 | 00,001,624 | ---- | M] () -- C:\WINDOWS\Tasks\wrSpySweeper_L6895D5156109491AB55157346BBD32FD.job

========== Purity Check ==========


< End of report >

Edited by Orange Blossom, 20 February 2010 - 03:35 PM.
Move to log forum. ~ OB


BC AdBot (Login to Remove)

 


#2 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:08:13 AM

Posted 20 February 2010 - 07:21 PM

Hi,

Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.
  • Please subscribe to this topic, if you haven't already. You can subscribe by clicking the Options box to the right of your topic title and selecting Track This Topic.

  • Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.

  • Please reply to this post so I know you are there.
The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.

Once I receive a reply then I will return with your first instructions.

Thanks thumbup2.gif
Posted Image
m0le is a proud member of UNITE

#3 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:08:13 AM

Posted 25 February 2010 - 07:38 PM

This topic has been closed.

If you're the topic starter, and need this topic reopened, please contact me via pm with the address of the thread.

Everyone else please begin a New Topic.
Posted Image
m0le is a proud member of UNITE




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users