Wireshark virus - Page 2
Page 2 of 6 FirstFirst 1234 ... LastLast
Results 16 to 30 of 90

Thread: Wireshark virus

  1. August 15th, 2010, 03:21 PM #16
    timmyb74
    timmyb74 is offline Virtual Intern
    Join Date
    Nov 2000
    Location
    Hollansburg, OH, USA
    Posts
    272
    I don't have a clue what program burns the CDs. A bad CD is always a possibility, but the program is listed as being there. I can try again on a different computer if you think that would help.
    Windows 7 Ultimate, Service Pack 1

    AMD FX-4170 Quad-Core Processor 4.2 Ghz

    8.0 GB RAM

    64-bit Operating System
    Reply With Quote Reply With Quote
  2. August 15th, 2010, 03:27 PM #17
    Broni's Avatar
    Broni
    Broni is offline Friend of Site Staff
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    I don't have a clue what program burns the CDs
    Sorry for that. I got mixed up with something else.
    Try another download and make sure, downloaded file is about 120,9 MB in size.
    My Home Page
    Reply With Quote Reply With Quote
  3. August 15th, 2010, 03:32 PM #18
    timmyb74
    timmyb74 is offline Virtual Intern
    Join Date
    Nov 2000
    Location
    Hollansburg, OH, USA
    Posts
    272
    The one I currently have is 123,881 kb. I will download it again.
    Windows 7 Ultimate, Service Pack 1

    AMD FX-4170 Quad-Core Processor 4.2 Ghz

    8.0 GB RAM

    64-bit Operating System
    Reply With Quote Reply With Quote
  4. August 15th, 2010, 03:38 PM #19
    Broni's Avatar
    Broni
    Broni is offline Friend of Site Staff
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    123,881KB=120,9MB, so it's about right, but you can try another download anyway.
    My Home Page
    Reply With Quote Reply With Quote
  6. August 15th, 2010, 03:43 PM #20
    Broni's Avatar
    Broni
    Broni is offline Friend of Site Staff
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    To prevent you burning another coaster...
    After downloading, don't burn anything yet.
    I'd like to check file's MD5 number first, so....

    Please download SystemLook from one of the links below and save it to your Desktop.
    Download Mirror #1
    Download Mirror #2
    • Double-click SystemLook.exe to run it.
    • Vista users:: Right click on SystemLook.exe, click Run As Administrator
    • Copy the content of the following box into the main textfield:
      Code:
      :filefind
otlpenet.exe
    • Click the Look button to start the scan.
    • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
    Note: The log can also be found on your Desktop entitled SystemLook.txt
    My Home Page
    Reply With Quote Reply With Quote
  7. August 15th, 2010, 03:52 PM #21
    timmyb74
    timmyb74 is offline Virtual Intern
    Join Date
    Nov 2000
    Location
    Hollansburg, OH, USA
    Posts
    272
    It couldn't find the file. How do I get it to check the flash drive?
    Windows 7 Ultimate, Service Pack 1

    AMD FX-4170 Quad-Core Processor 4.2 Ghz

    8.0 GB RAM

    64-bit Operating System
    Reply With Quote Reply With Quote
  8. August 15th, 2010, 03:54 PM #22
    Broni's Avatar
    Broni
    Broni is offline Friend of Site Staff
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    Transfer the file to your computer (desktop?)
    My Home Page
    Reply With Quote Reply With Quote
  9. August 15th, 2010, 08:40 PM #23
    timmyb74
    timmyb74 is offline Virtual Intern
    Join Date
    Nov 2000
    Location
    Hollansburg, OH, USA
    Posts
    272
    Sorry that took so long. When you are borrowing a computer sometimes they want it back NOW! Anyway, here is what I found by following your instructions.


    SystemLook v1.0 by jpshortstuff (11.01.10)
    Log created at 20:35 on 15/08/2010 by Beech Grove (Administrator - Elevation successful)

    ========== filefind ==========

    Searching for "otlpenet.exe"
    C:\Users\Guest\Desktop\OTLPENet.exe --a--- 126853622 bytes [00:31 16/08/2010] [19:40 15/08/2010] 0133A7F369038E1C4F267EB570573A93

    -=End Of File=-
    Windows 7 Ultimate, Service Pack 1

    AMD FX-4170 Quad-Core Processor 4.2 Ghz

    8.0 GB RAM

    64-bit Operating System
    Reply With Quote Reply With Quote
  11. August 15th, 2010, 08:58 PM #24
    Broni's Avatar
    Broni
    Broni is offline Friend of Site Staff
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    MD5 number checks out, so you can burn the CD.
    My Home Page
    Reply With Quote Reply With Quote
  12. August 15th, 2010, 09:25 PM #25
    timmyb74
    timmyb74 is offline Virtual Intern
    Join Date
    Nov 2000
    Location
    Hollansburg, OH, USA
    Posts
    272
    Success! I now have to answer yes or no to:
    'Do you wish to load remote user profile(s) for scanning"

    Sorry I'm being so anal, but I've already made one big mess. I don't want to make it worse!

    It's getting kinda late for me (I'm an old timer) and I have to get up at 5 AM to go to work. I'm lettin my son Samuel take over for the rest of the evening or for however long you choose to stick with it tonight. He's a lot more computer savvy than I am anyway. Thanks for being there!
    Last edited by timmyb74; August 15th, 2010 at 09:35 PM. Reason: additional information
    Windows 7 Ultimate, Service Pack 1

    AMD FX-4170 Quad-Core Processor 4.2 Ghz

    8.0 GB RAM

    64-bit Operating System
    Reply With Quote Reply With Quote
  13. August 15th, 2010, 09:57 PM #26
    Broni's Avatar
    Broni
    Broni is offline Friend of Site Staff
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    Good

    'Do you wish to load remote user profile(s) for scanning"
    Yes.
    My Home Page
    Reply With Quote Reply With Quote
  14. August 15th, 2010, 10:06 PM #27
    timmyb74
    timmyb74 is offline Virtual Intern
    Join Date
    Nov 2000
    Location
    Hollansburg, OH, USA
    Posts
    272
    OK. I have now started the scan and am just waiting for it to finish.
    Windows 7 Ultimate, Service Pack 1

    AMD FX-4170 Quad-Core Processor 4.2 Ghz

    8.0 GB RAM

    64-bit Operating System
    Reply With Quote Reply With Quote
  15. August 15th, 2010, 10:22 PM #28
    Broni's Avatar
    Broni
    Broni is offline Friend of Site Staff
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    Cool
    My Home Page
    Reply With Quote Reply With Quote
  16. August 15th, 2010, 10:31 PM #29
    timmyb74
    timmyb74 is offline Virtual Intern
    Join Date
    Nov 2000
    Location
    Hollansburg, OH, USA
    Posts
    272
    This is the scan report.

    OTL logfile created on: 8/15/2010 11:03:47 PM - Run
    OTLPE by OldTimer - Version 3.1.40.0 Folder = X:\Programs\OTLPE
    Microsoft Windows XP Service Pack 2 (Version = 5.1.2600) - Type = SYSTEM
    Internet Explorer (Version = 8.0.6001.18372)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 92.00% Memory free
    3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
    Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 298.08 Gb Total Space | 37.63 Gb Free Space | 12.62% Space Free | Partition Type: NTFS
    D: Drive not present or media not loaded
    E: Drive not present or media not loaded
    F: Drive not present or media not loaded
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded
    Drive X: | 433.24 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

    Computer Name: REATOGO
    Current User Name: SYSTEM
    Logged in as Administrator.

    Current Boot Mode: Normal
    Scan Mode: All users
    Company Name Whitelist: Off
    Skip Microsoft Files: Off
    File Age = 30 Days
    Output = Standard
    Using ControlSet: ControlSet001

    ========== Win32 Services (SafeList) ==========

    SRV - File not found [On_Demand] -- C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe -- (NBService)
    SRV - File not found [Disabled] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
    SRV - [2010/08/14 14:49:08 | 000,059,904 | ---- | M] () [Auto] -- C:\Program Files\csrss.exe -- (QTUpdate)
    SRV - [2010/07/15 09:59:44 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
    SRV - [2010/06/10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
    SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
    SRV - [2009/08/18 12:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
    SRV - [2009/03/26 16:04:26 | 000,126,976 | ---- | M] () [Auto] -- C:\WINDOWS\system32\UAService7.exe -- (UserAccess7) SecuROM User Access Service (V7)
    SRV - [2009/02/16 20:39:00 | 002,736,890 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc)
    SRV - [2007/12/14 00:27:34 | 000,212,992 | ---- | M] (IDT, Inc.) [Auto] -- c:\Program Files\IDT\ECSXPV_5762_010208\WDM\stacsv.exe -- (STacSV)
    SRV - [2007/10/25 15:27:54 | 000,266,240 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc)
    SRV - [2007/07/11 18:25:20 | 000,025,640 | R--- | M] (Amazon.com) [Auto] -- C:\Program Files\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe -- (ADVService)
    SRV - [2004/03/18 16:55:48 | 000,065,536 | ---- | M] (HP) [On_Demand] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)


    ========== Driver Services (SafeList) ==========

    DRV - File not found [Kernel | Auto] -- C:\WINDOWS\System32\DRIVERS\zumbus.sys -- (zumbus)
    DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
    DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
    DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
    DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
    DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
    DRV - File not found [Kernel | System] -- -- (PCIDump)
    DRV - File not found [Kernel | On_Demand] -- C:\DOCUME~1\Pam\LOCALS~1\Temp\mdxgthkn.sys -- (mdxgthkn)
    DRV - File not found [Kernel | System] -- -- (lbrtfdc)
    DRV - File not found [Kernel | System] -- -- (i2omgmt)
    DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\EagleNT.sys -- (EagleNT)
    DRV - File not found [Kernel | System] -- -- (Changer)
    DRV - [2010/07/15 09:59:48 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)
    DRV - [2010/07/15 09:59:16 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
    DRV - [2010/06/16 05:48:18 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
    DRV - [2010/06/02 09:31:50 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
    DRV - [2010/05/15 00:08:14 | 000,039,480 | ---- | M] (NCH Software) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\stdriver32.sys -- (stdriver)
    DRV - [2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
    DRV - [2010/02/27 15:36:47 | 000,012,872 | ---- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
    DRV - [2010/02/27 15:36:46 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
    DRV - [2009/07/24 23:15:31 | 000,004,096 | ---- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nocashio.sys -- (nocashio)
    DRV - [2009/02/12 21:01:22 | 000,085,969 | ---- | M] (GMER) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\gmer.sys -- (gmer)
    DRV - [2008/08/14 05:48:52 | 000,138,368 | ---- | M] () [Kernel | System] -- C:\WINDOWS\System32\drivers\afd.sys -- (AFD)
    DRV - [2008/02/26 01:51:43 | 002,863,616 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
    DRV - [2008/01/03 10:10:16 | 000,105,856 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
    DRV - [2007/12/14 00:28:20 | 001,270,872 | ---- | M] (IDT, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
    DRV - [2007/10/11 08:40:12 | 000,009,096 | R--- | M] (Advanced Micro Devices) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\amdide.sys -- (amdide)
    DRV - [2007/07/20 13:40:10 | 000,084,992 | R--- | M] (ATI Research Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
    DRV - [2006/11/02 08:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)
    DRV - [2005/01/07 17:07:18 | 000,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
    DRV - [2005/01/04 14:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\npptNT2.sys -- (NPPTNT2)
    DRV - [2004/10/07 21:16:04 | 000,035,840 | ---- | M] (Oak Technology Inc.) [Kernel | System] -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K)
    DRV - [2004/08/03 22:59:52 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
    DRV - [2002/07/17 08:05:10 | 000,016,512 | ---- | M] (Adaptec) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (ASPI)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =


    IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5577

    IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\LocalService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\NetworkService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\Pam_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
    IE - HKU\Pam_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
    IE - HKU\Pam_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.ask.com?o=15191&l=dis
    IE - HKU\Pam_ON_C\..\URLSearchHook: {9927cacb-7863-42b4-95ab-7446332b7c59} - Reg Error: Key error. File not found
    IE - HKU\Pam_ON_C\..\URLSearchHook: {9ee802e8-c931-47ab-b570-aa8f791598ca} - Reg Error: Key error. File not found
    IE - HKU\Pam_ON_C\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
    IE - HKU\Pam_ON_C\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
    IE - HKU\Pam_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKU\Pam_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
    IE - HKU\Pam_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5577

    IE - HKU\systemprofile_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\Tim_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page =
    IE - HKU\Tim_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = www.yahoo.com
    IE - HKU\Tim_ON_C\..\URLSearchHook: *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Reg Error: Key error. File not found
    IE - HKU\Tim_ON_C\..\URLSearchHook: *{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
    IE - HKU\Tim_ON_C\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
    IE - HKU\Tim_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
    IE - HKU\Tim_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
    IE - HKU\Tim_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5577

    ========== FireFox ==========


    FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/08/14 15:07:07 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/07/29 22:13:47 | 000,000,000 | ---D | M]

    [2010/08/14 15:07:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions
    [2010/08/14 15:07:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cxpnmv58.default\extensions
    [2010/08/12 21:24:11 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
    [2009/11/17 17:45:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE11953374}
    [2009/07/17 04:40:12 | 000,704,512 | ---- | M] (BitComet) -- C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll
    [2008/09/03 20:11:24 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll
    [2009/12/10 18:39:28 | 000,393,216 | ---- | M] (Invenda Corporation) -- C:\Program Files\Mozilla Firefox\plugins\NPcol400.dll
    [2008/06/18 02:43:04 | 000,086,016 | ---- | M] (Coupons, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll
    [2009/01/28 23:08:04 | 000,132,528 | ---- | M] (NHN USA Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npijjiCHPlugin.dll
    [2008/09/10 03:39:42 | 000,075,184 | ---- | M] (NHN USA Inc. ) -- C:\Program Files\Mozilla Firefox\plugins\npijjiFFPlugin1.dll
    [2007/03/09 19:16:44 | 000,189,496 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll
    [2010/03/24 11:34:04 | 000,002,456 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\iMeshWebSearch.xml

    O1 HOSTS File: ([2010/06/30 19:03:40 | 000,000,736 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
    O2 - BHO: (ADC PlugIn) - {19090308-636D-4e9b-A1CE-A647B6F794BF} - C:\Program Files\shk_v10.dll (Intsys)
    O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
    O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
    O2 - BHO: (BrowserHelper Class) - {8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6} - C:\Program Files\SGPSA\SearchAssistant.dll (Make The Web Better, LLC)
    O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
    O2 - BHO: (TBSB05974 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\Search Toolbar\tbcore3.dll ()
    O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
    O3 - HKLM\..\Toolbar: (Search Toolbar) - {0C8413C1-FAD1-446C-8584-BE50576F863E} - C:\Program Files\Search Toolbar\tbcore3.dll ()
    O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
    O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
    O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Search Toolbar) - {0C8413C1-FAD1-446C-8584-BE50576F863E} - C:\Program Files\Search Toolbar\tbcore3.dll ()
    O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
    O3 - HKU\Pam_ON_C\..\Toolbar\WebBrowser: (no name) - {0388BA0C-C7F1-4E6A-BD7A-B59623F33363} - No CLSID value found.
    O3 - HKU\Pam_ON_C\..\Toolbar\WebBrowser: (no name) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - No CLSID value found.
    O3 - HKU\Pam_ON_C\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
    O3 - HKU\Pam_ON_C\..\Toolbar\WebBrowser: (no name) - {9927CACB-7863-42B4-95AB-7446332B7C59} - No CLSID value found.
    O3 - HKU\Pam_ON_C\..\Toolbar\WebBrowser: (no name) - {9EE802E8-C931-47AB-B570-AA8F791598CA} - No CLSID value found.
    O3 - HKU\Pam_ON_C\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
    O3 - HKU\Tim_ON_C\..\Toolbar\WebBrowser: (no name) - {0388BA0C-C7F1-4E6A-BD7A-B59623F33363} - No CLSID value found.
    O3 - HKU\Tim_ON_C\..\Toolbar\WebBrowser: (Search Toolbar) - {0C8413C1-FAD1-446C-8584-BE50576F863E} - C:\Program Files\Search Toolbar\tbcore3.dll ()
    O3 - HKU\Tim_ON_C\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
    O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
    O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
    O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
    O4 - HKLM..\Run: [CamMonitor] C:\Program Files\Hewlett-Packard\Digital Imaging\\Unload\hpqcmon.exe ()
    O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
    O4 - HKLM..\Run: [EnGraph QuickTimeKiller] C:\Program Files\EnGraph\QuicktimeKiller\QuickTimeKiller.exe ( )
    O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe (Nero AG)
    O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
    O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
    O4 - HKU\Administrator_ON_C..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Gerhard Schlager)
    O4 - HKU\Pam_ON_C..\Run: [ap.exe] C:\Documents and Settings\Pam\Application Data\PCenter\ap.exe ()
    O4 - HKU\Pam_ON_C..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe File not found
    O4 - HKU\Pam_ON_C..\Run: [BitTorrent DNA] C:\Program Files\DNA\btdna.exe (BitTorrent, Inc.)
    O4 - HKU\Pam_ON_C..\Run: [ccleaner] C:\Program Files\CCleaner\ccleaner.exe (Piriform Ltd)
    O4 - HKU\Pam_ON_C..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Gerhard Schlager)
    O4 - HKU\Pam_ON_C..\Run: [DirectPlayerCore] C:\Program Files\NBC Direct\DirectPlayerCore.exe (NBC Universal)
    O4 - HKU\Pam_ON_C..\Run: [DW6] C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe File not found
    O4 - HKU\Pam_ON_C..\Run: [MalwareBot] C:\Program Files\MalwareBot\MalwareBot.exe File not found
    O4 - HKU\Pam_ON_C..\Run: [MsnMsgr] C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe File not found
    O4 - HKU\Tim_ON_C..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe File not found
    Windows 7 Ultimate, Service Pack 1

    AMD FX-4170 Quad-Core Processor 4.2 Ghz

    8.0 GB RAM

    64-bit Operating System
    Reply With Quote Reply With Quote
  17. August 15th, 2010, 10:32 PM #30
    timmyb74
    timmyb74 is offline Virtual Intern
    Join Date
    Nov 2000
    Location
    Hollansburg, OH, USA
    Posts
    272

    Its to big for one post.

    O4 - HKU\Tim_ON_C..\Run: [Uniblue RegistryBooster 2009] C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe (Uniblue Systems Limited)
    O4 - HKU\Administrator_ON_C..\RunOnce: [NeroHomeFirstStart] C:\Program Files\Common Files\Nero\Lib\NMFirstStart.exe (Nero AG)
    O4 - HKU\Pam_ON_C..\RunOnce: [Shockwave Updater] C:\WINDOWS\System32\Adobe\SHOCKW~1\SWHELP~3.EXE -Update -1103472 -Mozilla\4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident\4.0; File not found
    O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe (Eastman Kodak Company)
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
    O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\Pam_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\systemprofile_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\Tim_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/downlo...eckControl.cab (Windows Genuine Advantage Validation Tool)
    O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} http://dl.tvunetworks.com/TVUAx.cab (CTVUAxCtrl Object)
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx2.hotmail.com/mail/w3/resources/MSNPUpld.cab (MSN Photo Upload Tool)
    O16 - DPF: {549F957E-2F89-11D6-8CFE-00C04F52B225} http://coupons.smartsource.com/download/cscmv5X.cab (CMV5 Class)
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitdefender.com/reso...an8/oscan8.cab (BDSCANONLINE Control)
    O16 - DPF: {680285A8-96D3-43DA-9D3D-51DD987D0B77} http://www.nero.com/doc/NeroVersionCheckerControl.cab (NeroVersionCheckerControl Control)
    O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} http://www.acclaim.com/cabs/acclaim_v5.cab (GameLauncher Control)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_11)
    O16 - DPF: {A7EA8AD2-287F-11D3-B120-006008C39542} http://offers.e-centives.com/cif/dow...in/actxcab.cab (CBSTIEPrint Class)
    O16 - DPF: {B49C4597-8721-4789-9250-315DFBD9F525} http://cdn.digitalcity.com/radio/amp...1.11_en_dl.cab (IWinAmpActiveX Class)
    O16 - DPF: {BEA7310D-06C4-4339-A784-DC3804819809} http://www.cvsphoto.com/upload/activ...eX_Control.cab (Photo Upload Plugin Class)
    O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jin...ndows-i586.cab (Java Plug-in 1.5.0)
    O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_07)
    O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_11)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_11)
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/ge...nt/swflash.cab (Shockwave Flash Object)
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
    http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
    O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
    O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
    O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
    O20 - AppInit_DLLs: (C:\PROGRA~1\IMESHA~1\MediaBar\DataMngr\datamngr.dll) - C:\PROGRA~1\IMESHA~1\MediaBar\DataMngr\datamngr.dll File not found
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
    O20 - HKU\Pam_ON_C Winlogon: Shell - (C:\Documents and Settings\Pam\Application Data\PCenter\sp.exe) - C:\Documents and Settings\Pam\Application Data\PCenter\sp.exe ()
    O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
    O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll -
    C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
    O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
    O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2008/09/03 10:11:30 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
    O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- C:\Program Files\conhost.exe "%1" %* ()
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- C:\Program Files\conhost.exe "%1" %* ()

    ========== Files/Folders - Created Within 30 Days ==========

    [2010/08/14 18:24:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pam\Application Data\PCenter
    [2010/08/14 15:07:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla
    [2010/08/14 15:07:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Mozilla
    [2010/08/14 15:05:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Share-to-Web Upload Folder
    [2010/08/14 14:53:38 | 000,000,000 | ---D | C] -- C:\Program Files\scdata
    [2010/08/14 14:49:10 | 000,372,224 | ---- | C] (Intsys) -- C:\Program Files\shk_v10.dll
    [2010/08/14 14:49:05 | 000,000,000 | ---D | C] -- C:\Program Files\Wireshark Antivirus
    [2010/08/14 14:47:02 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Pam\Recent
    [2010/08/11 23:04:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\BDOSCAN8
    [2010/08/11 22:58:15 | 001,870,800 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Pam\My Documents\HousecallLauncher.exe
    [2010/08/11 22:11:46 | 000,000,000 | ---D | C] -- C:\NetworkControl
    [2010/08/11 11:59:06 | 000,000,000 | R--D | C] -- C:\Documents and Settings\LocalService\Favorites
    [2010/08/09 05:34:47 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Tim\Recent
    [2010/08/06 22:25:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pam\Desktop\Knight Rider (2008)
    [2010/08/04 16:18:36 | 000,094,208 | ---- | C] (Blizzard Entertainment) -- C:\WINDOWS\ScUnin.exe
    [2010/07/22 20:57:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pam\Application Data\KodakCredentialStore
    [2010/07/22 00:00:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pam\My Documents\Red Kawa
    [2010/07/22 00:00:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pam\Application Data\Red Kawa
    [2010/07/20 01:23:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pam\Desktop\ipod directory
    [4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
    [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
    [23 C:\Documents and Settings\Pam\My Documents\*.tmp files -> C:\Documents and Settings\Pam\My Documents\*.tmp -> ]
    [1 C:\*.tmp files -> C:\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2010/08/15 23:03:08 | 000,786,432 | ---- | M] () -- C:\Documents and Settings\Administrator\ntuser.dat
    [2010/08/15 21:12:46 | 000,000,060 | ---- | M] () -- C:\Program Files\sh4.dat
    [2010/08/15 21:12:46 | 000,000,004 | ---- | M] () -- C:\Program Files\sh3.dat
    [2010/08/15 21:10:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
    [2010/08/15 20:33:00 | 000,000,970 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1644491937-926492609-725345543-1003UA.job
    [2010/08/15 19:33:39 | 000,001,188 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1644491937-926492609-725345543-1005.job
    [2010/08/15 19:24:00 | 000,098,304 | ---- | M] () -- C:\Program Files\conhost.exe
    [2010/08/15 19:23:59 | 000,372,224 | ---- | M] (Intsys) -- C:\Program Files\shk_v10.dll
    [2010/08/15 19:23:57 | 000,001,550 | ---- | M] () -- C:\Wireshark Antivirus.lnk
    [2010/08/15 19:23:39 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
    [2010/08/15 19:23:36 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
    [2010/08/15 19:22:50 | 000,233,472 | ---- | M] () -- C:\Documents and Settings\NetworkService\NTUSER.DAT
    [2010/08/15 19:22:50 | 000,229,376 | ---- | M] () -- C:\Documents and Settings\LocalService\NTUSER.DAT
    [2010/08/15 15:33:00 | 000,000,918 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1644491937-926492609-725345543-1003Core.job
    [2010/08/15 15:15:45 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
    [2010/08/15 15:15:44 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
    [2010/08/14 20:37:33 | 003,932,160 | ---- | M] () -- C:\Documents and Settings\Tim\ntuser.dat
    [2010/08/14 20:37:33 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Tim\ntuser.ini
    [2010/08/14 19:20:49 | 011,272,192 | ---- | M] () -- C:\Documents and Settings\Pam\ntuser.dat
    [2010/08/14 19:20:49 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Pam\ntuser.ini
    [2010/08/14 15:08:28 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Administrator\ntuser.ini
    [2010/08/14 14:49:09 | 000,000,009 | ---- | M] () -- C:\Program Files\nuar.old
    [2010/08/14 14:49:08 | 000,059,904 | ---- | M] () -- C:\Program Files\csrss.exe
    [2010/08/14 14:49:08 | 000,000,036 | ---- | M] () -- C:\Program Files\skynet.dat
    [2010/08/14 14:49:07 | 000,001,684 | ---- | M] () -- C:\Documents and Settings\Pam\Desktop\Wireshark Antivirus.lnk
    [2010/08/13 13:55:44 | 000,398,744 | R--- | M] (Coupons, Inc.) -- C:\WINDOWS\System32\cpnprt2.cid
    [2010/08/12 06:33:30 | 000,002,268 | ---- | M] () -- C:\Documents and Settings\Pam\Desktop\Google Chrome.lnk
    [2010/08/12 06:33:30 | 000,002,246 | ---- | M] () -- C:\Documents and Settings\Pam\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
    [2010/08/11 22:58:26 | 001,870,800 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Pam\My Documents\HousecallLauncher.exe
    [2010/08/11 20:29:42 | 000,032,768 | ---- | M] () -- C:\Documents and Settings\Pam\My Documents\Troop Leader Letter.doc
    [2010/08/11 15:28:00 | 000,000,432 | ---- | M] () -- C:\WINDOWS\tasks\EasyShare Registration Task.job
    [2010/08/11 14:29:50 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\Pam\My Documents\Additional Insurance Needed for adults.doc
    [2010/08/09 22:07:39 | 000,033,792 | ---- | M] () -- C:\Documents and Settings\Pam\My Documents\GS Camporee Letter 2010.doc
    [2010/08/09 22:03:53 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Pam\My Documents\~$oop Leader Letter.doc
    [2010/08/09 21:44:55 | 000,031,744 | ---- | M] () -- C:\Documents and Settings\Pam\My Documents\Julain letter.doc
    [2010/08/09 21:44:55 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Pam\My Documents\~$lain letter.doc
    [2010/08/08 21:42:23 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\wavepadShakeIcon.job
    [2010/08/08 21:42:23 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\wavepadDowngrade.job
    [2010/08/07 17:05:19 | 063,049,242 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
    [2010/08/07 12:23:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [2010/08/06 22:35:53 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
    [2010/08/05 15:13:39 | 000,026,112 | ---- | M] () -- C:\Documents and Settings\Pam\My Documents\GS Camporee SCHEDULE 2010.doc
    [2010/08/05 13:27:42 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\Pam\My Documents\GS FREE TIME ACTIVITIES.doc
    [2010/08/05 13:27:42 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Pam\My Documents\~$ FREE TIME ACTIVITIES.doc
    [2010/08/05 11:39:59 | 000,031,744 | ---- | M] () -- C:\Documents and Settings\Pam\My Documents\GS Camporee MENU 2010.doc
    [2010/08/04 16:18:36 | 000,094,208 | ---- | M] (Blizzard Entertainment) -- C:\WINDOWS\ScUnin.exe
    [2010/08/04 16:18:36 | 000,013,044 | ---- | M] () -- C:\WINDOWS\scunin.dat
    [2010/08/04 16:18:36 | 000,000,967 | ---- | M] () -- C:\WINDOWS\ScUnin.pif
    [2010/08/03 07:56:07 | 007,080,179 | ---- | M] () -- C:\Documents and Settings\Pam\My Documents\Picaboo.air
    [2010/08/02 12:36:28 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
    [2010/07/22 21:52:17 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Pam\My Documents\~$ Camporee Letter 2010.doc
    [2010/07/22 10:19:00 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Pam\My Documents\~$ Camporee MENU 2010.doc
    [2010/07/22 09:38:02 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Pam\My Documents\~$ Camporee SCHEDULE 2010.doc
    [2010/07/21 09:22:36 | 001,182,824 | ---- | M] () -- C:\Documents and Settings\Pam\My Documents\campedit3newarrow[1].jpg
    [2010/07/18 13:58:12 | 000,024,576 | ---- | M] () -- C:\Documents and Settings\Tim\My Documents\Dependable Astro AWD won.doc
    [2010/07/17 15:50:59 | 000,020,610 | ---- | M] () -- C:\Documents and Settings\Pam\My Documents\GS Clip art.docm
    [2010/07/17 15:44:54 | 000,000,553 | ---- | M] () -- C:\Documents and Settings\Pam\Desktop\Shortcut to GS Clip art.lnk
    [2010/07/17 15:42:29 | 000,030,208 | ---- | M] () -- C:\Documents and Settings\Pam\My Documents\GS Clip art.doc
    [2010/07/17 15:34:24 | 000,000,796 | ---- | M] () -- C:\Documents and Settings\Pam\Desktop\Shortcut to girl scout leader tent camping.lnk
    [2010/07/17 15:34:13 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\Pam\Desktop\Shortcut to GS promise.lnk
    [2010/07/17 15:33:58 | 000,000,686 | ---- | M] () -- C:\Documents and Settings\Pam\Desktop\Shortcut to GS troop.lnk
    [4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
    [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
    [23 C:\Documents and Settings\Pam\My Documents\*.tmp files -> C:\Documents and Settings\Pam\My Documents\*.tmp -> ]
    [1 C:\*.tmp files -> C:\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2010/08/14 17:20:10 | 000,001,550 | ---- | C] () -- C:\Wireshark Antivirus.lnk
    [2010/08/14 14:49:11 | 000,098,304 | ---- | C] () -- C:\Program Files\conhost.exe
    [2010/08/14 14:49:09 | 000,000,009 | ---- | C] () -- C:\Program Files\nuar.old
    [2010/08/14 14:49:08 | 000,059,904 | ---- | C] () -- C:\Program Files\csrss.exe
    [2010/08/14 14:49:08 | 000,000,060 | ---- | C] () -- C:\Program Files\sh4.dat
    [2010/08/14 14:49:08 | 000,000,036 | ---- | C] () -- C:\Program Files\skynet.dat
    [2010/08/14 14:49:08 | 000,000,004 | ---- | C] () -- C:\Program Files\sh3.dat
    [2010/08/14 14:49:07 | 000,001,684 | ---- | C] () -- C:\Documents and Settings\Pam\Desktop\Wireshark Antivirus.lnk
    [2010/08/11 14:29:50 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\Pam\My Documents\Additional Insurance Needed for adults.doc
    [2010/08/09 22:03:53 | 000,032,768 | ---- | C] () -- C:\Documents and Settings\Pam\My Documents\Troop Leader Letter.doc
    [2010/08/09 22:03:53 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Pam\My Documents\~$oop Leader Letter.doc
    [2010/08/09 21:44:55 | 000,031,744 | ---- | C] () -- C:\Documents and Settings\Pam\My Documents\Julain letter.doc
    [2010/08/09 21:44:55 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Pam\My Documents\~$lain letter.doc
    [2010/08/08 21:42:22 | 000,000,278 | ---- | C] () -- C:\WINDOWS\tasks\wavepadShakeIcon.job
    [2010/08/08 21:42:22 | 000,000,278 | ---- | C] () -- C:\WINDOWS\tasks\wavepadDowngrade.job
    [2010/08/05 13:27:42 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\Pam\My Documents\GS FREE TIME ACTIVITIES.doc
    [2010/08/05 13:27:42 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Pam\My Documents\~$ FREE TIME ACTIVITIES.doc
    [2010/08/04 16:18:36 | 000,013,044 | ---- | C] () -- C:\WINDOWS\scunin.dat
    [2010/08/04 16:18:36 | 000,000,967 | ---- | C] () -- C:\WINDOWS\ScUnin.pif
    [2010/08/03 07:55:45 | 007,080,179 | ---- | C] () -- C:\Documents and Settings\Pam\My Documents\Picaboo.air
    [2010/07/22 21:52:17 | 000,033,792 | ---- | C] () -- C:\Documents and Settings\Pam\My Documents\GS Camporee Letter 2010.doc
    [2010/07/22 21:52:17 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Pam\My Documents\~$ Camporee Letter 2010.doc
    [2010/07/22 10:19:00 | 000,031,744 | ---- | C] () -- C:\Documents and Settings\Pam\My Documents\GS Camporee MENU 2010.doc
    [2010/07/22 10:19:00 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Pam\My Documents\~$ Camporee MENU 2010.doc
    [2010/07/22 09:38:02 | 000,026,112 | ---- | C] () -- C:\Documents and Settings\Pam\My Documents\GS Camporee SCHEDULE 2010.doc
    [2010/07/22 09:38:02 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Pam\My Documents\~$ Camporee SCHEDULE 2010.doc
    [2010/07/21 09:29:02 | 001,182,824 | ---- | C] () -- C:\Documents and
    Windows 7 Ultimate, Service Pack 1

    AMD FX-4170 Quad-Core Processor 4.2 Ghz

    8.0 GB RAM

    64-bit Operating System
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules