Jump to content

lizard1231

Members
 View Profile  See their activity

  • Posts

    13

  • Joined

  • Last visited

 Content Type 

Everything posted by lizard1231

  1. lizard1231
    i found out how to fix it
  2. lizard1231
    I ran TDSS Killer and it didnt find any viruses
  3. lizard1231
    The Virus closes all of my programs and will not allow me to re-open them. I went into Safe Mode with Networking but the internet still wont work. I cannot update my MBAM and the scan is not finding anything.
  4. lizard1231
    Its been working fine. Thanks
  5. lizard1231
    Yup... that worked ComboFix 11-04-24.01 - Lizzie 04/24/2011 15:28:00.1.2 - x86 Microsoft
  6. lizard1231
    All it gets to is the little green bar tell me its loading
  7. lizard1231
    it still crashes my computer once i start to run it
  8. lizard1231
    So i have ran the program in both regular and safe mode, and it scanned for about 5-10 minutes but then a pop-up appears and say that it stopped working.
  9. lizard1231
    SystemLook 04.09.10 by jpshortstuff Log created at 18:55 on 17/04/2011 by Lizard1231 Administrator - Elevation successful ========== filefind ========== Searching for "volsnap.sys" C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_volume.inf_31bf3856ad364e35_6.0.6002.18005_none_17a2308cf936c619\volsnap.sys --a---- 226280 bytes [01:45 18/09/2009] [06:32 11/04/2009] 147281C01FCB1DF9252DE2A10D5E7093 C:\Windows\System32\drivers\volsnap.sys --a---- 227896 bytes [02:32 21/01/2008] [02:32 21/01/2008] D8B4A53DD2769F226B3EB374374987C9 C:\Windows\System32\DriverStore\FileRepository\volume.inf_9320b452\volsnap.sys --a---- 208488 bytes [10:25 02/11/2006] [09:51 02/11/2006] 11EF6C1CAEF76B685233450A126125D6 C:\Windows\System32\DriverStore\FileRepository\volume.inf_f53a1785\volsnap.sys --a---- 227896 bytes [02:32 21/01/2008] [02:32 21/01/2008] D8B4A53DD2769F226B3EB374374987C9 C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.0.6001.18000_none_15b6b780fc14facd\volsnap.sys --a---- 227896 bytes [02:32 21/01/2008] [02:32 21/01/2008] D8B4A53DD2769F226B3EB374374987C9 -= EOF =-
  10. lizard1231
    Sorry i haven't replied in a while. I tried to run the tdsskiller, but it wont open. I have even changed the extension but all it does when i click Run as Administrator is have a box pop up that says "A program needs your permission to continue", i click continue and wait but nothing happens.
  11. lizard1231
    i dont know if im doing something wrong but every time i try to use it my computer crashes.
  12. lizard1231
    OTL logfile created on: 4/10/2011 3:07:18 PM - Run 2 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Lizzie\Downloads Windows Vista Home Basic Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 7.0.6001.18000) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 64.00% Memory free 6.00 Gb Paging File | 5.00 Gb Available in Paging File | 83.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 222.54 Gb Total Space | 66.60 Gb Free Space | 29.93% Space Free | Partition Type: NTFS Drive D: | 10.34 Gb Total Space | 1.77 Gb Free Space | 17.09% Space Free | Partition Type: NTFS Computer Name: LIZS-PC | User Name: Lizzie | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Lizzie\Downloads\OTH.scr (OldTimer Tools) PRC - C:\Users\Lizzie\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Program Files\SMINST\BLService.exe () ========== Modules (SafeList) ========== MOD - C:\Users\Lizzie\Downloads\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (RelevantKnowledge) -- File not found SRV - (Recovery Service for Windows) -- C:\Program Files\SMINST\BLService.exe () SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (MBAMSwissArmy) -- C:\Windows\System32\drivers\mbamswissarmy.sys (Malwarebytes Corporation) DRV - (IntcHdmiAddService) Intel® -- C:\Windows\System32\drivers\IntcHdmi.sys (Intel® Corporation) DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation ) DRV - (CnxtHdAudService) -- C:\Windows\System32\drivers\CHDRT32.sys (Conexant Systems Inc.) DRV - (TIEHDUSB) -- C:\Windows\System32\drivers\tiehdusb.sys (Texas Instruments Incorporated) DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.) DRV - (NETw3v32) Intel® -- C:\Windows\System32\drivers\NETw3v32.sys (Intel Corporation) DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.) DRV - (HpqKbFiltr) -- C:\Windows\System32\drivers\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2247187 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> ========== FireFox ========== FF - prefs.js..browser.search.defaultthis.engineName: "Mario Forever Customized Web Search" FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2247187&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.hulu.com/" FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.1.94 FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.1.94 FF - prefs.js..extensions.enabledItems: {1a0c9ebe-ddf9-4b76-b8a3-675c77874d37}:4.0 FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.1 FF - prefs.js..extensions.enabledItems: textlinks@playsushi.com:1.0.0 FF - HKLM\software\mozilla\Firefox\Extensions\\{6E19037A-12E3-4295-8915-ED48BC341614}: C:\Program Files\RelevantKnowledge FF - HKLM\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011/04/07 19:32:21 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011/04/07 19:32:22 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files\Mozilla Firefox 3.1 Beta 3\components [2011/04/09 17:09:06 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox 3.1 Beta 3\plugins [2011/04/09 17:09:06 | 000,000,000 | ---D | M] [2009/05/18 16:28:56 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Lizzie\AppData\Roaming\Mozilla\Extensions [2009/05/18 16:28:56 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Lizzie\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org [2011/04/10 14:59:28 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Lizzie\AppData\Roaming\Mozilla\Firefox\Profiles\s57u0m3l.default\extensions [2011/04/07 16:43:29 | 000,000,000 | -H-D | M] (HootBar) -- C:\Users\Lizzie\AppData\Roaming\Mozilla\Firefox\Profiles\s57u0m3l.default\extensions\{1a0c9ebe-ddf9-4b76-b8a3-675c77874d37} [2011/04/07 16:43:29 | 000,000,000 | -H-D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Lizzie\AppData\Roaming\Mozilla\Firefox\Profiles\s57u0m3l.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2009/07/18 14:22:47 | 000,000,000 | -H-D | M] (Advantage extension) -- C:\Users\Lizzie\AppData\Roaming\Mozilla\Firefox\Profiles\s57u0m3l.default\extensions\{f6bf92e0-b190-11dd-ad8b-0800200c9a67} [2009/04/27 16:09:10 | 000,000,888 | -H-- | M] () -- C:\Users\Lizzie\AppData\Roaming\Mozilla\Firefox\Profiles\s57u0m3l.default\searchplugins\conduit.xml [2009/06/17 12:55:28 | 000,007,982 | -H-- | M] () -- C:\Users\Lizzie\AppData\Roaming\Mozilla\Firefox\Profiles\s57u0m3l.default\searchplugins\oneriot-social-web-search.xml [2009/05/12 17:35:17 | 000,001,741 | -H-- | M] () -- C:\Users\Lizzie\AppData\Roaming\Mozilla\Firefox\Profiles\s57u0m3l.default\searchplugins\search-the-web.xml File not found (No name found) -- [2009/05/07 15:06:06 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX 3.1 BETA 3\EXTENSIONS\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} [2009/10/11 15:54:45 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX 3.1 BETA 3\EXTENSIONS\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} [2009/12/05 11:05:30 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX 3.1 BETA 3\EXTENSIONS\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} () (No name found) -- C:\USERS\LIZZIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S57U0M3L.DEFAULT\EXTENSIONS\{A0D7CCB3-214D-498B-B4AA-0E8FDA9A7BF7}.XPI () (No name found) -- C:\USERS\LIZZIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S57U0M3L.DEFAULT\EXTENSIONS\PERSONAS@CHRISTOPHER.BEARD.XPI [2009/04/06 17:41:26 | 000,151,552 | ---- | M] (PopCap Games) -- C:\Program Files\Mozilla Firefox\plugins\nppopcaploader.dll O1 HOSTS File: ([2006/09/18 17:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O2 - BHO: (Microsoft Live Search Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files\MSN\Toolbar\3.0.0541.0\msneshellx.dll (Microsoft Corp.) O3 - HKLM\..\Toolbar: (Microsoft Live Search Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files\MSN\Toolbar\3.0.0541.0\msneshellx.dll (Microsoft Corp.) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found. O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard) O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [updateLBPShortCut] C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [updateP2GoShortCut] C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [updatePDIRShortCut] C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [updatePSTShortCut] C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe () O4 - HKCU..\Run: [speech Recognition] C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) O4 - HKCU..\Run: [VeohPlugin] C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe (Veoh Networks) O4 - Startup: C:\Users\Lizzie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowLegacyWebView = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowUnhashedWebView = 1 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet) O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} http://www.popcap.com/webgames/popcaploader_v10.cab (PopCapLoader Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62 O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Lizzie\Pictures\Panic!\003.jpg O24 - Desktop BackupWallPaper: C:\Users\Lizzie\Pictures\Panic!\003.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{91e796fd-a584-11df-9a9d-001f16710a9a}\Shell\AutoRun\command - "" = F:\LinksysConnectPC.exe O33 - MountPoints2\{f49ebca5-1500-11de-a00d-001f16710a9a}\Shell\AutoRun\command - "" = F:\LinksysConnectPC.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011/04/07 19:33:00 | 000,000,000 | -H-D | C] -- C:\Users\Lizzie\AppData\Local\DDMSettings [2011/04/07 19:32:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus [2011/04/07 19:32:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DivX Shared [2010/08/25 19:59:08 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011/04/10 14:59:14 | 000,000,284 | -H-- | M] () -- C:\ProgramData\hpqp.ini [2011/04/10 14:59:07 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011/04/10 14:59:07 | 000,000,214 | ---- | M] () -- C:\Windows\tasks\PAV.job [2011/04/10 14:59:05 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011/04/10 14:59:05 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011/04/10 14:58:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011/04/10 14:58:52 | 3149,078,528 | -HS- | M] () -- C:\hiberfil.sys [2011/04/09 19:19:01 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011/04/09 16:12:25 | 000,007,728 | ---- | M] () -- C:\Users\Lizzie\AppData\Local\d3d9caps.dat [2011/04/09 15:45:49 | 000,000,136 | -H-- | M] () -- C:\ProgramData\~42786568r [2011/04/09 15:45:49 | 000,000,104 | -H-- | M] () -- C:\ProgramData\~42786568 [2011/04/09 15:45:47 | 000,000,581 | -H-- | M] () -- C:\Users\Lizzie\Desktop\Windows Restore.lnk [2011/04/09 15:45:42 | 000,000,336 | -H-- | M] () -- C:\ProgramData\42786568 [2011/04/09 15:45:40 | 000,475,136 | -H-- | M] () -- C:\ProgramData\42786568.exe [2011/04/07 20:02:22 | 000,036,352 | -H-- | M] () -- C:\Users\Lizzie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011/04/07 18:16:45 | 000,000,911 | -H-- | M] () -- C:\Users\Lizzie\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [2011/04/07 18:16:45 | 000,000,887 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2011/04/07 18:01:59 | 000,002,265 | -H-- | M] () -- C:\Users\Lizzie\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk [2011/04/05 19:20:21 | 000,002,241 | -H-- | M] () -- C:\Users\Lizzie\Desktop\Apple Safari.lnk [2011/04/02 11:24:02 | 000,604,502 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011/04/02 11:24:02 | 000,104,170 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011/03/24 22:43:03 | 000,000,000 | -H-- | M] () -- C:\Users\Lizzie\AppData\Roaming\AVSDVDPlayer.m3u [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2011/04/09 16:11:57 | 3149,078,528 | -HS- | C] () -- C:\hiberfil.sys [2011/04/09 15:45:49 | 000,000,136 | -H-- | C] () -- C:\ProgramData\~42786568r [2011/04/09 15:45:48 | 000,000,104 | -H-- | C] () -- C:\ProgramData\~42786568 [2011/04/09 15:45:47 | 000,000,581 | -H-- | C] () -- C:\Users\Lizzie\Desktop\Windows Restore.lnk [2011/04/09 15:45:42 | 000,000,336 | -H-- | C] () -- C:\ProgramData\42786568 [2011/04/09 15:45:40 | 000,475,136 | -H-- | C] () -- C:\ProgramData\42786568.exe [2011/04/07 18:16:45 | 000,000,899 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2010/08/25 20:30:02 | 000,439,308 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin [2010/08/25 20:30:00 | 000,982,240 | ---- | C] () -- C:\Windows\System32\igkrng500.bin [2010/08/25 20:30:00 | 000,092,356 | ---- | C] () -- C:\Windows\System32\igfcg500m.bin [2010/08/25 19:57:00 | 000,000,151 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config [2010/08/25 19:52:00 | 000,208,896 | ---- | C] () -- C:\Windows\System32\iglhsip32.dll [2010/08/25 19:52:00 | 000,143,360 | ---- | C] () -- C:\Windows\System32\iglhcp32.dll [2009/12/11 19:36:10 | 000,000,008 | -H-- | C] () -- C:\Users\Lizzie\AppData\Roaming\DofusAppId0_2 [2009/12/11 19:33:58 | 000,000,173 | -H-- | C] () -- C:\Users\Lizzie\AppData\Roaming\D2Info0 [2009/12/11 19:33:58 | 000,000,008 | -H-- | C] () -- C:\Users\Lizzie\AppData\Roaming\DofusAppId0_1 [2009/12/09 19:47:18 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI [2009/10/05 21:15:21 | 000,000,000 | -H-- | C] () -- C:\Users\Lizzie\AppData\Roaming\wklnhst.dat [2009/07/14 20:37:22 | 000,000,063 | -H-- | C] () -- C:\Users\Lizzie\AppData\Roaming\AVSMediaPlayer.m3u [2009/06/16 00:33:59 | 000,007,728 | ---- | C] () -- C:\Users\Lizzie\AppData\Local\d3d9caps.dat [2009/05/05 22:30:00 | 000,012,717 | R--- | C] () -- C:\Windows\hpwscr14.dat [2009/05/05 22:27:06 | 000,179,602 | ---- | C] () -- C:\Windows\hpwins14.dat [2009/04/07 22:34:51 | 000,000,000 | -H-- | C] () -- C:\Users\Lizzie\AppData\Roaming\AVSDVDPlayer.m3u [2009/04/07 21:46:28 | 000,524,288 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2009/04/07 21:46:28 | 000,139,264 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2009/04/04 22:17:32 | 000,245,760 | ---- | C] () -- C:\Windows\System32\ImxEx.dll [2009/03/28 00:07:28 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat [2009/03/25 18:08:43 | 000,036,352 | -H-- | C] () -- C:\Users\Lizzie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/03/13 00:29:55 | 000,000,284 | -H-- | C] () -- C:\ProgramData\hpqp.ini [2008/10/23 01:43:24 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2008/10/23 01:43:24 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2008/07/06 16:29:46 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1518.dll [2008/07/06 16:14:06 | 000,147,172 | ---- | C] () -- C:\Windows\System32\igfcg550.bin [2008/06/29 10:52:14 | 000,004,608 | ---- | C] () -- C:\Windows\System32\HdmiCoin.dll [2008/06/09 15:02:30 | 000,001,108 | R--- | C] () -- C:\Windows\hpwmdl14.dat [2006/11/02 08:53:49 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006/11/02 08:44:53 | 000,344,360 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006/11/02 06:33:01 | 000,604,502 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006/11/02 06:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006/11/02 06:33:01 | 000,104,170 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006/11/02 06:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006/11/02 06:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006/11/02 04:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006/11/02 04:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006/11/02 03:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2006/03/09 05:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [1999/01/22 14:46:58 | 000,065,536 | ---- | C] () -- C:\Windows\System32\MSRTEDIT.DLL ========== LOP Check ========== [2009/11/17 21:46:02 | 000,000,000 | -H-D | M] -- C:\Users\Lizzie\AppData\Roaming\Alawar [2009/12/11 19:34:02 | 000,000,000 | -H-D | M] -- C:\Users\Lizzie\AppData\Roaming\app [2011/01/31 22:36:06 | 000,000,000 | -H-D | M] -- C:\Users\Lizzie\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2009/12/11 20:04:35 | 000,000,000 | -H-D | M] -- C:\Users\Lizzie\AppData\Roaming\Dofus 2 [2009/12/11 19:36:10 | 000,000,000 | -H-D | M] -- C:\Users\Lizzie\AppData\Roaming\Dofus-2.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 [2009/12/11 19:33:58 | 000,000,000 | -H-D | M] -- C:\Users\Lizzie\AppData\Roaming\Dofus.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 [2009/06/26 03:07:05 | 000,000,000 | -H-D | M] -- C:\Users\Lizzie\AppData\Roaming\GetRightToGo [2009/03/19 18:00:26 | 000,000,000 | -H-D | M] -- C:\Users\Lizzie\AppData\Roaming\iWin [2011/03/08 19:42:16 | 000,000,000 | -H-D | M] -- C:\Users\Lizzie\AppData\Roaming\muvee Technologies [2009/11/19 19:31:01 | 000,000,000 | -H-D | M] -- C:\Users\Lizzie\AppData\Roaming\MysteryStudio [2009/05/07 17:18:04 | 000,000,000 | -H-D | M] -- C:\Users\Lizzie\AppData\Roaming\OpenOffice.org [2009/03/31 15:34:48 | 000,000,000 | -H-D | M] -- C:\Users\Lizzie\AppData\Roaming\PlayFirst [2009/11/17 21:56:40 | 000,000,000 | -H-D | M] -- C:\Users\Lizzie\AppData\Roaming\Playrix Entertainment [2009/12/11 19:34:02 | 000,000,000 | -H-D | M] -- C:\Users\Lizzie\AppData\Roaming\Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 [2009/11/02 20:31:30 | 000,000,000 | -H-D | M] -- C:\Users\Lizzie\AppData\Roaming\Spacejock Software [2009/03/28 14:41:17 | 000,000,000 | -H-D | M] -- C:\Users\Lizzie\AppData\Roaming\SPORE Creature Creator [2009/07/25 20:46:47 | 000,000,000 | -H-D | M] -- C:\Users\Lizzie\AppData\Roaming\Tific [2009/12/03 20:18:37 | 000,000,000 | -H-D | M] -- C:\Users\Lizzie\AppData\Roaming\Youdagames [2011/04/10 14:59:07 | 000,000,214 | ---- | M] () -- C:\Windows\Tasks\PAV.job [2011/04/10 00:23:47 | 000,032,622 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 85 bytes -> C:\ProgramData:$SS_DESCRIPTOR_PVX2VCGKMVF9V8N4TKBRVDNGCMXLJ4M28WDP36MLTJ5KJ4VPXHAT @Alternate Data Stream - 337 bytes -> C:\ProgramData\Temp:B8CAAE22 @Alternate Data Stream - 142 bytes -> C:\ProgramData\Temp:3B4DA230 @Alternate Data Stream - 138 bytes -> C:\ProgramData\Temp:32A82570 @Alternate Data Stream - 135 bytes -> C:\ProgramData\Temp:0E22C5DB @Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:CB0FEE2B @Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:4A2862FF @Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:5335CE76 < End of report >
  13. lizard1231
    I recently got some kind of virus on my system that has made most of my file and document hidden, it started to redirect my internet pages during searches, and an internet explorer script error message keeps appearing. I have run malwarebytes and it did find some problems but the virus is still on my system.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.