Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Help Needed


  • Please log in to reply
30 replies to this topic

#1 sdstocks

sdstocks

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:04:24 PM

Posted 16 May 2005 - 05:38 AM

I keep running into problems with my computer. The same adware/spyware keeps getting on my computer. I do use spybot & adaware. I'm also lost the ability to connect to any (bittorrent/kazaa/ed2k/gnutella) peer 2 peer networks, but normal internet function seems to be fine. It's not a firewall problem as I have tried switching it (Zonealarm) off altogether and still no joy. I have download and run the Hijackthis program, but to be honest I'm not to sure what's what. Can someone help me please!!!

Many Thanks
Steve


Logfile of HijackThis v1.99.1
Scan saved at 11:20:37, on 5/16/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\htpatch.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Save\Save.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\netdde.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\system32\clipsrv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\MICROS~2\Office10\OUTLOOK.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Thomson\SpeedTouch USB\dragdiag.exe
C:\Program Files\FilZip\Filzip.exe
C:\DOCUME~1\Steve\LOCALS~1\Temp\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.co.uk/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://uk.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O4 - HKLM\..\Run: [HTpatch] C:\WINDOWS\htpatch.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [WhenUSave] "C:\Program Files\Save\Save.exe"
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Zone Labs Security.lnk = C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/pota_x.cab
O16 - DPF: {03F998B2-0E00-11D3-A498-00104B6EB52E} (MetaStreamCtl Class) - https://components.viewpoint.com/adobe/MTSI...here/index.html
O16 - DPF: {0EB73E39-8AD4-43E8-8FBA-0165C2CCDB8B} (GameControl Class) - http://uk.midas.games.yahoo.net/midasa.cab
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/200112...meInstaller.exe
O16 - DPF: {4E62C4DE-627D-4604-B157-4B7D6B09F02E} (AccountTracking Profile Manager Class) - https://moneymanager.egg.com/Pinsafe/accounttracking.cab
O16 - DPF: {B942A249-D1E7-4C11-98AE-FCB76B08747F} (RealArcadeRdxIE Class) - http://games-dl.real.com/gameconsole/Bundl...ArcadeRdxIE.cab
O16 - DPF: {D22AC3EF-B7D8-11D5-A281-005056BF0101} (plug Class) - http://dist02.chargitdial.com/chargitplug.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{7BCE3157-D038-455E-A803-D66F8C4CF46C}: NameServer = 212.159.13.49 212.159.13.50
O20 - Winlogon Notify: Shell Extensions - C:\WINDOWS\system32\e6200gfme62a0.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

BC AdBot (Login to Remove)

 


#2 sdstocks

sdstocks
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:04:24 PM

Posted 16 May 2005 - 06:39 AM

Just read another posting that said I should run HJT with a normal startup (MSConfig). So here is the new log with a normal startup.

Logfile of HijackThis v1.99.1
Scan saved at 12:34:47, on 5/16/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\netdde.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\clipsrv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\rsvp.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\htpatch.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Save\Save.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\nsvsvc\nsvsvc.exe
C:\Program Files\ahead\InCD\InCD.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Lavasoft\Ad-aware 6\Ad-watch.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\FilZip\Filzip.exe
C:\DOCUME~1\Steve\LOCALS~1\Temp\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.co.uk/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://uk.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O4 - HKLM\..\Run: [HTpatch] C:\WINDOWS\htpatch.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Nsv] C:\WINDOWS\system32\nsvsvc\nsvsvc.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [InCD] C:\Program Files\ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [ATIPTA] atiptaxx.exe
O4 - HKLM\..\Run: [Ad-watch] "C:\Program Files\Lavasoft\Ad-aware 6\Ad-watch.exe"
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Zone Labs Security.lnk = C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/pota_x.cab
O16 - DPF: {03F998B2-0E00-11D3-A498-00104B6EB52E} (MetaStreamCtl Class) - https://components.viewpoint.com/adobe/MTSI...here/index.html
O16 - DPF: {0EB73E39-8AD4-43E8-8FBA-0165C2CCDB8B} (GameControl Class) - http://uk.midas.games.yahoo.net/midasa.cab
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/200112...meInstaller.exe
O16 - DPF: {4E62C4DE-627D-4604-B157-4B7D6B09F02E} (AccountTracking Profile Manager Class) - https://moneymanager.egg.com/Pinsafe/accounttracking.cab
O16 - DPF: {B942A249-D1E7-4C11-98AE-FCB76B08747F} (RealArcadeRdxIE Class) - http://games-dl.real.com/gameconsole/Bundl...ArcadeRdxIE.cab
O16 - DPF: {D22AC3EF-B7D8-11D5-A281-005056BF0101} (plug Class) - http://dist02.chargitdial.com/chargitplug.dll
O20 - Winlogon Notify: Shell Extensions - C:\WINDOWS\system32\en40l1hm1.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

#3 Guest_Cretemonster_*

Guest_Cretemonster_*

  • Guests
  • OFFLINE
  •  

Posted 16 May 2005 - 02:27 PM

Howdy sdstocks and Welcome to the Bleeping Computer!!

I have a suspicion this is gonna be the L2M Infection,one way to be sure,Download and Run the L2MFix:
http://www.atribune.org/downloads/l2mfix.exe
or
http://www.downloads.subratam.org/l2mfix.exe

Save the file to your desktop and double click l2mfix.exe.

Click the Install button to extract the files and follow the prompts, then open the newly added l2mfix folder on your desktop.

Double click l2mfix.bat and select option #1 for Run Find Log by typing 1 and then pressing enter. This will scan your computer and it may appear nothing is happening, then, after a minute or 2, notepad will open with a log.

Copy the contents of that log and paste it into this thread.

IMPORTANT: Do NOT run option #2 OR any other files in the l2mfix folder until I ask you to.

#4 sdstocks

sdstocks
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  

Posted 16 May 2005 - 03:40 PM

here you go

L2MFIX find log 1.03
These are the registry keys present
**********************************************************************************
Winlogon/notify:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\App Management]
"Asynchronous"=dword:00000000
"DllName"="C:\\WINDOWS\\system32\\j0p0la7m1d.dll"
"Impersonate"=dword:00000000
"Logon"="WinLogon"
"Logoff"="WinLogoff"
"Shutdown"="WinShutdown"

**********************************************************************************
useragent:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
"{636584F3-E606-3816-E10A-E79D4831745F}"=""

**********************************************************************************
Shell Extension key:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
"{00022613-0000-0000-C000-000000000046}"="Multimedia File Property Sheet"
"{176d6597-26d3-11d1-b350-080036a75b03}"="ICM Scanner Management"
"{1F2E5C40-9550-11CE-99D2-00AA006E086C}"="NTFS Security Page"
"{3EA48300-8CF6-101B-84FB-666CCB9BCD32}"="OLE Docfile Property Page"
"{40dd6e20-7c17-11ce-a804-00aa003ca9f6}"="Shell extensions for sharing"
"{41E300E0-78B6-11ce-849B-444553540000}"="PlusPack CPL Extension"
"{42071712-76d4-11d1-8b24-00a0c9068ff3}"="Display Adapter CPL Extension"
"{42071713-76d4-11d1-8b24-00a0c9068ff3}"="Display Monitor CPL Extension"
"{42071714-76d4-11d1-8b24-00a0c9068ff3}"="Display Panning CPL Extension"
"{4E40F770-369C-11d0-8922-00A024AB2DBB}"="DS Security Page"
"{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}"="Compatibility Page"
"{56117100-C0CD-101B-81E2-00AA004AE837}"="Shell Scrap DataHandler"
"{59099400-57FF-11CE-BD94-0020AF85B590}"="Disk Copy Extension"
"{59be4990-f85c-11ce-aff7-00aa003ca9f6}"="Shell extensions for Microsoft Windows Network objects"
"{5DB2625A-54DF-11D0-B6C4-0800091AA605}"="ICM Monitor Management"
"{675F097E-4C4D-11D0-B6C1-0800091AA605}"="ICM Printer Management"
"{764BF0E1-F219-11ce-972D-00AA00A14F56}"="Shell extensions for file compression"
"{77597368-7b15-11d0-a0c2-080036af3f03}"="Web Printer Shell Extension"
"{7988B573-EC89-11cf-9C00-00AA00A14F56}"="Disk Quota UI"
"{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA}"="Encryption Context Menu"
"{85BBD920-42A0-1069-A2E4-08002B30309D}"="Briefcase"
"{88895560-9AA2-1069-930E-00AA0030EBC8}"="HyperTerminal Icon Ext"
"{BD84B380-8CA2-1069-AB1D-08000948F534}"="Fonts"
"{DBCE2480-C732-101B-BE72-BA78E9AD5B27}"="ICC Profile"
"{F37C5810-4D3F-11d0-B4BF-00AA00BBB723}"="Printers Security Page"
"{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}"="Shell extensions for sharing"
"{f92e8c40-3d33-11d2-b1aa-080036a75b03}"="Display TroubleShoot CPL Extension"
"{7444C717-39BF-11D1-8CD9-00C04FC29D45}"="Crypto PKO Extension"
"{7444C719-39BF-11D1-8CD9-00C04FC29D45}"="Crypto Sign Extension"
"{7007ACC7-3202-11D1-AAD2-00805FC1270E}"="Network Connections"
"{992CFFA0-F557-101A-88EC-00DD010CCC48}"="Network Connections"
"{E211B736-43FD-11D1-9EFB-0000F8757FCD}"="Scanners & Cameras"
"{FB0C9C8A-6C50-11D1-9F1D-0000F8757FCD}"="Scanners & Cameras"
"{905667aa-acd6-11d2-8080-00805f6596d2}"="Scanners & Cameras"
"{3F953603-1008-4f6e-A73A-04AAC7A992F1}"="Scanners & Cameras"
"{83bbcbf3-b28a-4919-a5aa-73027445d672}"="Scanners & Cameras"
"{F0152790-D56E-4445-850E-4F3117DB740C}"="Remote Sessions CPL Extension"
"{60254CA5-953B-11CF-8C96-00AA00B8708C}"="Shell extensions for Windows Script Host"
"{2206CDB2-19C1-11D1-89E0-00C04FD7A829}"="Microsoft Data Link"
"{DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Icon Handler"
"{797F1E90-9EDD-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Shell Extension"
"{D6277990-4C6A-11CF-8D87-00AA0060F5BF}"="Scheduled Tasks"
"{0DF44EAA-FF21-4412-828E-260A8728E7F1}"="Taskbar and Start Menu"
"{2559a1f0-21d7-11d4-bdaf-00c04f60b9f0}"="Search"
"{2559a1f1-21d7-11d4-bdaf-00c04f60b9f0}"="Help and Support"
"{2559a1f2-21d7-11d4-bdaf-00c04f60b9f0}"="Help and Support"
"{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}"="Run..."
"{2559a1f4-21d7-11d4-bdaf-00c04f60b9f0}"="Internet"
"{2559a1f5-21d7-11d4-bdaf-00c04f60b9f0}"="E-mail"
"{D20EA4E1-3957-11d2-A40B-0C5020524152}"="Fonts"
"{D20EA4E1-3957-11d2-A40B-0C5020524153}"="Administrative Tools"
"{875CB1A1-0F29-45de-A1AE-CFB4950D0B78}"="Audio Media Properties Handler"
"{40C3D757-D6E4-4b49-BB41-0E5BBEA28817}"="Video Media Properties Handler"
"{E4B29F9D-D390-480b-92FD-7DDB47101D71}"="Wav Properties Handler"
"{87D62D94-71B3-4b9a-9489-5FE6850DC73E}"="Avi Properties Handler"
"{A6FD9E45-6E44-43f9-8644-08598F5A74D9}"="Midi Properties Handler"
"{c5a40261-cd64-4ccf-84cb-c394da41d590}"="Video Thumbnail Extractor"
"{5E6AB780-7743-11CF-A12B-00AA004AE837}"="Microsoft Internet Toolbar"
"{22BF0C20-6DA7-11D0-B373-00A0C9034938}"="Download Status"
"{91EA3F8B-C99B-11d0-9815-00C04FD91972}"="Augmented Shell Folder"
"{6413BA2C-B461-11d1-A18A-080036B11A03}"="Augmented Shell Folder 2"
"{F61FFEC1-754F-11d0-80CA-00AA005B4383}"="BandProxy"
"{7BA4C742-9E81-11CF-99D3-00AA004AE837}"="Microsoft BrowserBand"
"{30D02401-6A81-11d0-8274-00C04FD5AE38}"="Search Band"
"{32683183-48a0-441b-a342-7c2a440a9478}"="Media Band"
"{169A0691-8DF9-11d1-A1C4-00C04FD75D13}"="In-pane search"
"{07798131-AF23-11d1-9111-00A0C98BA67D}"="Web Search"
"{AF4F6510-F982-11d0-8595-00AA004CD6D8}"="Registry Tree Options Utility"
"{01E04581-4EEE-11d0-BFE9-00AA005B4383}"="&Address"
"{A08C11D2-A228-11d0-825B-00AA005B4383}"="Address EditBox"
"{00BB2763-6A77-11D0-A535-00C04FD7D062}"="Microsoft AutoComplete"
"{7376D660-C583-11d0-A3A5-00C04FD706EC}"="TridentImageExtractor"
"{6756A641-DE71-11d0-831B-00AA005B4383}"="MRU AutoComplete List"
"{6935DB93-21E8-4ccc-BEB9-9FE3C77A297A}"="Custom MRU AutoCompleted List"
"{7e653215-fa25-46bd-a339-34a2790f3cb7}"="Accessible"
"{acf35015-526e-4230-9596-becbe19f0ac9}"="Track Popup Bar"
"{E0E11A09-5CB8-4B6C-8332-E00720A168F2}"="Address Bar Parser"
"{00BB2764-6A77-11D0-A535-00C04FD7D062}"="Microsoft History AutoComplete List"
"{03C036F1-A186-11D0-824A-00AA005B4383}"="Microsoft Shell Folder AutoComplete List"
"{00BB2765-6A77-11D0-A535-00C04FD7D062}"="Microsoft Multiple AutoComplete List Container"
"{ECD4FC4E-521C-11D0-B792-00A0C90312E1}"="Shell Band Site Menu"
"{3CCF8A41-5C85-11d0-9796-00AA00B90ADF}"="Shell DeskBarApp"
"{ECD4FC4C-521C-11D0-B792-00A0C90312E1}"="Shell DeskBar"
"{ECD4FC4D-521C-11D0-B792-00A0C90312E1}"="Shell Rebar BandSite"
"{DD313E04-FEFF-11d1-8ECD-0000F87A470C}"="User Assist"
"{EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}"="Global Folder Settings"
"{EFA24E61-B078-11d0-89E4-00C04FC9E26E}"="Favorites Band"
"{0A89A860-D7B1-11CE-8350-444553540000}"="Shell Automation Inproc Service"
"{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}"="Shell DocObject Viewer"
"{A5E46E3A-8849-11D1-9D8C-00C04FC99D61}"="Microsoft Browser Architecture"
"{FBF23B40-E3F0-101B-8488-00AA003E56F8}"="InternetShortcut"
"{3C374A40-BAE4-11CF-BF7D-00AA006946EE}"="Microsoft Url History Service"
"{FF393560-C2A7-11CF-BFF4-444553540000}"="History"
"{7BD29E00-76C1-11CF-9DD0-00A0C9034933}"="Temporary Internet Files"
"{7BD29E01-76C1-11CF-9DD0-00A0C9034933}"="Temporary Internet Files"
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"="Microsoft Url Search Hook"
"{A2B0DD40-CC59-11d0-A3A5-00C04FD706EC}"="IE4 Suite Splash Screen"
"{67EA19A0-CCEF-11d0-8024-00C04FD75D13}"="CDF Extension Copy Hook"
"{131A6951-7F78-11D0-A979-00C04FD705A2}"="ISFBand OC"
"{9461b922-3c5a-11d2-bf8b-00c04fb93661}"="Search Assistant OC"
"{3DC7A020-0ACD-11CF-A9BB-00AA004AE837}"="The Internet"
"{871C5380-42A0-1069-A2EA-08002B30309D}"="Internet Name Space"
"{EFA24E64-B078-11d0-89E4-00C04FC9E26E}"="Explorer Band"
"{9E56BE60-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service"
"{9E56BE61-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service"
"{88C6C381-2E85-11D0-94DE-444553540000}"="ActiveX Cache Folder"
"{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"="WebCheck"
"{ABBE31D0-6DAE-11D0-BECA-00C04FD940BE}"="Subscription Mgr"
"{F5175861-2688-11d0-9C5E-00AA00A45957}"="Subscription Folder"
"{08165EA0-E946-11CF-9C87-00AA005127ED}"="WebCheckWebCrawler"
"{E3A8BDE6-ABCE-11d0-BC4B-00C04FD929DB}"="WebCheckChannelAgent"
"{E8BB6DC0-6B4E-11d0-92DB-00A0C90C2BD7}"="TrayAgent"
"{7D559C10-9FE9-11d0-93F7-00AA0059CE02}"="Code Download Agent"
"{E6CC6978-6B6E-11D0-BECA-00C04FD940BE}"="ConnectionAgent"
"{D8BD2030-6FC9-11D0-864F-00AA006809D9}"="PostAgent"
"{7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB}"="WebCheck SyncMgr Handler"
"{352EC2B7-8B9A-11D1-B8AE-006008059382}"="Shell Application Manager"
"{0B124F8F-91F0-11D1-B8B5-006008059382}"="Installed Apps Enumerator"
"{CFCCC7A0-A282-11D1-9082-006008059382}"="Darwin App Publisher"
"{e84fda7c-1d6a-45f6-b725-cb260c236066}"="Shell Image Verbs"
"{66e4e4fb-f385-4dd0-8d74-a2efd1bc6178}"="Shell Image Data Factory"
"{3F30C968-480A-4C6C-862D-EFC0897BB84B}"="GDI+ file thumbnail extractor"
"{9DBD2C50-62AD-11d0-B806-00C04FD706EC}"="Summary Info Thumbnail handler (DOCFILES)"
"{EAB841A0-9550-11cf-8C16-00805F1408F3}"="HTML Thumbnail Extractor"
"{eb9b1153-3b57-4e68-959a-a3266bc3d7fe}"="Shell Image Property Handler"
"{CC6EEFFB-43F6-46c5-9619-51D571967F7D}"="Web Publishing Wizard"
"{add36aa8-751a-4579-a266-d66f5202ccbb}"="Print Ordering via the Web"
"{6b33163c-76a5-4b6c-bf21-45de9cd503a1}"="Shell Publishing Wizard Object"
"{58f1f272-9240-4f51-b6d4-fd63d1618591}"="Get a Passport Wizard"
"{7A9D77BD-5403-11d2-8785-2E0420524153}"="User Accounts"
"{BD472F60-27FA-11cf-B8B4-444553540000}"="Compressed (zipped) Folder Right Drag Handler"
"{888DCA60-FC0A-11CF-8F0F-00C04FD7D062}"="Compressed (zipped) Folder SendTo Target"
"{63da6ec0-2e98-11cf-8d82-444553540000}"="FTP Folders Webview"
"{883373C3-BF89-11D1-BE35-080036B11A03}"="Microsoft DocProp Shell Ext"
"{A9CF0EAE-901A-4739-A481-E35B73E47F6D}"="Microsoft DocProp Inplace Edit Box Control"
"{8EE97210-FD1F-4B19-91DA-67914005F020}"="Microsoft DocProp Inplace ML Edit Box Control"
"{0EEA25CC-4362-4A12-850B-86EE61B0D3EB}"="Microsoft DocProp Inplace Droplist Combo Control"
"{6A205B57-2567-4A2C-B881-F787FAB579A3}"="Microsoft DocProp Inplace Calendar Control"
"{28F8A4AC-BBB3-4D9B-B177-82BFC914FA33}"="Microsoft DocProp Inplace Time Control"
"{8A23E65E-31C2-11d0-891C-00A024AB2DBB}"="Directory Query UI"
"{9E51E0D0-6E0F-11d2-9601-00C04FA31A86}"="Shell properties for a DS object"
"{163FDC20-2ABC-11d0-88F0-00A024AB2DBB}"="Directory Object Find"
"{F020E586-5264-11d1-A532-0000F8757D7E}"="Directory Start/Search Find"
"{0D45D530-764B-11d0-A1CA-00AA00C16E65}"="Directory Property UI"
"{62AE1F9A-126A-11D0-A14B-0800361B1103}"="Directory Context Menu Verbs"
"{ECF03A33-103D-11d2-854D-006008059367}"="MyDocs Copy Hook"
"{ECF03A32-103D-11d2-854D-006008059367}"="MyDocs Drop Target"
"{4a7ded0a-ad25-11d0-98a8-0800361b1103}"="MyDocs Properties"
"{750fdf0e-2a26-11d1-a3ea-080036587f03}"="Offline Files Menu"
"{10CFC467-4392-11d2-8DB4-00C04FA31A66}"="Offline Files Folder Options"
"{AFDB1F70-2A4C-11d2-9039-00C04F8EEB3E}"="Offline Files Folder"
"{143A62C8-C33B-11D1-84FE-00C04FA34A14}"="Microsoft Agent Character Property Sheet Handler"
"{ECCDF543-45CC-11CE-B9BF-0080C87CDBA6}"="DfsShell"
"{60fd46de-f830-4894-a628-6fa81bc0190d}"="%DESC_PublishDropTarget%"
"{7A80E4A8-8005-11D2-BCF8-00C04F72C717}"="MMC Icon Handler"
"{0CD7A5C0-9F37-11CE-AE65-08002B2E1262}"=".CAB file viewer"
"{32714800-2E5F-11d0-8B85-00AA0044F941}"="For &People..."
"{8DD448E6-C188-4aed-AF92-44956194EB1F}"="Windows Media Player Play as Playlist Context Menu Handler"
"{CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C}"="Windows Media Player Burn Audio CD Context Menu Handler"
"{F1B9284F-E9DC-4e68-9D7E-42362A59F0FD}"="Windows Media Player Add to Playlist Context Menu Handler"
"{F5D92341-0A64-11D0-9956-0000E8096023}"="CD Copy Shell Extension"
"{F5D92342-0A64-11D0-9956-0000E8096023}"="CD Wizard Shell Extension"
"{F5D92344-0A64-11D0-9956-0000E8096023}"="InstantWrite Shellextension"
"{2559a1f7-21d7-11d4-bdaf-00c04f60b9f0}"="Set Program Access and Defaults"
"{BDEADF00-C265-11D0-BCED-00A0C90AB50F}"="Web Folders"
"{0006F045-0000-0000-C000-000000000046}"="Microsoft Outlook Custom Icon Handler"
"{42042206-2D85-11D3-8CFF-005004838597}"="Microsoft Office HTML Icon Handler"
"{B28C18DB-6816-4F31-9630-397683E3C2C3}"="Filzip Shell Extension"
"{e57ce731-33e8-4c51-8354-bb4de9d215d1}"="Universal Plug and Play Devices"
"{f39a0dc0-9cc8-11d0-a599-00c04fd64433}"="Channel File"
"{f3aa0dc0-9cc8-11d0-a599-00c04fd64434}"="Channel Shortcut"
"{f3ba0dc0-9cc8-11d0-a599-00c04fd64435}"="Channel Handler Object"
"{f3da0dc0-9cc8-11d0-a599-00c04fd64437}"="Channel Menu"
"{f3ea0dc0-9cc8-11d0-a599-00c04fd64438}"="Channel Properties"
"{1D2680C9-0E2A-469d-B787-065558BC7D43}"="Fusion Cache"
"{1CDB2949-8F65-4355-8456-263E7C208A5D}"="Desktop Explorer"
"{1E9B04FB-F9E5-4718-997B-B8DA88302A47}"="Desktop Explorer Menu"
"{eb9ebda0-b3e7-11cf-81c9-0000c0aa665f}"="FTP Explorer Shell Extension"
"{5F327514-6C5E-4d60-8F16-D07FA08A78ED}"="Auto Update Property Sheet Extension"
"{1E2CDF40-419B-11D2-A5A1-002018648BA7}"="AVG Shell Extension"
"{596AB062-B4D2-4215-9F74-E9109B0A8153}"="Previous Versions Property Page"
"{9DB7A13C-F208-4981-8353-73CC61AE2783}"="Previous Versions"
"{692F0339-CBAA-47e6-B5B5-3B84DB604E87}"="Extensions Manager Folder"
"{640167b4-59b0-47a6-b335-a6b3c0695aea}"="Portable Media Devices"
"{cc86590a-b60a-48e6-996b-41d25ed39a1e}"="Portable Media Devices Menu"
"{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}"="Shell Extensions for RealOne Player"
"{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}"="AVG7 Shell Extension"
"{9F97547E-460A-42C5-AE0C-81C61FFAEBC3}"="AVG7 Find Extension"
"{F214A440-A1C4-4A45-A3B1-0F4F7D3CF4B8}"=""
"{B4B8EC95-745C-4F34-B75B-2EC0965DEA46}"=""
"{18DEA719-5C8A-4C21-A3F3-4EF6B90DBA1F}"=""
"{C6D9DDB2-8993-44E0-A308-2178E455B166}"=""
"{A70C977A-BF00-412C-90B7-034C51DA2439}"="NvCpl DesktopContext Class"
"{FFB699E0-306A-11d3-8BD1-00104B6F7516}"="Play on my TV helper"
"{1E9B04FB-F9E5-4718-997B-B8DA88302A48}"="nView Desktop Context Menu"
"{B5690543-3323-4284-8CE4-1D788C5C81CB}"=""
"{1160EF49-DD40-4650-9F6E-DBE9C332C074}"=""
"{2F0AA054-D072-450E-AB91-547472E12C30}"=""
"{7FCA139C-1634-4E43-9CE5-894208DC78CB}"=""
"{1D423152-A8B6-4986-AAA0-D54F12DB1C5C}"=""
"{32533293-951A-4789-B6C7-1FB87454AB8C}"=""

**********************************************************************************
HKEY ROOT CLASSIDS:
Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{F214A440-A1C4-4A45-A3B1-0F4F7D3CF4B8}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{F214A440-A1C4-4A45-A3B1-0F4F7D3CF4B8}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{F214A440-A1C4-4A45-A3B1-0F4F7D3CF4B8}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{F214A440-A1C4-4A45-A3B1-0F4F7D3CF4B8}\InprocServer32]
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{18DEA719-5C8A-4C21-A3F3-4EF6B90DBA1F}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{18DEA719-5C8A-4C21-A3F3-4EF6B90DBA1F}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{18DEA719-5C8A-4C21-A3F3-4EF6B90DBA1F}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{18DEA719-5C8A-4C21-A3F3-4EF6B90DBA1F}\InprocServer32]
@="C:\\WINDOWS\\system32\\kfymgr.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{B5690543-3323-4284-8CE4-1D788C5C81CB}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{B5690543-3323-4284-8CE4-1D788C5C81CB}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{B5690543-3323-4284-8CE4-1D788C5C81CB}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{B5690543-3323-4284-8CE4-1D788C5C81CB}\InprocServer32]
@="C:\\WINDOWS\\system32\\nrth.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{1160EF49-DD40-4650-9F6E-DBE9C332C074}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{1160EF49-DD40-4650-9F6E-DBE9C332C074}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{1160EF49-DD40-4650-9F6E-DBE9C332C074}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{1160EF49-DD40-4650-9F6E-DBE9C332C074}\InprocServer32]
@="C:\\WINDOWS\\system32\\kzdcr.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{2F0AA054-D072-450E-AB91-547472E12C30}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{2F0AA054-D072-450E-AB91-547472E12C30}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{2F0AA054-D072-450E-AB91-547472E12C30}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{2F0AA054-D072-450E-AB91-547472E12C30}\InprocServer32]
@="C:\\WINDOWS\\system32\\mwdart.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{7FCA139C-1634-4E43-9CE5-894208DC78CB}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{7FCA139C-1634-4E43-9CE5-894208DC78CB}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{7FCA139C-1634-4E43-9CE5-894208DC78CB}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{7FCA139C-1634-4E43-9CE5-894208DC78CB}\InprocServer32]
@="C:\\WINDOWS\\system32\\cjcui.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{1D423152-A8B6-4986-AAA0-D54F12DB1C5C}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{1D423152-A8B6-4986-AAA0-D54F12DB1C5C}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{1D423152-A8B6-4986-AAA0-D54F12DB1C5C}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{1D423152-A8B6-4986-AAA0-D54F12DB1C5C}\InprocServer32]
@="C:\\WINDOWS\\system32\\wgwfaxui.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{32533293-951A-4789-B6C7-1FB87454AB8C}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{32533293-951A-4789-B6C7-1FB87454AB8C}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{32533293-951A-4789-B6C7-1FB87454AB8C}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{32533293-951A-4789-B6C7-1FB87454AB8C}\InprocServer32]
@="C:\\WINDOWS\\system32\\oobccu32.dll"
"ThreadingModel"="Apartment"

**********************************************************************************
Files Found are not all bad files:

C:\WINDOWS\SYSTEM32\
3nvxvf~1.dll Sun 15 May 2005 13:26:22 ..S.R 236,636 231.09 K
akwav.dll Sun 27 Mar 2005 10:26:02 ..S.R 234,604 229.11 K
amwav.dll Thu 31 Mar 2005 15:28:18 ..S.R 234,334 228.84 K
aoapi.dll Sun 15 May 2005 15:12:14 ..S.R 236,636 231.09 K
aqrsvc.dll Wed 11 May 2005 7:19:40 ..S.R 232,385 226.94 K
atwav.dll Mon 28 Feb 2005 9:26:36 ..S.R 223,470 218.23 K
authz.dll Wed 2 Mar 2005 19:09:30 A.... 56,832 55.50 K
awrsvc.dll Thu 10 Mar 2005 13:15:34 ..S.R 234,943 229.43 K
ayifil32.dll Mon 16 May 2005 12:05:40 ..S.R 236,033 230.50 K
aza001~1.dll Wed 11 May 2005 17:01:20 ..S.R 232,417 226.97 K
aza40a~1.dll Thu 28 Apr 2005 9:04:02 ..S.R 233,629 228.15 K
aza4l7~1.dll Sat 14 May 2005 13:46:34 ..S.R 236,252 230.71 K
azl.dll Sun 6 Mar 2005 19:06:48 ..S.R 224,981 219.71 K
browseui.dll Thu 10 Mar 2005 9:02:34 A.... 1,016,832 993.00 K
casbrkr.dll Sun 27 Feb 2005 12:35:24 ..S.R 224,142 218.89 K
cdfview.dll Thu 10 Mar 2005 9:02:34 A.... 151,040 147.50 K
cjcui.dll Sun 15 May 2005 18:28:14 ..S.R 236,636 231.09 K
csvspe~1.dll Thu 24 Feb 2005 16:33:04 A.... 131,072 128.00 K
ctutil.dll Sat 26 Mar 2005 11:26:20 ..S.R 233,229 227.76 K
cyyptnet.dll Fri 13 May 2005 20:13:30 ..S.R 236,636 231.09 K
dcdxof.dll Thu 7 Apr 2005 12:55:42 ..S.R 234,334 228.84 K
dcvenum.dll Sun 15 May 2005 17:07:28 ..S.R 236,636 231.09 K
dkmap.dll Thu 5 May 2005 11:29:46 ..S.R 233,248 227.78 K
dkp001~1.dll Mon 2 May 2005 12:22:12 ..S.R 235,958 230.43 K
dlsetup.dll Wed 2 Mar 2005 10:41:22 ..S.R 224,981 219.71 K
dmnlobby.dll Wed 9 Mar 2005 18:35:02 ..S.R 233,777 228.30 K
dn0m01~1.dll Tue 10 May 2005 22:09:30 ..S.R 236,099 230.56 K
dn0u01~1.dll Mon 21 Mar 2005 17:05:02 ..S.R 232,478 227.03 K
dnj201~1.dll Mon 16 May 2005 20:09:40 ..S.R 233,256 227.79 K
dnsynth.dll Mon 21 Mar 2005 17:41:50 ..S.R 232,533 227.08 K
dqakecom.dll Sun 1 May 2005 18:29:52 ..S.R 235,958 230.43 K
drrgsnap.dll Sun 3 Apr 2005 18:28:54 ..S.R 234,334 228.84 K
drrpsetu.dll Sun 15 May 2005 15:22:08 ..S.R 236,636 231.09 K
dstaclen.dll Tue 10 May 2005 21:47:30 ..S.R 236,099 230.56 K
dtuiext.dll Mon 9 May 2005 7:57:56 ..S.R 232,846 227.39 K
dwdmo.dll Wed 9 Mar 2005 10:29:14 ..S.R 232,736 227.28 K
edccmd.dll Sat 7 May 2005 1:13:56 ..S.R 235,753 230.23 K
eeent.dll Thu 28 Apr 2005 17:32:36 ..S.R 234,509 229.01 K
en60l1~1.dll Sun 15 May 2005 17:07:28 ..S.R 233,266 227.80 K
en6sl1~1.dll Sun 15 May 2005 13:37:22 ..S.R 236,636 231.09 K
enpql1~1.dll Mon 4 Apr 2005 17:26:30 ..S.R 235,905 230.38 K
ercmlib.dll Sat 19 Feb 2005 10:41:42 ..S.R 225,273 219.99 K
ezcmlib.dll Sun 15 May 2005 15:31:48 ..S.R 236,636 231.09 K
fcsext32.dll Mon 14 Mar 2005 11:06:28 ..S.R 233,854 228.37 K
fhst30.dll Sat 12 Mar 2005 20:29:36 ..S.R 232,478 227.03 K
fp2m03~1.dll Sun 15 May 2005 16:52:52 ..S.R 236,759 231.21 K
fp2q03~1.dll Wed 9 Mar 2005 9:28:04 ..S.R 224,892 219.62 K
fp8803~1.dll Tue 22 Mar 2005 14:23:14 ..S.R 233,416 227.95 K
fpp203~1.dll Tue 26 Apr 2005 20:16:22 ..S.R 232,853 227.39 K
fpr403~1.dll Sun 3 Apr 2005 20:22:32 ..S.R 234,827 229.32 K
frdrclnr.dll Sun 15 May 2005 16:26:00 ..S.R 236,636 231.09 K
fyntext.dll Fri 25 Feb 2005 18:56:00 ..S.R 224,064 218.81 K
fzsext32.dll Sun 10 Apr 2005 13:42:08 ..S.R 235,548 230.03 K
fzsst.dll Tue 10 May 2005 21:31:02 ..S.R 236,099 230.56 K
ghdef.dll Tue 26 Apr 2005 16:43:22 ..S.R 232,853 227.39 K
gjtuname.dll Mon 14 Mar 2005 20:33:44 ..S.R 234,644 229.14 K
gvlml3~1.dll Sun 15 May 2005 17:44:36 ..S.R 236,636 231.09 K
hr0u05~1.dll Sun 15 May 2005 15:31:48 ..S.R 233,188 227.72 K
i0240a~1.dll Sun 15 May 2005 16:26:00 ..S.R 232,946 227.48 K
i4420e~1.dll Tue 10 May 2005 21:31:02 ..S.R 232,346 226.90 K
i4jq0e~1.dll Sun 15 May 2005 16:13:00 ..S.R 232,993 227.53 K
i8jq0i~1.dll Sun 15 May 2005 15:00:28 ..S.R 232,995 227.53 K
idcenc.dll Sat 9 Apr 2005 11:06:26 ..S.R 234,608 229.11 K
iepeers.dll Thu 10 Mar 2005 9:02:34 A.... 250,880 245.00 K
iimontr.dll Sun 15 May 2005 15:41:40 ..S.R 236,636 231.09 K
iis.dll Mon 25 Apr 2005 10:29:42 ..S.R 232,853 227.39 K
ilsecsnp.dll Thu 17 Feb 2005 10:15:08 ..S.R 224,764 219.50 K
inseng.dll Thu 10 Mar 2005 9:02:34 A.... 96,256 94.00 K
io41_qc.dll Tue 1 Mar 2005 9:53:44 ..S.R 222,821 217.60 K
iosmsnap.dll Sat 14 May 2005 13:07:34 ..S.R 236,252 230.71 K
iqmon.dll Thu 24 Mar 2005 9:33:26 ..S.R 233,229 227.76 K
irjul5~1.dll Wed 4 May 2005 17:57:58 ..S.R 233,181 227.71 K
iyput.dll Tue 29 Mar 2005 9:17:54 ..S.R 235,902 230.37 K
j0l40a~1.dll Mon 25 Apr 2005 9:18:28 ..S.R 233,283 227.81 K
j0p00a~1.dll Mon 4 Apr 2005 17:08:24 ..S.R 234,404 228.91 K
j0p0la~1.dll Mon 16 May 2005 18:29:40 ..S.R 234,326 228.83 K
j66mlg~1.dll Wed 11 May 2005 23:22:14 ..S.R 235,438 229.92 K
jmdw400.dll Wed 9 Mar 2005 12:29:12 ..S.R 232,736 227.28 K
jtj207~1.dll Sun 15 May 2005 16:40:08 ..S.R 232,844 227.39 K
jtjs07~1.dll Sun 15 May 2005 15:51:56 ..S.R 233,094 227.63 K
jtnq07~1.dll Sun 15 May 2005 16:02:28 ..S.R 233,014 227.55 K
k0260a~1.dll Thu 28 Apr 2005 16:08:20 ..S.R 233,248 227.78 K
k026la~1.dll Mon 4 Apr 2005 14:34:26 ..S.R 235,954 230.42 K
kadcz.dll Sun 10 Apr 2005 17:21:34 ..S.R 233,244 227.78 K
kddsp.dll Wed 16 Mar 2005 15:12:52 ..S.R 235,982 230.45 K
kidsmsno.dll Sun 15 May 2005 11:26:16 ..S.R 236,636 231.09 K
kjylib32.dll Sun 15 May 2005 18:58:14 ..S.R 234,078 228.59 K
kldlt1.dll Wed 30 Mar 2005 13:19:36 ..S.R 234,083 228.59 K
kpdru1.dll Wed 30 Mar 2005 17:46:58 ..S.R 232,649 227.20 K
kpdsf.dll Tue 22 Mar 2005 20:30:28 ..S.R 233,229 227.76 K
ktl6l7~1.dll Sat 14 May 2005 15:58:56 ..S.R 233,554 228.08 K
ktp4l7~1.dll Tue 10 May 2005 21:02:42 ..S.R 232,962 227.50 K
kxdtuq.dll Mon 4 Apr 2005 14:34:26 ..S.R 234,334 228.84 K
kydusr.dll Wed 16 Mar 2005 10:47:18 ..S.R 234,644 229.14 K
kzdcr.dll Sun 15 May 2005 11:17:06 ..S.R 232,912 227.45 K
l2l60c~1.dll Sun 15 May 2005 13:25:02 ..S.R 232,912 227.45 K
lacodec2.dll Fri 13 May 2005 9:51:22 ..S.R 236,252 230.71 K
lcl60g~1.dll Thu 28 Apr 2005 16:34:00 ..S.R 233,248 227.78 K
lfdsvc.dll Sat 26 Feb 2005 11:49:14 ..S.R 222,821 217.60 K
lifax13n.dll Fri 1 Apr 2005 17:10:22 ..S.R 234,765 229.26 K
liprxy.dll Sun 15 May 2005 15:51:56 ..S.R 236,636 231.09 K
lwmib2.dll Tue 22 Mar 2005 14:23:14 ..S.R 232,533 227.08 K
m0640a~1.dll Tue 8 Mar 2005 15:39:30 ..S.R 224,829 219.56 K
mblaw7.dll Tue 10 May 2005 18:02:24 ..S.R 236,099 230.56 K
mccbase.dll Sun 15 May 2005 16:52:52 ..S.R 236,636 231.09 K
mdc40.dll Mon 28 Mar 2005 18:24:22 ..S.R 234,409 228.91 K
mdcomput.dll Tue 12 Apr 2005 10:29:50 ..S.R 235,122 229.61 K
mgafd.dll Sun 15 May 2005 13:39:54 ..S.R 236,636 231.09 K
mhexch40.dll Mon 21 Mar 2005 16:06:02 ..S.R 232,478 227.03 K
miifmp32.dll Sun 20 Mar 2005 18:12:10 ..S.R 233,471 227.99 K
mjltus40.dll Wed 4 May 2005 17:57:58 ..S.R 234,494 228.99 K
mkcbase.dll Fri 15 Apr 2005 9:09:48 ..S.R 232,853 227.39 K
mlawt.dll Mon 7 Mar 2005 19:13:48 A.... 225,927 220.63 K
mlc42enu.dll Wed 11 May 2005 23:58:26 ..S.R 234,272 228.78 K
mllslib.dll Wed 4 May 2005 9:26:38 ..S.R 233,173 227.71 K
mmdadiag.dll Sun 24 Apr 2005 22:05:38 ..S.R 236,247 230.71 K
mmddlc.dll Wed 9 Mar 2005 14:29:12 ..S.R 232,736 227.28 K
mmhtml.dll Sat 7 May 2005 9:55:56 ..S.R 232,947 227.48 K
moglibnt.dll Fri 11 Mar 2005 15:13:32 ..S.R 236,279 230.74 K
mpconf.dll Sun 15 May 2005 13:22:02 ..S.R 232,912 227.45 K
mrvidctl.dll Mon 4 Apr 2005 20:53:06 ..S.R 235,030 229.52 K
mshtml.dll Thu 10 Mar 2005 9:02:34 A.... 3,010,560 2.87 M
msi.dll Mon 21 Mar 2005 15:00:20 A.... 2,890,240 2.75 M
msihnd.dll Mon 21 Mar 2005 15:00:22 A.... 271,360 265.00 K
msimsg.dll Mon 21 Mar 2005 15:00:22 A.... 884,736 864.00 K
msisip.dll Mon 21 Mar 2005 15:00:22 A.... 15,360 15.00 K
msrating.dll Thu 10 Mar 2005 9:02:34 A.... 146,432 143.00 K
muc40.dll Thu 28 Apr 2005 9:04:02 ..S.R 232,853 227.39 K
mv80l9~1.dll Tue 10 May 2005 18:02:24 ..S.R 232,768 227.31 K
mvlml9~1.dll Sun 15 May 2005 15:41:40 ..S.R 233,305 227.84 K
mvn8l9~1.dll Sun 15 May 2005 17:29:52 ..S.R 233,665 228.19 K
mvp4l9~1.dll Mon 21 Mar 2005 17:41:50 ..S.R 234,012 228.53 K
mvrol9~1.dll Sun 3 Apr 2005 18:28:54 ..S.R 235,733 230.21 K
mwdart.dll Sun 15 May 2005 17:47:06 ..S.R 233,360 227.89 K
mwimg32.dll Sun 13 Mar 2005 11:17:20 ..S.R 236,279 230.74 K
mwjdbc10.dll Sat 19 Feb 2005 15:06:46 ..S.R 225,547 220.26 K
mwuni11.dll Tue 5 Apr 2005 9:58:18 ..S.R 234,334 228.84 K
myl_qic.dll Tue 8 Mar 2005 9:55:40 A.... 222,673 217.45 K
mzrepl40.dll Mon 11 Apr 2005 19:33:32 ..S.R 233,534 228.06 K
mzuni11.dll Sun 15 May 2005 16:02:28 ..S.R 236,636 231.09 K
nataud~1.dll Sun 15 May 2005 18:51:06 ..S.R 234,830 229.32 K
nldll.dll Sat 19 Mar 2005 19:31:04 ..S.R 232,478 227.03 K
nlmkcert.dll Thu 14 Apr 2005 20:02:22 ..S.R 236,247 230.71 K
nrth.dll Sun 15 May 2005 11:10:38 ..S.R 236,636 231.09 K
nslanui2.dll Sun 15 May 2005 17:29:54 ..S.R 236,636 231.09 K
nstman.dll Tue 29 Mar 2005 16:27:02 ..S.R 232,649 227.20 K
nv4_disp.dll Fri 1 Apr 2005 16:16:00 A.... 3,980,288 3.79 M
nvcod.dll Fri 1 Apr 2005 16:16:00 A.... 32,256 31.50 K
nvcodins.dll Fri 1 Apr 2005 16:16:00 A.... 32,256 31.50 K
nvcpl.dll Fri 1 Apr 2005 16:16:00 A.... 5,562,368 5.30 M
nvhwvid.dll Fri 1 Apr 2005 16:16:00 A.... 540,672 528.00 K
nview.dll Fri 1 Apr 2005 16:16:00 A.... 1,458,176 1.39 M
nvmctray.dll Fri 1 Apr 2005 16:16:00 A.... 86,016 84.00 K
nvnt4cpl.dll Fri 1 Apr 2005 16:16:00 A.... 286,720 280.00 K
nvoglnt.dll Fri 1 Apr 2005 16:16:00 A.... 5,332,992 5.09 M
nvshell.dll Fri 1 Apr 2005 16:16:00 A.... 466,944 456.00 K
nvwddi.dll Fri 1 Apr 2005 16:16:00 A.... 81,920 80.00 K
nvwdmcpl.dll Fri 1 Apr 2005 16:16:00 A.... 1,662,976 1.59 M
nvwimg.dll Fri 1 Apr 2005 16:16:00 A.... 1,019,904 996.00 K
o2480c~1.dll Sun 15 May 2005 15:12:14 ..S.R 233,157 227.69 K
oobccu32.dll Mon 16 May 2005 20:15:06 ..... 234,326 228.83 K
orbc32gt.dll Wed 23 Mar 2005 10:04:10 ..S.R 235,022 229.51 K
ozkley.dll Wed 9 Mar 2005 13:29:12 ..S.R 232,736 227.28 K
ozuninst.dll Sun 8 May 2005 12:05:34 ..S.R 234,706 229.20 K
p4r4le~1.dll Tue 29 Mar 2005 12:08:54 ..S.R 235,902 230.37 K
p8n8li~1.dll Sun 15 May 2005 15:22:08 ..S.R 233,665 228.19 K
pblege~1.dll Sun 15 May 2005 15:00:28 ..S.R 236,636 231.09 K
pncrt.dll Wed 16 Feb 2005 12:18:54 A.... 278,528 272.00 K
pndx5016.dll Wed 16 Feb 2005 12:18:58 A.... 6,656 6.50 K
pndx5032.dll Wed 16 Feb 2005 12:19:00 A.... 5,632 5.50 K
pth.dll Fri 25 Mar 2005 15:52:30 ..S.R 235,022 229.51 K
px.dll Fri 11 Mar 2005 23:28:10 ..... 339,968 332.00 K
pxdrv.dll Fri 11 Mar 2005 23:28:10 ..... 405,504 396.00 K
pxmas.dll Fri 11 Mar 2005 23:28:10 ..... 172,032 168.00 K
pxwave.dll Fri 11 Mar 2005 23:28:10 ..... 339,968 332.00 K
r6r60g~1.dll Mon 16 May 2005 12:32:20 ..S.R 233,952 228.47 K
r6r6lg~1.dll Tue 8 Mar 2005 9:55:40 ..S.R 224,369 219.11 K
rkpi.dll Sun 27 Feb 2005 19:58:06 ..S.R 222,821 217.60 K
rmoc3260.dll Wed 16 Feb 2005 12:19:06 A.... 176,167 172.04 K
rnbdyctl.dll Sun 3 Apr 2005 20:22:32 ..S.R 234,334 228.84 K
rovpperf.dll Sun 20 Feb 2005 19:09:00 ..S.R 222,821 217.60 K
s0rsla~1.dll Wed 11 May 2005 18:06:20 ..S.R 233,119 227.65 K
sarzilla.dll Tue 15 Feb 2005 9:10:40 A.... 102,400 100.00 K
scclient.dll Mon 2 May 2005 9:23:30 ..S.R 234,509 229.01 K
scell32.dll Tue 1 Mar 2005 11:00:00 ..S.R 224,612 219.35 K
sclsrv32.dll Mon 4 Apr 2005 17:08:24 ..S.R 234,334 228.84 K
sdlsrv32.dll Sun 15 May 2005 16:40:08 ..S.R 236,636 231.09 K
seudf.dll Sun 15 May 2005 11:03:08 ..S.R 236,636 231.09 K
sgi_ci.dll Tue 15 Mar 2005 18:15:34 ..S.R 235,013 229.50 K
shdocvw.dll Thu 10 Mar 2005 9:02:34 A.... 1,483,264 1.41 M
shell32.dll Tue 1 Mar 2005 0:11:18 A.... 8,450,048 8.06 M
shlwapi.dll Thu 10 Mar 2005 9:02:34 A.... 473,600 462.50 K
shncui.dll Thu 17 Feb 2005 10:35:28 ..S.R 223,035 217.80 K
slftpub.dll Tue 22 Mar 2005 15:49:04 ..S.R 232,533 227.08 K
sllsrv32.dll Sat 14 May 2005 15:58:56 ..S.R 236,636 231.09 K
snimeng.dll Mon 9 May 2005 16:59:46 ..S.R 235,934 230.40 K
snorage.dll Wed 9 Mar 2005 9:29:28 ..S.R 232,736 227.28 K
spmsg.dll Thu 24 Feb 2005 19:35:06 ..... 14,048 13.72 K
sqhannel.dll Tue 5 Apr 2005 10:42:30 ..S.R 234,717 229.21 K
ssgina.dll Sun 3 Apr 2005 20:31:34 ..S.R 234,334 228.84 K
ssncui.dll Wed 9 Mar 2005 17:02:40 ..S.R 232,736 227.28 K
svell32.dll Sun 15 May 2005 16:13:00 ..S.R 236,636 231.09 K
svrmdll.dll Wed 9 Mar 2005 9:29:32 ..S.R 232,736 227.28 K
ta11_css.dll Mon 4 Apr 2005 10:19:50 ..S.R 236,093 230.56 K
tbcfgwmi.dll Mon 21 Mar 2005 17:06:20 ..S.R 232,533 227.08 K
ujhisapi.dll Wed 9 Mar 2005 15:29:14 ..S.R 232,736 227.28 K
ujiime.dll Fri 6 May 2005 7:52:56 ..S.R 234,494 228.99 K
ulnp.dll Sat 9 Apr 2005 17:08:44 ..S.R 235,241 229.73 K
ultfs.dll Sat 14 May 2005 15:50:58 ..S.R 236,636 231.09 K
urat.dll Wed 9 Mar 2005 15:29:18 ..S.R 232,736 227.28 K
urlmon.dll Thu 10 Mar 2005 9:02:36 A.... 607,744 593.50 K
user32.dll Wed 2 Mar 2005 19:09:30 A.... 577,024 563.50 K
ustheme.dll Sun 15 May 2005 19:52:46 ..S.R 234,529 229.03 K
ustra.dll Tue 12 Apr 2005 17:54:04 ..S.R 235,818 230.29 K
vginit.dll Mon 16 May 2005 9:40:04 ..S.R 234,555 229.05 K
vsdata.dll Tue 19 Apr 2005 18:05:10 A.... 75,528 73.76 K
vsinit.dll Tue 19 Apr 2005 18:05:22 A.... 124,680 121.76 K
vsmonapi.dll Tue 19 Apr 2005 18:05:30 A.... 108,296 105.76 K
vspubapi.dll Tue 19 Apr 2005 18:05:34 A.... 198,408 193.76 K
vsutil.dll Tue 19 Apr 2005 18:05:50 A.... 354,056 345.76 K
vsxml.dll Tue 19 Apr 2005 18:06:00 A.... 100,096 97.75 K
vxblock.dll Fri 11 Mar 2005 23:28:10 ..... 28,672 28.00 K
wbcsvc.dll Mon 25 Apr 2005 9:18:28 ..S.R 232,853 227.39 K
wfv8dmod.dll Mon 4 Apr 2005 17:26:30 ..S.R 234,334 228.84 K
wgwfaxui.dll Sun 15 May 2005 18:35:44 ..S.R 233,360 227.89 K
wininet.dll Thu 10 Mar 2005 9:02:36 A.... 656,896 641.50 K
winsrv.dll Wed 2 Mar 2005 19:09:30 A.... 291,328 284.50 K
wlaueng.dll Mon 4 Apr 2005 18:26:08 ..S.R 234,334 228.84 K
wlvcore2.dll Mon 25 Apr 2005 10:44:12 ..S.R 233,753 228.27 K
wopui.dll Sat 26 Mar 2005 16:34:50 ..S.R 234,409 228.91 K
wun32spl.dll Thu 17 Mar 2005 18:04:04 ..S.R 232,478 227.03 K
wyasf.dll Sun 15 May 2005 11:13:30 ..S.R 236,636 231.09 K
wzaspint.dll Wed 9 Mar 2005 11:29:12 ..S.R 232,736 227.28 K
xmctsrv.dll Tue 3 May 2005 9:29:40 ..S.R 236,200 230.66 K
xrnroll.dll Fri 18 Mar 2005 10:15:16 ..S.R 233,987 228.50 K
zgcomm.dll Fri 18 Feb 2005 15:32:08 ..S.R 223,389 218.15 K
zlcomm.dll Tue 19 Apr 2005 18:06:20 A.... 75,528 73.76 K
zlcommdb.dll Tue 19 Apr 2005 18:06:24 A.... 67,336 65.76 K
ztcomm.dll Tue 10 May 2005 21:02:44 ..S.R 236,099 230.56 K
zvcomm.dll Tue 29 Mar 2005 16:21:40 ..S.R 232,649 227.20 K

240 items found: 240 files (186 H/S), 0 directories.
Total of file sizes: 89,081,107 bytes 84.95 M
Locate .tmp files:

C:\WINDOWS\SYSTEM32\
guard.tmp Mon 16 May 2005 20:17:06 ..S.R 234,326 228.83 K

1 item found: 1 file (1 H/S), 0 directories.
Total of file sizes: 234,326 bytes 228.83 K
**********************************************************************************
Directory Listing of system files:
Volume in drive C is Steve
Volume Serial Number is 7C1A-4BC9

Directory of C:\WINDOWS\System32

05/16/2005 20:17 234,326 guard.tmp
05/16/2005 20:09 233,256 dnj2011oe.dll
05/16/2005 18:29 234,326 j0p0la7m1d.dll
05/16/2005 12:32 233,952 r6r60g9se6.dll
05/16/2005 12:05 236,033 ayifil32.dll
05/16/2005 09:40 234,555 vginit.dll
05/15/2005 19:52 234,529 ustheme.dll
05/15/2005 18:58 234,078 KJYLIB32.dll
05/15/2005 18:51 234,830 NATAudioFile.dll
05/15/2005 18:35 233,360 wgwfaxui.dll
05/15/2005 18:28 236,636 cjcui.dll
05/15/2005 17:47 233,360 mwdart.dll
05/15/2005 17:44 236,636 gvlml3311.dll
05/15/2005 17:29 236,636 nslanui2.dll
05/15/2005 17:29 233,665 mvn8l95u1.dll
05/15/2005 17:07 236,636 dcvenum.dll
05/15/2005 17:07 233,266 en60l1jm1.dll
05/15/2005 16:52 236,636 mccbase.dll
05/15/2005 16:52 236,759 fp2m03f1e.dll
05/15/2005 16:40 236,636 sdlsrv32.dll
05/15/2005 16:40 232,844 jtj2071oe.dll
05/15/2005 16:25 236,636 frdrclnr.dll
05/15/2005 16:25 232,946 i0240afqed2e0.dll
05/15/2005 16:12 236,636 svell32.dll
05/15/2005 16:12 232,993 i4jq0e15eh.dll
05/15/2005 16:02 236,636 mzuni11.dll
05/15/2005 16:02 233,014 jtnq0755e.dll
05/15/2005 15:51 236,636 lIprxy.dll
05/15/2005 15:51 233,094 jtjs0717e.dll
05/15/2005 15:41 236,636 iimontr.dll
05/15/2005 15:41 233,305 mvlml9311.dll
05/15/2005 15:31 236,636 Ezcmlib.dll
05/15/2005 15:31 233,188 hr0u05d9e.dll
05/15/2005 15:22 236,636 drrpsetu.dll
05/15/2005 15:22 233,665 p8n8li5u18.dll
05/15/2005 15:12 236,636 aoapi.dll
05/15/2005 15:12 233,157 o2480chuef480.dll
05/15/2005 15:00 236,636 PBLEGetGuid.dll
05/15/2005 15:00 232,995 i8jq0i15e8.dll
05/15/2005 13:39 236,636 mgafd.dll
05/15/2005 13:37 236,636 en6sl1j71.dll
05/15/2005 13:26 236,636 3nvxVfWCodec.dll
05/15/2005 13:25 232,912 l2l60c3sef.dll
05/15/2005 13:22 232,912 mpconf.dll
05/15/2005 11:26 236,636 kidsmsno.dll
05/15/2005 11:17 232,912 kzdcr.dll
05/15/2005 11:13 236,636 wyasf.dll
05/15/2005 11:10 236,636 nrth.dll
05/15/2005 11:03 236,636 seudf.dll
05/14/2005 15:58 236,636 sllsrv32.dll
05/14/2005 15:58 233,554 ktl6l73s1.dll
05/14/2005 15:50 236,636 ultfs.dll
05/14/2005 13:46 236,252 aza4l7hq1.dll
05/14/2005 13:07 236,252 iosmsnap.dll
05/13/2005 20:13 236,636 cyyptnet.dll
05/13/2005 09:51 236,252 lacodec2.dll
05/11/2005 23:58 234,272 MLC42ENU.DLL
05/11/2005 23:22 235,438 j66mlgj116o.dll
05/11/2005 18:06 233,119 s0rsla971d.dll
05/11/2005 17:01 232,417 aza0017me.dll
05/11/2005 07:19 232,385 aqrsvc.dll
05/10/2005 22:09 236,099 dn0m01d1e.dll
05/10/2005 21:47 236,099 dStaclen.dll
05/10/2005 21:31 236,099 fzsst.dll
05/10/2005 21:31 232,346 i4420ehoeh4c0.dll
05/10/2005 21:02 236,099 ztcomm.dll
05/10/2005 21:02 232,962 ktp4l77q1.dll
05/10/2005 18:02 236,099 mblaw7.dll
05/10/2005 18:02 232,768 mv80l9lm1.dll
05/09/2005 16:59 235,934 snimeng.dll
05/09/2005 07:57 232,846 dtuiext.dll
05/08/2005 12:05 234,706 ozuninst.dll
05/07/2005 09:55 232,947 mmhtml.dll
05/07/2005 01:13 235,753 edccmd.dll
05/06/2005 07:52 234,494 ujiime.dll
05/05/2005 11:29 233,248 dkmap.dll
05/04/2005 17:57 234,494 mjltus40.dll
05/04/2005 17:57 233,181 irjul5191.dll
05/04/2005 09:26 233,173 mLlslib.dll
05/03/2005 09:29 236,200 xMctsrv.dll
05/02/2005 12:22 235,958 dkp0017me.dll
05/02/2005 09:23 234,509 scclient.dll
05/01/2005 18:29 235,958 DqakeCom.dll
04/28/2005 17:32 234,509 eeent.dll
04/28/2005 16:33 233,248 lCl60g3se6.dll
04/28/2005 16:08 233,248 k0260afsed260.dll
04/28/2005 09:04 232,853 muc40.dll
04/28/2005 09:04 233,629 aza40ajqedoe0.dll
04/26/2005 20:16 232,853 fpp2037oe.dll
04/26/2005 16:43 232,853 ghdef.dll
04/25/2005 10:44 233,753 wlvcore2.dll
04/25/2005 10:42 <DIR> dllcache
04/25/2005 10:29 232,853 iis.dll
04/25/2005 09:18 232,853 wbcsvc.dll
04/25/2005 09:18 233,283 j0l40a3qed.dll
04/24/2005 22:05 236,247 mmdadiag.dll
04/15/2005 09:09 232,853 mkcbase.dll
04/14/2005 20:02 236,247 nlmkcert.dll
04/12/2005 17:54 235,818 Ustra.dll
04/12/2005 10:29 235,122 mdcomput.dll
04/11/2005 19:33 233,534 mzrepl40.dll
04/10/2005 17:21 233,244 kadcz.dll
04/10/2005 13:42 235,548 fzsext32.dll
04/09/2005 17:08 235,241 ulnp.dll
04/09/2005 11:06 234,608 iDcenc.dll
04/07/2005 12:55 234,334 dCdxof.dll
04/05/2005 10:42 234,717 sqhannel.dll
04/05/2005 09:58 234,334 mwuni11.dll
04/04/2005 20:53 235,030 mrvidctl.dll
04/04/2005 18:26 234,334 wlaueng.dll
04/04/2005 17:26 234,334 wfv8dmod.dll
04/04/2005 17:26 235,905 enpql1751.dll
04/04/2005 17:08 234,334 sclsrv32.dll
04/04/2005 17:08 234,404 j0p00a7med.dll
04/04/2005 14:34 234,334 kxdtuq.dll
04/04/2005 14:34 235,954 k026lafs1d26.dll
04/04/2005 10:19 236,093 ta11_css.dll
04/03/2005 20:31 234,334 ssgina.dll
04/03/2005 20:22 234,334 rnbdyctl.dll
04/03/2005 20:22 234,827 fpr4039qe.dll
04/03/2005 18:28 234,334 drrgsnap.dll
04/03/2005 18:28 235,733 mvrol9931.dll
04/01/2005 17:10 234,765 lifax13n.dll
03/31/2005 15:28 234,334 amwav.dll
03/30/2005 17:46 232,649 kpdru1.dll
03/30/2005 13:19 234,083 kldlt1.dll
03/29/2005 16:27 232,649 nstman.dll
03/29/2005 16:21 232,649 zvcomm.dll
03/29/2005 12:08 235,902 p4r4le9q1h.dll
03/29/2005 09:17 235,902 iyput.dll
03/28/2005 18:24 234,409 mdc40.dll
03/27/2005 10:26 234,604 akwav.dll
03/26/2005 16:34 234,409 wopui.dll
03/26/2005 11:26 233,229 ctutil.dll
03/25/2005 15:52 235,022 pth.dll
03/24/2005 09:33 233,229 iqmon.dll
03/23/2005 10:04 235,022 orbc32gt.dll
03/22/2005 20:30 233,229 kpdsf.dll
03/22/2005 15:49 232,533 slftpub.dll
03/22/2005 14:23 232,533 lwmib2.dll
03/22/2005 14:23 233,416 fp8803lue.dll
03/21/2005 17:41 232,533 dnsynth.dll
03/21/2005 17:41 234,012 mvp4l97q1.dll
03/21/2005 17:06 232,533 tbcfgwmi.dll
03/21/2005 17:05 232,478 dn0u01d9e.dll
03/21/2005 16:06 232,478 mhexch40.dll
03/20/2005 18:12 233,471 miifmp32.dll
03/19/2005 19:31 232,478 nldll.dll
03/18/2005 10:15 233,987 xrnroll.dll
03/17/2005 18:04 232,478 wun32spl.dll
03/16/2005 15:12 235,982 kddsp.dll
03/16/2005 10:47 234,644 kydusr.dll
03/15/2005 18:15 235,013 sgi_ci.dll
03/14/2005 20:33 234,644 gjtuname.dll
03/14/2005 11:06 233,854 fcsext32.dll
03/13/2005 11:17 236,279 mwimg32.dll
03/12/2005 20:29 232,478 fhst30.dll
03/11/2005 15:13 236,279 moglibnt.dll
03/10/2005 13:15 234,943 awrsvc.dll
03/09/2005 18:35 233,777 dmnlobby.dll
03/09/2005 17:02 232,736 ssncui.dll
03/09/2005 15:29 232,736 urat.dll
03/09/2005 15:29 232,736 ujhisapi.dll
03/09/2005 14:29 232,736 mmddlc.dll
03/09/2005 13:29 232,736 oZkley.dll
03/09/2005 12:29 232,736 jmdw400.dll
03/09/2005 11:29 232,736 WZASPINT.DLL
03/09/2005 10:29 232,736 dwdmo.dll
03/09/2005 09:29 232,736 svrmdll.dll
03/09/2005 09:29 232,736 snorage.dll
03/09/2005 09:28 224,892 fp2q03f5e.dll
03/08/2005 15:39 224,829 m0640ajqedoe0.dll
03/08/2005 09:55 224,369 r6r6lg9s16.dll
03/06/2005 19:06 224,981 azl.dll
03/02/2005 10:41 224,981 dlsetup.dll
03/01/2005 10:59 224,612 scell32.dll
03/01/2005 09:53 222,821 io41_qc.dll
02/28/2005 09:26 223,470 atwav.dll
02/27/2005 19:58 222,821 rKpi.dll
02/27/2005 12:35 224,142 casbrkr.dll
02/26/2005 11:49 222,821 lfdsvc.dll
02/25/2005 18:55 224,064 fyntext.dll
02/20/2005 19:08 222,821 rovpperf.dll
02/19/2005 15:06 225,547 mwjdbc10.dll
02/19/2005 10:41 225,273 Ercmlib.dll
02/18/2005 15:32 223,389 zgcomm.dll
02/17/2005 10:35 223,035 shncui.dll
02/17/2005 10:15 224,764 ilsecsnp.dll
02/15/2005 16:05 952 KGyGaAvL.sys
02/14/2005 18:49 222,822 mdd32.dll
02/14/2005 10:29 222,822 msd32.dll
02/14/2005 10:29 224,614 s2rslc971f.dll
02/13/2005 21:15 224,129 bpowsewm.dll
02/13/2005 20:33 222,822 nstplwiz.dll
02/04/2005 16:35 224,129 MGC71u.dll
02/03/2005 11:41 222,822 SKRIPTLE.DLL
02/03/2005 11:35 222,822 waaspi32.dll
02/03/2005 11:33 225,716 h84m0ih1e84.dll
02/02/2005 10:33 225,716 kldit.dll
02/02/2005 07:42 225,127 uwerenv.dll
02/01/2005 22:03 222,885 dz32gt.dll
02/01/2005 08:11 225,127 3lvxVfWCodec.dll
01/31/2005 22:17 224,991 flsapi.dll
01/31/2005 21:59 224,991 WHPAPI32.DLL
01/31/2005 21:59 226,065 j4p0le7m1h.dll
01/31/2005 21:41 224,991 ptnppagn.dll
01/31/2005 21:41 225,312 dn2o01f3e.dll
01/31/2005 20:50 224,991 ifclass.dll
01/31/2005 20:50 225,221 h0l20a3oed.dll
01/31/2005 20:32 224,991 doconfig.dll
01/31/2005 20:32 225,062 dnp0017me.dll
01/31/2005 20:15 224,991 xLctsrv.dll
01/31/2005 20:15 223,167 mvjul9191.dll
01/31/2005 19:41 224,991 notman.dll
01/31/2005 19:41 223,159 gp0ul3d91.dll
01/31/2005 19:23 224,991 lRprxy.dll
01/31/2005 19:23 223,009 gp06l3ds1.dll
01/31/2005 17:47 224,991 mvcoree.dll
01/31/2005 17:47 223,206 ktrul7991.dll
01/31/2005 17:38 224,991 lTprxy.dll
01/31/2005 17:38 223,042 mv66l9js1.dll
01/31/2005 17:12 224,991 dxsshlex.dll
01/31/2005 17:12 222,987 mvnql9551.dll
01/31/2005 10:21 224,991 iwrop.dll
01/31/2005 10:21 225,454 fp6403jqe.dll
01/30/2005 18:21 225,281 wdasf.dll
01/29/2005 11:02 224,991 uglmon.dll
01/28/2005 10:17 223,166 lc32.dll
01/27/2005 11:23 224,991 sacsccp.dll
01/26/2005 11:55 224,795 iEsnap.dll
01/25/2005 18:17 226,095 idetres.dll
01/25/2005 11:07 224,795 mmcoree.dll
01/24/2005 21:29 224,020 uver32.dll
01/24/2005 21:28 224,020 oRkley.dll
01/24/2005 21:28 225,138 e8jmli1118.dll
01/23/2005 20:14 223,166 nhtui0.dll
01/23/2005 18:56 224,020 mcisam11.dll
01/22/2005 11:31 223,166 sdorage.dll
01/22/2005 11:30 223,166 merepl40.dll
01/21/2005 19:56 224,639 dnpq0175e.dll
01/21/2005 18:22 224,639 cnc.dll
01/21/2005 18:20 224,639 seorage.dll
01/21/2005 16:06 223,212 r0p80a7ued.dll
01/21/2005 11:59 223,212 sqarddlg.dll
01/19/2005 11:25 224,639 NYTWMAFile.dll
01/18/2005 15:39 224,002 npmarta.dll
01/18/2005 15:27 223,853 ducpcsvc.dll
01/18/2005 15:27 225,393 l04qlah51d4.dll
01/18/2005 15:25 223,853 wnaservc.dll
01/18/2005 15:25 224,986 gplml3311.dll
01/18/2005 15:23 223,853 nrdeapi.dll
01/18/2005 15:23 225,426 gppql3751.dll
01/18/2005 15:21 223,853 kxdinben.dll
01/16/2005 15:18 225,676 q0860alsedq60.dll
01/16/2005 13:17 225,676 dmvx_xx0c.dll
01/15/2005 17:42 223,853 kdd101a.dll
01/15/2005 17:25 223,853 donwsock.dll
01/15/2005 17:23 225,624 gpn0l35m1.dll
01/15/2005 17:21 225,550 jtro0793e.dll
01/15/2005 17:21 224,317 m4640ejqehoe0.dll
01/15/2005 11:52 223,853 myiseq.dll
01/15/2005 11:52 225,192 mvlol9331.dll
01/14/2005 17:31 225,301 oaepro32.dll
01/13/2005 22:07 223,853 nclanui2.dll
01/12/2005 19:56 223,815 WQASPINT.DLL
01/12/2005 19:53 223,815 mtisam11.dll
01/12/2005 19:53 225,762 kt4ul7h91.dll
01/12/2005 19:51 223,815 ikhlpapi.dll
01/12/2005 19:51 224,899 k480lelm1hqa.dll
01/12/2005 19:49 223,815 cjrtc.dll
01/12/2005 19:49 225,778 gp6ul3j91.dll
01/12/2005 19:47 223,815 uier32.dll
01/12/2005 19:45 223,056 l6l60g3se6.dll
01/12/2005 19:37 223,056 MPC70.DLL
01/12/2005 18:47 223,815 xssp2res.dll
01/12/2005 18:00 223,056 eecwiad.dll
01/12/2005 16:43 226,210 mmcomput.dll
01/12/2005 07:35 224,905 nytevent.dll
01/12/2005 07:33 224,905 khdla.dll
01/11/2005 23:05 223,738 kt44l7hq1.dll
01/11/2005 20:22 223,738 bltsprx3.dll
01/10/2005 22:37 223,738 lCprxy.dll
01/10/2005 22:37 224,155 jtj4071qe.dll
01/10/2005 22:08 224,558 m0280afued280.dll
01/10/2005 09:29 223,738 njvdmd.dll
01/10/2005 09:28 223,009 irr4l59q1.dll
01/10/2005 09:13 223,009 PAIKey.dll
01/10/2005 09:02 224,735 iu50_32.dll
01/09/2005 18:38 224,735 ORComC.dll
01/07/2005 17:32 56 0ACA134111.sys
01/05/2002 04:40 487,424 msvcp70.dll
12/30/2001 22:50 <DIR> Microsoft
290 File(s) 66,577,000 bytes
2 Dir(s) 7,178,346,496 bytes free

#5 Guest_Cretemonster_*

Guest_Cretemonster_*

  • Guests
  • OFFLINE
  •  

Posted 16 May 2005 - 07:11 PM

Yes Sir thats it,this will take several passes and much patience to get through!!

The Use of the P2P Programs will be the source of the troubles,I highly recommend losing them and looking for other options for downloading Music!!!

I will see what I can dig up in the way of a legit program for you to use,once we get the System cleaned!!

During this next step,please make sure that All Windows and Browser are Closed prior to running the next step of the L2MFix!!! This Step will automatically Restart the PC!!

From the l2mfix folder on your desktop, double click l2mfix.bat and select option #2 for Run Fix by typing 2 and then pressing enter, then press any key to reboot your computer.

After a reboot, your desktop and icons will appear, then disappear (this is normal). L2mfix will continue to scan your computer and when it's finished, notepad will open with a log.

Copy the contents of that log and paste it back into this thread, along with a new hijackthis log.

IMPORTANT: Do NOT run any other files in the l2mfix folder until you are asked to do so!

#6 sdstocks

sdstocks
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:04:24 PM

Posted 17 May 2005 - 02:44 AM

OK, here's the L2M log

L2Mfix 1.03

Running From:
C:\Documents and Settings\Steve\Desktop\l2mfix



RegDACL 5.1 - Permissions Manager for Registry keys for Windows NT 4 and above
Copyright © 1999-2001 Frank Heyne Software (http://www.heysoft.de)
This program is Freeware, use it on your own risk!

Access Control List for Registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify:
(NI) ALLOW Full access NT AUTHORITY\SYSTEM
(IO) ALLOW Full access NT AUTHORITY\SYSTEM
(ID-NI) ALLOW Read BUILTIN\Users
(ID-IO) ALLOW Read BUILTIN\Users
(ID-NI) ALLOW Full access BUILTIN\Administrators
(ID-IO) ALLOW Full access BUILTIN\Administrators
(ID-NI) ALLOW Full access NT AUTHORITY\SYSTEM
(ID-IO) ALLOW Full access NT AUTHORITY\SYSTEM
(ID-IO) ALLOW Full access CREATOR OWNER



Setting registry permissions:


RegDACL 5.1 - Permissions Manager for Registry keys for Windows NT 4 and above
Copyright © 1999-2001 Frank Heyne Software (http://www.heysoft.de)
This program is Freeware, use it on your own risk!


Denying C(CI) access for predefined group "Administrators"
- adding new ACCESS DENY entry


Registry Permissions set too:

RegDACL 5.1 - Permissions Manager for Registry keys for Windows NT 4 and above
Copyright © 1999-2001 Frank Heyne Software (http://www.heysoft.de)
This program is Freeware, use it on your own risk!

Access Control List for Registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify:
(CI) DENY --C------- BUILTIN\Administrators
(NI) ALLOW Full access NT AUTHORITY\SYSTEM
(IO) ALLOW Full access NT AUTHORITY\SYSTEM
(ID-NI) ALLOW Read BUILTIN\Users
(ID-IO) ALLOW Read BUILTIN\Users
(ID-NI) ALLOW Full access BUILTIN\Administrators
(ID-IO) ALLOW Full access BUILTIN\Administrators
(ID-NI) ALLOW Full access NT AUTHORITY\SYSTEM
(ID-IO) ALLOW Full access NT AUTHORITY\SYSTEM
(ID-IO) ALLOW Full access CREATOR OWNER



Setting up for Reboot


Starting Reboot!

C:\Documents and Settings\Steve\Desktop\l2mfix
System Rebooted!

Running From:
C:\Documents and Settings\Steve\Desktop\l2mfix

killing explorer and rundll32.exe

Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03
Copyright© 2002-2003 Craig.Peacock@beyondlogic.org
Killing PID 1484 'explorer.exe'

Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03
Copyright© 2002-2003 Craig.Peacock@beyondlogic.org
Error, Cannot find a process with an image name of rundll32.exe

Scanning First Pass. Please Wait!

First Pass Completed

Second Pass Scanning

Second pass Completed!
Backing Up: C:\WINDOWS\system32\3lvxVfWCodec.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\3nvxVfWCodec.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\akwav.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\amwav.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\aoapi.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\aqrsvc.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\atwav.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\awrsvc.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\ayifil32.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\aza0017me.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\aza40ajqedoe0.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\aza4l7hq1.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\azl.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\bltsprx3.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\bpowsewm.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\casbrkr.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\cjcui.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\cjrtc.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\cnc.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\ctutil.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\cyyptnet.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\dCdxof.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\dcvenum.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\dkmap.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\dkp0017me.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\dlsetup.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\dmnlobby.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\dmvx_xx0c.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\dn0m01d1e.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\dn0u01d9e.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\dn2o01f3e.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\dnj2011oe.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\dnp0017me.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\dnpq0175e.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\dnsynth.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\doconfig.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\donwsock.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\DqakeCom.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\drrgsnap.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\drrpsetu.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\dStaclen.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\dtuiext.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\ducpcsvc.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\dwdmo.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\dxsshlex.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\dz32gt.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\e8jmli1118.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\edccmd.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\eecwiad.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\eeent.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\en60l1jm1.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\en6sl1j71.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\enpql1751.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\Ercmlib.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\Ezcmlib.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\fcsext32.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\fhst30.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\flsapi.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\fp2m03f1e.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\fp2q03f5e.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\fp6403jqe.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\fp8803lue.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\fpp2037oe.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\fpr4039qe.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\frdrclnr.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\fyntext.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\fzsext32.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\fzsst.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\ghdef.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\gjtuname.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\gp06l3ds1.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\gp0ul3d91.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\gp6ul3j91.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\gplml3311.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\gpn0l35m1.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\gppql3751.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\gvlml3311.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\h0l20a3oed.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\h84m0ih1e84.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\hr0u05d9e.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\i0240afqed2e0.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\i4420ehoeh4c0.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\i4jq0e15eh.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\i8jq0i15e8.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\iDcenc.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\idetres.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\iEsnap.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\ifclass.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\iimontr.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\iis.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\ikhlpapi.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\ilsecsnp.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\io41_qc.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\iosmsnap.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\iqmon.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\irjul5191.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\irr4l59q1.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\iu50_32.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\iwrop.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\iyput.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\j0l40a3qed.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\j0p00a7med.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\j4p0le7m1h.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\j66mlgj116o.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\jmdw400.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\jtj2071oe.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\jtj4071qe.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\jtjs0717e.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\jtnq0755e.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\jtro0793e.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\k0260afsed260.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\k026lafs1d26.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\k480lelm1hqa.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\kadcz.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\kdd101a.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\kddsp.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\kfymgr.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\khdla.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\kidsmsno.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\KJYLIB32.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\kldit.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\kldlt1.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\kpdru1.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\kpdsf.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\kt44l7hq1.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\kt4ul7h91.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\ktl6l73s1.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\ktp4l77q1.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\ktrul7991.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\kxdinben.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\kxdtuq.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\kydusr.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\kzdcr.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\l04qlah51d4.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\l2l60c3sef.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\l6l60g3se6.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\lacodec2.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\lc32.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\lCl60g3se6.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\lCprxy.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\lfdsvc.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\lifax13n.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\lIprxy.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\lRprxy.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\lTprxy.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\lwmib2.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\m0280afued280.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\m0640ajqedoe0.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\m4640ejqehoe0.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\mblaw7.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\mccbase.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\mcisam11.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\mdc40.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\mdcomput.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\mdd32.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\merepl40.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\mgafd.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\MGC71u.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\mhexch40.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\miifmp32.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\mjltus40.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\mkcbase.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\mlawt.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\MLC42ENU.DLL
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\mLlslib.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\mmcomput.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\mmcoree.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\mmdadiag.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\mmddlc.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\mmhtml.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\moglibnt.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\MPC70.DLL
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\mpconf.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\mrvidctl.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\msd32.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\mtisam11.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\muc40.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\mv66l9js1.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\mv80l9lm1.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\mvcoree.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\mvjul9191.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\mvlml9311.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\mvlol9331.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\mvn8l95u1.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\mvnql9551.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\mvp4l97q1.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\mvrol9931.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\mwdart.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\mwimg32.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\mwjdbc10.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\mwuni11.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\myiseq.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\myl_qic.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\mzrepl40.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\mzuni11.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\NATAudioFile.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\nclanui2.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\nhtui0.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\njvdmd.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\nldll.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\nlmkcert.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\notman.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\npmarta.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\nrdeapi.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\nrth.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\nslanui2.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\nstman.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\nstplwiz.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\nytevent.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\NYTWMAFile.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\o2480chuef480.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\oaepro32.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\orbc32gt.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\ORComC.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\oRkley.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\oZkley.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\ozuninst.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\p4r4le9q1h.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\p8n8li5u18.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\PAIKey.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\PBLEGetGuid.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\pth.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\ptnppagn.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\q0860alsedq60.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\r0p80a7ued.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\r6r60g9se6.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\r6r6lg9s16.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\rKpi.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\rnbdyctl.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\rovpperf.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\rvutetab.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\s0rsla971d.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\s2rslc971f.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\sacsccp.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\scclient.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\scell32.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\sclsrv32.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\sdlsrv32.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\sdorage.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\seorage.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\seudf.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\sgi_ci.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\shncui.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\SKRIPTLE.DLL
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\slftpub.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\sllsrv32.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\snimeng.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\snorage.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\sqarddlg.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\sqhannel.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\ssgina.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\ssncui.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\svell32.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\svrmdll.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\ta11_css.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\tbcfgwmi.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\uglmon.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\uier32.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\ujhisapi.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\ujiime.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\ulnp.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\ultfs.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\urat.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\ustheme.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\Ustra.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\uver32.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\uwerenv.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\vginit.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\waaspi32.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\wbcsvc.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\wdasf.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\wfv8dmod.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\wgwfaxui.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\WHPAPI32.DLL
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\whwfaxui.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\wlaueng.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\wlvcore2.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\wnaservc.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\wopui.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\WQASPINT.DLL
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\wun32spl.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\wyasf.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\WZASPINT.DLL
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\xLctsrv.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\xMctsrv.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\xrnroll.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\xssp2res.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\zgcomm.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\ztcomm.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\zvcomm.dll
1 file(s) copied.
Backing Up: C:\WINDOWS\system32\guard.tmp
1 file(s) copied.
deleting: C:\WINDOWS\system32\3lvxVfWCodec.dll
Successfully Deleted: C:\WINDOWS\system32\3lvxVfWCodec.dll
deleting: C:\WINDOWS\system32\3nvxVfWCodec.dll
Successfully Deleted: C:\WINDOWS\system32\3nvxVfWCodec.dll
deleting: C:\WINDOWS\system32\akwav.dll
Successfully Deleted: C:\WINDOWS\system32\akwav.dll
deleting: C:\WINDOWS\system32\amwav.dll
Successfully Deleted: C:\WINDOWS\system32\amwav.dll
deleting: C:\WINDOWS\system32\aoapi.dll
Successfully Deleted: C:\WINDOWS\system32\aoapi.dll
deleting: C:\WINDOWS\system32\aqrsvc.dll
Successfully Deleted: C:\WINDOWS\system32\aqrsvc.dll
deleting: C:\WINDOWS\system32\atwav.dll
Successfully Deleted: C:\WINDOWS\system32\atwav.dll
deleting: C:\WINDOWS\system32\awrsvc.dll
Successfully Deleted: C:\WINDOWS\system32\awrsvc.dll
deleting: C:\WINDOWS\system32\ayifil32.dll
Successfully Deleted: C:\WINDOWS\system32\ayifil32.dll
deleting: C:\WINDOWS\system32\aza0017me.dll
Successfully Deleted: C:\WINDOWS\system32\aza0017me.dll
deleting: C:\WINDOWS\system32\aza40ajqedoe0.dll
Successfully Deleted: C:\WINDOWS\system32\aza40ajqedoe0.dll
deleting: C:\WINDOWS\system32\aza4l7hq1.dll
Successfully Deleted: C:\WINDOWS\system32\aza4l7hq1.dll
deleting: C:\WINDOWS\system32\azl.dll
Successfully Deleted: C:\WINDOWS\system32\azl.dll
deleting: C:\WINDOWS\system32\bltsprx3.dll
Successfully Deleted: C:\WINDOWS\system32\bltsprx3.dll
deleting: C:\WINDOWS\system32\bpowsewm.dll
Successfully Deleted: C:\WINDOWS\system32\bpowsewm.dll
deleting: C:\WINDOWS\system32\casbrkr.dll
Successfully Deleted: C:\WINDOWS\system32\casbrkr.dll
deleting: C:\WINDOWS\system32\cjcui.dll
Successfully Deleted: C:\WINDOWS\system32\cjcui.dll
deleting: C:\WINDOWS\system32\cjrtc.dll
Successfully Deleted: C:\WINDOWS\system32\cjrtc.dll
deleting: C:\WINDOWS\system32\cnc.dll
Successfully Deleted: C:\WINDOWS\system32\cnc.dll
deleting: C:\WINDOWS\system32\ctutil.dll
Successfully Deleted: C:\WINDOWS\system32\ctutil.dll
deleting: C:\WINDOWS\system32\cyyptnet.dll
Successfully Deleted: C:\WINDOWS\system32\cyyptnet.dll
deleting: C:\WINDOWS\system32\dCdxof.dll
Successfully Deleted: C:\WINDOWS\system32\dCdxof.dll
deleting: C:\WINDOWS\system32\dcvenum.dll
Successfully Deleted: C:\WINDOWS\system32\dcvenum.dll
deleting: C:\WINDOWS\system32\dkmap.dll
Successfully Deleted: C:\WINDOWS\system32\dkmap.dll
deleting: C:\WINDOWS\system32\dkp0017me.dll
Successfully Deleted: C:\WINDOWS\system32\dkp0017me.dll
deleting: C:\WINDOWS\system32\dlsetup.dll
Successfully Deleted: C:\WINDOWS\system32\dlsetup.dll
deleting: C:\WINDOWS\system32\dmnlobby.dll
Successfully Deleted: C:\WINDOWS\system32\dmnlobby.dll
deleting: C:\WINDOWS\system32\dmvx_xx0c.dll
Successfully Deleted: C:\WINDOWS\system32\dmvx_xx0c.dll
deleting: C:\WINDOWS\system32\dn0m01d1e.dll
Successfully Deleted: C:\WINDOWS\system32\dn0m01d1e.dll
deleting: C:\WINDOWS\system32\dn0u01d9e.dll
Successfully Deleted: C:\WINDOWS\system32\dn0u01d9e.dll
deleting: C:\WINDOWS\system32\dn2o01f3e.dll
Successfully Deleted: C:\WINDOWS\system32\dn2o01f3e.dll
deleting: C:\WINDOWS\system32\dnj2011oe.dll
Successfully Deleted: C:\WINDOWS\system32\dnj2011oe.dll
deleting: C:\WINDOWS\system32\dnp0017me.dll
Successfully Deleted: C:\WINDOWS\system32\dnp0017me.dll
deleting: C:\WINDOWS\system32\dnpq0175e.dll
Successfully Deleted: C:\WINDOWS\system32\dnpq0175e.dll
deleting: C:\WINDOWS\system32\dnsynth.dll
Successfully Deleted: C:\WINDOWS\system32\dnsynth.dll
deleting: C:\WINDOWS\system32\doconfig.dll
Successfully Deleted: C:\WINDOWS\system32\doconfig.dll
deleting: C:\WINDOWS\system32\donwsock.dll
Successfully Deleted: C:\WINDOWS\system32\donwsock.dll
deleting: C:\WINDOWS\system32\DqakeCom.dll
Successfully Deleted: C:\WINDOWS\system32\DqakeCom.dll
deleting: C:\WINDOWS\system32\drrgsnap.dll
Successfully Deleted: C:\WINDOWS\system32\drrgsnap.dll
deleting: C:\WINDOWS\system32\drrpsetu.dll
Successfully Deleted: C:\WINDOWS\system32\drrpsetu.dll
deleting: C:\WINDOWS\system32\dStaclen.dll
Successfully Deleted: C:\WINDOWS\system32\dStaclen.dll
deleting: C:\WINDOWS\system32\dtuiext.dll
Successfully Deleted: C:\WINDOWS\system32\dtuiext.dll
deleting: C:\WINDOWS\system32\ducpcsvc.dll
Successfully Deleted: C:\WINDOWS\system32\ducpcsvc.dll
deleting: C:\WINDOWS\system32\dwdmo.dll
Successfully Deleted: C:\WINDOWS\system32\dwdmo.dll
deleting: C:\WINDOWS\system32\dxsshlex.dll
Successfully Deleted: C:\WINDOWS\system32\dxsshlex.dll
deleting: C:\WINDOWS\system32\dz32gt.dll
Successfully Deleted: C:\WINDOWS\system32\dz32gt.dll
deleting: C:\WINDOWS\system32\e8jmli1118.dll
Successfully Deleted: C:\WINDOWS\system32\e8jmli1118.dll
deleting: C:\WINDOWS\system32\edccmd.dll
Successfully Deleted: C:\WINDOWS\system32\edccmd.dll
deleting: C:\WINDOWS\system32\eecwiad.dll
Successfully Deleted: C:\WINDOWS\system32\eecwiad.dll
deleting: C:\WINDOWS\system32\eeent.dll
Successfully Deleted: C:\WINDOWS\system32\eeent.dll
deleting: C:\WINDOWS\system32\en60l1jm1.dll
Successfully Deleted: C:\WINDOWS\system32\en60l1jm1.dll
deleting: C:\WINDOWS\system32\en6sl1j71.dll
Successfully Deleted: C:\WINDOWS\system32\en6sl1j71.dll
deleting: C:\WINDOWS\system32\enpql1751.dll
Successfully Deleted: C:\WINDOWS\system32\enpql1751.dll
deleting: C:\WINDOWS\system32\Ercmlib.dll
Successfully Deleted: C:\WINDOWS\system32\Ercmlib.dll
deleting: C:\WINDOWS\system32\Ezcmlib.dll
Successfully Deleted: C:\WINDOWS\system32\Ezcmlib.dll
deleting: C:\WINDOWS\system32\fcsext32.dll
Successfully Deleted: C:\WINDOWS\system32\fcsext32.dll
deleting: C:\WINDOWS\system32\fhst30.dll
Successfully Deleted: C:\WINDOWS\system32\fhst30.dll
deleting: C:\WINDOWS\system32\flsapi.dll
Successfully Deleted: C:\WINDOWS\system32\flsapi.dll
deleting: C:\WINDOWS\system32\fp2m03f1e.dll
Successfully Deleted: C:\WINDOWS\system32\fp2m03f1e.dll
deleting: C:\WINDOWS\system32\fp2q03f5e.dll
Successfully Deleted: C:\WINDOWS\system32\fp2q03f5e.dll
deleting: C:\WINDOWS\system32\fp6403jqe.dll
Successfully Deleted: C:\WINDOWS\system32\fp6403jqe.dll
deleting: C:\WINDOWS\system32\fp8803lue.dll
Successfully Deleted: C:\WINDOWS\system32\fp8803lue.dll
deleting: C:\WINDOWS\system32\fpp2037oe.dll
Successfully Deleted: C:\WINDOWS\system32\fpp2037oe.dll
deleting: C:\WINDOWS\system32\fpr4039qe.dll
Successfully Deleted: C:\WINDOWS\system32\fpr4039qe.dll
deleting: C:\WINDOWS\system32\frdrclnr.dll
Successfully Deleted: C:\WINDOWS\system32\frdrclnr.dll
deleting: C:\WINDOWS\system32\fyntext.dll
Successfully Deleted: C:\WINDOWS\system32\fyntext.dll
deleting: C:\WINDOWS\system32\fzsext32.dll
Successfully Deleted: C:\WINDOWS\system32\fzsext32.dll
deleting: C:\WINDOWS\system32\fzsst.dll
Successfully Deleted: C:\WINDOWS\system32\fzsst.dll
deleting: C:\WINDOWS\system32\ghdef.dll
Successfully Deleted: C:\WINDOWS\system32\ghdef.dll
deleting: C:\WINDOWS\system32\gjtuname.dll
Successfully Deleted: C:\WINDOWS\system32\gjtuname.dll
deleting: C:\WINDOWS\system32\gp06l3ds1.dll
Successfully Deleted: C:\WINDOWS\system32\gp06l3ds1.dll
deleting: C:\WINDOWS\system32\gp0ul3d91.dll
Successfully Deleted: C:\WINDOWS\system32\gp0ul3d91.dll
deleting: C:\WINDOWS\system32\gp6ul3j91.dll
Successfully Deleted: C:\WINDOWS\system32\gp6ul3j91.dll
deleting: C:\WINDOWS\system32\gplml3311.dll
Successfully Deleted: C:\WINDOWS\system32\gplml3311.dll
deleting: C:\WINDOWS\system32\gpn0l35m1.dll
Successfully Deleted: C:\WINDOWS\system32\gpn0l35m1.dll
deleting: C:\WINDOWS\system32\gppql3751.dll
Successfully Deleted: C:\WINDOWS\system32\gppql3751.dll
deleting: C:\WINDOWS\system32\gvlml3311.dll
Successfully Deleted: C:\WINDOWS\system32\gvlml3311.dll
deleting: C:\WINDOWS\system32\h0l20a3oed.dll
Successfully Deleted: C:\WINDOWS\system32\h0l20a3oed.dll
deleting: C:\WINDOWS\system32\h84m0ih1e84.dll
Successfully Deleted: C:\WINDOWS\system32\h84m0ih1e84.dll
deleting: C:\WINDOWS\system32\hr0u05d9e.dll
Successfully Deleted: C:\WINDOWS\system32\hr0u05d9e.dll
deleting: C:\WINDOWS\system32\i0240afqed2e0.dll
Successfully Deleted: C:\WINDOWS\system32\i0240afqed2e0.dll
deleting: C:\WINDOWS\system32\i4420ehoeh4c0.dll
Successfully Deleted: C:\WINDOWS\system32\i4420ehoeh4c0.dll
deleting: C:\WINDOWS\system32\i4jq0e15eh.dll
Successfully Deleted: C:\WINDOWS\system32\i4jq0e15eh.dll
deleting: C:\WINDOWS\system32\i8jq0i15e8.dll
Successfully Deleted: C:\WINDOWS\system32\i8jq0i15e8.dll
deleting: C:\WINDOWS\system32\iDcenc.dll
Successfully Deleted: C:\WINDOWS\system32\iDcenc.dll
deleting: C:\WINDOWS\system32\idetres.dll
Successfully Deleted: C:\WINDOWS\system32\idetres.dll
deleting: C:\WINDOWS\system32\iEsnap.dll
Successfully Deleted: C:\WINDOWS\system32\iEsnap.dll
deleting: C:\WINDOWS\system32\ifclass.dll
Successfully Deleted: C:\WINDOWS\system32\ifclass.dll
deleting: C:\WINDOWS\system32\iimontr.dll
Successfully Deleted: C:\WINDOWS\system32\iimontr.dll
deleting: C:\WINDOWS\system32\iis.dll
Successfully Deleted: C:\WINDOWS\system32\iis.dll
deleting: C:\WINDOWS\system32\ikhlpapi.dll
Successfully Deleted: C:\WINDOWS\system32\ikhlpapi.dll
deleting: C:\WINDOWS\system32\ilsecsnp.dll
Successfully Deleted: C:\WINDOWS\system32\ilsecsnp.dll
deleting: C:\WINDOWS\system32\io41_qc.dll
Successfully Deleted: C:\WINDOWS\system32\io41_qc.dll
deleting: C:\WINDOWS\system32\iosmsnap.dll
Successfully Deleted: C:\WINDOWS\system32\iosmsnap.dll
deleting: C:\WINDOWS\system32\iqmon.dll
Successfully Deleted: C:\WINDOWS\system32\iqmon.dll
deleting: C:\WINDOWS\system32\irjul5191.dll
Successfully Deleted: C:\WINDOWS\system32\irjul5191.dll
deleting: C:\WINDOWS\system32\irr4l59q1.dll
Successfully Deleted: C:\WINDOWS\system32\irr4l59q1.dll
deleting: C:\WINDOWS\system32\iu50_32.dll
Successfully Deleted: C:\WINDOWS\system32\iu50_32.dll
deleting: C:\WINDOWS\system32\iwrop.dll
Successfully Deleted: C:\WINDOWS\system32\iwrop.dll
deleting: C:\WINDOWS\system32\iyput.dll
Successfully Deleted: C:\WINDOWS\system32\iyput.dll
deleting: C:\WINDOWS\system32\j0l40a3qed.dll
Successfully Deleted: C:\WINDOWS\system32\j0l40a3qed.dll
deleting: C:\WINDOWS\system32\j0p00a7med.dll
Successfully Deleted: C:\WINDOWS\system32\j0p00a7med.dll
deleting: C:\WINDOWS\system32\j4p0le7m1h.dll
Successfully Deleted: C:\WINDOWS\system32\j4p0le7m1h.dll
deleting: C:\WINDOWS\system32\j66mlgj116o.dll
Successfully Deleted: C:\WINDOWS\system32\j66mlgj116o.dll
deleting: C:\WINDOWS\system32\jmdw400.dll
Successfully Deleted: C:\WINDOWS\system32\jmdw400.dll
deleting: C:\WINDOWS\system32\jtj2071oe.dll
Successfully Deleted: C:\WINDOWS\system32\jtj2071oe.dll
deleting: C:\WINDOWS\system32\jtj4071qe.dll
Successfully Deleted: C:\WINDOWS\system32\jtj4071qe.dll
deleting: C:\WINDOWS\system32\jtjs0717e.dll
Successfully Deleted: C:\WINDOWS\system32\jtjs0717e.dll
deleting: C:\WINDOWS\system32\jtnq0755e.dll
Successfully Deleted: C:\WINDOWS\system32\jtnq0755e.dll
deleting: C:\WINDOWS\system32\jtro0793e.dll
Successfully Deleted: C:\WINDOWS\system32\jtro0793e.dll
deleting: C:\WINDOWS\system32\k0260afsed260.dll
Successfully Deleted: C:\WINDOWS\system32\k0260afsed260.dll
deleting: C:\WINDOWS\system32\k026lafs1d26.dll
Successfully Deleted: C:\WINDOWS\system32\k026lafs1d26.dll
deleting: C:\WINDOWS\system32\k480lelm1hqa.dll
Successfully Deleted: C:\WINDOWS\system32\k480lelm1hqa.dll
deleting: C:\WINDOWS\system32\kadcz.dll
Successfully Deleted: C:\WINDOWS\system32\kadcz.dll
deleting: C:\WINDOWS\system32\kdd101a.dll
Successfully Deleted: C:\WINDOWS\system32\kdd101a.dll
deleting: C:\WINDOWS\system32\kddsp.dll
Successfully Deleted: C:\WINDOWS\system32\kddsp.dll
deleting: C:\WINDOWS\system32\kfymgr.dll
Successfully Deleted: C:\WINDOWS\system32\kfymgr.dll
deleting: C:\WINDOWS\system32\khdla.dll
Successfully Deleted: C:\WINDOWS\system32\khdla.dll
deleting: C:\WINDOWS\system32\kidsmsno.dll
Successfully Deleted: C:\WINDOWS\system32\kidsmsno.dll
deleting: C:\WINDOWS\system32\KJYLIB32.dll
Successfully Deleted: C:\WINDOWS\system32\KJYLIB32.dll
deleting: C:\WINDOWS\system32\kldit.dll
Successfully Deleted: C:\WINDOWS\system32\kldit.dll
deleting: C:\WINDOWS\system32\kldlt1.dll
Successfully Deleted: C:\WINDOWS\system32\kldlt1.dll
deleting: C:\WINDOWS\system32\kpdru1.dll
Successfully Deleted: C:\WINDOWS\system32\kpdru1.dll
deleting: C:\WINDOWS\system32\kpdsf.dll
Successfully Deleted: C:\WINDOWS\system32\kpdsf.dll
deleting: C:\WINDOWS\system32\kt44l7hq1.dll
Successfully Deleted: C:\WINDOWS\system32\kt44l7hq1.dll
deleting: C:\WINDOWS\system32\kt4ul7h91.dll
Successfully Deleted: C:\WINDOWS\system32\kt4ul7h91.dll
deleting: C:\WINDOWS\system32\ktl6l73s1.dll
Successfully Deleted: C:\WINDOWS\system32\ktl6l73s1.dll
deleting: C:\WINDOWS\system32\ktp4l77q1.dll
Successfully Deleted: C:\WINDOWS\system32\ktp4l77q1.dll
deleting: C:\WINDOWS\system32\ktrul7991.dll
Successfully Deleted: C:\WINDOWS\system32\ktrul7991.dll
deleting: C:\WINDOWS\system32\kxdinben.dll
Successfully Deleted: C:\WINDOWS\system32\kxdinben.dll
deleting: C:\WINDOWS\system32\kxdtuq.dll
Successfully Deleted: C:\WINDOWS\system32\kxdtuq.dll
deleting: C:\WINDOWS\system32\kydusr.dll
Successfully Deleted: C:\WINDOWS\system32\kydusr.dll
deleting: C:\WINDOWS\system32\kzdcr.dll
Successfully Deleted: C:\WINDOWS\system32\kzdcr.dll
deleting: C:\WINDOWS\system32\l04qlah51d4.dll
Successfully Deleted: C:\WINDOWS\system32\l04qlah51d4.dll
deleting: C:\WINDOWS\system32\l2l60c3sef.dll
Successfully Deleted: C:\WINDOWS\system32\l2l60c3sef.dll
deleting: C:\WINDOWS\system32\l6l60g3se6.dll
Successfully Deleted: C:\WINDOWS\system32\l6l60g3se6.dll
deleting: C:\WINDOWS\system32\lacodec2.dll
Successfully Deleted: C:\WINDOWS\system32\lacodec2.dll
deleting: C:\WINDOWS\system32\lc32.dll
Successfully Deleted: C:\WINDOWS\system32\lc32.dll
deleting: C:\WINDOWS\system32\lCl60g3se6.dll
Successfully Deleted: C:\WINDOWS\system32\lCl60g3se6.dll
deleting: C:\WINDOWS\system32\lCprxy.dll
Successfully Deleted: C:\WINDOWS\system32\lCprxy.dll
deleting: C:\WINDOWS\system32\lfdsvc.dll
Successfully Deleted: C:\WINDOWS\system32\lfdsvc.dll
deleting: C:\WINDOWS\system32\lifax13n.dll
Successfully Deleted: C:\WINDOWS\system32\lifax13n.dll
deleting: C:\WINDOWS\system32\lIprxy.dll
Successfully Deleted: C:\WINDOWS\system32\lIprxy.dll
deleting: C:\WINDOWS\system32\lRprxy.dll
Successfully Deleted: C:\WINDOWS\system32\lRprxy.dll
deleting: C:\WINDOWS\system32\lTprxy.dll
Successfully Deleted: C:\WINDOWS\system32\lTprxy.dll
deleting: C:\WINDOWS\system32\lwmib2.dll
Successfully Deleted: C:\WINDOWS\system32\lwmib2.dll
deleting: C:\WINDOWS\system32\m0280afued280.dll
Successfully Deleted: C:\WINDOWS\system32\m0280afued280.dll
deleting: C:\WINDOWS\system32\m0640ajqedoe0.dll
Successfully Deleted: C:\WINDOWS\system32\m0640ajqedoe0.dll
deleting: C:\WINDOWS\system32\m4640ejqehoe0.dll
Successfully Deleted: C:\WINDOWS\system32\m4640ejqehoe0.dll
deleting: C:\WINDOWS\system32\mblaw7.dll
Successfully Deleted: C:\WINDOWS\system32\mblaw7.dll
deleting: C:\WINDOWS\system32\mccbase.dll
Successfully Deleted: C:\WINDOWS\system32\mccbase.dll
deleting: C:\WINDOWS\system32\mcisam11.dll
Successfully Deleted: C:\WINDOWS\system32\mcisam11.dll
deleting: C:\WINDOWS\system32\mdc40.dll
Successfully Deleted: C:\WINDOWS\system32\mdc40.dll
deleting: C:\WINDOWS\system32\mdcomput.dll
Successfully Deleted: C:\WINDOWS\system32\mdcomput.dll
deleting: C:\WINDOWS\system32\mdd32.dll
Successfully Deleted: C:\WINDOWS\system32\mdd32.dll
deleting: C:\WINDOWS\system32\merepl40.dll
Successfully Deleted: C:\WINDOWS\system32\merepl40.dll
deleting: C:\WINDOWS\system32\mgafd.dll
Successfully Deleted: C:\WINDOWS\system32\mgafd.dll
deleting: C:\WINDOWS\system32\MGC71u.dll
Successfully Deleted: C:\WINDOWS\system32\MGC71u.dll
deleting: C:\WINDOWS\system32\mhexch40.dll
Successfully Deleted: C:\WINDOWS\system32\mhexch40.dll
deleting: C:\WINDOWS\system32\miifmp32.dll
Successfully Deleted: C:\WINDOWS\system32\miifmp32.dll
deleting: C:\WINDOWS\system32\mjltus40.dll
Successfully Deleted: C:\WINDOWS\system32\mjltus40.dll
deleting: C:\WINDOWS\system32\mkcbase.dll
Successfully Deleted: C:\WINDOWS\system32\mkcbase.dll
deleting: C:\WINDOWS\system32\mlawt.dll
Successfully Deleted: C:\WINDOWS\system32\mlawt.dll
deleting: C:\WINDOWS\system32\MLC42ENU.DLL
Successfully Deleted: C:\WINDOWS\system32\MLC42ENU.DLL
deleting: C:\WINDOWS\system32\mLlslib.dll
Successfully Deleted: C:\WINDOWS\system32\mLlslib.dll
deleting: C:\WINDOWS\system32\mmcomput.dll
Successfully Deleted: C:\WINDOWS\system32\mmcomput.dll
deleting: C:\WINDOWS\system32\mmcoree.dll
Successfully Deleted: C:\WINDOWS\system32\mmcoree.dll
deleting: C:\WINDOWS\system32\mmdadiag.dll
Successfully Deleted: C:\WINDOWS\system32\mmdadiag.dll
deleting: C:\WINDOWS\system32\mmddlc.dll
Successfully Deleted: C:\WINDOWS\system32\mmddlc.dll
deleting: C:\WINDOWS\system32\mmhtml.dll
Successfully Deleted: C:\WINDOWS\system32\mmhtml.dll
deleting: C:\WINDOWS\system32\moglibnt.dll
Successfully Deleted: C:\WINDOWS\system32\moglibnt.dll
deleting: C:\WINDOWS\system32\MPC70.DLL
Successfully Deleted: C:\WINDOWS\system32\MPC70.DLL
deleting: C:\WINDOWS\system32\mpconf.dll
Successfully Deleted: C:\WINDOWS\system32\mpconf.dll
deleting: C:\WINDOWS\system32\mrvidctl.dll
Successfully Deleted: C:\WINDOWS\system32\mrvidctl.dll
deleting: C:\WINDOWS\system32\msd32.dll
Successfully Deleted: C:\WINDOWS\system32\msd32.dll
deleting: C:\WINDOWS\system32\mtisam11.dll
Successfully Deleted: C:\WINDOWS\system32\mtisam11.dll
deleting: C:\WINDOWS\system32\muc40.dll
Successfully Deleted: C:\WINDOWS\system32\muc40.dll
deleting: C:\WINDOWS\system32\mv66l9js1.dll
Successfully Deleted: C:\WINDOWS\system32\mv66l9js1.dll
deleting: C:\WINDOWS\system32\mv80l9lm1.dll
Successfully Deleted: C:\WINDOWS\system32\mv80l9lm1.dll
deleting: C:\WINDOWS\system32\mvcoree.dll
Successfully Deleted: C:\WINDOWS\system32\mvcoree.dll
deleting: C:\WINDOWS\system32\mvjul9191.dll
Successfully Deleted: C:\WINDOWS\system32\mvjul9191.dll
deleting: C:\WINDOWS\system32\mvlml9311.dll
Successfully Deleted: C:\WINDOWS\system32\mvlml9311.dll
deleting: C:\WINDOWS\system32\mvlol9331.dll
Successfully Deleted: C:\WINDOWS\system32\mvlol9331.dll
deleting: C:\WINDOWS\system32\mvn8l95u1.dll
Successfully Deleted: C:\WINDOWS\system32\mvn8l95u1.dll
deleting: C:\WINDOWS\system32\mvnql9551.dll
Successfully Deleted: C:\WINDOWS\system32\mvnql9551.dll
deleting: C:\WINDOWS\system32\mvp4l97q1.dll
Successfully Deleted: C:\WINDOWS\system32\mvp4l97q1.dll
deleting: C:\WINDOWS\system32\mvrol9931.dll
Successfully Deleted: C:\WINDOWS\system32\mvrol9931.dll
deleting: C:\WINDOWS\system32\mwdart.dll
Successfully Deleted: C:\WINDOWS\system32\mwdart.dll
deleting: C:\WINDOWS\system32\mwimg32.dll
Successfully Deleted: C:\WINDOWS\system32\mwimg32.dll
deleting: C:\WINDOWS\system32\mwjdbc10.dll
Successfully Deleted: C:\WINDOWS\system32\mwjdbc10.dll
deleting: C:\WINDOWS\system32\mwuni11.dll
Successfully Deleted: C:\WINDOWS\system32\mwuni11.dll
deleting: C:\WINDOWS\system32\myiseq.dll
Successfully Deleted: C:\WINDOWS\system32\myiseq.dll
deleting: C:\WINDOWS\system32\myl_qic.dll
Successfully Deleted: C:\WINDOWS\system32\myl_qic.dll
deleting: C:\WINDOWS\system32\mzrepl40.dll
Successfully Deleted: C:\WINDOWS\system32\mzrepl40.dll
deleting: C:\WINDOWS\system32\mzuni11.dll
Successfully Deleted: C:\WINDOWS\system32\mzuni11.dll
deleting: C:\WINDOWS\system32\NATAudioFile.dll
Successfully Deleted: C:\WINDOWS\system32\NATAudioFile.dll
deleting: C:\WINDOWS\system32\nclanui2.dll
Successfully Deleted: C:\WINDOWS\system32\nclanui2.dll
deleting: C:\WINDOWS\system32\nhtui0.dll
Successfully Deleted: C:\WINDOWS\system32\nhtui0.dll
deleting: C:\WINDOWS\system32\njvdmd.dll
Successfully Deleted: C:\WINDOWS\system32\njvdmd.dll
deleting: C:\WINDOWS\system32\nldll.dll
Successfully Deleted: C:\WINDOWS\system32\nldll.dll
deleting: C:\WINDOWS\system32\nlmkcert.dll
Successfully Deleted: C:\WINDOWS\system32\nlmkcert.dll
deleting: C:\WINDOWS\system32\notman.dll
Successfully Deleted: C:\WINDOWS\system32\notman.dll
deleting: C:\WINDOWS\system32\npmarta.dll
Successfully Deleted: C:\WINDOWS\system32\npmarta.dll
deleting: C:\WINDOWS\system32\nrdeapi.dll
Successfully Deleted: C:\WINDOWS\system32\nrdeapi.dll
deleting: C:\WINDOWS\system32\nrth.dll
Successfully Deleted: C:\WINDOWS\system32\nrth.dll
deleting: C:\WINDOWS\system32\nslanui2.dll
Successfully Deleted: C:\WINDOWS\system32\nslanui2.dll
deleting: C:\WINDOWS\system32\nstman.dll
Successfully Deleted: C:\WINDOWS\system32\nstman.dll
deleting: C:\WINDOWS\system32\nstplwiz.dll
Successfully Deleted: C:\WINDOWS\system32\nstplwiz.dll
deleting: C:\WINDOWS\system32\nytevent.dll
Successfully Deleted: C:\WINDOWS\system32\nytevent.dll
deleting: C:\WINDOWS\system32\NYTWMAFile.dll
Successfully Deleted: C:\WINDOWS\system32\NYTWMAFile.dll
deleting: C:\WINDOWS\system32\o2480chuef480.dll
Successfully Deleted: C:\WINDOWS\system32\o2480chuef480.dll
deleting: C:\WINDOWS\system32\oaepro32.dll
Successfully Deleted: C:\WINDOWS\system32\oaepro32.dll
deleting: C:\WINDOWS\system32\orbc32gt.dll
Successfully Deleted: C:\WINDOWS\system32\orbc32gt.dll
deleting: C:\WINDOWS\system32\ORComC.dll
Successfully Deleted: C:\WINDOWS\system32\ORComC.dll
deleting: C:\WINDOWS\system32\oRkley.dll
Successfully Deleted: C:\WINDOWS\system32\oRkley.dll
deleting: C:\WINDOWS\system32\oZkley.dll
Successfully Deleted: C:\WINDOWS\system32\oZkley.dll
deleting: C:\WINDOWS\system32\ozuninst.dll
Successfully Deleted: C:\WINDOWS\system32\ozuninst.dll
deleting: C:\WINDOWS\system32\p4r4le9q1h.dll
Successfully Deleted: C:\WINDOWS\system32\p4r4le9q1h.dll
deleting: C:\WINDOWS\system32\p8n8li5u18.dll
Successfully Deleted: C:\WINDOWS\system32\p8n8li5u18.dll
deleting: C:\WINDOWS\system32\PAIKey.dll
Successfully Deleted: C:\WINDOWS\system32\PAIKey.dll
deleting: C:\WINDOWS\system32\PBLEGetGuid.dll
Successfully Deleted: C:\WINDOWS\system32\PBLEGetGuid.dll
deleting: C:\WINDOWS\system32\pth.dll
Successfully Deleted: C:\WINDOWS\system32\pth.dll
deleting: C:\WINDOWS\system32\ptnppagn.dll
Successfully Deleted: C:\WINDOWS\system32\ptnppagn.dll
deleting: C:\WINDOWS\system32\q0860alsedq60.dll
Successfully Deleted: C:\WINDOWS\system32\q0860alsedq60.dll
deleting: C:\WINDOWS\system32\r0p80a7ued.dll
Successfully Deleted: C:\WINDOWS\system32\r0p80a7ued.dll
deleting: C:\WINDOWS\system32\r6r60g9se6.dll
Successfully Deleted: C:\WINDOWS\system32\r6r60g9se6.dll
deleting: C:\WINDOWS\system32\r6r6lg9s16.dll
Successfully Deleted: C:\WINDOWS\system32\r6r6lg9s16.dll
deleting: C:\WINDOWS\system32\rKpi.dll
Successfully Deleted: C:\WINDOWS\system32\rKpi.dll
deleting: C:\WINDOWS\system32\rnbdyctl.dll
Successfully Deleted: C:\WINDOWS\system32\rnbdyctl.dll
deleting: C:\WINDOWS\system32\rovpperf.dll
Successfully Deleted: C:\WINDOWS\system32\rovpperf.dll
deleting: C:\WINDOWS\system32\rvutetab.dll
Successfully Deleted: C:\WINDOWS\system32\rvutetab.dll
deleting: C:\WINDOWS\system32\s0rsla971d.dll
Successfully Deleted: C:\WINDOWS\system32\s0rsla971d.dll
deleting: C:\WINDOWS\system32\s2rslc971f.dll
Successfully Deleted: C:\WINDOWS\system32\s2rslc971f.dll
deleting: C:\WINDOWS\system32\sacsccp.dll
Successfully Deleted: C:\WINDOWS\system32\sacsccp.dll
deleting: C:\WINDOWS\system32\scclient.dll
Successfully Deleted: C:\WINDOWS\system32\scclient.dll
deleting: C:\WINDOWS\system32\scell32.dll
Successfully Deleted: C:\WINDOWS\system32\scell32.dll
deleting: C:\WINDOWS\system32\sclsrv32.dll
Successfully Deleted: C:\WINDOWS\system32\sclsrv32.dll
deleting: C:\WINDOWS\system32\sdlsrv32.dll
Successfully Deleted: C:\WINDOWS\system32\sdlsrv32.dll
deleting: C:\WINDOWS\system32\sdorage.dll
Successfully Deleted: C:\WINDOWS\system32\sdorage.dll
deleting: C:\WINDOWS\system32\seorage.dll
Successfully Deleted: C:\WINDOWS\system32\seorage.dll
deleting: C:\WINDOWS\system32\seudf.dll
Successfully Deleted: C:\WINDOWS\system32\seudf.dll
deleting: C:\WINDOWS\system32\sgi_ci.dll
Successfully Deleted: C:\WINDOWS\system32\sgi_ci.dll
deleting: C:\WINDOWS\system32\shncui.dll
Successfully Deleted: C:\WINDOWS\system32\shncui.dll
deleting: C:\WINDOWS\system32\SKRIPTLE.DLL
Successfully Deleted: C:\WINDOWS\system32\SKRIPTLE.DLL
deleting: C:\WINDOWS\system32\slftpub.dll
Successfully Deleted: C:\WINDOWS\system32\slftpub.dll
deleting: C:\WINDOWS\system32\sllsrv32.dll
Successfully Deleted: C:\WINDOWS\system32\sllsrv32.dll
deleting: C:\WINDOWS\system32\snimeng.dll
Successf

#7 Guest_Cretemonster_*

Guest_Cretemonster_*

  • Guests
  • OFFLINE
  •  

Posted 17 May 2005 - 06:51 AM

Looks like the entire log didnt make it into the Post!

Also,Please Completely Uninstall All Ad Aware 6 products from the PC!

There is a new version out and we will get it installed in the next couple of post!!

Because Ad Watch was running during the Fix,please go back and Run Option 1 from the L2MFix again!

When its finished,Run Option 2 again and Post those results,please make sure the entire results from Option 2 are Copied and Pasted into your next reply!

Edited by Cretemonster, 17 May 2005 - 06:57 AM.


#8 sdstocks

sdstocks
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  

Posted 17 May 2005 - 07:51 AM

OK try this alot smaller this time

L2Mfix 1.03

Running From:
C:\DOCUME~1\Steve\Desktop\l2mfix



RegDACL 5.1 - Permissions Manager for Registry keys for Windows NT 4 and above
Copyright © 1999-2001 Frank Heyne Software (http://www.heysoft.de)
This program is Freeware, use it on your own risk!

Access Control List for Registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify:
(NI) ALLOW Full access NT AUTHORITY\SYSTEM
(IO) ALLOW Full access NT AUTHORITY\SYSTEM
(NI) ALLOW Full access NT AUTHORITY\SYSTEM
(IO) ALLOW Full access NT AUTHORITY\SYSTEM
(ID-NI) ALLOW Read BUILTIN\Users
(ID-IO) ALLOW Read BUILTIN\Users
(ID-NI) ALLOW Full access BUILTIN\Administrators
(ID-IO) ALLOW Full access BUILTIN\Administrators
(ID-NI) ALLOW Full access NT AUTHORITY\SYSTEM
(ID-IO) ALLOW Full access NT AUTHORITY\SYSTEM
(ID-IO) ALLOW Full access CREATOR OWNER



Setting registry permissions:


RegDACL 5.1 - Permissions Manager for Registry keys for Windows NT 4 and above
Copyright © 1999-2001 Frank Heyne Software (http://www.heysoft.de)
This program is Freeware, use it on your own risk!


Denying C(CI) access for predefined group "Administrators"
- adding new ACCESS DENY entry


Registry Permissions set too:

RegDACL 5.1 - Permissions Manager for Registry keys for Windows NT 4 and above
Copyright © 1999-2001 Frank Heyne Software (http://www.heysoft.de)
This program is Freeware, use it on your own risk!

Access Control List for Registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify:
(CI) DENY --C------- BUILTIN\Administrators
(NI) ALLOW Full access NT AUTHORITY\SYSTEM
(IO) ALLOW Full access NT AUTHORITY\SYSTEM
(NI) ALLOW Full access NT AUTHORITY\SYSTEM
(IO) ALLOW Full access NT AUTHORITY\SYSTEM
(ID-NI) ALLOW Read BUILTIN\Users
(ID-IO) ALLOW Read BUILTIN\Users
(ID-NI) ALLOW Full access BUILTIN\Administrators
(ID-IO) ALLOW Full access BUILTIN\Administrators
(ID-NI) ALLOW Full access NT AUTHORITY\SYSTEM
(ID-IO) ALLOW Full access NT AUTHORITY\SYSTEM
(ID-IO) ALLOW Full access CREATOR OWNER



Setting up for Reboot


Starting Reboot!

C:\Documents and Settings\Steve\Desktop\l2mfix
System Rebooted!

Running From:
C:\Documents and Settings\Steve\Desktop\l2mfix

killing explorer and rundll32.exe

Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03
Copyright© 2002-2003 Craig.Peacock@beyondlogic.org
Killing PID 1736 'explorer.exe'

Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03
Copyright© 2002-2003 Craig.Peacock@beyondlogic.org
Error, Cannot find a process with an image name of rundll32.exe

Scanning First Pass. Please Wait!

First Pass Completed

Second Pass Scanning

Second pass Completed!

Zipping up files for submission:
updating: clear.reg (164 bytes security) (deflated 2%)
updating: echo.reg (164 bytes security) (deflated 9%)
updating: direct.txt (164 bytes security) (stored 0%)
updating: lo2.txt (164 bytes security) (deflated 72%)
updating: readme.txt (164 bytes security) (deflated 49%)
updating: report.txt (164 bytes security) (deflated 62%)
updating: test.txt (164 bytes security) (stored 0%)
updating: test2.txt (164 bytes security) (stored 0%)
updating: test3.txt (164 bytes security) (stored 0%)
updating: test5.txt (164 bytes security) (stored 0%)
adding: log.txt (164 bytes security) (deflated 89%)
updating: backregs/1160EF49-DD40-4650-9F6E-DBE9C332C074.reg (164 bytes security) (deflated 70%)
updating: backregs/18DEA719-5C8A-4C21-A3F3-4EF6B90DBA1F.reg (164 bytes security) (deflated 70%)
updating: backregs/1D423152-A8B6-4986-AAA0-D54F12DB1C5C.reg (164 bytes security) (deflated 70%)
updating: backregs/2F0AA054-D072-450E-AB91-547472E12C30.reg (164 bytes security) (deflated 70%)
updating: backregs/32533293-951A-4789-B6C7-1FB87454AB8C.reg (164 bytes security) (deflated 70%)
updating: backregs/7FCA139C-1634-4E43-9CE5-894208DC78CB.reg (164 bytes security) (deflated 70%)
updating: backregs/B5690543-3323-4284-8CE4-1D788C5C81CB.reg (164 bytes security) (deflated 70%)
updating: backregs/F214A440-A1C4-4A45-A3B1-0F4F7D3CF4B8.reg (164 bytes security) (deflated 71%)
updating: backregs/shell.reg (164 bytes security) (deflated 74%)

Restoring Registry Permissions:


RegDACL 5.1 - Permissions Manager for Registry keys for Windows NT 4 and above
Copyright © 1999-2001 Frank Heyne Software (http://www.heysoft.de)
This program is Freeware, use it on your own risk!


Revoking access for predefined group "Administrators"
Inherited ACE can not be revoked here!
Inherited ACE can not be revoked here!


Registry permissions set too:

RegDACL 5.1 - Permissions Manager for Registry keys for Windows NT 4 and above
Copyright © 1999-2001 Frank Heyne Software (http://www.heysoft.de)
This program is Freeware, use it on your own risk!

Access Control List for Registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify:
(NI) ALLOW Full access NT AUTHORITY\SYSTEM
(IO) ALLOW Full access NT AUTHORITY\SYSTEM
(NI) ALLOW Full access NT AUTHORITY\SYSTEM
(IO) ALLOW Full access NT AUTHORITY\SYSTEM
(ID-NI) ALLOW Read BUILTIN\Users
(ID-IO) ALLOW Read BUILTIN\Users
(ID-NI) ALLOW Full access BUILTIN\Administrators
(ID-IO) ALLOW Full access BUILTIN\Administrators
(ID-NI) ALLOW Full access NT AUTHORITY\SYSTEM
(ID-IO) ALLOW Full access NT AUTHORITY\SYSTEM
(ID-IO) ALLOW Full access CREATOR OWNER


Restoring Sedebugprivilege:

Granting SeDebugPrivilege to Administrators ... successful


The following Is the Current Export of the Winlogon notify key:
****************************************************************************
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify]


The following are the files found:
****************************************************************************

Registry Entries that were Deleted:
Please verify that the listing looks ok.
If there was something deleted wrongly there are backups in the backreg folder.
****************************************************************************
REGEDIT4

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
REGEDIT4

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
"SV1"=""
****************************************************************************
Desktop.ini Contents:
****************************************************************************
****************************************************************************


#9 sdstocks

sdstocks
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:04:24 PM

Posted 17 May 2005 - 08:08 AM

I just had a look at msconfig and found my computer had reverted back to selective startup. I put it back to normal startup and rerun L2m.
Here is the result.

L2Mfix 1.03

Running From:
C:\DOCUME~1\Steve\Desktop\l2mfix



RegDACL 5.1 - Permissions Manager for Registry keys for Windows NT 4 and above
Copyright © 1999-2001 Frank Heyne Software (http://www.heysoft.de)
This program is Freeware, use it on your own risk!

Access Control List for Registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify:
(NI) ALLOW Full access NT AUTHORITY\SYSTEM
(IO) ALLOW Full access NT AUTHORITY\SYSTEM
(NI) ALLOW Full access NT AUTHORITY\SYSTEM
(IO) ALLOW Full access NT AUTHORITY\SYSTEM
(ID-NI) ALLOW Read BUILTIN\Users
(ID-IO) ALLOW Read BUILTIN\Users
(ID-NI) ALLOW Full access BUILTIN\Administrators
(ID-IO) ALLOW Full access BUILTIN\Administrators
(ID-NI) ALLOW Full access NT AUTHORITY\SYSTEM
(ID-IO) ALLOW Full access NT AUTHORITY\SYSTEM
(ID-IO) ALLOW Full access CREATOR OWNER



Setting registry permissions:


RegDACL 5.1 - Permissions Manager for Registry keys for Windows NT 4 and above
Copyright © 1999-2001 Frank Heyne Software (http://www.heysoft.de)
This program is Freeware, use it on your own risk!


Denying C(CI) access for predefined group "Administrators"
- adding new ACCESS DENY entry


Registry Permissions set too:

RegDACL 5.1 - Permissions Manager for Registry keys for Windows NT 4 and above
Copyright © 1999-2001 Frank Heyne Software (http://www.heysoft.de)
This program is Freeware, use it on your own risk!

Access Control List for Registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify:
(CI) DENY --C------- BUILTIN\Administrators
(NI) ALLOW Full access NT AUTHORITY\SYSTEM
(IO) ALLOW Full access NT AUTHORITY\SYSTEM
(NI) ALLOW Full access NT AUTHORITY\SYSTEM
(IO) ALLOW Full access NT AUTHORITY\SYSTEM
(ID-NI) ALLOW Read BUILTIN\Users
(ID-IO) ALLOW Read BUILTIN\Users
(ID-NI) ALLOW Full access BUILTIN\Administrators
(ID-IO) ALLOW Full access BUILTIN\Administrators
(ID-NI) ALLOW Full access NT AUTHORITY\SYSTEM
(ID-IO) ALLOW Full access NT AUTHORITY\SYSTEM
(ID-IO) ALLOW Full access CREATOR OWNER



Setting up for Reboot


Starting Reboot!

C:\Documents and Settings\Steve\Desktop\l2mfix
System Rebooted!

Running From:
C:\Documents and Settings\Steve\Desktop\l2mfix

killing explorer and rundll32.exe

Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03
Copyright© 2002-2003 Craig.Peacock@beyondlogic.org
Killing PID 1896 'explorer.exe'
Killing PID 1896 'explorer.exe'

Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03
Copyright© 2002-2003 Craig.Peacock@beyondlogic.org
Killing PID 2308 'rundll32.exe'

Scanning First Pass. Please Wait!

First Pass Completed

Second Pass Scanning

Second pass Completed!

Zipping up files for submission:
updating: clear.reg (164 bytes security) (deflated 2%)
updating: echo.reg (164 bytes security) (deflated 9%)
updating: direct.txt (164 bytes security) (stored 0%)
updating: lo2.txt (164 bytes security) (deflated 73%)
updating: readme.txt (164 bytes security) (deflated 49%)
updating: report.txt (164 bytes security) (deflated 62%)
updating: test.txt (164 bytes security) (stored 0%)
updating: test2.txt (164 bytes security) (stored 0%)
updating: test3.txt (164 bytes security) (stored 0%)
updating: test5.txt (164 bytes security) (stored 0%)
updating: log.txt (164 bytes security) (deflated 77%)
updating: backregs/1160EF49-DD40-4650-9F6E-DBE9C332C074.reg (164 bytes security) (deflated 70%)
updating: backregs/18DEA719-5C8A-4C21-A3F3-4EF6B90DBA1F.reg (164 bytes security) (deflated 70%)
updating: backregs/1D423152-A8B6-4986-AAA0-D54F12DB1C5C.reg (164 bytes security) (deflated 70%)
updating: backregs/2F0AA054-D072-450E-AB91-547472E12C30.reg (164 bytes security) (deflated 70%)
updating: backregs/32533293-951A-4789-B6C7-1FB87454AB8C.reg (164 bytes security) (deflated 70%)
updating: backregs/7FCA139C-1634-4E43-9CE5-894208DC78CB.reg (164 bytes security) (deflated 70%)
updating: backregs/B5690543-3323-4284-8CE4-1D788C5C81CB.reg (164 bytes security) (deflated 70%)
updating: backregs/F214A440-A1C4-4A45-A3B1-0F4F7D3CF4B8.reg (164 bytes security) (deflated 71%)
updating: backregs/shell.reg (164 bytes security) (deflated 74%)

Restoring Registry Permissions:


RegDACL 5.1 - Permissions Manager for Registry keys for Windows NT 4 and above
Copyright © 1999-2001 Frank Heyne Software (http://www.heysoft.de)
This program is Freeware, use it on your own risk!


Revoking access for predefined group "Administrators"
Inherited ACE can not be revoked here!
Inherited ACE can not be revoked here!


Registry permissions set too:

RegDACL 5.1 - Permissions Manager for Registry keys for Windows NT 4 and above
Copyright © 1999-2001 Frank Heyne Software (http://www.heysoft.de)
This program is Freeware, use it on your own risk!

Access Control List for Registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify:
(NI) ALLOW Full access NT AUTHORITY\SYSTEM
(IO) ALLOW Full access NT AUTHORITY\SYSTEM
(NI) ALLOW Full access NT AUTHORITY\SYSTEM
(IO) ALLOW Full access NT AUTHORITY\SYSTEM
(ID-NI) ALLOW Read BUILTIN\Users
(ID-IO) ALLOW Read BUILTIN\Users
(ID-NI) ALLOW Full access BUILTIN\Administrators
(ID-IO) ALLOW Full access BUILTIN\Administrators
(ID-NI) ALLOW Full access NT AUTHORITY\SYSTEM
(ID-IO) ALLOW Full access NT AUTHORITY\SYSTEM
(ID-IO) ALLOW Full access CREATOR OWNER


Restoring Sedebugprivilege:

Granting SeDebugPrivilege to Administrators ... successful


The following Is the Current Export of the Winlogon notify key:
****************************************************************************
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify]


The following are the files found:
****************************************************************************

Registry Entries that were Deleted:
Please verify that the listing looks ok.
If there was something deleted wrongly there are backups in the backreg folder.
****************************************************************************
REGEDIT4

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
REGEDIT4

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
"SV1"=""
****************************************************************************
Desktop.ini Contents:
****************************************************************************
****************************************************************************


#10 Guest_Cretemonster_*

Guest_Cretemonster_*

  • Guests
  • OFFLINE
  •  

Posted 17 May 2005 - 11:22 AM

OK,Now lets see a fresh HijackThis Log and see what we have to deal with!!

#11 sdstocks

sdstocks
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  

Posted 17 May 2005 - 11:32 AM

Here you go

Logfile of HijackThis v1.99.1
Scan saved at 17:30:54, on 5/17/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\netdde.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\clipsrv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\WINDOWS\htpatch.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\ahead\InCD\InCD.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\FilZip\Filzip.exe
C:\DOCUME~1\Steve\LOCALS~1\Temp\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.co.uk/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://uk.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O4 - HKLM\..\Run: [HTpatch] C:\WINDOWS\htpatch.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [InCD] C:\Program Files\ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [ATIPTA] atiptaxx.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/pota_x.cab
O16 - DPF: {03F998B2-0E00-11D3-A498-00104B6EB52E} (MetaStreamCtl Class) - https://components.viewpoint.com/adobe/MTSI...here/index.html
O16 - DPF: {0EB73E39-8AD4-43E8-8FBA-0165C2CCDB8B} (GameControl Class) - http://uk.midas.games.yahoo.net/midasa.cab
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/200112...meInstaller.exe
O16 - DPF: {4E62C4DE-627D-4604-B157-4B7D6B09F02E} (AccountTracking Profile Manager Class) - https://moneymanager.egg.com/Pinsafe/accounttracking.cab
O16 - DPF: {B942A249-D1E7-4C11-98AE-FCB76B08747F} (RealArcadeRdxIE Class) - http://games-dl.real.com/gameconsole/Bundl...ArcadeRdxIE.cab
O16 - DPF: {D22AC3EF-B7D8-11D5-A281-005056BF0101} (plug Class) - http://dist02.chargitdial.com/chargitplug.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{7BCE3157-D038-455E-A803-D66F8C4CF46C}: NameServer = 212.159.13.49 212.159.13.50
O20 - Winlogon Notify: WB - C:\Program Files\AlienGUIse\fastload.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

#12 Guest_Cretemonster_*

Guest_Cretemonster_*

  • Guests
  • OFFLINE
  •  

Posted 17 May 2005 - 11:42 AM

Excellent work my friend!!!!

Little more cleaning to do!!!

Go to Add\Remove Programs and Remove this if it exist:

PartyPoker

Open HijackThis and put a check by these but DO NOT hit the Fix Checked button yet!

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe

O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe

O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)

O16 - DPF: {03F998B2-0E00-11D3-A498-00104B6EB52E} (MetaStreamCtl Class) - https://components.viewpoint.com/adobe/MTSI...here/index.html

O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab

O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/200112...meInstaller.exe

O16 - DPF: {B942A249-D1E7-4C11-98AE-FCB76B08747F} (RealArcadeRdxIE Class) - http://games-dl.real.com/gameconsole/Bundl...ArcadeRdxIE.cab

O16 - DPF: {D22AC3EF-B7D8-11D5-A281-005056BF0101} (plug Class) - http://dist02.chargitdial.com/chargitplug.dll

Now Make sure ALL WINDOWS and BROWSERS are CLOSED and hit the Fix Checked Button!!

Locate and Delete:

C:\Program Files\PartyPoker<<< Folder!!

Restart the PC and Have the System Scanned here:
http://www.pandasoftware.com/products/acti...n_principal.htm

You will need to using Internet Explorer for the Scan to work!!!

Please save the Report from the Scan and place it in the next post along with a fresh HijackThis log!

Edited by Cretemonster, 17 May 2005 - 11:43 AM.


#13 sdstocks

sdstocks
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:04:24 PM

Posted 17 May 2005 - 12:39 PM

here's the results from the scan first of all


Incident Status Location

Adware:Adware/SaveNow No disinfected C:\Program Files\Save
Spyware:Spyware/ISTbar No disinfected C:\Program Files\Common Files\Totem Shared
Adware:Adware/DelFinMedia No disinfected Windows Registry
Adware:Adware/Twain-Tech No disinfected C:\WINDOWS\smdat32m.sys
Adware:Adware/WhenUSearch No disinfected C:\Documents and Settings\Steve\Start Menu\Programs\WhenU
Adware:Adware/Transponder No disinfected C:\WINDOWS\system32\mplay32.dll
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[3lvxVfWCodec.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[3nvxVfWCodec.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[akwav.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[amwav.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[aoapi.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[aqrsvc.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[atwav.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[awrsvc.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[ayifil32.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[aza0017me.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[aza40ajqedoe0.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[aza4l7hq1.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[azl.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[bltsprx3.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[bpowsewm.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[casbrkr.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[cjcui.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[cjrtc.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[cnc.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[ctutil.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[cyyptnet.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[dCdxof.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[dcvenum.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[dkmap.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[dkp0017me.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[dlsetup.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[dmnlobby.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[dmvx_xx0c.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[dn0m01d1e.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[dn0u01d9e.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[dn2o01f3e.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[dnj2011oe.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[dnp0017me.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[dnpq0175e.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[dnsynth.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[doconfig.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[donwsock.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[DqakeCom.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[drrgsnap.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[drrpsetu.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[dStaclen.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[dtuiext.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[ducpcsvc.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[dwdmo.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[dxsshlex.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[dz32gt.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[e8jmli1118.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[edccmd.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[eecwiad.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[eeent.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[en60l1jm1.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[en6sl1j71.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[enpql1751.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[Ercmlib.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[Ezcmlib.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[fcsext32.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[fhst30.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[flsapi.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[fp2m03f1e.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[fp2q03f5e.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[fp6403jqe.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[fp8803lue.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[fpp2037oe.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[fpr4039qe.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[frdrclnr.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[fyntext.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[fzsext32.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[fzsst.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[ghdef.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[gjtuname.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[gp06l3ds1.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[gp0ul3d91.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[gp6ul3j91.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[gplml3311.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[gpn0l35m1.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[gppql3751.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[gvlml3311.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[h0l20a3oed.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[h84m0ih1e84.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[hr0u05d9e.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[i0240afqed2e0.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[i4420ehoeh4c0.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[i4jq0e15eh.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[i8jq0i15e8.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[iDcenc.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[idetres.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[iEsnap.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[ifclass.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[iimontr.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[iis.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[ikhlpapi.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[ilsecsnp.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[io41_qc.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[iosmsnap.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[iqmon.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[irjul5191.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[irr4l59q1.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[iu50_32.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[iwrop.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[iyput.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[j0l40a3qed.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[j0p00a7med.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[j4p0le7m1h.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[j66mlgj116o.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[jmdw400.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[jtj2071oe.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[jtj4071qe.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[jtjs0717e.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[jtnq0755e.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[jtro0793e.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[k0260afsed260.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[k026lafs1d26.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[k480lelm1hqa.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[kadcz.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[kdd101a.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[kddsp.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[kfymgr.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[khdla.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[kidsmsno.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[KJYLIB32.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[kldit.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[kldlt1.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[kpdru1.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[kpdsf.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[kt44l7hq1.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[kt4ul7h91.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[ktl6l73s1.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[ktp4l77q1.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[ktrul7991.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[kxdinben.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[kxdtuq.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[kydusr.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[kzdcr.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[l04qlah51d4.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[l2l60c3sef.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[l6l60g3se6.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[lacodec2.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[lc32.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[lCl60g3se6.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[lCprxy.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[lfdsvc.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[lifax13n.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[lIprxy.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[lRprxy.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[lTprxy.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[lwmib2.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[m0280afued280.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[m0640ajqedoe0.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[m4640ejqehoe0.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[mblaw7.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[mccbase.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[mcisam11.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[mdc40.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[mdcomput.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[mdd32.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[merepl40.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[mgafd.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[MGC71u.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[mhexch40.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[miifmp32.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[mjltus40.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[mkcbase.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[mlawt.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[MLC42ENU.DLL]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[mLlslib.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[mmcomput.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[mmcoree.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[mmdadiag.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[mmddlc.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[mmhtml.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[moglibnt.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[MPC70.DLL]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[mpconf.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[mrvidctl.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[msd32.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[mtisam11.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[muc40.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[mv66l9js1.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[mv80l9lm1.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[mvcoree.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[mvjul9191.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[mvlml9311.dll]

#14 sdstocks

sdstocks
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:04:24 PM

Posted 17 May 2005 - 12:40 PM

And here's the HJT LOG

Logfile of HijackThis v1.99.1
Scan saved at 18:39:17, on 5/17/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\netdde.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\Program Files\AlienGUIse\wbload.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\clipsrv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\htpatch.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\ahead\InCD\InCD.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\WCESMgr.exe
C:\Program Files\Microsoft Office\Office10\OUTLOOK.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\FilZip\Filzip.exe
C:\DOCUME~1\Steve\LOCALS~1\Temp\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.co.uk/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://uk.yahoo.com
O4 - HKLM\..\Run: [HTpatch] C:\WINDOWS\htpatch.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [InCD] C:\Program Files\ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [ATIPTA] atiptaxx.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/pota_x.cab
O16 - DPF: {0EB73E39-8AD4-43E8-8FBA-0165C2CCDB8B} (GameControl Class) - http://uk.midas.games.yahoo.net/midasa.cab
O16 - DPF: {4E62C4DE-627D-4604-B157-4B7D6B09F02E} (AccountTracking Profile Manager Class) - https://moneymanager.egg.com/Pinsafe/accounttracking.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{7BCE3157-D038-455E-A803-D66F8C4CF46C}: NameServer = 212.159.13.49 212.159.13.50
O20 - Winlogon Notify: WB - C:\Program Files\AlienGUIse\fastload.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

#15 sdstocks

sdstocks
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  

Posted 17 May 2005 - 12:50 PM

The activescan log didn't all fit in by the lokks of it.

Here's the rest of it


Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[mvn8l95u1.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[mvnql9551.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[mvp4l97q1.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[mvrol9931.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[mwdart.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[mwimg32.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[mwjdbc10.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[mwuni11.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[myiseq.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[myl_qic.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[mzrepl40.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[mzuni11.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[NATAudioFile.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[nclanui2.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[nhtui0.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[njvdmd.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[nldll.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[nlmkcert.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[notman.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[npmarta.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[nrdeapi.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[nrth.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[nslanui2.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[nstman.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[nstplwiz.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[nytevent.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[NYTWMAFile.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[o2480chuef480.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[oaepro32.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[orbc32gt.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[ORComC.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[oRkley.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[oZkley.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[ozuninst.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[p4r4le9q1h.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[p8n8li5u18.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[PAIKey.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[PBLEGetGuid.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[pth.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[ptnppagn.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[q0860alsedq60.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[r0p80a7ued.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[r6r60g9se6.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[r6r6lg9s16.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[rKpi.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[rnbdyctl.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[rovpperf.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[rvutetab.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[s0rsla971d.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[s2rslc971f.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[sacsccp.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[scclient.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[scell32.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[sclsrv32.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[sdlsrv32.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[sdorage.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[seorage.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[seudf.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[sgi_ci.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[shncui.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[SKRIPTLE.DLL]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[slftpub.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[sllsrv32.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[snimeng.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[snorage.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[sqarddlg.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[sqhannel.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[ssgina.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[ssncui.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[svell32.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[svrmdll.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[ta11_css.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[tbcfgwmi.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[uglmon.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[uier32.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[ujhisapi.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[ujiime.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[ulnp.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[ultfs.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[urat.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[ustheme.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[Ustra.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[uver32.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[uwerenv.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[vginit.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[waaspi32.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[wbcsvc.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[wdasf.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[wfv8dmod.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[wgwfaxui.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[WHPAPI32.DLL]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[whwfaxui.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[wlaueng.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[wlvcore2.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[wnaservc.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[wopui.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[WQASPINT.DLL]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[wun32spl.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[wyasf.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[WZASPINT.DLL]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[xLctsrv.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[xMctsrv.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[xrnroll.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[xssp2res.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[zgcomm.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[ztcomm.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[zvcomm.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Desktop\l2mfix\backup.zip[guard.tmp]
Adware:Adware/nCase No disinfected C:\Documents and Settings\Steve\Local Settings\Temp\bw2.com
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Local Settings\Temp\Temporary Internet Files\Content.IE5\0KPRO8KR\AppWrap[2].exe
Spyware:Spyware/YourSiteBar No disinfected C:\Documents and Settings\Steve\Local Settings\Temp\Temporary Internet Files\Content.IE5\0KPRO8KR\CATTK3ZT.HTM
Adware:Adware/nCase No disinfected C:\Documents and Settings\Steve\Local Settings\Temp\Temporary Internet Files\Content.IE5\CC6JBCFY\AppWrap[1].exe
Adware:Adware/nCase No disinfected C:\Documents and Settings\Steve\Local Settings\Temporary Internet Files\Content.IE5\1592VBXQ\AppWrap[1].exe
Adware:Adware/nCase No disinfected C:\Documents and Settings\Steve\Local Settings\Temporary Internet Files\Content.IE5\3TWTD6R6\AppWrap[1].exe
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Local Settings\Temporary Internet Files\Content.IE5\DPGERZDH\upd201[1].exe
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Local Settings\Temporary Internet Files\Content.IE5\OQ0866EQ\upd202[1].exe
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Local Settings\Temporary Internet Files\Content.IE5\RERDFTGX\AppWrap[1].exe
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\Steve\Local Settings\Temporary Internet Files\Content.IE5\RU570MMV\upd203[1].exe




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users