Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

HJT Log


  • This topic is locked This topic is locked
12 replies to this topic

#1 LiamHFC

LiamHFC

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Location:Scotland
  • Local time:05:53 PM

Posted 21 March 2009 - 03:38 PM

Not to sure what I have. I have been locked out of my task manager and computer is running very slowly, with popups poping up every few seconds! Here is my HJT log and any help I recieve is greatly apprechiated! Thanks again.


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:17:35 PM, on 3/21/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\winlogqn.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe
C:\WINDOWS\TEMP\E79C.tmp
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Java\jre1.6.0_07\bin\jucheck.exe
C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\3012173306.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sky.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer Provided By Sky Broadband
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: (no name) - {291e201a-e613-4900-9dbb-beeb66ca701d} - C:\WINDOWS\system32\nudegoya.dll
O2 - BHO: {6d038a76-298a-f939-1c14-6de62dcec0a3} - {3a0cecd2-6ed6-41c1-939f-a89267a830d6} - C:\WINDOWS\system32\scauss.dll
O2 - BHO: C:\WINDOWS\system32\kjr3iorojdnbfi43unjfd.dll - {C5BF40A2-94F3-42BD-F434-1604812C8955} - C:\WINDOWS\system32\kjr3iorojdnbfi43unjfd.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [NSLauncher] C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe /startup
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [\YUR18.exe] C:\Windows\system32\YUR18.exe
O4 - HKLM\..\Run: [\YUR19.exe] C:\Windows\system32\YUR19.exe
O4 - HKLM\..\Run: [\YUR1A.exe] C:\Windows\system32\YUR1A.exe
O4 - HKLM\..\Run: [\YUR1B.exe] C:\Windows\system32\YUR1B.exe
O4 - HKLM\..\Run: [ANTIVIRUS] C:\Program Files\MicroAV\MicroAV.exe
O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [kjahrfoi37rljanfaw3il7fhjd3f] C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\winlogqn.exe
O4 - HKLM\..\Run: [Framework Windows] frmwrk32.exe
O4 - HKLM\..\Run: [Ofubagubinagogu] rundll32.exe "C:\WINDOWS\Wzoteb.dll",e
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Ocubogevo] rundll32.exe "C:\WINDOWS\uragawoy.dll",e
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [kenihakiyu] Rundll32.exe "C:\WINDOWS\system32\volizita.dll",s
O4 - HKLM\..\Run: [6005c722] rundll32.exe "C:\WINDOWS\system32\fohomugu.dll",b
O4 - HKLM\..\Run: [CPM6336f4be] Rundll32.exe "c:\windows\system32\sobipore.dll",a
O4 - HKCU\..\Run: [Power2GoExpress] "C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe" /Startup
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [\YUR18.exe] C:\Windows\system32\YUR18.exe
O4 - HKCU\..\Run: [\YUR19.exe] C:\Windows\system32\YUR19.exe
O4 - HKCU\..\Run: [\YUR1A.exe] C:\Windows\system32\YUR1A.exe
O4 - HKCU\..\Run: [\YUR1B.exe] C:\Windows\system32\YUR1B.exe
O4 - HKCU\..\Run: [ANTIVIRUS] C:\Program Files\MicroAV\MicroAV.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [kjahrfoi37rljanfaw3il7fhjd3f] C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\winlogqn.exe
O4 - HKCU\..\Run: [steunz2pjlp7om1sxlf1ie6j7hr] C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\u36b6xnp4q.exe
O4 - HKCU\..\Run: [cv596pnctunz07] C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\qlwqelj.exe
O4 - HKCU\..\Run: [qom8kz4j7aw44] C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\s4nujoss.exe
O4 - HKCU\..\Run: [rmpl3l92sb] C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\o4shuncw.exe
O4 - HKCU\..\Run: [k8lchnod8c6kqs93jr9e2lgr7kcd2pv9t0dn2] C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\xxvxt8u3b.exe
O4 - HKCU\..\Run: [n2x64ocb9n0ilug2v2oks2vlrsasxsgrudqlhx8a9tj7xfpp] C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\twl4nryap.exe
O4 - HKCU\..\Run: [uksntyuo93] C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\ul2nph.exe
O4 - HKCU\..\Run: [ra6kuiu1qf] C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\f426vrp.exe
O4 - HKCU\..\Run: [p68ek7706vwzukdtq2a37] C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\pdnbkj0nw.exe
O4 - HKCU\..\Run: [cy3o3fq34fcpfzekpnu987s] C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\hbfa0ajd2zgv.exe
O4 - HKCU\..\Run: [pgl4dt3vqbd23jbnwv2f41mj2enhxp37p] C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\fojcf2izg.exe
O4 - HKCU\..\Run: [nowc0ni0c164zaasb8] C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\yz7b265.exe
O4 - HKCU\..\Run: [y19owb7mbfapknq8533a2a8qj2hjid7dxyjm] C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\im9wkhbj2s.exe
O4 - HKCU\..\Run: [opepc2ztnq01n5qpyvxs9ejv] C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\o7wqkrjqjtps.exe
O4 - HKCU\..\Run: [fds05iv5wk0ojsrwf6oqakxdt5d81wy03luxa9u8] C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\l1oy5fd0uy8a.exe
O4 - HKCU\..\Run: [q0fe9s0ayqsq1i8qftsjryv8t] C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\cr5h4ae8c1t.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [c89pfscoot3fub8su4mxgeto6e] C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\psityjedi74.exe
O4 - HKCU\..\Run: [m03vznz8cyuqibccog3e8b2u18d07qg4k525] C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\wrpe0v8py.exe
O4 - HKCU\..\Run: [i96dm2u11yt575rw83w3n3c0evev5qfh08cy8sh1xriyh9kq] C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\ag1wdrlk48a.exe
O4 - HKCU\..\Run: [rj0tq7kpywy4cofjq42ecq28db] C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\z6wyma1s3v.exe
O4 - HKCU\..\Run: [tsew7xncf49p19sowig] C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\a837vfkr.exe
O4 - HKCU\..\Run: [a25tltpfs27zol8vteny65mj] C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\ti0z45z34c.exe
O4 - HKCU\..\Run: [s1unf49pfj1gu8l] C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\c9mki85zxjvto.exe
O4 - HKCU\..\Run: [omddyoy9ss9tho2aaqd830cc2vuew2eyaa] C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\qvvq0e.exe
O4 - HKCU\..\Run: [vq6vqv3wuce6x4b7du3yj] C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\f8fbji.exe
O4 - HKCU\..\Run: [mlunodrjw8f4ohl36ecr0qpy0hlmxhhws9hxjkzbj0csc] C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\sbw0lqs.exe
O4 - HKCU\..\Run: [aiuu0vqrzmeerwe57jm1t520i4hj6u] C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\j1nzrm01kuv3.exe
O4 - HKCU\..\Run: [rfawoa21bn] C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\gljb0jt.exe
O4 - HKCU\..\Run: [spn3or4ump76dua7d2ymhikgoz7ipw7v] C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\mstrffl6dhc.exe
O4 - HKCU\..\Run: [Diagnostic Manager] C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\3012173306.exe
O4 - HKCU\..\Run: [cpu403ga3txep36yd255jav0qn5ldjmqcbupt8n75wc21c2k] C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\nlgp20iv.exe
O4 - HKCU\..\Run: [k2b6taqtvlou9peufnu] C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\mbbrbjy.exe
O4 - HKCU\..\Run: [mchmvlf0iesu6eqqjkv2la2o8h9sxo9o1rs] C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\lb8gjh7k68q8.exe
O4 - HKCU\..\Run: [yq99kgfh1wq4j5ghpbt241iox] C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\wu8zpr9d9q9zq.exe
O4 - HKCU\..\Run: [z9xb6dn1lg3eqs5c] C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\s70wty.exe
O4 - HKCU\..\Run: [seffi9rxfnlhl0e5j3l9g5mt2k75e6chetgma0d58x2] C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\dl7fj9v7j9.exe
O4 - HKCU\..\Run: [bgmw5e7rus3o6q1] C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\jlrdyx8.exe
O4 - HKCU\..\Run: [oeg1dlljb8916o55hdyks8so7i6k1e9b195902w3h775] C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\mw3463eoqz.exe
O4 - HKCU\..\Run: [b47ygml0gykiurv7lljbp8avf5iiosfti13e44t8no9kv413i] C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\k2wq0uss20kx1.exe
O4 - HKCU\..\Run: [jl1fawyrzzahma22sqzwe8nzwd] C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\uqvi4j8kd6.exe
O4 - HKCU\..\Run: [n9m0nkr9vya1df2gbr00f6pdyd3x5wdn09z] C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\ootmlv98t2f.exe
O4 - HKCU\..\Run: [w2q5n7bgzxsrdy5rz] C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\gfon4k.exe
O4 - HKCU\..\Run: [encdha0d67j1wgmtg3zmtihw1vzdveqe9z] C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\nfo18tvgub.exe
O4 - HKCU\..\Run: [hrb0pzmnnjl6wyf22565bqmjt8ivbxtxubdlxacpl] C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\dstuqb1p.exe
O4 - HKCU\..\Run: [obgvj8wfiihxyexig9hc31osuza] C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\spw4f6pnfq867.exe
O4 - HKUS\S-1-5-19\..\Run: [kenihakiyu] Rundll32.exe "C:\WINDOWS\system32\volizita.dll",s (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [kenihakiyu] Rundll32.exe "C:\WINDOWS\system32\volizita.dll",s (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: hamachi.lnk = C:\Program Files\Hamachi\hamachi.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Sky - {08E730A4-FB02-45BD-A900-01E4AD8016F6} - http://www.sky.com (file missing)
O9 - Extra button: (no name) - {dfb852a3-47f8-48c4-a200-58cab36fd2a2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {dfb852a3-47f8-48c4-a200-58cab36fd2a2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\docume~1\liamk~1\locals~1\temp\ntdll64.dll
O10 - Unknown file in Winsock LSP: c:\docume~1\liamk~1\locals~1\temp\ntdll64.dll
O11 - Options group: [searching] Search from the Address bar
O20 - AppInit_DLLs: szpwam.dll lngqap.dll rvlriu.dll ituyee.dll C:\WINDOWS\system32\kogonubo.dll scauss.dll c:\windows\system32\sobipore.dll
O20 - Winlogon Notify: crypt - C:\WINDOWS\SYSTEM32\crypts.dll
O20 - Winlogon Notify: rqRICsSl - C:\WINDOWS\
O20 - Winlogon Notify: __c0056BA3 - C:\WINDOWS\system32\__c0056BA3.dat
O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\sobipore.dll
O22 - SharedTaskScheduler: ficklety - {e31f5c72-8e0d-4921-8375-9573746c170c} - (no file)
O22 - SharedTaskScheduler: klj3r93iorkemnfaja93riemef - {C5BF40A2-94F3-42BD-F434-1604812C8955} - C:\WINDOWS\system32\kjr3iorojdnbfi43unjfd.dll
O22 - SharedTaskScheduler: STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\sobipore.dll
O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Background Intelligent Transfer Service (BITS) - Unknown owner - C:\WINDOWS\
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Lavasoft Ad-Aware Service (lavasoft ad-aware service) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 14498 bytes


BC AdBot (Login to Remove)

 


#2 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:10:53 PM

Posted 21 March 2009 - 07:39 PM

Hi LiamHFC,

Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.

Please give me a little time to go through your log and I will also let you know that I am a trainee so each stage of the fix will need to be checked by an expert coach before I post so there may be a slight delay. Don't worry I won't abandon you.
  • Please subscribe to this topic, if you haven't already, and wait for me to get back to you.
  • Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.
  • Please reply to this post so I know you are there.
The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 2 days I will bump the topic and if you do not reply by the following day then I will close the topic.

Thanks :thumbup2:
Posted Image
m0le is a proud member of UNITE

#3 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:10:53 PM

Posted 22 March 2009 - 10:39 AM

Hi LiamHFC,

You are very infected. :)

To start with we need to see a more detailed picture of the damage. After that we will start to deal with it.

Download and Run OTViewit
  • Please download OTViewIt by OldTimer.
  • Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Push the Posted Image button.
  • Two reports will open, copy and paste them in a reply here:
  • OTViewIt.txt <-- Will be opened
  • Extra.txt <-- Will be minimized
Thanks :thumbup2:
Posted Image
m0le is a proud member of UNITE

#4 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:10:53 PM

Posted 23 March 2009 - 07:47 PM

Hi,

I have not had a reply from you for 2 days. Can you please tell me if you still need help with your computer as I am unable to help other members with their problems while I have your topic still open.

If you like you can PM me.

Thanks,


m0le
Posted Image
m0le is a proud member of UNITE

#5 kahdah

kahdah

  • Security Colleague
  • 11,138 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:06:53 PM

Posted 25 March 2009 - 09:19 PM

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member with address of this thread. This applies only to the original topic starter. Everyone else please begin a New Topic.
Please do not pm for help, post it in the forums instead.

If I am helping you and have not responded for 48 hours please send me a pm as I don't always get notifications.

My help is always free, however, if you would like to make a donation to me for the help I have provided please click here Posted Image

#6 kahdah

kahdah

  • Security Colleague
  • 11,138 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:06:53 PM

Posted 27 March 2009 - 06:38 PM

Topic re-opened at user's request.
Please do not pm for help, post it in the forums instead.

If I am helping you and have not responded for 48 hours please send me a pm as I don't always get notifications.

My help is always free, however, if you would like to make a donation to me for the help I have provided please click here Posted Image

#7 LiamHFC

LiamHFC
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Location:Scotland
  • Local time:05:53 PM

Posted 27 March 2009 - 06:47 PM

Hi m0le,

Thanks for the swift reply and your help so far.


As per your request, here is my copy of OTViewIt.txt and Extras.txt





OTViewIt

OTViewIt logfile created on: 3/27/2009 11:18:12 PM - Run 2
OTViewIt by OldTimer - Version 1.0.21.0	 Folder = C:\Documents and Settings\Liam K\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 100.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): c:\pagefile.sys 2046 4092;
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.04 Gb Total Space | 77.08 Gb Free Space | 51.72% Space Free | Partition Type: NTFS
Drive D: | 584.24 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
Drive F: | 14.92 Gb Total Space | 10.53 Gb Free Space | 70.59% Space Free | Partition Type: FAT32
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: LIAM
Current User Name: Liam K
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On
File Age = 30 Days
 
[color=orange]========== Processes ==========[/color]
 
[2009/03/19 19:49:55 | 00,951,632 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
[2008/11/07 14:28:16 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
[2008/08/29 09:18:44 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
[2007/07/23 01:41:49 | 00,155,716 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
[2008/01/05 16:18:53 | 00,066,872 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrA.exe
[2008/01/26 02:21:24 | 00,107,832 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrB.exe
[2001/08/23 11:00:00 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\unsecapp.exe
[2004/08/03 22:56:58 | 00,218,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe
[2009/03/19 19:49:56 | 00,515,416 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
[2009/03/27 23:11:33 | 00,072,704 | ---- | M] () -- C:\WINDOWS\Temp\ECB8.tmp
[2005/03/15 09:46:45 | 00,196,608 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft IntelliType Pro\type32.exe
[2008/06/10 03:27:04 | 00,144,784 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
[2004/08/03 22:56:56 | 00,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe
[2007/09/07 13:44:30 | 03,100,672 | ---- | M] () -- C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe
[2005/06/06 22:46:24 | 00,057,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
[2008/11/20 13:20:54 | 00,290,088 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
[2009/03/12 20:42:55 | 00,015,000 | ---- | M] () -- C:\Documents and Settings\Liam K\Local Settings\Temp\winlogqn.exe
[2004/08/03 22:56:56 | 00,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe
[2007/05/10 09:08:00 | 16,342,528 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.exe
[2004/08/03 22:56:56 | 00,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe
[2006/09/21 10:51:30 | 02,445,312 | ---- | M] (Cyberlink) -- C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe
[2007/10/18 10:34:02 | 05,724,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
[2008/12/18 23:42:42 | 00,342,848 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\DNA\btdna.exe
[2004/08/03 22:56:52 | 00,093,184 | -HS- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\IEXPLORE.EXE
[2009/03/21 19:39:14 | 00,035,329 | ---- | M] () -- C:\Documents and Settings\Liam K\Local Settings\Temp\3012173306.exe
[2008/11/20 13:20:44 | 00,536,872 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
[2006/11/10 11:00:00 | 00,389,120 | ---- | M] (WinZip Computing LP) -- C:\Program Files\WinZip\WZQKPICK.EXE
[2009/03/15 17:59:17 | 00,022,529 | -H-- | M] () -- C:\Documents and Settings\Liam K\Local Settings\Temp\j4zk9y7.exe
[2009/03/13 09:16:59 | 00,015,665 | -H-- | M] () -- C:\Documents and Settings\Liam K\Local Settings\Temp\vlz137.exe
[2007/02/08 15:13:46 | 00,212,480 | ---- | M] (Nokia.) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
[2008/06/10 03:27:03 | 00,329,104 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.6.0_07\bin\jucheck.exe
[2009/03/27 23:04:28 | 00,422,912 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Liam K\Desktop\OTViewIt.exe
[2009/03/05 21:10:33 | 00,307,704 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
 
[color=orange]========== (O23) Win32 Services ==========[/color]
 
[2007/03/20 15:41:24 | 00,153,792 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe -- (Adobe Version Cue CS3 [On_Demand | Stopped])
[2008/11/07 14:28:16 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])
[2008/07/25 11:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
[2007/06/15 01:50:12 | 00,479,232 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller [Auto | Stopped])
File not found --  -- (BITS [On_Demand | Stopped])
[2008/08/29 09:18:44 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
[2008/07/25 11:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
[2008/08/16 10:43:12 | 00,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service [On_Demand | Stopped])
[2008/07/29 21:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
[2005/04/03 23:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
[2008/07/29 19:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
[2008/11/20 13:20:44 | 00,536,872 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Running])
[2009/03/19 19:49:55 | 00,951,632 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (lavasoft ad-aware service [Auto | Running])
[2008/08/16 11:29:21 | 00,068,096 | ---- | M] () -- C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe -- (Macromedia Licensing Service [On_Demand | Stopped])
[2008/07/29 19:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
[2001/08/23 11:00:00 | 00,003,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\regedt32.exe -- (NOD32FiXTemDono [Auto | Stopped])
[2007/07/23 01:41:49 | 00,155,716 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc [Auto | Running])
[2008/01/05 16:18:53 | 00,066,872 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrA.exe -- (PnkBstrA [Auto | Running])
[2008/01/26 02:21:24 | 00,107,832 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrB.exe -- (PnkBstrB [Auto | Running])
[2007/02/08 15:13:46 | 00,212,480 | ---- | M] (Nokia.) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer [On_Demand | Running])
[2007/10/18 10:31:54 | 00,098,328 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\usnsvc.exe -- (usnjsvc [On_Demand | Stopped])
[2007/10/25 15:27:54 | 00,266,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc [On_Demand | Stopped])
 
[color=orange]========== Driver Services ==========[/color]
 
[2009/03/19 22:31:24 | 00,000,000 | ---- | M] () -- C:\WINDOWS\system32\drivers\7b366abb.sys -- (7b366abb [System | Stopped])
[2008/01/04 15:07:14 | 00,021,035 | ---- | M] (Meetinghouse Data Communications) -- C:\WINDOWS\system32\drivers\AegisP.sys -- (AegisP [Auto | Running])
[2007/06/15 01:58:56 | 02,301,440 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag [On_Demand | Stopped])
[2008/12/23 01:51:21 | 00,279,712 | ---- | M] () -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt [Auto | Running])
[2008/01/04 17:21:49 | 00,015,600 | ---- | M] (Windows (R) 2000 DDK provider) -- C:\WINDOWS\gdrv.sys -- (gdrv [On_Demand | Stopped])
[2008/04/17 12:12:54 | 00,015,464 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running])
[2008/12/11 19:57:40 | 00,025,280 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi [On_Demand | Running])
[2005/01/07 17:07:18 | 00,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus [On_Demand | Running])
[2007/05/10 09:28:00 | 04,419,584 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Running])
[2009/03/19 19:50:20 | 00,064,160 | ---- | M] (Lavasoft AB) -- C:\WINDOWS\system32\drivers\Lbd.sys -- (lbd [Boot | Running])
[2008/12/23 01:51:20 | 00,025,888 | ---- | M] () -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt [Auto | Running])
[2008/09/15 08:56:24 | 00,017,664 | ---- | M] (Nokia) -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd [On_Demand | Stopped])
[2008/09/15 08:56:24 | 00,022,016 | ---- | M] (Nokia) -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc [On_Demand | Stopped])
[2007/07/23 01:41:49 | 06,807,328 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv [On_Demand | Running])
[2008/12/23 18:25:54 | 00,047,360 | ---- | M] (VSO Software) -- C:\WINDOWS\system32\drivers\pcouffin.sys -- (pcouffin [On_Demand | Running])
[2008/01/26 02:21:31 | 00,022,328 | ---- | M] () -- C:\WINDOWS\system32\drivers\PnkBstrK.sys -- (PnkBstrK [On_Demand | Stopped])
[2005/03/15 09:45:20 | 00,020,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\point32.sys -- (Point32 [On_Demand | Stopped])
[2001/08/23 11:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink [On_Demand | Running])
[2006/12/14 08:44:06 | 00,085,120 | R--- | M] (Realtek Semiconductor Corporation						   ) -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp [On_Demand | Running])
[2006/05/09 10:59:28 | 00,300,672 | ---- | M] (Realtek Semiconductor Corporation						   ) -- C:\WINDOWS\system32\drivers\RTL8185.SYS -- (rtl8185 [On_Demand | Running])
[2004/07/17 09:36:38 | 00,027,440 | ---- | M] () -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv [On_Demand | Stopped])
[2002/10/02 09:57:12 | 00,013,532 | ---- | M] (Windows (R) 2000 DDK provider) -- C:\WINDOWS\system32\drivers\SjyPkt.sys -- (SjyPkt [On_Demand | Stopped])
[2008/10/05 17:52:35 | 00,717,296 | ---- | M] (Duplex Secure Ltd.) -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd [Boot | Stopped])
[2008/09/15 08:56:24 | 00,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev [On_Demand | Stopped])
[2008/10/01 12:01:28 | 00,032,000 | ---- | M] (Apple, Inc.) -- C:\WINDOWS\system32\drivers\usbaapl.sys -- (USBAAPL [On_Demand | Stopped])
[2004/08/03 23:07:56 | 00,059,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio [On_Demand | Stopped])
[2004/08/03 23:05:44 | 00,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbser.sys -- (usbser [On_Demand | Stopped])
[2008/09/15 08:56:34 | 00,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt [On_Demand | Stopped])
[2008/03/27 16:27:46 | 00,503,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\wdf01000.sys -- (Wdf01000 [On_Demand | Stopped])
[2001/08/23 11:00:00 | 00,012,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ws2ifsl.sys -- (WS2IFSL [System | Running])
 
[color=orange]========== (R ) Internet Explorer ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]
"Default_Page_URL"=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
"Default_Search_URL"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Local Page"=%SystemRoot%\system32\blank.htm
"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Start Page"=http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search]
"CustomizeSearch"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
"SearchAssistant"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main]
"Default"=
"Default_Page_URL"=http://www.sky.com
"Local Page"=C:\WINDOWS\system32\blank.htm
"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Start Page"=http://www.daemon-search.com/startpage
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Search]
"AutoSearch"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/saautosearch.aspx
"CustomizeSearch"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
"SearchAssistant"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
 
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL]
""=http://home.microsoft.com/access/autosearch.asp?p=%s
"provider"=msn
 
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation)
 
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0
"ProxyOverride" = *.local
 
[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main]
 
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0
 
[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main]
 
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0
 
[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main]
 
[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main]
 
[HKEY_USERS\S-1-5-21-602162358-764733703-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main]
"Default"=
"Default_Page_URL"=http://www.sky.com
"Local Page"=C:\WINDOWS\system32\blank.htm
"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Start Page"=http://www.daemon-search.com/startpage
 
[HKEY_USERS\S-1-5-21-602162358-764733703-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Search]
"AutoSearch"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/saautosearch.aspx
"CustomizeSearch"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
"SearchAssistant"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
 
[HKEY_USERS\S-1-5-21-602162358-764733703-839522115-1003\Software\Microsoft\Internet Explorer\SearchURL]
""=http://home.microsoft.com/access/autosearch.asp?p=%s
"provider"=msn
 
[HKEY_USERS\S-1-5-21-602162358-764733703-839522115-1003\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-602162358-764733703-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0
"ProxyOverride" = *.local
 
[color=orange]========== (O1) Hosts File ==========[/color]
 
HOSTS File = (249881 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
First 25 entries...
127.0.0.1	   localhost
127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.1001-search.info
127.0.0.1	1001-search.info
127.0.0.1	www.100888290cs.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	www.10sek.com
127.0.0.1	10sek.com
127.0.0.1	www.123topsearch.com
127.0.0.1	123topsearch.com
127.0.0.1	www.132.com
127.0.0.1	132.com
127.0.0.1	www.136136.net
127.0.0.1	136136.net
8710 more lines...
 
[color=orange]========== (O2) BHO's ==========[/color]
 
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\]
{011a6326-11d5-40e4-9bae-721a3eddffcd} (HKLM) -- C:\WINDOWS\system32\viliwesi.dll ()
{02478D38-C3F9-4efb-9B51-7695ECA05670} (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found
{291e201a-e613-4900-9dbb-beeb66ca701d} (HKLM) -- C:\WINDOWS\system32\nudegoya.dll ()
{3a0cecd2-6ed6-41c1-939f-a89267a830d6} (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found
{C5BF40A2-94F3-42BD-F434-1604812C8955} (HKLM) -- C:\WINDOWS\system32\kjr3iorojdnbfi43unjfd.dll ()
 
[color=orange]========== (O3) Toolbars ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{517BDDE4-E3A7-4570-B21E-2B52B6139FC7}" (HKLM) -- C:\Program Files\Adobe [2008/09/28 20:28:40 | 00,000,000 | ---D | M]
 
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{32099AAC-C132-4136-9E9A-4E364A424E17}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found
 
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found
 
[HKEY_USERS\S-1-5-21-602162358-764733703-839522115-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{32099AAC-C132-4136-9E9A-4E364A424E17}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found
 
[HKEY_USERS\S-1-5-21-602162358-764733703-839522115-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found
 
[color=orange]========== (O4) Run Keys ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"\YUR18.exe"=C:\Windows\system32\YUR18.exe File not found
"\YUR19.exe"=C:\Windows\system32\YUR19.exe File not found
"\YUR1A.exe"=C:\Windows\system32\YUR1A.exe File not found
"\YUR1B.exe"=C:\Windows\system32\YUR1B.exe File not found
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" (Adobe Systems Incorporated)
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)
"Adobe_ID0EYTHM"=C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE (Adobe Systems Incorporated)
"Ad-Watch"=C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
"Alcmtr"=ALCMTR.EXE (Realtek Semiconductor Corp.)
"ANTIVIRUS"=C:\Program Files\MicroAV\MicroAV.exe File not found
"CPM6336f4be"=Rundll32.exe "c:\windows\system32\puzesale.dll",a ()
"Framework Windows"=frmwrk32.exe (Microsoft Corporation)
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" (Apple Inc.)
"kenihakiyu"=Rundll32.exe "C:\WINDOWS\system32\damorume.dll",s ()
"kjahrfoi37rljanfaw3il7fhjd3f"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\winlogqn.exe ()
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
"NSLauncher"=C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe /startup ()
"NvCplDaemon"=RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)
"NvMediaCenter"=RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit (NVIDIA Corporation)
"nwiz"=nwiz.exe /install ()
"Ocubogevo"=rundll32.exe "C:\WINDOWS\uragawoy.dll",e (Mozilla Foundation)
"Ofubagubinagogu"=rundll32.exe "C:\WINDOWS\Wzoteb.dll",e ()
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" -atboottime (Apple Inc.)
"RTHDCPL"=RTHDCPL.EXE (Realtek Semiconductor Corp.)
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" (Sun Microsystems, Inc.)
"type32"="C:\Program Files\Microsoft IntelliType Pro\type32.exe" (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"\YUR18.exe"=C:\Windows\system32\YUR18.exe File not found
"\YUR19.exe"=C:\Windows\system32\YUR19.exe File not found
"\YUR1A.exe"=C:\Windows\system32\YUR1A.exe File not found
"\YUR1B.exe"=C:\Windows\system32\YUR1B.exe File not found
"a25tltpfs27zol8vteny65mj"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\ti0z45z34c.exe File not found
"aiuu0vqrzmeerwe57jm1t520i4hj6u"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\j1nzrm01kuv3.exe File not found
"ANTIVIRUS"=C:\Program Files\MicroAV\MicroAV.exe File not found
"b47ygml0gykiurv7lljbp8avf5iiosfti13e44t8no9kv413i"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\k2wq0uss20kx1.exe File not found
"bgmw5e7rus3o6q1"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\jlrdyx8.exe File not found
"BitTorrent DNA"="C:\Program Files\DNA\btdna.exe" (BitTorrent, Inc.)
"c89pfscoot3fub8su4mxgeto6e"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\psityjedi74.exe File not found
"cpu403ga3txep36yd255jav0qn5ldjmqcbupt8n75wc21c2k"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\nlgp20iv.exe File not found
"cv596pnctunz07"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\qlwqelj.exe File not found
"cy3o3fq34fcpfzekpnu987s"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\hbfa0ajd2zgv.exe File not found
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun (DT Soft Ltd)
"Diagnostic Manager"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\4261051243.exe ()
"encdha0d67j1wgmtg3zmtihw1vzdveqe9z"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\nfo18tvgub.exe File not found
"fds05iv5wk0ojsrwf6oqakxdt5d81wy03luxa9u8"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\l1oy5fd0uy8a.exe File not found
"hrb0pzmnnjl6wyf22565bqmjt8ivbxtxubdlxacpl"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\dstuqb1p.exe File not found
"i96dm2u11yt575rw83w3n3c0evev5qfh08cy8sh1xriyh9kq"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\ag1wdrlk48a.exe File not found
"jl1fawyrzzahma22sqzwe8nzwd"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\uqvi4j8kd6.exe File not found
"k2b6taqtvlou9peufnu"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\mbbrbjy.exe File not found
"k8lchnod8c6kqs93jr9e2lgr7kcd2pv9t0dn2"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\xxvxt8u3b.exe File not found
"kjahrfoi37rljanfaw3il7fhjd3f"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\winlogqn.exe ()
"m03vznz8cyuqibccog3e8b2u18d07qg4k525"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\wrpe0v8py.exe File not found
"mchmvlf0iesu6eqqjkv2la2o8h9sxo9o1rs"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\lb8gjh7k68q8.exe File not found
"mlunodrjw8f4ohl36ecr0qpy0hlmxhhws9hxjkzbj0csc"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\sbw0lqs.exe File not found
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background (Microsoft Corporation)
"n2x64ocb9n0ilug2v2oks2vlrsasxsgrudqlhx8a9tj7xfpp"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\twl4nryap.exe File not found
"n9m0nkr9vya1df2gbr00f6pdyd3x5wdn09z"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\ootmlv98t2f.exe File not found
"nowc0ni0c164zaasb8"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\yz7b265.exe File not found
"obgvj8wfiihxyexig9hc31osuza"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\spw4f6pnfq867.exe File not found
"oeg1dlljb8916o55hdyks8so7i6k1e9b195902w3h775"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\mw3463eoqz.exe File not found
"omddyoy9ss9tho2aaqd830cc2vuew2eyaa"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\qvvq0e.exe File not found
"opepc2ztnq01n5qpyvxs9ejv"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\o7wqkrjqjtps.exe File not found
"p68ek7706vwzukdtq2a37"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\pdnbkj0nw.exe File not found
"pgl4dt3vqbd23jbnwv2f41mj2enhxp37p"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\fojcf2izg.exe File not found
"Power2GoExpress"="C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe" /Startup (Cyberlink)
"q0fe9s0ayqsq1i8qftsjryv8t"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\cr5h4ae8c1t.exe File not found
"qom8kz4j7aw44"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\s4nujoss.exe File not found
"ra6kuiu1qf"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\f426vrp.exe File not found
"rfawoa21bn"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\gljb0jt.exe File not found
"rj0tq7kpywy4cofjq42ecq28db"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\z6wyma1s3v.exe File not found
"rmpl3l92sb"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\o4shuncw.exe File not found
"s1unf49pfj1gu8l"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\c9mki85zxjvto.exe File not found
"seffi9rxfnlhl0e5j3l9g5mt2k75e6chetgma0d58x2"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\dl7fj9v7j9.exe File not found
"spn3or4ump76dua7d2ymhikgoz7ipw7v"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\mstrffl6dhc.exe File not found
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
"Steam"="c:\program files\steam\steam.exe" -silent (Valve Corporation)
"steunz2pjlp7om1sxlf1ie6j7hr"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\u36b6xnp4q.exe File not found
"tsew7xncf49p19sowig"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\a837vfkr.exe File not found
"uksntyuo93"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\ul2nph.exe File not found
"vq6vqv3wuce6x4b7du3yj"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\f8fbji.exe File not found
"w2q5n7bgzxsrdy5rz"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\gfon4k.exe File not found
"y19owb7mbfapknq8533a2a8qj2hjid7dxyjm"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\im9wkhbj2s.exe File not found
"yq99kgfh1wq4j5ghpbt241iox"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\wu8zpr9d9q9zq.exe File not found
"z9xb6dn1lg3eqs5c"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\s70wty.exe File not found
 
[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"A00FE6A1F.exe"=C:\WINDOWS\TEMP\_A00FE6A1F.exe ()
 
[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"A00FE6A1F.exe"=C:\WINDOWS\TEMP\_A00FE6A1F.exe ()
 
[HKEY_USERS\S-1-5-21-602162358-764733703-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"\YUR18.exe"=C:\Windows\system32\YUR18.exe File not found
"\YUR19.exe"=C:\Windows\system32\YUR19.exe File not found
"\YUR1A.exe"=C:\Windows\system32\YUR1A.exe File not found
"\YUR1B.exe"=C:\Windows\system32\YUR1B.exe File not found
"a25tltpfs27zol8vteny65mj"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\ti0z45z34c.exe File not found
"aiuu0vqrzmeerwe57jm1t520i4hj6u"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\j1nzrm01kuv3.exe File not found
"ANTIVIRUS"=C:\Program Files\MicroAV\MicroAV.exe File not found
"b47ygml0gykiurv7lljbp8avf5iiosfti13e44t8no9kv413i"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\k2wq0uss20kx1.exe File not found
"bgmw5e7rus3o6q1"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\jlrdyx8.exe File not found
"BitTorrent DNA"="C:\Program Files\DNA\btdna.exe" (BitTorrent, Inc.)
"c89pfscoot3fub8su4mxgeto6e"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\psityjedi74.exe File not found
"cpu403ga3txep36yd255jav0qn5ldjmqcbupt8n75wc21c2k"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\nlgp20iv.exe File not found
"cv596pnctunz07"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\qlwqelj.exe File not found
"cy3o3fq34fcpfzekpnu987s"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\hbfa0ajd2zgv.exe File not found
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun (DT Soft Ltd)
"Diagnostic Manager"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\4261051243.exe ()
"encdha0d67j1wgmtg3zmtihw1vzdveqe9z"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\nfo18tvgub.exe File not found
"fds05iv5wk0ojsrwf6oqakxdt5d81wy03luxa9u8"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\l1oy5fd0uy8a.exe File not found
"hrb0pzmnnjl6wyf22565bqmjt8ivbxtxubdlxacpl"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\dstuqb1p.exe File not found
"i96dm2u11yt575rw83w3n3c0evev5qfh08cy8sh1xriyh9kq"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\ag1wdrlk48a.exe File not found
"jl1fawyrzzahma22sqzwe8nzwd"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\uqvi4j8kd6.exe File not found
"k2b6taqtvlou9peufnu"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\mbbrbjy.exe File not found
"k8lchnod8c6kqs93jr9e2lgr7kcd2pv9t0dn2"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\xxvxt8u3b.exe File not found
"kjahrfoi37rljanfaw3il7fhjd3f"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\winlogqn.exe ()
"m03vznz8cyuqibccog3e8b2u18d07qg4k525"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\wrpe0v8py.exe File not found
"mchmvlf0iesu6eqqjkv2la2o8h9sxo9o1rs"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\lb8gjh7k68q8.exe File not found
"mlunodrjw8f4ohl36ecr0qpy0hlmxhhws9hxjkzbj0csc"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\sbw0lqs.exe File not found
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background (Microsoft Corporation)
"n2x64ocb9n0ilug2v2oks2vlrsasxsgrudqlhx8a9tj7xfpp"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\twl4nryap.exe File not found
"n9m0nkr9vya1df2gbr00f6pdyd3x5wdn09z"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\ootmlv98t2f.exe File not found
"nowc0ni0c164zaasb8"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\yz7b265.exe File not found
"obgvj8wfiihxyexig9hc31osuza"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\spw4f6pnfq867.exe File not found
"oeg1dlljb8916o55hdyks8so7i6k1e9b195902w3h775"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\mw3463eoqz.exe File not found
"omddyoy9ss9tho2aaqd830cc2vuew2eyaa"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\qvvq0e.exe File not found
"opepc2ztnq01n5qpyvxs9ejv"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\o7wqkrjqjtps.exe File not found
"p68ek7706vwzukdtq2a37"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\pdnbkj0nw.exe File not found
"pgl4dt3vqbd23jbnwv2f41mj2enhxp37p"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\fojcf2izg.exe File not found
"Power2GoExpress"="C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe" /Startup (Cyberlink)
"q0fe9s0ayqsq1i8qftsjryv8t"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\cr5h4ae8c1t.exe File not found
"qom8kz4j7aw44"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\s4nujoss.exe File not found
"ra6kuiu1qf"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\f426vrp.exe File not found
"rfawoa21bn"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\gljb0jt.exe File not found
"rj0tq7kpywy4cofjq42ecq28db"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\z6wyma1s3v.exe File not found
"rmpl3l92sb"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\o4shuncw.exe File not found
"s1unf49pfj1gu8l"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\c9mki85zxjvto.exe File not found
"seffi9rxfnlhl0e5j3l9g5mt2k75e6chetgma0d58x2"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\dl7fj9v7j9.exe File not found
"spn3or4ump76dua7d2ymhikgoz7ipw7v"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\mstrffl6dhc.exe File not found
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
"Steam"="c:\program files\steam\steam.exe" -silent (Valve Corporation)
"steunz2pjlp7om1sxlf1ie6j7hr"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\u36b6xnp4q.exe File not found
"tsew7xncf49p19sowig"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\a837vfkr.exe File not found
"uksntyuo93"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\ul2nph.exe File not found
"vq6vqv3wuce6x4b7du3yj"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\f8fbji.exe File not found
"w2q5n7bgzxsrdy5rz"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\gfon4k.exe File not found
"y19owb7mbfapknq8533a2a8qj2hjid7dxyjm"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\im9wkhbj2s.exe File not found
"yq99kgfh1wq4j5ghpbt241iox"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\wu8zpr9d9q9zq.exe File not found
"z9xb6dn1lg3eqs5c"=C:\DOCUME~1\LIAMK~1\LOCALS~1\Temp\s70wty.exe File not found
 
[color=orange]========== (O4) Startup Folders ==========[/color]
 
[2006/11/10 11:00:00 | 00,389,120 | ---- | M] (WinZip Computing LP) -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
[2008/12/11 19:57:39 | 00,625,952 | ---- | M] (LogMeIn Inc.) -- C:\Documents and Settings\Liam K\Start Menu\Programs\Startup\hamachi.lnk = C:\Program Files\Hamachi\hamachi.exe
 
[color=orange]========== (O6 & O7) Current Version Policies ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoSetActiveDesktop"=1
"NoActiveDesktopChanges"=1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145
"NoFolderOptions"=1
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"DisableTaskMgr"=1
"DisableRegistryTools"=1
 
[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145
 
[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145
 
[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145
 
[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145
 
[HKEY_USERS\S-1-5-21-602162358-764733703-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145
"NoFolderOptions"=1
 
[HKEY_USERS\S-1-5-21-602162358-764733703-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"DisableTaskMgr"=1
"DisableRegistryTools"=1
 
[color=orange]========== (O9) IE Extensions ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}: Menu: Sun Java Console -- %ProgramFiles%\Java\jre1.6.0_07\bin\npjpi160_07.dll [2008/06/10 03:27:02 | 00,132,496 | ---- | M] (Sun Microsystems, Inc.)
{08E730A4-FB02-45BD-A900-01E4AD8016F6}: Button: Sky --  File not found
{dfb852a3-47f8-48c4-a200-58cab36fd2a2}: Menu: Spybot - Search & Destroy Configuration -- %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [2009/01/26 15:31:02 | 01,879,896 | ---- | M] (Safer Networking Limited)
{FB5F1910-F110-11d2-BB9E-00C04F795683}: Button: Messenger -- %ProgramFiles%\Messenger\msmsgs.exe [2004/10/13 16:24:37 | 01,694,208 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}: Menu: Windows Messenger -- %ProgramFiles%\Messenger\msmsgs.exe [2004/10/13 16:24:37 | 01,694,208 | ---- | M] (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %ProgramFiles%\Java\jre1.6.0_07\bin\npjpi160_07.dll [Sun Java Console] -> [2008/06/10 03:27:02 | 00,132,496 | ---- | M] (Sun Microsystems, Inc.)
CmdMapping\\{08E730A4-FB02-45BD-A900-01E4AD8016F6} [HKLM] ->  [Sky] -> File not found
CmdMapping\\{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} [HKLM] ->  [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\\{dfb852a3-47f8-48c4-a200-58cab36fd2a2} [HKLM] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [Spybot - Search & Destroy Configuration] -> [2009/01/26 15:31:02 | 01,879,896 | ---- | M] (Safer Networking Limited)
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2004/10/13 16:24:37 | 01,694,208 | ---- | M] (Microsoft Corporation)
 
[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %ProgramFiles%\Java\jre1.6.0_07\bin\npjpi160_07.dll [Sun Java Console] -> [2008/06/10 03:27:02 | 00,132,496 | ---- | M] (Sun Microsystems, Inc.)
CmdMapping\\{08E730A4-FB02-45BD-A900-01E4AD8016F6} [HKLM] ->  [Sky] -> File not found
CmdMapping\\{dfb852a3-47f8-48c4-a200-58cab36fd2a2} [HKLM] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [Spybot - Search & Destroy Configuration] -> [2009/01/26 15:31:02 | 01,879,896 | ---- | M] (Safer Networking Limited)
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2004/10/13 16:24:37 | 01,694,208 | ---- | M] (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %ProgramFiles%\Java\jre1.6.0_07\bin\npjpi160_07.dll [Sun Java Console] -> [2008/06/10 03:27:02 | 00,132,496 | ---- | M] (Sun Microsystems, Inc.)
CmdMapping\\{08E730A4-FB02-45BD-A900-01E4AD8016F6} [HKLM] ->  [Sky] -> File not found
CmdMapping\\{dfb852a3-47f8-48c4-a200-58cab36fd2a2} [HKLM] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [Spybot - Search & Destroy Configuration] -> [2009/01/26 15:31:02 | 01,879,896 | ---- | M] (Safer Networking Limited)
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2004/10/13 16:24:37 | 01,694,208 | ---- | M] (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-602162358-764733703-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %ProgramFiles%\Java\jre1.6.0_07\bin\npjpi160_07.dll [Sun Java Console] -> [2008/06/10 03:27:02 | 00,132,496 | ---- | M] (Sun Microsystems, Inc.)
CmdMapping\\{08E730A4-FB02-45BD-A900-01E4AD8016F6} [HKLM] ->  [Sky] -> File not found
CmdMapping\\{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} [HKLM] ->  [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\\{dfb852a3-47f8-48c4-a200-58cab36fd2a2} [HKLM] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [Spybot - Search & Destroy Configuration] -> [2009/01/26 15:31:02 | 01,879,896 | ---- | M] (Safer Networking Limited)
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2004/10/13 16:24:37 | 01,694,208 | ---- | M] (Microsoft Corporation)
 
[color=orange]========== (O12) Internet Explorer Plugins ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\]
PluginsPage: "" = http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s
PluginsPageFriendlyName: "" =  Microsoft ActiveX Gallery
 
[color=orange]========== (O13) Default Prefixes ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]
""=http://
 
[color=orange]========== (O15) Trusted Sites ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
41 domain(s) and sub-domain(s) not assigned to a zone.
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
40 domain(s) and sub-domain(s) not assigned to a zone.
 
[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
40 domain(s) and sub-domain(s) not assigned to a zone.
 
[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
40 domain(s) and sub-domain(s) not assigned to a zone.
 
[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
40 domain(s) and sub-domain(s) not assigned to a zone.
 
[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
40 domain(s) and sub-domain(s) not assigned to a zone.
 
[HKEY_USERS\S-1-5-21-602162358-764733703-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
40 domain(s) and sub-domain(s) not assigned to a zone.
 
[color=orange]========== (O16) DPF ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\]
{8AD9C840-044E-11D1-B3E9-00805F499D93}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab -- Java Plug-in 1.6.0_07
{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}: http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab -- Java Plug-in 1.5.0_09
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab -- Java Plug-in 1.6.0_07
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab -- Java Plug-in 1.6.0_07
{D27CDB6E-AE6D-11CF-96B8-444553540000}: http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab -- Shockwave Flash Object
 
[color=orange]========== (O20) AppInit_DLLs ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_Dlls"=wam.dll lngqap.dll rvlriu.dll ituyee.dll bcimpc.dll C:\WINDOWS\system32\nozuzito.dll c:\windows\system32\puzesale.dll,C:\WINDOWS\system32\kogonubo.dll
>File not found -- 
>[1601/01/01 00:12:31 | 00,072,857 | -HS- | M] () -- C:\WINDOWS\system32\kogonubo.dll
 
[color=orange]========== (O20) Winlogon Notify Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\]
__c0056BA3: "DllName" = C:\WINDOWS\system32\__c0056BA3.dat -- C:\WINDOWS\system32\__c0056BA3.dat ()
AtiExtEvent: "DllName" = Ati2evxx.dll -- C:\WINDOWS\system32\ati2evxx.dll (ATI Technologies Inc.)
crypt: "DllName" = crypts.dll -- C:\WINDOWS\system32\crypts.dll ()
rqRICsSl: "DllName" = Reg Error: Value DLLName does not exist or could not be read. --  File not found
 
[color=orange]========== (O21) SSODL Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"SSODL"={EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} (HKLM) -- c:\WINDOWS\system32\puzesale.dll ()
 
[color=orange]========== (O22) Shared Task Scheduler ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{C5BF40A2-94F3-42BD-F434-1604812C8955}" (HKLM) = klj3r93iorkemnfaja93riemef -- C:\WINDOWS\system32\kjr3iorojdnbfi43unjfd.dll ()
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{e31f5c72-8e0d-4921-8375-9573746c170c}" (HKLM) = ficklety -- Reg Error: Key does not exist or could not be opened. File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4}" (HKLM) = STS -- c:\WINDOWS\system32\puzesale.dll ()
 
[color=orange]========== Shell Execute Hooks ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{54A8264B-AFFB-4614-95FE-0234817EA282}" (HKLM) -- C:\WINDOWS\system32\rqRICsSl.dll File not found
 
[color=orange]========== LSA *Authentication Packages* ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"Authentication Packages"=msv1_0,C:\WINDOWS\system32\iifgDvSJ,
>File not found -- 
 
[color=orange]========== Safeboot Options ==========[/color]
 
"AlternateShell"=cmd.exe
 
[color=orange]========== CDRom AutoRun Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"AutoRun" = 1
 
[color=orange]========== Autorun Files on Drives ==========[/color]
 
AUTOEXEC.BAT []
[2008/01/04 14:50:41 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT -- [ NTFS ]
 
AUTORUN.INF [[AutoRun] | open=setup.exe | icon=setup.exe,0 |  |  |  |  |  |  |  |  |  |  |  |  |  |  |  |  |  |  |  |  |  |  |  |  |  |  |  |  |  |  |  |  |  | ]
[2001/08/23 11:00:00 | 00,000,110 | R--- | M] () -- D:\AUTORUN.INF -- [ CDFS ]
 
[color=orange]========== MountPoints2 ==========[/color]
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\D\Shell]
""=AutoRun
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\D\Shell\AutoRun]
""=Auto&Play
 
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\D\Shell\AutoRun\command]
""=D:\Launch.exe -- File not found
 
[color=orange]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[6 C:\WINDOWS\*.tmp files]
[2009/03/27 23:14:38 | 00,422,912 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Liam K\Desktop\OTViewIt.exe
[2009/03/27 23:12:08 | 01,543,186 | -HS- | C] () -- C:\WINDOWS\System32\umulifag.ini
[2009/03/23 12:33:25 | 00,002,098 | -HS- | C] () -- C:\WINDOWS\System32\kuyubuza.dll
[2009/03/23 12:33:03 | 00,142,941 | -HS- | C] () -- C:\WINDOWS\System32\bcimpc.dll
[2009/03/21 11:10:45 | 00,000,106 | ---- | C] () -- C:\xcrashdump.dat
[2009/03/21 11:09:06 | 00,033,792 | ---- | C] () -- C:\WINDOWS\System32\leeppcsetup.exe
[2009/03/21 11:05:28 | 01,543,204 | -HS- | C] () -- C:\WINDOWS\System32\ugumohof.ini
[2009/03/21 11:05:25 | 00,143,169 | -HS- | C] () -- C:\WINDOWS\System32\scauss.dll
[2009/03/21 10:54:05 | 00,024,576 | ---- | C] () -- C:\WINDOWS\System32\__c0056BA3.dat
[2009/03/21 10:54:03 | 00,035,840 | ---- | C] () -- C:\WINDOWS\System32\gldx.exe
[2009/03/19 19:58:32 | 00,015,688 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2009/03/19 19:50:46 | 00,064,160 | ---- | C] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2009/03/19 19:45:15 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}
[2009/03/19 19:45:14 | 00,000,867 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2009/03/19 19:45:09 | 00,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2009/03/19 19:45:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2009/03/19 19:44:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Liam K\Desktop\Lavasoft Ad-Aware Anniversary 2009 Pro v8.0.2
[2009/03/19 19:40:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Liam K\Local Settings\Application Data\{F13CB01B-0649-4185-9550-0D9871800217}
[2009/03/19 19:40:32 | 00,133,632 | ---- | C] (Mozilla Foundation) -- C:\WINDOWS\uragawoy.dll
[2009/03/19 19:26:15 | 00,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2009/03/19 19:22:33 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime
[2009/03/19 19:22:32 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime
[2009/03/19 19:22:32 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime
[2009/03/19 19:22:31 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime
[2009/03/19 19:22:31 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime
[2009/03/19 19:22:31 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime
[2009/03/19 19:22:30 | 00,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2009/03/19 19:22:30 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2009/03/19 19:22:29 | 00,363,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svc.dll
[2009/03/19 19:22:29 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wam51.dll
[2009/03/19 19:22:29 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ext.dll
[2009/03/19 19:22:29 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamreg51.dll
[2009/03/19 19:22:29 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamps51.dll
[2009/03/19 19:22:29 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svapi.dll
[2009/03/19 19:22:29 | 00,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ctrs51.dll
[2009/03/19 19:22:28 | 00,086,073 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll
[2009/03/19 19:22:28 | 00,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2009/03/19 19:22:27 | 00,426,041 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll
[2009/03/19 19:22:25 | 00,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uihelper.dll
[2009/03/19 19:22:25 | 00,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll
[2009/03/19 19:22:25 | 00,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime
[2009/03/19 19:22:24 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2009/03/19 19:22:23 | 00,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe
[2009/03/19 19:22:23 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe
[2009/03/19 19:22:23 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tools.dll
[2009/03/19 19:22:23 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll
[2009/03/19 19:22:22 | 00,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime
[2009/03/19 19:22:22 | 00,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2009/03/19 19:22:22 | 00,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2009/03/19 19:22:22 | 00,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2009/03/19 19:22:21 | 00,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2009/03/19 19:22:20 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\svcext51.dll
[2009/03/19 19:22:19 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sspifilt.dll
[2009/03/19 19:22:19 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssinc51.dll
[2009/03/19 19:22:19 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\status.dll
[2009/03/19 19:22:18 | 00,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2009/03/19 19:22:17 | 00,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2009/03/19 19:22:16 | 00,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpthrd.dll
[2009/03/19 19:22:16 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmptrap.exe
[2009/03/19 19:22:16 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2009/03/19 19:22:15 | 00,456,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsvc.dll
[2009/03/19 19:22:15 | 00,358,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpincl.dll
[2009/03/19 19:22:15 | 00,259,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpcl.dll
[2009/03/19 19:22:15 | 00,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpsmir.dll
[2009/03/19 19:22:15 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmp.exe
[2009/03/19 19:22:15 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2009/03/19 19:22:15 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpmib.dll
[2009/03/19 19:22:14 | 00,236,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smi2smir.exe
[2009/03/19 19:22:14 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2009/03/19 19:22:14 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2009/03/19 19:22:14 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2009/03/19 19:22:14 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2009/03/19 19:22:14 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpapi.dll
[2009/03/19 19:22:14 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2009/03/19 19:22:14 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2009/03/19 19:22:13 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2009/03/19 19:22:13 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2009/03/19 19:22:13 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2009/03/19 19:22:13 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2009/03/19 19:22:13 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2009/03/19 19:22:13 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2009/03/19 19:22:13 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2009/03/19 19:22:13 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2009/03/19 19:22:13 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2009/03/19 19:22:13 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2009/03/19 19:22:13 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2009/03/19 19:22:12 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2009/03/19 19:22:09 | 00,221,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\seo.dll
[2009/03/19 19:22:09 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2009/03/19 19:22:09 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2009/03/19 19:22:08 | 00,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2009/03/19 19:22:08 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwnh.dll
[2009/03/19 19:22:07 | 00,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2009/03/19 19:22:07 | 00,026,624 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2009/03/19 19:22:07 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rw001ext.dll
[2009/03/19 19:22:07 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcref.dll
[2009/03/19 19:22:06 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime
[2009/03/19 19:22:06 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2009/03/19 19:22:06 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2009/03/19 19:22:04 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime
[2009/03/19 19:22:04 | 00,020,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ramdisk.sys
[2009/03/19 19:22:04 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2009/03/19 19:22:03 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2009/03/19 19:22:03 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pwsdata.dll
[2009/03/19 19:22:01 | 00,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime
[2009/03/19 19:22:01 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2009/03/19 19:22:01 | 00,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe
[2009/03/19 19:22:01 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll
[2009/03/19 19:22:01 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2009/03/19 19:22:01 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2009/03/19 19:22:00 | 00,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2009/03/19 19:22:00 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime
[2009/03/19 19:22:00 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll
[2009/03/19 19:22:00 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\permchk.dll
[2009/03/19 19:21:59 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pagecnt.dll
[2009/03/19 19:21:59 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll
[2009/03/19 19:21:58 | 00,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2009/03/19 19:21:58 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll
[2009/03/19 19:21:58 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2009/03/19 19:21:55 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2009/03/19 19:21:54 | 00,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nsepm.dll
[2009/03/19 19:21:53 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nextlink.dll
[2009/03/19 19:21:51 | 00,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2009/03/19 19:21:50 | 00,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtstocom.exe
[2009/03/19 19:21:46 | 01,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2009/03/19 19:21:46 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2009/03/19 19:21:38 | 00,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2009/03/19 19:21:38 | 00,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2009/03/19 19:21:38 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\metada51.dll
[2009/03/19 19:21:38 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mdsync.dll
[2009/03/19 19:21:38 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migregdb.exe
[2009/03/19 19:21:37 | 00,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\md5filt.dll
[2009/03/19 19:21:36 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2009/03/19 19:21:36 | 00,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lpdsvc.dll
[2009/03/19 19:21:36 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lprmon.dll
[2009/03/19 19:21:36 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lonsint.dll
[2009/03/19 19:21:35 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lmmib2.dll
[2009/03/19 19:21:35 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logscrpt.dll
[2009/03/19 19:21:34 | 01,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2009/03/19 19:21:34 | 00,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2009/03/19 19:21:33 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2009/03/19 19:21:33 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2009/03/19 19:21:33 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2009/03/19 19:21:33 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2009/03/19 19:21:33 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2009/03/19 19:21:33 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2009/03/19 19:21:33 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2009/03/19 19:21:33 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2009/03/19 19:21:33 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2009/03/19 19:21:32 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2009/03/19 19:21:32 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2009/03/19 19:21:32 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2009/03/19 19:21:32 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41a.dll
[2009/03/19 19:21:32 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41j.dll
[2009/03/19 19:21:32 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2009/03/19 19:21:32 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2009/03/19 19:21:32 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2009/03/19 19:21:32 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2009/03/19 19:21:32 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2009/03/19 19:21:31 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdibm02.dll
[2009/03/19 19:21:31 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2009/03/19 19:21:31 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2009/03/19 19:21:31 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2009/03/19 19:21:31 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2009/03/19 19:21:31 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2009/03/19 19:21:31 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2009/03/19 19:21:31 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2009/03/19 19:21:31 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2009/03/19 19:21:30 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2009/03/19 19:21:30 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdax2.dll
[2009/03/19 19:21:30 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106n.dll
[2009/03/19 19:21:30 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2009/03/19 19:21:30 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101.dll
[2009/03/19 19:21:30 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2009/03/19 19:21:30 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2009/03/19 19:21:30 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2009/03/19 19:21:30 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2009/03/19 19:21:30 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2009/03/19 19:21:29 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iscomlog.dll
[2009/03/19 19:21:29 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iwrps.dll
[2009/03/19 19:21:29 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isapips.dll
[2009/03/19 19:21:28 | 00,257,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infocomm.dll
[2009/03/19 19:21:28 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iprip.dll
[2009/03/19 19:21:28 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoctrs.dll
[2009/03/19 19:21:27 | 00,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2009/03/19 19:21:27 | 00,315,452 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll
[2009/03/19 19:21:27 | 00,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2009/03/19 19:21:27 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetin51.exe
[2009/03/19 19:21:26 | 00,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll
[2009/03/19 19:21:26 | 00,262,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe
[2009/03/19 19:21:26 | 00,233,527 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe
[2009/03/19 19:21:26 | 00,208,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe
[2009/03/19 19:21:26 | 00,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll
[2009/03/19 19:21:26 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2009/03/19 19:21:26 | 00,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2009/03/19 19:21:25 | 00,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll
[2009/03/19 19:21:25 | 00,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll
[2009/03/19 19:21:25 | 00,307,257 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe
[2009/03/19 19:21:25 | 00,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2009/03/19 19:21:25 | 00,155,705 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe
[2009/03/19 19:21:25 | 00,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll
[2009/03/19 19:21:25 | 00,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2009/03/19 19:21:24 | 00,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll
[2009/03/19 19:21:24 | 00,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime
[2009/03/19 19:21:24 | 00,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2009/03/19 19:21:24 | 00,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2009/03/19 19:21:24 | 00,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll
[2009/03/19 19:21:24 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2009/03/19 19:21:23 | 00,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2009/03/19 19:21:23 | 00,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll
[2009/03/19 19:21:23 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime
[2009/03/19 19:21:23 | 00,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iislog51.dll
[2009/03/19 19:21:23 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iiscrmap.dll
[2009/03/19 19:21:23 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisfecnv.dll
[2009/03/19 19:21:23 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iissync.exe
[2009/03/19 19:21:23 | 00,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismui.dll
[2009/03/19 19:21:22 | 00,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iische51.dll
[2009/03/19 19:21:22 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisclex4.dll
[2009/03/19 19:21:22 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisadmin.dll
[2009/03/19 19:21:16 | 10,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2009/03/19 19:21:10 | 13,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2009/03/19 19:21:06 | 10,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2009/03/19 19:21:05 | 00,268,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpext.dll
[2009/03/19 19:21:05 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpod51.dll
[2009/03/19 19:21:05 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hostmib.dll
[2009/03/19 19:21:05 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpmb51.dll
[2009/03/19 19:21:04 | 00,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2009/03/19 19:21:04 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2009/03/19 19:21:03 | 00,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gzip.dll
[2009/03/19 19:21:02 | 00,400,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsxp32.dll
[2009/03/19 19:21:02 | 00,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxstiff.dll
[2009/03/19 19:21:02 | 00,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxswzrd.dll
[2009/03/19 19:21:02 | 00,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsui.dll
[2009/03/19 19:21:01 | 00,562,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsst.dll
[2009/03/19 19:21:01 | 00,267,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssvc.exe
[2009/03/19 19:21:01 | 00,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxst30.dll
[2009/03/19 19:21:01 | 00,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscover.exe
[2009/03/19 19:21:01 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsevent.dll
[2009/03/19 19:21:01 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2009/03/19 19:21:01 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsdrv.dll
[2009/03/19 19:21:01 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsmon.dll
[2009/03/19 19:21:01 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsext32.dll
[2009/03/19 19:21:01 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2009/03/19 19:21:01 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsperf.dll
[2009/03/19 19:21:01 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsres.dll
[2009/03/19 19:21:00 | 00,452,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsapi.dll
[2009/03/19 19:21:00 | 00,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscomex.dll
[2009/03/19 19:21:00 | 00,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclnt.exe
[2009/03/19 19:21:00 | 00,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2009/03/19 19:21:00 | 00,125,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsv251.dll
[2009/03/19 19:21:00 | 00,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2009/03/19 19:21:00 | 00,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscom.dll
[2009/03/19 19:21:00 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpctrs2.dll
[2009/03/19 19:21:00 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpmib.dll
[2009/03/19 19:20:59 | 00,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2009/03/19 19:20:59 | 00,024,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmcgi.exe
[2009/03/19 19:20:59 | 00,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmdll.dll
[2009/03/19 19:20:59 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2009/03/19 19:20:58 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2009/03/19 19:20:58 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2009/03/19 19:20:58 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\f3ahvoas.dll
[2009/03/19 19:20:57 | 00,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntagnt.dll
[2009/03/19 19:20:57 | 00,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntwin.exe
[2009/03/19 19:20:57 | 00,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2009/03/19 19:20:57 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2009/03/19 19:20:57 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntcmd.exe
[2009/03/19 19:20:57 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\exstrace.dll
[2009/03/19 19:20:56 | 00,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2009/03/19 19:20:56 | 00,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2009/03/19 19:20:49 | 00,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime
[2009/03/19 19:20:48 | 00,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\davcdata.exe
[2009/03/19 19:20:47 | 00,057,399 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe
[2009/03/19 19:20:47 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\convlog.exe
[2009/03/19 19:20:47 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\counters.dll
[2009/03/19 19:20:47 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2009/03/19 19:20:46 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\controt.dll
[2009/03/19 19:20:46 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\compfilt.dll
[2009/03/19 19:20:44 | 00,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe
[2009/03/19 19:20:44 | 00,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll
[2009/03/19 19:20:44 | 00,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2009/03/19 19:20:44 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll
[2009/03/19 19:20:44 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll
[2009/03/19 19:20:44 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime
[2009/03/19 19:20:43 | 01,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2009/03/19 19:20:43 | 00,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2009/03/19 19:20:42 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime
[2009/03/19 19:20:42 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2009/03/19 19:20:42 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2009/03/19 19:20:42 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2009/03/19 19:20:42 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2009/03/19 19:20:41 | 00,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_g18030.dll
[2009/03/19 19:20:41 | 00,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2009/03/19 19:20:41 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2009/03/19 19:20:41 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2009/03/19 19:20:35 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browscap.dll
[2009/03/19 19:20:33 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\authfilt.dll
[2009/03/19 19:20:32 | 00,369,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asp51.dll
[2009/03/19 19:20:32 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asptxn.dll
[2009/03/19 19:20:32 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aspperf.dll
[2009/03/19 19:20:31 | 00,331,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aqueue.dll
[2009/03/19 19:20:31 | 00,108,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\appconf.dll
[2009/03/19 19:20:31 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2009/03/19 19:20:31 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0804.dll
[2009/03/19 19:20:31 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0412.dll
[2009/03/19 19:20:31 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0411.dll
[2009/03/19 19:20:30 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040d.dll
[2009/03/19 19:20:30 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0404.dll
[2009/03/19 19:20:30 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0401.dll
[2009/03/19 19:20:29 | 00,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adrot.dll
[2009/03/19 19:20:29 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admexs.dll
[2009/03/19 19:20:29 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admxprox.dll
[2009/03/19 19:20:29 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2009/03/19 19:20:25 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamregps.dll
[2009/03/19 19:20:24 | 02,134,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsnap.dll
[2009/03/19 19:20:24 | 00,189,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpadm.dll
[2009/03/19 19:20:24 | 00,032,827 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptest.exe
[2009/03/19 19:20:24 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptsat.dll
[2009/03/19 19:20:24 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\staxmem.dll
[2009/03/19 19:20:23 | 00,020,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.dll
[2009/03/19 19:20:23 | 00,016,437 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.exe
[2009/03/19 19:20:18 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logui.ocx
[2009/03/19 19:20:18 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isatq.dll
[2009/03/19 19:20:17 | 00,829,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.dll
[2009/03/19 19:20:17 | 00,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisui.dll
[2009/03/19 19:20:17 | 00,133,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrtl.dll
[2009/03/19 19:20:17 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstas.exe
[2009/03/19 19:20:17 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetsloc.dll
[2009/03/19 19:20:17 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisreset.exe
[2009/03/19 19:20:17 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoadmn.dll
[2009/03/19 19:20:17 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.exe
[2009/03/19 19:20:17 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstap.dll
[2009/03/19 19:20:16 | 00,598,071 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmc.dll
[2009/03/19 19:20:16 | 00,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmcsat.dll
[2009/03/19 19:20:16 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisext51.dll
[2009/03/19 19:20:16 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismap.dll
[2009/03/19 19:20:16 | 00,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpexedll.dll
[2009/03/19 19:20:16 | 00,020,538 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpremadm.exe
[2009/03/19 19:20:16 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsapi2.dll
[2009/03/19 19:20:15 | 00,876,653 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awel.dll
[2009/03/19 19:20:15 | 00,188,494 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpcount.exe
[2009/03/19 19:20:15 | 00,147,513 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4apws.dll
[2009/03/19 19:20:15 | 00,109,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98swin.exe
[2009/03/19 19:20:15 | 00,102,509 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4atxt.dll
[2009/03/19 19:20:15 | 00,049,212 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awebs.dll
[2009/03/19 19:20:15 | 00,049,210 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4areg.dll
[2009/03/19 19:20:15 | 00,041,020 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avnb.dll
[2009/03/19 19:20:15 | 00,032,826 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avss.dll
[2009/03/19 19:20:15 | 00,014,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98sadm.exe
[2009/03/19 19:20:14 | 00,275,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certwiz.ocx
[2009/03/19 19:20:14 | 00,188,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgwiz.exe
[2009/03/19 19:20:14 | 00,184,435 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4amsft.dll
[2009/03/19 19:20:14 | 00,082,035 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4anscp.dll
[2009/03/19 19:20:14 | 00,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cnfgprts.ocx
[2009/03/19 19:20:14 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\coadmin.dll
[2009/03/19 19:20:13 | 00,290,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adsiis51.dll
[2009/03/19 19:20:13 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certmap.ocx
[2009/03/19 19:20:13 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admwprox.dll
[2009/03/19 19:20:13 | 00,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.dll
[2009/03/19 19:20:13 | 00,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.exe
[2009/03/19 19:20:12 | 00,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.exe
[2009/03/19 19:20:11 | 00,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.dll
[2009/03/19 19:03:14 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
[2009/03/19 19:03:14 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll
[2009/03/19 19:03:13 | 00,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
[2009/03/19 19:03:13 | 00,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll
[2009/03/19 19:03:06 | 02,012,670 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2009/03/19 19:03:06 | 01,086,058 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NTPRINT.CAT
[2009/03/19 19:03:06 | 01,042,903 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP2.CAT
[2009/03/19 19:03:06 | 00,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2009/03/19 19:03:06 | 00,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2009/03/19 19:03:06 | 00,141,702 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat
[2009/03/19 19:03:06 | 00,110,116 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat
[2009/03/19 19:03:06 | 00,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2009/03/19 19:03:06 | 00,031,965 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat
[2009/03/19 19:03:06 | 00,031,281 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2009/03/19 19:03:06 | 00,024,209 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn7.cat
[2009/03/19 19:03:06 | 00,013,753 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
[2009/03/19 19:03:06 | 00,011,651 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn9.cat
[2009/03/19 19:03:06 | 00,009,581 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2009/03/19 19:03:06 | 00,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2009/03/19 19:03:06 | 00,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2009/03/19 19:03:06 | 00,007,245 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2009/03/19 19:03:05 | 00,502,724 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2009/03/19 18:23:14 | 00,040,448 | ---- | C] () -- C:\WINDOWS\Wzoteb.dll
[2009/03/19 18:23:12 | 00,040,448 | ---- | C] (Johnson-Grace Company) -- C:\WINDOWS\System32\KuzSmall.exe
[2009/03/15 17:55:06 | 00,081,408 | ---- | C] () -- C:\WINDOWS\System32\wujoiuor.dll
[2009/03/15 17:55:06 | 00,010,240 | ---- | C] () -- C:\WINDOWS\instsp1.exe
[2009/03/15 17:55:05 | 00,124,928 | ---- | C] () -- C:\WINDOWS\System32\ituyee.dll
[2009/03/15 17:55:04 | 00,124,928 | ---- | C] () -- C:\WINDOWS\System32\sellkwbr.dll
[2009/03/14 21:19:36 | 00,001,734 | ---- | C] () -- C:\Documents and Settings\Liam K\Desktop\HijackThis.lnk
[2009/03/14 21:19:36 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/03/14 20:30:25 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\1000.exe
[2009/03/14 20:17:52 | 00,292,352 | ---- | C] (iS3, Inc.) -- C:\Documents and Settings\Liam K\Desktop\STOPzilla_Setup.exe
[2009/03/14 20:15:24 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\303424.exe
[2009/03/14 20:13:09 | 00,000,933 | ---- | C] () -- C:\Documents and Settings\Liam K\Desktop\Spybot - Search & Destroy.lnk
[2009/03/14 20:13:04 | 00,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2009/03/14 20:13:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2009/03/14 20:11:34 | 00,124,928 | ---- | C] () -- C:\WINDOWS\System32\rvlriu.dll
[2009/03/14 20:11:31 | 00,124,928 | ---- | C] () -- C:\WINDOWS\System32\xhrhlrij.dll
[2009/03/14 20:09:40 | 01,804,431 | -HS- | C] () -- C:\WINDOWS\System32\ixvtxmbg.ini
[2009/03/14 20:09:39 | 00,081,408 | ---- | C] () -- C:\WINDOWS\System32\gbmxtvxi.dll
[2009/03/13 12:31:40 | 00,000,690 | ---- | C] () -- C:\Documents and Settings\Liam K\Desktop\SpywareBlaster.lnk
[2009/03/13 12:31:39 | 00,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSSTDFMT.DLL
[2009/03/13 12:31:39 | 00,000,000 | ---D | C] -- C:\Program Files\SpywareBlaster
[2009/03/13 09:31:01 | 00,087,331 | ---- | C] () -- C:\WINDOWS\System32\mschr.exe
[2009/03/13 09:30:52 | 00,036,864 | ---- | C] (Microsoft) -- C:\WINDOWS\System32\nDler.exe
[2009/03/13 09:28:20 | 05,273,271 | ---- | C] (AVG Technologies) -- C:\Documents and Settings\Liam K\Desktop\avg_free_stf_en_85_278a1439.exe.part
[2009/03/13 09:26:51 | 00,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/03/13 09:24:09 | 01,903,447 | -HS- | C] () -- C:\WINDOWS\System32\feanyjyy.ini
[2009/03/13 09:24:01 | 00,124,928 | ---- | C] () -- C:\WINDOWS\System32\lngqap.dll
[2009/03/13 09:23:59 | 00,124,928 | ---- | C] () -- C:\WINDOWS\System32\eqhveibl.dll
[2009/03/13 09:23:41 | 00,006,474 | -HS- | C] () -- C:\WINDOWS\System32\JSvDgfii.ini
[2009/03/13 09:23:41 | 00,004,159 | -HS- | C] () -- C:\WINDOWS\System32\JSvDgfii.ini2
[2009/03/13 09:23:36 | 00,303,616 | ---- | C] () -- C:\WINDOWS\System32\iifgDvSJ.dll.vir
[2009/03/12 21:16:45 | 00,179,712 | ---- | C] () -- C:\WINDOWS\System32\odbcad32.dll
[2009/03/12 21:16:10 | 00,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2009/03/12 20:44:42 | 00,001,394 | ---- | C] () -- C:\WINDOWS\System32\ahtn.htm
[2009/03/12 20:44:42 | 00,000,446 | ---- | C] () -- C:\WINDOWS\System32\win32hlp.cnf
[2009/03/12 20:44:39 | 00,004,785 | ---- | C] () -- C:\WINDOWS\System32\warning.gif
[2009/03/12 20:43:52 | 00,032,256 | ---- | C] () -- C:\WINDOWS\System32\crypts.dll
[2009/03/12 20:43:50 | 00,123,392 | ---- | C] () -- C:\hglf.exe
[2009/03/12 20:43:44 | 00,000,001 | ---- | C] () -- C:\WINDOWS\System32\uniq.tll
[2009/03/12 20:43:41 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\drivers\7b366abb.sys
[2009/03/12 20:43:40 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\frmwrk32.exe
[2009/03/12 20:43:38 | 00,082,432 | ---- | C] () -- C:\ilko.exe
[2009/03/12 20:43:33 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\sakwkyib.exe
[2009/03/12 20:43:20 | 00,000,002 | ---- | C] () -- C:\1610991501
[2009/03/12 20:43:17 | 00,000,065 | ---- | C] () -- C:\1.bat
[2009/03/12 20:43:09 | 00,131,072 | ---- | C] (Microsoft Corporation) -- C:\hvphtqy.exe
[2009/03/12 20:42:55 | 00,015,000 | ---- | C] () -- C:\WINDOWS\System32\kjr3iorojdnbfi43unjfd.dll
[2009/03/12 20:42:52 | 00,000,318 | ---- | C] () -- C:\WINDOWS\tasks\fadatcna.job
[2009/03/12 20:42:47 | 00,048,128 | ---- | C] () -- C:\WINDOWS\System32\ljJBqrQh.dll
[2009/03/12 20:42:41 | 00,037,376 | ---- | C] () -- C:\WINDOWS\System32\pmnoPFyX.dll
[2009/02/28 21:28:36 | 00,000,000 | -H-D | C] -- C:\WINDOWS\PIF
 
[color=orange]========== Files - Modified Within 30 Days ==========[/color]
 
[1 C:\WINDOWS\System32\*.tmp files]
[6 C:\WINDOWS\*.tmp files]
[2009/03/27 23:19:15 | 00,011,168 | -H-- | M] () -- C:\WINDOWS\System32\savoduzi
[2009/03/27 23:12:33 | 01,543,186 | -HS- | M] () -- C:\WINDOWS\System32\umulifag.ini
[2009/03/27 23:12:27 | 00,099,328 | -HS- | M] (ICQ) -- C:\WINDOWS\System32\wulubuvo.dll
[2009/03/27 23:12:23 | 00,107,520 | -HS- | M] () -- C:\WINDOWS\System32\puzesale.dll
[2009/03/27 23:12:23 | 00,061,440 | -HS- | M] () -- C:\WINDOWS\System32\jepazeje.exe
[2009/03/27 23:11:49 | 00,024,576 | ---- | M] () -- C:\WINDOWS\System32\__c0056BA3.dat
[2009/03/27 23:06:19 | 00,006,456 | -H-- | M] () -- C:\WINDOWS\System32\vohuluwa
[2009/03/27 23:06:17 | 00,070,238 | -HS- | M] (ICQ) -- C:\WINDOWS\System32\begajetu.dll
[2009/03/27 23:06:06 | 00,000,492 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.ics
[2009/03/27 23:05:35 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/03/27 23:05:33 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/03/27 23:05:29 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/03/27 23:04:28 | 00,422,912 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Liam K\Desktop\OTViewIt.exe
[2009/03/23 13:00:00 | 00,000,318 | ---- | M] () -- C:\WINDOWS\tasks\fadatcna.job
[2009/03/23 12:33:25 | 00,002,098 | -HS- | M] () -- C:\WINDOWS\System32\kuyubuza.dll
[2009/03/23 12:33:01 | 00,142,941 | -HS- | M] () -- C:\WINDOWS\System32\yederoda.dll
[2009/03/23 12:33:01 | 00,142,941 | -HS- | M] () -- C:\WINDOWS\System32\bcimpc.dll
[2009/03/23 12:33:01 | 00,108,194 | -HS- | M] () -- C:\WINDOWS\System32\titodopu.dll
[2009/03/23 12:33:01 | 00,095,401 | -HS- | M] () -- C:\WINDOWS\System32\gafilumu.dll
[2009/03/21 19:32:16 | 00,000,566 | ---- | M] () -- C:\Documents and Settings\Liam K\My Documents\My Sharing Folders.lnk
[2009/03/21 11:21:55 | 00,000,106 | ---- | M] () -- C:\xcrashdump.dat
[2009/03/21 11:20:42 | 00,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2009/03/21 11:09:06 | 00,033,792 | ---- | M] () -- C:\WINDOWS\System32\leeppcsetup.exe
[2009/03/21 11:05:48 | 01,543,204 | -HS- | M] () -- C:\WINDOWS\System32\ugumohof.ini
[2009/03/21 11:05:25 | 00,143,169 | -HS- | M] () -- C:\WINDOWS\System32\scauss.dll
[2009/03/21 11:05:25 | 00,143,169 | -HS- | M] () -- C:\WINDOWS\System32\fakubija.dll
[2009/03/21 11:05:25 | 00,095,339 | -HS- | M] () -- C:\WINDOWS\System32\fohomugu.dll
[2009/03/21 11:05:24 | 00,107,628 | -HS- | M] () -- C:\WINDOWS\System32\sobipore.dll
[2009/03/21 10:54:05 | 00,035,840 | ---- | M] () -- C:\WINDOWS\System32\gldx.exe
[2009/03/19 22:31:24 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\7b366abb.sys
[2009/03/19 19:50:33 | 00,015,688 | ---- | M] () -- C:\WINDOWS\System32\lsdelete.exe
[2009/03/19 19:50:20 | 00,064,160 | ---- | M] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2009/03/19 19:45:14 | 00,000,867 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2009/03/19 19:40:33 | 00,133,632 | ---- | M] (Mozilla Foundation) -- C:\WINDOWS\uragawoy.dll
[2009/03/19 19:28:07 | 01,396,856 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/03/19 19:28:02 | 00,521,444 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/03/19 19:28:02 | 00,440,684 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/03/19 19:28:02 | 00,071,002 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/03/19 19:23:42 | 00,000,288 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2009/03/19 19:20:03 | 00,000,084 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini
[2009/03/19 19:19:59 | 00,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2009/03/19 19:19:58 | 00,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2009/03/19 19:19:58 | 00,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2009/03/19 19:19:46 | 00,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2009/03/19 19:18:36 | 00,000,477 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/03/19 19:17:48 | 00,023,348 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/03/19 19:16:47 | 00,000,229 | -HS- | M] () -- C:\boot.ini
[2009/03/19 19:03:18 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/03/19 19:03:07 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\All Users\Documents\desktop.ini
[2009/03/19 19:03:07 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini
[2009/03/19 18:23:14 | 00,040,448 | ---- | M] (Johnson-Grace Company) -- C:\WINDOWS\System32\KuzSmall.exe
[2009/03/19 18:23:14 | 00,040,448 | ---- | M] () -- C:\WINDOWS\Wzoteb.dll
[2009/03/19 18:13:13 | 00,000,446 | ---- | M] () -- C:\WINDOWS\System32\win32hlp.cnf
[2009/03/15 17:59:59 | 00,746,132 | ---- | M] () -- C:\WINDOWS\setupapi.old
[2009/03/15 17:55:15 | 00,006,474 | -HS- | M] () -- C:\WINDOWS\System32\JSvDgfii.ini
[2009/03/15 17:55:06 | 00,081,408 | ---- | M] () -- C:\WINDOWS\System32\wujoiuor.dll
[2009/03/15 17:55:06 | 00,010,240 | ---- | M] () -- C:\WINDOWS\instsp1.exe
[2009/03/15 17:55:05 | 00,124,928 | ---- | M] () -- C:\WINDOWS\System32\sellkwbr.dll
[2009/03/15 17:55:05 | 00,124,928 | ---- | M] () -- C:\WINDOWS\System32\ituyee.dll
[2009/03/15 17:52:04 | 00,004,159 | -HS- | M] () -- C:\WINDOWS\System32\JSvDgfii.ini2
[2009/03/14 21:19:54 | 00,001,734 | ---- | M] () -- C:\Documents and Settings\Liam K\Desktop\HijackThis.lnk
[2009/03/14 21:18:54 | 00,003,584 | ---- | M] () -- C:\Documents and Settings\Liam K\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/03/14 20:30:26 | 00,027,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\1000.exe
[2009/03/14 20:18:10 | 00,292,352 | ---- | M] (iS3, Inc.) -- C:\Documents and Settings\Liam K\Desktop\STOPzilla_Setup.exe
[2009/03/14 20:17:05 | 00,249,881 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2009/03/14 20:16:31 | 01,804,431 | -HS- | M] () -- C:\WINDOWS\System32\ixvtxmbg.ini
[2009/03/14 20:15:25 | 00,027,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\303424.exe
[2009/03/14 20:13:09 | 00,000,933 | ---- | M] () -- C:\Documents and Settings\Liam K\Desktop\Spybot - Search & Destroy.lnk
[2009/03/14 20:11:34 | 00,124,928 | ---- | M] () -- C:\WINDOWS\System32\xhrhlrij.dll
[2009/03/14 20:11:34 | 00,124,928 | ---- | M] () -- C:\WINDOWS\System32\rvlriu.dll
[2009/03/14 20:10:13 | 01,903,447 | -HS- | M] () -- C:\WINDOWS\System32\feanyjyy.ini
[2009/03/14 20:09:40 | 00,081,408 | ---- | M] () -- C:\WINDOWS\System32\gbmxtvxi.dll
[2009/03/13 12:32:24 | 00,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/03/13 12:31:40 | 00,000,690 | ---- | M] () -- C:\Documents and Settings\Liam K\Desktop\SpywareBlaster.lnk
[2009/03/13 09:40:17 | 01,568,656 | -H-- | M] () -- C:\Documents and Settings\Liam K\Local Settings\Application Data\IconCache.db
[2009/03/13 09:32:37 | 05,273,271 | ---- | M] (AVG Technologies) -- C:\Documents and Settings\Liam K\Desktop\avg_free_stf_en_85_278a1439.exe.part
[2009/03/13 09:31:01 | 00,087,331 | ---- | M] () -- C:\WINDOWS\System32\mschr.exe
[2009/03/13 09:30:53 | 00,036,864 | ---- | M] (Microsoft) -- C:\WINDOWS\System32\nDler.exe
[2009/03/13 09:24:01 | 00,124,928 | ---- | M] () -- C:\WINDOWS\System32\lngqap.dll
[2009/03/13 09:24:01 | 00,124,928 | ---- | M] () -- C:\WINDOWS\System32\eqhveibl.dll
[2009/03/13 09:23:41 | 00,303,616 | ---- | M] () -- C:\WINDOWS\System32\iifgDvSJ.dll.vir
[2009/03/12 21:16:45 | 00,179,712 | ---- | M] () -- C:\WINDOWS\System32\odbcad32.dll
[2009/03/12 20:44:42 | 00,001,394 | ---- | M] () -- C:\WINDOWS\System32\ahtn.htm
[2009/03/12 20:44:40 | 00,004,785 | ---- | M] () -- C:\WINDOWS\System32\warning.gif
[2009/03/12 20:44:06 | 00,123,392 | ---- | M] () -- C:\hglf.exe
[2009/03/12 20:43:52 | 00,032,256 | ---- | M] () -- C:\WINDOWS\System32\crypts.dll
[2009/03/12 20:43:48 | 00,082,432 | ---- | M] () -- C:\ilko.exe
[2009/03/12 20:43:44 | 00,000,001 | ---- | M] () -- C:\WINDOWS\System32\uniq.tll
[2009/03/12 20:43:38 | 00,031,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\frmwrk32.exe
[2009/03/12 20:43:38 | 00,031,744 | ---- | M] (Microsoft Corporation) -- C:\sakwkyib.exe
[2009/03/12 20:43:22 | 00,000,002 | ---- | M] () -- C:\1610991501
[2009/03/12 20:43:17 | 00,000,065 | ---- | M] () -- C:\1.bat
[2009/03/12 20:43:15 | 00,131,072 | ---- | M] (Microsoft Corporation) -- C:\hvphtqy.exe
[2009/03/12 20:42:55 | 00,015,000 | ---- | M] () -- C:\WINDOWS\System32\kjr3iorojdnbfi43unjfd.dll
[2009/03/12 20:42:52 | 00,048,128 | ---- | M] () -- C:\WINDOWS\System32\ljJBqrQh.dll
[2009/03/12 20:42:41 | 00,037,376 | ---- | M] () -- C:\WINDOWS\System32\pmnoPFyX.dll
[2009/03/10 21:43:00 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
< End of report >



Extras.txt

OTViewIt Extras logfile created on: 3/27/2009 11:18:12 PM - Run 2
OTViewIt by OldTimer - Version 1.0.21.0	 Folder = C:\Documents and Settings\Liam K\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 100.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): c:\pagefile.sys 2046 4092;
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.04 Gb Total Space | 77.08 Gb Free Space | 51.72% Space Free | Partition Type: NTFS
Drive D: | 584.24 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
Drive F: | 14.92 Gb Total Space | 10.53 Gb Free Space | 70.59% Space Free | Partition Type: FAT32
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: LIAM
Current User Name: Liam K
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On
File Age = 30 Days

[color=orange]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=orange]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled"=1
"AntiVirusDisableNotify"=1
"FirewallDisableNotify"=1
"UpdatesDisableNotify"=1
"AntiVirusOverride"=1
"FirewallOverride"=0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall"=1
"DisableNotifications"=0
"DoNotAllowExceptions"=0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts]

[color=orange]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[2004/08/03 22:56:58 | 00,140,800 | ---- | M] (Microsoft Corporation) -- %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
[2007/10/18 10:34:02 | 05,724,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger
[2007/10/02 16:18:24 | 00,304,488 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
[2004/08/03 22:56:58 | 00,140,800 | ---- | M] (Microsoft Corporation) -- %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
[2004/10/13 16:24:37 | 01,694,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger
[2005/05/23 00:13:54 | 07,401,174 | ---- | M] () -- C:\Program Files\EA GAMES\Battlefield 2\BF2.exe:*:Enabled:Battlefield 2
[2008/09/18 18:50:21 | 00,147,456 | ---- | M] (Lime Wire, LLC) -- C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire
[2007/10/18 10:34:02 | 05,724,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger
[2007/10/02 16:18:24 | 00,304,488 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)
[2008/12/18 23:42:42 | 00,342,848 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\DNA\btdna.exe:*:Enabled:DNA
[2008/12/16 20:16:10 | 00,637,232 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent
File not found -- C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger
File not found -- C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server
[2008/09/07 23:50:56 | 22,242,560 | ---- | M] (Sports Interactive) -- C:\Program Files\Sports Interactive\Football Manager 2008\fm.exe:*:Enabled:Football Manager 2008
[2008/08/29 09:18:44 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour
[2007/03/20 15:41:24 | 00,153,792 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe:*:Enabled:Adobe Version Cue CS3 Server
[2007/10/24 14:32:04 | 08,409,716 | ---- | M] () -- C:\Program Files\Electronic Arts\Battlefield 2142\BF2142.exe:*:Enabled:Battlefield 2
[2008/11/20 13:20:48 | 14,294,824 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes
[2008/08/08 09:25:06 | 02,808,832 | ---- | M] (mIRC Co. Ltd.) -- C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC
[2008/11/05 11:26:40 | 01,766,648 | ---- | M] (Nokia Corporation) -- C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater
[2008/10/23 21:44:56 | 00,386,296 | ---- | M] (Nokia Corporation) -- C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process 
[2008/10/07 00:31:33 | 00,610,816 | ---- | M] () -- C:\Program Files\Steam\steamapps\common\call of duty\CoDSP.exe:*:Enabled:Call of Duty
[2008/10/07 00:31:21 | 00,667,136 | ---- | M] () -- C:\Program Files\Steam\steamapps\common\call of duty\CoDMP.exe:*:Enabled:Call of Duty
[2009/02/27 16:19:30 | 28,370,184 | ---- | M] (Sports Interactive) -- C:\Program Files\Steam\steamapps\common\football manager 2009\fm.exe:*:Enabled:Football Manager 2009
[2004/08/03 22:56:50 | 01,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe:*:Enabled:Explorer
[2004/08/03 22:56:52 | 00,514,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\logonui.exe:*:Enabled:logonui
[2004/08/03 22:56:58 | 00,502,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe:*:Enabled:winlogon
[2008/11/07 14:28:16 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe:*:Enabled:AppleMobileDeviceService

[color=orange]========== (O10) Winsock2 Catalogs ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\]
NameSpace_Catalog5\Catalog_Entries\000000000001 [mdnsNSP] -- C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
Protocol_Catalog9\Catalog_Entries\000000000001 -- C:\Documents and Settings\Liam K\Local Settings\Temp\ntdll64.dll ()
Protocol_Catalog9\Catalog_Entries\000000000002 -- C:\Documents and Settings\Liam K\Local Settings\Temp\ntdll64.dll ()
Protocol_Catalog9\Catalog_Entries\000000000003 -- C:\Documents and Settings\Liam K\Local Settings\Temp\ntdll64.dll ()
Protocol_Catalog9\Catalog_Entries\000000000004 -- C:\Documents and Settings\Liam K\Local Settings\Temp\ntdll64.dll ()
Protocol_Catalog9\Catalog_Entries\000000000005 -- C:\Documents and Settings\Liam K\Local Settings\Temp\ntdll64.dll ()
Protocol_Catalog9\Catalog_Entries\000000000006 -- C:\Documents and Settings\Liam K\Local Settings\Temp\ntdll64.dll ()
Protocol_Catalog9\Catalog_Entries\000000000007 -- C:\Documents and Settings\Liam K\Local Settings\Temp\ntdll64.dll ()
Protocol_Catalog9\Catalog_Entries\000000000008 -- C:\Documents and Settings\Liam K\Local Settings\Temp\ntdll64.dll ()
Protocol_Catalog9\Catalog_Entries\000000000009 -- C:\Documents and Settings\Liam K\Local Settings\Temp\ntdll64.dll ()
Protocol_Catalog9\Catalog_Entries\000000000010 -- C:\Documents and Settings\Liam K\Local Settings\Temp\ntdll64.dll ()
Protocol_Catalog9\Catalog_Entries\000000000011 -- C:\Documents and Settings\Liam K\Local Settings\Temp\ntdll64.dll ()
Protocol_Catalog9\Catalog_Entries\000000000012 -- C:\Documents and Settings\Liam K\Local Settings\Temp\ntdll64.dll ()
Protocol_Catalog9\Catalog_Entries\000000000013 -- C:\Documents and Settings\Liam K\Local Settings\Temp\ntdll64.dll ()
Protocol_Catalog9\Catalog_Entries\000000000014 -- C:\Documents and Settings\Liam K\Local Settings\Temp\ntdll64.dll ()
Protocol_Catalog9\Catalog_Entries\000000000015 -- C:\Documents and Settings\Liam K\Local Settings\Temp\ntdll64.dll ()
Protocol_Catalog9\Catalog_Entries\000000000016 -- C:\Documents and Settings\Liam K\Local Settings\Temp\ntdll64.dll ()
Protocol_Catalog9\Catalog_Entries\000000000017 -- C:\Documents and Settings\Liam K\Local Settings\Temp\ntdll64.dll ()

[color=orange]========== (O18) Protocol Handlers ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
ipp: [HKLM - No CLSID value]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] - Protocol Handlers
[2002/05/24 12:22:16 | 00,532,480 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL ipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - Microsoft OLE DB Moniker Binder for Internet Publishing]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
[2007/10/18 10:31:54 | 00,066,072 | ---- | M] (Microsoft Corporation) C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (livecall:{828030A1-22C1-4009-854F-8E305202313F} (HKLM) [Reg Error: Value  does not exist or could not be read.])

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
msdaipp: [HKLM - No CLSID value]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] - Protocol Handlers
[2002/05/24 12:22:16 | 00,532,480 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL msdaipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - Microsoft OLE DB Moniker Binder for Internet Publishing]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] - Protocol Handlers
[2002/05/24 12:22:16 | 00,532,480 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL msdaipp\oledb:{E1D2BF40-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAIPP.BINDER]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
[2007/10/18 10:31:54 | 00,066,072 | ---- | M] (Microsoft Corporation) C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (msnim:{828030A1-22C1-4009-854F-8E305202313F} (HKLM) [Reg Error: Value  does not exist or could not be read.])

[color=orange]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}"=Adobe AIR
"{024729A3-6BE9-F0DD-E6C4-A95CF7159A1C}"=CCC Help Thai
"{02A10468-2F1C-447C-AD8E-4DEDDEA25AE2}"=Medieval II Total War : Kingdoms : Crusades
"{0332234E-09D1-4B74-A5F3-73E34BA29F5B}"=Nokia Software Updater
"{03E26CB2-2D09-EE9E-7C42-F9EDDBA61292}"=Catalyst Control Center Localization Portuguese
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}"=Steam
"{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}"=Battlefield 2(TM)
"{04AF207D-9A77-465A-8B76-991F6AB66245}"=Adobe Help Viewer CS3
"{055EE59D-217B-43A7-ABFF-507B966405D8}"=ATI Catalyst Control Center
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}"=Adobe Bridge Start Meeting
"{1114F843-609B-E030-D9E9-D4BE7772B36C}"=Catalyst Control Center Localization Czech
"{14C35072-D7D0-4B29-B5BF-C94E426D77E9}"=Sky Broadband
"{17F2ACCF-309D-2B41-3D40-A3F569F57EDA}"=CCC Help Finnish
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}"=Adobe WinSoft Linguistics Plugin
"{1A655D51-1423-48A3-B748-8F5A0BE294C8}"=Microsoft Visual J# .NET Redistributable Package 1.1
"{1D58229F-C505-45CA-8223-F35F3A34B963}"=Adobe Version Cue CS3 Server
"{1D893CF9-2C8D-3B98-457D-EB5F3578BC30}"=CCC Help Italian
"{1DD34CAF-3E11-B6F8-70CD-D281DFA7CA52}"=Skins
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}"=DVD Solution
"{2105D2A8-6360-6AB2-1889-95286C9E1757}"=Catalyst Control Center Localization Italian
"{21BAC2EC-527A-4AD5-954E-08BE4C9B2C38}"=Adobe Creative Suite 3 Web Standard
"{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}"=Adobe ExtendScript Toolkit 2
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}"=Adobe Stock Photos CS3
"{2A0A6470-FD0F-4F45-9B11-85F3167DB943}"=Nokia Flashing Cable Driver
"{2B0838A1-05EB-A135-550A-84CE19A4FB8B}"=Catalyst Control Center Localization Norwegian
"{2EFFFC71-1E66-454E-A6E6-CEEC800B96D2}"=Adobe Flash Video Encoder
"{318AB667-3230-41B5-A617-CB3BF748D371}"=iTunes
"{3248F0A8-6813-11D6-A77B-00B0D0150090}"=J2SE Runtime Environment 5.0 Update 9
"{3248F0A8-6813-11D6-A77B-00B0D0160070}"=Java(TM) 6 Update 7
"{32A41613-DBF2-8AD3-244C-E9CC9C9B630D}"=CCC Help Chinese Traditional
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}"=WebFldrs XP
"{36CDA33B-909B-4719-97D1-C4B99309BDC7}"=ATI Parental Control & Encoder
"{39C3617A-C7AC-EDF0-DD71-77A1AF8ACD4B}"=CCC Help Portuguese
"{39FDE6F8-5D02-EC16-967E-3D36AE3D9C4E}"=Catalyst Control Center Graphics Full Existing
"{3A12C952-61D5-4C3B-B68B-8CFBE47E22F1}"=Adobe Setup
"{3D7E3EC9-46CF-4359-9289-39CE01DFB82F}"=Adobe Photoshop CS3
"{40BF1E83-20EB-11D8-97C5-0009C5020658}"=Power2Go 5.0
"{41C77DAD-7A71-9108-442A-0D134D75AF48}"=CCC Help Spanish
"{4413D70B-5617-3718-B3DB-E83E9F2A20C9}"=CCC Help Hungarian
"{450DA020-DB18-E288-31C3-3B3F872A776E}"=CCC Help English
"{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}"=Adobe® Photoshop® Album Starter Edition 3.0
"{4E544E75-4FC7-5224-9C37-3D2831CDB017}"=Catalyst Control Center Localization Russian
"{508CE775-4BA4-4748-82DF-FE28DA9F03B0}"=Windows Live Messenger
"{51846830-E7B2-4218-8968-B77F0FF475B8}"=Adobe Color EU Extra Settings
"{53C398FE-CD56-412E-B3C7-B27F4B8B07D1}"=Microsoft IntelliType Pro 5.3
"{54793AA1-5001-42F4-ABB6-C364617C6078}"=Adobe Linguistics CS3
"{567D03AD-B75E-0F08-087B-13C1FF67C7D7}"=Catalyst Control Center Graphics Full New
"{5EB503D5-F057-47B0-A49C-EBDDAA249927}"=Adobe Setup
"{5F1B0D76-AFC0-6382-C507-D61E0D4CD3DC}"=Catalyst Control Center Core Implementation
"{6094AB91-4CC8-498E-9DFF-134CC0B159DE}"=PC Connectivity Solution
"{62834027-0A20-19E2-8ADA-8AC11DA07723}"=CCC Help Russian
"{63A9FB11-2708-7EAE-4AE4-765115E4151D}"=CCC Help Turkish
"{66CB0251-AB0E-5D30-4A04-7C9F9F26B7EE}"=Catalyst Control Center Localization Turkish
"{68C37F3D-2038-A60A-3DC4-60CAC421CF15}"=CCC Help Japanese
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}"=Apple Software Update
"{6A1DA78D-8895-3411-5954-3DE90EB4839A}"=CCC Help Chinese Standard
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}"=Adobe Fonts All
"{6B52140A-F189-4945-BFFC-DB3F00B8C589}"=Adobe Flash CS3
"{6B708481-748A-4EB4-97C1-CD386244FF77}"=Adobe MotionPicture Color Files
"{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}"=AHV content for Acrobat and Flash
"{6E9087C5-4D61-8AE6-0972-3C7A0BAC64D7}"=Catalyst Control Center Localization Finnish
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}"=Adobe Asset Services CS3
"{706A3FF0-1EA1-3FF0-69A5-DE0B22F5230A}"=CCC Help Greek
"{7299052b-02a4-4627-81f2-1818da5d550d}"=Microsoft Visual C++ 2005 Redistributable
"{75983B66-804C-40D1-BA13-64DAF652A6F1}"=Medieval II Total War : Kingdoms : Americas
"{76C24F39-B161-498F-BD8B-C64789812D13}_is1"=ConvertXtoDVD 3.3.4.107
"{77DCDCE3-2DED-62F3-8154-05E745472D07}"=Acrobat.com
"{77E033C3-D3EB-ECAA-7815-2C7DBBDF1AF3}"=Catalyst Control Center Localization Spanish
"{78F4F3F8-6ED5-34AD-CAD2-AC6127729138}"=CCC Help Swedish
"{7AEE1963-7001-4C37-BC20-2FAEB74AA41C}"=Medieval II Total War : Kingdoms : Teutonic
"{7CC7F961-1F31-39AD-8423-8E9220676B2E}"=CCC Help Polish
"{7DFC1012-D346-46CE-B03E-FF79125AE029}"=Adobe Fireworks CS3
"{802771A9-A856-4A41-ACF7-1450E523C923}"=Adobe XMP Panels CS3
"{889BCCBD-8C77-8D09-9BDF-DE6210E70AF2}"=CCC Help Norwegian
"{88D422DB-E9C7-4E16-9D80-2999F4FD6AD9}"=Adobe Flash Player 9 Plugin
"{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}"=Bonjour
"{8AF1BF2B-FA5E-1A95-60DB-F28CB2070FBC}"=Catalyst Control Center Localization Greek
"{8BEA6A31-651C-C4DC-E174-561BB14120B3}"=Catalyst Control Center Localization French
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}"=Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}"=Adobe Type Support
"{90176341-0A8B-4CCC-A78D-F862228A6B95}"=Adobe Anchor Service CS3
"{92F0B124-1C08-0F00-47FA-9581A74EF0FA}"=ccc-utility
"{948B21FA-48AF-AA3E-9770-02625F0108AC}"=Catalyst Control Center Localization Swedish
"{95655ED4-7CA5-46DF-907F-7144877A32E5}"=Adobe Color NA Recommended Settings
"{96E94E18-54D6-42C1-8FC4-24DACEDC3395}"=Nokia NSeries System Utilities
"{972826C4-7E9D-F0DA-1EA9-B2D223722370}"=CCC Help Czech
"{98E8285F-6B11-4ABD-15BA-2A369C3FDD86}"=Catalyst Control Center Localization Hungarian
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}"=Adobe Bridge CS3
"{A0794C57-D8F2-5423-CA67-384D45EB382B}"=CCC Help Danish
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}"=Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}"=Adobe Color - Photoshop Specific
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}"=Microsoft .NET Framework 3.0 Service Pack 2
"{A41A8666-3EC8-51B2-2927-493FBA5CE2B5}"=CCC Help French
"{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}"=MSXML 6.0 Parser
"{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}"=Windows Live installer
"{A828F8F2-BD8C-6F85-7280-0D252D34AC5D}"=Catalyst Control Center Localization Thai
"{A8C856AD-63CD-4613-AA29-E6C85607EA06}"=Nokia Software Launcher
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}"=PDF Settings
"{AC76BA86-7AD7-1033-7B44-A90000000001}"=Adobe Reader 9
"{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}"=REALTEK GbE & FE Ethernet PCI NIC Driver
"{AE86AE81-CD7F-496F-A39F-0210C985E71B}"=FM Modifier 2.25
"{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}"=Windows Live Sign-in Assistant
"{B2F2C082-77FD-6C2C-2EC8-FBB852B8B51A}"=CCC Help Korean
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}"=Adobe Camera Raw 4.0
"{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}"=Adobe Setup
"{b4092c6d-e886-4cb2-ba68-fe5a88d31de6}_is1"=Spybot - Search & Destroy
"{B41F5ED6-4D67-4FAA-B787-D5DF1DD0EC80}"=REALTEK RTL8185 Wireless LAN Driver and Utility
"{B7050CBDB2504B34BC2A9CA0A692CC29}"=DivX Web Player
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}"=PowerProducer
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}"=Adobe Default Language CS3
"{BA235311-3EA5-83C7-F0E4-3FFED48A3110}"=ccc-core-preinstall
"{BE5F3842-8309-4754-92D5-83E02E6077A3}"=Adobe Extension Manager CS3
"{BFB450D8-BCCB-C608-C2D3-2F863B0A1A09}"=CCC Help Dutch
"{C0698BDA-0D29-40EE-8570-A31106DF9AB1}"=Medieval II Total War
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}"=Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}"=Microsoft .NET Framework 1.1
"{CB99356B-F8B6-EE9B-806F-57E58CDB8A49}"=Catalyst Control Center Graphics Light
"{CBDE9C7D-CF52-4558-B23E-B66359CB586A}"=Nokia Connectivity Cable Driver
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}"=Microsoft .NET Framework 3.5 SP1
"{CEDDEE73-3D36-41C2-AA40-29355D9FBD63}"=Medieval II Total War : Kingdoms : Britannia
"{D050D7362D214723AD585B541FFB6C11}"=DivX Content Uploader
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}"=Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}"=Adobe PDF Library Files
"{D2C811DF-7927-A826-DD0A-F4BD7756A09B}"=Catalyst Control Center Localization Chinese Standard
"{D30125D5-23F3-BD39-DE6B-6483E21F34C1}"=Catalyst Control Center Localization Chinese Traditional
"{D6D2D227-3431-82D1-08CA-D48F7D5B12FF}"=Catalyst Control Center Localization Polish
"{D7CC2103-F5A3-E151-F2E9-C94513A47F3F}"=Catalyst Control Center Localization Dutch
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}"=Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}"=Adobe Color JA Extra Settings
"{ded53b0b-b67c-4244-ae6a-d6fd3c28d1ef}"=Ad-Aware
"{E69AE897-9E0B-485C-8552-7841F48D42D8}"=Adobe Update Manager CS3
"{E94603CA-2996-4154-8EE2-A5FCD4BFB500}"=Nokia Lifeblog 2.5
"{EC4455AB-F155-4CC1-A4C5-88F3777F9886}"=Apple Mobile Device Support
"{ECDD7BD7-AA20-A0EC-C91A-34FDB52E171B}"=CCC Help German
"{ED50ECE9-EC54-4C05-B5ED-EE4741A9F2EC}"=Battlefield 2142
"{F01D5ED5-D53A-4468-B428-149DC2CB3110}"=Adobe Dreamweaver CS3
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}"=Realtek High Definition Audio Driver
"{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}"=The Witcher Enhanced Edition
"{f333a33d-125c-32a2-8dce-5c5d14231e27}"=Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{f333a33d-125c-32a2-8dce-5c5d14231e27}.vc_x86runtime_30729_01"=Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F4EE8763-EAA8-4BC1-8594-8501F5F00414}"=Nokia NSeries One Touch Access
"{F5461972-F6A5-853A-1B4B-F5AD2CB78A89}"=Catalyst Control Center Localization Japanese
"{F68A5AEF-061D-0A49-D440-C54D96496CE8}"=ccc-core-static
"{F779EC8D-6703-4C4A-817C-37B07898E647}"=Nokia NSeries Content Copier
"{F7B37275-A11B-0B97-6F69-038E9569002E}"=Catalyst Control Center Localization Korean
"{F89E5AD8-AE47-49B5-B9F9-C498791E6255}"=Nokia NSeries Music Manager
"{F958CA02-BB40-4007-894B-258729456EE4}"=QuickTime
"{FA25FAF6-3097-43C9-BBB2-A77CE8AF1881}"=Nokia NSeries Multimedia Player
"{FC9E08AA-CD59-4C59-BEF9-87E05B9E37D7}"=Adobe Contribute CS3
"{FD349381-D79C-4E5C-8980-015DFFB962D5}"=Nokia NSeries Application Installer
"{FF04C032-D077-4E74-4BBD-B44B0C82CD2D}"=Catalyst Control Center Localization German
"{FF11004C-F42A-4A31-9BCF-7F5C8FDBE53C}"=Adobe Setup
"{FFA07CE3-8ABF-F029-657D-422FDAE76594}"=Catalyst Control Center Localization Danish
"ad-aware"=Ad-Aware
"Adobe AIR"=Adobe AIR
"Adobe Flash Player ActiveX"=Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin"=Adobe Flash Player Plugin
"Adobe_3e054d2218e7aa282c2369d939e58ff"=Adobe ExtendScript Toolkit 2
"Adobe_435a6af7459cb02a9c1138113a26e93"=Adobe Dreamweaver CS3
"Adobe_719d6f144d0c086a0dfa7ff76bb9ac1"=Adobe Photoshop CS3
"Adobe_fca3a29c624ecd6945fd31fd99a1eb1"=Add or Remove Adobe Creative Suite 3 Web Standard
"All ATI Software"=ATI - Software Uninstall Utility
"ATI Display Driver"=ATI Display Driver
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1"=Acrobat.com
"Eset NOD32 v3.0.642 FiX1.2 by TemDono_is1"=NOD32 v3.0.642 FiX1.2 by TemDono (31 days remaining forever up 
"F064B256B4A20996EA9E333B5E0F14B61AB3333D"=Windows Driver Package - Nokia (WUDFRd) WPD  (03/19/2007 6.83.31.1)
"Football Manager 2008"=Football Manager 2008
"Hamachi"=Hamachi 1.0.3.0
"hijackthis"=HijackThis 2.0.2
"Lemonade Tycoon Deluxe"=Lemonade Tycoon Deluxe
"LimeWire"=LimeWire 4.18.8
"Microsoft .NET Framework 3.5 SP1"=Microsoft .NET Framework 3.5 SP1
"mIRC"=mIRC
"Mozilla Firefox (3.0.7)"=Mozilla Firefox (3.0.7)
"Nero - Burning Rom!UninstallKey"=Nero 6 Ultra Edition
"NPRE.exe"=Password Recovery Engine for Network Connections (remove only)
"NVIDIA Drivers"=NVIDIA Drivers
"SimCity 3000"=SimCity 3000
"SpywareBlaster_is1"=SpywareBlaster 4.1
"Steam App 10"=Counter-Strike
"Steam App 10540"=Football Manager 2009
"Steam App 2620"=Call of Duty
"Steam App 2640"=Call of Duty: United Offensive
"SystemRequirementsLab"=System Requirements Lab
"WinZip"=WinZip
"XpsEPSC"=XML Paper Specification Shared Components Pack 1.0
"YASA MP4 Video Converter v3.2 (build 0051)"=YASA MP4 Video Converter v3.2 (build 0051)

[color=orange]========== HKEY_CURRENT_USER Uninstall List ==========[/color]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent"=BitTorrent
"BitTorrent DNA"=DNA

[color=orange]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-602162358-764733703-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent"=BitTorrent
"BitTorrent DNA"=DNA

[color=orange]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 3/21/2009 7:33:57 AM | Computer Name = LIAM | Source = nview_info | ID = 11141121
Description = 

Error - 3/21/2009 7:33:57 AM | Computer Name = LIAM | Source = nview_info | ID = 11141121
Description = 

Error - 3/21/2009 7:33:57 AM | Computer Name = LIAM | Source = nview_info | ID = 11141121
Description = 

Error - 3/21/2009 7:33:57 AM | Computer Name = LIAM | Source = nview_info | ID = 11141121
Description = 

Error - 3/21/2009 7:33:57 AM | Computer Name = LIAM | Source = nview_info | ID = 11141121
Description = 

Error - 3/21/2009 7:34:05 AM | Computer Name = LIAM | Source = nview_info | ID = 11141121
Description = 

Error - 3/21/2009 7:34:05 AM | Computer Name = LIAM | Source = nview_info | ID = 11141121
Description = 

Error - 3/21/2009 7:34:05 AM | Computer Name = LIAM | Source = nview_info | ID = 11141121
Description = 

Error - 3/21/2009 7:34:05 AM | Computer Name = LIAM | Source = nview_info | ID = 11141121
Description = 

Error - 3/21/2009 7:34:05 AM | Computer Name = LIAM | Source = nview_info | ID = 11141121
Description = 

[ System Events ]
Error - 3/27/2009 7:13:16 PM | Computer Name = LIAM | Source = Service Control Manager | ID = 7028
Description = The wuauserv Registry key denied access to SYSTEM account programs
 so the Service Control Manager took ownership of the Registry key.

Error - 3/27/2009 7:13:51 PM | Computer Name = LIAM | Source = Service Control Manager | ID = 7028
Description = The wuauserv Registry key denied access to SYSTEM account programs
 so the Service Control Manager took ownership of the Registry key.

Error - 3/27/2009 7:14:27 PM | Computer Name = LIAM | Source = Service Control Manager | ID = 7028
Description = The wuauserv Registry key denied access to SYSTEM account programs
 so the Service Control Manager took ownership of the Registry key.

Error - 3/27/2009 7:14:31 PM | Computer Name = LIAM | Source = Service Control Manager | ID = 7028
Description = The wuauserv Registry key denied access to SYSTEM account programs
 so the Service Control Manager took ownership of the Registry key.

Error - 3/27/2009 7:16:02 PM | Computer Name = LIAM | Source = Service Control Manager | ID = 7028
Description = The wuauserv Registry key denied access to SYSTEM account programs
 so the Service Control Manager took ownership of the Registry key.

Error - 3/27/2009 7:16:48 PM | Computer Name = LIAM | Source = DCOM | ID = 10005
Description = DCOM got error "%2" attempting to start the service BITS with arguments
 ""  in order to run the server:  {4991D34B-80A1-4291-83B6-3328366B9097}

Error - 3/27/2009 7:16:48 PM | Computer Name = LIAM | Source = Service Control Manager | ID = 7000
Description = The Background Intelligent Transfer Service service failed to start
 due to the following error:   %%2

Error - 3/27/2009 7:16:52 PM | Computer Name = LIAM | Source = Service Control Manager | ID = 7028
Description = The wuauserv Registry key denied access to SYSTEM account programs
 so the Service Control Manager took ownership of the Registry key.

Error - 3/27/2009 7:17:41 PM | Computer Name = LIAM | Source = Service Control Manager | ID = 7028
Description = The wuauserv Registry key denied access to SYSTEM account programs
 so the Service Control Manager took ownership of the Registry key.

Error - 3/27/2009 7:19:05 PM | Computer Name = LIAM | Source = Service Control Manager | ID = 7028
Description = The wuauserv Registry key denied access to SYSTEM account programs
 so the Service Control Manager took ownership of the Registry key.


< End of report >



Thanks,




Liam

#8 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:10:53 PM

Posted 28 March 2009 - 03:05 PM

Hi LiamHFC,

The log shows that you have been using so called peer-to-peer or file-sharing programmes (in your case Limewire). These programmes allow to share files between users as the name(s) suggest. In today's world the cyber crime has come a long way and any means is used to infect personal computers to make use of their stored data or machine power for further propagation of their malware files. A popular means is the use of file-sharing tools as a tremendous amount of prospective victims can be reached through it.

It is therefore possible to be infected by downloading manipulated files via peer-to-peer tools and thus suggested to be used with intense care. Some further readings on this subject, along the included links, are as follows: "File-Sharing, otherwise known as Peer To Peer" and "Risks of File-Sharing Technology."

It is also important to note that sharing entertainment files and proprietary software infringes the copyright laws in many countries over the world and you are putting yourself at risk of being indicted through organisations watching over the rights of the authors of such files (i.e. the RIAA for music files, or the MPAA for movie files in the USA) or the authors of the files themselves.

Naturally there are also legal ways to use these services, such as downloading Linux distributions or office suites such as "Open Office."

---------------------------------------------------------------------------------------------------------

The logs show that we need to run a powerful tool called Combofix. Be careful when you run this, follow the instructions carefully and if you aren't sure then ask. If you follow those rules you'll be fine.

Please download ComboFix from one of these locations:* IMPORTANT !!! Save ComboFix.exe to your Desktop
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Double click on ComboFix.exe & follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Posted Image


Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Posted Image


Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

Please post fresh OTViewIt logs too.

Thanks :thumbup2:
Posted Image
m0le is a proud member of UNITE

#9 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:10:53 PM

Posted 30 March 2009 - 11:42 AM

Hi LiamHFC,

I have not had a reply from you for 2 days. Can you please tell me if you still need help with your computer as I am unable to help other members with their problems while I have your topic still open.

Large spaces between fixes can make it difficult to fix your computer too.

If you like you can PM me.

Thanks,


m0le
Posted Image
m0le is a proud member of UNITE

#10 LiamHFC

LiamHFC
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Location:Scotland
  • Local time:05:53 PM

Posted 31 March 2009 - 07:33 AM

Sorry m0le.

I will get to this as soon as possible. My internet has been shut off as the virus has been sending out spam email, so my ISP shut me off.


Sorry again!

#11 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:10:53 PM

Posted 31 March 2009 - 01:20 PM

Contact the ISP and ask them to remove the bar so that you can get your system clean. You can email me them the topic link but you shoudn't need to.

Let me know what they say. We should be able to remove the infections quite quickly once you have access.

:thumbup2:
Posted Image
m0le is a proud member of UNITE

#12 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:10:53 PM

Posted 05 April 2009 - 04:50 PM

Hi LiamHFC,

I have not had a reply from you for 5 days. Can you please tell me if you still need help with your computer as I am unable to help other members with their problems while I have your topic still open.

I know you're having problems with the ISP but let me know what is happening please.

If you like you can PM me.

Thanks,


m0le
Posted Image
m0le is a proud member of UNITE

#13 kahdah

kahdah

  • Security Colleague
  • 11,138 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:06:53 PM

Posted 12 April 2009 - 08:36 PM

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member with address of this thread. This applies only to the original topic starter. Everyone else please begin a New Topic.
Please do not pm for help, post it in the forums instead.

If I am helping you and have not responded for 48 hours please send me a pm as I don't always get notifications.

My help is always free, however, if you would like to make a donation to me for the help I have provided please click here Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users