WiredWX Hobby Weather ToolsLog in

 


Cant run Malwarebytes HELP!!!

2 posters

descriptionCant run Malwarebytes HELP!!! - Page 2 EmptyRe: Cant run Malwarebytes HELP!!!

more_horiz
Hello.

  • Download combofix from here
    Link 1

    1. If you are using Firefox, make sure that your download settings are as follows:

    * Tools->Options->Main tab
    * Set to "Always ask me where to Save the files".

    2. During the download, rename Combofix to Combo-Fix as follows:

    Cant run Malwarebytes HELP!!! - Page 2 CF_download_FF

    Cant run Malwarebytes HELP!!! - Page 2 CF_download_rename

    3. It is important you rename Combofix during the download, but not after.
    4. Please do not rename Combofix to other names, but only to the one indicated.
    5. Close any open browsers.
    6. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

  • We need to disable your local AV (Anti-virus) before running Combofix.
  • See HERE for how to disable your AV.
  • Double click on ComboFix.exe.
  • Follow the prompts. NOTE:
  • ComboFix will check to see if the Microsoft Windows Recovery Console is installed.
    ***It's strongly recommended to have the Recovery Console installed before doing any malware removal.***

    **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will automatically proceed with its scan.


  • The Recovery Console provides a recovery/repair mode should a problem occur during a Combofix run.

    Cant run Malwarebytes HELP!!! - Page 2 Cf410

  • Allow ComboFix to download the Recovery Console.
  • Accept the End-User License Agreement.
  • The Recovery Console will be installed.
  • You will then get this next prompt that asks if you want to continue the malware scan, select yes

    Cant run Malwarebytes HELP!!! - Page 2 Cf510

  • Allow combofix to run
  • Post C:\combofix.txt back here.

    Note:
    Do not mouseclick combofix's window whilst it's running. That may cause it to stall.

descriptionCant run Malwarebytes HELP!!! - Page 2 EmptyRe: Cant run Malwarebytes HELP!!!

more_horiz
Umm im stuck am i suppose to use stopzilla? because thats what its making me download....

descriptionCant run Malwarebytes HELP!!! - Page 2 EmptyRe: Cant run Malwarebytes HELP!!!

more_horiz
Hello.
Does the tinyurl link not take you to a file called KittyFix.exe?

I see that you are running Limewire.
P2P(Peer to peer) applications are designed to help you easily share and distribute files between you and a group of people. But they can also be used to distribute malware, and thus are not considered safe.
The removal of these programs is optional, but highly recommended.

  • Click Start >> Control Panel.
  • Under the Programs click Uninstall a Program
  • Highlight the following:

    BitTorrent
    LimeWire 5.3.6
    Mirar

  • Click on the Uninstall/Change button at the top.

In any case, lets bin some other stuff first, because it's not making matters any better.

Please download the current version of HijackThis from HERE

  • Double click and run the installer.
  • It will install to C:\Program Files\Trend Micro\HijackThis\hijackthis.exe
  • After installing, you should get the user agreement, press accept and Hijack This will run.
  • Select Do a system scan and save a log file. This will open a notepad file of everything Hijack This found, copy and paste it back here.

descriptionCant run Malwarebytes HELP!!! - Page 2 EmptyRe: Cant run Malwarebytes HELP!!!

more_horiz
no i can download that its the
# We need to disable your local AV (Anti-virus) before running Combofix.
# See HERE for how to disable your AV.
# Double click on ComboFix.exe.
# Follow the prompts. NOTE:
# ComboFix will check to see if the Microsoft Windows Recovery Console is installed.

thats the part that it redirects to stopzilla i will still do what you told me above just letting you know which part it does it on

And i cant intsall hijackthis i get a error code 2503 and 2052 with the description The installer has encountered an unexpected error installing this package. This may indicate a problem with this package

descriptionCant run Malwarebytes HELP!!! - Page 2 EmptyRe: Cant run Malwarebytes HELP!!!

more_horiz
Yeah, it's more than likely the Crawler/Ask infection that's showing up in DDS. Usually they are a just a pain in the butt, but usually don't interfere.

Run Hijack This anyway, we'll get rid of those first.

descriptionCant run Malwarebytes HELP!!! - Page 2 EmptyRe: Cant run Malwarebytes HELP!!!

more_horiz
Belahzur wrote:
Yeah, it's more than likely the Crawler/Ask infection that's showing up in DDS. Usually they are a just a pain in the butt, but usually don't interfere.

Run Hijack This anyway, we'll get rid of those first.


i just edited my msg please reread it

descriptionCant run Malwarebytes HELP!!! - Page 2 EmptyRe: Cant run Malwarebytes HELP!!!

more_horiz
Hello.
Ah, an error.

Fine, guess we'll use this and force them out.
Download OTL by OldTimer to your Desktop.

  • Close all windows and double click OTL.exe
  • Click Run Scan and let the program run uninterrupted
  • It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Please post OTL.txt in this thread.
  • You may need to use two posts to get it all.

descriptionCant run Malwarebytes HELP!!! - Page 2 EmptyRe: Cant run Malwarebytes HELP!!!

more_horiz
OTL logfile created on: 12/17/2009 4:13:03 PM - Run 1
OTL by OldTimer - Version 3.1.17.0 Folder = C:\Users\palma\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18813)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.74 Gb Available Physical Memory | 87.22% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222.79 Gb Total Space | 42.33 Gb Free Space | 19.00% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 6.06 Gb Free Space | 60.61% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PALMA-PC
Current User Name: palma
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2009/12/17 16:12:59 | 00,538,112 | ---- | M] (OldTimer Tools) -- C:\Users\palma\Desktop\OTL.exe
PRC - [2009/12/15 20:27:04 | 00,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009/12/13 19:07:55 | 00,198,160 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2009/12/03 16:14:02 | 00,429,392 | ---- | M] (Malwarebytes Corporation) -- C:\Users\Public\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2009/12/03 16:14:02 | 00,276,816 | ---- | M] (Malwarebytes Corporation) -- C:\Users\Public\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2009/11/24 15:51:40 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009/11/24 15:51:35 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009/11/24 15:51:21 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009/11/24 15:48:48 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009/11/24 15:43:56 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009/10/23 22:31:17 | 01,217,808 | ---- | M] (Valve Corporation) -- C:\Users\Public\steam\Steam.exe
PRC - [2009/08/06 16:51:54 | 00,613,128 | ---- | M] (http://tortoisesvn.net) -- C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
PRC - [2009/05/15 19:24:24 | 00,335,872 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2009/05/15 19:23:56 | 00,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2009/03/30 02:25:26 | 43,010,392 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
PRC - [2009/03/26 14:31:20 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2008/12/12 10:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2008/11/09 12:48:14 | 00,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/10/28 22:29:41 | 02,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/10/16 19:35:28 | 00,116,032 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\ramaint.exe
PRC - [2008/10/16 19:35:24 | 00,087,360 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LMIGuardian.exe
PRC - [2008/07/24 17:46:10 | 00,063,040 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe
PRC - [2008/07/10 01:49:44 | 00,098,840 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
PRC - [2008/06/23 11:04:22 | 00,065,536 | ---- | M] (Dynamic Network Services, Inc.) -- C:\Program Files\DynDNS Updater\DynUpSvc.exe
PRC - [2008/01/18 23:33:33 | 00,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\unsecapp.exe
PRC - [2007/06/11 15:18:00 | 00,537,520 | ---- | M] ( ) -- C:\Windows\System32\lxdjcoms.exe
PRC - [2007/03/16 00:24:02 | 00,537,520 | ---- | M] ( ) -- C:\Windows\System32\lxbccoms.exe
PRC - [2007/01/04 13:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2006/12/12 00:22:34 | 00,537,480 | ---- | M] ( ) -- C:\Windows\System32\dlcqcoms.exe
PRC - [2006/11/02 01:45:59 | 00,215,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\wmdSync.exe
PRC - [2006/09/29 09:38:50 | 00,081,920 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2006/08/04 16:39:20 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\XAudio.exe
PRC - [2003/02/25 08:52:00 | 00,303,104 | ---- | M] (Lexmark International, Inc.) -- C:\Windows\System32\LEXBCES.EXE
PRC - [2003/02/25 08:50:00 | 00,174,592 | ---- | M] (Lexmark International, Inc.) -- C:\Windows\System32\LEXPPS.EXE


========== Modules (SafeList) ==========

MOD - [2009/12/17 16:12:59 | 00,538,112 | ---- | M] (OldTimer Tools) -- C:\Users\palma\Desktop\OTL.exe
MOD - [2008/01/18 23:26:34 | 01,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (wampmysqld)
SRV - File not found [On_Demand | Stopped] -- -- (wampapache)
SRV - File not found [Auto | Stopped] -- -- (Seekeen Service)
SRV - File not found [On_Demand | Stopped] -- -- (McSysmon)
SRV - File not found [Unknown | Stopped] -- -- (McShield)
SRV - [2009/12/03 16:14:02 | 00,276,816 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Users\Public\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2009/11/24 15:51:35 | 00,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009/11/24 15:51:21 | 00,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009/11/24 15:48:48 | 00,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009/11/24 15:43:56 | 00,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2009/10/23 22:45:11 | 00,316,664 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2009/05/15 19:23:56 | 00,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009/03/30 02:25:26 | 43,010,392 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe -- (MSSQL$SQLEXPRESS) SQL Server (SQLEXPRESS)
SRV - [2009/03/30 02:23:32 | 00,254,808 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe -- (SQLBrowser)
SRV - [2009/03/30 02:23:24 | 00,366,936 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE -- (SQLAgent$SQLEXPRESS) SQL Server Agent (SQLEXPRESS)
SRV - [2009/03/26 14:31:20 | 00,132,424 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/02/18 14:21:00 | 02,769,658 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)
SRV - [2008/12/19 17:08:02 | 00,137,200 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2008/12/12 10:17:38 | 00,238,888 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2008/12/09 23:04:17 | 00,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008/11/24 21:31:10 | 29,263,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe -- (MSSQL$SONY_MEDIAMGR2) SQL Server (SONY_MEDIAMGR2)
SRV - [2008/11/24 21:31:08 | 00,045,408 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe -- (MSSQLServerADHelper)
SRV - [2008/11/20 13:20:44 | 00,536,872 | ---- | M] (Apple Inc.) [On_Demand | Stopped] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2008/11/09 12:48:14 | 00,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/10/16 19:35:28 | 00,116,032 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\RaMaint.exe -- (LMIMaint)
SRV - [2008/07/24 17:46:10 | 00,063,040 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LogMeIn.exe -- (LogMeIn)
SRV - [2008/07/10 16:28:04 | 00,047,128 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE -- (MSSQLServerADHelper100)
SRV - [2008/07/10 01:49:44 | 00,098,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)
SRV - [2008/06/23 11:04:22 | 00,065,536 | ---- | M] (Dynamic Network Services, Inc.) [Auto | Running] -- C:\Program Files\DynDNS Updater\DynUpSvc.exe -- (DynDNS Updater)
SRV - [2008/01/18 23:36:49 | 00,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2008/01/18 23:36:15 | 00,167,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2007/06/11 15:18:00 | 00,537,520 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\lxdjcoms.exe -- (lxdj_device)
SRV - [2007/03/16 00:24:02 | 00,537,520 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\lxbccoms.exe -- (lxbc_device)
SRV - [2007/01/04 13:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2006/12/12 00:22:34 | 00,537,480 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\dlcqcoms.exe -- (dlcq_device)
SRV - [2006/11/05 08:15:12 | 00,880,640 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe -- (RoxMediaDB9)
SRV - [2006/11/05 08:13:00 | 00,159,744 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe -- (RoxWatch9)
SRV - [2006/11/02 04:35:29 | 00,013,312 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\ehome\ehstart.dll -- (ehstart)
SRV - [2006/09/29 09:38:50 | 00,081,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2006/09/14 11:54:34 | 00,073,728 | ---- | M] (MicroVision Development, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\SureThing Shared\stllssvr.exe -- (stllssvr)
SRV - [2006/08/04 16:39:20 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\System32\drivers\XAudio.exe -- (XAudioService)
SRV - [2004/10/22 00:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2003/07/28 11:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2003/02/25 08:52:00 | 00,303,104 | ---- | M] (Lexmark International, Inc.) [Auto | Running] -- C:\Windows\System32\LEXBCES.EXE -- (LexBceS)


========== Driver Services (SafeList) ==========

DRV - [2009/12/03 16:13:56 | 00,019,160 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2009/11/24 15:50:12 | 00,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2009/11/24 15:50:00 | 00,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009/11/24 15:49:48 | 00,053,328 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2009/11/24 15:49:07 | 00,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009/11/24 15:48:57 | 00,023,120 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009/11/16 20:59:50 | 00,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009/08/22 12:58:43 | 00,012,400 | ---- | M] (Macrovision Europe Ltd) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv)
DRV - [2009/05/15 20:01:22 | 04,933,632 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2009/05/15 20:01:22 | 04,933,632 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009/04/08 13:29:52 | 00,056,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\xusb21.sys -- (xusb21)
DRV - [2009/03/30 02:09:28 | 00,239,336 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\RsFx0103.sys -- (RsFx0103)
DRV - [2009/03/26 14:23:46 | 00,036,864 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbaapl.sys -- (USBAAPL)
DRV - [2009/03/04 17:46:47 | 00,003,026 | ---- | M] (Logix4u) [Kernel | System | Running] -- C:\Windows\System32\drivers\hwinterface.sys -- (hwinterface)
DRV - [2008/12/04 21:55:40 | 00,217,728 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel(R)
DRV - [2008/11/27 09:49:06 | 00,025,280 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2008/10/16 19:35:58 | 00,083,288 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2008/08/14 07:57:42 | 00,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\adfs.sys -- (adfs)
DRV - [2008/07/24 17:46:12 | 00,012,856 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files\LogMeIn\x86\rainfo.sys -- (LMIInfo)
DRV - [2008/07/24 17:46:10 | 00,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2008/07/24 17:45:20 | 00,010,144 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lmimirr.sys -- (lmimirr)
DRV - [2008/04/17 13:12:54 | 00,015,464 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2008/02/06 02:00:00 | 00,044,608 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2008/01/25 01:12:34 | 00,025,088 | ---- | M] (TeamViewer GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\teamviewervpn.sys -- (teamviewervpn)
DRV - [2008/01/18 21:56:08 | 00,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usb8023x.sys -- (usb_rndisx)
DRV - [2008/01/18 21:53:39 | 00,007,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\umpass.sys -- (UMPass)
DRV - [2008/01/18 21:53:23 | 00,073,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/01/18 21:53:22 | 00,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (winusb)
DRV - [2007/10/29 16:37:22 | 12,214,272 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\snp2sxp.sys -- (SNP2STD) USB2.0 PC Camera (SNP2STD)
DRV - [2007/04/21 06:15:42 | 00,009,344 | ---- | M] (Hajo Krabbenhöft) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tenCapture.sys -- (tenCapture)
DRV - [2007/04/05 13:49:21 | 00,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2007/04/05 13:49:21 | 00,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2007/04/05 13:49:21 | 00,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007/02/09 10:32:30 | 01,476,608 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2006/11/02 01:51:45 | 00,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006/11/02 01:51:38 | 00,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006/11/02 01:51:34 | 00,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006/11/02 01:51:32 | 00,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006/11/02 01:51:25 | 00,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006/11/02 01:51:25 | 00,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006/11/02 01:51:00 | 00,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006/11/02 01:50:45 | 00,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006/11/02 01:50:41 | 00,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006/11/02 01:50:35 | 00,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 01:50:35 | 00,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 01:50:35 | 00,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006/11/02 01:50:24 | 00,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006/11/02 01:50:19 | 00,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 01:50:17 | 00,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 01:50:16 | 00,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006/11/02 01:50:13 | 00,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006/11/02 01:50:11 | 00,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 01:50:10 | 00,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006/11/02 01:50:10 | 00,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006/11/02 01:50:10 | 00,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006/11/02 01:50:10 | 00,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006/11/02 01:50:09 | 00,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006/11/02 01:50:09 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 01:50:07 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 01:50:05 | 00,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006/11/02 01:50:05 | 00,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 01:50:04 | 00,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006/11/02 01:50:03 | 00,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 01:49:59 | 00,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 01:49:56 | 00,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 01:49:53 | 00,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006/11/02 00:25:24 | 00,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 00:24:47 | 00,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 00:24:46 | 00,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 00:24:45 | 00,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 00:24:44 | 00,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 00:24:44 | 00,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/01 23:36:50 | 00,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/01 23:30:54 | 00,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2006/11/01 12:18:15 | 00,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2006/10/18 10:09:26 | 00,986,624 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2006/10/18 10:08:18 | 00,258,048 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2006/10/18 10:08:04 | 00,659,968 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2006/09/29 11:59:58 | 00,250,368 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iastor.sys -- (iaStor)
DRV - [2006/08/04 16:39:10 | 00,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2006/06/19 13:26:58 | 00,012,672 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\mdmxsdk.sys -- (mdmxsdk)
DRV - [2006/04/10 13:02:18 | 00,162,816 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RT25USBAP.SYS -- (RT25USBAP)
DRV - [2005/06/24 17:36:16 | 00,039,036 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2005/05/26 10:01:36 | 00,038,144 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2005/05/26 09:01:18 | 00,021,344 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2000/09/15 08:26:48 | 00,036,846 | ---- | M] (Motorola Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Net4100.sys -- (ndiscm)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60446
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.com/customize/ie/defaults/cs/msgr9/*http://www.yahoo.com/ext/search/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60446
IE - HKLM\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=6070405
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://kingkongsearch.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com?o=15153&l=dis
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
IE - HKCU\..\URLSearchHook: {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.5
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0
FF - prefs.js..extensions.enabledItems: {9c51bd27-6ed8-4000-a2bf-36cb95c0c947}:10.1.0
FF - prefs.js..network.proxy.no_proxies_on: "*.local"

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/12/15 20:27:06 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/12/15 20:27:06 | 00,000,000 | ---D | M]

[2007/01/16 00:34:11 | 00,000,000 | ---D | M] -- C:\Users\palma\AppData\Roaming\Mozilla\Extensions
[2009/04/03 20:13:14 | 00,000,000 | ---D | M] -- C:\Users\palma\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org
[2009/12/16 19:56:57 | 00,000,000 | ---D | M] -- C:\Users\palma\AppData\Roaming\Mozilla\Firefox\Profiles\900xdqll.default\extensions
[2009/12/15 17:22:06 | 00,000,000 | ---D | M] (Tamper Data) -- C:\Users\palma\AppData\Roaming\Mozilla\Firefox\Profiles\900xdqll.default\extensions\{9c51bd27-6ed8-4000-a2bf-36cb95c0c947}
[2009/12/15 17:34:40 | 00,000,000 | ---D | M] -- C:\Users\palma\AppData\Roaming\Mozilla\Firefox\Profiles\900xdqll.default\extensions\personas@christopher.beard
[2007/01/16 00:33:59 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions

O1 HOSTS File: (1626 bytes) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts:
O1 - Hosts: 127.0.0.1 armywow.servegame.org208.43.47.212 a1.review.zdnet.com
O1 - Hosts: 208.43.47.212 reviews.riverstreams.co.uk
O1 - Hosts: 208.43.47.212 d1.reviews.cnet.com
O1 - Hosts: 208.43.47.212 review.2009softwarereviews.com
O1 - Hosts: 208.43.47.212 reviews.download.com
O1 - Hosts: 208.43.47.212 reviews.pcadvisor.co.uk
O1 - Hosts: 208.43.47.212 reviews.pcmag.com
O1 - Hosts: 208.43.47.212 reviews.pcpro.co.uk
O1 - Hosts: 208.43.47.212 reviews.techradar.com
O1 - Hosts: 208.43.47.212 toptenreviews.com
O1 - Hosts: 208.43.47.212 www.reevoo.com
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 208.43.47.212 a1.review.zdnet.com
O1 - Hosts: 208.43.47.212 reviews.riverstreams.co.uk
O1 - Hosts: 208.43.47.212 d1.reviews.cnet.com
O1 - Hosts: 208.43.47.212 review.2009softwarereviews.com
O1 - Hosts: 208.43.47.212 reviews.download.com
O1 - Hosts: 208.43.47.212 reviews.pcadvisor.co.uk
O1 - Hosts: 208.43.47.212 reviews.pcmag.com
O1 - Hosts: 208.43.47.212 reviews.pcpro.co.uk
O1 - Hosts: 208.43.47.212 reviews.techradar.com
O1 - Hosts: 208.43.47.212 toptenreviews.com
O1 - Hosts: 208.43.47.212 www.reevoo.com
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - No CLSID value found.
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O3 - HKLM\..\Toolbar: (&Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {46245B5A-9FDE-4F66-B0F4-E686C8637D62} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKLM\..\Toolbar: (AIM Toolbar) - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
O3 - HKLM\..\Toolbar: (@msdxmLC.dll,-1@1033,&Radio) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\Windows\System32\Msdxm6.ocx (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (AIM Toolbar) - {61539ECD-CC67-4437-A03C-9AACCBD14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [DLCQCATS] C:\Windows\System32\spool\DRIVERS\W32X86\3\DLCQtime.DLL ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Users\Public\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O4 - HKCU..\Run: [CurseClient] C:\Program Files\Curse\CurseClient.exe ()
O4 - HKCU..\Run: [Steam] c:\users\public\steam\steam.exe (Valve Corporation)
O4 - HKCU..\Run: [Uniblue RegistryBooster 2009] c:\Program Files\Uniblue\RegistryBooster\StartRegistryBooster.exe (Uniblue Software)
O4 - HKCU..\Run: [Xbox Generator.exe] C:\Users\palma\AppData\Local\Microsoft\Windows\Explorer\Xbox Generator.exe File not found
O4 - Startup: C:\Users\palma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95
O8 - Extra context menu item: &AIM Toolbar Search - C:\ProgramData\AIM Toolbar\ieToolbar\resources\en-US\local\search.html ()
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O9 - Extra Button: AIM Toolbar - {0b83c99c-1efa-4259-858f-bcb33e007a5b} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} http://support.dell.com/systemprofiler/SysProExe.CAB (WMI Class)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/webplayer/stage6/windows/AutoDLDivXWebPlayerInstaller.cab (DivXBrowserPlugin Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tbr {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - Reg Error: Key error. File not found
O18 - Protocol\Handler\vnd.ms.radio {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\Windows\System32\Msdxm6.ocx (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 13:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{4700b71e-2a46-11de-a40d-001676a8151f}\Shell - "" = AutoRun
O33 - MountPoints2\{4700b71e-2a46-11de-a40d-001676a8151f}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
O33 - MountPoints2\{4700b720-2a46-11de-a40d-001676a8151f}\Shell\AutoRun - "" = Autorun
O33 - MountPoints2\{4b26c073-8b5e-11dd-b712-001676a8151f}\Shell\Auto\command - "" = Xbox Generator.exe
O33 - MountPoints2\{4b26c076-8b5e-11dd-b712-001676a8151f}\Shell - "" = AutoRun
O33 - MountPoints2\{4b26c076-8b5e-11dd-b712-001676a8151f}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
O33 - MountPoints2\{8d034886-7a70-11dc-a4f2-00038a000015}\Shell\AutoRun - "" = Autorun
O33 - MountPoints2\{a7d6ae26-e381-11de-b85f-806e6f6e6963}\Shell\Auto\command - "" = Xbox Generator.exe
O33 - MountPoints2\{d75f762e-2921-11dd-87a3-806e6f6e6963}\Shell\AutoRun\command - "" = F:\autorun.exe -- File not found
O33 - MountPoints2\{d75f762e-2921-11dd-87a3-806e6f6e6963}\Shell\phone\command - "" = F:\autorun.exe -- File not found
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~2\Spyware Terminator\sp_rsdel.exe "\??\C:\PROGRA~2\Spyware Terminator\sp_rsdel.dat,) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2099/12/31 21:38:51 | 00,000,000 | ---D | C] -- C:\Users\palma\Documents\MAGIX downloads
[2099/12/31 21:38:48 | 00,000,000 | ---D | C] -- C:\Users\palma\AppData\Roaming\MAGIX
[2099/12/31 21:37:13 | 00,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml4a.dll
[2099/12/31 21:37:12 | 00,430,080 | ---- | C] (MAGIX AG) -- C:\Windows\System32\MXRestore.exe
[2099/12/31 21:37:12 | 00,188,416 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLRES32.dll
[2099/12/31 21:37:12 | 00,065,536 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLPTL32.dll
[2099/12/31 21:37:12 | 00,057,344 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLTPO32.dll
[2099/12/31 21:37:12 | 00,053,248 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLPRJ32.dll
[2099/12/31 21:37:12 | 00,049,152 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLPRF32.dll
[2099/12/31 21:37:12 | 00,040,960 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLRD32.dll
[2099/12/31 21:37:12 | 00,036,864 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLPNT32.dll
[2099/12/31 21:37:12 | 00,032,768 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\STRING32.dll
[2099/12/31 21:37:12 | 00,024,576 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\TTIC32.dll
[2099/12/31 21:37:12 | 00,024,576 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\TTI32.dll
[2099/12/31 21:37:11 | 00,487,424 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLAV32.dll
[2099/12/31 21:37:11 | 00,163,840 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLDEV32.dll
[2099/12/31 21:37:11 | 00,151,552 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLDRV32.dll
[2099/12/31 21:37:11 | 00,114,688 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLCDA32.dll
[2099/12/31 21:37:11 | 00,094,208 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLCPY32.dll
[2099/12/31 21:37:11 | 00,061,440 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLCDF32.dll
[2099/12/31 21:37:11 | 00,053,248 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLIO32.dll
[2099/12/31 21:37:11 | 00,045,056 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLIMG32.dll
[2099/12/31 21:37:11 | 00,032,768 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLMSC32.dll
[2099/12/31 21:37:11 | 00,032,768 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLISO32.dll
[2099/12/31 21:37:11 | 00,032,768 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLDIR32.dll
[2099/12/31 21:37:11 | 00,024,576 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLIX.dll
[2099/12/31 21:35:37 | 00,700,416 | ---- | C] (MAGIX AG) -- C:\Windows\System32\mgxoschk.dll
[2099/12/31 21:35:37 | 00,000,000 | ---D | C] -- C:\Windows\System32\MAGIX
[2009/12/17 16:12:59 | 00,538,112 | ---- | C] (OldTimer Tools) -- C:\Users\palma\Desktop\OTL.exe
[2009/12/17 14:25:18 | 00,390,656 | ---- | C] (iS3, Inc.) -- C:\Users\palma\Desktop\STOPzilla_Setup.exe
[2009/12/17 13:27:58 | 00,000,000 | ---D | C] -- C:\Qoobox
[2009/12/17 12:23:23 | 00,114,768 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys
[2009/12/17 12:23:23 | 00,097,480 | ---- | C] (ALWIL Software) -- C:\Windows\System32\AvastSS.scr
[2009/12/17 12:23:23 | 00,048,560 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2009/12/17 12:23:23 | 00,023,120 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2009/12/17 12:23:23 | 00,020,560 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2009/12/17 12:23:07 | 01,280,480 | ---- | C] (ALWIL Software) -- C:\Windows\System32\aswBoot.exe
[2009/12/17 12:23:07 | 00,053,328 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2009/12/16 13:49:02 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2009/12/16 13:49:00 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2009/12/16 13:49:00 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2009/12/16 13:24:56 | 00,000,000 | ---D | C] -- C:\Users\palma\AppData\Local\staimy
[2009/12/16 13:24:55 | 00,000,000 | ---D | C] -- C:\Users\palma\AppData\Local\kqxkye
[2009/12/16 13:24:49 | 00,000,000 | ---D | C] -- C:\Users\palma\AppData\Local\nxiyyh
[2009/12/15 21:29:24 | 00,000,000 | ---D | C] -- C:\Users\palma\Documents\GTA San Andreas User Files
[2009/12/15 21:16:19 | 00,000,000 | ---D | C] -- C:\Program Files\Rockstar Games
[2009/12/15 18:11:29 | 00,000,000 | ---D | C] -- C:\Program Files\Magic Translator
[2009/12/13 19:08:12 | 00,185,920 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\rmoc3260.dll
[2009/12/13 19:08:09 | 00,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5016.dll
[2009/12/13 19:08:09 | 00,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5032.dll
[2009/12/13 19:08:06 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2009/12/13 19:07:57 | 00,278,528 | ---- | C] (Real Networks, Inc) -- C:\Windows\System32\pncrt.dll
[2009/12/13 19:07:56 | 00,000,000 | ---D | C] -- C:\Program Files\Real
[2009/12/13 19:07:54 | 00,000,000 | ---D | C] -- C:\ProgramData\Real
[2009/12/13 19:07:54 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Real
[2009/12/13 19:07:53 | 00,000,000 | ---D | C] -- C:\Users\palma\AppData\Roaming\Real
[2009/12/13 17:29:34 | 00,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab Setup Files
[2009/12/13 17:28:16 | 00,000,000 | ---D | C] -- C:\Users\palma\AppData\Roaming\AVG8
[2009/12/13 10:26:16 | 00,000,000 | ---D | C] -- C:\Program Files\Gravity
[2009/12/12 17:19:40 | 00,000,000 | ---D | C] -- C:\Users\palma\Documents\My Recordings
[2009/12/12 17:17:13 | 00,000,000 | ---D | C] -- C:\Users\palma\AppData\Roaming\Acoustica
[2009/12/12 17:17:10 | 00,057,344 | ---- | C] (NexiTech, Inc.) -- C:\Windows\System32\Wnaspint.dll
[2009/12/12 17:17:09 | 00,000,000 | ---D | C] -- C:\Program Files\Acoustica Shared Effects
[2009/12/12 17:17:03 | 00,000,000 | ---D | C] -- C:\ProgramData\Acoustica
[2009/12/11 18:25:57 | 00,000,000 | ---D | C] -- C:\Users\palma\AppData\Local\PackageAware
[2009/12/06 19:06:56 | 00,000,000 | ---D | C] -- C:\Users\palma\AppData\Roaming\SystemRequirementsLab
[2009/12/05 19:14:12 | 00,139,264 | ---- | C] (Blizzard Entertainment) -- C:\Windows\War3Unin.exe
[2009/11/29 11:53:28 | 00,000,000 | ---D | C] -- C:\Program Files\Rapid Express
[2009/11/29 11:37:50 | 00,000,000 | ---D | C] -- C:\Program Files\Technitium
[2009/11/27 21:10:51 | 00,000,000 | ---D | C] -- C:\Users\palma\Documents\My Games
[2009/11/25 18:47:13 | 00,000,000 | ---D | C] -- C:\ProgramData\LogMeIn
[2009/11/24 21:49:16 | 00,000,000 | ---D | C] -- C:\Users\palma\Desktop\Aurelio
[2009/11/21 00:46:32 | 00,086,016 | ---- | C] (Beepa P/L) -- C:\Windows\System32\frapsvid.dll
[2009/11/20 17:52:28 | 02,769,658 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\System32\GameMon.des
[2009/11/20 17:39:55 | 00,000,000 | ---D | C] -- C:\Users\palma\AppData\Local\assembly
[2009/11/20 17:39:18 | 00,000,000 | ---D | C] -- C:\Program Files\NCSoft
[2009/11/18 16:20:17 | 00,116,736 | ---- | C] (MagicISO, Inc.) -- C:\Windows\System32\drivers\mcdbus.sys
[2009/11/18 16:20:17 | 00,000,000 | ---D | C] -- C:\Program Files\MagicDisc
[2009/11/18 16:19:19 | 00,000,000 | ---D | C] -- C:\Program Files\MagicISO
[2009/11/18 16:13:02 | 00,000,000 | ---D | C] -- C:\Users\Public\Documents\DAEMON Tools Images
[2009/11/17 19:32:22 | 00,000,000 | ---D | C] -- C:\ProgramData\NFS Underground
[2009/09/06 09:57:56 | 00,999,424 | ---- | C] ( ) -- C:\Windows\System32\lxdjusb1.dll
[2009/09/06 09:57:56 | 00,413,696 | ---- | C] ( ) -- C:\Windows\System32\lxdjinpa.dll
[2009/09/06 09:57:56 | 00,397,312 | ---- | C] ( ) -- C:\Windows\System32\lxdjiesc.dll
[2009/09/06 09:57:56 | 00,323,584 | ---- | C] ( ) -- C:\Windows\System32\lxdjhcp.dll
[2009/09/06 09:57:55 | 01,232,896 | ---- | C] ( ) -- C:\Windows\System32\lxdjserv.dll
[2009/09/06 09:57:55 | 00,643,072 | ---- | C] ( ) -- C:\Windows\System32\lxdjpmui.dll
[2009/09/06 09:57:55 | 00,585,728 | ---- | C] ( ) -- C:\Windows\System32\lxdjlmpm.dll
[2009/09/06 09:57:55 | 00,163,840 | ---- | C] ( ) -- C:\Windows\System32\lxdjprox.dll
[2009/09/06 09:57:55 | 00,094,208 | ---- | C] ( ) -- C:\Windows\System32\lxdjpplc.dll
[2009/09/06 09:57:54 | 00,700,416 | ---- | C] ( ) -- C:\Windows\System32\lxdjhbn3.dll
[2009/09/06 09:57:54 | 00,684,032 | ---- | C] ( ) -- C:\Windows\System32\lxdjcomc.dll
[2009/09/06 09:57:54 | 00,425,984 | ---- | C] ( ) -- C:\Windows\System32\lxdjcomm.dll
[2009/09/05 20:24:33 | 00,323,584 | ---- | C] ( ) -- C:\Windows\System32\LXBChcp.dll
[2009/09/05 20:24:32 | 00,413,696 | ---- | C] ( ) -- C:\Windows\System32\lxbcinpa.dll
[2009/09/05 20:24:32 | 00,397,312 | ---- | C] ( ) -- C:\Windows\System32\lxbciesc.dll
[2009/09/05 20:24:31 | 01,224,704 | ---- | C] ( ) -- C:\Windows\System32\lxbcserv.dll
[2009/09/05 20:24:31 | 00,995,328 | ---- | C] ( ) -- C:\Windows\System32\lxbcusb1.dll
[2009/09/05 20:24:30 | 00,643,072 | ---- | C] ( ) -- C:\Windows\System32\lxbcpmui.dll
[2009/09/05 20:24:30 | 00,585,728 | ---- | C] ( ) -- C:\Windows\System32\lxbclmpm.dll
[2009/09/05 20:24:30 | 00,163,840 | ---- | C] ( ) -- C:\Windows\System32\lxbcprox.dll
[2009/09/05 20:24:30 | 00,094,208 | ---- | C] ( ) -- C:\Windows\System32\lxbcpplc.dll
[2009/09/05 20:24:29 | 00,696,320 | ---- | C] ( ) -- C:\Windows\System32\lxbchbn3.dll
[2009/09/05 20:24:27 | 00,684,032 | ---- | C] ( ) -- C:\Windows\System32\lxbccomc.dll
[2009/09/05 20:24:27 | 00,421,888 | ---- | C] ( ) -- C:\Windows\System32\lxbccomm.dll
[2008/06/16 21:18:25 | 00,151,552 | ---- | C] ( ) -- C:\Windows\System32\rsnp2std.dll
[2008/06/16 21:18:24 | 00,077,824 | ---- | C] ( ) -- C:\Windows\System32\csnp2std.dll
[2007/05/20 17:14:08 | 00,323,584 | ---- | C] ( ) -- C:\Windows\System32\DLCQhcp.dll
[2006/10/11 17:01:40 | 00,643,072 | ---- | C] ( ) -- C:\Windows\System32\dlcqpmui.dll
[2006/10/11 16:59:56 | 01,224,704 | ---- | C] ( ) -- C:\Windows\System32\dlcqserv.dll
[2006/10/11 16:54:10 | 00,421,888 | ---- | C] ( ) -- C:\Windows\System32\dlcqcomm.dll
[2006/10/11 16:52:34 | 00,585,728 | ---- | C] ( ) -- C:\Windows\System32\dlcqlmpm.dll
[2006/10/11 16:51:16 | 00,397,312 | ---- | C] ( ) -- C:\Windows\System32\dlcqiesc.dll
[2006/10/11 16:48:58 | 00,094,208 | ---- | C] ( ) -- C:\Windows\System32\dlcqpplc.dll
[2006/10/11 16:48:14 | 00,684,032 | ---- | C] ( ) -- C:\Windows\System32\dlcqcomc.dll
[2006/10/11 16:47:42 | 00,163,840 | ---- | C] ( ) -- C:\Windows\System32\dlcqprox.dll
[2006/10/11 16:41:42 | 00,413,696 | ---- | C] ( ) -- C:\Windows\System32\dlcqinpa.dll
[2006/10/11 16:41:04 | 00,991,232 | ---- | C] ( ) -- C:\Windows\System32\dlcqusb1.dll
[2006/10/11 16:37:14 | 00,696,320 | ---- | C] ( ) -- C:\Windows\System32\dlcqhbn3.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2099/05/21 20:30:20 | 00,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{0AA02640-BB4C-416C-940D-120AF31B52DC}.job
[2009/12/22 10:02:51 | 00,017,339 | ---- | M] () -- C:\Windows\System32\1cd5addwarez905.cpl
[2009/12/19 23:10:46 | 00,005,537 | ---- | M] () -- C:\Windows\System32\5bf9vir98z35.ocx
[2009/12/19 04:51:23 | 00,005,164 | ---- | M] () -- C:\Windows\System32\32039zackt5ol4ed.bin
[2009/12/18 11:37:25 | 00,007,894 | ---- | M] () -- C:\Windows\System32\71f6do9nlzader2576.dll
[2009/12/17 16:13:09 | 07,864,320 | -HS- | M] () -- C:\Users\palma\ntuser.dat
[2009/12/17 16:12:59 | 00,538,112 | ---- | M] (OldTimer Tools) -- C:\Users\palma\Desktop\OTL.exe
[2009/12/17 16:03:32 | 00,906,192 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2009/12/17 16:03:32 | 00,746,618 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2009/12/17 16:03:32 | 00,159,700 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2009/12/17 16:02:09 | 01,401,344 | ---- | M] () -- C:\Users\palma\Desktop\HijackThis.msi
[2009/12/17 15:57:20 | 00,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/12/17 15:57:20 | 00,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/12/17 15:57:14 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/12/17 15:48:15 | 02,617,126 | -H-- | M] () -- C:\Users\palma\AppData\Local\IconCache.db
[2009/12/17 14:28:16 | 00,390,656 | ---- | M] (iS3, Inc.) -- C:\Users\palma\Desktop\STOPzilla_Setup.exe
[2009/12/17 13:27:34 | 03,854,383 | ---- | M] () -- C:\Users\palma\Desktop\Combo-Fix.exe
[2009/12/17 12:27:02 | 00,524,288 | -HS- | M] () -- C:\Users\palma\ntuser.dat{302ec670-92a2-11dc-9d0b-00038a000015}.TMContainer00000000000000000001.regtrans-ms
[2009/12/17 12:27:02 | 00,065,536 | -HS- | M] () -- C:\Users\palma\ntuser.dat{302ec670-92a2-11dc-9d0b-00038a000015}.TM.blf
[2009/12/17 12:23:24 | 00,001,811 | ---- | M] () -- C:\Users\Public\Desktop\avast! Antivirus.lnk
[2009/12/17 12:23:23 | 00,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2009/12/17 11:51:44 | 00,000,624 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/12/17 04:52:28 | 00,013,794 | ---- | M] () -- C:\Windows\System32\15fasza9se2583.ocx
[2009/12/16 15:54:55 | 00,006,892 | ---- | M] () -- C:\Users\palma\AppData\Local\d3d9caps.dat
[2009/12/16 12:52:54 | 00,361,576 | ---- | M] () -- C:\Users\palma\AppData\Local\GDIPFONTCACHEV1.DAT
[2009/12/16 12:46:42 | 02,828,936 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/12/15 20:53:13 | 00,000,411 | ---- | M] () -- C:\ProgramData\MagicTranslator.ini
[2009/12/15 18:57:56 | 00,124,928 | ---- | M] () -- C:\Users\palma\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/12/14 20:28:40 | 03,510,774 | ---- | M] () -- C:\Users\palma\Desktop\Everbody Sample trixxxxx.mp3
[2009/12/14 19:33:04 | 88,047,728 | ---- | M] () -- C:\Users\palma\Documents\clip.avi
[2009/12/14 19:23:06 | 00,015,981 | ---- | M] () -- C:\Windows\22045hre9z8237.dll
[2009/12/14 19:23:06 | 00,012,302 | ---- | M] () -- C:\Windows\120349pzm5ot4c5.ocx
[2009/12/14 19:23:06 | 00,011,730 | ---- | M] () -- C:\Windows\3z95s9eal1256.bin
[2009/12/13 19:33:25 | 00,004,020 | ---- | M] () -- C:\Windows\System32\9005h9cktool51az.bin
[2009/12/13 19:08:43 | 00,000,024 | ---- | M] () -- C:\Windows\cdplayer.ini
[2009/12/13 19:08:12 | 00,185,920 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\rmoc3260.dll
[2009/12/13 19:08:09 | 00,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5016.dll
[2009/12/13 19:08:09 | 00,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5032.dll
[2009/12/13 19:07:57 | 00,278,528 | ---- | M] (Real Networks, Inc) -- C:\Windows\System32\pncrt.dll
[2009/12/13 10:26:16 | 00,000,809 | ---- | M] () -- C:\Users\Public\Desktop\Requiem.lnk
[2009/12/12 12:55:26 | 03,135,125 | ---- | M] () -- C:\Users\palma\Desktop\just begun .mp3
[2009/12/11 23:02:09 | 00,015,490 | ---- | M] () -- C:\Windows\System32\2bb9zackdoor15535.bin
[2009/12/11 16:34:44 | 00,000,687 | ---- | M] () -- C:\Users\palma\Desktop\Warcraft III.lnk
[2009/12/10 21:18:27 | 00,076,197 | ---- | M] () -- C:\Windows\War3Unin.dat
[2009/12/10 10:04:05 | 00,012,084 | ---- | M] () -- C:\Windows\758dzhr9at2486.exe
[2009/12/09 20:00:25 | 00,006,302 | ---- | M] () -- C:\Windows\3015zha95tool299.dll
[2009/12/07 12:46:17 | 00,005,680 | ---- | M] () -- C:\Windows\1zf6a5d9are2031.exe
[2009/12/07 07:00:42 | 00,015,974 | ---- | M] () -- C:\Windows\25147worm4z69.dll
[2009/12/06 19:41:25 | 00,007,999 | ---- | M] () -- C:\Windows\System32\1z92sp5rse3152.exe
[2009/12/05 22:07:13 | 00,015,103 | ---- | M] () -- C:\Windows\295z2wo9m2ab5.exe
[2009/12/05 20:22:51 | 00,003,478 | ---- | M] () -- C:\Windows\10z2bac95oor68.cpl
[2009/12/05 19:15:28 | 00,139,264 | ---- | M] (Blizzard Entertainment) -- C:\Windows\War3Unin.exe
[2009/12/05 19:15:28 | 00,002,829 | ---- | M] () -- C:\Windows\War3Unin.pif
[2009/12/05 12:56:25 | 00,013,859 | ---- | M] () -- C:\Windows\16190ha5ktozl4f0.ocx
[2009/12/04 16:14:31 | 00,003,271 | ---- | M] () -- C:\Windows\1579addw9re2847z.ocx
[2009/12/03 16:14:06 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2009/12/03 16:13:56 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2009/12/03 05:24:54 | 00,003,930 | ---- | M] () -- C:\Windows\28c9teal3135z.exe
[2009/12/02 12:52:06 | 00,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdRapi_01_00_00.Wdf
[2009/12/02 05:39:10 | 00,007,190 | ---- | M] () -- C:\Windows\System32\347fvz91753.cpl
[2009/11/30 16:42:10 | 00,000,022 | ---- | M] () -- C:\Users\palma\Pictures.zip
[2009/11/30 11:33:46 | 00,041,872 | ---- | M] () -- C:\Windows\System32\xfcodec.dll
[2009/11/27 05:20:06 | 00,003,295 | ---- | M] () -- C:\Windows\System32\1932no5za-virus7b8.exe
[2009/11/27 04:31:33 | 00,007,821 | ---- | M] () -- C:\Windows\System32\1cec9ir2z50.ocx
[2009/11/26 17:04:09 | 00,006,527 | ---- | M] () -- C:\Windows\124579zrus346.cpl
[2009/11/26 11:47:20 | 00,013,809 | ---- | M] () -- C:\Windows\32eca5dwar9208z.bin
[2009/11/26 11:30:40 | 00,003,143 | ---- | M] () -- C:\Windows\3170bzckdoor20905.dll
[2009/11/25 16:54:34 | 00,008,412 | ---- | M] () -- C:\Windows\System32\9465spam9zt7e5.cpl
[2009/11/24 15:54:29 | 01,280,480 | ---- | M] (ALWIL Software) -- C:\Windows\System32\aswBoot.exe
[2009/11/24 15:50:12 | 00,114,768 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys
[2009/11/24 15:50:00 | 00,020,560 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2009/11/24 15:49:48 | 00,053,328 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2009/11/24 15:49:07 | 00,048,560 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2009/11/24 15:48:57 | 00,023,120 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2009/11/24 15:47:28 | 00,097,480 | ---- | M] (ALWIL Software) -- C:\Windows\System32\AvastSS.scr
[2009/11/23 16:26:54 | 00,005,744 | ---- | M] () -- C:\Windows\System32\30z00t59j445.cpl
[2009/11/21 22:31:06 | 00,011,970 | ---- | M] () -- C:\Windows\9084spamzot75c5.ocx
[2009/11/21 00:46:32 | 00,086,016 | ---- | M] (Beepa P/L) -- C:\Windows\System32\frapsvid.dll
[2009/11/20 19:47:25 | 23,694,0897 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2009/11/19 19:08:28 | 00,004,643 | ---- | M] () -- C:\Windows\System32\24603hack5oolzc69.ocx
[2009/11/19 02:46:39 | 00,006,004 | ---- | M] () -- C:\Windows\2167spzm59t620.dll
[2009/11/18 16:20:34 | 00,000,760 | ---- | M] () -- C:\Users\palma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk
[2009/11/18 14:35:40 | 00,006,494 | ---- | M] () -- C:\Windows\58acspa5ze9703.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

descriptionCant run Malwarebytes HELP!!! - Page 2 EmptyRe: Cant run Malwarebytes HELP!!!

more_horiz
========== Files Created - No Company Name ==========

[2099/12/31 21:37:12 | 00,053,248 | ---- | C] () -- C:\Windows\System32\mgxasio2.dll
[2099/12/31 21:37:11 | 00,014,182 | ---- | C] () -- C:\Windows\System32\DLLAV32.lib
[2099/12/31 21:35:51 | 00,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2099/12/31 21:35:37 | 00,006,211 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2009/12/22 10:02:51 | 00,017,339 | ---- | C] () -- C:\Windows\System32\1cd5addwarez905.cpl
[2009/12/19 23:10:46 | 00,005,537 | ---- | C] () -- C:\Windows\System32\5bf9vir98z35.ocx
[2009/12/19 04:51:23 | 00,005,164 | ---- | C] () -- C:\Windows\System32\32039zackt5ol4ed.bin
[2009/12/18 11:37:25 | 00,007,894 | ---- | C] () -- C:\Windows\System32\71f6do9nlzader2576.dll
[2009/12/17 16:02:09 | 01,401,344 | ---- | C] () -- C:\Users\palma\Desktop\HijackThis.msi
[2009/12/17 13:27:34 | 03,854,383 | ---- | C] () -- C:\Users\palma\Desktop\Combo-Fix.exe
[2009/12/17 12:23:24 | 00,001,811 | ---- | C] () -- C:\Users\Public\Desktop\avast! Antivirus.lnk
[2009/12/17 12:23:07 | 00,380,928 | ---- | C] () -- C:\Windows\System32\actskin4.ocx
[2009/12/17 11:51:44 | 00,000,624 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/12/17 04:52:28 | 00,013,794 | ---- | C] () -- C:\Windows\System32\15fasza9se2583.ocx
[2009/12/15 18:48:50 | 00,000,411 | ---- | C] () -- C:\ProgramData\MagicTranslator.ini
[2009/12/14 20:28:33 | 03,510,774 | ---- | C] () -- C:\Users\palma\Desktop\Everbody Sample trixxxxx.mp3
[2009/12/14 19:32:39 | 88,047,728 | ---- | C] () -- C:\Users\palma\Documents\clip.avi
[2009/12/14 19:23:06 | 00,015,981 | ---- | C] () -- C:\Windows\22045hre9z8237.dll
[2009/12/14 19:23:06 | 00,012,302 | ---- | C] () -- C:\Windows\120349pzm5ot4c5.ocx
[2009/12/14 19:23:06 | 00,011,730 | ---- | C] () -- C:\Windows\3z95s9eal1256.bin
[2009/12/13 19:33:25 | 00,004,020 | ---- | C] () -- C:\Windows\System32\9005h9cktool51az.bin
[2009/12/13 19:08:43 | 00,000,024 | ---- | C] () -- C:\Windows\cdplayer.ini
[2009/12/13 10:26:16 | 00,000,809 | ---- | C] () -- C:\Users\Public\Desktop\Requiem.lnk
[2009/12/12 13:35:29 | 03,135,125 | ---- | C] () -- C:\Users\palma\Desktop\just begun .mp3
[2009/12/11 23:02:09 | 00,015,490 | ---- | C] () -- C:\Windows\System32\2bb9zackdoor15535.bin
[2009/12/11 16:33:03 | 00,000,687 | ---- | C] () -- C:\Users\palma\Desktop\Warcraft III.lnk
[2009/12/10 10:04:05 | 00,012,084 | ---- | C] () -- C:\Windows\758dzhr9at2486.exe
[2009/12/09 20:00:25 | 00,006,302 | ---- | C] () -- C:\Windows\3015zha95tool299.dll
[2009/12/07 12:46:17 | 00,005,680 | ---- | C] () -- C:\Windows\1zf6a5d9are2031.exe
[2009/12/07 07:00:42 | 00,015,974 | ---- | C] () -- C:\Windows\25147worm4z69.dll
[2009/12/06 19:41:25 | 00,007,999 | ---- | C] () -- C:\Windows\System32\1z92sp5rse3152.exe
[2009/12/05 22:07:13 | 00,015,103 | ---- | C] () -- C:\Windows\295z2wo9m2ab5.exe
[2009/12/05 20:22:51 | 00,003,478 | ---- | C] () -- C:\Windows\10z2bac95oor68.cpl
[2009/12/05 19:14:12 | 00,076,197 | ---- | C] () -- C:\Windows\War3Unin.dat
[2009/12/05 19:14:12 | 00,002,829 | ---- | C] () -- C:\Windows\War3Unin.pif
[2009/12/05 12:56:25 | 00,013,859 | ---- | C] () -- C:\Windows\16190ha5ktozl4f0.ocx
[2009/12/04 16:14:31 | 00,003,271 | ---- | C] () -- C:\Windows\1579addw9re2847z.ocx
[2009/12/03 05:24:54 | 00,003,930 | ---- | C] () -- C:\Windows\28c9teal3135z.exe
[2009/12/02 12:52:06 | 00,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdRapi_01_00_00.Wdf
[2009/12/02 05:39:10 | 00,007,190 | ---- | C] () -- C:\Windows\System32\347fvz91753.cpl
[2009/11/30 16:42:10 | 00,000,022 | ---- | C] () -- C:\Users\palma\Pictures.zip
[2009/11/30 11:33:46 | 00,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2009/11/27 05:20:06 | 00,003,295 | ---- | C] () -- C:\Windows\System32\1932no5za-virus7b8.exe
[2009/11/27 04:31:33 | 00,007,821 | ---- | C] () -- C:\Windows\System32\1cec9ir2z50.ocx
[2009/11/26 17:04:09 | 00,006,527 | ---- | C] () -- C:\Windows\124579zrus346.cpl
[2009/11/26 11:47:20 | 00,013,809 | ---- | C] () -- C:\Windows\32eca5dwar9208z.bin
[2009/11/26 11:30:40 | 00,003,143 | ---- | C] () -- C:\Windows\3170bzckdoor20905.dll
[2009/11/25 16:54:34 | 00,008,412 | ---- | C] () -- C:\Windows\System32\9465spam9zt7e5.cpl
[2009/11/23 16:26:54 | 00,005,744 | ---- | C] () -- C:\Windows\System32\30z00t59j445.cpl
[2009/11/21 22:31:06 | 00,011,970 | ---- | C] () -- C:\Windows\9084spamzot75c5.ocx
[2009/11/19 19:08:28 | 00,004,643 | ---- | C] () -- C:\Windows\System32\24603hack5oolzc69.ocx
[2009/11/19 02:46:39 | 00,006,004 | ---- | C] () -- C:\Windows\2167spzm59t620.dll
[2009/11/18 16:20:34 | 00,000,760 | ---- | C] () -- C:\Users\palma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk
[2009/11/18 14:35:40 | 00,006,494 | ---- | C] () -- C:\Windows\58acspa5ze9703.exe
[2009/11/16 20:59:50 | 00,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2009/11/16 20:34:25 | 00,000,230 | ---- | C] () -- C:\Windows\wininit.ini
[2009/11/09 19:27:46 | 00,007,554 | ---- | C] () -- C:\Windows\16321spam9ot5az.dll
[2009/10/29 18:58:23 | 00,000,031 | ---- | C] () -- C:\Windows\tdlp32.ini
[2009/10/27 06:59:14 | 00,003,301 | ---- | C] () -- C:\Windows\System32\258bth9zat28367.dll
[2009/10/03 15:57:06 | 00,018,175 | ---- | C] () -- C:\Windows\System32\b5bthie928z9.dll
[2009/09/26 12:53:20 | 00,008,052 | ---- | C] () -- C:\Windows\26765worz579.dll
[2009/09/22 10:50:06 | 00,008,495 | ---- | C] () -- C:\Windows\System32\33e5bac9door51z7.dll
[2009/09/20 11:52:24 | 00,007,882 | ---- | C] () -- C:\Windows\System32\5ed9addwarz8379.dll
[2009/09/16 13:17:26 | 00,009,215 | ---- | C] () -- C:\Windows\System32\63c19tezl1950.dll
[2009/09/14 16:32:51 | 00,004,403 | ---- | C] () -- C:\Windows\16e49zdware1065.dll
[2009/09/06 09:59:23 | 00,348,160 | ---- | C] () -- C:\Windows\System32\lxdjcoin.dll
[2009/09/06 09:58:07 | 00,000,060 | ---- | C] () -- C:\Windows\System32\lxdjrwrd.ini
[2009/09/06 09:57:56 | 00,286,720 | ---- | C] () -- C:\Windows\System32\lxdjinst.dll
[2009/09/06 09:57:54 | 00,208,896 | ---- | C] () -- C:\Windows\System32\lxdjgrd.dll
[2009/09/05 20:24:33 | 00,274,432 | ---- | C] () -- C:\Windows\System32\LXBCinst.dll
[2009/09/05 20:24:32 | 00,413,696 | ---- | C] () -- C:\Windows\System32\lxbcutil.dll
[2009/09/03 19:33:08 | 00,017,939 | ---- | C] () -- C:\Windows\z5639not5a-virus585.dll
[2009/08/28 06:20:03 | 00,007,568 | ---- | C] () -- C:\Windows\20501zroj359.dll
[2009/08/26 15:38:56 | 00,014,282 | ---- | C] () -- C:\Windows\System32\30514s9zmbot1e1.dll
[2009/08/26 15:38:55 | 00,017,757 | ---- | C] () -- C:\Windows\System32\3b03a5dwzre9095.dll
[2009/08/26 15:38:55 | 00,014,890 | ---- | C] () -- C:\Windows\259z19py53c.dll
[2009/08/26 15:38:55 | 00,010,347 | ---- | C] () -- C:\Windows\System32\699adownloader3591z.dll
[2009/08/26 15:38:55 | 00,009,526 | ---- | C] () -- C:\Windows\System32\7d6a5own9oadzr683.dll
[2009/08/26 15:38:55 | 00,006,864 | ---- | C] () -- C:\Windows\System32\28822tr9z3d5.dll
[2009/08/26 15:38:55 | 00,006,543 | ---- | C] () -- C:\Windows\95025spzmbot8c.dll
[2009/08/26 15:38:55 | 00,006,305 | ---- | C] () -- C:\Windows\316495ozmd1.dll
[2009/08/26 15:38:55 | 00,005,263 | ---- | C] () -- C:\Windows\System32\409759dzare2616.dll
[2009/08/26 15:38:55 | 00,004,832 | ---- | C] () -- C:\Windows\System32\z301s95al2315.dll
[2009/08/26 15:38:54 | 00,018,182 | ---- | C] () -- C:\Windows\255z3spy934.dll
[2009/08/26 15:38:54 | 00,018,079 | ---- | C] () -- C:\Windows\System32\e7asz9rse24355.dll
[2009/08/26 15:38:54 | 00,016,903 | ---- | C] () -- C:\Windows\1z098tro55d79.dll
[2009/08/26 15:38:54 | 00,015,282 | ---- | C] () -- C:\Windows\15934z59j646.dll
[2009/08/26 15:38:54 | 00,015,223 | ---- | C] () -- C:\Windows\System32\33b2spzwa9e2925.dll
[2009/08/26 15:38:54 | 00,010,748 | ---- | C] () -- C:\Windows\System32\57zfvir9918.dll
[2009/08/26 15:38:54 | 00,010,046 | ---- | C] () -- C:\Windows\174209ozm51c.dll
[2009/08/26 15:38:54 | 00,007,010 | ---- | C] () -- C:\Windows\System32\570aste5l1z9.dll
[2009/08/26 15:38:54 | 00,006,703 | ---- | C] () -- C:\Windows\System32\15933h59kzool193.dll
[2009/08/26 15:38:54 | 00,005,632 | ---- | C] () -- C:\Windows\5d89vi9965z.dll
[2009/08/26 15:38:54 | 00,004,332 | ---- | C] () -- C:\Windows\9758spywarz5505.dll
[2009/08/26 15:38:54 | 00,003,352 | ---- | C] () -- C:\Windows\System32\18009t5oj4ez.dll
[2009/08/22 12:26:38 | 00,011,908 | ---- | C] () -- C:\Program Files\Common Files\cidixek.scr
[2009/08/21 14:55:20 | 00,017,691 | ---- | C] () -- C:\Users\palma\AppData\Local\fafy.dl
[2009/08/21 14:55:20 | 00,016,971 | ---- | C] () -- C:\Program Files\Common Files\mesuhan.bin
[2009/08/21 14:55:20 | 00,016,427 | ---- | C] () -- C:\Users\palma\AppData\Local\axalywi._dl
[2009/08/21 14:55:20 | 00,016,290 | ---- | C] () -- C:\Program Files\Common Files\qareq.com
[2009/08/21 14:55:20 | 00,016,122 | ---- | C] () -- C:\Users\palma\AppData\Local\ybezi.com
[2009/08/21 14:55:20 | 00,015,836 | ---- | C] () -- C:\ProgramData\ijarihy.lib
[2009/08/21 14:55:20 | 00,014,757 | ---- | C] () -- C:\Users\palma\AppData\Roaming\izahyv.sys
[2009/08/21 14:55:20 | 00,014,581 | ---- | C] () -- C:\Program Files\Common Files\neluje.lib
[2009/08/21 14:55:20 | 00,013,293 | ---- | C] () -- C:\Program Files\Common Files\ozuwuhedat.dl
[2009/08/21 14:55:20 | 00,012,213 | ---- | C] () -- C:\Program Files\Common Files\witewifag.dat
[2009/08/21 14:55:20 | 00,010,051 | ---- | C] () -- C:\Users\palma\AppData\Roaming\evysunyd.ban
[2009/08/20 17:08:25 | 00,056,320 | ---- | C] () -- C:\Windows\System32\ESQULxpjsieveymjkmpubwkhtabqrbuoliajt.dll
[2009/08/20 17:08:24 | 00,087,040 | ---- | C] () -- C:\Windows\System32\drivers\ESQULxcvndrwpdgqnpbbrxeoxmbpfxnvliqsv.sys
[2009/08/18 16:06:21 | 00,009,034 | ---- | C] () -- C:\Windows\72889tealz335.dll
[2009/08/12 14:56:29 | 00,014,157 | ---- | C] () -- C:\Windows\System32\3cdzs5ywa9e3192.dll
[2009/08/12 07:15:33 | 00,006,788 | ---- | C] () -- C:\Windows\5599zownloader2556.dll
[2009/08/09 13:55:25 | 00,017,500 | ---- | C] () -- C:\Windows\System32\159265oz9353.dll
[2009/08/05 00:23:30 | 00,011,691 | ---- | C] () -- C:\Windows\617dow9loade5198z.dll
[2009/08/02 16:27:29 | 00,011,040 | ---- | C] () -- C:\Windows\630zspy955.dll
[2009/08/02 14:32:36 | 00,005,736 | ---- | C] () -- C:\Windows\System32\58cdsp9rse3z39.dll
[2009/07/27 06:36:48 | 00,013,643 | ---- | C] () -- C:\Windows\26432zroj59e.dll
[2009/07/22 09:50:15 | 00,007,646 | ---- | C] () -- C:\Windows\System32\c50bzck9oor468.dll
[2009/07/19 09:57:13 | 00,010,342 | ---- | C] () -- C:\Windows\System32\2053backdo9r65z.dll
[2009/07/19 06:21:35 | 00,007,990 | ---- | C] () -- C:\Windows\569hackzool29f.dll
[2009/07/08 23:56:31 | 00,016,970 | ---- | C] () -- C:\Windows\24032s5y4z99.dll
[2009/07/05 07:31:56 | 00,018,170 | ---- | C] () -- C:\Windows\6905vi5us7zb.dll
[2009/06/20 11:44:42 | 00,016,303 | ---- | C] () -- C:\Windows\73919hie5z55.dll
[2009/06/18 14:39:39 | 02,121,728 | ---- | C] () -- C:\Windows\System32\libmySQL.dll
[2009/06/16 12:21:08 | 00,009,087 | ---- | C] () -- C:\Windows\System32\636e9iz5049.dll
[2009/06/16 06:45:02 | 00,008,865 | ---- | C] () -- C:\Windows\13527t9oj29ez.dll
[2009/06/10 17:51:24 | 00,003,571 | ---- | C] () -- C:\Windows\System32\2dcd9hzeat25229.dll
[2009/06/07 02:17:02 | 00,010,265 | ---- | C] () -- C:\Windows\System32\5205sparsz429.dll
[2009/06/03 19:19:50 | 00,002,587 | ---- | C] () -- C:\Windows\393b5ir29z9.dll
[2009/05/31 21:33:06 | 00,016,683 | ---- | C] () -- C:\Windows\3174spz595.dll
[2009/05/29 12:22:20 | 01,712,128 | ---- | C] () -- C:\Windows\System32\libmysql_d.dll
[2009/05/21 14:09:34 | 00,010,217 | ---- | C] () -- C:\Windows\System32\5bz89hief2528.dll
[2009/05/21 06:35:59 | 00,005,810 | ---- | C] () -- C:\Windows\269c5pyw9re30z3.dll
[2009/05/16 00:09:23 | 00,017,630 | ---- | C] () -- C:\Windows\6053sparsz9789.dll
[2009/05/15 19:22:50 | 00,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2009/05/05 01:45:43 | 00,012,895 | ---- | C] () -- C:\Windows\System32\z9456not-9-virusf.dll
[2009/05/01 01:20:41 | 00,013,587 | ---- | C] () -- C:\Windows\468295azse1584.dll
[2009/04/29 16:20:14 | 00,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009/04/28 06:27:51 | 00,016,024 | ---- | C] () -- C:\Windows\39f6t5ief2040z.dll
[2009/04/25 03:53:19 | 00,004,573 | ---- | C] () -- C:\Windows\18056spy9dz.dll
[2009/04/24 08:25:47 | 00,005,102 | ---- | C] () -- C:\Windows\75z6spyware919.dll
[2009/04/21 22:30:00 | 00,003,023 | ---- | C] () -- C:\Windows\System32\975csparse9z5.dll
[2009/04/20 16:18:04 | 00,014,216 | ---- | C] () -- C:\Windows\System32\2511zh5cktool19.dll
[2009/04/16 21:45:41 | 00,002,603 | ---- | C] () -- C:\Windows\53759py2z8.dll
[2009/04/16 18:37:50 | 00,009,202 | ---- | C] () -- C:\Windows\zbe5spyware3759.dll
[2009/04/13 22:09:22 | 00,003,996 | ---- | C] () -- C:\Windows\99z35hacktool3e.dll
[2009/04/08 19:23:58 | 00,012,338 | ---- | C] () -- C:\Windows\System32\997fzh5ef1736.dll
[2009/04/04 02:19:59 | 00,003,185 | ---- | C] () -- C:\Windows\195z1troj736.dll
[2009/04/03 12:53:06 | 00,012,447 | ---- | C] () -- C:\Windows\System32\6589szywar91433.dll
[2009/03/23 02:57:40 | 00,016,868 | ---- | C] () -- C:\Windows\5534zi53917.dll
[2009/03/08 07:25:55 | 00,010,137 | ---- | C] () -- C:\Windows\580z7spy2df9.dll
[2009/03/04 16:59:25 | 00,044,544 | ---- | C] () -- C:\Windows\System32\Gif89.dll
[2009/02/25 12:48:24 | 00,004,370 | ---- | C] () -- C:\Windows\System32\3705hzcktool739.dll
[2009/02/25 05:55:18 | 00,005,193 | ---- | C] () -- C:\Windows\System32\z459thi5f1433.dll
[2009/02/07 23:06:20 | 00,015,631 | ---- | C] () -- C:\Windows\System32\21261haczt95l5f9.dll
[2009/01/21 06:43:47 | 00,002,708 | ---- | C] () -- C:\Windows\System32\6285hzef23459.dll
[2009/01/20 08:42:30 | 00,012,630 | ---- | C] () -- C:\Windows\5385threat193z09.dll
[2009/01/18 09:57:36 | 00,007,066 | ---- | C] () -- C:\Windows\System32\z34929o5m221.dll
[2009/01/16 22:07:25 | 00,003,262 | ---- | C] () -- C:\Users\palma\AppData\Roaming\da63de31ef3ac358
[2009/01/16 22:07:10 | 00,003,262 | ---- | C] () -- C:\Users\palma\AppData\Roaming\d85e19205768c6d9
[2009/01/16 22:06:24 | 00,000,128 | -H-- | C] () -- C:\Users\palma\AppData\Local\Thumbs.db
[2009/01/16 21:59:49 | 00,167,936 | ---- | C] () -- C:\Windows\System32\wtx60497.dll
[2009/01/11 14:25:04 | 00,017,603 | ---- | C] () -- C:\Windows\System32\62b05i92706z.dll
[2009/01/05 14:37:33 | 00,016,044 | ---- | C] () -- C:\Windows\System32\5456spywaze24699.dll
[2009/01/05 05:10:18 | 00,002,678 | ---- | C] () -- C:\Windows\391cthr9at3895z.dll
[2009/01/03 20:41:18 | 00,009,607 | ---- | C] () -- C:\Windows\System32\4928backdoo52517z.dll
[2008/12/31 20:53:20 | 00,009,153 | ---- | C] () -- C:\Windows\System32\4925back5ooz1898.dll
[2008/12/16 10:09:52 | 00,017,795 | ---- | C] () -- C:\Windows\749zsteal1055.dll
[2008/12/09 18:13:05 | 02,076,672 | ---- | C] () -- C:\Windows\System32\dz3delight.dll
[2008/12/09 18:13:04 | 06,131,712 | ---- | C] () -- C:\Windows\System32\daz-qt-mt.dll
[2008/12/09 18:13:04 | 01,785,856 | ---- | C] () -- C:\Windows\System32\daz-qsa.dll
[2008/11/24 04:53:53 | 00,004,052 | ---- | C] () -- C:\Windows\System32\z1b3add9ar5262.dll
[2008/11/19 07:17:51 | 00,014,693 | ---- | C] () -- C:\Windows\549aba5kdozr1113.dll
[2008/11/04 03:33:27 | 00,016,563 | ---- | C] () -- C:\Windows\73f9addware5z29.dll
[2008/11/03 11:15:38 | 00,010,139 | ---- | C] () -- C:\Windows\System32\z1fed5wnloade93185.dll
[2008/10/23 00:19:36 | 00,002,731 | ---- | C] () -- C:\Windows\9572virz82.dll
[2008/10/22 04:28:14 | 00,014,089 | ---- | C] () -- C:\Windows\9769tro52z2.dll
[2008/10/19 20:05:14 | 00,013,053 | ---- | C] () -- C:\Windows\459bzir20.dll
[2008/10/16 12:05:14 | 00,014,304 | ---- | C] () -- C:\Windows\189z99a5ktool248.dll
[2008/10/15 20:53:21 | 00,012,554 | ---- | C] () -- C:\Windows\7688wor9485z.dll
[2008/10/14 02:19:43 | 00,007,735 | ---- | C] () -- C:\Windows\System32\5c1ct5iefz598.dll
[2008/10/04 13:07:54 | 00,005,295 | ---- | C] () -- C:\Windows\System32\22353szy792.dll
[2008/10/01 10:10:33 | 00,004,426 | ---- | C] () -- C:\Windows\System32\34b2t9reat590z5.dll
[2008/09/28 05:17:17 | 00,009,826 | ---- | C] () -- C:\Windows\z9be9a5kdoor2598.dll
[2008/09/17 21:24:41 | 00,016,350 | ---- | C] () -- C:\Windows\58e69zarse1889.dll
[2008/09/11 20:16:36 | 00,010,654 | ---- | C] () -- C:\Windows\System32\51636sp924z.dll
[2008/09/11 16:06:02 | 00,012,257 | ---- | C] () -- C:\Windows\System32\65c29p5warez871.dll
[2008/08/13 16:18:42 | 00,015,109 | ---- | C] () -- C:\Windows\4057vir99z.dll
[2008/08/08 15:35:28 | 00,000,002 | ---- | C] () -- C:\Windows\msoffice.ini
[2008/07/24 22:38:21 | 00,005,975 | ---- | C] () -- C:\Windows\System32\27878spam5ot3z9.dll
[2008/07/20 00:12:54 | 00,129,024 | ---- | C] () -- C:\Windows\System32\AVERM.dll
[2008/07/20 00:12:54 | 00,028,672 | ---- | C] () -- C:\Windows\System32\AVEQT.dll
[2008/07/18 17:18:32 | 00,013,572 | ---- | C] () -- C:\Windows\System32\4b64down5oa9erz47.dll
[2008/07/15 07:43:51 | 00,017,939 | ---- | C] () -- C:\Windows\6e05z9kdoor2833.dll
[2008/06/24 20:54:57 | 00,010,656 | ---- | C] () -- C:\Windows\System32\50f2threzt17291.dll
[2008/06/23 23:12:53 | 00,018,229 | ---- | C] () -- C:\Windows\2569sp9z94.dll
[2008/06/19 06:36:57 | 00,015,482 | ---- | C] () -- C:\Windows\z9bdspa9s52544.dll
[2008/06/19 05:16:24 | 00,014,119 | ---- | C] () -- C:\Windows\20793not-5-vizus13e9.dll
[2008/06/17 08:41:44 | 00,001,100 | ---- | C] () -- C:\Users\palma\AppData\Local\d3d8caps.dat
[2008/06/16 21:18:28 | 00,015,497 | ---- | C] () -- C:\Windows\snp2std.ini
[2008/06/16 21:18:27 | 00,025,472 | ---- | C] () -- C:\Windows\System32\drivers\sncamd.sys
[2008/06/16 21:18:26 | 12,214,272 | ---- | C] () -- C:\Windows\System32\drivers\snp2sxp.sys
[2008/06/13 02:42:33 | 00,010,878 | ---- | C] () -- C:\Windows\19145notza-virus2ae.dll
[2008/06/11 19:15:07 | 00,014,937 | ---- | C] () -- C:\Windows\6zb8threa59260.dll
[2008/06/05 19:29:14 | 00,007,884 | ---- | C] () -- C:\Windows\System32\563ft5z9at31091.dll
[2008/05/27 17:47:00 | 00,002,770 | ---- | C] () -- C:\Windows\WoWEmuHackSettings.ini
[2008/05/17 02:27:43 | 00,001,299 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2008/05/16 19:50:41 | 00,010,901 | ---- | C] () -- C:\Windows\System32\ze09parse3544.dll
[2008/05/13 22:41:40 | 00,010,644 | ---- | C] () -- C:\Windows\System32\221bt95ef31z2.dll
[2008/05/11 12:10:58 | 00,017,221 | ---- | C] () -- C:\Windows\359edoznloade5956.dll
[2008/05/05 14:41:02 | 00,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2008/05/02 20:05:21 | 00,009,836 | ---- | C] () -- C:\Windows\System32\2d555ir9452z.dll
[2008/04/25 04:10:03 | 00,010,122 | ---- | C] () -- C:\Windows\System32\7d78s9arsz537.dll
[2008/04/24 15:18:54 | 00,006,485 | ---- | C] () -- C:\Windows\System32\6156vi957z.dll
[2008/04/18 06:49:29 | 00,006,889 | ---- | C] () -- C:\Windows\System32\488b5h9zf2248.dll
[2008/04/18 04:14:21 | 00,007,794 | ---- | C] () -- C:\Windows\5568t5ie9947z.dll
[2008/04/16 11:24:28 | 00,015,939 | ---- | C] () -- C:\Windows\System32\29z21no9-a-5irus371.dll
[2008/04/15 21:36:40 | 00,006,982 | ---- | C] () -- C:\Windows\3e95zhief1989.dll
[2008/04/14 11:47:17 | 00,014,925 | ---- | C] () -- C:\Windows\30559azkdoor286.dll
[2008/04/13 20:05:18 | 00,000,600 | ---- | C] () -- C:\Users\palma\AppData\Local\PUTTY.RND
[2008/04/13 19:47:17 | 00,000,600 | ---- | C] () -- C:\Users\palma\AppData\Roaming\winscp.rnd
[2008/04/13 08:36:27 | 00,010,971 | ---- | C] () -- C:\Windows\System32\29640vir5z234.dll
[2008/04/10 15:26:17 | 00,000,032 | ---- | C] () -- C:\ProgramData\ezsid.dat
[2008/04/04 21:55:16 | 00,003,291 | ---- | C] () -- C:\Windows\1747t9ief53z5.dll
[2008/04/02 16:01:57 | 00,017,658 | ---- | C] () -- C:\Windows\2975thief14z5.dll
[2008/03/31 22:34:56 | 00,004,871 | ---- | C] () -- C:\Windows\15757s5a9bot5z4.dll
[2008/03/28 04:30:20 | 00,003,778 | ---- | C] () -- C:\Windows\537229roj7z3.dll
[2008/03/18 05:01:04 | 00,017,707 | ---- | C] () -- C:\Windows\16268spamb5t1z9.dll
[2008/03/16 19:48:54 | 00,002,771 | ---- | C] () -- C:\Windows\17573zacktool4389.dll
[2008/03/13 07:05:32 | 00,004,995 | ---- | C] () -- C:\Windows\22265not-a9virusz2c.dll
[2008/03/13 04:08:53 | 00,005,521 | ---- | C] () -- C:\Windows\5cz9threat4526.dll
[2008/03/10 18:25:12 | 00,016,739 | ---- | C] () -- C:\Windows\1952zhief5579.dll
[2008/02/26 12:20:52 | 00,006,892 | ---- | C] () -- C:\Users\palma\AppData\Local\d3d9caps.dat
[2008/02/22 20:32:13 | 00,000,106 | ---- | C] () -- C:\Windows\System32\pluginloader.ini
[2008/02/05 12:28:20 | 00,000,051 | ---- | C] () -- C:\Users\palma\AppData\Local\setup.txt
[2008/02/02 19:55:49 | 00,014,502 | ---- | C] () -- C:\Windows\System32\9f18thief320z5.dll
[2008/01/26 23:55:22 | 00,016,094 | ---- | C] () -- C:\Windows\System32\1293a9zware1256.dll
[2008/01/23 14:18:06 | 00,013,308 | ---- | C] () -- C:\Windows\System32\z9929t5oj188.dll
[2008/01/20 02:45:11 | 00,003,076 | ---- | C] () -- C:\Windows\System32\9a75vzr529.dll
[2008/01/19 15:40:28 | 00,009,063 | ---- | C] () -- C:\Windows\7b29bac5zoor1325.dll
[2008/01/17 20:55:16 | 01,073,152 | ---- | C] () -- C:\Windows\System32\libmysql_c.dll
[2008/01/16 06:49:04 | 00,006,836 | ---- | C] () -- C:\Windows\5782wz5m6819.dll
[2008/01/15 14:49:12 | 00,003,600 | ---- | C] () -- C:\Windows\System32\5a58thief11z95.dll
[2008/01/14 06:52:00 | 00,011,454 | ---- | C] () -- C:\Windows\3775tzoj6939.dll
[2008/01/13 22:43:49 | 00,004,596 | ---- | C] () -- C:\Windows\System32\954zworm27e.dll
[2008/01/08 03:14:16 | 00,013,443 | ---- | C] () -- C:\Windows\System32\99085ot-a-viruszb6.dll
[2008/01/07 16:12:37 | 00,005,946 | ---- | C] () -- C:\Windows\System32\14847hzcktoo955e.dll
[2008/01/06 22:40:04 | 00,006,051 | ---- | C] () -- C:\Windows\System32\7e70vir9351z.dll
[2008/01/05 21:53:12 | 00,006,819 | ---- | C] () -- C:\Windows\System32\493zthi5f2116.dll
[2008/01/02 20:53:03 | 00,017,873 | ---- | C] () -- C:\Windows\System32\609vi5us9f6z.dll
[2007/09/23 19:46:08 | 00,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll
[2007/09/23 19:45:05 | 00,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll
[2007/09/23 19:45:05 | 00,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll
[2007/09/23 19:45:05 | 00,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll
[2007/06/30 00:44:52 | 00,129,300 | ---- | C] () -- C:\Users\palma\AppData\Roaming\Cosmos Prefs
[2007/05/20 17:17:34 | 00,344,064 | ---- | C] () -- C:\Windows\System32\dlcqcoin.dll
[2007/05/20 17:14:53 | 00,045,056 | ---- | C] () -- C:\Windows\System32\DLPRMON.DLL
[2007/05/20 17:14:53 | 00,032,768 | ---- | C] () -- C:\Windows\System32\DLPMONUI.DLL
[2007/05/20 17:14:09 | 00,274,432 | ---- | C] () -- C:\Windows\System32\DLCQinst.dll
[2007/05/20 13:18:02 | 00,009,356 | ---- | C] () -- C:\Users\palma\AppData\Roaming\wklnhst.dat
[2007/05/09 17:09:29 | 00,124,928 | ---- | C] () -- C:\Users\palma\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/04/05 13:49:31 | 00,467,264 | ---- | C] () -- C:\Windows\System32\igmedkrn.dll
[2007/04/05 13:49:31 | 00,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1147.dll
[2007/04/05 13:49:31 | 00,077,824 | ---- | C] () -- C:\Windows\System32\hccutils.dll
[2007/04/05 13:49:31 | 00,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2006/11/07 11:25:58 | 00,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2006/11/02 04:35:32 | 00,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/01 23:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/10/31 22:54:30 | 00,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2006/10/31 22:52:38 | 00,765,952 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2006/10/20 19:26:34 | 00,106,496 | ---- | C] () -- C:\Windows\System32\dlcqinsr.dll
[2006/10/20 19:25:52 | 00,036,864 | ---- | C] () -- C:\Windows\System32\dlcqcur.dll
[2006/10/20 19:22:56 | 00,139,264 | ---- | C] () -- C:\Windows\System32\dlcqjswr.dll
[2006/10/20 19:17:44 | 00,176,128 | ---- | C] () -- C:\Windows\System32\dlcqinsb.dll
[2006/10/20 19:17:00 | 00,086,016 | ---- | C] () -- C:\Windows\System32\dlcqcub.dll
[2006/10/20 19:15:28 | 00,073,728 | ---- | C] () -- C:\Windows\System32\dlcqcu.dll
[2006/10/20 19:14:54 | 00,176,128 | ---- | C] () -- C:\Windows\System32\dlcqins.dll
[2006/10/20 19:09:16 | 00,454,656 | ---- | C] () -- C:\Windows\System32\dlcqutil.dll
[2006/10/20 18:46:42 | 00,188,416 | ---- | C] () -- C:\Windows\System32\dlcqgrd.dll
[2006/09/16 20:36:50 | 00,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
[2006/09/16 20:36:50 | 00,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll
[2006/09/06 05:12:00 | 00,077,824 | ---- | C] () -- C:\Windows\System32\dlcqcfg.dll
[2006/08/14 16:32:18 | 00,065,536 | ---- | C] () -- C:\Windows\System32\dlcqcaps.dll
[2006/08/08 14:58:04 | 00,692,224 | ---- | C] () -- C:\Windows\System32\dlcqdrs.dll
[2006/05/18 06:47:12 | 00,040,960 | ---- | C] () -- C:\Windows\System32\lxdjvs.dll
[2006/05/09 09:10:04 | 00,061,440 | ---- | C] () -- C:\Windows\System32\dlcqcnv4.dll
[2006/04/25 02:11:18 | 00,040,960 | ---- | C] () -- C:\Windows\System32\dlcqvs.dll
[2004/05/07 01:12:19 | 00,184,320 | ---- | C] () -- C:\Windows\System32\FlashIcon.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 64 bytes -> C:\Users\palma\Documents\clip0001.avi:TOC.WMV
@Alternate Data Stream - 512 bytes -> C:\ProgramData\TEMP:05EE1EEF
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:D1B5B4F1
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:C5760A8B
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:1CA73D29
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:0766416E
@Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:C31F31E6
< End of report >

descriptionCant run Malwarebytes HELP!!! - Page 2 EmptyRe: Cant run Malwarebytes HELP!!!

more_horiz
OTL Extras logfile created on: 12/17/2009 4:13:03 PM - Run 1
OTL by OldTimer - Version 3.1.17.0 Folder = C:\Users\palma\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18813)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.74 Gb Available Physical Memory | 87.22% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222.79 Gb Total Space | 42.33 Gb Free Space | 19.00% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 6.06 Gb Free Space | 60.61% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PALMA-PC
Current User Name: palma
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.chm [@ = chm.file] -- "%SystemRoot%\hh.exe" %1
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\]
.bat [@ = batfile] -- Reg Error: Key error. File not found
.exe [@ = exefile] -- Reg Error: Key error. File not found
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.vbs [@ = VBSFile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
chm.file [open] -- "%SystemRoot%\hh.exe" %1
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- File not found
"C:\Program Files\SubaGames\ACEonline\Launcher.atm" = C:\Program Files\SubaGames\ACEonline\Launcher.atm:Enabled:GameExe2 -- File not found
"C:\Program Files\SubaGames\ACEonline\Res-Voip\SCVoIP.exe" = C:\Program Files\SubaGames\ACEonline\Res-Voip\SCVoIP.exe:Enabled:GameVoIP -- File not found
"C:\Users\Public\Combat Arms\CombatArms.exe" = C:\Users\Public\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe -- File not found
"C:\Users\Public\Combat Arms\Engine.exe" = C:\Users\Public\Combat Arms\Engine.exe:*Enabled:Engine.exe -- File not found


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02C045D7-2287-4ABD-AB52-9707F90FDF86}" = rport=3702 | protocol=17 | dir=out | app=c:\windows\system32\netproj.exe |
"{229014AC-30C4-4923-8EBA-65D9758AE010}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{3FFBF5BD-66FA-4F80-9506-D95C5617235C}" = lport=5358 | protocol=6 | dir=in | app=system |
"{4EB68EF6-DF26-4132-B2EA-D8C111F28159}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{7A503237-EBE8-4AA3-8D3C-7F4AA546EFD1}" = rport=5358 | protocol=6 | dir=out | app=system |
"{82052F62-5707-483A-9367-951B5AA82B43}" = rport=5357 | protocol=6 | dir=out | app=system |
"{853BDBA9-4654-43A6-9D82-5FE62C73C29A}" = lport=5357 | protocol=6 | dir=in | app=system |
"{AC069128-C212-4AF3-9D23-2E7C1F47B4DF}" = lport=3702 | protocol=17 | dir=in | app=c:\windows\system32\netproj.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{088C0106-E6F1-41C6-AC27-F044289E4A93}" = protocol=6 | dir=out | app=c:\windows\system32\netproj.exe |
"{246D73E6-C935-4E34-98BF-2824993E58E3}" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"{38613A9A-BFAD-4F99-9EAA-35710B73197A}" = protocol=17 | dir=in | app=c:\users\public\warcraft iii\warcraft iii.exe |
"{4F3DD002-8000-4A12-88DF-6E1C74E92D8B}" = protocol=6 | dir=in | app=c:\users\public\warcraft iii\frozen throne.exe |
"{56FCD3A0-32CB-46E2-825C-22C67B54AD52}" = protocol=17 | dir=in | app=c:\users\public\warcraft iii\world editor.exe |
"{63504BDF-310F-47B1-86B0-B2CFDB68137F}" = protocol=6 | dir=in | app=c:\users\public\warcraft iii\warcraft iii.exe |
"{6DB63A02-E114-4455-9F9D-F6FAFC61C905}" = protocol=6 | dir=in | app=c:\users\public\warcraft iii\world editor.exe |
"{729DE0AE-94DF-4F94-9D44-433AD4DB91ED}" = protocol=6 | dir=in | app=c:\windows\system32\netproj.exe |
"{91815BD8-3F1D-424C-B3A7-6AD35A31CA08}" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"{FDA9F548-736C-4AD6-AC8E-25B4508A3E99}" = protocol=17 | dir=in | app=c:\users\public\warcraft iii\frozen throne.exe |
"TCP Query User{029F5DD2-CEAD-4A16-A046-05BFAC26D633}C:\users\palma\desktop\new folder\winkdogs 3.2.2 repack\server\mysql\bin\mysqld.exe" = protocol=6 | dir=in | app=c:\users\palma\desktop\new folder\winkdogs 3.2.2 repack\server\mysql\bin\mysqld.exe |
"TCP Query User{07C785E4-9D67-42CC-AD52-FB44B2FD4155}C:\users\palma\desktop\new folder\thralas\arcemu\arcemu-world.exe" = protocol=6 | dir=in | app=c:\users\palma\desktop\new folder\thralas\arcemu\arcemu-world.exe |
"TCP Query User{09A9ABE2-E653-4513-A165-C5D8A4EF2B4D}C:\users\public\steam\steamapps\dj_swift18@yahoo.com\source dedicated server\srcds.exe" = protocol=6 | dir=in | app=c:\users\public\steam\steamapps\dj_swift18@yahoo.com\source dedicated server\srcds.exe |
"TCP Query User{1458E5AC-4118-4825-A87D-CAF246E63648}C:\program files\garena\garena.exe" = protocol=6 | dir=in | app=c:\program files\garena\garena.exe |
"TCP Query User{234D8899-2E74-4986-9796-0A7F57A78026}C:\users\public\steam\steamapps\dj_swift18@yahoo.com\zombie panic! source\hl2.exe" = protocol=6 | dir=in | app=c:\users\public\steam\steamapps\dj_swift18@yahoo.com\zombie panic! source\hl2.exe |
"TCP Query User{28680F44-8867-429D-A8D2-D3C69244D07B}C:\users\palma\desktop\new folder\thralas\logon\arcemu-world.exe" = protocol=6 | dir=in | app=c:\users\palma\desktop\new folder\thralas\logon\arcemu-world.exe |
"TCP Query User{286EBF81-E898-4145-836A-F91F1C4C553F}C:\users\palma\desktop\new folder\xantic production fun\arcemu\arcemu-logonserver.exe" = protocol=6 | dir=in | app=c:\users\palma\desktop\new folder\xantic production fun\arcemu\arcemu-logonserver.exe |
"TCP Query User{303A8B42-CDA6-4432-9939-013FC5CBF871}C:\users\palma\desktop\new folder\xantic production fun\server\mysql\bin\mysqld.exe" = protocol=6 | dir=in | app=c:\users\palma\desktop\new folder\xantic production fun\server\mysql\bin\mysqld.exe |
"TCP Query User{3839B8F5-4A6E-4D5D-B4EA-5A9FBD31AD27}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"TCP Query User{4211F7FE-69EF-4446-AC15-B2E01BA2022C}C:\xampp\apache\bin\httpd.exe" = protocol=6 | dir=in | app=c:\xampp\apache\bin\httpd.exe |
"TCP Query User{4419D699-F020-4B32-8AAA-7B32224936B3}C:\users\palma\desktop\new folder\thralas\server\mysql\bin\mysqld.exe" = protocol=6 | dir=in | app=c:\users\palma\desktop\new folder\thralas\server\mysql\bin\mysqld.exe |
"TCP Query User{45083C7F-2DA8-4F84-B21D-4B23E935F05A}C:\users\palma\desktop\new folder\thralas\server\apache\bin\apache.exe" = protocol=6 | dir=in | app=c:\users\palma\desktop\new folder\thralas\server\apache\bin\apache.exe |
"TCP Query User{4C39D745-C17A-41E3-9E91-13BF00933690}C:\users\public\steam\steamapps\dj_swift18@yahoo.com\day of defeat source\hl2.exe" = protocol=6 | dir=in | app=c:\users\public\steam\steamapps\dj_swift18@yahoo.com\day of defeat source\hl2.exe |
"TCP Query User{58544B5A-073A-4615-A8D8-534A22A650D6}C:\program files\limewire\limewire.exe" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"TCP Query User{5AE12D5E-4BE9-4444-ABC3-18CE7A5224B7}C:\users\palma\desktop\new folder\winkdogs 3.2.2 repack\arcemu\arcemu-world.exe" = protocol=6 | dir=in | app=c:\users\palma\desktop\new folder\winkdogs 3.2.2 repack\arcemu\arcemu-world.exe |
"TCP Query User{5D908CED-C2E8-445D-9CD1-92DB220CF1E8}C:\users\palma\desktop\new folder\winkdogs 3.2.2 repack\server\mysql\bin\mysqld.exe" = protocol=6 | dir=in | app=c:\users\palma\desktop\new folder\winkdogs 3.2.2 repack\server\mysql\bin\mysqld.exe |
"TCP Query User{5DF72EC4-2E37-486C-8BBA-1BE699E8C412}C:\users\public\steam\steamapps\dj_swift18@yahoo.com\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=c:\users\public\steam\steamapps\dj_swift18@yahoo.com\counter-strike source\hl2.exe |
"TCP Query User{68330ED1-790B-4D2A-9D00-ED7C1A1CA340}C:\program files\curse\curseclient.exe" = protocol=6 | dir=in | app=c:\program files\curse\curseclient.exe |
"TCP Query User{68681606-3BF2-4489-A06E-5D86BCAA6DB0}C:\users\palma\desktop\new folder\thralas\arcemu\arcemu-logonserver.exe" = protocol=6 | dir=in | app=c:\users\palma\desktop\new folder\thralas\arcemu\arcemu-logonserver.exe |
"TCP Query User{774FDDF3-2180-4F9B-9554-5A807CB699FB}C:\program files\bittorrent\bittorrent.exe" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"TCP Query User{7BCD38A4-C440-41A1-BB5B-7E7BA8A896BC}C:\users\public\starcraft\starcraft.exe" = protocol=6 | dir=in | app=c:\users\public\starcraft\starcraft.exe |
"TCP Query User{8164D688-303C-46AE-9C8A-A6983C53AAC6}C:\program files\bittorrent\bittorrent.exe" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"TCP Query User{81B1029C-9251-4824-9F4D-483EA342C713}C:\users\public\starcraft\starcraft.exe" = protocol=6 | dir=in | app=c:\users\public\starcraft\starcraft.exe |
"TCP Query User{9463EF74-BBF1-4ABE-BF9E-B5B01C66717A}C:\xampp\apache\bin\apache.exe" = protocol=6 | dir=in | app=c:\xampp\apache\bin\apache.exe |
"TCP Query User{968719E1-C6D7-4990-A288-BD70AB104FB6}C:\program files\curse\curseclient.exe" = protocol=6 | dir=in | app=c:\program files\curse\curseclient.exe |
"TCP Query User{9F79F039-A9A9-45F8-9F4C-EB9261C70145}C:\users\palma\desktop\new folder\winkdogs 3.2.2 repack\server\apache\bin\apache.exe" = protocol=6 | dir=in | app=c:\users\palma\desktop\new folder\winkdogs 3.2.2 repack\server\apache\bin\apache.exe |
"TCP Query User{A5EE6B1D-500C-4201-B615-627A284E770B}C:\users\palma\desktop\new folder\winkdogs 3.2.2 repack\arcemu\arcemu-world.exe" = protocol=6 | dir=in | app=c:\users\palma\desktop\new folder\winkdogs 3.2.2 repack\arcemu\arcemu-world.exe |
"TCP Query User{A6A31ECC-69F7-495C-8C28-E12DB24B9FD0}C:\users\public\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=c:\users\public\world of warcraft\launcher.exe |
"TCP Query User{B7B2969D-D93A-4190-A864-7F5600A4470E}C:\program files\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\program files\xfire\xfire.exe |
"TCP Query User{B9EFEE3A-DB5D-4BED-9C81-69D9A549265A}C:\users\palma\desktop\new folder\xantic production fun\arcemu\arcemu-world.exe" = protocol=6 | dir=in | app=c:\users\palma\desktop\new folder\xantic production fun\arcemu\arcemu-world.exe |
"TCP Query User{C97BA8C4-CD06-4A22-93EE-3B3CFA38087A}C:\xampp\mysql\bin\mysqld.exe" = protocol=6 | dir=in | app=c:\xampp\mysql\bin\mysqld.exe |
"TCP Query User{D520B625-5E69-47BB-B1BD-3E17770CF22B}C:\users\palma\desktop\new folder\keyclone\keyclone.exe" = protocol=6 | dir=in | app=c:\users\palma\desktop\new folder\keyclone\keyclone.exe |
"TCP Query User{DCF9E8B1-D734-4758-B39C-1AE05F157DE1}C:\users\palma\desktop\new folder\winkdogs 3.2.2 repack\arcemu\arcemu-logonserver.exe" = protocol=6 | dir=in | app=c:\users\palma\desktop\new folder\winkdogs 3.2.2 repack\arcemu\arcemu-logonserver.exe |
"TCP Query User{DE54BAB7-0546-4CE4-B8D3-453DF8695417}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"TCP Query User{E0F21E5C-E288-445B-B354-D0E0600ED375}C:\users\public\halo\haloce.exe" = protocol=6 | dir=in | app=c:\users\public\halo\haloce.exe |
"TCP Query User{E1E945D5-BD94-4567-9C62-77E105911EED}C:\users\palma\desktop\new folder\winkdogs 3.2.2 repack\arcemu\arcemu-logonserver.exe" = protocol=6 | dir=in | app=c:\users\palma\desktop\new folder\winkdogs 3.2.2 repack\arcemu\arcemu-logonserver.exe |
"TCP Query User{E92017FB-27DC-4D93-8B84-5FCA9A893DA8}C:\xampp\mercurymail\mercury.exe" = protocol=6 | dir=in | app=c:\xampp\mercurymail\mercury.exe |
"TCP Query User{E93175CD-ACE4-4B2E-B09C-ADB909E950E6}C:\users\public\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\users\public\warcraft iii\war3.exe |
"TCP Query User{F7F530D7-3943-4612-AD02-1BA2549E041B}C:\users\public\halo\haloce.exe" = protocol=6 | dir=in | app=c:\users\public\halo\haloce.exe |
"TCP Query User{F9C3E254-6868-4DB7-832B-1C125C65993B}C:\program files\limewire\limewire.exe" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"UDP Query User{02142C98-ABE0-48FF-87D7-DBEA2424E868}C:\program files\limewire\limewire.exe" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"UDP Query User{0390C55E-62D4-4A43-869E-51CD36BD72D8}C:\users\public\halo\haloce.exe" = protocol=17 | dir=in | app=c:\users\public\halo\haloce.exe |
"UDP Query User{0787FFC0-8652-48F7-9091-3FCA4287CD96}C:\program files\bittorrent\bittorrent.exe" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"UDP Query User{08D97658-12A6-4391-8D8D-F46E2EC3350F}C:\users\palma\desktop\new folder\keyclone\keyclone.exe" = protocol=17 | dir=in | app=c:\users\palma\desktop\new folder\keyclone\keyclone.exe |
"UDP Query User{11B7436C-58C7-4AEE-8D9A-24F910A753DC}C:\users\public\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\users\public\warcraft iii\war3.exe |
"UDP Query User{19CE7DEC-B6C7-42E8-B5B8-22BB83A5EF51}C:\users\palma\desktop\new folder\thralas\server\apache\bin\apache.exe" = protocol=17 | dir=in | app=c:\users\palma\desktop\new folder\thralas\server\apache\bin\apache.exe |
"UDP Query User{203C08FE-F744-4D9A-B414-8254D1C61526}C:\users\palma\desktop\new folder\xantic production fun\server\mysql\bin\mysqld.exe" = protocol=17 | dir=in | app=c:\users\palma\desktop\new folder\xantic production fun\server\mysql\bin\mysqld.exe |
"UDP Query User{2686F840-9255-46AA-B49D-3F2C4DD7273F}C:\users\palma\desktop\new folder\xantic production fun\arcemu\arcemu-logonserver.exe" = protocol=17 | dir=in | app=c:\users\palma\desktop\new folder\xantic production fun\arcemu\arcemu-logonserver.exe |
"UDP Query User{2752D961-DC83-4129-905F-FC8895FF37FE}C:\users\palma\desktop\new folder\winkdogs 3.2.2 repack\server\mysql\bin\mysqld.exe" = protocol=17 | dir=in | app=c:\users\palma\desktop\new folder\winkdogs 3.2.2 repack\server\mysql\bin\mysqld.exe |
"UDP Query User{29D14AB1-2D0D-432C-9544-553BB808BE99}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"UDP Query User{29F6BA95-7227-4BC5-BDF1-445AB4463D1D}C:\program files\garena\garena.exe" = protocol=17 | dir=in | app=c:\program files\garena\garena.exe |
"UDP Query User{3305B9DF-78EF-453C-98C0-D6AF3B4FCD58}C:\users\palma\desktop\new folder\winkdogs 3.2.2 repack\arcemu\arcemu-logonserver.exe" = protocol=17 | dir=in | app=c:\users\palma\desktop\new folder\winkdogs 3.2.2 repack\arcemu\arcemu-logonserver.exe |
"UDP Query User{38385A11-0BB5-4D91-B835-38AD05E6E772}C:\users\public\starcraft\starcraft.exe" = protocol=17 | dir=in | app=c:\users\public\starcraft\starcraft.exe |
"UDP Query User{39BA45DD-7D6E-414D-AF1E-BDFB25528862}C:\users\palma\desktop\new folder\winkdogs 3.2.2 repack\server\apache\bin\apache.exe" = protocol=17 | dir=in | app=c:\users\palma\desktop\new folder\winkdogs 3.2.2 repack\server\apache\bin\apache.exe |
"UDP Query User{3A5D2336-9326-4F25-A5FB-7983AC7F535D}C:\xampp\apache\bin\httpd.exe" = protocol=17 | dir=in | app=c:\xampp\apache\bin\httpd.exe |
"UDP Query User{45FFF7AF-C91F-401E-992C-FCDDE594B33F}C:\users\palma\desktop\new folder\winkdogs 3.2.2 repack\server\mysql\bin\mysqld.exe" = protocol=17 | dir=in | app=c:\users\palma\desktop\new folder\winkdogs 3.2.2 repack\server\mysql\bin\mysqld.exe |
"UDP Query User{5DE7C548-5775-4D0D-A2C0-D59A6E223C7E}C:\users\palma\desktop\new folder\thralas\arcemu\arcemu-logonserver.exe" = protocol=17 | dir=in | app=c:\users\palma\desktop\new folder\thralas\arcemu\arcemu-logonserver.exe |
"UDP Query User{60939DCB-AB0C-4630-ACEA-C48DF581E053}C:\users\palma\desktop\new folder\thralas\arcemu\arcemu-world.exe" = protocol=17 | dir=in | app=c:\users\palma\desktop\new folder\thralas\arcemu\arcemu-world.exe |
"UDP Query User{62B10F05-E2DC-42C1-A873-E0D64DBF5049}C:\program files\curse\curseclient.exe" = protocol=17 | dir=in | app=c:\program files\curse\curseclient.exe |
"UDP Query User{6ECF9AC4-1D5C-478E-AE56-00CFF3DB0DDC}C:\program files\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\program files\xfire\xfire.exe |
"UDP Query User{76F195EF-8586-49E2-893C-4F96CDC935E7}C:\users\public\steam\steamapps\dj_swift18@yahoo.com\source dedicated server\srcds.exe" = protocol=17 | dir=in | app=c:\users\public\steam\steamapps\dj_swift18@yahoo.com\source dedicated server\srcds.exe |
"UDP Query User{81B17C30-06B5-40B8-87B0-F9172212331F}C:\xampp\apache\bin\apache.exe" = protocol=17 | dir=in | app=c:\xampp\apache\bin\apache.exe |
"UDP Query User{8AD053E4-4FD0-4854-AB89-61CD838C08F8}C:\users\palma\desktop\new folder\winkdogs 3.2.2 repack\arcemu\arcemu-world.exe" = protocol=17 | dir=in | app=c:\users\palma\desktop\new folder\winkdogs 3.2.2 repack\arcemu\arcemu-world.exe |
"UDP Query User{9F87A0C0-2F6B-4D39-8FE1-AC473081196E}C:\users\public\steam\steamapps\dj_swift18@yahoo.com\day of defeat source\hl2.exe" = protocol=17 | dir=in | app=c:\users\public\steam\steamapps\dj_swift18@yahoo.com\day of defeat source\hl2.exe |
"UDP Query User{A921B6FA-F39C-4818-A1EC-1559FE59EB67}C:\users\public\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=c:\users\public\world of warcraft\launcher.exe |
"UDP Query User{AAF921C5-2325-4CB1-AA06-B0DB4B53F65A}C:\program files\curse\curseclient.exe" = protocol=17 | dir=in | app=c:\program files\curse\curseclient.exe |
"UDP Query User{ADDBC736-7CC5-4248-BB27-1B230398CEBA}C:\users\public\starcraft\starcraft.exe" = protocol=17 | dir=in | app=c:\users\public\starcraft\starcraft.exe |
"UDP Query User{B48F8562-5CAD-434A-ACFB-959CDC58E583}C:\users\palma\desktop\new folder\xantic production fun\arcemu\arcemu-world.exe" = protocol=17 | dir=in | app=c:\users\palma\desktop\new folder\xantic production fun\arcemu\arcemu-world.exe |
"UDP Query User{C20A90E0-BA3E-448E-A246-B76C1CCED0C4}C:\users\public\steam\steamapps\dj_swift18@yahoo.com\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=c:\users\public\steam\steamapps\dj_swift18@yahoo.com\counter-strike source\hl2.exe |
"UDP Query User{C463A1CB-F1BA-467D-AE78-63F91B9E6539}C:\xampp\mysql\bin\mysqld.exe" = protocol=17 | dir=in | app=c:\xampp\mysql\bin\mysqld.exe |
"UDP Query User{C89382F6-AB5F-458F-B1F7-95078BC1FDE9}C:\users\palma\desktop\new folder\thralas\logon\arcemu-world.exe" = protocol=17 | dir=in | app=c:\users\palma\desktop\new folder\thralas\logon\arcemu-world.exe |
"UDP Query User{CE821C35-A641-4F4A-8794-1205B1769AAB}C:\program files\bittorrent\bittorrent.exe" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"UDP Query User{D06768CF-11EE-4E6D-AE17-8C92DC21A69F}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"UDP Query User{D6B0B7FA-4D14-486C-B98E-8D3363C6D2C9}C:\xampp\mercurymail\mercury.exe" = protocol=17 | dir=in | app=c:\xampp\mercurymail\mercury.exe |
"UDP Query User{DB2BCE60-5B81-49BF-ABD6-BE010C035DEB}C:\users\public\steam\steamapps\dj_swift18@yahoo.com\zombie panic! source\hl2.exe" = protocol=17 | dir=in | app=c:\users\public\steam\steamapps\dj_swift18@yahoo.com\zombie panic! source\hl2.exe |
"UDP Query User{E51A7768-A7EE-485D-BE40-8E580E91BD89}C:\users\public\halo\haloce.exe" = protocol=17 | dir=in | app=c:\users\public\halo\haloce.exe |
"UDP Query User{E5C92835-2C93-485E-97A4-7044B2AF5F61}C:\users\palma\desktop\new folder\winkdogs 3.2.2 repack\arcemu\arcemu-logonserver.exe" = protocol=17 | dir=in | app=c:\users\palma\desktop\new folder\winkdogs 3.2.2 repack\arcemu\arcemu-logonserver.exe |
"UDP Query User{E65D5DFB-8127-4522-B098-D1A64A4EC88E}C:\users\palma\desktop\new folder\winkdogs 3.2.2 repack\arcemu\arcemu-world.exe" = protocol=17 | dir=in | app=c:\users\palma\desktop\new folder\winkdogs 3.2.2 repack\arcemu\arcemu-world.exe |
"UDP Query User{F739E63F-5A69-41AA-B5E2-A55F1FD84B1D}C:\program files\limewire\limewire.exe" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"UDP Query User{FF39F3F1-19E7-491D-8C79-BFD08A8F20C6}C:\users\palma\desktop\new folder\thralas\server\mysql\bin\mysqld.exe" = protocol=17 | dir=in | app=c:\users\palma\desktop\new folder\thralas\server\mysql\bin\mysqld.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 2.5.3
"{46245B5A-9FDE-4F66-B0F4-E686C8637D62}" = Mirar
"{64C96428-3A75-4AAE-A538-C450EF68175F}" = Xara3D6
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{F9831B39-277F-4F53-BFB0-12DC90C4CB40}" = Requiem
"Acoustica Effects Pack" = Acoustica Effects Pack
"Acoustica Mixcraft 3.1" = Acoustica Mixcraft 3.1
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Any Video Converter_is1" = Any Video Converter 2.7.8
"ASIO4ALL" = ASIO4ALL
"avast!" = avast! Antivirus
"Collab" = Collab
"CurseClient" = Curse Client
"FLV Player" = FLV Player 2.0 (build 25)
"Free WMA to MP3 Converter_is1" = Free WMA to MP3 Converter 1.16
"Lexmark 1400 Series" = Lexmark 1400 Series
"Lexmark Z500-Z600 Series" = Lexmark Z500-Z600 Series
"Magic ISO Maker v5.5 (build 0276)" = Magic ISO Maker v5.5 (build 0276)
"Magic Translator_is1" = Magic Translator 8.12
"MagicDisc 2.7.106" = MagicDisc 2.7.106
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.5.6)" = Mozilla Firefox (3.5.6)
"MS-MPEG4" = Microsoft MPEG-4 VKI Video Codec V1/V2/V3
"PremiereAdvertisingPlatformFF" = FFPremiereAdvertisingPlatform
"RealPlayer 12.0" = RealPlayer
"Steam App 240" = Counter-Strike: Source
"Steam App 300" = Day of Defeat: Source
"Synthesia" = Synthesia (remove only)
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TruePianos 40-day Test Version_is1" = TruePianos 1.4.1 40-day Test Version
"Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions
"Warcraft III" = Warcraft III
"xvid" = XviD MPEG-4 Video Codec
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"bf392535f062fc65" = KeyMaster - Proj0
"Move Networks Player - IE" = Move Networks Media Player for Internet Explorer
"Warcraft III" = Warcraft III: All Products

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 4/18/2009 7:57:38 PM | Computer Name = palma-PC | Source = avast! | ID = 33554522
Description = Internal error has occurred in module basEncodeFileToSubmit failed!
, function 00000002.

Error - 4/26/2009 6:08:50 PM | Computer Name = palma-PC | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Users\palma\AppData\Local\Microsoft\Messenger\xmarcusx123@hotmail.com\SharingMetadata\Working\database_401E_FF4B_1EFF_388C\tmp.edb
failed, 00000026.

Error - 6/19/2009 3:08:01 PM | Computer Name = palma-PC | Source = avast! | ID = 33554522
Description = Error in aswChestC: chestOpenList Error 1753.

Error - 6/19/2009 3:08:01 PM | Computer Name = palma-PC | Source = avast! | ID = 33554522
Description = aswChestInterface - Program error description: CChestListView::LoadFiles()
chestOpenList() failed: 2147422219.

Error - 6/19/2009 3:08:04 PM | Computer Name = palma-PC | Source = avast! | ID = 33554522
Description = aswChestInterface - Program error description: CChestListView::OnCreate()
!m_strErrorWnd.IsEmpty().

Error - 8/21/2009 7:22:07 PM | Computer Name = palma-PC | Source = avast! | ID = 33554522
Description = Internal error has occurred in module basEncodeFileToSubmit failed!
, function 00000021.

Error - 8/21/2009 7:22:08 PM | Computer Name = palma-PC | Source = avast! | ID = 33554522
Description = Internal error has occurred in module basEncodeFileToSubmit failed!
, function 00000021.


========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

descriptionCant run Malwarebytes HELP!!! - Page 2 EmptyRe: Cant run Malwarebytes HELP!!!

more_horiz
ouch 3 posts lol alot of txt

descriptionCant run Malwarebytes HELP!!! - Page 2 EmptyRe: Cant run Malwarebytes HELP!!!

more_horiz
Hello.
Thank you, one more log and then we'll get to work killing this, I think there's a rootkit hiding.

Download the GMER rootkit scan from here: GMER

  1. Unzip it and start GMER.
  2. Click the >>> tab and then click the Scan button.
  3. Once done, click the Copy button.
  4. This will copy the results to your clipboard.
  5. Paste the results in your next reply.
Note:
If you're having problems with running GMER.exe, try it in safe mode. This tools works in safe mode.
You can also try renaming it since some malware blocks GMER.

descriptionCant run Malwarebytes HELP!!! - Page 2 EmptyRe: Cant run Malwarebytes HELP!!!

more_horiz
sorry blue screen error thing had to restart computer.... im now running safe mode with network

descriptionCant run Malwarebytes HELP!!! - Page 2 EmptyRe: Cant run Malwarebytes HELP!!!

more_horiz
how long is this thing going to take??

descriptionCant run Malwarebytes HELP!!! - Page 2 EmptyRe: Cant run Malwarebytes HELP!!!

more_horiz
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2009-12-17 17:51:54
Windows 6.0.6001 Service Pack 1
Running: tmqkn09w.exe; Driver: C:\Users\palma\AppData\Local\Temp\uglcapoc.sys


---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\ControlSet001\Services\ESQULserv.sys@start 1
Reg HKLM\SYSTEM\ControlSet001\Services\ESQULserv.sys@type 1
Reg HKLM\SYSTEM\ControlSet001\Services\ESQULserv.sys@imagepath \systemroot\system32\drivers\ESQULxcvndrwpdgqnpbbrxeoxmbpfxnvliqsv.sys
Reg HKLM\SYSTEM\ControlSet001\Services\ESQULserv.sys@group file system
Reg HKLM\SYSTEM\ControlSet001\Services\ESQULserv.sys\modules (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\Services\ESQULserv.sys\modules@ESQULserv \\?\globalroot\systemroot\system32\drivers\ESQULxcvndrwpdgqnpbbrxeoxmbpfxnvliqsv.sys
Reg HKLM\SYSTEM\ControlSet001\Services\ESQULserv.sys\modules@ESQULl \\?\globalroot\systemroot\system32\ESQULsmprxiocgioxitjdxqlqkfveetrbogon.dll
Reg HKLM\SYSTEM\ControlSet001\Services\ESQULserv.sys\modules@ESQULclk \\?\globalroot\systemroot\system32\ESQULxpjsieveymjkmpubwkhtabqrbuoliajt.dll
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xBF 0xE6 0xAE 0xE3 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xBF 0xE6 0xAE 0xE3 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xBF 0xE6 0xAE 0xE3 ...
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib@Last Counter 9162
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib@Last Help 9163
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@cd042efbbd7f7af1647644e76e06692b 0xC8 0x28 0x51 0xAF ...
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@bca643cdc5c2726b20d2ecedcc62c59b 0x71 0x3B 0x04 0x66 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@2c81e34222e8052573023a60d06dd016 0x25 0xDA 0xEC 0x7E ...
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@2582ae41fb52324423be06337561aa48 0x86 0x8C 0x21 0x01 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@caaeda5fd7a9ed7697d9686d4b818472 0xF5 0x1D 0x4D 0x73 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@a4a1bcf2cc2b8bc3716b74b2b4522f5d 0xB0 0x18 0xED 0xA7 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@4d370831d2c43cd13623e232fed27b7b 0x97 0x20 0x4E 0x9A ...
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@1d68fe701cdea33e477eb204b76f993d 0x83 0x6C 0x56 0x8B ...
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@1fac81b91d8e3c5aa4b0a51804d844a3 0xF6 0x0F 0x4E 0x58 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@f5f62a6129303efb32fbe080bb27835b 0x37 0xA4 0xAA 0xC3 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@fd4e2e1a3940b94dceb5a6a021f2e3c6 0xE3 0x0E 0x66 0xD5 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@8a8aec57dd6508a385616fbc86791ec2 0x6C 0x43 0x2D 0x1E ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{4615349C-1B6D-E59F-27CC-6550D5E167DE}
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{4615349C-1B6D-E59F-27CC-6550D5E167DE}@haeeebiacmlmjbhh 0x6B 0x61 0x6C 0x68 ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{4615349C-1B6D-E59F-27CC-6550D5E167DE}@iakebhiecgbamcjjig 0x6B 0x61 0x6C 0x68 ...

---- EOF - GMER 1.0.15 ----

descriptionCant run Malwarebytes HELP!!! - Page 2 EmptyRe: Cant run Malwarebytes HELP!!!

more_horiz
privacy_tip Permissions in this forum:
You cannot reply to topics in this forum